search

google / osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev
https://google.github.io/osv-scanner/
Apache License 2.0
6.15k stars 347 forks source link

feat: assume `txt` files with "requirements" in their name are `requirements.txt` files #1271

Closed G-Rath closed 5 days ago

G-Rath commented 5 days ago

This relaxes our logic for deciding if we can parse a file as a requirements.txt: we now assume any file that has "requirements" in its name and ends with .txt is probably a requirements.txt, which matches logic found elsewhere in the wild (e.g. dependabot).

Resolves #1266 Resolves #370 Resolves #67

codecov-commenter commented 5 days ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 68.37%. Comparing base (6d17d98) to head (7c1f0ad).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1271 +/- ## ======================================= Coverage 68.37% 68.37% ======================================= Files 175 175 Lines 16784 16786 +2 ======================================= + Hits 11476 11478 +2 Misses 4677 4677 Partials 631 631 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.