breaking-change: Update vuls-dictionaries (#1307)

* chore: udpate dictionaries

* update gost

* chore: update gost

* chore(go-cve-dict): use v0.8.1

* chore: change linter from golint to revive

* chore(linter): set revive config

* chore: fix commands and update golangci-lint version

* fix: lint errs

* chore: update gost

Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,67 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '32 20 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/docker-publish.yml

@@ -0,0 +1,45 @@
+name: Publish Docker image
+
+on:
+  push:
+    branches:
+      - 'master'
+    tags:
+      - '*'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          images: vuls/vuls
+          tags: |
+            type=ref,event=tag
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          tags: |
+            vuls/vuls:latest
+            ${{ steps.meta.outputs.tags }}
+          secrets: |
+            "github_token=${{ secrets.GITHUB_TOKEN }}"

.github/workflows/golangci.yml

@@ -13,10 +13,11 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v1
+        uses: golangci/golangci-lint-action@v2
         with:
           # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
-          version: v1.26
+          version: v1.42
+          args: --timeout=10m
           
           # Optional: working directory, useful for monorepos
           # working-directory: somedir

.github/workflows/goreleaser.yml

@@ -19,7 +19,7 @@ jobs:
         name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.14
+          go-version: 1.16
       -
         name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v2

.github/workflows/test.yml

@@ -11,7 +11,7 @@ jobs:
     - name: Set up Go 1.x
       uses: actions/setup-go@v2
       with:
-        go-version: 1.14.x
+        go-version: 1.16.x
       id: go
 
     - name: Check out code into the Go module directory

.github/workflows/tidy.yml

@@ -19,4 +19,4 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           git_user_name: kotakanbe
           git_user_email: kotakanbe@gmail.com
-          go_version: 1.14.x
+          go_version: 1.16.x

.gitignore

@@ -1,7 +1,6 @@
-vuls
 .vscode
 *.txt
-*.json
+*.swp
 *.sqlite3*
 *.db
 tags
@@ -10,9 +9,13 @@ coverage.out
 issues/
 vendor/
 log/
-results/
-*config.toml
+results
+!integration/data/results
+config.toml
 !setup/docker/*
 .DS_Store
 dist/
 .idea
+vuls.*
+vuls
+!cmd/vuls

.golangci.yml

@@ -1,14 +1,44 @@
 name: golang-ci
 
 linters-settings:
-  errcheck:
+  revive:
+    # see https://github.com/mgechev/revive#available-rules for details.
+    ignore-generated-header: true
+    severity: warning
+    confidence: 0.8
+    rules:
+      - name: blank-imports
+      - name: context-as-argument
+      - name: context-keys-type
+      - name: dot-imports
+      - name: error-return
+      - name: error-strings
+      - name: error-naming
+      - name: exported
+      - name: if-return
+      - name: increment-decrement
+      - name: var-naming
+      - name: var-declaration
+      - name: package-comments
+      - name: range
+      - name: receiver-naming
+      - name: time-naming
+      - name: unexported-return
+      - name: indent-error-flow
+      - name: errorf
+      - name: empty-block
+      - name: superfluous-else
+      - name: unused-parameter
+      - name: unreachable-code
+      - name: redefines-builtin-id
+  # errcheck:
     #exclude: /path/to/file.txt
 
 linters:
   disable-all: true
   enable:
     - goimports
-    - golint
+    - revive
     - govet
     - misspell
     - errcheck

.goreleaser.yml

@@ -11,27 +11,64 @@ builds:
   - linux
   goarch:
   - amd64
-  main: .
+  main: ./cmd/vuls/main.go
   flags:
-      - -a
-  ldflags: -s -w -X main.version={{.Version}} -X main.revision={{.Commit}} 
+  - -a
+  ldflags: 
+  - -s -w -X github.com/future-architect/vuls/config.Version={{.Version}} -X github.com/future-architect/vuls/config.Revision={{.Commit}}-{{ .CommitDate }}
   binary: vuls
 
-- id: trivy-to-vuls
+- id: vuls-scanner
+  env:
+  - CGO_ENABLED=0
   goos:
   - linux
   goarch:
+  - 386
   - amd64
+  - arm
+  - arm64
+  main: ./cmd/scanner/main.go
+  flags:
+  - -a
+  tags:
+  - scanner
+  ldflags: 
+  - -s -w -X github.com/future-architect/vuls/config.Version={{.Version}} -X github.com/future-architect/vuls/config.Revision={{.Commit}}-{{ .CommitDate }}
+  binary: vuls-scanner
+
+- id: trivy-to-vuls
+  env:
+  - CGO_ENABLED=0
+  goos:
+  - linux
+  goarch:
+  - 386
+  - amd64
+  - arm
+  - arm64
+  tags:
+  - scanner
   main: ./contrib/trivy/cmd/main.go
   binary: trivy-to-vuls
 
 - id: future-vuls
+  env:
+  - CGO_ENABLED=0
   goos:
   - linux
   goarch:
+  - 386
   - amd64
+  - arm
+  - arm64
+  flags:
+  - -a
+  tags:
+  - scanner
   main: ./contrib/future-vuls/cmd/main.go
   binary: future-vuls
+
 archives:
 
 - id: vuls
@@ -41,7 +78,16 @@ archives:
   format: tar.gz
   files:
   - LICENSE
-  - NOTICE
+  - README*
+  - CHANGELOG.md
+
+- id: vuls-scanner
+  name_template: '{{ .Binary }}_{{.Version}}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
+  builds:
+  - vuls-scanner
+  format: tar.gz
+  files:
+  - LICENSE
   - README*
   - CHANGELOG.md
 
@@ -52,18 +98,16 @@ archives:
   format: tar.gz
   files:
   - LICENSE
-  - NOTICE
   - README*
   - CHANGELOG.md
+
 - id: future-vuls
   name_template: '{{ .Binary }}_{{.Version}}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
   builds:
-
   - future-vuls
   format: tar.gz
   files:
   - LICENSE
-  - NOTICE
   - README*
   - CHANGELOG.md
 snapshot:

.revive.toml

@@ -0,0 +1,30 @@
+ignoreGeneratedHeader = false
+severity = "warning"
+confidence = 0.8
+errorCode = 0
+warningCode = 0
+
+[rule.blank-imports]
+[rule.context-as-argument]
+[rule.context-keys-type]
+[rule.dot-imports]
+[rule.error-return]
+[rule.error-strings]
+[rule.error-naming]
+[rule.exported]
+[rule.if-return]
+[rule.increment-decrement]
+[rule.var-naming]
+[rule.var-declaration]
+[rule.package-comments]
+[rule.range]
+[rule.receiver-naming]
+[rule.time-naming]
+[rule.unexported-return]
+[rule.indent-error-flow]
+[rule.errorf]
+[rule.empty-block]
+[rule.superfluous-else]
+[rule.unused-parameter]
+[rule.unreachable-code]
+[rule.redefines-builtin-id]

Dockerfile

@@ -10,10 +10,7 @@ ENV REPOSITORY github.com/future-architect/vuls
 COPY . $GOPATH/src/$REPOSITORY
 RUN cd $GOPATH/src/$REPOSITORY && make install
 
-
-FROM alpine:3.11
-
-MAINTAINER hikachan sadayuki-matsuno
+FROM alpine:3.14
 
 ENV LOGDIR /var/log/vuls
 ENV WORKDIR /vuls
@@ -22,6 +19,7 @@ RUN apk add --no-cache \
         openssh-client \
         ca-certificates \
         git \
+        nmap \
     && mkdir -p $WORKDIR $LOGDIR
 
 COPY --from=builder /go/bin/vuls /usr/local/bin/

GNUmakefile

@@ -20,27 +20,37 @@ BUILDTIME := $(shell date "+%Y%m%d_%H%M%S")
 LDFLAGS := -X 'github.com/future-architect/vuls/config.Version=$(VERSION)' \
     -X 'github.com/future-architect/vuls/config.Revision=build-$(BUILDTIME)_$(REVISION)'
 GO := GO111MODULE=on go
+CGO_UNABLED := CGO_ENABLED=0 go
 GO_OFF := GO111MODULE=off go
 
 
-all: build
+all: b
 
-build: main.go pretest fmt
-	$(GO) build -a -ldflags "$(LDFLAGS)" -o vuls $<
+build: ./cmd/vuls/main.go pretest fmt
+	$(GO) build -a -ldflags "$(LDFLAGS)" -o vuls ./cmd/vuls
 
-b: 	main.go pretest fmt
-	$(GO) build -ldflags "$(LDFLAGS)" -o vuls $<
+b: ./cmd/vuls/main.go 
+	$(GO) build -a -ldflags "$(LDFLAGS)" -o vuls ./cmd/vuls
 
-install: main.go pretest
-	$(GO) install -ldflags "$(LDFLAGS)"
+install: ./cmd/vuls/main.go
+	$(GO) install -ldflags "$(LDFLAGS)" ./cmd/vuls
+
+build-scanner: ./cmd/scanner/main.go 
+	$(CGO_UNABLED) build -tags=scanner -a -ldflags "$(LDFLAGS)" -o vuls ./cmd/scanner
+
+install-scanner: ./cmd/scanner/main.go 
+	$(CGO_UNABLED) install -tags=scanner -ldflags "$(LDFLAGS)" ./cmd/scanner
 
 lint:
-	$(GO_OFF) get -u golang.org/x/lint/golint
-	golint $(PKGS)
+	$(GO_OFF) get -u github.com/mgechev/revive
+	revive -config ./.revive.toml -formatter plain $(PKGS)
 
 vet:
 	echo $(PKGS) | xargs env $(GO) vet || exit;
 
+golangci:
+	golangci-lint run
+
 fmt:
 	gofmt -s -w $(SRCS)
 
@@ -50,7 +60,7 @@ mlint:
 fmtcheck:
 	$(foreach file,$(SRCS),gofmt -s -d $(file);)
 
