Closed ikretz closed 2 months ago
Alternately, we could explicitly adopt a convention that scanners should only return messages with non-null results @ikretz this is the default behaviour. But instead of using the sole string as you suggest, it uses an extra boolean flag ruleMatches for that purpose, if false then message is discarded.
in: guarddog/analyzer/metadata/detector.py, it reads:
# returns (ruleMatches, message)
I don't see it as a bug TBH
Agreed, as discussed, this is a case of a scanner returning a message that it knows will be dropped by the analyzer. It is not a bug. We might consider explicitly documenting this behavior of Analyzer
somewhere.
Some metadata scanners may return messages even in the case of a null result.
DeceptiveAuthorDetector
is an example of this behavior:However,
Analyzer.analyze_metadata()
drops all such messages:We should keep all scanner messages regardless of findings.
Alternately, we could explicitly adopt a convention that scanners should only return messages with non-null results. This would let us simplify the
Analyzer.analyze_metadata()
interface: a return value ofNone
means no findings and astr
means findings with the given message.