search

intel / cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
https://cve-bin-tool.readthedocs.io/en/latest/
GNU General Public License v3.0
1.14k stars 444 forks source link

currently failing tests #4243

Open terriko opened 4 days ago

terriko commented 4 days ago 
=========================== short test summary info ============================
FAILED test/test_csv2cve.py::TestCSV2CVE::test_csv2cve_valid_file - AssertionError: assert ('cve_bin_tool', 20, 'There are 2 products with known CVEs detected') in [('cve_bin_tool', 20, 'CVE Binary Tool v3.3.1dev0'), ('cve_bin_tool', 20, 'This product uses the NVD API but is not endorsed or certified by the NVD.'), ('cve_bin_tool.CVEDB', 20, 'Using cached CVE data (<24h old). Use -u now to update immediately.'), ('cve_bin_tool.CVEDB', 20, 'There are 151760 CVE entries in the database'), ('cve_bin_tool.CVEDB', 20, 'There are 133779 CVE entries from OSV in the database'), ('cve_bin_tool.CVEDB', 20, 'There are 17981 CVE entries from REDHAT in the database'), ...]
 +  where [('cve_bin_tool', 20, 'CVE Binary Tool v3.3.1dev0'), ('cve_bin_tool', 20, 'This product uses the NVD API but is not endorsed or certified by the NVD.'), ('cve_bin_tool.CVEDB', 20, 'Using cached CVE data (<24h old). Use -u now to update immediately.'), ('cve_bin_tool.CVEDB', 20, 'There are 151760 CVE entries in the database'), ('cve_bin_tool.CVEDB', 20, 'There are 133779 CVE entries from OSV in the database'), ('cve_bin_tool.CVEDB', 20, 'There are 17981 CVE entries from REDHAT in the database'), ...] = <_pytest.logging.LogCaptureFixture object at 0x7fa0d05c4d30>.record_tuples
FAILED test/test_exploits.py::TestExploitScanner::test_exploit_checker[True-exploits_list0-product_info0-triage_info0-CRITICAL-EXPLOIT] - IndexError: list index out of range
FAILED test/test_exploits.py::TestExploitScanner::test_exploit_checker[False-exploits_list1-product_info1-triage_info1-CRITICAL] - IndexError: list index out of range
FAILED test/test_exploits.py::TestExploitScanner::test_exploit_checker[True-exploits_list2-product_info2-triage_info2-CRITICAL] - IndexError: list index out of range
FAILED test/test_exploits.py::TestExploitScanner::test_exploit_checker[False-exploits_list3-product_info3-triage_info3-CRITICAL] - IndexError: list index out of range
FAILED test/test_language_scanner.py::TestLanguageScanner::test_python_package[/home/runner/work/cve-bin-tool/cve-bin-tool/test/language_data/PKG-INFO] - AssertionError: assert ProductInfo(v...O', purl=None) == ProductInfo(v...O', purl=None)

  Omitting 4 identical items, use -vv to show
  Differing attributes:
  ['vendor']

  Drill down into differing attribute vendor:
    vendor: 'UNKNOWN' != 'facebook'
    - facebook
    + UNKNOWN

