Add Cargo scanner (#5 )

Move remic
Add options for remic (#4 )
2025-12-23 07:29:00 -08:00 · 2019-05-12 23:08:02 +09:00 · 2019-05-11 14:45:52 +09:00 · 2019-05-11 14:36:20 +09:00 · 2019-05-08 19:14:48 +09:00
10 changed files with 223 additions and 170 deletions
--- a/README.md
+++ b/README.md
@@ -5,12 +5,31 @@
 [![Go Report Card](https://goreportcard.com/badge/github.com/knqyf263/trivy)](https://goreportcard.com/report/github.com/knqyf263/trivy)
 [![MIT License](http://img.shields.io/badge/license-MIT-blue.svg?style=flat)](https://github.com/knqyf263/trivy/blob/master/LICENSE)

-A Simple and Comprehensive Vulnerability Scanner for Containers
+A Simple and Comprehensive Vulnerability Scanner for Containers, Compatible with CI

 # Abstract
-Scan containers
+`Trivy` is a simple and comprehensive vulnerability scanner for containers.
+`Trivy` detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, etc.).
+`Trivy` is easy to use. Just install the binary and you're ready to scan. It can be scanned just by specifying a container image name.
+
+It is considered to be used in CI. Before pushing to a container registry, you can scan your local container image easily.
+See [here](#continuous-integration-ci) for details.
+

 # Features
+- Detect comprehensive vulnerabilities
+  - OS packages (Alpine, Red Hat Enterprise Linux, CentOS, Debian, Ubuntu)
+  - **Application dependencies** (Bundler, Composer, Pipenv, npm, Cargo)
+- Simple
+  - Specify only an image name
+- Easy installation
+  - **No need for prerequirements** such as installation of DB, libraries, etc.
+  - `apt-get install`, `yum install` and `brew install` is possible (See [Installation](#installation))
+- High accuracy
+  - Especially Alpine
+- **Compatible with CI**
+  - See [CI Example](#continuous-integration-ci)
+

 # Installation

@@ -65,7 +84,7 @@ $ brew install knqyf263/trivy/trivy
 ```

 ## Binary (Including Windows)
-Go to [the releases page](https://github.com/knqyf263/trivy/releases), find the version you want, and download the zip file. Unpack the zip file, and put the binary to somewhere you want (on UNIX-y systems, /usr/local/bin or the like). Make sure it has execution bits turned on. 
+Go to [the releases page](https://github.com/knqyf263/trivy/releases), find the version you want, and download the zip file. Unpack the zip file, and put the binary to somewhere you want (on UNIX-y systems, /usr/local/bin or the like). Make sure it has execution bits turned on.

 ## From source

@@ -141,11 +160,10 @@ repository: https://github.com/knqyf263/trivy-ci-test
 # Usage

 ```
-$ trivy -h
 NAME:
  trivy - A simple and comprehensive vulnerability scanner for containers
 USAGE:
-  main [options] image_name
+  trivy [options] image_name
 VERSION:
  0.0.3
 OPTIONS:
@@ -157,10 +175,11 @@ OPTIONS:
  --skip-update               skip db update
  --clean, -c                 clean all cache
  --quiet, -q                 suppress progress bar
+  --ignore-unfixed            display only fixed vulnerabilities
+  --refresh                   refresh DB (usually used after version update of trivy
  --debug, -d                 debug mode
  --help, -h                  show help
  --version, -v               print the version
-
 ```

 # Q&A
@@ -179,7 +198,7 @@ echo 'export HOMEBREW_GITHUB_API_TOKEN=your_token_here' >> ~/.zshrc

 Try:
 ```
-$ printf "protocol=https\nhost=github.com\n" | git credential-osxkeychain erase 
+$ printf "protocol=https\nhost=github.com\n" | git credential-osxkeychain erase
 ```

 ### Error: knqyf263/trivy/trivy 64 already installed
@@ -199,11 +218,18 @@ $ brew install knqyf263/trivy/trivy
 ```

 ## Others
+### Detected version update of trivy. Please try again with --refresh option
+Try again with `--refresh` option
+
+```
+$ trivy --refresh alpine:3.9
+```
+
 ### Unknown error
 Try again with `--clean` option

 ```
-$ trivy --clean alpine:3.8
+$ trivy --clean
 ```

