You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What did you do? (required. The issue will be closed when not provided.)
I am running an offline scan to look at libraries only and send the output to another vuls server later with the following command with v0.12.3.
Command and configuration file are below.
What did you expect to happen?
I expected the scan to complete without error.
What happened instead?
I get errors in the output and the return value of 1, which breaks my shell scripts and automation pipelines. This is because the grep command used when shelling out is too specific, I have multiple files from the procfs pseudo-filesystem that are not failing with Permission Denied errors, but Invalid Argument these are making their way through, as referenced in the stacktrace info that points to this error check here.
I will file a PR to propose a fix to this issue once I submit this.
Run a scan command running with the following configuration.
Configuration (MUST fill this out):
Vuls environment:
To check the commit hash of HEAD
$ vuls -v
$ vuls -v
vuls 0.9.9
NOTE: This is broken, I will be looking into this and filing another issue. I use a configuration management tool to download tagged releases from Github, this version number is incorrectly coded in v0.12.3.
or
$ cd $GOPATH/src/github.com/future-architect/vuls
$ git rev-parse --short HEAD
Fixesfuture-architect#1055.
When find throws an error, it prefixes an error with the utility name,
(`find` by default), the quoted path where find encountered the error,
and the specific error message.
As it stands now, vuls only filters out the 'Permission Denied' message.
Informal testing in a Ubuntu system found other errors from the procfs
pseudo-filesystem. So this fix will filter out all error messages, as find
is only used to lock for language runtime dependency lockfiles, and
nothing else.
What did you do? (required. The issue will be closed when not provided.)
I am running an offline scan to look at libraries only and send the output to another vuls server later with the following command with v0.12.3.
Command and configuration file are below.
What did you expect to happen?
I expected the scan to complete without error.
What happened instead?
I get errors in the output and the return value of 1, which breaks my shell scripts and automation pipelines. This is because the
grep
command used when shelling out is too specific, I have multiple files from the procfs pseudo-filesystem that are not failing withPermission Denied
errors, butInvalid Argument
these are making their way through, as referenced in the stacktrace info that points to this error check here.I will file a PR to propose a fix to this issue once I submit this.
Please re-run the command using
-debug
and provide the output below.Steps to reproduce the behaviour
Run a scan command running with the following configuration.
Configuration (MUST fill this out):
To check the commit hash of HEAD
$ vuls -v
NOTE: This is broken, I will be looking into this and filing another issue. I use a configuration management tool to download tagged releases from Github, this version number is incorrectly coded in v0.12.3.
or
$ cd $GOPATH/src/github.com/future-architect/vuls
$ git rev-parse --short HEAD
vuls scan -debug -config=config.toml -libs-only -results-dir=/home/appuser/tmp/
The text was updated successfully, but these errors were encountered: