Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Filter out CPE product candidates that are asterisks #513

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 23, 2021
Merged

Filter out CPE product candidates that are asterisks #513

merged 1 commit into from
Sep 23, 2021

Conversation

@wagoodman
Copy link
Contributor

@wagoodman wagoodman commented Sep 23, 2021
edited
Loading

Any CPE generated should never be * or an empty string, as these value represent "any" value during the matching process in grype.

@wagoodman wagoodman added the bug Something isn't working label Sep 23, 2021
@wagoodman wagoodman requested a review from a team September 23, 2021 00:50
@github-actions
Copy link

Benchmark Test Results

Benchmark results from the latest changes vs base branch 
name                                                   old time/op    new time/op    delta
ImagePackageCatalogers/ruby-gemspec-cataloger-2          1.11ms ± 2%    0.84ms ± 2%  -24.40%  (p=0.008 n=5+5)
ImagePackageCatalogers/python-package-cataloger-2        1.60ms ± 9%    1.21ms ±11%  -24.28%  (p=0.008 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2     551µs ± 5%     412µs ± 4%  -25.19%  (p=0.008 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                 521µs ± 1%     394µs ± 2%  -24.36%  (p=0.008 n=5+5)
ImagePackageCatalogers/rpmdb-cataloger-2                  550µs ± 2%     420µs ± 1%  -23.55%  (p=0.008 n=5+5)
ImagePackageCatalogers/java-cataloger-2                  11.6ms ± 3%     8.9ms ± 1%  -23.40%  (p=0.008 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                  851µs ± 4%     595µs ± 1%  -30.06%  (p=0.008 n=5+5)
ImagePackageCatalogers/go-cataloger-2                     286µs ± 2%     206µs ± 2%  -27.87%  (p=0.008 n=5+5)
ImagePackageCatalogers/rust-cataloger-2                   468µs ± 2%     351µs ± 2%  -25.04%  (p=0.008 n=5+5)

name                                                   old alloc/op   new alloc/op   delta
ImagePackageCatalogers/ruby-gemspec-cataloger-2           134kB ± 0%     133kB ± 0%   -0.35%  (p=0.008 n=5+5)
ImagePackageCatalogers/python-package-cataloger-2         643kB ± 0%     642kB ± 0%   -0.04%  (p=0.008 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2     116kB ± 0%     115kB ± 0%   -0.41%  (p=0.008 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                 127kB ± 0%     126kB ± 0%   -0.40%  (p=0.008 n=5+5)
ImagePackageCatalogers/rpmdb-cataloger-2                  138kB ± 0%     138kB ± 0%   +0.01%  (p=0.008 n=5+5)
ImagePackageCatalogers/java-cataloger-2                  2.64MB ± 0%    2.64MB ± 0%     ~     (p=0.056 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                 1.16MB ± 0%    1.16MB ± 0%   -0.00%  (p=0.008 n=5+5)
ImagePackageCatalogers/go-cataloger-2                    52.8kB ± 0%    52.7kB ± 0%   -0.34%  (p=0.008 n=5+5)
ImagePackageCatalogers/rust-cataloger-2                   110kB ± 0%     110kB ± 0%     ~     (p=1.000 n=4+5)

name                                                   old allocs/op  new allocs/op  delta
ImagePackageCatalogers/ruby-gemspec-cataloger-2           2.04k ± 0%     2.04k ± 0%     ~     (all equal)
ImagePackageCatalogers/python-package-cataloger-2         6.14k ± 0%     6.14k ± 0%     ~     (p=0.556 n=4+5)
ImagePackageCatalogers/javascript-package-cataloger-2     1.93k ± 0%     1.93k ± 0%     ~     (all equal)
ImagePackageCatalogers/dpkgdb-cataloger-2                 2.41k ± 0%     2.41k ± 0%     ~     (all equal)
ImagePackageCatalogers/rpmdb-cataloger-2                  3.20k ± 0%     3.20k ± 0%     ~     (all equal)
ImagePackageCatalogers/java-cataloger-2                   34.8k ± 0%     34.8k ± 0%     ~     (p=0.889 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                  1.92k ± 0%     1.92k ± 0%     ~     (all equal)
ImagePackageCatalogers/go-cataloger-2                     1.42k ± 0%     1.42k ± 0%     ~     (all equal)
ImagePackageCatalogers/rust-cataloger-2                   2.83k ± 0%     2.83k ± 0%     ~     (all equal)

@luhring luhring merged commit 6d4d083 into main Sep 23, 2021
@luhring luhring deleted the cpe-generation-asterisk-filter branch September 23, 2021 00:55
spiffcs added a commit that referenced this pull request Sep 30, 2021
@spiffcs
Merge branch 'main' into 460-debian-license-upgrade
0095f69 
* main:
  Add vendor + product known good CPE field values (#517)
  Add SBOM to releases (#500)
  Add announcement for KubeCon meetup (#515)
  Prevent invalid CPE field values (#514)
  Filter out CPE product candidates that are asterisks (#513)
  Use Anchore fork of packageurl lib without replace directive (#512)
  update log file permissions to 0644 (#511)

Signed-off-by: Christopher Angelo Phillips <[email protected]>
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@wagoodman
Filter out CPE product candidates that are asterisks (anchore#513)
c57ceba 
Signed-off-by: Alex Goodman <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@luhring luhring luhring approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@wagoodman @luhring