 # Contribute
--- a/cmd/remic/main.go
+++ b/cmd/remic/main.go
@@ -1,67 +0,0 @@
-package main
-
-import (
-	"os"
-	"strings"
-
-	"github.com/knqyf263/trivy/pkg/vulnsrc/vulnerability"
-
-	"github.com/knqyf263/trivy/pkg/remic"
-	"github.com/urfave/cli"
-
-	"github.com/knqyf263/trivy/pkg/log"
-)
-
-func main() {
-	cli.AppHelpTemplate = `NAME:
-  {{.Name}}{{if .Usage}} - {{.Usage}}{{end}}
-USAGE:
-  {{if .UsageText}}{{.UsageText}}{{else}}{{.HelpName}} {{if .VisibleFlags}}[options]{{end}} {{if .ArgsUsage}}{{.ArgsUsage}}{{else}}[arguments...]{{end}}{{end}}{{if .Version}}{{if not .HideVersion}}
-VERSION:
-  {{.Version}}{{end}}{{end}}{{if .Description}}
-DESCRIPTION:
-  {{.Description}}{{end}}{{if len .Authors}}
-AUTHOR{{with $length := len .Authors}}{{if ne 1 $length}}S{{end}}{{end}}:
-  {{range $index, $author := .Authors}}{{if $index}}
-  {{end}}{{$author}}{{end}}{{end}}{{if .VisibleCommands}}
-OPTIONS:
-  {{range $index, $option := .VisibleFlags}}{{if $index}}
-  {{end}}{{$option}}{{end}}{{end}}
-`
-	app := cli.NewApp()
-	app.Name = "remic"
-	app.Version = "0.0.1"
-	app.ArgsUsage = "file"
-
-	app.Usage = "A simple and fast tool for detecting vulnerabilities in application dependencies"
-
-	app.Flags = []cli.Flag{
-		cli.StringFlag{
-			Name:  "format, f",
-			Value: "table",
-			Usage: "format (table, json)",
-		},
-		cli.StringFlag{
-			Name:  "severity, s",
-			Value: strings.Join(vulnerability.SeverityNames, ","),
-			Usage: "severity of vulnerabilities to be displayed",
-		},
-		cli.StringFlag{
-			Name:  "output, o",
-			Usage: "output file name",
-		},
-		cli.BoolFlag{
-			Name:  "debug, d",
-			Usage: "debug mode",
-		},
-	}
-
-	app.Action = func(c *cli.Context) error {
-		return remic.Run(c)
-	}
-
-	err := app.Run(os.Args)
-	if err != nil {
-		log.Logger.Fatal(err)
-	}
-}
--- a/go.mod
+++ b/go.mod
@@ -3,15 +3,17 @@ module github.com/knqyf263/trivy
 go 1.12

