feat(report): Include dependencies into scan result and cyclondex for supply chain security on Integration with GitHub Security Alerts (#1584)

* feat(report): Enhance scan result and cyclondex for supply chain security on Integration with GitHub Security Alerts * derive ecosystem/version from dependency graph * fix vars name && fetch manifest info on GSA && arrange ghpkgToPURL structure * fix miscs * typo in error message * fix ecosystem equally to trivy * miscs * refactoring * recursive dependency graph pagination * change var name && update comments * omit map type of ghpkgToPURL in signatures * fix vars name * goimports * make fmt * fix comment Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
2023-01-14 01:24:58 +09:00
parent 554ecc437e
commit ca64d7fc31
17 changed files with 340 additions and 40 deletions
--- a/scanner/redhatbase_test.go
+++ b/scanner/redhatbase_test.go
@@ -603,7 +603,7 @@ func Test_redhatBase_parseRpmQfLine(t *testing.T) {
 		{
 			name:   "valid line",
 			fields: fields{base: base{}},
-			args: args{line: "Percona-Server-shared-56	1	5.6.19	rel67.0.el6 x86_64"},
+			args:   args{line: "Percona-Server-shared-56	1	5.6.19	rel67.0.el6 x86_64"},
 			wantPkg: &models.Package{
 				Name:    "Percona-Server-shared-56",
 				Version: "1:5.6.19",