Add more helpful error message when no package urls can be found

google · Apr 17, 2023 · a841835 · a841835
1 parent 8e94fdb
commit a841835
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 7 deletions.
diff --git a/internal/sbom/sbom.go b/internal/sbom/sbom.go
@@ -27,15 +27,15 @@ var (
 )
 
 type InvalidFormatError struct {
-	msg  string
-	errs []error
+	Msg  string
+	Errs []error
 }
 
 func (e InvalidFormatError) Error() string {
-	errStrings := make([]string, 0, len(e.errs))
-	for _, e := range e.errs {
+	errStrings := make([]string, 0, len(e.Errs))
+	for _, e := range e.Errs {
 		errStrings = append(errStrings, "\t"+e.Error())
 	}
 
-	return fmt.Sprintf("%s:\n%s", e.msg, strings.Join(errStrings, "\n"))
+	return fmt.Sprintf("%s:\n%s", e.Msg, strings.Join(errStrings, "\n"))
 }
diff --git a/internal/sbom/spdx.go b/internal/sbom/spdx.go
@@ -81,7 +81,7 @@ func (s *SPDX) GetPackages(r io.ReadSeeker, callback func(Identifier) error) err
 	}
 
 	return InvalidFormatError{
-		msg:  "failed to parse SPDX",
-		errs: errs,
+		Msg:  "failed to parse SPDX",
+		Errs: errs,
 	}
 }
diff --git a/pkg/osvscanner/osvscanner.go b/pkg/osvscanner/osvscanner.go
@@ -262,6 +262,14 @@ func scanSBOMFile(r *reporter.Reporter, query *osv.BatchedQuery, path string, fr
 		})
 		if err == nil {
 			// Found the right format.
+			if count == 0 {
+				return sbom.InvalidFormatError{
+					Msg: "no Package URLs found",
+					Errs: []error{
+						fmt.Errorf("scanned %s as %s SBOM, but failed to find any package URLs, this is required to scan SBOMs", path, provider.Name()),
+					},
+				}
+			}
 			r.PrintText(fmt.Sprintf("Scanned %s as %s SBOM and found %d packages\n", path, provider.Name(), count))
 			if ignoredCount > 0 {
 				r.PrintText(fmt.Sprintf("Ignored %d packages with invalid PURLs\n", ignoredCount))