From 50b4fc176e1edd6382594f52dcae3c15d99c1a2e Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Tue, 20 Feb 2024 01:32:11 +0530 Subject: [PATCH 01/23] feat: pre_checker initial commit --- .github/workflows/checkers-action.yml | 27 +++++++++++++++ cve_bin_tool/ci_pre_checker.py | 50 +++++++++++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 .github/workflows/checkers-action.yml create mode 100644 cve_bin_tool/ci_pre_checker.py diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml new file mode 100644 index 0000000000..35719a0bbd --- /dev/null +++ b/.github/workflows/checkers-action.yml @@ -0,0 +1,27 @@ +name: checkers-action + +on: + push: + paths: + - 'cve_bin_tool/checkers/**' + pull_request: + paths: + - 'cve_bin_tool/checkers/**' + +jobs: + run-script: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Get changed files + id: changed-files + uses: jitterbit/get-changed-files@v1 + + - name: Run Python script + run: | + for file in ${{ steps.changed-files.outputs.added_modified }}; do + python your_script.py "$file" + done + shell: bash \ No newline at end of file diff --git a/cve_bin_tool/ci_pre_checker.py b/cve_bin_tool/ci_pre_checker.py new file mode 100644 index 0000000000..26e2f0913c --- /dev/null +++ b/cve_bin_tool/ci_pre_checker.py @@ -0,0 +1,50 @@ +# Copyright (C) 2021 Intel Corporation +# SPDX-License-Identifier: GPL-3.0-or-later +"""Testing script for checker-action.yml""" +import ast +import sqlite3 +import sys +from pathlib import Path + +OLD_CACHE_DIR = Path("~").expanduser() / ".cache" / "cve-bin-tool" / "cve.db" + + +def extract_vendor_product(file_path): + """Extract {vendor,product} pairs from given checker file""" + vendor_product = None + with open(file_path, "r") as file: + inside_vendor_product = False + vendor_product_str = "" + for line in file: + if "VENDOR_PRODUCT" in line: + inside_vendor_product = True + if inside_vendor_product: + vendor_product_str += line.strip() + if line.strip().endswith("]"): + break + if vendor_product_str: + vendor_product = ast.literal_eval(vendor_product_str.split("=")[1].strip()) + return vendor_product + + +def query_database(file_path): + """Query the database and check whether all the {vendor,product} pairs have associated CVEs""" + vendor_product = extract_vendor_product(file_path) + dbcon = sqlite3.connect(OLD_CACHE_DIR) + cursor = dbcon.cursor() + for vendor, product in vendor_product: + cursor.execute( + "SELECT count(*) FROM cve_range WHERE vendor = ? AND product = ?", + (vendor, product), + ) + result = cursor.fetchall() + # Failing Workflow + if result[0] == 0: + sys.exit(1) + # Indicate Success + sys.exit(0) + + +# Caller Code +file_path = sys.argv[1] +query_database(file_path) From 81af3013b2e29576e68423cba6147f8faea9de5d Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Tue, 20 Feb 2024 01:34:57 +0530 Subject: [PATCH 02/23] fix: minor filepath change --- .github/workflows/checkers-action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index 35719a0bbd..c0e6ff1559 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -22,6 +22,6 @@ jobs: - name: Run Python script run: | for file in ${{ steps.changed-files.outputs.added_modified }}; do - python your_script.py "$file" + python cve_bin_tool/ci_pre_checker.py "$file" done shell: bash \ No newline at end of file From 6884f0f6ab23d08733b2e2f3a0f8437caff9246c Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Tue, 20 Feb 2024 01:42:16 +0530 Subject: [PATCH 03/23] fix: Pyupgrade Linter issues --- cve_bin_tool/ci_pre_checker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve_bin_tool/ci_pre_checker.py b/cve_bin_tool/ci_pre_checker.py index 26e2f0913c..a5f428ecef 100644 --- a/cve_bin_tool/ci_pre_checker.py +++ b/cve_bin_tool/ci_pre_checker.py @@ -12,7 +12,7 @@ def extract_vendor_product(file_path): """Extract {vendor,product} pairs from given checker file""" vendor_product = None - with open(file_path, "r") as file: + with open(file_path) as file: inside_vendor_product = False vendor_product_str = "" for line in file: From 22910c4e880a8e6aea632402b86dc1f6d5339703 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 00:50:57 +0530 Subject: [PATCH 04/23] feat: modified yml file and added docs --- .github/workflows/checkers-action.