Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(code): Don't write sarif files when no results are found #5728

Merged
merged 1 commit into from
Feb 12, 2025
Merged

fix(code): Don't write sarif files when no results are found #5728

merged 1 commit into from
Feb 12, 2025
+7 −9

Conversation

PeterSchafer
Copy link
Collaborator

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)

What does this PR do?

This PR implements the same behavior for the golang native code test as the legacy implementation, when scanning a code base without findings and using --sarif-file-output. The expected behavior based on the legacy implementation is, that if there are no code test findings, the sarif file is not created at all.

The risk of the change is low, since currently the only affected flow is code test.

Where should the reviewer start?

The main functionality is implemented here snyk/go-application-framework#304

This PR just configures the output workflow and re-enables a test for the golang native implementation, that previously failed due to the difference in behavior.

How should this be manually tested?

Run snyk code test --sarif-file-output=myfile on a code base

  1. with findings => myfile is created
  2. without findings => myfile is not created

@PeterSchafer PeterSchafer requested a review from a team as a code owner February 10, 2025 20:49
@j-luong j-luong force-pushed the chore/CLI-711_noemptysarif branch from d764f14 to 51576b8 Compare February 12, 2025 11:48
@j-luong j-luong enabled auto-merge February 12, 2025 11:48
@j-luong j-luong force-pushed the chore/CLI-711_noemptysarif branch from 51576b8 to 7adc2d2 Compare February 12, 2025 11:58
@j-luong j-luong force-pushed the chore/CLI-711_noemptysarif branch from 7adc2d2 to 5a15113 Compare February 12, 2025 13:50
@j-luong j-luong merged commit c0efca4 into main Feb 12, 2025
7 checks passed
@j-luong j-luong deleted the chore/CLI-711_noemptysarif branch February 12, 2025 15:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sandor-trombitas sandor-trombitas sandor-trombitas approved these changes

@j-luong j-luong j-luong approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@PeterSchafer @sandor-trombitas @j-luong