 require (
+	github.com/BurntSushi/toml v0.3.1
 	github.com/briandowns/spinner v0.0.0-20190319032542-ac46072a5a91
 	github.com/emirpasic/gods v1.12.0 // indirect
 	github.com/etcd-io/bbolt v1.3.2
 	github.com/fatih/color v1.7.0
+	github.com/genuinetools/reg v0.16.0
 	github.com/gliderlabs/ssh v0.1.3 // indirect
 	github.com/golang/protobuf v1.3.1 // indirect
-	github.com/knqyf263/fanal v0.0.0-20190507123206-ceab60083e70
+	github.com/knqyf263/fanal v0.0.0-20190511083500-dd50facc184b
 	github.com/knqyf263/go-deb-version v0.0.0-20170509080151-9865fe14d09b
-	github.com/knqyf263/go-dep-parser v0.0.0-20190429154931-c377a5391790
+	github.com/knqyf263/go-dep-parser v0.0.0-20190511063217-d5d543bfc261
 	github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936
 	github.com/knqyf263/go-version v1.1.1
 	github.com/mattn/go-colorable v0.1.1 // indirect
--- a/go.sum
+++ b/go.sum
@@ -4,6 +4,7 @@ cloud.google.com/go v0.37.4 h1:glPeL3BQJsbF6aIIYfZizMwc5LTYz250bDMjttbBGAU=
 cloud.google.com/go v0.37.4/go.mod h1:NHPJ89PdicEuT9hdPXMROBD91xc5uRDxsMtSB16k7hw=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
+github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0 h1:wykTgKwhVr2t2qs+xI020s6W5dt614QqCHV+7W9dg64=
 github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs=
@@ -119,10 +120,14 @@ github.com/knqyf263/fanal v0.0.0-20190506110705-2b5cb3000ff6 h1:iSztZNfwEPMN2CvU
 github.com/knqyf263/fanal v0.0.0-20190506110705-2b5cb3000ff6/go.mod h1:OiuWIClssf5WzbMcR8lfspdBVaP+vRQndY4kHeFgrDw=
 github.com/knqyf263/fanal v0.0.0-20190507123206-ceab60083e70 h1:L27WBZxk7N70WilG91kgvs0EnV+JVCoOTsNQa8tMBJs=
 github.com/knqyf263/fanal v0.0.0-20190507123206-ceab60083e70/go.mod h1:OiuWIClssf5WzbMcR8lfspdBVaP+vRQndY4kHeFgrDw=
+github.com/knqyf263/fanal v0.0.0-20190511083500-dd50facc184b h1:mctpQ38lbNk6ZNXaLU0b7J/ayM/GXIatK3FspvW8n+M=
+github.com/knqyf263/fanal v0.0.0-20190511083500-dd50facc184b/go.mod h1:oD0qDmkCnzXx6SWoQ1H9r05EWhqYIo9/fVzdpTBzh6c=
 github.com/knqyf263/go-deb-version v0.0.0-20170509080151-9865fe14d09b h1:DiDMmSwuY27PJxA2Gs0+uI/bQ/ehKARaGXRdlp+wFis=
 github.com/knqyf263/go-deb-version v0.0.0-20170509080151-9865fe14d09b/go.mod h1:o8sgWoz3JADecfc/cTYD92/Et1yMqMy0utV1z+VaZao=
 github.com/knqyf263/go-dep-parser v0.0.0-20190429154931-c377a5391790 h1:c02gG0yRNr25lcLOH+678SuuxxMUq36i48PQnmAweWk=
 github.com/knqyf263/go-dep-parser v0.0.0-20190429154931-c377a5391790/go.mod h1:CtT+dtv38jSz5EYYCX21LgtVXP+J3soF2fzQT8lHCfY=
+github.com/knqyf263/go-dep-parser v0.0.0-20190511063217-d5d543bfc261 h1:RPgPsbEsYj6LuOjZnKl2DvbfodNWRuWKZfWJkrD7l8s=
+github.com/knqyf263/go-dep-parser v0.0.0-20190511063217-d5d543bfc261/go.mod h1:gSiqSkOFPstUZu/qZ4wnNJS69PtQQnPl397vxKHJ5mQ=
 github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936 h1:HDjRqotkViMNcGMGicb7cgxklx8OwnjtCBmyWEqrRvM=
 github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936/go.mod h1:i4sF0l1fFnY1aiw08QQSwVAFxHEm311Me3WsU/X7nL0=
 github.com/knqyf263/go-rpmdb v0.0.0-20190501070121-10a1c42a10dc/go.mod h1:MrSSvdMpTSymaQWk1yFr9sxFSyQmKMj6jkbvGrchBV8=
--- a/pkg/remic/run.go
+++ b/pkg/remic/run.go
@@ -1,85 +0,0 @@
-package remic
-
-import (
-	l "log"
-	"os"
-	"strings"
-
-	"github.com/knqyf263/trivy/pkg/scanner"
-
-	"github.com/knqyf263/trivy/pkg/vulnsrc/vulnerability"
-
-	"github.com/knqyf263/trivy/pkg/vulnsrc"
-
-	"github.com/urfave/cli"
-	"golang.org/x/xerrors"
-
-	"github.com/knqyf263/trivy/pkg/db"
-	"github.com/knqyf263/trivy/pkg/log"
-	"github.com/knqyf263/trivy/pkg/report"
-)
-
-func Run(c *cli.Context) (err error) {
-	debug := c.Bool("debug")
-	if err = log.InitLogger(debug); err != nil {
-		l.Fatal(err)
-	}
-
-	args := c.Args()
-	if len(args) == 0 {
-		return xerrors.New(`remic" requires at least 1 argument.`)
-	}
-
-	o := c.String("output")
-	output := os.Stdout
-	if o != "" {
-		if output, err = os.Create(o); err != nil {
-			return err
-		}
-	}
-
-	var severities []vulnerability.Severity
-	for _, s := range strings.Split(c.String("severity"), ",") {
-		severity, err := vulnerability.NewSeverity(s)
-		if err != nil {
-			return err
-		}
-		severities = append(severities, severity)
-	}
-
-	if err = db.Init(); err != nil {
-		return err
-	}
-
-	if err = vulnsrc.Update(); err != nil {
-		return err
-	}
-
-	fileName := args[0]
-	f, err := os.Open(fileName)
-	if err != nil {
-		return xerrors.Errorf("failed to open a file: %w", err)
-	}
-	defer f.Close()
-
-	result, err := scanner.ScanFile(f, severities)
-	if err != nil {
-		return xerrors.Errorf("failed to scan a file: %w", err)
-	}
-
-	var writer report.Writer
-	switch c.String("format") {
-	case "table":
-		writer = &report.TableWriter{Output: output}
