Skip to content

Commit

Permalink
fix: don't store dso correlation_id since it is always changing
Browse files Browse the repository at this point in the history
  • Loading branch information
jdstrand committed Aug 21, 2023
1 parent 56baaf9 commit d16af66
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 3 deletions.
5 changes: 5 additions & 0 deletions cvelib/dso.py
Original file line number Diff line number Diff line change
Expand Up @@ -910,6 +910,11 @@ def main_dso_dump_reports():
warn("unexpected format of report for '%s'" % full_name)
j = {}

# clear the correlation_id since it changes on every fetch which
# causes the sha256 to always change
if "extensions" in j and "correlation_id" in j["extensions"]:
del j["extensions"]["correlation_id"]

if len(j) == 0:
continue

Expand Down
16 changes: 13 additions & 3 deletions tests/test_dso.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
# SPDX-License-Identifier: MIT

import datetime
import json
import os
import tempfile
from unittest import TestCase, mock, skipIf
Expand Down Expand Up @@ -934,7 +935,7 @@ def test_main_dso_dump_reports(
mock_getDigestForImage.return_value = "valid-name@sha256:deadbeef"
mock_fetchScanReport.return_value = (
[],
'{"data": {"vulnerabilitiesByPackage": []}}',
'{"data": {"vulnerabilitiesByPackage": []}, "extensions": {"correlation_id": "81e2aee7-13d1-4097-93aa-90841e5bd43b"}}',
)

# create
Expand All @@ -960,6 +961,11 @@ def test_main_dso_dump_reports(
relfn = os.path.relpath(fn, self.tmpdir + "/subdir")
self.assertEqual("Created: %s" % relfn, output.getvalue().strip())
self.assertEqual("", error.getvalue().strip())
self.assertTrue(os.path.exists(fn))
with open(fn, "r") as fh:
j = json.load(fh)
self.assertTrue("extensions" in j)
self.assertFalse("correlation_id" in j)

# updated
with open(fn, "w") as fh:
Expand All @@ -985,11 +991,15 @@ def test_main_dso_dump_reports(
fn = self.tmpdir + "/subdir/YYYY/MM/DD/dso/valid-repo/deadbeef.json"
os.makedirs(os.path.dirname(fn))
with open(fn, "w") as fh:
fh.write('{\n "data": {\n "vulnerabilitiesByPackage": []\n }\n}\n')
fh.write(
'{\n "data": {\n "vulnerabilitiesByPackage": []\n },\n "extensions": {}\n}\n'
)
fn2 = self.tmpdir + "/subdir/YYYY/MM/dd/dso/valid-repo/deadbeef.json"
os.makedirs(os.path.dirname(fn2))
with open(fn2, "w") as fh:
fh.write('{\n "data": {\n "vulnerabilitiesByPackage": []\n }\n}\n')
fh.write(
'{\n "data": {\n "vulnerabilitiesByPackage": []\n },\n "extensions": {}\n}\n'
)

with mock.patch(
"argparse._sys.argv",
Expand Down

0 comments on commit d16af66

Please sign in to comment.