Drop noop alerts

Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
mindersec · May 10, 2024 · d646e0d · d646e0d
1 parent c9577e8
commit d646e0d
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 9 deletions.
diff --git a/internal/engine/eval/trusty/actions.go b/internal/engine/eval/trusty/actions.go
@@ -32,9 +32,6 @@ import (
 )
 
 const (
-	// nolint:lll
-	noLowScoresText = "Minder analyzed the changes in this pull request with <a href=\"https://www.trustypkg.dev/\">Trusty</a> and found no dependencies scored lower than your profile threshold."
-
 	// nolint:lll
 	commentTemplate = `{{- if .Malicious -}}
 ### ⚠️ MALICIOUS PACKAGES ⚠️
@@ -162,6 +159,10 @@ func (sph *summaryPrHandler) trackAlternatives(
 }
 
 func (sph *summaryPrHandler) submit(ctx context.Context) error {
+	if len(sph.trackedAlternatives) == 0 {
+		return nil
+	}
+
 	summary, err := sph.generateSummary()
 	if err != nil {
 		return fmt.Errorf("could not generate summary: %w", err)
@@ -176,11 +177,6 @@ func (sph *summaryPrHandler) submit(ctx context.Context) error {
 }
 
 func (sph *summaryPrHandler) generateSummary() (string, error) {
-	if len(sph.trackedAlternatives) == 0 {
-		var summary strings.Builder
-		summary.WriteString(noLowScoresText)
-		return summary.String(), nil
-	}
 	var malicious = []maliciousTemplateData{}
 	var lowScorePackages = map[string]templatePackage{}
 

diff --git a/internal/engine/eval/trusty/trusty.go b/internal/engine/eval/trusty/trusty.go
@@ -106,8 +106,12 @@ func (e *Evaluator) Eval(ctx context.Context, pol map[string]any, res *engif.Res
 		}
 	}
 
+	// If there are no problematic dependencies, return here
+	if len(prSummaryHandler.trackedAlternatives) == 0 {
+		return nil
+	}
+
 	if err := submitSummary(ctx, prSummaryHandler); err != nil {
-		logger.Err(err)
 		return fmt.Errorf("submitting pull request summary: %w", err)
 	}