-	case "json":
-		writer = &report.JsonWriter{Output: output}
-	default:
-		return xerrors.New("unknown format")
-	}
-
-	if err = writer.Write([]report.Result{result}); err != nil {
-		return xerrors.Errorf("failed to write results: %w", err)
-	}
-
-	return nil
-}
--- a/pkg/scanner/library/cargo/advisory.go
+++ b/pkg/scanner/library/cargo/advisory.go
@@ -0,0 +1,111 @@
+package cargo
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/BurntSushi/toml"
+
+	"github.com/etcd-io/bbolt"
+
+	"github.com/knqyf263/trivy/pkg/db"
+	"github.com/knqyf263/trivy/pkg/vulnsrc/vulnerability"
+
+	"golang.org/x/xerrors"
+
+	"github.com/knqyf263/trivy/pkg/git"
+	"github.com/knqyf263/trivy/pkg/utils"
+)
+
+const (
+	dbURL = "https://github.com/RustSec/advisory-db.git"
+)
+
+var (
+	repoPath = filepath.Join(utils.CacheDir(), "rust-advisory-db")
+)
+
+type AdvisoryDB map[string][]Lockfile
+
+type Lockfile struct {
+	Advisory `toml:"advisory"`
+}
+
+type Advisory struct {
+	Id                string
+	Package           string
+	Title             string `toml:"title"`
+	Url               string
+	Date              string
+	Description       string
+	Keywords          []string
+	PatchedVersions   []string `toml:"patched_versions"`
+	AffectedFunctions []string `toml:"affected_functions"`
+}
+
+func (s *Scanner) UpdateDB() (err error) {
+	if _, err := git.CloneOrPull(dbURL, repoPath); err != nil {
+		return xerrors.Errorf("error in %s security DB update: %w", s.Type(), err)
+	}
+	s.db, err = s.walk()
+	return err
+}
+
+func (s *Scanner) walk() (AdvisoryDB, error) {
+	advisoryDB := AdvisoryDB{}
+	root := filepath.Join(repoPath, "crates")
+
+	var vulns []vulnerability.Vulnerability
+	err := filepath.Walk(root, func(path string, info os.FileInfo, err error) error {
+		if info.IsDir() {
+			return nil
+		}
+		buf, err := ioutil.ReadFile(path)
+		if err != nil {
+			return xerrors.Errorf("failed to read a file: %w", err)
+		}
+
+		advisory := Lockfile{}
+		err = toml.Unmarshal(buf, &advisory)
+		if err != nil {
+			return xerrors.Errorf("failed to unmarshal TOML: %w", err)
+		}
+
+		// for detecting vulnerabilities
+		advisories, ok := advisoryDB[advisory.Package]
+		if !ok {
+			advisories = []Lockfile{}
+		}
+		advisoryDB[advisory.Package] = append(advisories, advisory)
+
+		// for displaying vulnerability detail
+		vulns = append(vulns, vulnerability.Vulnerability{
+			ID:          advisory.Id,
+			References:  []string{advisory.Url},
+			Title:       advisory.Title,
+			Description: advisory.Description,
+		})
+
+		return nil
+	})
+	if err != nil {
+		return nil, xerrors.Errorf("error in file walk: %w", err)
+	}
+
+	if err = s.saveVulnerabilities(vulns); err != nil {
+		return nil, err
+	}
+	return advisoryDB, nil
+}
+
+func (s *Scanner) saveVulnerabilities(vulns []vulnerability.Vulnerability) error {
+	return vulnerability.BatchUpdate(func(b *bbolt.Bucket) error {
+		for _, vuln := range vulns {
+			if err := db.Put(b, vuln.ID, vulnerability.RustSec, vuln); err != nil {
+				return xerrors.Errorf("failed to save %s vulnerability: %w", s.Type(), err)
+			}
+		}
+		return nil
+	})
+}
--- a/pkg/scanner/library/cargo/scan.go
+++ b/pkg/scanner/library/cargo/scan.go
@@ -0,0 +1,56 @@
+package cargo
+
+import (
+	"os"
+	"strings"
+
+	"github.com/knqyf263/go-dep-parser/pkg/cargo"
+	ptypes "github.com/knqyf263/go-dep-parser/pkg/types"
+	"github.com/knqyf263/go-version"
+	"github.com/knqyf263/trivy/pkg/scanner/utils"
+	"github.com/knqyf263/trivy/pkg/types"
+	"golang.org/x/xerrors"
+)
+
+const (
+	scannerType = "cargo"
+)
+
+type Scanner struct {
+	db AdvisoryDB
+}
+
+func NewScanner() *Scanner {
+	return &Scanner{}
+}
+
+func (s *Scanner) Detect(pkgName string, pkgVer *version.Version) ([]types.Vulnerability, error) {
+	var vulns []types.Vulnerability
+	for _, advisory := range s.db[pkgName] {
+		if utils.MatchVersions(pkgVer, advisory.PatchedVersions) {
+			continue
+		}
+
+		vuln := types.Vulnerability{
+			VulnerabilityID:  advisory.Id,
+			PkgName:          strings.TrimSpace(advisory.Package),
+			Title:            strings.TrimSpace(advisory.Title),
+			InstalledVersion: pkgVer.String(),
+			FixedVersion:     strings.Join(advisory.PatchedVersions, ", "),
+		}
+		vulns = append(vulns, vuln)
+	}
+	return vulns, nil
+}
+
+func (s *Scanner) ParseLockfile(f *os.File) ([]ptypes.Library, error) {
+	libs, err := cargo.Parse(f)
+	if err != nil {
+		return nil, xerrors.Errorf("invalid Cargo.lock format: %w", err)
+	}
+	return libs, nil
+}
+
+func (s *Scanner) Type() string {
+	return scannerType
+}
--- a/pkg/scanner/library/scan.go
+++ b/pkg/scanner/library/scan.go
@@ -6,14 +6,16 @@ import (

