fix(output): ensure that vulnerabilities are sorted by ID across groups in table output #1598
Conversation
G-Rath
force-pushed
the
consistent-sort2
branch
from
2dbde28 to
f710b63
Compare
| @@ -207,6 +209,11 @@ func tableBuilderInner(vulnResult *models.VulnerabilityResults, calledVulns bool | |||
| source.Path = sourcePath | |||
| } | |||
|
|
|||
| // Ensure that groups are sorted consistently using the first ID in each group | |||
| slices.SortFunc(pkg.Groups, func(a, b models.GroupInfo) int { | |||
There was a problem hiding this comment.
note that this is actually modifying the value of pkg.Groups on the struct, which applies outside of this function - I actually thought Go didn't work like this, but apparently it does.
I have somewhat mixed feelings about doing it, as generally this is considered bad practice (especially as it's not obvious), but it saves us a few lines of code + a variable, and any bug that it causes I would expect to be because whatever is being impacted should itself be doing a sort if it cares about the order...
There was a problem hiding this comment.
I think the best approach here is probably to replace everything with Output/Result, which is already sorted and contains all the data we need to display (even extras). I should probably update it for consistency (since container scanning result uses Output/Result).
There was a problem hiding this comment.
I've had an initial go at this over in #1609 which seemed promising but still has some work to go, so I'd like to land this PR in the short-term if that's ok as it greatly reduces the noise in some of the other work I'm doing with the test suite
There was a problem hiding this comment.
Should this sorting be done for the VulnerabilityResults rather than in the output?
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1598 +/- ##
=======================================
Coverage 64.59% 64.60%
=======================================
Files 156 156
Lines 16011 16014 +3
=======================================
+ Hits 10343 10346 +3
Misses 4986 4986
Partials 682 682 ☔ View full report in Codecov by Sentry. |
G-Rath
force-pushed
the
consistent-sort2
branch
2 times, most recently
from
5c75853 to
fe32229
Compare
G-Rath
force-pushed
the
consistent-sort2
branch
from
fe32229 to
449269c
Compare
|
Hmm looks like the merge I did didn't work, need to run go formatter on it. |
G-Rath
force-pushed
the
consistent-sort2
branch
from
ed7c9f4 to
8400000
Compare
While prototyping some changes to help with #1567, I discovered that the table output format is not explicitly sorting vulnerabilities across their groups, meaning we're assumingly using the order that the API gives us, and means our current output does not actually follow a predictable order.
To address this, I've modified the table outputter to sort vulnerability groups by the first ID in each group as a group by definition will always have at least one ID and the first ID should be the one primary one since we already sort ids within each group as part of building the general results