Fix vulnerability duplicate filtering - Githubissues

PaloAltoNetworks / prisma-cloud-scan

GitHub action to scan container images with Palo Alto Networks' Prisma Cloud

Apache License 2.0

48 stars 41 forks source link

Fix vulnerability duplicate filtering #46

Closed ferozsalam closed 9 months ago

ferozsalam commented 9 months ago

Description

On the latest release (v1.6.2) of the Action, SARIF uploads fail when a container has zero vulnerabilities. The error is:

Failed formatting SARIF: Cannot read properties of undefined (reading 'filter')

The change in this PR ensures that the vulnerabilities variable is always defined, so that this error does not occur.

How Has This Been Tested?

Tested this locally against images with and without vulnerabilities.

Types of changes

Bug fix (non-breaking change which fixes an issue)

Checklist

[x] I have updated the documentation accordingly.
[x] I have read the CONTRIBUTING document.
[x] I have added tests to cover my changes if appropriate.
[x] All new and existing tests passed.

ferozsalam commented 9 months ago

cc @sgordon46 – this fixes an edge case bug introduced in the latest release, would appreciate it if you could take a look!