updates

ossf · Jun 1, 2022 · bbba06a · bbba06a
1 parent b10e454
commit bbba06a
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 23 deletions.
diff --git a/checks/evaluation/pinned_dependencies.go b/checks/evaluation/pinned_dependencies.go
@@ -121,21 +121,14 @@ func PinningDependencies(name string, dl checker.DetailLogger,
 		return checker.CreateRuntimeErrorResult(name, err)
 	}
 
-	// Action script downloads.
-	actionScriptScore, err := createReturnForIsGitHubWorkflowScriptFreeOfInsecureDownloads(pr, dl)
-	if err != nil {
-		return checker.CreateRuntimeErrorResult(name, err)
-	}
-
 	// Scores may be inconclusive.
 	actionScore = maxScore(0, actionScore)
 	dockerFromScore = maxScore(0, dockerFromScore)
 	dockerDownloadScore = maxScore(0, dockerDownloadScore)
 	scriptScore = maxScore(0, scriptScore)
-	actionScriptScore = maxScore(0, actionScriptScore)
 
 	score := checker.AggregateScores(actionScore, dockerFromScore,
-		dockerDownloadScore, scriptScore, actionScriptScore)
+		dockerDownloadScore, scriptScore)
 
 	if score == checker.MaxResultScore {
 		return checker.CreateMaxScoreResult(name, "all dependencies are pinned")
@@ -234,15 +227,6 @@ func addWorkflowPinnedResult(w *worklowPinningResult, to, isGitHub bool) {
 	}
 }
 
-// Create the result for scripts in GH workflows.
-func createReturnForIsGitHubWorkflowScriptFreeOfInsecureDownloads(pr map[checker.DependencyUseType]pinnedResult,
-	dl checker.DetailLogger,
-) (int, error) {
-	return createReturnValues(pr, checker.DependencyUseTypeDownloadThenRun,
-		"no insecure (not pinned by hash) dependency downloads found in GitHub workflows",
-		dl)
-}
-
 // Create the result for scripts.
 func createReturnForIsShellScriptFreeOfInsecureDownloads(pr map[checker.DependencyUseType]pinnedResult,
 	dl checker.DetailLogger,

diff --git a/e2e/pinned_dependencies_test.go b/e2e/pinned_dependencies_test.go
@@ -50,9 +50,9 @@ var _ = Describe("E2E TEST:"+checks.CheckPinnedDependencies, func() {
 			}
 			expected := scut.TestReturn{
 				Error:         nil,
-				Score:         3,
+				Score:         2,
 				NumberOfWarn:  139,
-				NumberOfInfo:  2,
+				NumberOfInfo:  1,
 				NumberOfDebug: 0,
 			}
 			result := checks.PinningDependencies(&req)
@@ -75,9 +75,9 @@ var _ = Describe("E2E TEST:"+checks.CheckPinnedDependencies, func() {
 			}
 			expected := scut.TestReturn{
 				Error:         nil,
-				Score:         3,
+				Score:         2,
 				NumberOfWarn:  139,
-				NumberOfInfo:  2,
+				NumberOfInfo:  1,
 				NumberOfDebug: 0,
 			}
 			result := checks.PinningDependencies(&req)
@@ -111,9 +111,9 @@ var _ = Describe("E2E TEST:"+checks.CheckPinnedDependencies, func() {
 			}
 			expected := scut.TestReturn{
 				Error:         nil,
-				Score:         3,
+				Score:         2,
 				NumberOfWarn:  139,
-				NumberOfInfo:  2,
+				NumberOfInfo:  1,
 				NumberOfDebug: 0,
 			}
 			result := checks.PinningDependencies(&req)