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index c0e6ff1559..c2f9cc03ec 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -15,6 +15,31 @@ jobs: - name: Checkout code uses: actions/checkout@v3 + - name: Get date + id: get-date + run: | + echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT + echo "yesterday=$(/bin/date -d "-1 day" -u "+%Y%m%d")" >> $GITHUB_OUTPUT + + - name: Print Cache Keys + run: | + echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}" + echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}" + + - name: Get today's cached database + uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + id: todays-cache + with: + path: cache + key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }} + + - name: Get yesterday's cached database if today's is not available + uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + if: steps.todays-cache.outputs.cache-hit != 'true' + with: + path: cache + key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} + - name: Get changed files id: changed-files uses: jitterbit/get-changed-files@v1 From 91479a64b19ced876d7ec72df0db54e1a443db4e Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 00:51:59 +0530 Subject: [PATCH 05/23] feat: added docs --- cve_bin_tool/checkers/README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cve_bin_tool/checkers/README.md b/cve_bin_tool/checkers/README.md index 688b8dbb71..e8d7a71918 100644 --- a/cve_bin_tool/checkers/README.md +++ b/cve_bin_tool/checkers/README.md @@ -16,6 +16,7 @@ - [Running tests](#running-tests) - [How it works](#how-it-works) - [Updating checker table](#updating-checker-table) + - [Help, my checker PR fails `checkers-action`](#help-my-checker-pr-fails-the-checkers-action-in-github-ci) - [Pull Request Template](#pull-request-template) ## Requirements @@ -534,6 +535,10 @@ the product. We have done this in the checkers of `python` and`sqlite`. You do not need to run format_checkers.py to update the checker table in documentation. A pull request with updated checker table is created automatically when a new checker is merged. +## Help, my checker PR fails the `checkers-action` in github CI. + +CVE Binary Tool has a action named `checkers-action` in CI. If it fails, that means every {vendor,product} pair in the VENDOR_PRODUCT of the checker does not have a reported or associated CVE. This action triggers if any changes like addition/modification is done to the `checkers` directory. + ## Pull Request Template When you are ready to share your code, you can go to [our pull request page](https://github.com/intel/cve-bin-tool/pulls) to make a new pull request from the web interface and to use the guided template for new checker, click on the `Compare & pull request` button and add `?template=new_checker.md` at the end of the url. From 4e5d72f799050a9005790893c8d7d2fcedd5412d Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 00:56:25 +0530 Subject: [PATCH 06/23] fix: checkers-action error --- cve_bin_tool/ci_pre_checker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve_bin_tool/ci_pre_checker.py b/cve_bin_tool/ci_pre_checker.py index a5f428ecef..78ff20a285 100644 --- a/cve_bin_tool/ci_pre_checker.py +++ b/cve_bin_tool/ci_pre_checker.py @@ -6,7 +6,7 @@ import sys from pathlib import Path -OLD_CACHE_DIR = Path("~").expanduser() / ".cache" / "cve-bin-tool" / "cve.db" +OLD_CACHE_DIR = Path("~").expanduser() / ".cache" / "cve-bin-tool" / "cvedb" def extract_vendor_product(file_path): From fc83aa6722539ced7953ae53587348948c79503b Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 12:14:36 +0530 Subject: [PATCH 07/23] fix: checker fix --- .github/workflows/checkers-action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index c2f9cc03ec..c386eb65a0 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -2,9 +2,11 @@ name: checkers-action on: push: + branches: [ main ] paths: - 'cve_bin_tool/checkers/**' pull_request: + branches: [ main ] paths: - 'cve_bin_tool/checkers/**' From c9cbe6e3a7c5929c462b81335c7909e28b24b383 