Giters

semgrep / semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Home Page:https://semgrep.dev

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

scan with --json option will report "Other syntax error at line NO FILE INFO YET" message when no rules matched

wllxyz opened this issue · comments

commented

Describe the bug
When I scan a code dir without --json option, if no rules run, it ends with no error message.
like this:
$ semgrep scan --config semgrep-rules/generic/secrets ExampleResourceService

┌─────────────┐
│ Scan Status │
└─────────────┘
Scanning 1793 files (only git-tracked) with 223 Code rules:

CODE RULES
Scanning 2298 files with 222 rules.

SUPPLY CHAIN RULES

No rules to run.

PROGRESS

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:06

While I scan a code dir WITH --json option, if no rules run, it ends with error message.
as follows:
$ semgrep scan --config semgrep-rules/generic/secrets --json ExampleResourceService

┌─────────────┐
│ Scan Status │
└─────────────┘
Scanning 1793 files (only git-tracked) with 223 Code rules:

CODE RULES
Scanning 2298 files with 222 rules.

SUPPLY CHAIN RULES

No rules to run.

PROGRESS

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:07
{"errors": [{"code": 2, "level": "warn", "message": "Other syntax error at line NO FILE INFO YET:-1:\n Invalid_argument: index out of bounds", "path": "NO FILE INFO YET", "type": "Other syntax error"}], "paths": {"scanned": []}, "results": [], "skipped_rules": [], "version": "1.68.0"}

To Reproduce
I guess there is some thing wrong with --json format scan result report, when no rules matched to be run.

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
$ semgrep scan --config semgrep-rules/generic/secrets --json ExampleResourceService

┌─────────────┐
│ Scan Status │
└─────────────┘
Scanning 1793 files (only git-tracked) with 223 Code rules:

CODE RULES
Scanning 2298 files with 222 rules.

SUPPLY CHAIN RULES

No rules to run.

PROGRESS

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:07
{"errors": [{"code": 2, "level": "warn", "message": "Other syntax error at line NO FILE INFO YET:-1:\n Invalid_argument: index out of bounds", "path": "NO FILE INFO YET", "type": "Other syntax error"}], "paths": {"scanned": []}, "results": [], "skipped_rules": [], "version": "1.68.0"}
$
$
$ semgrep scan --config semgrep-rules/generic/secrets ExampleResourceService

┌─────────────┐
│ Scan Status │
└─────────────┘
Scanning 1793 files (only git-tracked) with 223 Code rules:

CODE RULES
Scanning 2298 files with 222 rules.

SUPPLY CHAIN RULES

No rules to run.

PROGRESS

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:06

What is the priority of the bug to you?

  • P0: blocking your adoption of Semgrep or workflow
  • P1: important to fix or quite annoying
  • [* ] P2: regular bug that should get fixed

Environment
If not using semgrep.dev: are you running off docker, an official binary, a local build?

Use case
What will fixing this bug enable for you?

commented

Environment: unbuntu semgrep 1.55.0 and 1.86.0 version