mirror of
https://github.com/ossf/scorecard.git
synced 2024-08-16 11:50:37 +03:00
🐛 Handle osvscanner errors on projects with no dependencies (#3803)
* handle osv errors for projects without packages Signed-off-by: Spencer Schrock <sschrock@google.com> * make test parallel Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: Spencer Schrock <sschrock@google.com>
This commit is contained in:
parent
51f1732750
commit
b556d932a4
@ -56,7 +56,9 @@ func (v osvClient) ListUnfixedVulnerabilities(
|
|||||||
|
|
||||||
response := VulnerabilitiesResponse{}
|
response := VulnerabilitiesResponse{}
|
||||||
|
|
||||||
if err == nil { // No vulns found
|
// either no vulns found, or no packages detected by osvscanner, which likely means no vulns
|
||||||
|
// while there could still be vulns, not detecting any packages shouldn't be a runtime error.
|
||||||
|
if err == nil || errors.Is(err, osvscanner.NoPackagesFoundErr) {
|
||||||
return response, nil
|
return response, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -14,6 +14,7 @@
|
|||||||
package clients
|
package clients
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"context"
|
||||||
"reflect"
|
"reflect"
|
||||||
"testing"
|
"testing"
|
||||||
)
|
)
|
||||||
@ -46,3 +47,14 @@ func TestRemoveDuplicate(t *testing.T) {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestEmptyProject(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
var client osvClient
|
||||||
|
var commit string
|
||||||
|
emptyDir := t.TempDir()
|
||||||
|
_, err := client.ListUnfixedVulnerabilities(context.Background(), commit, emptyDir)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("empty directory shouldn't throw an error: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user