search

synopsys-sig / detect-action

Apache License 2.0
28 stars 31 forks source link

Black Duck - FAILURE ACCURACY NOT MET #66

Open 212764934 opened 9 months ago

212764934 commented 9 months ago

We have a project developed in angular ( version 10.2 ) and during the Bluck Duck scan we are getting the following error:

2024-02-05 11:13:01 UTC INFO  [main] --- ======== Detect Status ========
2024-02-05 11:13:01 UTC INFO  [main] --- 
2024-02-05 11:13:01 UTC INFO  [main] --- GIT: SUCCESS
2024-02-05 11:13:01 UTC INFO  [main] --- NPM: SUCCESS
2024-02-05 11:13:01 UTC INFO  [main] --- 
2024-02-05 11:13:01 UTC INFO  [main] --- Signature scan / Snippet scan on /home/runner/work/myAct-FE-Homepage/myAct-FE-Homepage: SUCCESS
2024-02-05 11:13:01 UTC INFO  [main] --- Overall Status: FAILURE_ACCURACY_NOT_MET - Detect was unable to meet the required accuracy.
2024-02-05 11:13:01 UTC INFO  [main] --- 
2024-02-05 11:13:01 UTC INFO  [main] --- If you need help troubleshooting this problem, generate a diagnostic zip file by adding '-d' to the command line, and provide it to Synopsys Technical Support. See 'Diagnostic Mode' in the Detect documentation for more information.
2024-02-05 11:13:01 UTC INFO  [main] --- 
2024-02-05 11:13:01 UTC INFO  [main] --- ===============================
2024-02-05 11:13:01 UTC INFO  [main] --- 
2024-02-05 11:13:01 UTC INFO  [main] --- Detect duration: 00h 00m 55s 136ms
2024-02-05 11:13:01 UTC ERROR [main] --- Exiting with code 15 - FAILURE_ACCURACY_NOT_MET
Error: Detect failed with exit code: 15. Check the logs for more information.
0s
Run echo "::error ::OSS BackDuck Scans has findings for blocking rules."
  echo "::error ::OSS BackDuck Scans has findings for blocking rules."
  exit [1](https://github.com/DaVinciLab-bh/myAct-FE-Homepage/actions/runs/7783551453/job/21222243524#step:8:1)
  shell: /usr/bin/bash -e {0}
Error: OSS BackDuck Scans has findings for blocking rules.
Error: Process completed with exit code 1.

How we can configure the ACCURACY ?

here our code:

- name: Synopsys Detect Frontend
  if: ${{ inputs.is_frontend == true }}
  id: oss-scan-fe
  uses: synopsys-sig/detect-action@v0.3.4
  env:
    DETECT_NPM_DEPENDENCY_TYPES_EXCLUDED: DEV
    DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
    DETECT_PROJECT_VERSION_NAME: develop          
    DETECT_PROJECT_GROUP_NAME: DVL
  with:
    scan-mode: INTELLIGENT          
    detect-version: ${{ inputs.detect-version-fe }}
    blackduck-api-token: ${{ secrets.BLACKDUCK_API_TOKEN }}
    blackduck-url: ${{ secrets.BLACKDUCK_URL }}
    github-token: ${{ secrets.GITHUB_TOKEN }}
cariad-robert-abel commented 5 months ago

I found this knowledge base article on Synopsys' site: FAILURE_ACCURACY_NOT_MET - Detect was unable to meet the required accuracy.

So going from there and related documentation, see https://sig-product-docs.synopsys.com/bundle/integrations-detect/page/runningdetect/runincontainer.html, you should be good by simply adding DETECT_ACCURACY_REQUIRED: NONE to your env.