From fae15356c35bc61ee1bbca69f67e70339b0a7c2c Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Sun, 14 Aug 2022 16:20:17 +0300 Subject: [PATCH 1/4] revert class changes --- integration/client_server_test.go | 8 ++-- integration/testdata/almalinux-8.json.golden | 2 +- .../testdata/alpine-310-registry.json.golden | 20 ++++---- integration/testdata/alpine-310.json.golden | 2 +- .../alpine-39-high-critical.json.golden | 2 +- .../alpine-39-ignore-cveids.json.golden | 2 +- integration/testdata/alpine-39.json.golden | 2 +- .../testdata/alpine-distroless.json.golden | 2 +- integration/testdata/amazon-1.json.golden | 2 +- integration/testdata/amazon-2.json.golden | 2 +- .../busybox-with-lockfile.json.golden | 2 +- integration/testdata/centos-6.json.golden | 2 +- .../testdata/centos-7-cyclonedx.json.golden | 2 +- .../centos-7-ignore-unfixed.json.golden | 2 +- .../testdata/centos-7-medium.json.golden | 2 +- integration/testdata/centos-7.json.golden | 2 +- .../debian-buster-ignore-unfixed.json.golden | 2 +- .../testdata/debian-buster.json.golden | 2 +- .../testdata/debian-stretch.json.golden | 2 +- .../testdata/distroless-base.json.golden | 2 +- .../testdata/distroless-python27.json.golden | 2 +- integration/testdata/fluentd-gems.json.golden | 4 +- ...d-multiple-lockfiles-cyclonedx.json.golden | 2 +- integration/testdata/gomod.json.golden | 6 +-- integration/testdata/mariner-1.0.json.golden | 2 +- integration/testdata/nodejs.json.golden | 2 +- .../testdata/opensuse-leap-151.json.golden | 2 +- .../testdata/oraclelinux-8.json.golden | 2 +- integration/testdata/photon-30.json.golden | 2 +- integration/testdata/pip.json.golden | 7 +-- integration/testdata/pnpm.json.golden | 14 +++++- integration/testdata/pom.json.golden | 2 +- integration/testdata/rockylinux-8.json.golden | 2 +- integration/testdata/ubi-7.json.golden | 2 +- .../ubuntu-1804-ignore-unfixed.json.golden | 2 +- integration/testdata/ubuntu-1804.json.golden | 2 +- pkg/report/sarif.go | 4 +- pkg/report/sarif_test.go | 2 +- pkg/report/table/table.go | 17 ++----- pkg/report/table/table_test.go | 13 ++--- pkg/report/table/vulnerability.go | 14 ++---- pkg/sbom/cyclonedx/marshal.go | 2 +- pkg/sbom/cyclonedx/marshal_test.go | 9 +--- pkg/scanner/local/scan.go | 28 +++++++++-- pkg/scanner/local/scan_test.go | 48 ++++++++----------- pkg/types/report.go | 14 +++--- 46 files changed, 130 insertions(+), 140 deletions(-) diff --git a/integration/client_server_test.go b/integration/client_server_test.go index 08fa0334a6ad..dc5cb2deb511 100644 --- a/integration/client_server_test.go +++ b/integration/client_server_test.go @@ -12,6 +12,8 @@ import ( "testing" "time" + "github.com/samber/lo" + cdx "github.com/CycloneDX/cyclonedx-go" "github.com/docker/go-connections/nat" "github.com/stretchr/testify/assert" @@ -399,10 +401,10 @@ func TestClientServerWithCycloneDX(t *testing.T) { err = json.NewDecoder(f).Decode(&got) require.NoError(t, err) - assert.EqualValues(t, tt.wantComponentsCount, len(*got.Components)) - assert.EqualValues(t, tt.wantDependenciesCount, len(*got.Dependencies)) + assert.EqualValues(t, tt.wantComponentsCount, len(lo.FromPtr(got.Components))) + assert.EqualValues(t, tt.wantDependenciesCount, len(lo.FromPtr(got.Dependencies))) for i, dep := range *got.Dependencies { - assert.EqualValues(t, tt.wantDependsOnCount[i], len(*dep.Dependencies)) + assert.EqualValues(t, tt.wantDependsOnCount[i], len(lo.FromPtr(dep.Dependencies))) } }) } diff --git a/integration/testdata/almalinux-8.json.golden b/integration/testdata/almalinux-8.json.golden index 301616ef7c4c..22fd2acee99c 100644 --- a/integration/testdata/almalinux-8.json.golden +++ b/integration/testdata/almalinux-8.json.golden @@ -48,7 +48,7 @@ "Results": [ { "Target": "testdata/fixtures/images/almalinux-8.tar.gz (alma 8.5)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "alma", "Vulnerabilities": [ { diff --git a/integration/testdata/alpine-310-registry.json.golden b/integration/testdata/alpine-310-registry.json.golden index 3c0b1b4e41be..23d6544d3ae1 100644 --- a/integration/testdata/alpine-310-registry.json.golden +++ b/integration/testdata/alpine-310-registry.json.golden @@ -1,6 +1,6 @@ { "SchemaVersion": 2, - "ArtifactName": "localhost:63577/alpine:3.10", + "ArtifactName": "localhost:57584/alpine:3.10", "ArtifactType": "container_image", "Metadata": { "OS": { @@ -13,10 +13,10 @@ "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" ], "RepoTags": [ - "localhost:63577/alpine:3.10" + "localhost:57584/alpine:3.10" ], "RepoDigests": [ - "localhost:63577/alpine@sha256:d9b1a0d4fab413443a22e550cb8720de487295cebca3f9b2fcbf8882192a9bf9" + "localhost:57584/alpine@sha256:b1c5a500182b21d0bfa5a584a8526b56d8be316f89e87d951be04abed2446e60" ], "ImageConfig": { "architecture": "amd64", @@ -55,8 +55,8 @@ }, "Results": [ { - "Target": "localhost:63577/alpine:3.10 (alpine 3.10.2)", - "Class": "vuln-os-pkgs", + "Target": "localhost:57584/alpine:3.10 (alpine 3.10.2)", + "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ { @@ -65,7 +65,7 @@ "InstalledVersion": "1.1.1c-r0", "FixedVersion": "1.1.1d-r0", "Layer": { - "Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9", + "Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609", "DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" }, "SeveritySource": "nvd", @@ -124,7 +124,7 @@ "InstalledVersion": "1.1.1c-r0", "FixedVersion": "1.1.1d-r2", "Layer": { - "Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9", + "Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609", "DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" }, "SeveritySource": "nvd", @@ -193,7 +193,7 @@ "InstalledVersion": "1.1.1c-r0", "FixedVersion": "1.1.1d-r0", "Layer": { - "Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9", + "Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609", "DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" }, "SeveritySource": "nvd", @@ -252,7 +252,7 @@ "InstalledVersion": "1.1.1c-r0", "FixedVersion": "1.1.1d-r2", "Layer": { - "Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9", + "Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609", "DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" }, "SeveritySource": "nvd", @@ -318,4 +318,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/integration/testdata/alpine-310.json.golden b/integration/testdata/alpine-310.json.golden index 929cd22344d2..3be3ef522861 100644 --- a/integration/testdata/alpine-310.json.golden +++ b/integration/testdata/alpine-310.json.golden @@ -50,7 +50,7 @@ "Results": [ { "Target": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ { diff --git a/integration/testdata/alpine-39-high-critical.json.golden b/integration/testdata/alpine-39-high-critical.json.golden index 0d37ac28de96..9d201ded770f 100644 --- a/integration/testdata/alpine-39-high-critical.json.golden +++ b/integration/testdata/alpine-39-high-critical.json.golden @@ -50,7 +50,7 @@ "Results": [ { "Target": "testdata/fixtures/images/alpine-39.tar.gz (alpine 3.9.4)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ { diff --git a/integration/testdata/alpine-39-ignore-cveids.json.golden b/integration/testdata/alpine-39-ignore-cveids.json.golden index adafbd06cb8f..0c827332a6cb 100644 --- a/integration/testdata/alpine-39-ignore-cveids.json.golden +++ b/integration/testdata/alpine-39-ignore-cveids.json.golden @@ -50,7 +50,7 @@ "Results": [ { "Target": "testdata/fixtures/images/alpine-39.tar.gz (alpine 3.9.4)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ { diff --git a/integration/testdata/alpine-39.json.golden b/integration/testdata/alpine-39.json.golden index a65b8a1c1544..2a79fe6ec837 100644 --- a/integration/testdata/alpine-39.json.golden +++ b/integration/testdata/alpine-39.json.golden @@ -50,7 +50,7 @@ "Results": [ { "Target": "testdata/fixtures/images/alpine-39.tar.gz (alpine 3.9.4)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ { diff --git a/integration/testdata/alpine-distroless.json.golden b/integration/testdata/alpine-distroless.json.golden index 32b908cca89b..7e2b5826d668 100644 --- a/integration/testdata/alpine-distroless.json.golden +++ b/integration/testdata/alpine-distroless.json.golden @@ -45,7 +45,7 @@ "Results": [ { "Target": "testdata/fixtures/images/alpine-distroless.tar.gz (alpine 3.16)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ { diff --git a/integration/testdata/amazon-1.json.golden b/integration/testdata/amazon-1.json.golden index 3f818a84f68f..3dbc73fed4b1 100644 --- a/integration/testdata/amazon-1.json.golden +++ b/integration/testdata/amazon-1.json.golden @@ -49,7 +49,7 @@ "Results": [ { "Target": "testdata/fixtures/images/amazon-1.tar.gz (amazon AMI release 2018.03)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "amazon", "Vulnerabilities": [ { diff --git a/integration/testdata/amazon-2.json.golden b/integration/testdata/amazon-2.json.golden index 7bde5affcdda..8a809c9daf86 100644 --- a/integration/testdata/amazon-2.json.golden +++ b/integration/testdata/amazon-2.json.golden @@ -49,7 +49,7 @@ "Results": [ { "Target": "testdata/fixtures/images/amazon-2.tar.gz (amazon 2 (Karoo))", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "amazon", "Vulnerabilities": [ { diff --git a/integration/testdata/busybox-with-lockfile.json.golden b/integration/testdata/busybox-with-lockfile.json.golden index e189d61e02a0..6c07a60bae49 100644 --- a/integration/testdata/busybox-with-lockfile.json.golden +++ b/integration/testdata/busybox-with-lockfile.json.golden @@ -49,7 +49,7 @@ "Results": [ { "Target": "Cargo.lock", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "cargo", "Vulnerabilities": [ { diff --git a/integration/testdata/centos-6.json.golden b/integration/testdata/centos-6.json.golden index 4f8879b624a2..287a56247ff6 100644 --- a/integration/testdata/centos-6.json.golden +++ b/integration/testdata/centos-6.json.golden @@ -71,7 +71,7 @@ "Results": [ { "Target": "testdata/fixtures/images/centos-6.tar.gz (centos 6.10)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "centos", "Vulnerabilities": [ { diff --git a/integration/testdata/centos-7-cyclonedx.json.golden b/integration/testdata/centos-7-cyclonedx.json.golden index 30d2f12fc8e6..50742bc4a52e 100644 --- a/integration/testdata/centos-7-cyclonedx.json.golden +++ b/integration/testdata/centos-7-cyclonedx.json.golden @@ -3,7 +3,7 @@ "specVersion": "1.4", "version": 1, "metadata": { - "timestamp": "2022-07-03T08:45:54+00:00", + "timestamp": "2022-08-14T12:39:11+00:00", "tools": [ { "vendor": "aquasecurity", diff --git a/integration/testdata/centos-7-ignore-unfixed.json.golden b/integration/testdata/centos-7-ignore-unfixed.json.golden index 2449617198cc..75eb95d4ef74 100644 --- a/integration/testdata/centos-7-ignore-unfixed.json.golden +++ b/integration/testdata/centos-7-ignore-unfixed.json.golden @@ -61,7 +61,7 @@ "Results": [ { "Target": "testdata/fixtures/images/centos-7.tar.gz (centos 7.6.1810)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "centos", "Vulnerabilities": [ { diff --git a/integration/testdata/centos-7-medium.json.golden b/integration/testdata/centos-7-medium.json.golden index 3e4aa851862a..06666c40a7dc 100644 --- a/integration/testdata/centos-7-medium.json.golden +++ b/integration/testdata/centos-7-medium.json.golden @@ -61,7 +61,7 @@ "Results": [ { "Target": "testdata/fixtures/images/centos-7.tar.gz (centos 7.6.1810)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "centos", "Vulnerabilities": [ { diff --git a/integration/testdata/centos-7.json.golden b/integration/testdata/centos-7.json.golden index 6de25677b906..f705fe781447 100644 --- a/integration/testdata/centos-7.json.golden +++ b/integration/testdata/centos-7.json.golden @@ -61,7 +61,7 @@ "Results": [ { "Target": "testdata/fixtures/images/centos-7.tar.gz (centos 7.6.1810)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "centos", "Vulnerabilities": [ { diff --git a/integration/testdata/debian-buster-ignore-unfixed.json.golden b/integration/testdata/debian-buster-ignore-unfixed.json.golden index 04741eba06d1..20cba9ed33b9 100644 --- a/integration/testdata/debian-buster-ignore-unfixed.json.golden +++ b/integration/testdata/debian-buster-ignore-unfixed.json.golden @@ -49,7 +49,7 @@ "Results": [ { "Target": "testdata/fixtures/images/debian-buster.tar.gz (debian 10.1)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "debian", "Vulnerabilities": [ { diff --git a/integration/testdata/debian-buster.json.golden b/integration/testdata/debian-buster.json.golden index 31c3064a0865..bf33931bd537 100644 --- a/integration/testdata/debian-buster.json.golden +++ b/integration/testdata/debian-buster.json.golden @@ -49,7 +49,7 @@ "Results": [ { "Target": "testdata/fixtures/images/debian-buster.tar.gz (debian 10.1)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "debian", "Vulnerabilities": [ { diff --git a/integration/testdata/debian-stretch.json.golden b/integration/testdata/debian-stretch.json.golden index e6f8cc383ad7..5167adddfacc 100644 --- a/integration/testdata/debian-stretch.json.golden +++ b/integration/testdata/debian-stretch.json.golden @@ -50,7 +50,7 @@ "Results": [ { "Target": "testdata/fixtures/images/debian-stretch.tar.gz (debian 9.9)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "debian", "Vulnerabilities": [ { diff --git a/integration/testdata/distroless-base.json.golden b/integration/testdata/distroless-base.json.golden index a9493efa493a..c8f6a952b865 100644 --- a/integration/testdata/distroless-base.json.golden +++ b/integration/testdata/distroless-base.json.golden @@ -48,7 +48,7 @@ "Results": [ { "Target": "testdata/fixtures/images/distroless-base.tar.gz (debian 9.9)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "debian", "Vulnerabilities": [ { diff --git a/integration/testdata/distroless-python27.json.golden b/integration/testdata/distroless-python27.json.golden index 322b6c1c1cc7..33097414fe5a 100644 --- a/integration/testdata/distroless-python27.json.golden +++ b/integration/testdata/distroless-python27.json.golden @@ -65,7 +65,7 @@ "Results": [ { "Target": "testdata/fixtures/images/distroless-python27.tar.gz (debian 9.9)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "debian", "Vulnerabilities": [ { diff --git a/integration/testdata/fluentd-gems.json.golden b/integration/testdata/fluentd-gems.json.golden index bb08a1cf1252..8ac3ecee5917 100644 --- a/integration/testdata/fluentd-gems.json.golden +++ b/integration/testdata/fluentd-gems.json.golden @@ -102,7 +102,7 @@ "Results": [ { "Target": "testdata/fixtures/images/fluentd-multiple-lockfiles.tar.gz (debian 10.2)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "debian", "Vulnerabilities": [ { @@ -165,7 +165,7 @@ }, { "Target": "Ruby", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "gemspec", "Vulnerabilities": [ { diff --git a/integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden b/integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden index ff7e9626536a..a653e1d00918 100644 --- a/integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden +++ b/integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden @@ -3,7 +3,7 @@ "specVersion": "1.4", "version": 1, "metadata": { - "timestamp": "2022-07-03T08:45:54+00:00", + "timestamp": "2022-08-14T12:39:11+00:00", "tools": [ { "vendor": "aquasecurity", diff --git a/integration/testdata/gomod.json.golden b/integration/testdata/gomod.json.golden index d5bb0d8ee1cf..d9ca71adc53f 100644 --- a/integration/testdata/gomod.json.golden +++ b/integration/testdata/gomod.json.golden @@ -17,7 +17,7 @@ "Results": [ { "Target": "go.mod", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "gomod", "Vulnerabilities": [ { @@ -103,7 +103,7 @@ }, { "Target": "submod/go.mod", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "gomod", "Vulnerabilities": [ { @@ -131,7 +131,7 @@ }, { "Target": "submod2/go.mod", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "gomod", "Vulnerabilities": [ { diff --git a/integration/testdata/mariner-1.0.json.golden b/integration/testdata/mariner-1.0.json.golden index c8edd7b8ab57..78c048864982 100644 --- a/integration/testdata/mariner-1.0.json.golden +++ b/integration/testdata/mariner-1.0.json.golden @@ -34,7 +34,7 @@ "Results": [ { "Target": "testdata/fixtures/images/mariner-1.0.tar.gz (cbl-mariner 1.0.20220122)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "cbl-mariner", "Vulnerabilities": [ { diff --git a/integration/testdata/nodejs.json.golden b/integration/testdata/nodejs.json.golden index 20c76b67417f..62989eeb0d15 100644 --- a/integration/testdata/nodejs.json.golden +++ b/integration/testdata/nodejs.json.golden @@ -17,7 +17,7 @@ "Results": [ { "Target": "package-lock.json", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "npm", "Vulnerabilities": [ { diff --git a/integration/testdata/opensuse-leap-151.json.golden b/integration/testdata/opensuse-leap-151.json.golden index 25564b7fa6fc..a0d1146351e3 100644 --- a/integration/testdata/opensuse-leap-151.json.golden +++ b/integration/testdata/opensuse-leap-151.json.golden @@ -57,7 +57,7 @@ "Results": [ { "Target": "testdata/fixtures/images/opensuse-leap-151.tar.gz (opensuse.leap 15.1)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "opensuse.leap", "Vulnerabilities": [ { diff --git a/integration/testdata/oraclelinux-8.json.golden b/integration/testdata/oraclelinux-8.json.golden index cfa2cbb3e8d8..80c9057bb638 100644 --- a/integration/testdata/oraclelinux-8.json.golden +++ b/integration/testdata/oraclelinux-8.json.golden @@ -58,7 +58,7 @@ "Results": [ { "Target": "testdata/fixtures/images/oraclelinux-8.tar.gz (oracle 8.0)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "oracle", "Vulnerabilities": [ { diff --git a/integration/testdata/photon-30.json.golden b/integration/testdata/photon-30.json.golden index b409fbb2d6b5..2747bd6317f4 100644 --- a/integration/testdata/photon-30.json.golden +++ b/integration/testdata/photon-30.json.golden @@ -59,7 +59,7 @@ "Results": [ { "Target": "testdata/fixtures/images/photon-30.tar.gz (photon 3.0)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "photon", "Vulnerabilities": [ { diff --git a/integration/testdata/pip.json.golden b/integration/testdata/pip.json.golden index 3244e5fde150..38ff8254879b 100644 --- a/integration/testdata/pip.json.golden +++ b/integration/testdata/pip.json.golden @@ -55,12 +55,7 @@ "Version": "2.0.0", "Layer": {} } - ] - }, - { - "Target": "requirements.txt", - "Class": "vuln-lang-pkgs", - "Type": "pip", + ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2019-14806", diff --git a/integration/testdata/pnpm.json.golden b/integration/testdata/pnpm.json.golden index 56e98fd454dd..328901193698 100644 --- a/integration/testdata/pnpm.json.golden +++ b/integration/testdata/pnpm.json.golden @@ -2,10 +2,22 @@ "SchemaVersion": 2, "ArtifactName": "testdata/fixtures/fs/pnpm", "ArtifactType": "filesystem", + "Metadata": { + "ImageConfig": { + "architecture": "", + "created": "0001-01-01T00:00:00Z", + "os": "", + "rootfs": { + "type": "", + "diff_ids": null + }, + "config": {} + } + }, "Results": [ { "Target": "pnpm-lock.yaml", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "pnpm", "Vulnerabilities": [ { diff --git a/integration/testdata/pom.json.golden b/integration/testdata/pom.json.golden index 4330219c2c57..724d51263fc4 100644 --- a/integration/testdata/pom.json.golden +++ b/integration/testdata/pom.json.golden @@ -17,7 +17,7 @@ "Results": [ { "Target": "pom.xml", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "pom", "Vulnerabilities": [ { diff --git a/integration/testdata/rockylinux-8.json.golden b/integration/testdata/rockylinux-8.json.golden index 72785aa71073..e25283df3e40 100644 --- a/integration/testdata/rockylinux-8.json.golden +++ b/integration/testdata/rockylinux-8.json.golden @@ -48,7 +48,7 @@ "Results": [ { "Target": "testdata/fixtures/images/rockylinux-8.tar.gz (rocky 8.5)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "rocky", "Vulnerabilities": [ { diff --git a/integration/testdata/ubi-7.json.golden b/integration/testdata/ubi-7.json.golden index b33369755a88..2f34f82170ab 100644 --- a/integration/testdata/ubi-7.json.golden +++ b/integration/testdata/ubi-7.json.golden @@ -72,7 +72,7 @@ "Results": [ { "Target": "testdata/fixtures/images/ubi-7.tar.gz (redhat 7.7)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "redhat", "Vulnerabilities": [ { diff --git a/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden b/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden index bdbdb45ad14d..d228b69e1af0 100644 --- a/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden +++ b/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden @@ -67,7 +67,7 @@ "Results": [ { "Target": "testdata/fixtures/images/ubuntu-1804.tar.gz (ubuntu 18.04)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "ubuntu", "Vulnerabilities": [ { diff --git a/integration/testdata/ubuntu-1804.json.golden b/integration/testdata/ubuntu-1804.json.golden index 40334bd5d1be..b9a47ea39a68 100644 --- a/integration/testdata/ubuntu-1804.json.golden +++ b/integration/testdata/ubuntu-1804.json.golden @@ -67,7 +67,7 @@ "Results": [ { "Target": "testdata/fixtures/images/ubuntu-1804.tar.gz (ubuntu 18.04)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "ubuntu", "Vulnerabilities": [ { diff --git a/pkg/report/sarif.go b/pkg/report/sarif.go index b57457e13c0e..f4525790da71 100644 --- a/pkg/report/sarif.go +++ b/pkg/report/sarif.go @@ -187,9 +187,9 @@ func (sw SarifWriter) Write(report types.Report) error { func toSarifRuleName(class string) string { switch class { - case types.ClassVulnOSPkg: + case types.ClassOSPkg: return sarifOsPackageVulnerability - case types.ClassVulnLangPkg: + case types.ClassLangPkg: return sarifLanguageSpecificVulnerability case types.ClassConfig: return sarifConfigFiles diff --git a/pkg/report/sarif_test.go b/pkg/report/sarif_test.go index 1591d4986482..07e51d72439b 100644 --- a/pkg/report/sarif_test.go +++ b/pkg/report/sarif_test.go @@ -30,7 +30,7 @@ func TestReportWriter_Sarif(t *testing.T) { input: types.Results{ { Target: "library/test", - Class: types.ClassVulnOSPkg, + Class: types.ClassOSPkg, Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2020-0001", diff --git a/pkg/report/table/table.go b/pkg/report/table/table.go index 20df75036f43..e8c464f9aabd 100644 --- a/pkg/report/table/table.go +++ b/pkg/report/table/table.go @@ -13,7 +13,6 @@ import ( "github.com/aquasecurity/table" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" - ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" "github.com/aquasecurity/trivy/pkg/types" ) @@ -53,25 +52,17 @@ type Renderer interface { // Write writes the result on standard output func (tw Writer) Write(report types.Report) error { - // Iterate results to extract packages first, then write tables for each result - pkgs := map[string][]ftypes.Package{} - for _, result := range report.Results { - if result.Class == types.ClassOSPkg || result.Class == types.ClassLangPkg { - pkgs[result.Target] = result.Packages - } - } - for _, result := range report.Results { // Not display a table of custom resources if result.Class == types.ClassCustom { continue } - tw.write(result, pkgs) + tw.write(result) } return nil } -func (tw Writer) write(result types.Result, pkgs map[string][]ftypes.Package) { +func (tw Writer) write(result types.Result) { if result.IsEmpty() && result.Class != types.ClassOSPkg { return } @@ -79,8 +70,8 @@ func (tw Writer) write(result types.Result, pkgs map[string][]ftypes.Package) { var renderer Renderer switch { // vulnerability - case result.Class == types.ClassVulnOSPkg || result.Class == types.ClassVulnLangPkg: - renderer = NewVulnerabilityRenderer(result, pkgs, tw.isOutputToTerminal(), tw.Tree, tw.Severities) + case result.Class == types.ClassOSPkg || result.Class == types.ClassLangPkg: + renderer = NewVulnerabilityRenderer(result, tw.isOutputToTerminal(), tw.Tree, tw.Severities) // misconfiguration case result.Class == types.ClassConfig: renderer = NewMisconfigRenderer(result, tw.Severities, tw.Trace, tw.IncludeNonFailures, tw.isOutputToTerminal()) diff --git a/pkg/report/table/table_test.go b/pkg/report/table/table_test.go index eca131d4d59d..393232026025 100644 --- a/pkg/report/table/table_test.go +++ b/pkg/report/table/table_test.go @@ -24,7 +24,7 @@ func TestReportWriter_Table(t *testing.T) { results: types.Results{ { Target: "test", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2020-0001", @@ -59,7 +59,7 @@ Total: 1 (MEDIUM: 0, HIGH: 1) results: types.Results{ { Target: "test", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2020-0001", @@ -95,7 +95,7 @@ Total: 1 (MEDIUM: 0, HIGH: 1) results: types.Results{ { Target: "test", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2020-0001", @@ -127,7 +127,7 @@ Total: 1 (MEDIUM: 0, HIGH: 1) results: types.Results{ { Target: "test", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2020-1234", @@ -199,11 +199,6 @@ Total: 1 (MEDIUM: 0, HIGH: 1) }, }, }, - }, - { - Target: "package-lock.json", - Class: types.ClassVulnLangPkg, - Type: "npm", Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2022-0235", diff --git a/pkg/report/table/vulnerability.go b/pkg/report/table/vulnerability.go index ed9b0bb9147f..248ba300df81 100644 --- a/pkg/report/table/vulnerability.go +++ b/pkg/report/table/vulnerability.go @@ -23,14 +23,13 @@ type vulnerabilityRenderer struct { w *bytes.Buffer tableWriter *table.Table result types.Result - pkgs map[string][]ftypes.Package isTerminal bool tree bool severities []dbTypes.Severity once *sync.Once } -func NewVulnerabilityRenderer(result types.Result, pkgs map[string][]ftypes.Package, isTerminal, tree bool, severities []dbTypes.Severity) vulnerabilityRenderer { +func NewVulnerabilityRenderer(result types.Result, isTerminal, tree bool, severities []dbTypes.Severity) vulnerabilityRenderer { buf := bytes.NewBuffer([]byte{}) if !isTerminal { tml.DisableFormatting() @@ -39,7 +38,6 @@ func NewVulnerabilityRenderer(result types.Result, pkgs map[string][]ftypes.Pack w: buf, tableWriter: newTableWriter(buf, isTerminal), result: result, - pkgs: pkgs, isTerminal: isTerminal, tree: tree, severities: severities, @@ -55,7 +53,7 @@ func (r vulnerabilityRenderer) Render() string { total, summaries := summarize(r.severities, severityCount) target := r.result.Target - if r.result.Class == types.ClassVulnLangPkg { + if r.result.Class == types.ClassLangPkg { target += fmt.Sprintf(" (%s)", r.result.Type) } renderTarget(r.w, target, r.isTerminal) @@ -130,14 +128,8 @@ func (r vulnerabilityRenderer) countSeverities(vulns []types.DetectedVulnerabili } func (r vulnerabilityRenderer) renderDependencyTree() { - // Take packages - pkgs, ok := r.pkgs[r.result.Target] - if !ok { - return - } - // Get parents of each dependency - parents := reverseDeps(pkgs) + parents := reverseDeps(r.result.Packages) if len(parents) == 0 { return } diff --git a/pkg/sbom/cyclonedx/marshal.go b/pkg/sbom/cyclonedx/marshal.go index 538b07231c6b..f02bf26646f8 100644 --- a/pkg/sbom/cyclonedx/marshal.go +++ b/pkg/sbom/cyclonedx/marshal.go @@ -187,8 +187,8 @@ func (e *Marshaler) marshalComponents(r types.Report, bomRef string) (*[]cdx.Com var metadataDependencies []cdx.Dependency libraryUniqMap := map[string]struct{}{} vulnMap := map[string]cdx.Vulnerability{} - bomRefMap := map[string]string{} for _, result := range r.Results { + bomRefMap := map[string]string{} var componentDependencies []cdx.Dependency for _, pkg := range result.Packages { pkgComponent, err := pkgToCdxComponent(result.Type, r.Metadata, pkg) diff --git a/pkg/sbom/cyclonedx/marshal_test.go b/pkg/sbom/cyclonedx/marshal_test.go index 89c95899f3f9..cc44657aec33 100644 --- a/pkg/sbom/cyclonedx/marshal_test.go +++ b/pkg/sbom/cyclonedx/marshal_test.go @@ -70,11 +70,6 @@ func TestMarshaler_Marshal(t *testing.T) { Licenses: []string{"GPLv3+"}, }, }, - }, - { - Target: "rails:latest (centos 8.3.2011)", - Class: types.ClassVulnOSPkg, - Type: fos.CentOS, Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2018-20623", @@ -478,7 +473,7 @@ func TestMarshaler_Marshal(t *testing.T) { }, { Target: "Ruby", - Class: types.ClassVulnOSPkg, + Class: types.ClassOSPkg, Type: ftypes.GemSpec, Vulnerabilities: []types.DetectedVulnerability{ { @@ -1118,7 +1113,7 @@ func TestMarshaler_MarshalVulnerabilities(t *testing.T) { }, { Target: "rails:latest (centos 8.3.2011)", - Class: types.ClassVulnOSPkg, + Class: types.ClassOSPkg, Type: fos.CentOS, Vulnerabilities: []types.DetectedVulnerability{ { diff --git a/pkg/scanner/local/scan.go b/pkg/scanner/local/scan.go index efa3b15567ee..e1e081383a95 100644 --- a/pkg/scanner/local/scan.go +++ b/pkg/scanner/local/scan.go @@ -9,6 +9,7 @@ import ( "time" "github.com/google/wire" + "github.com/samber/lo" "golang.org/x/exp/slices" "golang.org/x/xerrors" @@ -96,14 +97,14 @@ func (s Scanner) Scan(ctx context.Context, target, artifactKey string, blobKeys } var eosl bool - var results types.Results + var results, pkgResults types.Results // Fill OS packages and language-specific packages if options.ListAllPackages { if res := s.osPkgsToResult(target, artifactDetail, options); res != nil { - results = append(results, *res) + pkgResults = append(pkgResults, *res) } - results = append(results, s.langPkgsToResult(artifactDetail)...) + pkgResults = append(pkgResults, s.langPkgsToResult(artifactDetail)...) } // Scan packages for vulnerabilities @@ -116,7 +117,13 @@ func (s Scanner) Scan(ctx context.Context, target, artifactKey string, blobKeys if artifactDetail.OS != nil { artifactDetail.OS.Eosl = eosl } + // Merge package results into vulnerability results + s.fillPkgsInVulns(pkgResults, vulnResults) + results = append(results, vulnResults...) + } else { + // If vulnerability scanning is not enabled, it just adds package results. + results = append(results, pkgResults...) } // Scan IaC config files @@ -253,7 +260,7 @@ func (s Scanner) scanOSPkgs(target string, detail ftypes.ArtifactDetail, options result := &types.Result{ Target: artifactDetail, Vulnerabilities: vulns, - Class: types.ClassVulnOSPkg, + Class: types.ClassOSPkg, Type: detail.OS.Family, } return result, eosl, nil @@ -295,7 +302,7 @@ func (s Scanner) scanLangPkgs(apps []ftypes.Application) (types.Results, error) results = append(results, types.Result{ Target: target, Vulnerabilities: vulns, - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Type: app.Type, }) } @@ -305,6 +312,17 @@ func (s Scanner) scanLangPkgs(apps []ftypes.Application) (types.Results, error) return results, nil } +func (s Scanner) fillPkgsInVulns(pkgResults, vulnResults types.Results) { + // Fill vulnerability results in package results + for i := range vulnResults { + if r, found := lo.Find(pkgResults, func(r types.Result) bool { + return r.Class == vulnResults[i].Class && r.Target == vulnResults[i].Target + }); found { + vulnResults[i].Packages = r.Packages + } + } +} + func (s Scanner) misconfsToResults(misconfs []ftypes.Misconfiguration) types.Results { log.Logger.Infof("Detected config files: %d", len(misconfs)) var results types.Results diff --git a/pkg/scanner/local/scan_test.go b/pkg/scanner/local/scan_test.go index 9b1024b9f08a..68173607aa19 100644 --- a/pkg/scanner/local/scan_test.go +++ b/pkg/scanner/local/scan_test.go @@ -89,7 +89,7 @@ func TestScanner_Scan(t *testing.T) { wantResults: types.Results{ { Target: "alpine:latest (alpine 