Skip to content

Update kics from v1.7.3 to v1.7.4

Devin Christensen requested to merge quixoten/kics:quixoten-main-patch-29014 into main

What does this MR do?

KICS v1.7.3 fails to scan an argo repo with the following error: 
panic: interface conversion: interface {} is string, not yaml.Node

goroutine 1450 [running]:
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).resolveYamlPath(0xc0059d12e8, {0xc0016ed140, 0x3a, 0x0?}, 0x0?, 0xc004e1fea0, {0xc001b09420, 0x1e}, 0x0, 0xc0059d12b8, ...)
	/app/pkg/resolver/file/file.go:246 +0xb58
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlWalk(0xc0059d12e8?, {0xc0016ed140, 0x3a, 0x40}, 0x1?, 0xc004e1fea0, {0xc001b09420, 0x1e}, 0x0?, 0xc0059d12b8, ...)
	/app/pkg/resolver/file/file.go:155 +0x17a
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlWalk(0xc0059d0b48?, {0xc0016ed140, 0x3a, 0x40}, 0x663905?, 0xc004e1fe00, {0xc001b09420, 0x1e}, 0xf?, 0xc0059d12b8, ...)
	/app/pkg/resolver/file/file.go:164 +0x3bf
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlWalk(0x271e360?, {0xc0016ed140, 0x3a, 0x40}, 0xc0059d0de0?, 0xc004e1fa40, {0xc001b09420, 0x1e}, 0xc0059d0d98?, 0xc0059d12b8, ...)
	/app/pkg/resolver/file/file.go:164 +0x3bf
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlWalk(0xc001eba8f0?, {0xc0016ed140, 0x3a, 0x40}, 0x0?, 0xc004e1f900, {0xc001b09420, 0x1e}, 0xc001eba8f0?, 0xc0059d12b8, ...)
	/app/pkg/resolver/file/file.go:164 +0x3bf
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).yamlResolve(0xc0059d12e8, {0xc0016ed140, 0x3a, 0x40}, {0xc001b09420, 0x1e}, 0xc004d7ae10?, 0x0?)
	/app/pkg/resolver/file/file.go:129 +0x18c
github.com/Checkmarx/kics/pkg/resolver/file.(*Resolver).Resolve(0xc0059d12e8, {0xc0016ed140, 0x3a, 0x40}, {0xc001b09420, 0x1e}, 0x47957e?, 0x1?)
	/app/pkg/resolver/file/file.go:50 +0x2a9
github.com/Checkmarx/kics/pkg/parser/yaml.(*Parser).Resolve(0xc00170c3d8, {0xc0016ed140, 0x3a, 0x40}, {0xc001b09420, 0x1e})
	/app/pkg/parser/yaml/parser.go:25 +0x185
github.com/Checkmarx/kics/pkg/parser.(*Parser).Parse(0xc000e8e150, {0xc001b09420, 0x1e}, {0xc0016ed140, 0x3a, 0x40})
	/app/pkg/parser/parser.go:124 +0x13a
github.com/Checkmarx/kics/pkg/kics.(*Service).sink(0xc0003be0e0, {0x2e349a0, 0xc000058030}, {0xc001b09420, 0x1e}, {0x27dbdc4, 0x7}, {0x2e17a80, 0xc0005371f8}, {0xc0018bc000, ...})
	/app/pkg/kics/sink.go:44 +0x20e
github.com/Checkmarx/kics/pkg/kics.(*Service).PrepareSources.func1({0x2e349a0, 0xc000058030}, {0xc001b09420, 0x1e}, {0x2e22cd0?, 0xc0005371f8})
	/app/pkg/kics/service.go:72 +0x107
github.com/Checkmarx/kics/pkg/engine/provider.(*FileSystemSourceProvider).walkDir.func1({0xc001b09420, 0x1e}, {0x2e3c100, 0xc004cb0750}, {0x0?, 0x0?})
	/app/pkg/engine/provider/filesystem.go:184 +0x539
path/filepath.walk({0xc001b09420, 0x1e}, {0x2e3c100, 0xc004cb0750}, 0xc0059d1e18)
	/usr/local/go/src/path/filepath/path.go:480 +0x116
path/filepath.walk({0xc005346ec0, 0xb}, {0x2e3c100, 0xc004cb04e0}, 0xc0059d1e18)
	/usr/local/go/src/path/filepath/path.go:504 +0x26f
path/filepath.walk({0xc000eac3f0, 0x5}, {0x2e3c100, 0xc0016240d0}, 0xc0059d1e18)
	/usr/local/go/src/path/filepath/path.go:504 +0x26f
path/filepath.Walk({0xc000eac3f0, 0x5}, 0xc00234fe18)
	/usr/local/go/src/path/filepath/path.go:571 +0x6c
github.com/Checkmarx/kics/pkg/engine/provider.(*FileSystemSourceProvider).walkDir(0xc000eac3f0?, {0x2e349a0?, 0xc000058030?}, {0xc000eac3f0?, 0x20?}, 0x1, 0x10000406551?, 0x7f6022b0ba08?, 0x7f604a0c0f18?)
	/app/pkg/engine/provider/filesystem.go:146 +0x91
github.com/Checkmarx/kics/pkg/engine/provider.(*FileSystemSourceProvider).GetSources(0xc00137ca80, {0x2e349a0, 0xc000058030}, 0x469e47?, 0xc001684040, 0x0?)
	/app/pkg/engine/provider/filesystem.go:135 +0x1ed
github.com/Checkmarx/kics/pkg/kics.(*Service).PrepareSources(0xc0003be0e0, {0x2e349a0, 0xc000058030}, {0x27dbdc4, 0x7}, 0xc0012e65a0?, 0xc0014777a8?)
	/app/pkg/kics/service.go:68 +0x207
created by github.com/Checkmarx/kics/pkg/scanner.PrepareAndScan
	/app/pkg/scanner/scanner.go:24 +0xe7

The scan runs successfully with v1.7.4

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports