Skip to content

Commit

Permalink
Return an error if both license scanning and local/offline scanning i…
Browse files Browse the repository at this point in the history 
…s enabled simultaneously (google#703)

When --local-db or --offline flags are passed in the user expects no
requests containing individual packages to be made to an external
service.
  • Loading branch information
@another-rex
another-rex committed Dec 11, 2023
1 parent 55b62d9 commit cc94108
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions pkg/osvscanner/osvscanner.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -708,6 +708,10 @@ func DoScan(actions ScannerActions, r reporter.Reporter) (models.VulnerabilityRe

if actions.CompareLocally {
actions.SkipGit = true

if len(actions.ScanLicensesAllowlist) > 0 || actions.ScanLicensesSummary {
return models.VulnerabilityResults{}, fmt.Errorf("cannot retrieve licenses locally")
}
}

configManager := config.ConfigManager{
Expand Down

0 comments on commit cc94108

Please sign in to comment.