3.11)", - Class: types.ClassVulnOSPkg, + Class: types.ClassOSPkg, Type: fos.Alpine, Vulnerabilities: []types.DetectedVulnerability{ { @@ -111,7 +111,7 @@ func TestScanner_Scan(t *testing.T) { }, { Target: "/app/Gemfile.lock", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Type: ftypes.Bundler, Vulnerabilities: []types.DetectedVulnerability{ { @@ -228,25 +228,7 @@ func TestScanner_Scan(t *testing.T) { }, }, }, - }, - { - Target: "/app/Gemfile.lock", - Class: types.ClassLangPkg, - Type: ftypes.Bundler, - Packages: []ftypes.Package{ - { - Name: "rails", - Version: "4.0.2", - Layer: ftypes.Layer{ - DiffID: "sha256:0ea33a93585cf1917ba522b2304634c3073654062d5282c1346322967790ef33", - }, - }, - }, - }, - { - Target: "alpine:latest (alpine 3.11)", - Class: types.ClassVulnOSPkg, - Type: fos.Alpine, + // For backward compatibility, will be removed Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2020-9999", @@ -267,8 +249,18 @@ func TestScanner_Scan(t *testing.T) { }, { Target: "/app/Gemfile.lock", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Type: ftypes.Bundler, + Packages: []ftypes.Package{ + { + Name: "rails", + Version: "4.0.2", + Layer: ftypes.Layer{ + DiffID: "sha256:0ea33a93585cf1917ba522b2304634c3073654062d5282c1346322967790ef33", + }, + }, + }, + // For backward compatibility, will be removed Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2014-0081", @@ -338,7 +330,7 @@ func TestScanner_Scan(t *testing.T) { wantResults: types.Results{ { Target: "/app/Gemfile.lock", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Type: "bundler", Vulnerabilities: []types.DetectedVulnerability{ { @@ -409,12 +401,12 @@ func TestScanner_Scan(t *testing.T) { wantResults: types.Results{ { Target: "alpine:latest (alpine 3.11)", - Class: types.ClassVulnOSPkg, + Class: types.ClassOSPkg, Type: fos.Alpine, }, { Target: "/app/Gemfile.lock", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Type: ftypes.Bundler, Vulnerabilities: []types.DetectedVulnerability{ { @@ -488,7 +480,7 @@ func TestScanner_Scan(t *testing.T) { wantResults: types.Results{ { Target: "/app/Gemfile.lock", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Type: ftypes.Bundler, Vulnerabilities: []types.DetectedVulnerability{ { @@ -607,7 +599,7 @@ func TestScanner_Scan(t *testing.T) { wantResults: types.Results{ { Target: "/app/Gemfile.lock", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Type: ftypes.Bundler, Vulnerabilities: []types.DetectedVulnerability{ { @@ -634,7 +626,7 @@ func TestScanner_Scan(t *testing.T) { }, { Target: "/app/composer-lock.json", - Class: types.ClassVulnLangPkg, + Class: types.ClassLangPkg, Type: ftypes.Composer, Vulnerabilities: []types.DetectedVulnerability{ { diff --git a/pkg/types/report.go b/pkg/types/report.go index 861465a6aeba..003112da2a4e 100644 --- a/pkg/types/report.go +++ b/pkg/types/report.go @@ -39,14 +39,12 @@ type Results []Result type ResultClass string const ( - ClassOSPkg = "os-pkgs" // For OS packages - ClassLangPkg = "lang-pkgs" // For language-specific packages - ClassVulnOSPkg = "vuln-os-pkgs" // For detected vulnerabilities in OS packages - ClassVulnLangPkg = "vuln-lang-pkgs" // For detected vulnerabilities in language-specific packages - ClassConfig = "config" // For detected misconfigurations - ClassSecret = "secret" // For detected secrets - ClassLicense = "license" // For detected package licenses - ClassLicenseFile = "license-file" // For detected licenses in files + ClassOSPkg = "os-pkgs" // For detected packages and vulnerabilities in OS packages + ClassLangPkg = "lang-pkgs" // For detected packages and vulnerabilities in language-specific packages + ClassConfig = "config" // For detected misconfigurations + ClassSecret = "secret" // For detected secrets + ClassLicense = "license" // For detected package licenses + ClassLicenseFile = "license-file" // For detected licenses in files ClassCustom = "custom" ) From 82822a3c7504bff9ca15363eb356ade7ec040796 Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Sun, 14 Aug 2022 18:23:35 +0300 Subject: [PATCH 2/4] fix tests --- integration/testdata/spring4shell-jre11.json.golden | 4 ++-- integration/testdata/spring4shell-jre8.json.golden | 4 ++-- pkg/sbom/cyclonedx/marshal_test.go | 5 ----- 3 files changed, 4 insertions(+), 9 deletions(-) diff --git a/integration/testdata/spring4shell-jre11.json.golden b/integration/testdata/spring4shell-jre11.json.golden index cfc3da1af730..1f2911dbbec5 100644 --- a/integration/testdata/spring4shell-jre11.json.golden +++ b/integration/testdata/spring4shell-jre11.json.golden @@ -185,12 +185,12 @@ "Results": [ { "Target": "testdata/fixtures/images/spring4shell-jre11.tar.gz (debian 11.3)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "debian" }, { "Target": "Java", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "jar", "Vulnerabilities": [ { diff --git a/integration/testdata/spring4shell-jre8.json.golden b/integration/testdata/spring4shell-jre8.json.golden index c2be638a698a..aaf906adc1a3 100644 --- a/integration/testdata/spring4shell-jre8.json.golden +++ b/integration/testdata/spring4shell-jre8.json.golden @@ -185,12 +185,12 @@ "Results": [ { "Target": "testdata/fixtures/images/spring4shell-jre8.tar.gz (debian 