-pretest: lint vet fmtcheck
+pretest: lint vet fmtcheck golangci
 
 test: 
 	$(GO) test -cover -v ./... || exit;
@@ -61,7 +71,7 @@ unused:
 cov:
 	@ go get -v github.com/axw/gocov/gocov
 	@ go get golang.org/x/tools/cmd/cover
-	gocov test | gocov report
+	gocov test -v ./... | gocov report
 
 clean:
 	echo $(PKGS) | xargs go clean || exit;
@@ -73,3 +83,164 @@ build-trivy-to-vuls: pretest fmt
 # future-vuls
 build-future-vuls: pretest fmt
 	$(GO) build -o future-vuls contrib/future-vuls/cmd/*.go
+
+
+# integration-test
+BASE_DIR := '${PWD}/integration/results'
+# $(shell mkdir -p ${BASE_DIR})
+NOW=$(shell date --iso-8601=seconds)
+NOW_JSON_DIR := '${BASE_DIR}/$(NOW)'
+ONE_SEC_AFTER=$(shell date -d '+1 second' --iso-8601=seconds)
+ONE_SEC_AFTER_JSON_DIR := '${BASE_DIR}/$(ONE_SEC_AFTER)'
+LIBS := 'gemfile' 'pipfile' 'poetry' 'composer' 'packagelock' 'yarn' 'cargo' 'gomod' 'nvd_exact' 'nvd_rough' 'nvd_vendor_product' 'nvd_match_no_jvn' 'jvn_vendor_product' 'jvn_vendor_product_nover'
+
+diff:
+	# git clone git@github.com:vulsio/vulsctl.git
+	# cd vulsctl/docker
+	# ./update-all.sh
+	# cd /path/to/vuls
+	# vim integration/int-config.toml
+	# ln -s vuls vuls.new
+	# ln -s oldvuls vuls.old
+	# make int
+    # (ex. test 10 times: for i in `seq 10`; do make int ARGS=-quiet ; done)
+ifneq ($(shell ls -U1 ${BASE_DIR} | wc -l), 0)
+	mv ${BASE_DIR} /tmp/${NOW}
+endif
+	mkdir -p ${NOW_JSON_DIR}
+	sleep 1
+	./vuls.old scan -config=./integration/int-config.toml --results-dir=${BASE_DIR} ${LIBS}
+	cp ${BASE_DIR}/current/*.json ${NOW_JSON_DIR}
+	- cp integration/data/results/*.json ${NOW_JSON_DIR}
+	./vuls.old report --format-json --refresh-cve --results-dir=${BASE_DIR} -config=./integration/int-config.toml ${NOW}
+
+	mkdir -p ${ONE_SEC_AFTER_JSON_DIR}
+	sleep 1
+	./vuls.new scan -config=./integration/int-config.toml --results-dir=${BASE_DIR} ${LIBS}
+	cp ${BASE_DIR}/current/*.json ${ONE_SEC_AFTER_JSON_DIR}
+	- cp integration/data/results/*.json ${ONE_SEC_AFTER_JSON_DIR}
+	./vuls.new report --format-json --refresh-cve --results-dir=${BASE_DIR} -config=./integration/int-config.toml ${ONE_SEC_AFTER}
+
+	$(call sed-d)
+	- diff -c ${NOW_JSON_DIR} ${ONE_SEC_AFTER_JSON_DIR}
+	echo "old: ${NOW_JSON_DIR} , new: ${ONE_SEC_AFTER_JSON_DIR}"
+	$(call count-cve)
+
+diff-redis:
+	# docker network create redis-nw
+    # docker run --name redis -d --network redis-nw -p 127.0.0.1:6379:6379 redis
+	# git clone git@github.com:vulsio/vulsctl.git
+	# cd vulsctl/docker
+	# ./update-all-redis.sh
+	# (or export DOCKER_NETWORK=redis-nw; cd /home/ubuntu/vulsctl/docker; ./update-all.sh --dbtype redis --dbpath "redis://redis/0")
+	# vim integration/int-redis-config.toml
+	# ln -s vuls vuls.new
+	# ln -s oldvuls vuls.old
+	# make int-redis
+ifneq ($(shell ls -U1 ${BASE_DIR} | wc -l), 0)
+	mv ${BASE_DIR} /tmp/${NOW}
+endif
+	mkdir -p ${NOW_JSON_DIR}
+	sleep 1
+	./vuls.old scan -config=./integration/int-config.toml --results-dir=${BASE_DIR} ${LIBS}
+	cp -f ${BASE_DIR}/current/*.json ${NOW_JSON_DIR}
+	- cp integration/data/results/*.json ${NOW_JSON_DIR}
+	./vuls.old report --format-json --refresh-cve --results-dir=${BASE_DIR} -config=./integration/int-redis-config.toml ${NOW}
+
+	mkdir -p ${ONE_SEC_AFTER_JSON_DIR}
+	sleep 1
+	./vuls.new scan -config=./integration/int-config.toml --results-dir=${BASE_DIR} ${LIBS}
+	cp -f ${BASE_DIR}/current/*.json ${ONE_SEC_AFTER_JSON_DIR}
+	- cp integration/data/results/*.json ${ONE_SEC_AFTER_JSON_DIR}
+	./vuls.new report --format-json --refresh-cve --results-dir=${BASE_DIR} -config=./integration/int-redis-config.toml ${ONE_SEC_AFTER}
+
+	$(call sed-d)
+	- diff -c ${NOW_JSON_DIR} ${ONE_SEC_AFTER_JSON_DIR}
+	echo "old: ${NOW_JSON_DIR} , new: ${ONE_SEC_AFTER_JSON_DIR}"
+	$(call count-cve)
+
+diff-rdb-redis:
+ifneq ($(shell ls -U1 ${BASE_DIR} | wc -l), 0)
+	mv ${BASE_DIR} /tmp/${NOW}
+endif
+	mkdir -p ${NOW_JSON_DIR}
+	sleep 1
+	# new vs new
+	./vuls.new scan -config=./integration/int-config.toml --results-dir=${BASE_DIR} ${LIBS}
+	cp -f ${BASE_DIR}/current/*.json ${NOW_JSON_DIR}
+	cp integration/data/results/*.json ${NOW_JSON_DIR}
+	./vuls.new report --format-json --refresh-cve --results-dir=${BASE_DIR} -config=./integration/int-config.toml ${NOW}
+
+	mkdir -p ${ONE_SEC_AFTER_JSON_DIR}
+	sleep 1
+	./vuls.new scan -config=./integration/int-config.toml --results-dir=${BASE_DIR} ${LIBS}
+	cp -f ${BASE_DIR}/current/*.json ${ONE_SEC_AFTER_JSON_DIR}
+	cp integration/data/results/*.json ${ONE_SEC_AFTER_JSON_DIR}
+	./vuls.new report --format-json --refresh-cve --results-dir=${BASE_DIR} -config=./integration/int-redis-config.toml ${ONE_SEC_AFTER}
+
+	$(call sed-d)
+	- diff -c ${NOW_JSON_DIR} ${ONE_SEC_AFTER_JSON_DIR}
+	echo "old: ${NOW_JSON_DIR} , new: ${ONE_SEC_AFTER_JSON_DIR}"
+	$(call count-cve)
+
+head= $(shell git rev-parse HEAD)
+prev= $(shell git rev-parse HEAD^)
+branch=$(shell git rev-parse --abbrev-ref HEAD)
+build-integration:
+	git stash
+
+	# buld HEAD
+	git checkout ${head}
+	make build
+	mv -f ./vuls ./vuls.${head}
+
+	# HEAD^
+	git checkout ${prev}
+	make build
+	mv -f ./vuls ./vuls.${prev}
+
+	# master
+	git checkout master
+	make build
+	mv -f ./vuls ./vuls.master
+
+	# working tree
+	git checkout ${branch}
+	git stash apply stash@\{0\}
+	make build
+
+	# for integration testing, vuls.new and vuls.old needed.
+	# ex)
+	# $ ln -s ./vuls ./vuls.new
+	# $ ln -s ./vuls.${head} ./vuls.old
+	# or 
+	# $ ln -s ./vuls.${prev} ./vuls.old
+	# then
+	# $ make diff
+	# $ make diff-redis
+	# $ make diff-rdb-redis
+
+
+define sed-d
+	find ${NOW_JSON_DIR} -type f -exec sed -i -e '/scannedAt/d' {} \;
+	find ${ONE_SEC_AFTER_JSON_DIR} -type f -exec sed -i -e '/scannedAt/d' {} \;
+	find ${NOW_JSON_DIR} -type f -exec sed -i -e '/reportedAt/d' {} \;
+	find ${ONE_SEC_AFTER_JSON_DIR} -type f -exec sed -i -e '/reportedAt/d' {} \;
+	find ${NOW_JSON_DIR} -type f -exec sed -i -e '/"Type":/d' {} \;
+	find ${ONE_SEC_AFTER_JSON_DIR} -type f -exec sed -i -e '/"Type":/d' {} \;
+	find ${NOW_JSON_DIR} -type f -exec sed -i -e '/"SQLite3Path":/d' {} \;
+	find ${ONE_SEC_AFTER_JSON_DIR} -type f -exec sed -i -e '/"SQLite3Path":/d' {} \;
+	find ${NOW_JSON_DIR} -type f -exec sed -i -e '/reportedRevision/d' {} \;
+	find ${ONE_SEC_AFTER_JSON_DIR} -type f -exec sed -i -e '/reportedRevision/d' {} \;
+	find ${NOW_JSON_DIR} -type f -exec sed -i -e '/scannedRevision/d' {} \;
+	find ${ONE_SEC_AFTER_JSON_DIR} -type f -exec sed -i -e '/scannedRevision/d' {} \;
+endef
+
+define count-cve
+	for jsonfile in ${NOW_JSON_DIR}/*.json ;  do \
+		echo $$jsonfile; cat $$jsonfile | jq ".scannedCves | length" ; \
+	done
+	for jsonfile in ${ONE_SEC_AFTER_JSON_DIR}/*.json ;  do \
+		echo $$jsonfile; cat $$jsonfile | jq ".scannedCves | length" ; \
+	done
+endef

NOTICE

@@ -1,2 +0,0 @@
-Vuls Copyright (C) 2016  Future Corporation , Japan.
-

README.md

@@ -9,7 +9,7 @@
 
 ![Vuls-logo](img/vuls_logo.png)
 
-Vulnerability scanner for Linux/FreeBSD, agentless, written in golang.
+Vulnerability scanner for Linux/FreeBSD, agent-less, written in Go.
 We have a slack team. [Join slack team](http://goo.gl/forms/xm5KFo35tu)
 Twitter: [@vuls_en](https://twitter.com/vuls_en)
 
@@ -23,20 +23,6 @@ Twitter: [@vuls_en](https://twitter.com/vuls_en)
 
 ----
 
-## NEWS
-
-| Version     | Main Feature |  Date |
-|:------------|:---------------------------------|:--------------------|
-| [v0.8.0](https://github.com/future-architect/vuls/releases/tag/v0.8.0) | secret | Coming soon |
-| [v0.7.0](https://github.com/future-architect/vuls/releases/tag/v0.7.0) | WordPress Vulnerability Scan | 2019/Apr/8 |
-| [v0.6.3](https://github.com/future-architect/vuls/releases/tag/v0.6.3) | GitHub Integration | 2019/Feb/20 |
-| [v0.6.2](https://github.com/future-architect/vuls/releases/tag/v0.6.2) | Add US-CERT/JPCERT Alerts as VulnSrc | 2019/Jan/23 |
-| [v0.6.1](https://github.com/future-architect/vuls/releases/tag/v0.6.1) | BugFix | 2018/Nov/16 |
-| [v0.6.0](https://github.com/future-architect/vuls/releases/tag/v0.6.0) | Add ExploitDB as VulnSrc | 2018/Nov/3 |
-| [v0.5.0](https://github.com/future-architect/vuls/releases/tag/v0.5.0) | Scan accuracy improvement | 2018/Aug/27 |
-
-----
-
 ## Abstract
 
 For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden.
@@ -64,38 +50,52 @@ Vuls is a tool created to solve the problems listed above. It has the following
 
 [Supports major Linux/FreeBSD](https://vuls.io/docs/en/supported-os.html)
 
-- Alpine, Amazon Linux, CentOS, Debian, Oracle Linux, Raspbian, RHEL, SUSE Enterprise Linux, and Ubuntu
+- Alpine, Amazon Linux, CentOS, Alma Linux, Rocky Linux, Debian, Oracle Linux, Raspbian, RHEL, SUSE Enterprise Linux, and Ubuntu
 - FreeBSD
-- Cloud, on-premise, Docker Container and Docker Image
+- Cloud, on-premise, Running Docker Container
 
 ### High-quality scan
 
-Vuls uses multiple vulnerability databases
+- Vulnerability Database
+  - [NVD](https://nvd.nist.gov/)
+  - [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
 
-- [NVD](https://nvd.nist.gov/)
-- [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
 - OVAL
+  - [Red Hat](https://www.redhat.com/security/data/oval/)
   - [Debian](https://www.debian.org/security/oval/)
-  - [Oracle Linux](https://linux.oracle.com/security/oval/)
-  - [RedHat](https://www.redhat.com/security/data/oval/)
-  - [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
   - [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
+  - [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
+  - [Oracle Linux](https://linux.oracle.com/security/oval/)
 
-- [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
-- [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/)
-- [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
-- Commands (yum, zypper, and pkg-audit)
-  - RHSA/ALAS/ELSA/FreeBSD-SA
-- [Exploit Database](https://www.exploit-db.com/)
-- [US-CERT](https://www.us-cert.gov/ncas/alerts)
-- [JPCERT](http://www.jpcert.or.jp/at/2019.html)
-- [WPVulnDB](https://wpvulndb.com/api)
-- [Node.js Security Working Group](https://github.com/nodejs/security-wg)
-- [Ruby Advisory Database](https://github.com/rubysec/ruby-advisory-db)
-- [Safety DB(Python)](https://github.com/pyupio/safety-db)
-- [PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories)
-- [RustSec Advisory Database](https://github.com/RustSec/advisory-db)
-- Changelog
+- Security Advisory
+  - [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
+  - [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
+  - [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/)
+  - [Ubuntu CVE Tracker](https://people.canonical.com/~ubuntu-security/cve/)
+
+- Commands(yum, zypper, pkg-audit)
+  - RHSA / ALAS / ELSA / FreeBSD-SA
+  - Changelog
+
+- PoC, Exploit
+  - [Exploit Database](https://www.exploit-db.com/)
+  - [Metasploit-Framework modules](https://www.rapid7.com/db/?q=&type=metasploit)
+  - [qazbnm456/awesome-cve-poc](https://github.com/qazbnm456/awesome-cve-poc)
+  - [nomi-sec/PoC-in-GitHub](https://github.com/nomi-sec/PoC-in-GitHub)
+
+- CERT
+  - [US-CERT](https://www.us-cert.gov/ncas/alerts)
+  - [JPCERT](http://www.jpcert.or.jp/at/2019.html)
+
+- Libraries
+  - [Node.js Security Working Group](https://github.com/nodejs/security-wg)
+  - [Ruby Advisory Database](https://github.com/rubysec/ruby-advisory-db)
+  - [Safety DB(Python)](https://github.com/pyupio/safety-db)
+  - [PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories)
+  - [RustSec Advisory Database](https://github.com/RustSec/advisory-db)
+
+- WordPress
+  - [wpscan](https://wpscan.com/api)
 
 ### Scan mode
 
@@ -103,15 +103,15 @@ Vuls uses multiple vulnerability databases
 
 - Scan without root privilege, no dependencies
 - Almost no load on the scan target server
-- Offline mode scan with no internet access. (CentOS, Debian, Oracle Linux, Red Hat, and Ubuntu)
+- Offline mode scan with no internet access. (CentOS, Alma Linux, Rocky Linux, Debian, Oracle Linux, Red Hat, and Ubuntu)
 
 [Fast Root Scan](https://vuls.io/docs/en/architecture-fast-root-scan.html)
 
 - Scan with root privilege
 - Almost no load on the scan target server
-- Detect processes affected by update using yum-ps (Amazon Linux, CentOS, Oracle Linux, and RedHat)
+- Detect processes affected by update using yum-ps (Amazon Linux, CentOS, Alma Linux, Rocky Linux, Oracle Linux, and RedHat)
 - Detect processes which updated before but not restarting yet using checkrestart of debian-goodies (Debian and Ubuntu)
-- Offline mode scan with no internet access. (CentOS, Debian, Oracle Linux, Red Hat, and Ubuntu)
+- Offline mode scan with no internet access. (CentOS, Alma Linux, Rocky Linux, Debian, Oracle Linux, Red Hat, and Ubuntu)
 
 ### [Remote, Local scan mode, Server mode](https://vuls.io/docs/en/architecture-remote-local.html)
 
@@ -134,19 +134,6 @@ Vuls uses multiple vulnerability databases
 - It is possible to acquire the state of the server by connecting via SSH and executing the command.
 - Vuls warns when the scan target server was updated the kernel etc. but not restarting it.
 
-### **Static** Analysis
-
-**Image scan function is no longer supported from Vuls v0.9.5. Use Trivy directry**
-
-~~Vuls v0.8.0 can scan Docker images using [knqyf263/trivy](https://github.com/knqyf263/trivy).
-Following Registry supported.~~
-
-- ~~ECR~~
-- ~~GCR~~
-- ~~Local Image~~
-
-~~For details, see [Scan docker image](https://vuls.io/docs/en/tutorial-scan-docker-image.html)~~  
-
 ### Scan vulnerabilities of non-OS-packages
 
 - Libraries of programming language
@@ -184,7 +171,7 @@ Vuls has some options to detect the vulnerabilities
 
 ## Document
 
-For more information such as Installation, Tutorial, Usage, visit [vuls.io](https://vuls.io/)
+For more information such as Installation, Tutorial, Usage, visit [vuls.io](https://vuls.io/)  
 [日本語翻訳ドキュメント](https://vuls.io/ja/)
 
 ----
@@ -193,11 +180,9 @@ For more information such as Installation, Tutorial, Usage, visit [vuls.io](http
 
 kotakanbe ([@kotakanbe](https://twitter.com/kotakanbe)) created vuls and [these fine people](https://github.com/future-architect/vuls/graphs/contributors) have contributed.
 
-----
+## Contribute
 
-## Change Log
-
-Please see [CHANGELOG](https://github.com/future-architect/vuls/blob/master/CHANGELOG.md).
+see [vulsdoc](https://vuls.io/docs/en/how-to-contribute.html)
 
 ----
 

cache/bolt.go

@@ -5,8 +5,8 @@ import (
 	"time"
 
 	"github.com/boltdb/bolt"
+	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/util"
-	"github.com/sirupsen/logrus"
 	"golang.org/x/xerrors"
 )
 
@@ -14,12 +14,12 @@ import (
 // boltdb is used to store a cache of Changelogs of Ubuntu/Debian
 type Bolt struct {
 	Path string
-	Log  *logrus.Entry
+	Log  logging.Logger
 	db   *bolt.DB
 }
 
 // SetupBolt opens a boltdb and creates a meta bucket if not exists.
-func SetupBolt(path string, l *logrus.Entry) error {
+func SetupBolt(path string, l logging.Logger) error {
 	l.Infof("Open boltDB: %s", path)
 	db, err := bolt.Open(path, 0600, nil)
 	if err != nil {
@@ -47,7 +47,7 @@ func (b Bolt) Close() error {
 	return b.db.Close()
 }
 
-//  CreateBucketIfNotExists creates a buket that is specified by arg.
+//  CreateBucketIfNotExists creates a bucket that is specified by arg.
 func (b *Bolt) createBucketIfNotExists(name string) error {
 	return b.db.Update(func(tx *bolt.Tx) error {
 		_, err := tx.CreateBucketIfNotExists([]byte(name))
@@ -93,7 +93,7 @@ func (b Bolt) RefreshMeta(meta Meta) error {
 	})
 }
 
-// EnsureBuckets puts a Meta information and create a buket that holds changelogs.
+// EnsureBuckets puts a Meta information and create a bucket that holds changelogs.
 func (b Bolt) EnsureBuckets(meta Meta) error {
 	jsonBytes, err := json.Marshal(meta)
 	if err != nil {
@@ -141,7 +141,7 @@ func (b Bolt) PrettyPrint(meta Meta) error {
 	})
 }
 
-// GetChangelog get the changelgo of specified packName from the Bucket
+// GetChangelog get the changelog of specified packName from the Bucket
 func (b Bolt) GetChangelog(servername, packName string) (changelog string, err error) {
 	err = b.db.View(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(servername))
@@ -159,7 +159,7 @@ func (b Bolt) GetChangelog(servername, packName string) (changelog string, err e
 	return
 }
 
