Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ignore empty root strings when choosing output format #235

Merged
merged 1 commit into from
May 22, 2024
Merged

Ignore empty root strings when choosing output format #235

merged 1 commit into from
May 22, 2024

Conversation

egibs
Copy link
Member

@egibs egibs commented May 22, 2024
edited
Loading

Quick fix for #217.

If the root string is empty, we'll output something like:

/Users/egibs/repos/os/zstd.yaml ∴ Users/egibs/repos/os/zstd.yaml

which is definitely not desired.

This PR fixes that by ignoring cases where root is empty (i.e. when scanning non-archives/images):

/Users/egibs/repos/os/zstd.yaml [✅ LOW]
----------------------------------------------------------------------------------------------------------------------------------
RISK  KEY                  DESCRIPTION                                      EVIDENCE
----------------------------------------------------------------------------------------------------------------------------------
NONE  ref/path/usr         path reference within /usr/                      /usr/lib/libzstd.so.
LOW   compression/zstd     Zstandard: fast real-time compression algorithm  zstd
LOW   fs/directory/create  creates directories                              mkdir
LOW   kernel/cpu/info      gets number of processors                        nproc
LOW   ref/site/url         contains embedded HTTPS URLs                     https://github.com/facebook/zstd/archive/refs/tags/v
----------------------------------------------------------------------------------------------------------------------------------

@egibs egibs requested a review from vaikas May 22, 2024 21:06
@egibs egibs enabled auto-merge (squash) May 22, 2024 21:07
@egibs egibs merged commit 273966f into chainguard-dev:main May 22, 2024
6 checks passed
@egibs egibs deleted the fix-non-archive-paths branch June 10, 2024 14:22
egibs added a commit to egibs/malcontent that referenced this pull request Aug 5, 2024
@egibs
Ignore empty root strings when choosing output format (chainguard-dev…
2caddee 
…#235)

Signed-off-by: egibs <[email protected]>
egibs added a commit to egibs/malcontent that referenced this pull request Sep 25, 2024
@egibs
Ignore empty root strings when choosing output format (chainguard-dev…
a7238ab 
…#235)

Signed-off-by: egibs <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vaikas vaikas vaikas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@egibs @vaikas