add a github actions config (#985)
* add a github actions config * fix(log): Don't create a log dir when testing * remove a meaningless test case * Thanks for everything, Mr, Travys. * add golangci * add goreleaser.yml * add tidy.yml * add golang-ci * fix many lint warnings
This commit is contained in:
Kota Kanbe
@@ -45,7 +45,7 @@ func (s LibraryScanner) Scan() ([]VulnInfo, error) {
|
||||
return nil, xerrors.New("unknown file type")
|
||||
}
|
||||
|
||||
var vulnerabilities []VulnInfo
|
||||
var vulnerabilities = []VulnInfo{}
|
||||
for _, pkg := range s.Libs {
|
||||
v, err := version.NewVersion(pkg.Version)
|
||||
if err != nil {
|
||||
|
||||
@@ -4,56 +4,9 @@ import (
|
||||
"reflect"
|
||||
"testing"
|
||||
|
||||
"github.com/aquasecurity/trivy-db/pkg/db"
|
||||
"github.com/aquasecurity/trivy/pkg/log"
|
||||
"github.com/aquasecurity/trivy/pkg/types"
|
||||
"github.com/aquasecurity/trivy/pkg/utils"
|
||||
)
|
||||
|
||||
func TestScan(t *testing.T) {
|
||||
var tests = []struct {
|
||||
path string
|
||||
pkgs []types.Library
|
||||
}{
|
||||
{
|
||||
path: "app/package-lock.json",
|
||||
pkgs: []types.Library{
|
||||
{
|
||||
Name: "jquery",
|
||||
Version: "2.2.4",
|
||||
},
|
||||
{
|
||||
Name: "@babel/traverse",
|
||||
Version: "7.4.4",
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
if err := log.InitLogger(false, false); err != nil {
|
||||
t.Errorf("trivy logger failed")
|
||||
}
|
||||
|
||||
cacheDir := utils.DefaultCacheDir()
|
||||
if err := db.Init(cacheDir); err != nil {
|
||||
t.Errorf("trivy db.Init failed")
|
||||
}
|
||||
for _, v := range tests {
|
||||
lib := LibraryScanner{
|
||||
Path: v.path,
|
||||
Libs: v.pkgs,
|
||||
}
|
||||
actual, err := lib.Scan()
|
||||
if err != nil {
|
||||
t.Errorf("error occurred")
|
||||
}
|
||||
if len(actual) == 0 {
|
||||
t.Errorf("no vuln found : actual: %v\n", actual)
|
||||
}
|
||||
}
|
||||
db.Close()
|
||||
}
|
||||
|
||||
func TestLibraryScanners_Find(t *testing.T) {
|
||||
type args struct {
|
||||
name string
|
||||
|
||||
@@ -195,7 +195,7 @@ func (r ScanResult) FilterUnfixed() ScanResult {
|
||||
|
||||
// FilterIgnorePkgs is filter function.
|
||||
func (r ScanResult) FilterIgnorePkgs() ScanResult {
|
||||
ignorePkgsRegexps := []string{}
|
||||
var ignorePkgsRegexps []string
|
||||
if len(r.Container.Name) == 0 {
|
||||
ignorePkgsRegexps = config.Conf.Servers[r.ServerName].IgnorePkgsRegexp
|
||||
} else {
|
||||
|
||||
@@ -6,60 +6,18 @@ import (
|
||||
cvedict "github.com/kotakanbe/go-cve-dictionary/models"
|
||||
)
|
||||
|
||||
// ConvertNvdXMLToModel convert NVD to CveContent
|
||||
func ConvertNvdXMLToModel(cveID string, nvd *cvedict.NvdXML) *CveContent {
|
||||
if nvd == nil {
|
||||
return nil
|
||||
}
|
||||
var cpes []Cpe
|
||||
for _, c := range nvd.Cpes {
|
||||
cpes = append(cpes, Cpe{
|
||||
FormattedString: c.FormattedString,
|
||||
URI: c.URI,
|
||||
})
|
||||
}
|
||||
|
||||
var refs []Reference
|
||||
for _, r := range nvd.References {
|
||||
refs = append(refs, Reference{
|
||||
Link: r.Link,
|
||||
Source: r.Source,
|
||||
})
|
||||
}
|
||||
|
||||
cweIDs := []string{}
|
||||
for _, cid := range nvd.Cwes {
|
||||
cweIDs = append(cweIDs, cid.CweID)
|
||||
}
|
||||
|
||||
return &CveContent{
|
||||
Type: Nvd,
|
||||
CveID: cveID,
|
||||
Summary: nvd.Summary,
|
||||
Cvss2Score: nvd.Cvss2.BaseScore,
|
||||
Cvss2Vector: nvd.Cvss2.VectorString,
|
||||
Cvss2Severity: nvd.Cvss2.Severity,
|
||||
SourceLink: "https://nvd.nist.gov/vuln/detail/" + cveID,
|
||||
// Cpes: cpes,
|
||||
CweIDs: cweIDs,
|
||||
References: refs,
|
||||
Published: nvd.PublishedDate,
|
||||
LastModified: nvd.LastModifiedDate,
|
||||
}
|
||||
}
|
||||
|
||||
// ConvertJvnToModel convert JVN to CveContent
|
||||
func ConvertJvnToModel(cveID string, jvn *cvedict.Jvn) *CveContent {
|
||||
if jvn == nil {
|
||||
return nil
|
||||
}
|
||||
var cpes []Cpe
|
||||
for _, c := range jvn.Cpes {
|
||||
cpes = append(cpes, Cpe{
|
||||
FormattedString: c.FormattedString,
|
||||
URI: c.URI,
|
||||
})
|
||||
}
|
||||
// var cpes = []Cpe{}
|
||||
// for _, c := range jvn.Cpes {
|
||||
// cpes = append(cpes, Cpe{
|
||||
// FormattedString: c.FormattedString,
|
||||
// URI: c.URI,
|
||||
// })
|
||||
// }
|
||||
|
||||
refs := []Reference{}
|
||||
for _, r := range jvn.References {
|
||||
@@ -93,15 +51,15 @@ func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) *CveContent {
|
||||
if nvd == nil {
|
||||
return nil
|
||||
}
|
||||
var cpes []Cpe
|
||||
for _, c := range nvd.Cpes {
|
||||
cpes = append(cpes, Cpe{
|
||||
FormattedString: c.FormattedString,
|
||||
URI: c.URI,
|
||||
})
|
||||
}
|
||||
// var cpes = []Cpe{}
|
||||
// for _, c := range nvd.Cpes {
|
||||
// cpes = append(cpes, Cpe{
|
||||
// FormattedString: c.FormattedString,
|
||||
// URI: c.URI,
|
||||
// })
|
||||
// }
|
||||
|
||||
var refs []Reference
|
||||
var refs = []Reference{}
|
||||
for _, r := range nvd.References {
|
||||
refs = append(refs, Reference{
|
||||
Link: r.Link,
|
||||
|
||||
@@ -644,15 +644,6 @@ func (c Cvss) Format() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func cvss2ScoreToSeverity(score float64) string {
|
||||
if 7.0 <= score {
|
||||
return "HIGH"
|
||||
} else if 4.0 <= score {
|
||||
return "MEDIUM"
|
||||
}
|
||||
return "LOW"
|
||||
}
|
||||
|
||||
// Amazon Linux Security Advisory
|
||||
// Critical, Important, Medium, Low
|
||||
// https://alas.aws.amazon.com/
|
||||
|
||||
Reference in New Issue
Block a user