Skip to content

Add inline comments to trivy ignore #847

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 18 commits into
base: main
Choose a base branch
from
Draft

Add inline comments to trivy ignore #847

wants to merge 18 commits into from

Conversation

@alithethird
Copy link
Contributor

Overview

Trivy ignore unused was parsing the inline comments wrong and creating false positives for unused ignore lines.

Rationale

Workflow Changes

Checklist

@alithethird alithethird requested a review from a team as a code owner October 10, 2025 11:56
@alithethird alithethird marked this pull request as draft October 14, 2025 12:31
github-actions[bot]
github-actions bot reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

license-eye has checked 115 files.

Valid Invalid Ignored Fixed
26 1 88 0
Click to see the invalid file list
  • yarn.lock
Use this command to fix any missing license headers 
```bash

docker run -it --rm -v $(pwd):/github/workspace apache/skywalking-eyes header fix

</details>

yarn.lock
@@ -0,0 +1,5027 @@
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.

github-actions[bot]
github-actions bot reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

license-eye has checked 115 files.

Valid Invalid Ignored Fixed
26 1 88 0
Click to see the invalid file list
  • yarn.lock
Use this command to fix any missing license headers 
```bash

docker run -it --rm -v $(pwd):/github/workspace apache/skywalking-eyes header fix

</details>

yarn.lock
@@ -0,0 +1,5027 @@
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.

github-actions[bot]
github-actions bot reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

license-eye has checked 115 files.

Valid Invalid Ignored Fixed
26 1 88 0
Click to see the invalid file list
  • yarn.lock
Use this command to fix any missing license headers 
```bash

docker run -it --rm -v $(pwd):/github/workspace apache/skywalking-eyes header fix

</details>

yarn.lock
@@ -0,0 +1,5027 @@
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.

github-actions[bot]
github-actions bot reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

license-eye has checked 115 files.

Valid Invalid Ignored Fixed
26 1 88 0
Click to see the invalid file list
  • yarn.lock
Use this command to fix any missing license headers 
```bash

docker run -it --rm -v $(pwd):/github/workspace apache/skywalking-eyes header fix

</details>

yarn.lock
@@ -0,0 +1,5027 @@
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.

github-actions[bot]
github-actions bot reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

license-eye has checked 115 files.

Valid Invalid Ignored Fixed
26 1 88 0
Click to see the invalid file list
  • yarn.lock
Use this command to fix any missing license headers 
```bash

docker run -it --rm -v $(pwd):/github/workspace apache/skywalking-eyes header fix

</details>

yarn.lock
@@ -0,0 +1,5027 @@
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.

github-actions[bot]
github-actions bot reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

license-eye has checked 115 files.

Valid Invalid Ignored Fixed
26 1 88 0
Click to see the invalid file list
  • yarn.lock
Use this command to fix any missing license headers 
```bash

docker run -it --rm -v $(pwd):/github/workspace apache/skywalking-eyes header fix

</details>

yarn.lock
@@ -0,0 +1,5027 @@
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:49.318654

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:17.890181

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:52.705536

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:19.993661

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:47.021592

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:22.841116

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:03:39.176200

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:49.318654

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:17.890181

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:52.705536

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:19.993661

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:47.021592

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:01:22.841116

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Contributor

Test results for commit 98376c1

Test coverage for 98376c1

Name           Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------
src/charm.py       7      7      0      0     0%   8-23
----------------------------------------------------------
TOTAL              7      7      0      0     0%

Static code analysis report

Run started:2025-10-24 08:03:39.176200

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 52
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@Thanhphan1147 Thanhphan1147 Awaiting requested review from Thanhphan1147 Thanhphan1147 is a code owner automatically assigned from canonical/platform-engineering

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alithethird