Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Correctly calculate statistics when running scans #649

Merged
merged 2 commits into from
Nov 19, 2024
Merged

Correctly calculate statistics when running scans #649

merged 2 commits into from
Nov 19, 2024

Conversation

egibs
Copy link
Member

@egibs egibs commented Nov 19, 2024

Addresses #648

Running a scan would drop any file report whose risk was < HIGH. This threw off --stats since we'd only calculate the percentage of critical and high risks from the number of file reports matching those severities.

This PR tweaks the report and statistics logic so that we have the same number of files that analyze would have.

Example:

$ go run cmd/mal/mal.go --stats scan ./out/chainguard-dev/malcontent-samples/python/
...
📊 Statistics
---
Files Scanned   89 (48 skipped)
Total Risks     41
---
⚠️  Risk Level Percentage
---
Risk Level    Percentage Count/Total
4/CRIT            39.33% 35/89
3/HIGH             6.74% 6/89
---
Number of behaviors         72
...

Files Scanned matches what analyze sees:

$ go run cmd/mal/mal.go --stats analyze ./out/chainguard-dev/malcontent-samples/python/
📊 Statistics
---
Files Scanned   89 (0 skipped)
Total Risks     89
---
⚠️  Risk Level Percentage
---
Risk Level    Percentage Count/Total
2/MED             44.94% 40/89
4/CRIT            39.33% 35/89
1/LOW              8.99% 8/89
3/HIGH             6.74% 6/89
---
Number of behaviors        962
...

egibs
egibs commented Nov 19, 2024
View reviewed changes
pkg/render/stats.go
}

func pkgStatistics(files *sync.Map) ([]malcontent.StrMetric, int, int) {
func pkgStatistics(_ *malcontent.Config, files *sync.Map) ([]malcontent.StrMetric, int, int) {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left this here for future use.

@egibs egibs merged commit 5855d35 into chainguard-dev:main Nov 19, 2024
8 checks passed
@egibs egibs deleted the fix-scan-stats branch November 20, 2024 17:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tstromberg tstromberg tstromberg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@egibs @tstromberg