Undisplay the number of CVEs at the end of 'scan --package-list-only'

2017-07-25 20:55:54 +09:00
parent 26e447f11a
commit 1aae425945
6 changed files with 17 additions and 11 deletions
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -149,7 +149,7 @@
  branch = "master"
  name = "github.com/kotakanbe/goval-dictionary"
  packages = ["config","db","db/rdb","log","models"]
-  revision = "2c949ba2967dcd35574f2a78a12551c5326de6a9"
+  revision = "766b881c46d2037c75833ec0021da1c3da1ad2a1"

 [[projects]]
  branch = "master"
@@ -239,7 +239,7 @@
  branch = "master"
  name = "github.com/sirupsen/logrus"
  packages = ["."]
-  revision = "3eef8ce63d02f65d2da43214faf7bb19b0b2bb7a"
+  revision = "86bd21e371d71c8885b29e8dfb161c6034dc4abe"

 [[projects]]
  branch = "master"
--- a/oval/debian.go
+++ b/oval/debian.go
@@ -25,7 +25,7 @@ func (o DebianBase) fillFromOvalDB(r *models.ScanResult) error {
 	} else {
 		ovalconf.Conf.DBPath = config.Conf.OvalDBURL
 	}
-	util.Log.Infof("Open oval-dictionary db (%s): %s",
+	util.Log.Debugf("Open oval-dictionary db (%s): %s",
 		ovalconf.Conf.DBType, ovalconf.Conf.DBPath)

 	ovallog.Initialize(config.Conf.LogDir)
--- a/oval/redhat.go
+++ b/oval/redhat.go
@@ -63,7 +63,7 @@ func (o RedHatBase) getDefsByPackNameFromOvalDB(osRelease string,
 	} else {
 		ovalconf.Conf.DBPath = config.Conf.OvalDBURL
 	}
-	util.Log.Infof("Open oval-dictionary db (%s): %s",
+	util.Log.Debugf("Open oval-dictionary db (%s): %s",
 		ovalconf.Conf.DBType, ovalconf.Conf.DBPath)

 	ovallog.Initialize(config.Conf.LogDir)
@@ -102,7 +102,7 @@ func (o RedHatBase) update(r *models.ScanResult, definition *ovalmodels.Definiti
 		ovalContent := *o.convertToModel(cve.CveID, definition)
 		vinfo, ok := r.ScannedCves[cve.CveID]
 		if !ok {
-			util.Log.Infof("%s is newly detected by OVAL", cve.CveID)
+			util.Log.Debugf("%s is newly detected by OVAL", cve.CveID)
 			vinfo = models.VulnInfo{
 				CveID:        cve.CveID,
 				Confidence:   models.OvalMatch,
@@ -112,9 +112,9 @@ func (o RedHatBase) update(r *models.ScanResult, definition *ovalmodels.Definiti
 		} else {
 			cveContents := vinfo.CveContents
 			if _, ok := vinfo.CveContents[models.RedHat]; ok {
-				util.Log.Infof("%s will be updated by OVAL", cve.CveID)
+				util.Log.Debugf("%s will be updated by OVAL", cve.CveID)
 			} else {
-				util.Log.Infof("%s also detected by OVAL", cve.CveID)
+				util.Log.Debugf("%s also detected by OVAL", cve.CveID)
 				cveContents = models.CveContents{}
 			}

--- a/report/cve_client.go
+++ b/report/cve_client.go
@@ -147,7 +147,7 @@ func (api cvedictClient) FetchCveDetailsFromCveDB(cveIDs []string) (cveDetails [
 		return []*cve.CveDetail{}, fmt.Errorf("Failed to New DB. err: %s", err)
 	}

-	util.Log.Infof("Opening DB (%s).", driver.Name())
+	util.Log.Debugf("Opening DB (%s).", driver.Name())
 	if err := driver.OpenDB(
 		cveconfig.Conf.DBType,
 		cveconfig.Conf.DBPath,
@@ -281,7 +281,7 @@ func (api cvedictClient) FetchCveDetailsByCpeNameFromDB(cpeName string) (cveDeta
 		return []*cve.CveDetail{}, fmt.Errorf("Failed to New DB. err: %s", err)
 	}

-	log.Infof("Opening DB (%s).", driver.Name())
+	util.Log.Debugf("Opening DB (%s).", driver.Name())
 	if err = driver.OpenDB(
 		cveconfig.Conf.DBType,
 		cveconfig.Conf.DBPath,
--- a/report/report.go
+++ b/report/report.go
@@ -173,7 +173,7 @@ func fillWithOval(r *models.ScanResult) (err error) {
 		return err
 	}
 	if !ok {
-		util.Log.Warnf("OVAL is emtpy: %s-%s. It's recommended to use OVAL to improve scanning accuracy. To fetch OVAL database, see https://github.com/kotakanbe/goval-dictionary#usage", r.Family, r.Release)
+		util.Log.Warnf("OVAL entries of %s-%s are not found. It's recommended to use OVAL to improve scanning accuracy. To fetch OVAL, see https://github.com/kotakanbe/goval-dictionary#usage , Then report with --ovaldb-path or --ovaldb-url flag", r.Family, r.Release)
 		return nil
 	}

--- a/report/util.go
+++ b/report/util.go
@@ -43,10 +43,16 @@ func formatScanSummary(rs ...models.ScanResult) string {
 	for _, r := range rs {
 		var cols []interface{}
 		if len(r.Errors) == 0 {
+			var cves string
+			if config.Conf.PackageListOnly {
+				cves = fmt.Sprintf("- CVEs")
+			} else {
+				cves = fmt.Sprintf("%d CVEs", len(r.ScannedCves))
+			}
 			cols = []interface{}{
 				r.FormatServerName(),
 				fmt.Sprintf("%s%s", r.Family, r.Release),
-				fmt.Sprintf("%d CVEs", len(r.ScannedCves)),
+				cves,
 				r.Packages.FormatUpdatablePacksSummary(),
 			}
 		} else {