11.3)", - "Class": "vuln-os-pkgs", + "Class": "os-pkgs", "Type": "debian" }, { "Target": "Java", - "Class": "vuln-lang-pkgs", + "Class": "lang-pkgs", "Type": "jar", "Vulnerabilities": [ { diff --git a/pkg/sbom/cyclonedx/marshal_test.go b/pkg/sbom/cyclonedx/marshal_test.go index cc44657aec33..557a4ae44f72 100644 --- a/pkg/sbom/cyclonedx/marshal_test.go +++ b/pkg/sbom/cyclonedx/marshal_test.go @@ -470,11 +470,6 @@ func TestMarshaler_Marshal(t *testing.T) { FilePath: "tools/project-doe/specifications/actionpack.gemspec", }, }, - }, - { - Target: "Ruby", - Class: types.ClassOSPkg, - Type: ftypes.GemSpec, Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2022-23633", From 9339ea2c90749ddfeb1d8987c7cc1ae7e3f7c97b Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Mon, 15 Aug 2022 10:43:52 +0300 Subject: [PATCH 3/4] test: revert a golden file --- .../testdata/alpine-310-registry.json.golden | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/integration/testdata/alpine-310-registry.json.golden b/integration/testdata/alpine-310-registry.json.golden index 23d6544d3ae1..ea9d38cebbb3 100644 --- a/integration/testdata/alpine-310-registry.json.golden +++ b/integration/testdata/alpine-310-registry.json.golden @@ -1,6 +1,6 @@ { "SchemaVersion": 2, - "ArtifactName": "localhost:57584/alpine:3.10", + "ArtifactName": "localhost:63577/alpine:3.10", "ArtifactType": "container_image", "Metadata": { "OS": { @@ -13,10 +13,10 @@ "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" ], "RepoTags": [ - "localhost:57584/alpine:3.10" + "localhost:63577/alpine:3.10" ], "RepoDigests": [ - "localhost:57584/alpine@sha256:b1c5a500182b21d0bfa5a584a8526b56d8be316f89e87d951be04abed2446e60" + "localhost:63577/alpine@sha256:d9b1a0d4fab413443a22e550cb8720de487295cebca3f9b2fcbf8882192a9bf9" ], "ImageConfig": { "architecture": "amd64", @@ -55,7 +55,7 @@ }, "Results": [ { - "Target": "localhost:57584/alpine:3.10 (alpine 3.10.2)", + "Target": "localhost:63577/alpine:3.10 (alpine 3.10.2)", "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ @@ -65,7 +65,7 @@ "InstalledVersion": "1.1.1c-r0", "FixedVersion": "1.1.1d-r0", "Layer": { - "Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609", + "Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9", "DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" }, "SeveritySource": "nvd", @@ -124,7 +124,7 @@ "InstalledVersion": "1.1.1c-r0", "FixedVersion": "1.1.1d-r2", "Layer": { - "Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609", + "Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9", "DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" }, "SeveritySource": "nvd", @@ -193,7 +193,7 @@ "InstalledVersion": "1.1.1c-r0", "FixedVersion": "1.1.1d-r0", "Layer": { - "Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609", + "Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9", "DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" }, "SeveritySource": "nvd", @@ -252,7 +252,7 @@ "InstalledVersion": "1.1.1c-r0", "FixedVersion": "1.1.1d-r2", "Layer": { - "Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609", + "Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9", "DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" }, "SeveritySource": "nvd", @@ -318,4 +318,4 @@ ] } ] -} +} \ No newline at end of file From a6bc043dd9b3f758b2ba97bb7e16f6728e5df84f Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Mon, 15 Aug 2022 20:38:32 +0300 Subject: [PATCH 4/4] revert go-dep-parser --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 0d736857e3ee..fb3140a7e12f 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/NYTimes/gziphandler v1.1.1 github.com/alicebob/miniredis/v2 v2.22.0 github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 - github.com/aquasecurity/go-dep-parser v0.0.0-20220807122629-b5a21d267b03 + github.com/aquasecurity/go-dep-parser v0.0.0-20220815163410-fcf26eb92b86 github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 diff --git a/go.sum b/go.sum index 4c41dfe2901e..a9f07b9664b1 100644 --- a/go.sum +++ b/go.sum @@ -206,8 +206,8 @@ github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 h1:2a30 github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986/go.mod h1:NT+jyeCzXk6vXR5MTkdn4z64TgGfE5HMLC8qfj5unl8= github.com/aquasecurity/defsec v0.71.5 h1:HOao1TaP74lhbsLUmYaNgHx1afdYImDicB8b/f54FIM= github.com/aquasecurity/defsec v0.71.5/go.mod h1:+ouYrROGLz3lGutl+K+ilXX5V41S76JIi+L8aXPBsAQ= -github.com/aquasecurity/go-dep-parser v0.0.0-20220807122629-b5a21d267b03 h1:Axx5KwV0c83IlPLIIsi/Ht6sGsSJBzABUngXjFHFg4I= -github.com/aquasecurity/go-dep-parser v0.0.0-20220807122629-b5a21d267b03/go.mod h1:SONYN1M+sYu6VIJsZnltmVfcGOCvp09HWbhpnHDn3aY= +github.com/aquasecurity/go-dep-parser v0.0.0-20220815163410-fcf26eb92b86 h1:sc8hDjSxO3aiG0R7HvaAVnY6329NTtv9AqDGpVQxAPQ= +github.com/aquasecurity/go-dep-parser v0.0.0-20220815163410-fcf26eb92b86/go.mod h1:wwxn1SyOEY8W5hy8aDQDoExX+ybVsi+xfIllXz93+Fk= github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM= github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce/go.mod h1:HXgVzOPvXhVGLJs4ZKO817idqr/xhwsTcj17CLYY74s= github.com/aquasecurity/go-mock-aws v0.0.0-20220726154943-99847deb62b0 h1:tihCUjLWkF0b1SAjAKcFltUs3SpsqGrLtI+Frye0D10=