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 12:16:11 +0530 Subject: [PATCH 08/23] fix: checker fix --- .github/workflows/checkers-action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index c386eb65a0..39065adba9 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -4,11 +4,11 @@ on: push: branches: [ main ] paths: - - 'cve_bin_tool/checkers/**' + - 'cve_bin_tool/checkers/' pull_request: branches: [ main ] paths: - - 'cve_bin_tool/checkers/**' + - 'cve_bin_tool/checkers/' jobs: run-script: From 5867336cc670cafdb39b04f70d6e32fdf4ca80f2 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 12:21:44 +0530 Subject: [PATCH 09/23] fix: checker fix --- .github/workflows/checkers-action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index 39065adba9..2c3af25cca 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -4,11 +4,11 @@ on: push: branches: [ main ] paths: - - 'cve_bin_tool/checkers/' + - 'cve_bin_tool/checkers/**/*.py' pull_request: branches: [ main ] paths: - - 'cve_bin_tool/checkers/' + - 'cve_bin_tool/checkers/**/*.py' jobs: run-script: From 8dcb5222ca3ac97d88b2020ea7c444ba56dbf23b Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 16:40:24 +0530 Subject: [PATCH 10/23] feat: added test for checker --- cve_bin_tool/checkers/test_pre_checker.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 cve_bin_tool/checkers/test_pre_checker.py diff --git a/cve_bin_tool/checkers/test_pre_checker.py b/cve_bin_tool/checkers/test_pre_checker.py new file mode 100644 index 0000000000..f2dd53fc63 --- /dev/null +++ b/cve_bin_tool/checkers/test_pre_checker.py @@ -0,0 +1,23 @@ +# Copyright (C) 2024 Intel Corporation +# SPDX-License-Identifier: GPL-3.0-or-later + +""" + +Test for checker-action github action. +Below code is meant to mimic a checker, except it contains bogus or empty VENDOR_PRODUCT. +The test in the CI should fail. + + +-- Joydeep (crazytrain328) +""" + +from __future__ import annotations + +from cve_bin_tool.checkers import Checker + + +class TestCheckerAction(Checker): + CONTAINS_PATTERNS: list[str] = [] + FILENAME_PATTERNS: list[str] = [] + VERSION_PATTERNS = [] + VENDOR_PRODUCT = [] From 1f122bf6a113d0dd58693c5d83544be5e37d90d1 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 18:39:10 +0530 Subject: [PATCH 11/23] fix: docs --- cve_bin_tool/checkers/test_pre_checker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve_bin_tool/checkers/test_pre_checker.py b/cve_bin_tool/checkers/test_pre_checker.py index f2dd53fc63..e2f88ab0c8 100644 --- a/cve_bin_tool/checkers/test_pre_checker.py +++ b/cve_bin_tool/checkers/test_pre_checker.py @@ -8,7 +8,7 @@ The test in the CI should fail. --- Joydeep (crazytrain328) +-- Joydeep Tripathy (joydeep049) """ from __future__ import annotations From d9747536628bf92c0642df9e00cc26ab56c61212 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy Date: Mon, 4 Mar 2024 19:38:07 +0530 Subject: [PATCH 12/23] fix: checker --- cve_bin_tool/ci_pre_checker.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cve_bin_tool/ci_pre_checker.py b/cve_bin_tool/ci_pre_checker.py index 78ff20a285..450baac7c2 100644 --- a/cve_bin_tool/ci_pre_checker.py +++ b/cve_bin_tool/ci_pre_checker.py @@ -1,12 +1,12 @@ # Copyright (C) 2021 Intel Corporation # SPDX-License-Identifier: GPL-3.0-or-later -"""Testing script for checker-action.yml""" +"""Testing script for checkers-action.yml""" import ast import sqlite3 import sys from pathlib import Path -OLD_CACHE_DIR = Path("~").expanduser() / ".cache" / "cve-bin-tool" / "cvedb" +OLD_CACHE_DIR = Path("~").expanduser() / ".cache" / "cve-bin-tool" / "cve.db" def extract_vendor_product(file_path): @@ -47,4 +47,5 @@ def query_database(file_path): # Caller Code file_path = sys.argv[1] +print(OLD_CACHE_DIR) query_database(file_path) From 02add8a2b3cde369290b451f0450e042bd74cdba Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Mon, 11 Mar 2024 23:31:24 +0530 Subject: [PATCH 13/23] fix: checker fix --- .github/workflows/checkers-action.