cve-bin-tool icon indicating copy to clipboard operation
cve-bin-tool copied to clipboard

Published 20 hours ago verified publisher icon intel

feat: checker-experiment

Open joydeep049 opened this issue 1 year ago • 3 comments

This experiment is an extension of the CI-Pre-Checker github action. https://github.com/intel/cve-bin-tool/pull/3840

This script aims to print any and all the checkers which have {product,version} pairs in their VENDOR_PRODUCT which do NOT have any associated,reported CVEs After this experiment is done and all the pre-existing checkers are taken care of , we can proceed to add the CI-Pre-checker github action for any newly added/updated checkers.

Result: All the pre-existing checkers are in the clear. We can go ahead and add the github action.

joydeep049 avatar Feb 27 '24 14:02 joydeep049

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 75.71%. Comparing base (d6cbe40) to head (f3fb022). Report is 38 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3873      +/-   ##
==========================================
+ Coverage   75.41%   75.71%   +0.30%     
==========================================
  Files         808      809       +1     
  Lines       11983    12108     +125     
  Branches     1598     1634      +36     
==========================================
+ Hits         9037     9168     +131     
+ Misses       2593     2588       -5     
+ Partials      353      352       -1
Flag Coverage Δ
longtests 75.71% <ø> (+0.30%) :arrow_up:

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov-commenter avatar Feb 27 '24 16:02 codecov-commenter

I'll look into the checker experiment PR once I'm done with my midsems. Meanwhile get well soon @terriko :)

joydeep049 avatar Mar 01 '24 13:03 joydeep049

Marking this as blocked because I honestly don't know what to do with it right now and I don't intend to review it again until after the 3.3 release is out.

terriko avatar Apr 03 '24 21:04 terriko

Hey, finally circling back to some old pull requests...

@joydeep049 did you want to put a SPDX header onto this and have it merged? I don't think we're desperate to have it, but it's nice work that could help someone else poke around in this space and I don't see any harm in having it in the experiments directory, but I do want it to have a correct license header.

Our standard header is here: https://github.com/intel/cve-bin-tool/blob/main/spdx_header.txt

Feel free to use your name instead of Intel Corporation if you prefer.

And equally, if you're done with all this and don't want to think about it, feel free to just close it!

I've made the changes. If we're merging this, maybe we should take another look at https://github.com/intel/cve-bin-tool/pull/3840.

joydeep049 avatar Aug 09 '24 03:08 joydeep049

Yes, #3840 is definitely on my radar! I'm trying to alternate between making decisions on older pull requests and working on stuff I have tagged for 3.4 this week and next before we hopefully get an early pre-release out.

terriko avatar Aug 09 '24 17:08 terriko