Fix build scan command table printing with --vuln=true #157
Conversation
…ties table twice when --vuln is on instead of printing violations table and vulnerabilities table
| @@ -155,7 +155,6 @@ func (bsc *BuildScanCommand) runBuildScanAndPrintResults(xrayManager *xray.XrayS | |||
|
|
|||
| resultsPrinter := utils.NewResultsWriter(scanResults). | |||
| SetOutputFormat(bsc.outputFormat). | |||
| SetIncludeVulnerabilities(bsc.includeVulnerabilities). | |||
| SetIncludeLicenses(false). | |||
There was a problem hiding this comment.
after removing this line - did you test the CLI behaviour with and without watches?
There was a problem hiding this comment.
@hadarshjfrog I did the regular tests there is no watch test in jf build-scan (must have a watch with fail build policy).
This line doesn't affect watches as it relates to vulnerabilities. (and watches are affecting violations).
We call SetIncludeVulnerabilities in line 179 if vulnerabilities should be added.
https://github.com/jfrog/jfrog-cli-security/blob/main/commands/scan/buildscan.go#L180
attiasas
added
the
safe to test
github-actions
bot
removed
the
safe to test
There was a problem hiding this comment.
This change is not how to fix the issue.
There are 2 issues here:
-
we can see that in the parsing of the flags, we don't take into account the
projectflag only in build-scan. the fix should add it, instead of removing and always printing violations...
-
In the table printing code, we do not expect to print both violations and vulnerabilities tables so we need to choose one (preferable vuln if requested)
|
@attiasas @hadarshjfrog We have a couple of issues with jf bs. |
devbranch.go vet ./....go fmt ./....Fixing issues when using --vuln=true flag and --format=table (default) in build scan.
Issue 1: build scan printed vulnerability table twice instead of printing the violation table and the vulnerabilities table.
Issue 2: The vulnerability table is messed up, not sorted, and shows the same vulnerability multiple times.