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index 2c3af25cca..6bd8760ebe 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -40,7 +40,14 @@ jobs: if: steps.todays-cache.outputs.cache-hit != 'true' with: path: cache - key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} + key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} + + - name: Try single CLI run of tool + if: env.sbom != 'true' + run: | + [[ -e cache ]] && mkdir -p .cache && mv cache ~/.cache/cve-bin-tool + NO_EXIT_CVE_NUM=1 python -m cve_bin_tool.cli test/assets/test-kerberos-5-1.15.1.out + cp -r ~/.cache/cve-bin-tool cache - name: Get changed files id: changed-files @@ -51,4 +58,4 @@ jobs: for file in ${{ steps.changed-files.outputs.added_modified }}; do python cve_bin_tool/ci_pre_checker.py "$file" done - shell: bash \ No newline at end of file + shell: bash From 63f09d602f7d0a87bb8304bc577b261357f08757 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Mon, 11 Mar 2024 23:36:53 +0530 Subject: [PATCH 14/23] fix: checkers action --- .github/workflows/checkers-action.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index 6bd8760ebe..928098994b 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -41,6 +41,17 @@ jobs: with: path: cache key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} + + - name: Install pdftotext, reportlab and cve-bin-tool + if: env.sbom != 'true' + run: | + python -m pip install --upgrade pip + python -m pip install --upgrade setuptools + python -m pip install --upgrade wheel + python -m pip install --upgrade pdftotext + python -m pip install --upgrade reportlab + python -m pip install --upgrade -r dev-requirements.txt + python -m pip install --upgrade . - name: Try single CLI run of tool if: env.sbom != 'true' From 4eb7629eb2093188515a1ae8c0cd4d7fbeefd9c4 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Mon, 11 Mar 2024 23:40:42 +0530 Subject: [PATCH 15/23] feat: minor changes --- .github/workflows/checkers-action.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index 928098994b..cb7bf8deb1 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -48,8 +48,6 @@ jobs: python -m pip install --upgrade pip python -m pip install --upgrade setuptools python -m pip install --upgrade wheel - python -m pip install --upgrade pdftotext - python -m pip install --upgrade reportlab python -m pip install --upgrade -r dev-requirements.txt python -m pip install --upgrade . From 20bbea36b60b765972e31616d7d55efc9af344a2 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Mon, 11 Mar 2024 23:46:54 +0530 Subject: [PATCH 16/23] fix: failing tests --- cve_bin_tool/checkers/test_pre_checker.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cve_bin_tool/checkers/test_pre_checker.py b/cve_bin_tool/checkers/test_pre_checker.py index e2f88ab0c8..05186f3874 100644 --- a/cve_bin_tool/checkers/test_pre_checker.py +++ b/cve_bin_tool/checkers/test_pre_checker.py @@ -4,7 +4,7 @@ """ Test for checker-action github action. -Below code is meant to mimic a checker, except it contains bogus or empty VENDOR_PRODUCT. +Below code is meant to mimic a checker, except it contains bogus VENDOR_PRODUCT. The test in the CI should fail. @@ -20,4 +20,4 @@ class TestCheckerAction(Checker): CONTAINS_PATTERNS: list[str] = [] FILENAME_PATTERNS: list[str] = [] VERSION_PATTERNS = [] - VENDOR_PRODUCT = [] + VENDOR_PRODUCT = [("apc", "something")] From 706196e54ed6c7249c8cc1fcc6f846499b8d8de6 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Mon, 11 Mar 2024 23:50:28 +0530 Subject: [PATCH 17/23] fix: failing tests --- cve_bin_tool/checkers/test_pre_checker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve_bin_tool/checkers/test_pre_checker.py b/cve_bin_tool/checkers/test_pre_checker.py index 05186f3874..6ff5e3dd65 100644 --- a/cve_bin_tool/checkers/test_pre_checker.py +++ b/cve_bin_tool/checkers/test_pre_checker.py @@ -16,7 +16,7 @@ from cve_bin_tool.checkers import Checker -class TestCheckerAction(Checker): +class TestPreCheckerChecker(Checker): CONTAINS_PATTERNS: list[str] = [] FILENAME_PATTERNS: list[str] = [] VERSION_PATTERNS = [] From 5fe48ab1f45e83ae1202a29919264628ddf92a41 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Tue, 12 Mar 2024 00:02:31 +0530 Subject: [PATCH 18/23] fix: minor changes --- .github/workflows/checkers-action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index