update trivy, and unsupport image scanning feature (#971)

* update trivy, fanal. unsupport image scanning * Update models/library.go Co-authored-by: Teppei Fukuda <teppei@elab.ic.i.u-tokyo.ac.jp> * add -no-progress flag to report/tui cmd * Display trivy vuln info to tui/report * add detection method to vulninfo detected by trivy * fix(uuid): change uuid lib to go-uuid #929 (#969) * update trivy, fanal. unsupport image scanning * Update models/library.go Co-authored-by: Teppei Fukuda <teppei@elab.ic.i.u-tokyo.ac.jp> * add -no-progress flag to report/tui cmd * Display trivy vuln info to tui/report * add detection method to vulninfo detected by trivy * unique ref links in TUI * download trivy DB only when lock file is specified in config.toml Co-authored-by: Teppei Fukuda <teppei@elab.ic.i.u-tokyo.ac.jp>
2020-05-08 15:24:39 +09:00
parent 9dd025437b
commit ebe5f858c8
22 changed files with 475 additions and 677 deletions
--- a/report/util.go
+++ b/report/util.go
@@ -291,6 +291,15 @@ No CVE-IDs are found in updatable packages.
 			}
 		}

+		for _, l := range vuln.LibraryFixedIns {
+			libs := r.LibraryScanners.Find(l.Name)
+			for path, lib := range libs {
+				data = append(data, []string{l.Key,
+					fmt.Sprintf("%s-%s, FixedIn: %s (%s)",
+						lib.Name, lib.Version, l.FixedIn, path)})
+			}
+		}
+
 		for _, confidence := range vuln.Confidences {
 			data = append(data, []string{"Confidence", confidence.String()})
 		}