fix(output): ensure that vulnerabilities are sorted by ID across groups in table output #1598
Conversation
G-Rath
force-pushed
the
consistent-sort2
branch
from
2dbde28 to
f710b63
Compare
| @@ -207,6 +209,11 @@ func tableBuilderInner(vulnResult *models.VulnerabilityResults, calledVulns bool | |||
| source.Path = sourcePath | |||
| } | |||
|
|
|||
| // Ensure that groups are sorted consistently using the first ID in each group | |||
| slices.SortFunc(pkg.Groups, func(a, b models.GroupInfo) int { | |||
There was a problem hiding this comment.
note that this is actually modifying the value of pkg.Groups on the struct, which applies outside of this function - I actually thought Go didn't work like this, but apparently it does.
I have somewhat mixed feelings about doing it, as generally this is considered bad practice (especially as it's not obvious), but it saves us a few lines of code + a variable, and any bug that it causes I would expect to be because whatever is being impacted should itself be doing a sort if it cares about the order...
There was a problem hiding this comment.
I think the best approach here is probably to replace everything with Output/Result, which is already sorted and contains all the data we need to display (even extras). I should probably update it for consistency (since container scanning result uses Output/Result).
There was a problem hiding this comment.
I've had an initial go at this over in #1609 which seemed promising but still has some work to go, so I'd like to land this PR in the short-term if that's ok as it greatly reduces the noise in some of the other work I'm doing with the test suite
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1598 +/- ##
==========================================
+ Coverage 69.30% 69.32% +0.02%
==========================================
Files 200 200
Lines 19033 19036 +3
==========================================
+ Hits 13190 13196 +6
+ Misses 5135 5133 -2
+ Partials 708 707 -1 ☔ View full report in Codecov by Sentry. |
G-Rath
force-pushed
the
consistent-sort2
branch
from
f710b63 to
5c75853
Compare
While prototyping some changes to help with #1567, I discovered that the table output format is not explicitly sorting vulnerabilities across their groups, meaning we're assumingly using the order that the API gives us, and means our current output does not actually follow a predictable order.
To address this, I've modified the table outputter to sort vulnerability groups by the first ID in each group as a group by definition will always have at least one ID and the first ID should be the one primary one since we already sort ids within each group as part of building the general results