Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scanner: Avoid returning irrelevant issues #7921

Closed
fviernau opened this issue Nov 23, 2023 · 6 comments
Closed

Scanner: Avoid returning irrelevant issues #7921

fviernau opened this issue Nov 23, 2023 · 6 comments
Assignees
@fviernau
Labels
enhancement Issues that are considered to be enhancements model About the data model reporter About the reporter tool scanner About the scanner tool

Comments

@fviernau
Copy link
Member

fviernau commented Nov 23, 2023
edited
Loading

The scanner might run into an issue which related only to a single file.
If an issue related to a file which not within the set of files resulting from filtering the scan result by VCS path, then
the issue should also be filtered out. This happens e.g. for TIMEOUT issues.

In this context, it makes sense to consider enabling the path excludes to silence timeouts as well.
@fviernau fviernau added scanner About the scanner tool enhancement Issues that are considered to be enhancements labels Nov 23, 2023
@fviernau
Copy link
Member Author

fviernau commented Nov 24, 2023
edited
Loading

Thinking about solving this by either:

  1. extending ScanSummary to have a dedicated property for issues which are specific to a single file. Maybe just a
    map filePath -> issue ?
  2. Use polymorphism with the Issue class, so that it has additional properties.
    A subtype could be ScanTimeoutIssue with the property filePath.
  3. Just add list of files which could not be scanned: `ScanSummary.fileScanErrors: List

@mnonnenmacher
Copy link
Member

Do we get the affected file for such issues from the ScanCode result model or would we have to parse the error messages to try to find out if an issue belongs to a single file?

@sschuberth
Copy link
Member

2. Use polymorphism with the Issue class, so that it has additional properties.

FYI, this roughly goes into the direction of #4393.

@fviernau fviernau self-assigned this Nov 30, 2023
This was referenced Nov 30, 2023
Merged
Merged
Merged
Merged
Merged
@fviernau fviernau mentioned this issue Dec 14, 2023
Merged
This was referenced Jan 16, 2024
Merged
Merged
This was referenced Apr 9, 2024
Merged
Merged
This was referenced Apr 23, 2024
Merged
Merged
Merged
Merged
Merged
Merged
This was referenced Apr 30, 2024
Merged
Merged
Merged
This was referenced May 10, 2024
Merged
Merged
Merged
Merged
Merged
@fviernau
Copy link
Member Author

fviernau commented May 16, 2024
edited
Loading

Finally, the following components adhere to the affected path of the issues WRT to path excludes and VCS:

  • model such as ScanSummary / OrtResult
  • EvaluatedModelReporter
  • StaticHtmlReporter
  • WebAppReporter

Therefore, closing the issue as completed.

Note that the exist code / issues stats CLI output of the ScannerCommand does not yet adhere to excluded paths.
Implementing that does require to also make the scanner command update the resolved config to import package
configurations and issue resolutions. This can be done as a (larger) follow-up task, as part of #7453.

@fviernau fviernau added reporter About the reporter tool model About the data model labels May 16, 2024
@sschuberth
Copy link
Member

This can be done as a (larger) follow-up task, which has its own ticket.

Mind creating such an issue (if it does not exist yet) so that we do not forget about it?

@fviernau
Copy link
Member Author

Mind creating such an issue (if it does not exist yet) so that we do not forget about it?

I've updated my above comment.

@fviernau fviernau mentioned this issue May 27, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fviernau fviernau

Labels
enhancement Issues that are considered to be enhancements model About the data model reporter About the reporter tool scanner About the scanner tool
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sschuberth @mnonnenmacher @fviernau