Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a ScanCode.io addon pipeline to run a clamav scan on a codebase #1182

Closed
pombredanne opened this issue Apr 25, 2024 · 2 comments
Closed

Create a ScanCode.io addon pipeline to run a clamav scan on a codebase #1182

pombredanne opened this issue Apr 25, 2024 · 2 comments
Assignees
@tdruez

Comments

@pombredanne
Copy link
Member

pombredanne commented Apr 25, 2024
edited

  • This would expect that clamav is installed and in the path
  • We should run clamscan on the extracted codebase
  • If there are viruses detected, we should report an error message for the affected resource.
  • At a later stage we could consolidate reporting with the vulnerabilities reporting
@pombredanne pombredanne mentioned this issue Apr 25, 2024
Closed
2 tasks
@pombredanne pombredanne transferred this issue from nexB/purldb Apr 25, 2024
tdruez added a commit that referenced this issue Apr 30, 2024
@tdruez
Implement a ScanForVirus Pipeline #1182
19e9963 
Signed-off-by: tdruez <tdruez@nexb.com>
@pombredanne
Copy link
Member Author

pombredanne commented May 8, 2024
edited

Note that for using clamd, we need to track the LGPL-3.0-or-later license of https://github.com/graingert/python-clamd and add the missing license text .... See graingert/python-clamd#5
@graingert do you want a patch?

tdruez added a commit that referenced this issue May 27, 2024
@tdruez
Create Project error on Virus detection #1182
997cd6a 
Signed-off-by: tdruez <tdruez@nexb.com>
tdruez added a commit that referenced this issue May 29, 2024
@tdruez
Add changelog entry and documentation for the new pipeline #1182
1f4cce4 
Signed-off-by: tdruez <tdruez@nexb.com>
tdruez added a commit that referenced this issue May 30, 2024
@tdruez
Move the scan_for_virus function in a new clamv pipes module #1182
e5ac32e 
Signed-off-by: tdruez <tdruez@nexb.com>
tdruez added a commit that referenced this issue May 30, 2024
@tdruez
Add unit test #1182
e4ccdc6 
Signed-off-by: tdruez <tdruez@nexb.com>
tdruez added a commit that referenced this issue May 30, 2024
@tdruez
Implement a ScanForVirus Pipeline #1182 (#1193)
1fb34ad 
Signed-off-by: tdruez <tdruez@nexb.com>
@tdruez
Copy link
Member

tdruez commented May 30, 2024

New pipeline merged.

@tdruez tdruez closed this as completed May 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tdruez tdruez

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tdruez @pombredanne