New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BUG: remove recurring fuzzer in Fuzzing results #2060
Comments
np, i think this bug was introduced by me in the early fuzzing pr :/ |
In the fuzzer recording for-loop in func raw.checkFuzzFunc, fuzzers of each programming language will be reported only once along with its files (indicating those fuzzer positions) when the returned I also pulled the latest scorecard commit and ran the CLI It is expected to return a single GoBuildInFuzzer along with multiple fuzzer entries - and the result seems fine. Here's the result: {
"date": "2022-07-15",
"repo": {
"name": "github.com/ossf-tests/scorecard-check-fuzzing-golang",
"commit": "57388033a028da894848b74816dcc0d6fcdc8a7a"
},
"scorecard": {
"version": "(devel)",
"commit": "unknown"
},
"score": 10,
"checks": [
{
"details": [
"Info: func FuzzReverse1(f *testing.F): reverse_test.go:24",
"Info: func FuzzReverse2(f *testing.F): reverse_test.go:41"
],
"score": 10,
"reason": "project is fuzzed with [GoBuiltInFuzzer]",
"name": "Fuzzing",
"documentation": {
"url": "https://github.com/ossf/scorecard/blob/main/docs/checks.md#fuzzing",
"short": "Determines if the project uses fuzzing."
}
}
],
"metadata": null
}
|
maybe the curl results above is using an older version then? Hers's what it shows:
A giant array of |
Ah, there's a hell lot of go fuzzers :/ I don't know which version it uses, but I haven't modified the main logic of A possible reason might be the |
Closing this issue because the scorecard LCI does not have this problem, so it must be in the way the data was dumped. Thanks @aidenwang9867 for checking! |
Awesome! Thank you for bringing this issue up, but I'm still kind of suspicious on whether the GitHub List Langs API will give us duplicated language entries. |
see
curl -s https://ossfscorecard.dev/v2/github.com/ossf/scorecard/result.json | jq
We need to show a single
GoBuiltInFuzzer
.@aidenwang9867 assigning to you.
The text was updated successfully, but these errors were encountered: