Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(libscan): update trivy deps (#1070)

Browse Source
This commit is contained in:
Kota Kanbe
2020-11-05 15:38:12 +09:00
committed by GitHub
parent f78dab50cb
commit 2fc3462d35
6 changed files with 114 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
models/library.go
View File

@@ -3,6 +3,7 @@ package models
import (
"path/filepath"
"github.com/Masterminds/semver/v3"
"github.com/aquasecurity/trivy-db/pkg/db"
trivyDBTypes "github.com/aquasecurity/trivy-db/pkg/types"
"github.com/aquasecurity/trivy/pkg/detector/library"
@@ -10,9 +11,7 @@ import (
"github.com/aquasecurity/trivy/pkg/types"
"github.com/future-architect/vuls/util"
"golang.org/x/xerrors"
// "github.com/aquasecurity/go-dep-parser/pkg/types"
"github.com/knqyf263/go-version"
)
// LibraryScanners is an array of LibraryScanner
@@ -46,7 +45,7 @@ func (s LibraryScanner) Scan() ([]VulnInfo, error) {
}
var vulnerabilities = []VulnInfo{}
for _, pkg := range s.Libs {
v, err := version.NewVersion(pkg.Version)
v, err := semver.StrictNewVersion(pkg.Version)
if err != nil {
util.Log.Debugf("new version cant detected %s@%s", pkg.Name, pkg.Version)
continue