-// PutChangelog put the changelgo of specified packName into the Bucket
+// PutChangelog put the changelog of specified packName into the Bucket
 func (b Bolt) PutChangelog(servername, packName, changelog string) error {
 	return b.db.Update(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(servername))

cache/bolt_test.go

@@ -7,8 +7,8 @@ import (
 
 	"github.com/boltdb/bolt"
 	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
-	"github.com/sirupsen/logrus"
 )
 
 const path = "/tmp/vuls-test-cache-11111111.db"
@@ -29,7 +29,7 @@ var meta = Meta{
 }
 
 func TestSetupBolt(t *testing.T) {
-	log := logrus.NewEntry(&logrus.Logger{})
+	log := logging.NewNormalLogger()
 	err := SetupBolt(path, log)
 	if err != nil {
 		t.Errorf("Failed to setup bolt: %s", err)
@@ -57,7 +57,7 @@ func TestSetupBolt(t *testing.T) {
 }
 
 func TestEnsureBuckets(t *testing.T) {
-	log := logrus.NewEntry(&logrus.Logger{})
+	log := logging.NewNormalLogger()
 	if err := SetupBolt(path, log); err != nil {
 		t.Errorf("Failed to setup bolt: %s", err)
 	}
@@ -98,7 +98,7 @@ func TestEnsureBuckets(t *testing.T) {
 
 func TestPutGetChangelog(t *testing.T) {
 	clog := "changelog-text"
-	log := logrus.NewEntry(&logrus.Logger{})
+	log := logging.NewNormalLogger()
 	if err := SetupBolt(path, log); err != nil {
 		t.Errorf("Failed to setup bolt: %s", err)
 	}

cmd/scanner/main.go

@@ -0,0 +1,36 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+	"os"
+
+	"context"
+
+	"github.com/future-architect/vuls/config"
+	commands "github.com/future-architect/vuls/subcmds"
+	"github.com/google/subcommands"
+)
+
+func main() {
+	subcommands.Register(subcommands.HelpCommand(), "")
+	subcommands.Register(subcommands.FlagsCommand(), "")
+	subcommands.Register(subcommands.CommandsCommand(), "")
+	subcommands.Register(&commands.DiscoverCmd{}, "discover")
+	subcommands.Register(&commands.ScanCmd{}, "scan")
+	subcommands.Register(&commands.HistoryCmd{}, "history")
+	subcommands.Register(&commands.ConfigtestCmd{}, "configtest")
+	subcommands.Register(&commands.SaaSCmd{}, "saas")
+
+	var v = flag.Bool("v", false, "Show version")
+
+	flag.Parse()
+
+	if *v {
+		fmt.Printf("vuls %s %s\n", config.Version, config.Revision)
+		os.Exit(int(subcommands.ExitSuccess))
+	}
+
+	ctx := context.Background()
+	os.Exit(int(subcommands.Execute(ctx)))
+}

cmd/vuls/main.go

@@ -7,8 +7,8 @@ import (
 
 	"context"
 
-	"github.com/future-architect/vuls/commands"
 	"github.com/future-architect/vuls/config"
+	commands "github.com/future-architect/vuls/subcmds"
 	"github.com/google/subcommands"
 )
 
@@ -29,7 +29,7 @@ func main() {
 	flag.Parse()
 
 	if *v {
-		fmt.Printf("vuls %s %s\n", config.Version, config.Revision)
+		fmt.Printf("vuls-%s-%s\n", config.Version, config.Revision)
 		os.Exit(int(subcommands.ExitSuccess))
 	}
 

commands/configtest.go

@@ -1,174 +0,0 @@
-package commands
-
-import (
-	"context"
-	"flag"
-	"fmt"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/google/subcommands"
-
-	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/scan"
-	"github.com/future-architect/vuls/util"
-)
-
-// ConfigtestCmd is Subcommand
-type ConfigtestCmd struct {
-	configPath     string
-	askKeyPassword bool
-	timeoutSec     int
-}
-
-// Name return subcommand name
-func (*ConfigtestCmd) Name() string { return "configtest" }
-
-// Synopsis return synopsis
-func (*ConfigtestCmd) Synopsis() string { return "Test configuration" }
-
-// Usage return usage
-func (*ConfigtestCmd) Usage() string {
-	return `configtest:
-	configtest
-			[-config=/path/to/config.toml]
-			[-log-dir=/path/to/log]
-			[-ask-key-password]
-			[-timeout=300]
-			[-ssh-config]
-			[-containers-only]
-			[-http-proxy=http://192.168.0.1:8080]
-			[-debug]
-			[-vvv]
-
-			[SERVER]...
-`
-}
-
-// SetFlags set flag
-func (p *ConfigtestCmd) SetFlags(f *flag.FlagSet) {
-	wd, _ := os.Getwd()
-	defaultConfPath := filepath.Join(wd, "config.toml")
-	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")
-
-	defaultLogDir := util.GetDefaultLogDir()
-	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
-	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
-
-	f.IntVar(&p.timeoutSec, "timeout", 5*60, "Timeout(Sec)")
-
-	f.BoolVar(&p.askKeyPassword, "ask-key-password", false,
-		"Ask ssh privatekey password before scanning",
-	)
-
-	f.StringVar(&c.Conf.HTTPProxy, "http-proxy", "",
-		"http://proxy-url:port (default: empty)")
-
-	f.BoolVar(&c.Conf.SSHNative, "ssh-native-insecure", false,
-		"Use Native Go implementation of SSH. Default: Use the external command")
-
-	f.BoolVar(&c.Conf.SSHConfig, "ssh-config", false,
-		"[Deprecated] Use SSH options specified in ssh_config preferentially")
-
-	f.BoolVar(&c.Conf.ContainersOnly, "containers-only", false,
-		"Test containers only. Default: Test both of hosts and containers")
-
-	f.BoolVar(&c.Conf.Vvv, "vvv", false, "ssh -vvv")
-}
-
-// Execute execute
-func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	// Setup Logger
-	util.Log = util.NewCustomLogger(c.ServerInfo{})
-
-	if err := mkdirDotVuls(); err != nil {
-		util.Log.Errorf("Failed to create .vuls. err: %+v", err)
-		return subcommands.ExitUsageError
-	}
-
-	var keyPass string
-	var err error
-	if p.askKeyPassword {
-		prompt := "SSH key password: "
-		if keyPass, err = getPasswd(prompt); err != nil {
-			util.Log.Error(err)
-			return subcommands.ExitFailure
-		}
-	}
-
-	err = c.Load(p.configPath, keyPass)
-	if err != nil {
-		msg := []string{
-			fmt.Sprintf("Error loading %s", p.configPath),
-			"If you update Vuls and get this error, there may be incompatible changes in config.toml",
-			"Please check config.toml template : https://vuls.io/docs/en/usage-settings.html",
-		}
-		util.Log.Errorf("%s\n%+v", strings.Join(msg, "\n"), err)
-		return subcommands.ExitUsageError
-	}
-
-	if c.Conf.SSHConfig {
-		msg := []string{
-			"-ssh-config is deprecated",
-			"If you update Vuls and get this error, there may be incompatible changes in config.toml",
-			"Please check config.toml template : https://vuls.io/docs/en/usage-settings.html",
-		}
-		util.Log.Errorf("%s", strings.Join(msg, "\n"))
-		return subcommands.ExitUsageError
-	}
-
-	var servernames []string
-	if 0 < len(f.Args()) {
-		servernames = f.Args()
-	}
-
-	target := make(map[string]c.ServerInfo)
-	for _, arg := range servernames {
-		found := false
-		for servername, info := range c.Conf.Servers {
-			if servername == arg {
-				target[servername] = info
-				found = true
-				break
-			}
-		}
-		if !found {
-			util.Log.Errorf("%s is not in config", arg)
-			return subcommands.ExitUsageError
-		}
-	}
-	if 0 < len(servernames) {
-		c.Conf.Servers = target
-	}
-
-	util.Log.Info("Validating config...")
-	if !c.Conf.ValidateOnConfigtest() {
-		return subcommands.ExitUsageError
-	}
-
-	util.Log.Info("Detecting Server/Container OS... ")
-	if err := scan.InitServers(p.timeoutSec); err != nil {
-		util.Log.Errorf("Failed to init servers. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	util.Log.Info("Checking Scan Modes...")
-	if err := scan.CheckScanModes(); err != nil {
-		util.Log.Errorf("Fix config.toml. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	util.Log.Info("Checking dependencies...")
-	scan.CheckDependencies(p.timeoutSec)
-
-	util.Log.Info("Checking sudo settings...")
-	scan.CheckIfSudoNoPasswd(p.timeoutSec)
-
-	util.Log.Info("It can be scanned with fast scan mode even if warn or err messages are displayed due to lack of dependent packages or sudo settings in fast-root or deep scan mode")
-
-	if scan.PrintSSHableServerNames() {
-		return subcommands.ExitSuccess
-	}
-	return subcommands.ExitFailure
-}

