Skip to content

Commit

Permalink
Distinguish between score 0 and missing score in Trusty (#3234)
Browse files Browse the repository at this point in the history
This was a leftover from when trusty didn't have scores for some
packages at all, but it was not handled well. We tried to handle score 0
as missing.

Instead, let's use a `*float64` instead to distinguish between missing
score and score that is set but is zero.
  • Loading branch information
jhrozek authored May 3, 2024
1 parent 2310064 commit 9d5cd7e
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 6 deletions.
4 changes: 2 additions & 2 deletions internal/engine/eval/trusty/actions.go
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ func (sph *summaryPrHandler) generateSummary() (string, error) {

higherScoringAlternatives := make([]Alternative, 0)
for _, alt := range alternative.trustyReply.Alternatives.Packages {
if alt.Score > alternative.trustyReply.Summary.Score {
if alternative.trustyReply.Summary.Score != nil && alt.Score > *alternative.trustyReply.Summary.Score {
alt.PackageNameURL = url.PathEscape(alt.PackageName)
higherScoringAlternatives = append(higherScoringAlternatives, alt)
}
Expand All @@ -145,7 +145,7 @@ func (sph *summaryPrHandler) generateSummary() (string, error) {
Ecosystem: strings.ToLower(alternative.Dependency.Ecosystem.AsString()),
Name: alternative.Dependency.Name,
NameURL: url.PathEscape(alternative.Dependency.Name),
Score: alternative.trustyReply.Summary.Score,
Score: *alternative.trustyReply.Summary.Score,
Alternatives: higherScoringAlternatives,
BaseUrl: constants.TrustyHttpURL,
}); err != nil {
Expand Down
4 changes: 2 additions & 2 deletions internal/engine/eval/trusty/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -119,8 +119,8 @@ func (ec *ecosystemConfig) getScoreSource() string {
}

func (ec *ecosystemConfig) getScore(inSummary ScoreSummary) (float64, error) {
if ec.EvaluateScore == DefaultScore || ec.EvaluateScore == SummaryScore {
return inSummary.Score, nil
if inSummary.Score != nil && (ec.EvaluateScore == DefaultScore || ec.EvaluateScore == SummaryScore) {
return *inSummary.Score, nil
}

// If the score is not the summary score, then it must be in the details
Expand Down
2 changes: 1 addition & 1 deletion internal/engine/eval/trusty/trusty.go
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,7 @@ func (e *Evaluator) Eval(ctx context.Context, pol map[string]any, res *engif.Res
continue
}

if resp.Summary.Score == 0 {
if resp.Summary.Score == nil {
logger.Info().
Str("dependency", dep.Dep.Name).
Msgf("the dependency has no score, skipping")
Expand Down
2 changes: 1 addition & 1 deletion internal/engine/eval/trusty/trusty_rest_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ type Alternative struct {

// ScoreSummary is the summary score returned from the package intelligence API
type ScoreSummary struct {
Score float64 `json:"score"`
Score *float64 `json:"score"`
Description map[string]any `json:"description"`
}

Expand Down

0 comments on commit 9d5cd7e

Please sign in to comment.