-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix build scan command table printing with --vuln=true #157
Conversation
…ties table twice when --vuln is on instead of printing violations table and vulnerabilities table
@@ -155,7 +155,6 @@ func (bsc *BuildScanCommand) runBuildScanAndPrintResults(xrayManager *xray.XrayS | |||
|
|||
resultsPrinter := utils.NewResultsWriter(scanResults). | |||
SetOutputFormat(bsc.outputFormat). | |||
SetIncludeVulnerabilities(bsc.includeVulnerabilities). | |||
SetIncludeLicenses(false). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
after removing this line - did you test the CLI behaviour with and without watches?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hadarshjfrog I did the regular tests there is no watch test in jf build-scan (must have a watch with fail build policy).
This line doesn't affect watches as it relates to vulnerabilities. (and watches are affecting violations).
We call SetIncludeVulnerabilities in line 179 if vulnerabilities should be added.
https://github.com/jfrog/jfrog-cli-security/blob/main/commands/scan/buildscan.go#L180
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change is not how to fix the issue.
There are 2 issues here:
-
we can see that in the parsing of the flags, we don't take into account the
project
flag only in build-scan. the fix should add it, instead of removing and always printing violations...
-
In the table printing code, we do not expect to print both violations and vulnerabilities tables so we need to choose one (preferable vuln if requested)
@attiasas @hadarshjfrog We have a couple of issues with jf bs. |
dev
branch.go vet ./...
.go fmt ./...
.Fixing issues when using --vuln=true flag and --format=table (default) in build scan.
Issue 1: build scan printed vulnerability table twice instead of printing the violation table and the vulnerabilities table.
Issue 2: The vulnerability table is messed up, not sorted, and shows the same vulnerability multiple times.