commands/report.go

@@ -1,455 +0,0 @@
-package commands
-
-import (
-	"context"
-	"flag"
-	"os"
-	"path/filepath"
-
-	"github.com/aquasecurity/trivy/pkg/utils"
-	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/exploit"
-	"github.com/future-architect/vuls/gost"
-	"github.com/future-architect/vuls/models"
-	"github.com/future-architect/vuls/msf"
-	"github.com/future-architect/vuls/oval"
-	"github.com/future-architect/vuls/report"
-	"github.com/future-architect/vuls/util"
-	"github.com/google/subcommands"
-	"github.com/k0kubun/pp"
-	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
-)
-
-// ReportCmd is subcommand for reporting
-type ReportCmd struct {
-	configPath     string
-	cveDict        c.GoCveDictConf
-	ovalDict       c.GovalDictConf
-	gostConf       c.GostConf
-	exploitConf    c.ExploitConf
-	metasploitConf c.MetasploitConf
-	httpConf       c.HTTPConf
-}
-
-// Name return subcommand name
-func (*ReportCmd) Name() string { return "report" }
-
-// Synopsis return synopsis
-func (*ReportCmd) Synopsis() string { return "Reporting" }
-
-// Usage return usage
-func (*ReportCmd) Usage() string {
-	return `report:
-	report
-		[-lang=en|ja]
-		[-config=/path/to/config.toml]
-		[-results-dir=/path/to/results]
-		[-log-dir=/path/to/log]
-		[-refresh-cve]
-		[-cvss-over=7]
-		[-diff]
-		[-wp-ignore-inactive]
-		[-ignore-unscored-cves]
-		[-ignore-unfixed]
-		[-ignore-github-dismissed]
-		[-to-email]
-		[-to-http]
-		[-to-slack]
-		[-to-stride]
-		[-to-hipchat]
-		[-to-chatwork]
-		[-to-telegram]
-		[-to-localfile]
-		[-to-s3]
-		[-to-azure-blob]
-		[-to-saas]
-		[-format-json]
-		[-format-xml]
-		[-format-one-email]
-		[-format-one-line-text]
-		[-format-list]
-		[-format-full-text]
-		[-gzip]
-		[-uuid]
-		[-http-proxy=http://192.168.0.1:8080]
-		[-debug]
-		[-debug-sql]
-		[-quiet]
-		[-no-progress]
-		[-pipe]
-		[-cvedb-type=sqlite3|mysql|postgres|redis|http]
-		[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
-		[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
-		[-ovaldb-type=sqlite3|mysql|redis|http]
-		[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
-		[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
-		[-gostdb-type=sqlite3|mysql|redis|http]
-		[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
-		[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
-		[-exploitdb-type=sqlite3|mysql|redis|http]
-		[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
-		[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
-		[-msfdb-type=sqlite3|mysql|redis|http]
-		[-msfdb-sqlite3-path=/path/to/msfdb.sqlite3]
-		[-msfdb-url=http://127.0.0.1:1327 or DB connection string]
-		[-http="http://vuls-report-server"]
-		[-trivy-cachedb-dir=/path/to/dir]
-
-		[RFC3339 datetime format under results dir]
-`
-}
-
-// SetFlags set flag
-func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
-	f.StringVar(&c.Conf.Lang, "lang", "en", "[en|ja]")
-	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
-	f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "SQL debug mode")
-	f.BoolVar(&c.Conf.Quiet, "quiet", false, "Quiet mode. No output on stdout")
-	f.BoolVar(&c.Conf.NoProgress, "no-progress", false, "Suppress progress bar")
-
-	wd, _ := os.Getwd()
-	defaultConfPath := filepath.Join(wd, "config.toml")
-	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")
-
-	defaultResultsDir := filepath.Join(wd, "results")
-	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
-
-	defaultLogDir := util.GetDefaultLogDir()
-	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
-
-	f.BoolVar(&c.Conf.RefreshCve, "refresh-cve", false,
-		"Refresh CVE information in JSON file under results dir")
-
-	f.Float64Var(&c.Conf.CvssScoreOver, "cvss-over", 0,
-		"-cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))")
-
-	f.BoolVar(&c.Conf.Diff, "diff", false,
-		"Difference between previous result and current result ")
-
-	f.BoolVar(&c.Conf.WpIgnoreInactive, "wp-ignore-inactive", false,
-		"ignore inactive on wordpress's plugin and theme")
-
-	f.BoolVar(&c.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
-		"Don't report the unscored CVEs")
-
-	f.BoolVar(&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
-		"Don't report the unfixed CVEs")
-
-	f.BoolVar(&c.Conf.IgnoreGitHubDismissed, "ignore-github-dismissed", false,
-		"Don't report the dismissed CVEs on GitHub Security Alerts")
-
-	f.StringVar(
-		&c.Conf.HTTPProxy, "http-proxy", "",
-		"http://proxy-url:port (default: empty)")
-
-	f.BoolVar(&c.Conf.FormatJSON, "format-json", false, "JSON format")
-	f.BoolVar(&c.Conf.FormatXML, "format-xml", false, "XML format")
-	f.BoolVar(&c.Conf.FormatOneEMail, "format-one-email", false,
-		"Send all the host report via only one EMail (Specify with -to-email)")
-	f.BoolVar(&c.Conf.FormatOneLineText, "format-one-line-text", false,
-		"One line summary in plain text")
-	f.BoolVar(&c.Conf.FormatList, "format-list", false, "Display as list format")
-	f.BoolVar(&c.Conf.FormatFullText, "format-full-text", false,
-		"Detail report in plain text")
-
-	f.BoolVar(&c.Conf.ToSlack, "to-slack", false, "Send report via Slack")
-	f.BoolVar(&c.Conf.ToStride, "to-stride", false, "Send report via Stride")
-	f.BoolVar(&c.Conf.ToHipChat, "to-hipchat", false, "Send report via hipchat")
-	f.BoolVar(&c.Conf.ToChatWork, "to-chatwork", false, "Send report via chatwork")
-	f.BoolVar(&c.Conf.ToTelegram, "to-telegram", false, "Send report via Telegram")
-	f.BoolVar(&c.Conf.ToEmail, "to-email", false, "Send report via Email")
-	f.BoolVar(&c.Conf.ToSyslog, "to-syslog", false, "Send report via Syslog")
-	f.BoolVar(&c.Conf.ToLocalFile, "to-localfile", false, "Write report to localfile")
-	f.BoolVar(&c.Conf.ToS3, "to-s3", false,
-		"Write report to S3 (bucket/yyyyMMdd_HHmm/servername.json/xml/txt)")
-	f.BoolVar(&c.Conf.ToHTTP, "to-http", false, "Send report via HTTP POST")
-	f.BoolVar(&c.Conf.ToAzureBlob, "to-azure-blob", false,
-		"Write report to Azure Storage blob (container/yyyyMMdd_HHmm/servername.json/xml/txt)")
-	f.BoolVar(&c.Conf.ToSaas, "to-saas", false,
-		"Upload report to Future Vuls(https://vuls.biz/) before report")
-
-	f.BoolVar(&c.Conf.GZIP, "gzip", false, "gzip compression")
-	f.BoolVar(&c.Conf.UUID, "uuid", false,
-		"Auto generate of scan target servers and then write to config.toml and scan result")
-	f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use args passed via PIPE")
-
-	f.StringVar(&p.cveDict.Type, "cvedb-type", "",
-		"DB type of go-cve-dictionary (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.cveDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.cveDict.URL, "cvedb-url", "",
-		"http://go-cve-dictionary.com:1323 or DB connection string")
-
-	f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
-		"DB type of goval-dictionary (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
-		"http://goval-dictionary.com:1324 or DB connection string")
-
-	f.StringVar(&p.gostConf.Type, "gostdb-type", "",
-		"DB type of gost (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.gostConf.SQLite3Path, "gostdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
-		"http://gost.com:1325 or DB connection string")
-
-	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
-		"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
-		"http://exploit.com:1326 or DB connection string")
-
-	f.StringVar(&p.metasploitConf.Type, "msfdb-type", "",
-		"DB type of msf (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.metasploitConf.SQLite3Path, "msfdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.metasploitConf.URL, "msfdb-url", "",
-		"http://metasploit.com:1327 or DB connection string")
-
-	f.StringVar(&p.httpConf.URL, "http", "", "-to-http http://vuls-report")
-
-	f.StringVar(&c.Conf.TrivyCacheDBDir, "trivy-cachedb-dir",
-		utils.DefaultCacheDir(), "/path/to/dir")
-}
-
-// Execute execute
-func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	util.Log = util.NewCustomLogger(c.ServerInfo{})
-	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
-
-	if err := c.Load(p.configPath, ""); err != nil {
-		util.Log.Errorf("Error loading %s, %+v", p.configPath, err)
-		return subcommands.ExitUsageError
-	}
-
-	c.Conf.CveDict.Overwrite(p.cveDict)
-	c.Conf.OvalDict.Overwrite(p.ovalDict)
-	c.Conf.Gost.Overwrite(p.gostConf)
-	c.Conf.Exploit.Overwrite(p.exploitConf)
-	c.Conf.Metasploit.Overwrite(p.metasploitConf)
-	c.Conf.HTTP.Overwrite(p.httpConf)
-
-	var dir string
-	var err error
-	if c.Conf.Diff {
-		dir, err = report.JSONDir([]string{})
-	} else {
-		dir, err = report.JSONDir(f.Args())
-	}
-	if err != nil {
-		util.Log.Errorf("Failed to read from JSON: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	// report
-	reports := []report.ResultWriter{
-		report.StdoutWriter{},
-	}
-
-	if c.Conf.ToSlack {
-		reports = append(reports, report.SlackWriter{})
-	}
-
-	if c.Conf.ToStride {
-		reports = append(reports, report.StrideWriter{})
-	}
-
-	if c.Conf.ToHipChat {
-		reports = append(reports, report.HipChatWriter{})
-	}
-
-	if c.Conf.ToChatWork {
-		reports = append(reports, report.ChatWorkWriter{})
-	}
-
-	if c.Conf.ToTelegram {
-		reports = append(reports, report.TelegramWriter{})
-	}
-
-	if c.Conf.ToEmail {
-		reports = append(reports, report.EMailWriter{})
-	}
-
-	if c.Conf.ToSyslog {
-		reports = append(reports, report.SyslogWriter{})
-	}
-
-	if c.Conf.ToHTTP {
-		reports = append(reports, report.HTTPRequestWriter{})
-	}
-
-	if c.Conf.ToLocalFile {
-		reports = append(reports, report.LocalFileWriter{
-			CurrentDir: dir,
-		})
-	}
-
-	if c.Conf.ToS3 {
-		if err := report.CheckIfBucketExists(); err != nil {
-			util.Log.Errorf("Check if there is a bucket beforehand: %s, err: %+v",
-				c.Conf.AWS.S3Bucket, err)
-			return subcommands.ExitUsageError
-		}
-		reports = append(reports, report.S3Writer{})
-	}
-
-	if c.Conf.ToAzureBlob {
-		if len(c.Conf.Azure.AccountName) == 0 {
-			c.Conf.Azure.AccountName = os.Getenv("AZURE_STORAGE_ACCOUNT")
-		}
-
-		if len(c.Conf.Azure.AccountKey) == 0 {
-			c.Conf.Azure.AccountKey = os.Getenv("AZURE_STORAGE_ACCESS_KEY")
-		}
-
-		if len(c.Conf.Azure.ContainerName) == 0 {
-			util.Log.Error("Azure storage container name is required with -azure-container option")
-			return subcommands.ExitUsageError
-		}
-		if err := report.CheckIfAzureContainerExists(); err != nil {
-			util.Log.Errorf("Check if there is a container beforehand: %s, err: %+v",
-				c.Conf.Azure.ContainerName, err)
-			return subcommands.ExitUsageError
-		}
-		reports = append(reports, report.AzureBlobWriter{})
-	}
-
-	if c.Conf.ToSaas {
-		if !c.Conf.UUID {
-			util.Log.Errorf("If you use the -to-saas option, you need to enable the uuid option")
-			return subcommands.ExitUsageError
-		}
-		reports = append(reports, report.SaasWriter{})
-	}
-
-	if !(c.Conf.FormatJSON || c.Conf.FormatOneLineText ||
-		c.Conf.FormatList || c.Conf.FormatFullText || c.Conf.FormatXML) {
-		c.Conf.FormatList = true
-	}
-
-	util.Log.Info("Validating config...")
-	if !c.Conf.ValidateOnReport() {
-		return subcommands.ExitUsageError
-	}
-
-	var loaded models.ScanResults
-	if loaded, err = report.LoadScanResults(dir); err != nil {
-		util.Log.Error(err)
-		return subcommands.ExitFailure
-	}
-	util.Log.Infof("Loaded: %s", dir)
-
-	var res models.ScanResults
-	hasError := false
-	for _, r := range loaded {
-		if len(r.Errors) == 0 {
-			res = append(res, r)
-		} else {
-			util.Log.Errorf("Ignored since errors occurred during scanning: %s, err: %v",
-				r.ServerName, r.Errors)
-			hasError = true
-		}
-	}
-
-	if len(res) == 0 {
-		return subcommands.ExitFailure
-	}
-
-	for _, r := range res {
-		util.Log.Debugf("%s: %s",
-			r.ServerInfo(),
-			pp.Sprintf("%s", c.Conf.Servers[r.ServerName]))
-	}
-
-	if c.Conf.UUID {
-		// Ensure UUIDs of scan target servers in config.toml
-		if err := report.EnsureUUIDs(p.configPath, res); err != nil {
-			util.Log.Errorf("Failed to ensure UUIDs. err: %+v", err)
-			return subcommands.ExitFailure
-		}
-	}
-
-	if !c.Conf.ToSaas {
-		util.Log.Info("Validating db config...")
-		if !c.Conf.ValidateOnReportDB() {
-			return subcommands.ExitUsageError
-		}
-
-		if c.Conf.CveDict.URL != "" {
-			if err := report.CveClient.CheckHealth(); err != nil {
-				util.Log.Errorf("CVE HTTP server is not running. err: %+v", err)
-				util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
-				return subcommands.ExitFailure
-			}
-		}
-
-		if c.Conf.OvalDict.URL != "" {
-			err := oval.Base{}.CheckHTTPHealth()
-			if err != nil {
-				util.Log.Errorf("OVAL HTTP server is not running. err: %+v", err)
-				util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
-				return subcommands.ExitFailure
-			}
-		}
-
-		if c.Conf.Gost.URL != "" {
-			util.Log.Infof("gost: %s", c.Conf.Gost.URL)
-			err := gost.Base{}.CheckHTTPHealth()
-			if err != nil {
-				util.Log.Errorf("gost HTTP server is not running. err: %+v", err)
-				util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
-				return subcommands.ExitFailure
-			}
-		}
-
-		if c.Conf.Exploit.URL != "" {
-			err := exploit.CheckHTTPHealth()
-			if err != nil {
-				util.Log.Errorf("exploit HTTP server is not running. err: %+v", err)
-				util.Log.Errorf("Run go-exploitdb as server mode before reporting")
-				return subcommands.ExitFailure
-			}
-		}
-
-		if c.Conf.Metasploit.URL != "" {
-			err := msf.CheckHTTPHealth()
-			if err != nil {
-				util.Log.Errorf("metasploit HTTP server is not running. err: %+v", err)
-				util.Log.Errorf("Run go-msfdb as server mode before reporting")
-				return subcommands.ExitFailure
-			}
-		}
-		dbclient, locked, err := report.NewDBClient(report.DBClientConf{
-			CveDictCnf:    c.Conf.CveDict,
-			OvalDictCnf:   c.Conf.OvalDict,
-			GostCnf:       c.Conf.Gost,
-			ExploitCnf:    c.Conf.Exploit,
-			MetasploitCnf: c.Conf.Metasploit,
-			DebugSQL:      c.Conf.DebugSQL,
-		})
-		if locked {
-			util.Log.Errorf("SQLite3 is locked. Close other DB connections and try again. err: %+v", err)
-			return subcommands.ExitFailure
-		}
-		if err != nil {
-			util.Log.Errorf("Failed to init DB Clients. err: %+v", err)
-			return subcommands.ExitFailure
-		}
-		defer dbclient.CloseDB()
-
-		if res, err = report.FillCveInfos(*dbclient, res, dir); err != nil {
-			util.Log.Errorf("%+v", err)
-			return subcommands.ExitFailure
-		}
-	}
-
-	for _, w := range reports {
-		if err := w.Write(res...); err != nil {
-			util.Log.Errorf("Failed to report. err: %+v", err)
-			return subcommands.ExitFailure
-		}
-	}
-
-	if hasError {
-		return subcommands.ExitFailure
-	}
-
-	return subcommands.ExitSuccess
-}

