Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to parse input fileresults.json #14

Open
MatinaStamelakiTR opened this issue Mar 3, 2021 · 8 comments
Open

Failed to parse input fileresults.json #14

MatinaStamelakiTR opened this issue Mar 3, 2021 · 8 comments

Comments

@MatinaStamelakiTR
Copy link

Hi,
When using the Veracode plugin in Github, veracode/veracode-pipeline-scan-results-to-sarif is failing with the error "Failed to parse input fileresults.json" when applied to python project, (no issue for node projects). I found out that for python projects the generated results.json file doesn't contain flaw_match in findings, while for node projects there is flaw_match in findings. bou.ts file that is handling results.json is not taking into account that flaw_match may not be there. Are there any plans for a fix?
@githubrlloyd
Copy link
Contributor

Thanks for the feedback. It looks like the flaw matching in our pipeline scan service doesn't have the hash values for Python, causing this error. We're looking at this and hope to have an update to the pipeline scan service that will address this issue. Will close this issue as soon as we've resolved it.

@ghost
Copy link

ghost commented Dec 28, 2021

Hi @githubrlloyd is there any update to this issue? I've tried to integrate this action with my Python project and facing the same issue. I also tried to use the master version instead of any particular tag and still facing the same.

@brendanlafond
Copy link

Hi all - This isn't a Python related problem. This is happening with 0.1.6 version only. Looks like a flaw in the latest code adding the word "file" prefixing pipeline-results variable. It's happening for my PHP project too, which works with 0.1.5. Interesting note is that it worked without the finding-rule-level variable the first time I ran it.

Working Code:
uses: veracode/[email protected]
with:
pipeline-results-json: results.json
finding-rule-level: "4:3:1"

Failing Code:
uses: veracode/[email protected]
with:
pipeline-results-json: results.json
finding-rule-level: "4:3:1"

Error: Failed to parse input fileresults.json

@gs-scooter
Copy link

I am experiencing this exact issue on the latest version (1.0.5). I'm really stunned that this has not been addressed in over a year and a half. Do we need to downgrade to 0.1.5? Please advise.

@AngelRicardezWGU
Copy link

I'm having this issue with 1.0.5, what happen if i downgrade to 0.1.5? how many new updates i will be loosing? haha, are you planning to do something about this?

@mangesh-sadashiv-yadav-db
Copy link

Can confirm that we are still having the issue .is this already resolved or downgrade is the only option?

@wesco-prathapmotupalli
Copy link

wesco-prathapmotupalli commented Dec 5, 2023
edited
Loading

Only for Python code, veracode/[email protected] and above are still failing to parse input file results.json
we are not able to upgrade veracode-pipeline-scan-results-to-sarif from 0.1.5 to 1.0.6. Kindly fix this issue

@brendanlafond
Copy link

There's a fix for this action to counter the missing flaw_match in v1.0.7.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@githubrlloyd @gs-scooter @MatinaStamelakiTR @brendanlafond @wesco-prathapmotupalli @mangesh-sadashiv-yadav-db @AngelRicardezWGU