MCPcopy Index your code
hub / github.com/jetify-com/devbox / IsExitErrorInsecurePackage

Function IsExitErrorInsecurePackage

internal/nix/nix.go:171–203  ·  view source on GitHub ↗
(err error, pkgNameOrEmpty, installableOrEmpty string)

Source from the content-addressed store, hash-verified

169}
170
171func IsExitErrorInsecurePackage(err error, pkgNameOrEmpty, installableOrEmpty string) (bool, error) {
172 var exitErr *exec.ExitError
173 if errors.As(err, &exitErr) && exitErr.ExitCode() == 1 {
174 if strings.Contains(string(exitErr.Stderr), "is marked as insecure") {
175 packageRegex := regexp.MustCompile(`Package ([^ ]+)`)
176 packageMatch := packageRegex.FindStringSubmatch(string(exitErr.Stderr))
177
178 knownVulnerabilities := []string{}
179 if installableOrEmpty != "" {
180 knownVulnerabilities = PackageKnownVulnerabilities(installableOrEmpty)
181 }
182
183 insecurePackages := parseInsecurePackagesFromExitError(string(exitErr.Stderr))
184
185 // Construct the error message.
186 errMessages := []string{}
187 errMessages = append(errMessages, fmt.Sprintf("Package %s is insecure.", packageMatch[1]))
188 if len(knownVulnerabilities) > 0 {
189 errMessages = append(errMessages,
190 fmt.Sprintf("Known vulnerabilities:\n%s", strings.Join(knownVulnerabilities, "\n")))
191 }
192 pkgName := pkgNameOrEmpty
193 if pkgName == "" {
194 pkgName = "<pkg>"
195 }
196 errMessages = append(errMessages,
197 fmt.Sprintf("To override, use `devbox add %s --allow-insecure=%s`", pkgName, strings.Join(insecurePackages, ", ")))
198
199 return true, usererr.New("%s", strings.Join(errMessages, "\n\n"))
200 }
201 }
202 return false, nil
203}
204
205func parseInsecurePackagesFromExitError(errorMsg string) []string {
206 insecurePackages := []string{}

Callers 2

PrintDevEnvMethod · 0.85

Calls 3

NewFunction · 0.92

Tested by

no test coverage detected