commands/scan.go

@@ -1,229 +0,0 @@
-package commands
-
-import (
-	"context"
-	"flag"
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"strings"
-
-	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/scan"
-	"github.com/future-architect/vuls/util"
-	"github.com/google/subcommands"
-	"github.com/k0kubun/pp"
-)
-
-// ScanCmd is Subcommand of host discovery mode
-type ScanCmd struct {
-	configPath     string
-	askKeyPassword bool
-	timeoutSec     int
-	scanTimeoutSec int
-}
-
-// Name return subcommand name
-func (*ScanCmd) Name() string { return "scan" }
-
-// Synopsis return synopsis
-func (*ScanCmd) Synopsis() string { return "Scan vulnerabilities" }
-
-// Usage return usage
-func (*ScanCmd) Usage() string {
-	return `scan:
-	scan
-		[-config=/path/to/config.toml]
-		[-results-dir=/path/to/results]
-		[-log-dir=/path/to/log]
-		[-cachedb-path=/path/to/cache.db]
-		[-ssh-native-insecure]
-		[-ssh-config]
-		[-containers-only]
-		[-libs-only]
-		[-wordpress-only]
-		[-skip-broken]
-		[-http-proxy=http://192.168.0.1:8080]
-		[-ask-key-password]
-		[-timeout=300]
-		[-timeout-scan=7200]
-		[-debug]
-		[-pipe]
-		[-vvv]
-		[-ips]
-
-
-		[SERVER]...
-`
-}
-
-// SetFlags set flag
-func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
-	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
-
-	wd, _ := os.Getwd()
-	defaultConfPath := filepath.Join(wd, "config.toml")
-	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")
-
-	defaultResultsDir := filepath.Join(wd, "results")
-	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
-
-	defaultLogDir := util.GetDefaultLogDir()
-	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
-
-	defaultCacheDBPath := filepath.Join(wd, "cache.db")
-	f.StringVar(&c.Conf.CacheDBPath, "cachedb-path", defaultCacheDBPath,
-		"/path/to/cache.db (local cache of changelog for Ubuntu/Debian)")
-
-	f.BoolVar(&c.Conf.SSHNative, "ssh-native-insecure", false,
-		"Use Native Go implementation of SSH. Default: Use the external command")
-
-	f.BoolVar(&c.Conf.SSHConfig, "ssh-config", false,
-		"[Deprecated] Use SSH options specified in ssh_config preferentially")
-
-	f.BoolVar(&c.Conf.ContainersOnly, "containers-only", false,
-		"Scan running containers only. Default: Scan both of hosts and running containers")
-
-	f.BoolVar(&c.Conf.LibsOnly, "libs-only", false,
-		"Scan libraries (lock files) specified in config.toml only.")
-
-	f.BoolVar(&c.Conf.WordPressOnly, "wordpress-only", false,
-		"Scan WordPress only.")
-
-	f.BoolVar(&c.Conf.SkipBroken, "skip-broken", false,
-		"[For CentOS] yum update changelog with --skip-broken option")
-
-	f.StringVar(&c.Conf.HTTPProxy, "http-proxy", "",
-		"http://proxy-url:port (default: empty)")
-
-	f.BoolVar(&p.askKeyPassword, "ask-key-password", false,
-		"Ask ssh privatekey password before scanning",
-	)
-
-	f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use stdin via PIPE")
-
-	f.BoolVar(&c.Conf.DetectIPS, "ips", false, "retrieve IPS information")
-	f.BoolVar(&c.Conf.Vvv, "vvv", false, "ssh -vvv")
-
-	f.IntVar(&p.timeoutSec, "timeout", 5*60,
-		"Number of seconds for processing other than scan",
-	)
-
-	f.IntVar(&p.scanTimeoutSec, "timeout-scan", 120*60,
-		"Number of seconds for scanning vulnerabilities for all servers",
-	)
-}
-
-// Execute execute
-func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	// Setup Logger
-	util.Log = util.NewCustomLogger(c.ServerInfo{})
-
-	if err := mkdirDotVuls(); err != nil {
-		util.Log.Errorf("Failed to create .vuls. err: %+v", err)
-		return subcommands.ExitUsageError
-	}
-
-	var keyPass string
-	var err error
-	if p.askKeyPassword {
-		prompt := "SSH key password: "
-		if keyPass, err = getPasswd(prompt); err != nil {
-			util.Log.Error(err)
-			return subcommands.ExitFailure
-		}
-	}
-
-	err = c.Load(p.configPath, keyPass)
-	if err != nil {
-		msg := []string{
-			fmt.Sprintf("Error loading %s", p.configPath),
-			"If you update Vuls and get this error, there may be incompatible changes in config.toml",
-			"Please check config.toml template : https://vuls.io/docs/en/usage-settings.html",
-		}
-		util.Log.Errorf("%s\n%+v", strings.Join(msg, "\n"), err)
-		return subcommands.ExitUsageError
-	}
-
-	if c.Conf.SSHConfig {
-		msg := []string{
-			"-ssh-config is deprecated",
-			"If you update Vuls and get this error, there may be incompatible changes in config.toml",
-			"Please check config.toml template : https://vuls.io/docs/en/usage-settings.html",
-		}
-		util.Log.Errorf("%s", strings.Join(msg, "\n"))
-		return subcommands.ExitUsageError
-	}
-
-	util.Log.Info("Start scanning")
-	util.Log.Infof("config: %s", p.configPath)
-
-	var servernames []string
-	if 0 < len(f.Args()) {
-		servernames = f.Args()
-	} else if c.Conf.Pipe {
-		bytes, err := ioutil.ReadAll(os.Stdin)
-		if err != nil {
-			util.Log.Errorf("Failed to read stdin. err: %+v", err)
-			return subcommands.ExitFailure
-		}
-		fields := strings.Fields(string(bytes))
-		if 0 < len(fields) {
-			servernames = fields
-		}
-	}
-
-	target := make(map[string]c.ServerInfo)
-	for _, arg := range servernames {
-		found := false
-		for servername, info := range c.Conf.Servers {
-			if servername == arg {
-				target[servername] = info
-				found = true
-				break
-			}
-		}
-		if !found {
-			util.Log.Errorf("%s is not in config", arg)
-			return subcommands.ExitUsageError
-		}
-	}
-	if 0 < len(servernames) {
-		c.Conf.Servers = target
-	}
-	util.Log.Debugf("%s", pp.Sprintf("%v", target))
-
-	util.Log.Info("Validating config...")
-	if !c.Conf.ValidateOnScan() {
-		return subcommands.ExitUsageError
-	}
-
-	util.Log.Info("Detecting Server/Container OS... ")
-	if err := scan.InitServers(p.timeoutSec); err != nil {
-		util.Log.Errorf("Failed to init servers: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	util.Log.Info("Checking Scan Modes... ")
-	if err := scan.CheckScanModes(); err != nil {
-		util.Log.Errorf("Fix config.toml. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	util.Log.Info("Detecting Platforms... ")
-	scan.DetectPlatforms(p.timeoutSec)
-	util.Log.Info("Detecting IPS identifiers... ")
-	scan.DetectIPSs(p.timeoutSec)
-
-	util.Log.Info("Scanning vulnerabilities... ")
-	if err := scan.Scan(p.scanTimeoutSec); err != nil {
-		util.Log.Errorf("Failed to scan. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-	fmt.Printf("\n\n\n")
-	fmt.Println("To view the detail, vuls tui is useful.")
-	fmt.Println("To send a report, run vuls report -h.")
-
-	return subcommands.ExitSuccess
-}