  Full diff:
  - ProductInfo(vendor='facebook', product='zstandard', version='0.18.0', location='/home/runner/work/cve-bin-tool/cve-bin-tool/test/language_data/PKG-INFO', purl=None)
  ?                     ^^^^^^^^
  + ProductInfo(vendor='UNKNOWN', product='zstandard', version='0.18.0', location='/home/runner/work/cve-bin-tool/cve-bin-tool/test/language_data/PKG-INFO', purl=None)
  ?                     ^^^^^^^
FAILED test/test_sbom.py::TestSBOM::test_valid_spdx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/spdx_test.spdx-spdx_parsed_data0] - AssertionError: assert ProductInfo(vendor='saxon', product='saxon', version='8.8', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='jena', version='3.12.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='saxon', version='8.8', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_spdx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/spdx_test.spdx.rdf-spdx_parsed_data1] - AssertionError: assert ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='unknown', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='saxon', version='8.8', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='jena', version='3.12.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_spdx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/spdx_test.spdx.json-spdx_parsed_data2] - AssertionError: assert ProductInfo(vendor='saxon', product='saxon', version='8.8', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='jena', version='3.12.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='saxon', version='8.8', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_spdx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/spdx_test.spdx.xml-spdx_parsed_data3] - AssertionError: assert ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='unknown', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='jena', version='3.12.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='saxon', version='8.8', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_spdx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/spdx_test.spdx.yml-spdx_parsed_data4] - AssertionError: assert ProductInfo(vendor='saxon', product='saxon', version='8.8', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='jena', version='3.12.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='saxon', version='8.8', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_spdx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/spdx_test.spdx.yaml-spdx_parsed_data5] - AssertionError: assert ProductInfo(vendor='saxon', product='saxon', version='8.8', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='jena', version='3.12.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='saxon', version='8.8', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_spdx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/spdx_mixed_test.spdx.json-spdx_parsed_data6] - AssertionError: assert ProductInfo(vendor='saxon', product='saxon', version='8.8', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='jena', version='3.12.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='saxon', version='8.8', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_cyclonedx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/cyclonedx_test.xml-cyclonedx_parsed_data0] - AssertionError: assert ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='acme', product='application', version='9.1.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='tomcat-catalina', version='9.0.14', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='unknown', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_cyclonedx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/cyclonedx_test.json-cyclonedx_parsed_data1] - AssertionError: assert ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='acme', product='application', version='9.1.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='tomcat-catalina', version='9.0.14', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='unknown', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_cyclonedx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/cyclonedx_test2.json-cyclonedx_parsed_data2] - AssertionError: assert ProductInfo(vendor='ubuntu', product='ubuntu', version='22.04', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='acme', product='application', version='9.1.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='tomcat-catalina', version='9.0.14', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='web-framework', version='1.0.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='ubuntu', version='22.04', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='boot-prom', version='1.0.9', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_valid_cyclonedx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/cyclonedx_mixed_test.json-cyclonedx_parsed_data3] - AssertionError: assert ProductInfo(vendor='gnu', product='glibc', version='2.11.1', location='NotFound', purl=None) in defaultdict(<class 'dict'>, {ProductInfo(vendor='acme', product='application', version='9.1.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='tomcat-catalina', version='9.0.14', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='unknown', product='glibc', version='2.11.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='invalid_purl_package', version='1.1.0', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}})
FAILED test/test_sbom.py::TestSBOM::test_bad_ext_ref_cyclonedx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/cyclonedx_bad_cpe22.json-cyclonedx_parsed_data0] - AssertionError: assert ProductInfo(vendor='libexpat_project', product='libexpat', version='2.0.1', location='NotFound', purl=None) in dict_keys([ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None), ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None)])
