Skip to content

Commit 71632ab

Browse files
agrawrohphlax
agrawroh
authored and
phlax
committed
fix: make CVE scanner not fail on zero CVEs (envoyproxy#41412)
## Description This PR makes CVE scanner not fail when there are no CVEs detected. --- **Commit Message:** fix: make CVE scanner not fail on zero CVEs **Additional Description:** Make CVE scanner not fail when there are no CVEs detected. **Risk Level:** N/A **Testing:** CI **Docs Changes:** N/A **Release Notes:** N/A Signed-off-by: Rohit Agrawal <rohit.agrawal@databricks.com>
1 parent e555f0c commit 71632ab

File tree

1 file changed

+3
-1
lines changed

1 file changed

+3
-1
lines changed

tools/dependency/cve_test.sh

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,9 @@ ANSI_LIBDIR="$(dirname "$JQ_ANSI_UTILS")"
66
CVE_LIBDIR="$(dirname "$JQ_CVE_UTILS")"
77
VERSION_LIBDIR="$(dirname "$JQ_VERSION_UTILS")"
88

9-
if [[ -s "$1" ]]; then
9+
# Check if the JSON array contains any CVEs and not just if file is non-empty.
10+
CVE_COUNT=$("$JQ_BIN" 'length' "$1")
11+
if [[ "$CVE_COUNT" -gt 0 ]]; then
1012
"$JQ_BIN" -r -f \
1113
-L "$ANSI_LIBDIR" \
1214
-L "$CVE_LIBDIR" \

0 commit comments

Comments
 (0)