🐛 Token-Permissions: use same text for read token details as write to…

…ken details (#4025) * use same text for read token details as write token details This was an unintentional regression from v4.13.1 Signed-off-by: Spencer Schrock <sschrock@google.com> * deal with linter warning Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: Spencer Schrock <sschrock@google.com>
ossf · Apr 12, 2024 · f4c3025 · f4c3025
1 parent d8b26d9
commit f4c3025
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/checks/evaluation/signed_releases.go b/checks/evaluation/signed_releases.go
@@ -29,6 +29,8 @@ import (
 var errNoReleaseFound = errors.New("no release found")
 
 // SignedReleases applies the score policy for the Signed-Releases check.
+//
+//nolint:gocognit // surpressing for now
 func SignedReleases(name string,
 	findings []finding.Finding, dl checker.DetailLogger,
 ) checker.CheckResult {

diff --git a/probes/internal/utils/permissions/permissions.go b/probes/internal/utils/permissions/permissions.go
@@ -90,11 +90,13 @@ func ReadTrueLevelFinding(probe string,
 	r checker.TokenPermission,
 	metadata map[string]string,
 ) (*finding.Finding, error) {
-	f, err := finding.NewWith(fs, probe,
-		"found token with 'read' permissions",
-		nil, finding.OutcomeTrue)
+	text, err := createText(r)
 	if err != nil {
-		return nil, fmt.Errorf("%w", err)
+		return nil, err
+	}
+	f, err := finding.NewWith(fs, probe, text, nil, finding.OutcomeTrue)
+	if err != nil {
+		return nil, fmt.Errorf("create finding: %w", err)
 	}
 	if r.File != nil {
 		f = f.WithLocation(r.File.Location())