internal/scan: remove redundant new lines

An extra new line is added when either 1) there is no summary of "other" vulnerabilities found or 2) no suggestion. This CL removes those lines. Change-Id: Ic6ab8c3a4b8ab193fdcd88e4afe65ab42a9a1794 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/562055 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Maceo Thompson <maceothompson@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
golang · Feb 6, 2024 · c154f6a · c154f6a
1 parent 0b50c25
commit c154f6a
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 16 deletions.
diff --git a/cmd/govulncheck/testdata/testfiles/binary-module/binary_module_text.ct b/cmd/govulncheck/testdata/testfiles/binary-module/binary_module_text.ct
@@ -44,5 +44,4 @@ Vulnerability #4: GO-2020-0015
     Fixed in: golang.org/x/text@v0.3.3
 
 Your code may be affected by 4 vulnerabilities.
-
 Use '-scan symbol' for more fine grained vulnerability detection.
diff --git a/cmd/govulncheck/testdata/testfiles/source-module/source_module_text.ct b/cmd/govulncheck/testdata/testfiles/source-module/source_module_text.ct
@@ -26,7 +26,6 @@ Vulnerability #2: GO-2021-0113
     Fixed in: golang.org/x/text@v0.3.7
 
 Your code may be affected by 2 vulnerabilities.
-
 Use '-scan symbol' for more fine grained vulnerability detection.
 
 #####
@@ -56,5 +55,4 @@ Vulnerability #2: GO-2021-0113
     Fixed in: golang.org/x/text@v0.3.7
 
 Your code may be affected by 2 vulnerabilities.
-
 Use '-scan symbol' for more fine grained vulnerability detection.
diff --git a/internal/scan/testdata/module-vuln.txt b/internal/scan/testdata/module-vuln.txt
@@ -9,5 +9,4 @@ Vulnerability #1: GO-0000-0001
     Platforms: amd
 
 Your code may be affected by 1 vulnerability.
-
 Use '-scan symbol' for more fine grained vulnerability detection.
diff --git a/internal/scan/testdata/multi-stack-modlevel.txt b/internal/scan/testdata/multi-stack-modlevel.txt
@@ -16,5 +16,4 @@ Vulnerability #2: GO-0000-0001
     Platforms: amd
 
 Your code may be affected by 2 vulnerabilities.
-
 Use '-scan symbol' for more fine grained vulnerability detection.
diff --git a/internal/scan/text.go b/internal/scan/text.go
@@ -319,6 +319,7 @@ func (h *TextHandler) traces(traces []*findingSummary) {
 }
 
 func (h *TextHandler) summary(c summaryCounters) {
+	// print short summary of findings identified at the desired level of scan precision
 	var vulnCount int
 	h.print("Your code ", choose(h.scanLevel.WantSymbols(), "is", "may be"), " affected by ")
 	switch h.scanLevel {
@@ -346,6 +347,20 @@ func (h *TextHandler) summary(c summaryCounters) {
 	}
 	h.print(".\n")
 
+	// print summary for vulnerabilities found at other levels of scan precision
+	if other := h.summaryOtherVulns(c); other != "" {
+		h.wrap("", other, 80)
+		h.print("\n")
+	}
+
+	// print suggested flags for more/better info depending on scan level and if in verbose mode
+	if sugg := h.summarySuggestion(); sugg != "" {
+		h.wrap("", sugg, 80)
+		h.print("\n")
+	}
+}
+
+func (h *TextHandler) summaryOtherVulns(c summaryCounters) string {
 	var summary strings.Builder
 	if c.VulnerabilitiesRequired+c.VulnerabilitiesImported == 0 {
 		summary.WriteString("This scan found no other vulnerabilities in ")
@@ -367,26 +382,26 @@ func (h *TextHandler) summary(c summaryCounters) {
 			summary.WriteString(choose(h.scanLevel.WantSymbols(), ", but your code doesn't appear to call these vulnerabilities.", "."))
 		}
 	}
-	h.wrap("", summary.String(), 80)
-	h.print("\n")
-	// print suggested flags for more/better info depending on scan level and if in verbose mode
+	return summary.String()
+}
+
+func (h *TextHandler) summarySuggestion() string {
+	var sugg strings.Builder
 	switch h.scanLevel {
 	case govulncheck.ScanLevelSymbol:
 		if !h.showAllVulns {
-			h.print("Use ", verboseMessage, ".")
+			sugg.WriteString("Use " + verboseMessage + ".")
 		}
 	case govulncheck.ScanLevelPackage:
-		var message strings.Builder
-		message.WriteString("Use " + symbolMessage)
+		sugg.WriteString("Use " + symbolMessage)
 		if !h.showAllVulns {
-			message.WriteString(" and " + verboseMessage)
+			sugg.WriteString(" and " + verboseMessage)
 		}
-		message.WriteString(".")
-		h.wrap("", message.String(), 80)
+		sugg.WriteString(".")
 	case govulncheck.ScanLevelModule:
-		h.print("Use ", symbolMessage, ".")
+		sugg.WriteString("Use " + symbolMessage + ".")
 	}
-	h.print("\n")
+	return sugg.String()
 }
 
 func (h *TextHandler) style(style style, values ...any) {