I believe this is all that's needed to address the empty results bug in the aforementioned Issue. With the current behavior, we'd return early rather than continuing to iterate through the file reports as soon as a file report with a lower risk was encountered.
@tstromberg -- feel free to validate this with the samples you noted in #449.
Fixes: https://github.com/chainguard-dev/bincapz/issues/449
I believe this is all that's needed to address the empty results bug in the aforementioned Issue. With the current behavior, we'd return early rather than continuing to iterate through the file reports as soon as a file report with a lower risk was encountered.
@tstromberg -- feel free to validate this with the samples you noted in #449.
Prior to the concurrency changes,
processFile
used to returnnil, nil
for this comparison and the value ofprocessFile
was then ignored via acontinue
if it wasnil
: https://github.com/chainguard-dev/bincapz/blob/cb97c603c01a176b893b9616ee62d7d938bad759/pkg/action/scan.go#L229-L235