cb7bf8deb1..ecf52dd24b 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -1,4 +1,4 @@ -name: checkers-action +name: Checkers-Action on: push: @@ -42,7 +42,7 @@ jobs: path: cache key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} - - name: Install pdftotext, reportlab and cve-bin-tool + - name: Install cve-bin-tool if: env.sbom != 'true' run: | python -m pip install --upgrade pip From b02df40e9b1ecdf6bdab47d731ea583d0bb5444c Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Tue, 12 Mar 2024 01:57:11 +0530 Subject: [PATCH 19/23] fix: added statements to investigate error --- cve_bin_tool/ci_pre_checker.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cve_bin_tool/ci_pre_checker.py b/cve_bin_tool/ci_pre_checker.py index 450baac7c2..d46804d4f4 100644 --- a/cve_bin_tool/ci_pre_checker.py +++ b/cve_bin_tool/ci_pre_checker.py @@ -19,10 +19,12 @@ def extract_vendor_product(file_path): if "VENDOR_PRODUCT" in line: inside_vendor_product = True if inside_vendor_product: + print("inside_vendor_product") vendor_product_str += line.strip() if line.strip().endswith("]"): break if vendor_product_str: + print(vendor_product_str) vendor_product = ast.literal_eval(vendor_product_str.split("=")[1].strip()) return vendor_product From 3e286ecbfe59845fcf3d23eb33fd1fbac97e7bc8 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Tue, 12 Mar 2024 02:02:03 +0530 Subject: [PATCH 20/23] fix: minor changes to investigate errors 2 --- cve_bin_tool/ci_pre_checker.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cve_bin_tool/ci_pre_checker.py b/cve_bin_tool/ci_pre_checker.py index d46804d4f4..07dbb9db21 100644 --- a/cve_bin_tool/ci_pre_checker.py +++ b/cve_bin_tool/ci_pre_checker.py @@ -12,6 +12,7 @@ def extract_vendor_product(file_path): """Extract {vendor,product} pairs from given checker file""" vendor_product = None + print(file_path) with open(file_path) as file: inside_vendor_product = False vendor_product_str = "" From 7ec0cc3a3b4ed8e276cbc26d739e1e8a02f50da6 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Tue, 12 Mar 2024 02:16:21 +0530 Subject: [PATCH 21/23] fix: checker action --- .github/workflows/checkers-action.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index ecf52dd24b..3888dffd26 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -58,13 +58,18 @@ jobs: NO_EXIT_CVE_NUM=1 python -m cve_bin_tool.cli test/assets/test-kerberos-5-1.15.1.out cp -r ~/.cache/cve-bin-tool cache - - name: Get changed files + - name: Get changed files in checkers directory id: changed-files - uses: jitterbit/get-changed-files@v1 + run: | + files=$(git diff --name-only ${{ github.sha }} ${{ github.event.before }} | grep '^cve_bin_tool/checkers/' | xargs) + echo "::set-output name=files::$files" + shell: bash - name: Run Python script run: | - for file in ${{ steps.changed-files.outputs.added_modified }}; do + IFS=' ' read -r -a files <<< "${{ steps.changed-files.outputs.files }}" + for file in "${files[@]}"; do python cve_bin_tool/ci_pre_checker.py "$file" done shell: bash + From 9bf7a8e572bc4ab05248b861c5d271b48792631a Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Tue, 12 Mar 2024 02:21:46 +0530 Subject: [PATCH 22/23] feat: minor changes --- .github/workflows/checkers-action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index 3888dffd26..42b8f3bcb8 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -16,6 +16,8 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v3 + with: + fetch-depth: 0 - name: Get date id: get-date From 426bfe3ad5f11ab9ed2928fdc91801b71e1e3120 Mon Sep 17 00:00:00 2001 From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com> Date: Tue, 12 Mar 2024 02:33:34 +0530 Subject: [PATCH 23/23] fix: action --- .github/workflows/checkers-action.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/checkers-action.yml b/.github/workflows/checkers-action.yml index 42b8f3bcb8..3888dffd26 100644 --- a/.github/workflows/checkers-action.yml +++ b/.github/workflows/checkers-action.yml @@ -16,8 +16,6 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v3 - with: - fetch-depth: 0 - name: Get date id: get-date