nosudo on CentOS and Fetch Changelogs on Amazon, RHEL (#448)

* Use repoquery for no sudo and avoid unintended line feed of yum or rpm. #444 * Change data type of enablerepo in config.toml. string to array * Fetch yum changelogs at once then grep CVE-IDs * Fix changelog parse logic and Update Gopkg
2017-07-18 15:54:25 +09:00
parent 738e9fb119
commit a9ebac3818
16 changed files with 944 additions and 916 deletions
--- a/config/config.go
+++ b/config/config.go
@@ -418,7 +418,7 @@ type ServerInfo struct {
 	Optional [][]interface{}

 	// For CentOS, RHEL, Amazon
-	Enablerepo string
+	Enablerepo []string

 	// used internal
 	LogMsgAnsiColor string // DebugLog Color
--- a/config/tomlloader.go
+++ b/config/tomlloader.go
@@ -20,7 +20,6 @@ package config
 import (
 	"fmt"
 	"os"
-	"strings"

 	"github.com/BurntSushi/toml"
 	"github.com/future-architect/vuls/contrib/owasp-dependency-check/parser"
@@ -164,7 +163,7 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
 			s.Enablerepo = d.Enablerepo
 		}
 		if len(s.Enablerepo) != 0 {
-			for _, repo := range strings.Split(s.Enablerepo, ",") {
+			for _, repo := range s.Enablerepo {
 				switch repo {
 				case "base", "updates":
 					// nop