Open Larusso opened 2 years ago
One additional note. I think the logic should also check if the calcualated path actually points to a file not to a directory before attempting to open it. In snyk test
the command fails with EISDIR
The general error handler at snyk/src/lib/unexpected-error.ts:28:5
is eating up a lot of information what was read etc. It took me a better part of 4 hours to nail down the reason why our example failed only during our internal test runs.
If you have a project located on disk in a path that contains the string
.snyk
then the policy parser will fail to load/check a policy file.The reason can be found in this code: https://github.com/snyk/policy/blob/dbda056780173182cd919c3fcaaeb856500da415/lib/index.js#L84-L92 This logic only checks if the path contains
.snyk
not that the path should end with.snyk
. The function assumes since.snyk
is in the path that it is a valid path to a.snyk
file.This issue also breaks other commands like
test
andmonitor
which internally call this logic. We found this during unit tests for our ci system because it generates directories based on internal package names. One such package is calledfoo.bar.snyk
. You get the idea.Expected behaviour
Loads the empty policy
Actual behaviour
Fails to load the policy
Steps to reproduce
.snyk
mkdir -p ~/test/my.snykProject/project
.snyk
file in the project.touch ~/test/my.snykProject/project/.snyk
cd ~/test/my.snykProject/project
snyk policy -d