Skip to content

Commit

Permalink
🌱 Pinned dependencies: create findings from processing errors (ossf#3711
Browse files Browse the repository at this point in the history
)

* 🌱 refactor pinned dependencies

Signed-off-by: AdamKorcz <[email protected]>

* remove remediation from test

Signed-off-by: AdamKorcz <[email protected]>

* 🌱 create findings from processing errors

Signed-off-by: Adam Korczynski <[email protected]>

* correct style of loop

Signed-off-by: Adam Korczynski <[email protected]>

---------

Signed-off-by: AdamKorcz <[email protected]>
Signed-off-by: Adam Korczynski <[email protected]>
  • Loading branch information
AdamKorcz authored Dec 6, 2023
1 parent 320ce05 commit 6ea9c8d
Showing 1 changed file with 25 additions and 16 deletions.
41 changes: 25 additions & 16 deletions checks/evaluation/pinned_dependencies.go
Original file line number Diff line number Diff line change
Expand Up @@ -92,10 +92,21 @@ func probeRemToRuleRem(rem *probe.Remediation) *rule.Remediation {
}
}

func dependenciesToFindings(deps []checker.Dependency) ([]finding.Finding, error) {
func dependenciesToFindings(r *checker.PinningDependenciesData) ([]finding.Finding, error) {
findings := make([]finding.Finding, 0)
for i := range deps {
rr := deps[i]

for i := range r.ProcessingErrors {
e := r.ProcessingErrors[i]
f := finding.Finding{
Message: generateTextIncompleteResults(e),
Location: &e.Location,
Outcome: finding.OutcomeNotAvailable,
}
findings = append(findings, f)
}

for i := range r.Dependencies {
rr := r.Dependencies[i]
if rr.Location == nil {
if rr.Msg == nil {
e := sce.WithMessage(sce.ErrScorecardInternal, "empty File field")
Expand Down Expand Up @@ -199,24 +210,15 @@ func PinningDependencies(name string, c *checker.CheckRequest,
pr := make(map[checker.DependencyUseType]pinnedResult)
dl := c.Dlogger

for _, e := range r.ProcessingErrors {
e := e
dl.Info(&checker.LogMessage{
Finding: &finding.Finding{
Message: generateTextIncompleteResults(e),
Location: &e.Location,
},
})
}

findings, err := dependenciesToFindings(r.Dependencies)
findings, err := dependenciesToFindings(r)
if err != nil {
return checker.CreateRuntimeErrorResult(name, err)
}

for i := range findings {
f := findings[i]
if f.Outcome == finding.OutcomeNotApplicable {
switch f.Outcome {
case finding.OutcomeNotApplicable:
if f.Location != nil {
dl.Debug(&checker.LogMessage{
Path: f.Location.Path,
Expand All @@ -232,7 +234,7 @@ func PinningDependencies(name string, c *checker.CheckRequest,
})
}
continue
} else if f.Outcome == finding.OutcomeNegative {
case finding.OutcomeNegative:
lm := &checker.LogMessage{
Path: f.Location.Path,
Type: f.Location.Type,
Expand All @@ -246,6 +248,13 @@ func PinningDependencies(name string, c *checker.CheckRequest,
lm.Remediation = probeRemToRuleRem(f.Remediation)
}
dl.Warn(lm)
case finding.OutcomeNotAvailable:
dl.Info(&checker.LogMessage{
Finding: &f,
})
continue
default:
// ignore
}
updatePinningResults(intToDepType[f.Values["dependencyType"]],
f.Outcome, f.Location.Snippet,
Expand Down

0 comments on commit 6ea9c8d

Please sign in to comment.