 	"github.com/knqyf263/fanal/analyzer"
 	_ "github.com/knqyf263/fanal/analyzer/library/bundler"
+	_ "github.com/knqyf263/fanal/analyzer/library/cargo"
 	_ "github.com/knqyf263/fanal/analyzer/library/composer"
 	_ "github.com/knqyf263/fanal/analyzer/library/npm"
 	_ "github.com/knqyf263/fanal/analyzer/library/pipenv"
 	"github.com/knqyf263/fanal/extractor"
 	ptypes "github.com/knqyf263/go-dep-parser/pkg/types"
-	"github.com/knqyf263/go-version"
+	version "github.com/knqyf263/go-version"
 	"github.com/knqyf263/trivy/pkg/log"
 	"github.com/knqyf263/trivy/pkg/scanner/library/bundler"
+	"github.com/knqyf263/trivy/pkg/scanner/library/cargo"
 	"github.com/knqyf263/trivy/pkg/scanner/library/composer"
 	"github.com/knqyf263/trivy/pkg/scanner/library/npm"
 	"github.com/knqyf263/trivy/pkg/scanner/library/pipenv"
@@ -33,6 +35,8 @@ func NewScanner(filename string) Scanner {
 	switch filename {
 	case "Gemfile.lock":
 		scanner = bundler.NewScanner()
+	case "Cargo.lock":
+		scanner = cargo.NewScanner()
 	case "composer.lock":
 		scanner = composer.NewScanner()
 	case "package-lock.json":
@@ -72,7 +76,7 @@ func Scan(files extractor.FileMap) (map[string][]types.Vulnerability, error) {
 }

