aswinnnn / pyscan

python dependency vulnerability scanner, written in Rust.
MIT License
184 stars 6 forks source link

Exit with zero in case of vulnerability found #2

Closed anotherbridge closed 1 year ago

anotherbridge commented 1 year ago

Describe the bug When a vulnerability was found the exit code of the program is zero. Thus it makes it hard to integrate the tool into an automation that should raise an alert in case a vulnerability was found. This is the case when running pyscan either for a specific package or within a repository.

To Reproduce Steps to reproduce the behavior:

  1. Run pyscan package -n requests -v 2.30.0
  2. Run echo $?
  3. Observe that 0 is returned

Expected behavior It is expected that a non-zero exit code is returned in case a vulnerability is found.

Desktop (please complete the following information):

aswinnnn commented 1 year ago

Yes, this is a known case and will be integrated as default way of exiting in the new version as mentioned in the future notes in CHANGELOG.md. I will be closing this issue as its already taken care of and will be released within the next version.

anotherbridge commented 1 year ago

@aswinnnn Is this behavior already released, since I can still not get an exit code of 1 when a vulnerability was detected in one of the packages. The non-zero exit code is only producable when the tool itself encounters an error, e.g. such as described in #16.

aswinnnn commented 1 year ago

It was released, but I moved the scanner functions around in the latest version and looks like I forgot about the exit codes. Fixing it ASAP.

anotherbridge commented 1 year ago

Thanks a lot!