gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
1f0d6290c33c95d5f213cc409a0ff6a53a2c888e
trivy/pkg/detector/library/detect.go
Juan Ariza Toledano 1f0d6290c3 feat(vuln): include pkg identifier on detected vulnerabilities (#5439) 
Signed-off-by: juan131 <jariza@vmware.com>
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2023-12-27 07:54:56 +00:00

44 lines
1.1 KiB
Go
Raw Blame History

package library
import (
"golang.org/x/xerrors"
ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
"github.com/aquasecurity/trivy/pkg/types"
)
// Detect scans and returns vulnerabilities of library
func Detect(libType ftypes.LangType, pkgs []ftypes.Package) ([]types.DetectedVulnerability, error) {
driver, ok := NewDriver(libType)
if !ok {
return nil, nil
}
vulns, err := detect(driver, pkgs)
if err != nil {
return nil, xerrors.Errorf("failed to scan %s vulnerabilities: %w", driver.Type(), err)
}
return vulns, nil
}
func detect(driver Driver, libs []ftypes.Package) ([]types.DetectedVulnerability, error) {
var vulnerabilities []types.DetectedVulnerability
for _, lib := range libs {
vulns, err := driver.DetectVulnerabilities(lib.ID, lib.Name, lib.Version)
if err != nil {
return nil, xerrors.Errorf("failed to detect %s vulnerabilities: %w", driver.Type(), err)
}
for i := range vulns {
vulns[i].Layer = lib.Layer
vulns[i].PkgPath = lib.FilePath
vulns[i].PkgRef = lib.Ref
vulns[i].PkgIdentifier = lib.Identifier
}
vulnerabilities = append(vulnerabilities, vulns...)
}
return vulnerabilities, nil
}
Reference in New Issue View Git Blame Copy Permalink