We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug Multiple ranges on the same branch are not handled for GIT type.
I created a toy example based on the "multiple range example" : https://ossf.github.io/osv-schema/#multiple-range-example. In order to avoid recreating a toy repository we will reuse the one that we created for the previous issue : https://github.com/RomainLefeuvre/osv_issue_minimal_example with the following git history :
And this range of events :
"events": [ { "introduced": "d241812d2722d573a7b096d44d139946d8dcb484" [X] }, { "fixed": "ec5e313170f68d3fc575d107a8b92d43ae140249" [B] }, { "introduced": "868d891cffe96cd67b2abac82c62ade7219af9b5" [C] }, { "fixed": "80f15009d903ac95ffc5a5a07a3a213e4980bb62" [Y] } ] }
b22dc07
To Reproduce Steps to reproduce the behaviour:
python -m osv.analyze_tool --detect_cherrypicks true --format json "./osv/osv_bug/vuln_2.json"
Result
❯ python -m osv.analyze_tool --format json --detect_cherrypicks true "./osv/osv_bug/vuln_2.json" AnalyzeResult(has_changes=False, commits={'d241812d2722d573a7b096d44d139946d8dcb484', 'e54222cfdedd86a37dc37d999ebc63dccf3fc9da'})
The following commits are detected
d241812d2722d573a7b096d44d139946d8dcb484
e54222cfdedd86a37dc37d999ebc63dccf3fc9da
Expected behaviour C and D should also be reported as vulnerable
The text was updated successfully, but these errors were encountered:
Thanks for the clear bug report!
Sorry, something went wrong.
No branches or pull requests
Describe the bug
Multiple ranges on the same branch are not handled for GIT type.
I created a toy example based on the "multiple range example" : https://ossf.github.io/osv-schema/#multiple-range-example.
In order to avoid recreating a toy repository we will reuse the one that we created for the previous issue :
https://github.com/RomainLefeuvre/osv_issue_minimal_example with the following git history :
And this range of events :
b22dc07
To Reproduce
Steps to reproduce the behaviour:
python -m osv.analyze_tool --detect_cherrypicks true --format json "./osv/osv_bug/vuln_2.json"
Result
The following commits are detected
d241812d2722d573a7b096d44d139946d8dcb484
(X)e54222cfdedd86a37dc37d999ebc63dccf3fc9da
(A)Expected behaviour
C and D should also be reported as vulnerable
The text was updated successfully, but these errors were encountered: