From 60d5ec2ecb004c39b935c5104a5a11485238716e Mon Sep 17 00:00:00 2001
From: behnazh-w <behnaz.hassanshahi@oracle.com>
Date: Wed, 8 Jan 2025 00:11:35 +1000
Subject: [PATCH] chore: check that the OSV vulnerability ID is not None

Signed-off-by: behnazh-w <behnaz.hassanshahi@oracle.com>
---
 .../checks/detect_malicious_metadata_check.py    | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/macaron/slsa_analyzer/checks/detect_malicious_metadata_check.py b/src/macaron/slsa_analyzer/checks/detect_malicious_metadata_check.py
index ce7634ab3..f9c75d64f 100644
--- a/src/macaron/slsa_analyzer/checks/detect_malicious_metadata_check.py
+++ b/src/macaron/slsa_analyzer/checks/detect_malicious_metadata_check.py
@@ -310,15 +310,15 @@ def run_check(self, ctx: AnalyzeContext) -> CheckResultData:
                     logger.debug("Unable to get a valid response from %s: %s", self.osv_query_url, error)
             if res_obj:
                 for vuln in res_obj.get("vulns", {}):
-                    v_id = json_extract(vuln, ["id"], str)
-                    result_tables.append(
-                        MaliciousMetadataFacts(
-                            known_malware=f"https://osv.dev/vulnerability/{v_id}",
-                            result={},
-                            detail_information=vuln,
-                            confidence=Confidence.HIGH,
+                    if v_id := json_extract(vuln, ["id"], str):
+                        result_tables.append(
+                            MaliciousMetadataFacts(
+                                known_malware=f"https://osv.dev/vulnerability/{v_id}",
+                                result={},
+                                detail_information=vuln,
+                                confidence=Confidence.HIGH,
+                            )
                         )
-                    )
                 if result_tables:
                     return CheckResultData(
                         result_tables=result_tables,