commands/server.go

@@ -1,244 +0,0 @@
-package commands
-
-import (
-	"context"
-	"flag"
-	"fmt"
-	"net/http"
-	"os"
-	"path/filepath"
-
-	// "github.com/future-architect/vuls/Server"
-
-	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/exploit"
-	"github.com/future-architect/vuls/gost"
-	"github.com/future-architect/vuls/msf"
-	"github.com/future-architect/vuls/oval"
-	"github.com/future-architect/vuls/report"
-	"github.com/future-architect/vuls/server"
-	"github.com/future-architect/vuls/util"
-	"github.com/google/subcommands"
-	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
-)
-
-// ServerCmd is subcommand for server
-type ServerCmd struct {
-	configPath     string
-	listen         string
-	cveDict        c.GoCveDictConf
-	ovalDict       c.GovalDictConf
-	gostConf       c.GostConf
-	exploitConf    c.ExploitConf
-	metasploitConf c.MetasploitConf
-}
-
-// Name return subcommand name
-func (*ServerCmd) Name() string { return "server" }
-
-// Synopsis return synopsis
-func (*ServerCmd) Synopsis() string { return "Server" }
-
-// Usage return usage
-func (*ServerCmd) Usage() string {
-	return `Server:
-	Server
-		[-lang=en|ja]
-		[-config=/path/to/config.toml]
-		[-log-dir=/path/to/log]
-		[-cvss-over=7]
-		[-ignore-unscored-cves]
-		[-ignore-unfixed]
-		[-to-localfile]
-		[-format-json]
-		[-http-proxy=http://192.168.0.1:8080]
-		[-debug]
-		[-debug-sql]
-		[-listen=localhost:5515]
-		[-cvedb-type=sqlite3|mysql|postgres|redis|http]
-		[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
-		[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
-		[-ovaldb-type=sqlite3|mysql|redis|http]
-		[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
-		[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
-		[-gostdb-type=sqlite3|mysql|redis|http]
-		[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
-		[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
-		[-exploitdb-type=sqlite3|mysql|redis|http]
-		[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
-		[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
-		[-msfdb-type=sqlite3|mysql|redis|http]
-		[-msfdb-sqlite3-path=/path/to/msfdb.sqlite3]
-		[-msfdb-url=http://127.0.0.1:1327 or DB connection string]
-
-		[RFC3339 datetime format under results dir]
-`
-}
-
-// SetFlags set flag
-func (p *ServerCmd) SetFlags(f *flag.FlagSet) {
-	f.StringVar(&c.Conf.Lang, "lang", "en", "[en|ja]")
-	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
-	f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "SQL debug mode")
-
-	wd, _ := os.Getwd()
-	f.StringVar(&p.configPath, "config", "", "/path/to/toml")
-
-	defaultResultsDir := filepath.Join(wd, "results")
-	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
-
-	defaultLogDir := util.GetDefaultLogDir()
-	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
-
-	f.Float64Var(&c.Conf.CvssScoreOver, "cvss-over", 0,
-		"-cvss-over=6.5 means Servering CVSS Score 6.5 and over (default: 0 (means Server all))")
-
-	f.BoolVar(&c.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
-		"Don't Server the unscored CVEs")
-
-	f.BoolVar(&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
-		"Don't Server the unfixed CVEs")
-
-	f.StringVar(&c.Conf.HTTPProxy, "http-proxy", "",
-		"http://proxy-url:port (default: empty)")
-
-	f.BoolVar(&c.Conf.FormatJSON, "format-json", false, "JSON format")
-
-	f.BoolVar(&c.Conf.ToLocalFile, "to-localfile", false, "Write report to localfile")
-	f.StringVar(&p.listen, "listen", "localhost:5515",
-		"host:port (default: localhost:5515)")
-
-	f.StringVar(&p.cveDict.Type, "cvedb-type", "",
-		"DB type of go-cve-dictionary (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.cveDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.cveDict.URL, "cvedb-url", "",
-		"http://go-cve-dictionary.com:1323 or DB connection string")
-
-	f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
-		"DB type of goval-dictionary (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
-		"http://goval-dictionary.com:1324 or DB connection string")
-
-	f.StringVar(&p.gostConf.Type, "gostdb-type", "",
-		"DB type of gost (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.gostConf.SQLite3Path, "gostdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
-		"http://gost.com:1325 or DB connection string")
-
-	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
-		"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
-		"http://exploit.com:1326 or DB connection string")
-
-	f.StringVar(&p.metasploitConf.Type, "msfdb-type", "",
-		"DB type of msf (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.metasploitConf.SQLite3Path, "msfdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.metasploitConf.URL, "msfdb-url", "",
-		"http://metasploit.com:1327 or DB connection string")
-}
-
-// Execute execute
-func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	util.Log = util.NewCustomLogger(c.ServerInfo{})
-	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
-
-	if p.configPath != "" {
-		if err := c.Load(p.configPath, ""); err != nil {
-			util.Log.Errorf("Error loading %s. err: %+v", p.configPath, err)
-			return subcommands.ExitUsageError
-		}
-	}
-
-	c.Conf.CveDict.Overwrite(p.cveDict)
-	c.Conf.OvalDict.Overwrite(p.ovalDict)
-	c.Conf.Gost.Overwrite(p.gostConf)
-	c.Conf.Exploit.Overwrite(p.exploitConf)
-	c.Conf.Metasploit.Overwrite(p.metasploitConf)
-
-	util.Log.Info("Validating config...")
-	if !c.Conf.ValidateOnReport() {
-		return subcommands.ExitUsageError
-	}
-
-	util.Log.Info("Validating db config...")
-	if !c.Conf.ValidateOnReportDB() {
-		return subcommands.ExitUsageError
-	}
-
-	if c.Conf.CveDict.URL != "" {
-		if err := report.CveClient.CheckHealth(); err != nil {
-			util.Log.Errorf("CVE HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.OvalDict.URL != "" {
-		err := oval.Base{}.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
-			util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.Gost.URL != "" {
-		util.Log.Infof("gost: %s", c.Conf.Gost.URL)
-		err := gost.Base{}.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("gost HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.Exploit.URL != "" {
-		err := exploit.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("exploit HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run go-exploitdb as server mode before reporting")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.Metasploit.URL != "" {
-		err := msf.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("metasploit HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run go-msfdb as server mode before reporting")
-			return subcommands.ExitFailure
-		}
-	}
-	dbclient, locked, err := report.NewDBClient(report.DBClientConf{
-		CveDictCnf:    c.Conf.CveDict,
-		OvalDictCnf:   c.Conf.OvalDict,
-		GostCnf:       c.Conf.Gost,
-		ExploitCnf:    c.Conf.Exploit,
-		MetasploitCnf: c.Conf.Metasploit,
-		DebugSQL:      c.Conf.DebugSQL,
-	})
-	if locked {
-		util.Log.Errorf("SQLite3 is locked. Close other DB connections and try again: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	if err != nil {
-		util.Log.Errorf("Failed to init DB Clients. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	defer dbclient.CloseDB()
-
-	http.Handle("/vuls", server.VulsHandler{DBclient: *dbclient})
-	http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
-		fmt.Fprintf(w, "ok")
-	})
-	util.Log.Infof("Listening on %s", p.listen)
-	if err := http.ListenAndServe(p.listen, nil); err != nil {
-		util.Log.Errorf("Failed to start server. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-	return subcommands.ExitSuccess
-}

