Do not fail on empty repositories (#1914)

azeemshaikh38 · azeemsgoogle · web-flow · commit 236b296403d9 · 2022-05-16T00:41:17.000Z
Co-authored-by: Azeem Shaikh &lt;azeems@google.com&gt;
diff --git a/checks/raw/vulnerabilities.go b/checks/raw/vulnerabilities.go
@@ -15,24 +15,21 @@
 package raw
 
 import (
-	"errors"
 	"fmt"
 
 	"github.com/ossf/scorecard/v4/checker"
 	"github.com/ossf/scorecard/v4/clients"
 )
 
-var errNoCommitFound = errors.New("no commit found")
-
 // Vulnerabilities retrieves the raw data for the Vulnerabilities check.
 func Vulnerabilities(c *checker.CheckRequest) (checker.VulnerabilitiesData, error) {
 	commits, err := c.RepoClient.ListCommits()
 	if err != nil {
 		return checker.VulnerabilitiesData{}, fmt.Errorf("repoClient.ListCommits: %w", err)
 	}
 
-	if len(commits) < 1 || commits[0].SHA == "" {
-		return checker.VulnerabilitiesData{}, fmt.Errorf("%w", errNoCommitFound)
+	if len(commits) < 1 || allOf(commits, hasEmptySHA) {
+		return checker.VulnerabilitiesData{}, nil
 	}
 
 	resp, err := c.VulnerabilitiesClient.HasUnfixedVulnerabilities(c.Ctx, commits[0].SHA)
@@ -52,6 +49,21 @@ func Vulnerabilities(c *checker.CheckRequest) (checker.VulnerabilitiesData, erro
 	return checker.VulnerabilitiesData{Vulnerabilities: vulns}, nil
 }
 
+type predicateOnCommitFn func(clients.Commit) bool
+
+var hasEmptySHA predicateOnCommitFn = func(c clients.Commit) bool {
+	return c.SHA == ""
+}
+
+func allOf(commits []clients.Commit, predicate func(clients.Commit) bool) bool {
+	for i := range commits {
+		if !predicate(commits[i]) {
+			return false
+		}
+	}
+	return true
+}
+
 func getVulnerabilities(resp *clients.VulnerabilitiesResponse) []string {
 	ids := make([]string, 0, len(resp.Vulns))
 	for _, vuln := range resp.Vulns {
diff --git a/checks/raw/vulnerabilities_test.go b/checks/raw/vulnerabilities_test.go
@@ -54,8 +54,8 @@ func TestVulnerabilities(t *testing.T) {
 			vulnsResponse: clients.VulnerabilitiesResponse{},
 		},
 		{
-			name:            "err response",
-			wantErr:         true,
+			name:            "no commits",
+			wantErr:         false,
 			numberofCommits: 0,
 			vulnsResponse:   clients.VulnerabilitiesResponse{},
 		},
diff --git a/cron/format/json.go b/cron/format/json.go
@@ -93,7 +93,7 @@ func AsJSON(r *pkg.ScorecardResult, showDetails bool, logLevel log.Level, writer
 		Metadata: r.Metadata,
 	}
 
-	//nolint
+	
 	for _, checkResult := range r.Checks {
 		tmpResult := jsonCheckResult{
 			Name: checkResult.Name,
@@ -142,7 +142,7 @@ func AsJSON2(r *pkg.ScorecardResult, showDetails bool,
 		AggregateScore: jsonFloatScore(score),
 	}
 
-	//nolint
+	
 	for _, checkResult := range r.Checks {
 		doc, e := checkDocs.GetCheck(checkResult.Name)
 		if e != nil {