 +  where dict_keys([ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None), ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None)]) = <built-in method keys of collections.defaultdict object at 0x7f6dcccb44f0>()
 +    where <built-in method keys of collections.defaultdict object at 0x7f6dcccb44f0> = defaultdict(<class 'dict'>, {ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}}).keys
FAILED test/test_sbom.py::TestSBOM::test_bad_ext_ref_cyclonedx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/cyclonedx_bad_cpe23.json-cyclonedx_parsed_data1] - AssertionError: assert ProductInfo(vendor='libexpat_project', product='libexpat', version='2.0.1', location='NotFound', purl=None) in dict_keys([ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None), ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None)])
 +  where dict_keys([ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None), ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None)]) = <built-in method keys of collections.defaultdict object at 0x7f6dccb882c0>()
 +    where <built-in method keys of collections.defaultdict object at 0x7f6dccb882c0> = defaultdict(<class 'dict'>, {ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}}).keys
FAILED test/test_sbom.py::TestSBOM::test_bad_ext_ref_cyclonedx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/cyclonedx_bad_purl.json-cyclonedx_parsed_data2] - AssertionError: assert ProductInfo(vendor='libexpat_project', product='libexpat', version='2.0.1', location='NotFound', purl=None) in dict_keys([ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None), ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None)])
 +  where dict_keys([ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None), ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None), ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None)]) = <built-in method keys of collections.defaultdict object at 0x7f6dd28c4130>()
 +    where <built-in method keys of collections.defaultdict object at 0x7f6dd28c4130> = defaultdict(<class 'dict'>, {ProductInfo(vendor='UNKNOWN', product='libjpeg-novendor', version='8b', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='libexpat', version='2.0.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='UNKNOWN', product='ncurses-noversion', version='5.9.noversion', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='zlib', product='zlib', version='1.2.3', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}}).keys
FAILED test/test_sbom.py::TestSBOM::test_ext_ref_priority_cyclonedx_file[/home/runner/work/cve-bin-tool/cve-bin-tool/test/sbom/cyclonedx_ext_ref_priority.json-cyclonedx_parsed_data0] - AssertionError: assert ProductInfo(vendor='gnu', product='ncurses', version='5.9', location='NotFound', purl=None) in dict_keys([ProductInfo(vendor='ijg', product='libjpeg', version='8b', location='NotFound', purl=None), ProductInfo(vendor='libexpat_project', product='libexpat', version='2.0.1', location='NotFound', purl=None), ProductInfo(vendor='unknown', product='ncurses', version='5.9', location='NotFound', purl=None), ProductInfo(vendor='unknown', product='zlib', version='1.2.3', location='NotFound', purl=None)])
 +  where dict_keys([ProductInfo(vendor='ijg', product='libjpeg', version='8b', location='NotFound', purl=None), ProductInfo(vendor='libexpat_project', product='libexpat', version='2.0.1', location='NotFound', purl=None), ProductInfo(vendor='unknown', product='ncurses', version='5.9', location='NotFound', purl=None), ProductInfo(vendor='unknown', product='zlib', version='1.2.3', location='NotFound', purl=None)]) = <built-in method keys of collections.defaultdict object at 0x7f6dccd5a160>()
 +    where <built-in method keys of collections.defaultdict object at 0x7f6dccd5a160> = defaultdict(<class 'dict'>, {ProductInfo(vendor='ijg', product='libjpeg', version='8b', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='libexpat_project', product='libexpat', version='2.0.1', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='unknown', product='ncurses', version='5.9', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}, ProductInfo(vendor='unknown', product='zlib', version='1.2.3', location='NotFound', purl=None): {'default': {'remarks': <Remarks.NewFound: 1>, 'comments': '', 'severity': ''}, 'paths': {''}}}).keys
FAILED test/test_sbom.py::TestSBOM::test_common_prefix_split[openzeppelin-contracts-4.8.1-productinfo0-no_existent_file] - AssertionError: assert ProductInfo(vendor='openzeppelin', product='contracts', version='4.8.1', location='NotFound', purl=None) in []
FAILED test/test_sbom.py::TestSBOM::test_common_prefix_split[rubygem-builder-3.2.4-productinfo1-no_existent_file] - AssertionError: assert ProductInfo(vendor='downline_goldmine', product='builder', version='3.2.4', location='NotFound', purl=None) in []
FAILED test/test_triage.py::TestTriage::test_json - assert 0 >= 1
 +  where 0 = len([])
==== 24 failed, 1988 passed, 21 skipped, 41 warnings in 1433.83s (0:23:53) =====

This looks like one of those days where vendors wind up marked as UNKNOWN, which I thought was fixed by the recent changes to the OSV parsing of linked issues. So I'm not sure what's going on here.

@mastersans and @inosmeet -- if these are blocking you from continuing to work / get PRs merged, please go ahead and make a PR that moves those 24 tests into the network-mayfail github actions job and we'll sort them out later.

mastersans commented 4 days ago

@terriko @inosmeet i re-ran the test and seems they are passing again.

inosmeet commented 4 days ago

yeah! might be due to bad cache

mastersans commented 2 days ago

and they are failing againn........ : (