cve-bin-tool
cve-bin-tool copied to clipboard
intel
feat: No Scan SOC for language parsers
Separation of Concerns for the language parser pipeline for the No-Scan Work.
cc @terriko @anthonyharrison @mastersans
=================================== FAILURES ===================================
_____________________ TestSourceOSV.test_update_ecosystems _____________________
self = <test.test_source_osv.TestSourceOSV object at 0x7fc350c791d0>
@pytest.mark.asyncio
@pytest.mark.skipif(not EXTERNAL_SYSTEM(), reason="Needs network connection.")
async def test_update_ecosystems(self):
await self.osv.update_ecosystems()
ecosystems_txt = make_http_requests(
"text", url=self.ecosystems_url, timeout=300
).strip("\n")
expected_ecosystems = set(ecosystems_txt.split("\n"))
# Because ecosystems.txt does not contain the complete list, this must be
# manually fixed up.
expected_ecosystems.add("DWF")
expected_ecosystems.add("JavaScript")
# Assert that there are no missing ecosystems
> assert all(x in self.osv.ecosystems for x in expected_ecosystems)
E assert False
E + where False = all(<generator object TestSourceOSV.test_update_ecosystems.<locals>.<genexpr> at 0x7fc34fe01b10>)
test/test_source_osv.py:1[84](https://github.com/intel/cve-bin-tool/actions/runs/15675174394/job/44153701064?pr=5143#step:15:85): AssertionError
Might this error be due to the problems we are having with the OSV data source?
I've merged #4929 which should solve the OSV problem so I'm going to try updating this branch
I think this can be merged now @terriko @anthonyharrison
After this is merged we have a full no-scan mode with proper outputs. Request anyone who has time to test it.