Skip to content

Commit

Permalink
fix: flake8 and codeql tweaks
Browse files Browse the repository at this point in the history
  • Loading branch information
@terriko
terriko authored Oct 24, 2023
1 parent 5772d60 commit 876ecc7
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions cve_bin_tool/data_sources/osv_source.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -302,7 +302,7 @@ def format_data(self, all_cve_entries):
"unknown"
) # OSV Schema does not provide vendor names for packages

if "github.com/" in product:
if product.startswith("github.com/"):

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization High

The string
github.com/
Loading
may be at an arbitrary position in the sanitized URL.
vendor = product.split("/")[-2]
product = product.split("/")[-1]

Expand Down Expand Up @@ -356,7 +356,6 @@ def format_data(self, all_cve_entries):

return severity_data, affected_data


async def get_cve_data(self):
await self.update_ecosystems()

Expand Down

0 comments on commit 876ecc7

Please sign in to comment.