Skip to content

fix: scanning filter not working properly due to version sorting #8727

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 4, 2023
Merged

fix: scanning filter not working properly due to version sorting #8727

merged 1 commit into from
May 4, 2023

Conversation

ericzzzzzzz
Copy link
Contributor

@ericzzzzzzz ericzzzzzzz commented May 1, 2023
edited
Loading

Description

  • the script was using wrong flag for sort versions , this causes vul monitor misreporting, e.g. it's supposed to scan v2.0.10 instead of v2.0.9,
  • We should use -V flag to compare version directly instead of comparing numeric values with -n flag.

@ericzzzzzzz ericzzzzzzz marked this pull request as ready for review May 1, 2023 17:45
@codecov
Copy link

codecov bot commented May 1, 2023
edited
Loading

Codecov Report

Merging #8727 (2044130) into main (290280e) will decrease coverage by 6.08%.
The diff coverage is 50.00%.

@@            Coverage Diff             @@
##             main    #8727      +/-   ##
==========================================
- Coverage   70.48%   64.41%   -6.08%     
==========================================
  Files         515      617     +102     
  Lines       23150    31180    +8030     
==========================================
+ Hits        16317    20084    +3767     
- Misses       5776     9592    +3816     
- Partials     1057     1504     +447
Impacted Files Coverage Δ
cmd/skaffold/app/cmd/completion.go 13.04% <0.00%> (-1.25%) ⬇️
cmd/skaffold/app/cmd/config/list.go 65.21% <ø> (ø)
cmd/skaffold/app/cmd/config/set.go 88.72% <ø> (ø)
cmd/skaffold/app/cmd/config/util.go 54.28% <ø> (ø)
cmd/skaffold/app/cmd/credits.go 100.00% <ø> (ø)
cmd/skaffold/app/cmd/credits/export.go 0.00% <0.00%> (ø)
cmd/skaffold/app/cmd/deploy.go 40.90% <0.00%> (-12.94%) ⬇️
cmd/skaffold/app/cmd/generate_pipeline.go 60.00% <ø> (ø)
cmd/skaffold/app/cmd/inspect_modules.go 65.00% <ø> (ø)
cmd/skaffold/app/cmd/inspect_profiles.go 66.66% <ø> (ø)
... and 40 more

... and 406 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@ericzzzzzzz ericzzzzzzz force-pushed the fix-scanning-vulns-filter branch from 971a67d to 2044130 Compare May 2, 2023 15:58
@aaron-prindle aaron-prindle added the kokoro:force-run forces a kokoro re-run on a PR label May 2, 2023
@kokoro-team kokoro-team removed the kokoro:force-run forces a kokoro re-run on a PR label May 2, 2023
aaron-prindle
aaron-prindle approved these changes May 4, 2023
View reviewed changes
Copy link
Contributor

@aaron-prindle aaron-prindle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@aaron-prindle aaron-prindle merged commit edb40ad into GoogleContainerTools:main May 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aaron-prindle aaron-prindle aaron-prindle approved these changes

Assignees
No one assigned
Labels
size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ericzzzzzzz @aaron-prindle @kokoro-team