Updated cli.py file #326
Closed
Updated cli.py file #326
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
uptodate with intel cve-bin-tool
|
These are the following errors on long tests. I don't know why the list didn't contained that version. ======================================================================
FAIL: test_jpeg_rpm_2_0_0 (test.test_scanner.TestScanner)
Test detection of libjpeg-turbo 2.0.0 fedora rpm
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/runner/work/cve-bin-tool/cve-bin-tool/test/test_scanner.py", line 315, in test_jpeg_rpm_2_0_0
self._file_test(
File "/home/runner/work/cve-bin-tool/cve-bin-tool/test/test_scanner.py", line 117, in _file_test
self.assertIn(version, cves[package])
AssertionError: '2.0.0' not found in {'2.0.1': {'CVE-2018-19664': 'MEDIUM', 'CVE-2018-20330': 'HIGH'}}
======================================================================
FAIL: test_libgcrypt_rpm_1_8_3 (test.test_scanner.TestScanner)
Test detection of libgcrypt 1.8.3 fedora rpm
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/runner/work/cve-bin-tool/cve-bin-tool/test/test_scanner.py", line 378, in test_libgcrypt_rpm_1_8_3
self._file_test(
File "/home/runner/work/cve-bin-tool/cve-bin-tool/test/test_scanner.py", line 117, in _file_test
self.assertIn(version, cves[package])
AssertionError: '1.8.3' not found in {'1.7.6': {'CVE-2017-0379': 'HIGH', 'CVE-2017-7526': 'MEDIUM', 'CVE-2017-9526': 'MEDIUM', 'CVE-2018-0495': 'MEDIUM', 'CVE-2018-6829': 'HIGH'}}
======================================================================
FAIL: test_zlib_rpm_1_2_11 (test.test_scanner.TestScanner)
Test detection on zlib 1.2.11 fedora rpm
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/runner/work/cve-bin-tool/cve-bin-tool/test/test_scanner.py", line 832, in test_zlib_rpm_1_2_11
self._file_test(
File "/home/runner/work/cve-bin-tool/cve-bin-tool/test/test_scanner.py", line 117, in _file_test
self.assertIn(version, cves[package])
AssertionError: '1.2.11' not found in {'1.2.8': {'CVE-2016-9840': 'HIGH', 'CVE-2016-9841': 'CRITICAL', 'CVE-2016-9842': 'HIGH', 'CVE-2016-9843': 'CRITICAL'}}
----------------------------------------------------------------------
Ran 85 tests in 437.821s
FAILED (failures=3, skipped=2)
Test failed: <unittest.runner.TextTestResult run=85 errors=0 failures=3>
error: Test failed: <unittest.runner.TextTestResult run=85 errors=0 failures=3>
##[error]Process completed with exit code 1. |
|
Hm. That is weird. It's definitely causing something to go wrong in the version detection, but I'm not sure why at a glance. |
|
@terriko I don't think so I've messed anything with the version detection. I'm only checking if the version is non-empty string then include that else discard that. But there might be something that I'm not able to see I'll definately look into that. Thanks. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
currently in the cli.py when we find that version is an empty string the result of get_version does not drop that result. This update will check and will only show those results which have a valid version and not an empty string.
This is the output after updating the cli.py. You can see that from the below output where it also recognised some false positive with empty version string.