Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

scan failed to produce proper report for repos without vulnerabilities #11

Closed
Akaame opened this issue Oct 30, 2022 · 6 comments · Fixed by #15
Closed

scan failed to produce proper report for repos without vulnerabilities #11

Akaame opened this issue Oct 30, 2022 · 6 comments · Fixed by #15
Labels
bug Something isn't working need details Missing information, awaiting more detailed information

Comments

@Akaame
Copy link

Akaame commented Oct 30, 2022 

govulncheck ./... 
govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

Scanning for dependencies with known vulnerabilities...
No vulnerabilities found.

For this repo with no vulnerabilities the following error is printed out from the action:

ERR Scanning yielded error error="scan failed to produce proper report".

steps:
      - uses: actions/checkout@v3
      - uses: Templum/[email protected]

Would it be possible to check the action behavior for a clean repo?
@Templum
Copy link
Owner

Templum commented Oct 30, 2022

I'm using the action with this repository which has no vulnerability. Or what did you mean by a clean repository?

@Templum
Copy link
Owner

Templum commented Oct 30, 2022
edited
Loading

The error itself only shows up, when the json produced by govulncheck is not parseable, so it's likely that you misconfigured the path.

There should be a info log telling you where and what it will scan

@Templum Templum added the bug Something isn't working label Oct 30, 2022
@Templum
Copy link
Owner

Templum commented Nov 1, 2022

Could you please double-check the logs and maybe attach them, with the given details I sadly can't do much investigating.

@Templum Templum added the need details Missing information, awaiting more detailed information label Nov 1, 2022
@Templum
Copy link
Owner

Templum commented Nov 1, 2022
edited
Loading

If you (@Akaame ) use the @main version of this action it should now also include printing of the encountered error. Maybe that allows us to narrow down the origin.

@Templum
Copy link
Owner

Templum commented Nov 16, 2022

Probably the issue is linked to the fact that the JSON Report Format was drastically changed. This should be fixed by #15

@Templum Templum linked a pull request Nov 16, 2022 that will close this issue
👽 ✨ Adjusted Action to work with new Report Format #15
Merged
@Templum
Copy link
Owner

Templum commented Nov 16, 2022

If issue still occurs and is not fixed after new release, feel free to create a new Issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working need details Missing information, awaiting more detailed information
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

👽 ✨ Adjusted Action to work with new Report Format Templum/govulncheck-action
2 participants
@Templum @Akaame