Skip to content

Commit

Permalink
internal/scan: remove redundant new lines
Browse files Browse the repository at this point in the history
An extra new line is added when either 1) there is no summary of "other"
vulnerabilities found or 2) no suggestion. This CL removes those lines.

Change-Id: Ic6ab8c3a4b8ab193fdcd88e4afe65ab42a9a1794
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/562055
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Maceo Thompson <maceothompson@google.com>
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
  • Loading branch information
zpavlinovic committed Feb 6, 2024
1 parent 0b50c25 commit c154f6a
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 16 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -44,5 +44,4 @@ Vulnerability #4: GO-2020-0015
Fixed in: golang.org/x/text@v0.3.3

Your code may be affected by 4 vulnerabilities.

Use '-scan symbol' for more fine grained vulnerability detection.
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ Vulnerability #2: GO-2021-0113
Fixed in: golang.org/x/text@v0.3.7

Your code may be affected by 2 vulnerabilities.

Use '-scan symbol' for more fine grained vulnerability detection.

#####
Expand Down Expand Up @@ -56,5 +55,4 @@ Vulnerability #2: GO-2021-0113
Fixed in: golang.org/x/text@v0.3.7

Your code may be affected by 2 vulnerabilities.

Use '-scan symbol' for more fine grained vulnerability detection.
1 change: 0 additions & 1 deletion internal/scan/testdata/module-vuln.txt
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,4 @@ Vulnerability #1: GO-0000-0001
Platforms: amd

Your code may be affected by 1 vulnerability.

Use '-scan symbol' for more fine grained vulnerability detection.
1 change: 0 additions & 1 deletion internal/scan/testdata/multi-stack-modlevel.txt
Original file line number Diff line number Diff line change
Expand Up @@ -16,5 +16,4 @@ Vulnerability #2: GO-0000-0001
Platforms: amd

Your code may be affected by 2 vulnerabilities.

Use '-scan symbol' for more fine grained vulnerability detection.
37 changes: 26 additions & 11 deletions internal/scan/text.go
Original file line number Diff line number Diff line change
Expand Up @@ -319,6 +319,7 @@ func (h *TextHandler) traces(traces []*findingSummary) {
}

func (h *TextHandler) summary(c summaryCounters) {
// print short summary of findings identified at the desired level of scan precision
var vulnCount int
h.print("Your code ", choose(h.scanLevel.WantSymbols(), "is", "may be"), " affected by ")
switch h.scanLevel {
Expand Down Expand Up @@ -346,6 +347,20 @@ func (h *TextHandler) summary(c summaryCounters) {
}
h.print(".\n")

// print summary for vulnerabilities found at other levels of scan precision
if other := h.summaryOtherVulns(c); other != "" {
h.wrap("", other, 80)
h.print("\n")
}

// print suggested flags for more/better info depending on scan level and if in verbose mode
if sugg := h.summarySuggestion(); sugg != "" {
h.wrap("", sugg, 80)
h.print("\n")
}
}

func (h *TextHandler) summaryOtherVulns(c summaryCounters) string {
var summary strings.Builder
if c.VulnerabilitiesRequired+c.VulnerabilitiesImported == 0 {
summary.WriteString("This scan found no other vulnerabilities in ")
Expand All @@ -367,26 +382,26 @@ func (h *TextHandler) summary(c summaryCounters) {
summary.WriteString(choose(h.scanLevel.WantSymbols(), ", but your code doesn't appear to call these vulnerabilities.", "."))
}
}
h.wrap("", summary.String(), 80)
h.print("\n")
// print suggested flags for more/better info depending on scan level and if in verbose mode
return summary.String()
}

func (h *TextHandler) summarySuggestion() string {
var sugg strings.Builder
switch h.scanLevel {
case govulncheck.ScanLevelSymbol:
if !h.showAllVulns {
h.print("Use ", verboseMessage, ".")
sugg.WriteString("Use " + verboseMessage + ".")
}
case govulncheck.ScanLevelPackage:
var message strings.Builder
message.WriteString("Use " + symbolMessage)
sugg.WriteString("Use " + symbolMessage)
if !h.showAllVulns {
message.WriteString(" and " + verboseMessage)
sugg.WriteString(" and " + verboseMessage)
}
message.WriteString(".")
h.wrap("", message.String(), 80)
sugg.WriteString(".")
case govulncheck.ScanLevelModule:
h.print("Use ", symbolMessage, ".")
sugg.WriteString("Use " + symbolMessage + ".")
}
h.print("\n")
return sugg.String()
}

func (h *TextHandler) style(style style, values ...any) {
Expand Down

0 comments on commit c154f6a

Please sign in to comment.