fix: handle CWE name suffixed with 'noinfo'

sonatype-nexus-community / jake

Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.

https://jake.readthedocs.io/

Apache License 2.0

111 stars 24 forks source link

fix: handle CWE name suffixed with 'noinfo' #129

Closed JimmyDore closed 1 year ago

JimmyDore commented 1 year ago

Handles the case where CWE name == CWE-noinfo

It relates to the following issue :

Fixes #128

cc @bhamail / @DarthHater

iorlas commented 1 year ago

Faced this issue just today. Push it please!

JimmyDore commented 1 year ago

Hey ! 2 problems for this MR :

CI steps are failing, poetry seems having a hard time installing some external dependencies :
Can't sign Sonatype CLA, as mentionned in Contributing.md, it seems the website url is not hosted anymore through heroku

rbernalc commented 1 year ago

This also fixed the issue for me. Thanks!

JimmyDore commented 1 year ago

@bhamail After fighting for verifying my commit, seems good to go. I guess you'll be the one managing the merge ?

bhamail commented 1 year ago

@JimmyDore I'm planning to merge this now, however, I was hoping to get some other build issues fixed first. Unfortunately, the build issues are more complex than hoped, so after the merge, the release will likely fail. I don't expect to get time to look at it until next week, so please ping me if nothing happens after next week.

Thanks for the fix!