chore: check that the OSV vulnerability ID is not None

Signed-off-by: behnazh-w <behnaz.hassanshahi@oracle.com>
oracle · Jan 7, 2025 · 60d5ec2 · 60d5ec2
1 parent 9bdde99
commit 60d5ec2
Showing 1 changed file with 8 additions and 8 deletions.
diff --git a/src/macaron/slsa_analyzer/checks/detect_malicious_metadata_check.py b/src/macaron/slsa_analyzer/checks/detect_malicious_metadata_check.py
@@ -310,15 +310,15 @@ def run_check(self, ctx: AnalyzeContext) -> CheckResultData:
                     logger.debug("Unable to get a valid response from %s: %s", self.osv_query_url, error)
             if res_obj:
                 for vuln in res_obj.get("vulns", {}):
-                    v_id = json_extract(vuln, ["id"], str)
-                    result_tables.append(
-                        MaliciousMetadataFacts(
-                            known_malware=f"https://osv.dev/vulnerability/{v_id}",
-                            result={},
-                            detail_information=vuln,
-                            confidence=Confidence.HIGH,
+                    if v_id := json_extract(vuln, ["id"], str):
+                        result_tables.append(
+                            MaliciousMetadataFacts(
+                                known_malware=f"https://osv.dev/vulnerability/{v_id}",
+                                result={},
+                                detail_information=vuln,
+                                confidence=Confidence.HIGH,
+                            )
                         )
-                    )
                 if result_tables:
                     return CheckResultData(
                         result_tables=result_tables,