diff --git a/docs/community/contribute/pr.md b/docs/community/contribute/pr.md index 514b375a20..324e096f4e 100644 --- a/docs/community/contribute/pr.md +++ b/docs/community/contribute/pr.md @@ -160,5 +160,4 @@ Trivy is composed of several repositories that work together: - [vuln-list](https://github.com/aquasecurity/vuln-list) is a vulnerabilities database, aggregated from different sources, and normalized for easy consumption. Think of this as the "server" side of the trivy command line tool. **There should be no pull requests to this repo** - [vuln-list-update](https://github.com/aquasecurity/vuln-list-update) is the code that maintains the vuln-list database. - [trivy-db](https://github.com/aquasecurity/trivy-db) maintains the vulnerability database pulled by Trivy CLI. -- [fanal](https://github.com/aquasecurity/fanal) is a library for extracting system information from containers. It is being used by Trivy to find testable subjects in the container image. - [go-dep-parser](https://github.com/aquasecurity/go-dep-parser) is a library for parsing lock files such as package-lock.json and Gemfile.lock. diff --git a/examples/misconf/go-testing/go.mod b/examples/misconf/go-testing/go.mod index 3fb8ee06ec..3b036a1e20 100644 --- a/examples/misconf/go-testing/go.mod +++ b/examples/misconf/go-testing/go.mod @@ -3,6 +3,5 @@ module github.com/aquasecurity/trivy/examples/misconf/go-testing go 1.16 require ( - github.com/aquasecurity/fanal v0.0.0-20210710080753-f728f1973410 github.com/stretchr/testify v1.7.0 ) diff --git a/examples/misconf/go-testing/go.sum b/examples/misconf/go-testing/go.sum index 96ec77346f..d221ee6534 100644 --- a/examples/misconf/go-testing/go.sum +++ b/examples/misconf/go-testing/go.sum @@ -156,8 +156,6 @@ github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/ github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= -github.com/aquasecurity/fanal v0.0.0-20210710080753-f728f1973410 h1:b6yRcMDPpkI1S4VLiROgwgXmusvgX8LtgRzAnKd9HSw= -github.com/aquasecurity/fanal v0.0.0-20210710080753-f728f1973410/go.mod h1:zl2aczB7UrczEeMgKTRH6Xp/Lf+gxf0W7kXRjaOubrU= github.com/aquasecurity/go-dep-parser v0.0.0-20210520015931-0dd56983cc62 h1:aahEMQZXrwhpCMlDgXi2d7jJVNDTpYGJOgLyNptGQoY= github.com/aquasecurity/go-dep-parser v0.0.0-20210520015931-0dd56983cc62/go.mod h1:Cv/FOCXy6gwvDbz/KX48+y//SmbnKroFwW5hquXn5G4= github.com/aquasecurity/testdocker v0.0.0-20210106133225-0b17fe083674/go.mod h1:psfu0MVaiTDLpNxCoNsTeILSKY2EICBwv345f3M+Ffs= diff --git a/pkg/fanal/handler/gomod/gomod.go b/pkg/fanal/handler/gomod/gomod.go index 98759253e5..3bb564f6c3 100644 --- a/pkg/fanal/handler/gomod/gomod.go +++ b/pkg/fanal/handler/gomod/gomod.go @@ -41,8 +41,7 @@ func (h gomodMergeHook) Handle(_ context.Context, _ *analyzer.AnalysisResult, bl // e.g. /app/go.mod => /app/go.sum gosumFile := filepath.Join(dir, types.GoSum) if gosum := findGoSum(gosumFile, blob.Applications); gosum != nil { - application := app - mergeGoSum(&application, gosum) + mergeGoSum(&app, gosum) // nolint } } }