Skip to content

SBOM generation tool fails during gitignore filtering for libraries with no files #122044

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sethmlarson opened this issue Jul 19, 2024 · 5 comments
Closed

SBOM generation tool fails during gitignore filtering for libraries with no files #122044

sethmlarson opened this issue Jul 19, 2024 · 5 comments
Assignees
@sethmlarson
Labels
type-security A security issue

Comments

@sethmlarson
Copy link
Contributor

sethmlarson commented Jul 19, 2024
edited by bedevere-app bot
Loading

Within #119316 the libb2 library was removed. When running the SBOM generation tool a confusing error is raised during gitignore filtering instead of triggering the helpful error for the "no files for package" condition. This can be avoided by short-circuiting gitignore filtering when no files are present.

Linked PRs
@sethmlarson sethmlarson added the type-security A security issue label Jul 19, 2024
@sethmlarson sethmlarson self-assigned this Jul 19, 2024
@bedevere-app bedevere-app bot mentioned this issue Jul 19, 2024
Merged
@ZeroIntensity
Copy link
Member

Looks like this is not a security issue, just a bug.

@Eclips4
Copy link
Member

Eclips4 commented Jul 20, 2024

Looks like this is not a security issue, just a bug.

I guess that all of the SBOM-related issues are actually related to type-security label.

@sethmlarson
Copy link
Contributor Author

We can change the labeling scheme if it makes it less confusing! :)

@ZeroIntensity
Copy link
Member

I was under the impression that type-security was reserved for things that actually posed a security thread, not things related to packages for cryptography and whatnot.

hugovk pushed a commit that referenced this issue Jul 27, 2024
@sethmlarson
gh-122044: Don't error during gitignore filtering with no files (#122045
4e04d1a 
)
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 27, 2024
@sethmlarson @miss-islington
pythongh-122044: Don't error during gitignore filtering with no files (
7667735 
…pythonGH-122045)

(cherry picked from commit 4e04d1a)

Co-authored-by: Seth Michael Larson <[email protected]>
@bedevere-app bedevere-app bot mentioned this issue Jul 27, 2024
Merged
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 27, 2024
@sethmlarson @miss-islington
pythongh-122044: Don't error during gitignore filtering with no files (
7e51e8f 
…pythonGH-122045)

(cherry picked from commit 4e04d1a)

Co-authored-by: Seth Michael Larson <[email protected]>
@bedevere-app bedevere-app bot mentioned this issue Jul 27, 2024
Merged
hugovk pushed a commit that referenced this issue Jul 27, 2024
@miss-islington @sethmlarson
[3.12] gh-122044: Don't error during gitignore filtering with no files (
0f83b8f 
GH-122045) (#122354)

Co-authored-by: Seth Michael Larson <[email protected]>
hugovk pushed a commit that referenced this issue Jul 27, 2024
@miss-islington @sethmlarson
[3.13] gh-122044: Don't error during gitignore filtering with no files (
e122d2a 
GH-122045) (#122355)

Co-authored-by: Seth Michael Larson <[email protected]>
@hugovk
Copy link
Member

hugovk commented Jul 27, 2024

Merged and backported, thanks!

@hugovk hugovk closed this as completed Jul 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sethmlarson sethmlarson

Labels
type-security A security issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hugovk @sethmlarson @ZeroIntensity @Eclips4