cli icon indicating copy to clipboard operation
cli copied to clipboard

Published 20 hours ago verified publisher icon snyk

fix: exclude-base-image-vulns to work with autodetected base image

Open RotemS opened this issue 2 years ago • 2 comments

What does this PR do?

Fixes an issue where --exclude-base-image-vulns does not work properly when the base image is auto detected, without using --file

How should this be manually tested?

snyk container test alpine:3.10 with/without --exclude-base-image-vulns

RotemS avatar Sep 02 '21 15:09 RotemS

Warnings
:warning:

Since the CLI is unifying on a standard and improved tooling, we're starting to migrate old-style imports and exports to ES6 ones. A file you've modified is using either module.exports or require(). If you can, please update them to ES6 import syntax and export syntax. Files found:

  • src/lib/snyk-test/legacy.ts

Generated by :no_entry_sign: dangerJS against 5daf6912b1c30256c1a2dec507d47d321890ae44

github-actions[bot] avatar Sep 02 '21 15:09 github-actions[bot]

my updates:

  1. stop tests from blowing up by adding optional chaining to dockerRes.baseImage
  2. added vuln info to fake-server in a manner that would enable us to test excluding base image vulns (PS, I am not very prod in the manner that it's done. welcoming suggestions!)
  3. made sure that has no vulns with flag without a dockerfile tests failed if code is reverted to the way it was before

note: I added the tests under the windows exclusion. the current --exclude-base-image-vulns test was already there, and those tests do in fact don't pass the windows suite. not entirely sure why it's needed. dropped a question in the commit that introduced it.

shaninja avatar Oct 04 '21 09:10 shaninja

🧹 Closing as stale.

thisislawatts avatar Jan 04 '24 13:01 thisislawatts