Skip to content

Commit

Permalink
cmd/osv-scanner: update sarif output in test cases (#659)
Browse files Browse the repository at this point in the history 
Both vulnerabilities have aliases and this should be reflected in the
test output.
  • Loading branch information
@cuixq
cuixq authored Nov 16, 2023
1 parent 007b8e4 commit c1ea22e
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions cmd/osv-scanner/main_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -787,7 +787,8 @@ func TestRun_GithubActions(t *testing.T) {
"markdown": "An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing."
},
"deprecatedIds": [
"CVE-2023-39137"
"CVE-2023-39137",
"GHSA-r285-q736-9v95"
],
"help": {
"text": "%%",
Expand All @@ -805,7 +806,8 @@ func TestRun_GithubActions(t *testing.T) {
"markdown": "An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file."
},
"deprecatedIds": [
"CVE-2023-39139"
"CVE-2023-39139",
"GHSA-9v85-q87q-g4vg"
],
"help": {
"text": "%%",
Expand All @@ -830,7 +832,7 @@ func TestRun_GithubActions(t *testing.T) {
"ruleIndex": 0,
"level": "warning",
"message": {
"text": "Package 'https://github.com/brendan-duncan/archive.git@9de7a054' is vulnerable to 'CVE-2023-39137'."
"text": "Package 'https://github.com/brendan-duncan/archive.git@9de7a054' is vulnerable to 'CVE-2023-39137' (also known as 'GHSA-r285-q736-9v95')."
},
"locations": [
{
Expand All @@ -847,7 +849,7 @@ func TestRun_GithubActions(t *testing.T) {
"ruleIndex": 1,
"level": "warning",
"message": {
"text": "Package 'https://github.com/brendan-duncan/archive.git@9de7a054' is vulnerable to 'CVE-2023-39139'."
"text": "Package 'https://github.com/brendan-duncan/archive.git@9de7a054' is vulnerable to 'CVE-2023-39139' (also known as 'GHSA-9v85-q87q-g4vg')."
},
"locations": [
{
Expand Down

0 comments on commit c1ea22e

Please sign in to comment.