Repro/windows go issues #485
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Customer has reported a bug with scanning some Go binaries on windows. Interestingly, not all binaries seem to fail, only some. For the failing binaries, no dependencies are being found. This commit adds a test that runs on Windows to make sure that the scanning works. The snapshot has been generated by running the test on MacOS, which illustrates the point that they _should_ produce the exact same snapshot as the Windows one. The only thing that needed changing was the filepaths, e.g. from `"targetFile": "/livenessprobe"` to `"targetFile": "\\livenessprobe"`.
This commit switches the usage of the `path` module to use `path.posix` instead, fixing an issue where when the CLI was running on Windows, the Go dependency resolution returned no results. The underlying issue is that the Go binary metadata always contains normal slashes in it's path, while our usage of `path.join` and `path.parse` meant that we were constructing paths with backward-slashes instead.
|
Expected release notes (by @tommyknows) fixes: others (will not be included in Semantic-Release notes):
|
tommyknows
added a commit
to snyk/cli
that referenced
this pull request
Apr 21, 2023
The new version contains a fix for Go binary scanning on Windows. See snyk/snyk-docker-plugin#485.
1 task
|
🎉 This PR is included in version 6.3.2 🎉 The release is available on: Your semantic-release bot 📦🚀 |
tommyknows
added a commit
to snyk/cli
that referenced
this pull request
Apr 24, 2023
The new version contains a fix for Go binary scanning on Windows. See snyk/snyk-docker-plugin#485.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
chore: reproduce windows scanning issues
Customer has reported a bug with scanning some Go binaries on windows.
Interestingly, not all binaries seem to fail, only some. For the
failing binaries, no dependencies are being found.
This commit adds a test that runs on Windows to make sure that the
scanning works. The snapshot has been generated by running the test on
MacOS, which illustrates the point that they should produce the exact
same snapshot as the Windows one.
The only thing that needed changing was the filepaths, e.g. from
"targetFile": "/livenessprobe"to"targetFile": "\\livenessprobe".fix: use path.posix for Go file / module lookup
This commit switches the usage of the
pathmodule to usepath.posixinstead, fixing an issue where when the CLI was running on Windows, the
Go dependency resolution returned no results.
The underlying issue is that the Go binary metadata always contains
normal slashes in it's path, while our usage of
path.joinandpath.parsemeant that we were constructing paths with backward-slashesinstead.