 func ScanFile(f *os.File) ([]types.Vulnerability, error) {
-	scanner := NewScanner(f.Name())
+	scanner := NewScanner(filepath.Base(f.Name()))
 	if scanner == nil {
 		return nil, xerrors.New("unknown file type")
 	}
--- a/pkg/scanner/scan.go
+++ b/pkg/scanner/scan.go
@@ -30,7 +30,7 @@ import (

 var (
 	sources = []string{vulnerability.Nvd, vulnerability.RedHat, vulnerability.Debian,
-		vulnerability.DebianOVAL, vulnerability.Alpine, vulnerability.RubySec, vulnerability.PhpSecurityAdvisories,
+		vulnerability.DebianOVAL, vulnerability.Alpine, vulnerability.RubySec, vulnerability.RustSec, vulnerability.PhpSecurityAdvisories,
 		vulnerability.NodejsSecurityWg, vulnerability.PythonSafetyDB}
 )

@@ -72,7 +72,7 @@ func ScanImage(imageName, filePath string, severities []vulnerability.Severity,

 	osFamily, osVersion, osVulns, err := ospkg.Scan(files)
 	if err != nil {
-		return nil, xerrors.New("failed to scan image")
+		return nil, xerrors.Errorf("failed to scan image: %w", err)

 	}

@@ -83,7 +83,7 @@ func ScanImage(imageName, filePath string, severities []vulnerability.Severity,

 	libVulns, err := library.Scan(files)
 	if err != nil {
-		return nil, xerrors.New("failed to scan libraries")
+		return nil, xerrors.Errorf("failed to scan libraries: %w", err)
 	}
 	for path, vulns := range libVulns {
 		results = append(results, report.Result{
@@ -95,14 +95,14 @@ func ScanImage(imageName, filePath string, severities []vulnerability.Severity,
 	return results, nil
 }

-func ScanFile(f *os.File, severities []vulnerability.Severity) (report.Result, error) {
+func ScanFile(f *os.File, severities []vulnerability.Severity, ignoreUnfixed bool) (report.Result, error) {
 	vulns, err := library.ScanFile(f)
 	if err != nil {
-		return report.Result{}, xerrors.New("failed to scan libraries in file")
+		return report.Result{}, xerrors.Errorf("failed to scan libraries in file: %w", err)
 	}
 	result := report.Result{
 		FileName:        f.Name(),
-		Vulnerabilities: processVulnerabilties(vulns, severities, false),
+		Vulnerabilities: processVulnerabilties(vulns, severities, ignoreUnfixed),
 	}
 	return result, nil
 }
--- a/pkg/vulnsrc/vulnerability/const.go
+++ b/pkg/vulnsrc/vulnerability/const.go
@@ -12,6 +12,7 @@ const (
 	Amazon                = "amazon"
 	Alpine                = "alpine"
 	RubySec               = "ruby-advisory-db"
+	RustSec               = "rust-advisory-db"
 	PhpSecurityAdvisories = "php-security-advisories"
 	NodejsSecurityWg      = "nodejs-security-wg"
 	PythonSafetyDB        = "python-safety-db"
Author	SHA1	Message	Date
Masahiro	0c11078302	Add Cargo scanner (#5 )	2019-05-12 23:08:02 +09:00
knqyf263	507fac9284	Move remic	2019-05-11 14:45:52 +09:00
Masahiro	22abb9dab1	Add options for remic (#4 ) * Fix filename * Add options	2019-05-11 14:36:20 +09:00
knqyf263	6463176bc0	Update README	2019-05-08 19:14:48 +09:00