pr fixes

balteravishay · balteravishay · commit d537a449efe9 · 2025-02-26T13:49:27.000Z
Signed-off-by: balteravishay &lt;avishay.balter@gmail.com&gt;
diff --git a/probes/unsafeblock/def.yml b/probes/unsafeblock/def.yml
@@ -25,10 +25,10 @@ implementation: >
   - for go the probe will look for the use of the `unsafe` include directive.
   - for c# the probe will look at the csproj and identify the use of the `AllowUnsafeBlocks` property.
 outcome:
-  - For supported ecosystem, the probe returns OutcomeFalse per unsafe block.
-  - If the project has no unsafe blocks, the probe returns OutcomeTrue.
+  - For supported ecosystem, the probe returns OutcomeTrue per unsafe block.
+  - If the project has no unsafe blocks, the probe returns OutcomeFalse.
 remediation:
-  onOutcome: False
+  onOutcome: True
   effort: Medium
   text:
     - Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.
diff --git a/probes/unsafeblock/impl.go b/probes/unsafeblock/impl.go
@@ -59,12 +59,12 @@ func init() {
 }
 
 func Run(raw *checker.CheckRequest) (found []finding.Finding, probeName string, err error) {
-	prominentLangs, err := getLanguageChecks(raw)
+	repoLanguageChecks, err := getLanguageChecks(raw)
 	if err != nil {
 		return nil, Probe, err
 	}
 	findings := []finding.Finding{}
-	for _, lang := range prominentLangs {
+	for _, lang := range repoLanguageChecks {
 		langFindings, err := lang.funcPointer(raw)
 		if err != nil {
 			return nil, Probe, fmt.Errorf("error while running function for language %s: %w", lang.Desc, err)
@@ -73,7 +73,7 @@ func Run(raw *checker.CheckRequest) (found []finding.Finding, probeName string,
 	}
 	if len(findings) == 0 {
 		found, err := finding.NewWith(fs, Probe,
-			"All supported ecosystems do not declare or use unsafe code blocks", nil, finding.OutcomeTrue)
+			"All supported ecosystems do not declare or use unsafe code blocks", nil, finding.OutcomeFalse)
 		if err != nil {
 			return nil, Probe, fmt.Errorf("create finding: %w", err)
 		}
@@ -87,9 +87,6 @@ func getLanguageChecks(raw *checker.CheckRequest) ([]languageMemoryCheckConfig,
 	if err != nil {
 		return nil, fmt.Errorf("cannot get langs of repo: %w", err)
 	}
-	if len(langs) == 0 {
-		return []languageMemoryCheckConfig{}, nil
-	}
 	if len(langs) == 1 && langs[0].Name == clients.All {
 		return getAllLanguages(), nil
 	}
@@ -150,7 +147,7 @@ func goCodeUsesUnsafePackage(path string, content []byte, args ...interface{}) (
 			found, err := finding.NewWith(fs, Probe,
 				"Golang code uses the unsafe package", &finding.Location{
 					Path: path, LineStart: &lineStart,
-				}, finding.OutcomeFalse)
+				}, finding.OutcomeTrue)
 			if err != nil {
 				return false, fmt.Errorf("create finding: %w", err)
 			}
@@ -198,7 +195,7 @@ func csProjAllosUnsafeBlocks(path string, content []byte, args ...interface{}) (
 		found, err := finding.NewWith(fs, Probe,
 			"C# project file allows the use of unsafe blocks", &finding.Location{
 				Path: path,
-			}, finding.OutcomeFalse)
+			}, finding.OutcomeTrue)
 		if err != nil {
 			return false, fmt.Errorf("create finding: %w", err)
 		}
diff --git a/probes/unsafeblock/impl_test.go b/probes/unsafeblock/impl_test.go
@@ -28,6 +28,7 @@ import (
 	"github.com/ossf/scorecard/v5/clients"
 	mockrepo "github.com/ossf/scorecard/v5/clients/mockclients"
 	"github.com/ossf/scorecard/v5/finding"
+	scut "github.com/ossf/scorecard/v5/utests"
 )
 
 func Test_Run(t *testing.T) {
@@ -49,7 +50,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -65,7 +66,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -81,7 +82,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -98,7 +99,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -115,7 +116,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -132,7 +133,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "Golang code uses the unsafe package",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -155,7 +156,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "Golang code uses the unsafe package",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -178,7 +179,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "Golang code uses the unsafe package",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -199,7 +200,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -216,7 +217,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -233,7 +234,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -250,7 +251,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "C# project file allows the use of unsafe blocks",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -273,7 +274,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "C# project file allows the use of unsafe blocks",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -296,7 +297,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "C# project file allows the use of unsafe blocks",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -318,7 +319,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -336,7 +337,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "All supported ecosystems do not declare or use unsafe code blocks",
-					Outcome: finding.OutcomeTrue,
+					Outcome: finding.OutcomeFalse,
 				},
 			},
 			err: nil,
@@ -354,7 +355,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "C# project file allows the use of unsafe blocks",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -377,7 +378,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "Golang code uses the unsafe package",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -400,7 +401,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "Golang code uses the unsafe package",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -410,7 +411,7 @@ func Test_Run(t *testing.T) {
 				{
 					Probe:   Probe,
 					Message: "C# project file allows the use of unsafe blocks",
-					Outcome: finding.OutcomeFalse,
+					Outcome: finding.OutcomeTrue,
 					Remediation: &finding.Remediation{
 						Text:   "Visit the OpenSSF Memory Safety SIG guidance on how to make your project memory safe.\nGuidance for [Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)\nGuidance for [Non Memory-Safe By Default Languages](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)",
 						Effort: 2,
@@ -438,7 +439,7 @@ func Test_Run(t *testing.T) {
 				return os.Open(file)
 			}).AnyTimes()
 			raw.RepoClient = mockRepoClient
-			raw.Dlogger = checker.NewLogger()
+			raw.Dlogger = &scut.TestDetailLogger{}
 			findings, _, err := Run(raw)
 			if err != nil {
 				t.Fatalf("unexpected error: %v", err)
@@ -460,7 +461,7 @@ func Test_Run_Error_ListProgrammingLanguages(t *testing.T) {
 		return nil, fmt.Errorf("error")
 	}).AnyTimes()
 	raw.RepoClient = mockRepoClient
-	raw.Dlogger = checker.NewLogger()
+	raw.Dlogger = &scut.TestDetailLogger{}
 	_, _, err := Run(raw)
 	if err == nil {
 		t.Fatalf("expected error: %v", err)
@@ -500,7 +501,7 @@ func Test_Run_Error_OnMatchingFileContentDo(t *testing.T) {
 				return nil, fmt.Errorf("error")
 			}).AnyTimes()
 			raw.RepoClient = mockRepoClient
-			raw.Dlogger = checker.NewLogger()
+			raw.Dlogger = &scut.TestDetailLogger{}
 			_, _, err := Run(raw)
 			if err.Error() != tt.expectedErr.Error() {
 				t.Error(cmp.Diff(err, tt.expectedErr, cmpopts.EquateErrors()))
