Merge pull request #64 from Ostorlab/fix/unformatted_technical_descri…

…ption Fix for Hidden Information in Technical Details
Ostorlab · Oct 1, 2024 · 6aa16c4 · 6aa16c4
2 parents e25a95c + 42132c9
commit 6aa16c4
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/agent/osv_output_handler.py b/agent/osv_output_handler.py
@@ -400,7 +400,7 @@ def construct_vuln(
             "## Recommendation\n\n", "Recommendation: "
         )
         if len(vuln.cves) == 0:
-            technical_detail += f"- **Description**:\n```{osv_description}\n```"
+            technical_detail += f"- **Description**:\n```\n{osv_description}\n```"
         else:
             technical_detail += f"- **Description**:\n{osv_description}\n"
 

diff --git a/ostorlab.yaml b/ostorlab.yaml
@@ -1,6 +1,6 @@
 kind: Agent
 name: osv
-version: 0.6.1
+version: 0.6.2
 description: |
   This repository is an implementation of [Ostorlab Agent](https://pypi.org/project/ostorlab/) for the [OSV Scanner](https://github.com/google/osv-scanner).
 license: Apache-2.0

diff --git a/tests/osv_agent_test.py b/tests/osv_agent_test.py
@@ -565,7 +565,7 @@ def testAgentOSV_whenElfLibraryFingerprintMessage_shouldExcludeNpmEcosystemVulnz
     )
     assert agent_mock[0].data["risk_rating"] == "POTENTIALLY"
     assert agent_mock[0].data["technical_detail"] == (
-        """#### Dependency `opencv`:\n- **Version**: `4.9.0`\n- **Description**:\n```- OSV-2022-394 : OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47190\n\n```\nCrash type: Incorrect-function-pointer-type\nCrash state:\ncv::split\ncv::split\nTestSplitAndMerge\n```\n\n- OSV-2023-444 : OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59450\n\n```\nCrash type: Heap-buffer-overflow READ 4\nCrash state:\nopj_jp2_apply_pclr\nopj_jp2_decode\ncv::detail::Jpeg2KOpjDecoderBase::readData\n```\n\n\n```"""
+        """#### Dependency `opencv`:\n- **Version**: `4.9.0`\n- **Description**:\n```\n- OSV-2022-394 : OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47190\n\n```\nCrash type: Incorrect-function-pointer-type\nCrash state:\ncv::split\ncv::split\nTestSplitAndMerge\n```\n\n- OSV-2023-444 : OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59450\n\n```\nCrash type: Heap-buffer-overflow READ 4\nCrash state:\nopj_jp2_apply_pclr\nopj_jp2_decode\ncv::detail::Jpeg2KOpjDecoderBase::readData\n```\n\n\n```"""
     )
     assert agent_mock[0].data["description"] == (
         """Dependency `opencv` with version `4.9.0` has a security issue."""