diff --git a/internal/fingerprint/fingerprint.go b/internal/fingerprint/fingerprint.go index 1ea72a6b..4bbe837b 100644 --- a/internal/fingerprint/fingerprint.go +++ b/internal/fingerprint/fingerprint.go @@ -4,6 +4,7 @@ import ( "archive/zip" "bufio" "crypto/md5" // #nosec + "errors" "fmt" "io" "log" @@ -162,29 +163,32 @@ func (f *Fingerprinter) FingerprintFiles(rootPath string, exclusions []string) ( } func computeMD5ForFileAndZip(fileInfo os.FileInfo, path string, exclusions []string) ([]FileFingerprint, error) { - fingerprints := []FileFingerprint{} - if !shouldProcessFile(fileInfo, exclusions, path) { - return fingerprints, nil + return nil, nil } - // Scan the contents of compressed files - // such as .jar and .nupkg + var fingerprints []FileFingerprint + + // If the file should be unzipped, try to unzip and fingerprint it if shouldUnzip(path) { fingerprintsZip, err := inMemFingerprintingCompressedContent(path, exclusions) if err != nil { - return nil, err + if errors.Is(err, zip.ErrFormat) { + fmt.Printf("WARNING: Could not unpack and fingerprint contents of compressed file [%s]. Error: %v\n", path, err) + } else { + return nil, err + } } fingerprints = append(fingerprints, fingerprintsZip...) } + + // Compute the MD5 for the file fingerprint, err := computeMD5ForFile(path) if err != nil { return nil, err } - fingerprints = append(fingerprints, fingerprint) - - return fingerprints, nil + return append(fingerprints, fingerprint), nil } func isSymlink(filename string) (bool, error) { diff --git a/internal/fingerprint/fingerprint_test.go b/internal/fingerprint/fingerprint_test.go index 4099d658..01f44cbb 100644 --- a/internal/fingerprint/fingerprint_test.go +++ b/internal/fingerprint/fingerprint_test.go @@ -155,7 +155,7 @@ func TestFingerprintFiles(t *testing.T) { assert.NoError(t, err) assert.NotNil(t, fingerprints) assert.NotEmpty(t, fingerprints) - assert.Equal(t, 1, fingerprints.Len()) + assert.Equal(t, 2, fingerprints.Len()) assert.Equal(t, "file=72214db4e1e543018d1bafe86ea3b444,21,testdata/fingerprinter/testfile.py", fingerprints.Entries[0].ToString()) // Test no file diff --git a/internal/fingerprint/testdata/fingerprinter/wfailing.jar b/internal/fingerprint/testdata/fingerprinter/wfailing.jar new file mode 100644 index 00000000..ac8522fb --- /dev/null +++ b/internal/fingerprint/testdata/fingerprinter/wfailing.jar @@ -0,0 +1 @@ +xxx \ No newline at end of file