Skip to content

feat: No Scan SOC for language parsers #5143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Aug 7, 2025
Merged

feat: No Scan SOC for language parsers #5143

merged 13 commits into from
Aug 7, 2025

Conversation

joydeep049
Copy link
Contributor

Separation of Concerns for the language parser pipeline for the No-Scan Work.

cc @terriko @anthonyharrison @mastersans

@joydeep049
Copy link
Contributor Author

joydeep049 commented Jun 16, 2025
edited
Loading 

=================================== FAILURES ===================================
_____________________ TestSourceOSV.test_update_ecosystems _____________________

self = <test.test_source_osv.TestSourceOSV object at 0x7fc350c791d0>

    @pytest.mark.asyncio
    @pytest.mark.skipif(not EXTERNAL_SYSTEM(), reason="Needs network connection.")
    async def test_update_ecosystems(self):
        await self.osv.update_ecosystems()
    
        ecosystems_txt = make_http_requests(
            "text", url=self.ecosystems_url, timeout=300
        ).strip("\n")
        expected_ecosystems = set(ecosystems_txt.split("\n"))
    
        # Because ecosystems.txt does not contain the complete list, this must be
        # manually fixed up.
        expected_ecosystems.add("DWF")
        expected_ecosystems.add("JavaScript")
    
        # Assert that there are no missing ecosystems
>       assert all(x in self.osv.ecosystems for x in expected_ecosystems)
E       assert False
E        +  where False = all(<generator object TestSourceOSV.test_update_ecosystems.<locals>.<genexpr> at 0x7fc34fe01b10>)

test/test_source_osv.py:1[84](https://github.com/intel/cve-bin-tool/actions/runs/15675174394/job/44153701064?pr=5143#step:15:85): AssertionError

Might this error be due to the problems we are having with the OSV data source?

@terriko
Copy link
Contributor

terriko commented Jun 16, 2025

I've merged #4929 which should solve the OSV problem so I'm going to try updating this branch

@joydeep049
Copy link
Contributor Author

I think this can be merged now
@terriko @anthonyharrison

After this is merged we have a full no-scan mode with proper outputs. Request anyone who has time to test it.

@joydeep049
fix: linter fixes
0e7b1f2 
Signed-off-by: joydeep049 <[email protected]>
terriko
terriko approved these changes Aug 7, 2025
View reviewed changes
Copy link
Contributor

@terriko terriko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The github diff + the black changes made this a pain to read, but I think we're good to go.

I see that the language parsers are mostly checking to see if cvedb exists and acting accordingly, which is great for cases where it didn't download for other reasons. I do wonder if the combo of "user specified no-scan but cvedb exists on disk" is going to be surprising to people, but.. maybe not? Probably better to just get this out in teh next pre-release and see.

@terriko terriko merged commit 9535cb9 into intel:main Aug 7, 2025
24 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@terriko terriko terriko approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@joydeep049 @terriko