The workflow fails if there are no dependabot alerts ever generated on the repo

advanced-security / dependabot-epss-action

Action to detect if any open :dependabot: Dependabot alert CVEs exceed an EPSS threshold and fail the workflow.

MIT License

2 stars 1 forks source link

The workflow fails if there are no dependabot alerts ever generated on the repo #3

Closed leonsparrowJM closed 2 months ago

leonsparrowJM commented 2 months ago

Wibble/SecDevOps---CondaDependabot Dependabot CVEs Count: 0

ForEach-Object: /home/runner/work/_actions/advanced-security/dependabot-epss-action/v0/action.ps1:136 Line | 136 | … = $Dependabot_AlertsCVEs | ForEach-Object { $epssHash[$] } | Where … | ~~~~~~~~ | Index operation failed; the array index evaluated to null. Error: Process completed with exit code 1.

felickz commented 2 months ago

News to me that powershell attempts to iterate over a $null :

> $null | %{ $PSVersionTable[$_] }
InvalidOperation: Index operation failed; the array index evaluated to null.

Thanks for your contribution!