PR fixes

Signed-off-by: balteraivshay <[email protected]>
ossf · Sep 19, 2024 · acacce5 · acacce5
1 parent 43eee27
commit acacce5
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 4 deletions.
diff --git a/checks/fileparser/csproj_parser.go b/checks/fileparser/csproj_parser.go
@@ -1,4 +1,4 @@
-// Copyright 2022 OpenSSF Scorecard Authors
+// Copyright 2024 OpenSSF Scorecard Authors
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

diff --git a/checks/raw/pinned_dependencies.go b/checks/raw/pinned_dependencies.go
@@ -107,7 +107,7 @@ func collectCsprojDependenciesData(c *checker.CheckRequest) ([]checker.Dependenc
 	if err := fileparser.OnMatchingFileContentDo(c.RepoClient, fileparser.PathMatcher{
 		Pattern:       "*.csproj",
 		CaseSensitive: false,
-	}, analyseCsprojLockedMode, &csprojDeps); err != nil {
+	}, analyseCsprojLockedMode, &csprojDeps, c.Dlogger); err != nil {
 		return nil, 0, err
 	}
 
@@ -124,7 +124,16 @@ func analyseCsprojLockedMode(path string, content []byte, args ...interface{}) (
 
 	err, pinned := fileparser.IsRestoreLockedModeEnabled(content)
 	if err != nil {
-		return true, err
+		dl, ok := args[1].(checker.DetailLogger)
+		if !ok {
+			// panic if it is not correct type
+			panic(fmt.Sprintf("expected type checker.DetailLogger, got %v", reflect.TypeOf(args[1])))
+		}
+
+		dl.Warn(&checker.LogMessage{
+			Text: fmt.Sprintf("malformed csproj file: %e", err),
+		})
+		return true, nil
 	}
 
 	dependency := checker.Dependency{
@@ -133,7 +142,7 @@ func analyseCsprojLockedMode(path string, content []byte, args ...interface{}) (
 			Type:      finding.FileTypeSource,
 			Offset:    1,
 			EndOffset: 1,
-			Snippet:   "hello",
+			Snippet:   "<RestoreLockedMode>true</RestoreLockedMode>",
 		},
 		Pinned: asBoolPointer(pinned),
 		Type:   checker.DependencyUseTypeNugetCommand,