ossf / scorecard

OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.62k stars 503 forks source link

OpenSSF Scorecard report viewer does not handle nested gitlab groups correctly #4402

Closed stexandev closed 2 weeks ago

stexandev commented 2 weeks ago

Describe the bug

When trying to display the result of a scan for a gitlab repository that uses multi-level groups, the result can not be retrieved because the current implementation (split on "/") only respects the first three parts of the URL.

Reproduction steps Steps to reproduce the behavior:

  1. Load a result for a repo with multi-level groups into the viewer, e.g. `/index.html?uri=gitlab.gwdg.de%2Fsubugoe%2Femo%2Ftido
  2. The result the viewer tries to fetch then is for gitlab.gwdg.de/subugoe/emo

Expected behavior

It is exspected that the viewer can handle multi-level groups and shows the results for such repos.

Additional context Add any other context about the problem here.

stexandev commented 2 weeks ago

Sorry, this went into the wrong repo.