Updated documentation, spit vulnerability output to multiple warnings

ossf · Dec 12, 2022 · a4b69a5 · a4b69a5
1 parent dd9baf5
commit a4b69a5
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 6 deletions.
diff --git a/checks/evaluation/vulnerabilities.go b/checks/evaluation/vulnerabilities.go
@@ -19,6 +19,7 @@ import (
  "strings"
 
  "github.com/google/osv-scanner/pkg/grouper"
+
  "github.com/ossf/scorecard/v4/checker"
  sce "github.com/ossf/scorecard/v4/errors"
 )
@@ -47,7 +48,7 @@ func Vulnerabilities(name string, dl checker.DetailLogger,
  if len(IDs) > 0 {
  for _, v := range IDs {
  dl.Warn(&checker.LogMessage{
- Text: fmt.Sprintf("HEAD is vulnerable to: %s", strings.Join(v.IDs, " / ")),
+ Text: fmt.Sprintf("Project is vulnerable to: %s", strings.Join(v.IDs, " / ")),
  })
  }
 

diff --git a/clients/osv.go b/clients/osv.go
@@ -50,11 +50,11 @@ func (v osvClient) HasUnfixedVulnerabilities(
  }
 
  response := VulnerabilitiesResponse{}
-
- for _, v := range res.Flatten() {
+ vulns := res.Flatten()
+ for i := range vulns {
  response.Vulnerabilities = append(response.Vulnerabilities, Vulnerability{
- ID: v.Vulnerability.ID,
- Aliases: v.Vulnerability.Aliases,
+ ID: vulns[i].Vulnerability.ID,
+ Aliases: vulns[i].Vulnerability.Aliases,
  })
  // Remove duplicate vulnerability IDs for now as we don't report information
  // on the source of each vulnerability yet, therefore having multiple identical
@@ -67,7 +67,7 @@ func (v osvClient) HasUnfixedVulnerabilities(
  return response, nil
 }
 
-// RemoveDuplicate removes duplicate entries from a slice
+// RemoveDuplicate removes duplicate entries from a slice.
 func removeDuplicate[T any, K comparable](sliceList []T, keyExtract func(T) K) []T {
  allKeys := make(map[K]bool)
  list := []T{}