chore: fix cve scan when no cve were founds (#380)

petretiandrea · web-flow · commit 08b423c458fa · 2024-01-15T10:21:38.000+01:00
* fix cve scan when no cve was found

* fix cve scan when no cve was found
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -50,7 +50,7 @@ jobs:
           sarif_file: 'results.sarif'
       - name: CVE Description escaped extraction and print
         run: |
-          SCAN_RESULTS=$(jq -r '.runs[0].tool.driver.rules | map(.help.text) | join("\\n")' results.sarif)
+          SCAN_RESULTS=$(jq -r 'try .runs[0].tool.driver.rules | map(.help.text) | join("\\n")' results.sarif)
           echo "CVE_CRITICAL=$(echo $SCAN_RESULTS | grep -o CRITICAL | wc -l)" >> $GITHUB_ENV
           echo "CVE_HIGH=$(echo $SCAN_RESULTS | grep -o HIGH | wc -l)" >> $GITHUB_ENV
           echo "CVE_MEDIUM=$(echo $SCAN_RESULTS | grep -o MEDIUM | wc -l)" >> $GITHUB_ENV