commands/tui.go

@@ -1,270 +0,0 @@
-package commands
-
-import (
-	"context"
-	"flag"
-	"os"
-	"path/filepath"
-
-	"github.com/aquasecurity/trivy/pkg/utils"
-	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/exploit"
-	"github.com/future-architect/vuls/gost"
-	"github.com/future-architect/vuls/models"
-	"github.com/future-architect/vuls/msf"
-	"github.com/future-architect/vuls/oval"
-	"github.com/future-architect/vuls/report"
-	"github.com/future-architect/vuls/util"
-	"github.com/google/subcommands"
-	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
-)
-
-// TuiCmd is Subcommand of host discovery mode
-type TuiCmd struct {
-	configPath     string
-	cveDict        c.GoCveDictConf
-	ovalDict       c.GovalDictConf
-	gostConf       c.GostConf
-	exploitConf    c.ExploitConf
-	metasploitConf c.MetasploitConf
-}
-
-// Name return subcommand name
-func (*TuiCmd) Name() string { return "tui" }
-
-// Synopsis return synopsis
-func (*TuiCmd) Synopsis() string { return "Run Tui view to analyze vulnerabilities" }
-
-// Usage return usage
-func (*TuiCmd) Usage() string {
-	return `tui:
-	tui
-		[-refresh-cve]
-		[-config=/path/to/config.toml]
-		[-cvss-over=7]
-		[-diff]
-		[-ignore-unscored-cves]
-		[-ignore-unfixed]
-		[-results-dir=/path/to/results]
-		[-log-dir=/path/to/log]
-		[-debug]
-		[-debug-sql]
-		[-quiet]
-		[-no-progress]
-		[-pipe]
-		[-cvedb-type=sqlite3|mysql|postgres|redis|http]
-		[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
-		[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
-		[-ovaldb-type=sqlite3|mysql|redis|http]
-		[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
-		[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
-		[-gostdb-type=sqlite3|mysql|redis|http]
-		[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
-		[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
-		[-exploitdb-type=sqlite3|mysql|redis|http]
-		[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
-		[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
-		[-msfdb-type=sqlite3|mysql|redis|http]
-		[-msfdb-sqlite3-path=/path/to/msfdb.sqlite3]
-		[-msfdb-url=http://127.0.0.1:1327 or DB connection string]
-		[-trivy-cachedb-dir=/path/to/dir]
-
-`
-}
-
-// SetFlags set flag
-func (p *TuiCmd) SetFlags(f *flag.FlagSet) {
-	//  f.StringVar(&p.lang, "lang", "en", "[en|ja]")
-	f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "debug SQL")
-	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
-	f.BoolVar(&c.Conf.Quiet, "quiet", false, "Quiet mode. No output on stdout")
-	f.BoolVar(&c.Conf.NoProgress, "no-progress", false, "Suppress progress bar")
-
-	defaultLogDir := util.GetDefaultLogDir()
-	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
-
-	wd, _ := os.Getwd()
-	defaultResultsDir := filepath.Join(wd, "results")
-	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
-
-	defaultConfPath := filepath.Join(wd, "config.toml")
-	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")
-
-	f.BoolVar(&c.Conf.RefreshCve, "refresh-cve", false,
-		"Refresh CVE information in JSON file under results dir")
-
-	f.Float64Var(&c.Conf.CvssScoreOver, "cvss-over", 0,
-		"-cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))")
-
-	f.BoolVar(&c.Conf.Diff, "diff", false,
-		"Difference between previous result and current result ")
-
-	f.BoolVar(
-		&c.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
-		"Don't report the unscored CVEs")
-
-	f.BoolVar(&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
-		"Don't report the unfixed CVEs")
-
-	f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use stdin via PIPE")
-
-	f.StringVar(&p.cveDict.Type, "cvedb-type", "",
-		"DB type of go-cve-dictionary (sqlite3, mysql, postgres or redis)")
-	f.StringVar(&p.cveDict.SQLite3Path, "cvedb-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.cveDict.URL, "cvedb-url", "",
-		"http://go-cve-dictionary.com:1323 or DB connection string")
-
-	f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
-		"DB type of goval-dictionary (sqlite3, mysql, postgres or redis)")
-	f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
-		"http://goval-dictionary.com:1324 or DB connection string")
-
-	f.StringVar(&p.gostConf.Type, "gostdb-type", "",
-		"DB type of gost (sqlite3, mysql, postgres or redis)")
-	f.StringVar(&p.gostConf.SQLite3Path, "gostdb-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
-		"http://gost.com:1325 or DB connection string")
-
-	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
-		"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
-		"http://exploit.com:1326 or DB connection string")
-
-	f.StringVar(&p.metasploitConf.Type, "msfdb-type", "",
-		"DB type of msf (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.metasploitConf.SQLite3Path, "msfdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.metasploitConf.URL, "msfdb-url", "",
-		"http://metasploit.com:1327 or DB connection string")
-
-	f.StringVar(&c.Conf.TrivyCacheDBDir, "trivy-cachedb-dir",
-		utils.DefaultCacheDir(), "/path/to/dir")
-}
-
-// Execute execute
-func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	c.Conf.Lang = "en"
-
-	// Setup Logger
-	util.Log = util.NewCustomLogger(c.ServerInfo{})
-	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
-
-	if err := c.Load(p.configPath, ""); err != nil {
-		util.Log.Errorf("Error loading %s, err: %+v", p.configPath, err)
-		return subcommands.ExitUsageError
-	}
-
-	c.Conf.CveDict.Overwrite(p.cveDict)
-	c.Conf.OvalDict.Overwrite(p.ovalDict)
-	c.Conf.Gost.Overwrite(p.gostConf)
-	c.Conf.Exploit.Overwrite(p.exploitConf)
-	c.Conf.Metasploit.Overwrite(p.metasploitConf)
-
-	var dir string
-	var err error
-	if c.Conf.Diff {
-		dir, err = report.JSONDir([]string{})
-	} else {
-		dir, err = report.JSONDir(f.Args())
-	}
-	if err != nil {
-		util.Log.Errorf("Failed to read from JSON. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	util.Log.Info("Validating config...")
-	if !c.Conf.ValidateOnTui() {
-		return subcommands.ExitUsageError
-	}
-
-	var res models.ScanResults
-	if res, err = report.LoadScanResults(dir); err != nil {
-		util.Log.Error(err)
-		return subcommands.ExitFailure
-	}
-	util.Log.Infof("Loaded: %s", dir)
-
-	util.Log.Info("Validating db config...")
-	if !c.Conf.ValidateOnReportDB() {
-		return subcommands.ExitUsageError
-	}
-
-	if c.Conf.CveDict.URL != "" {
-		if err := report.CveClient.CheckHealth(); err != nil {
-			util.Log.Errorf("CVE HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.OvalDict.URL != "" {
-		err := oval.Base{}.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("OVAL HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.Gost.URL != "" {
-		util.Log.Infof("gost: %s", c.Conf.Gost.URL)
-		err := gost.Base{}.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("gost HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.Exploit.URL != "" {
-		err := exploit.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("exploit HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run go-exploitdb as server mode before reporting")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.Metasploit.URL != "" {
-		err := msf.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("metasploit HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run go-msfdb as server mode before reporting")
-			return subcommands.ExitFailure
-		}
-	}
-	dbclient, locked, err := report.NewDBClient(report.DBClientConf{
-		CveDictCnf:    c.Conf.CveDict,
-		OvalDictCnf:   c.Conf.OvalDict,
-		GostCnf:       c.Conf.Gost,
-		ExploitCnf:    c.Conf.Exploit,
-		MetasploitCnf: c.Conf.Metasploit,
-		DebugSQL:      c.Conf.DebugSQL,
-	})
-	if locked {
-		util.Log.Errorf("SQLite3 is locked. Close other DB connections and try again: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	if err != nil {
-		util.Log.Errorf("Failed to init DB Clients. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	defer dbclient.CloseDB()
-
-	if res, err = report.FillCveInfos(*dbclient, res, dir); err != nil {
-		util.Log.Error(err)
-		return subcommands.ExitFailure
-	}
-
-	for _, r := range res {
-		if len(r.Warnings) != 0 {
-			util.Log.Warnf("Warning: Some warnings occurred while scanning on %s: %s",
-				r.FormatServerName(), r.Warnings)
-		}
-	}
-
-	return report.RunTui(res)
-}

config/awsconf.go

@@ -0,0 +1,30 @@
+package config
+
+// AWSConf is aws config
+type AWSConf struct {
+	// AWS profile to use
+	Profile string `json:"profile"`
+
+	// AWS region to use
+	Region string `json:"region"`
+
+	// S3 bucket name
+	S3Bucket string `json:"s3Bucket"`
+
+	// /bucket/path/to/results
+	S3ResultsDir string `json:"s3ResultsDir"`
+
+	// The Server-side encryption algorithm used when storing the reports in S3 (e.g., AES256, aws:kms).
+	S3ServerSideEncryption string `json:"s3ServerSideEncryption"`
+
+	Enabled bool `toml:"-" json:"-"`
+}
+
+// Validate configuration
+func (c *AWSConf) Validate() (errs []error) {
+	// TODO
+	if !c.Enabled {
+		return
+	}
+	return
+}

config/azureconf.go

@@ -0,0 +1,46 @@
+package config
+
+import (
+	"os"
+
+	"golang.org/x/xerrors"
+)
+
+// AzureConf is azure config
+type AzureConf struct {
+	// Azure account name to use. AZURE_STORAGE_ACCOUNT environment variable is used if not specified
+	AccountName string `json:"accountName"`
+
+	// Azure account key to use. AZURE_STORAGE_ACCESS_KEY environment variable is used if not specified
+	AccountKey string `json:"-"`
+
+	// Azure storage container name
+	ContainerName string `json:"containerName"`
+
+	Enabled bool `toml:"-" json:"-"`
+}
+
+const (
+	azureAccount = "AZURE_STORAGE_ACCOUNT"
+	azureKey     = "AZURE_STORAGE_ACCESS_KEY"
+)
+
+// Validate configuration
+func (c *AzureConf) Validate() (errs []error) {
+	if !c.Enabled {
+		return
+	}
+
+	// overwrite if env var is not empty
+	if os.Getenv(azureAccount) != "" {
+		c.AccountName = os.Getenv(azureAccount)
+	}
+	if os.Getenv(azureKey) != "" {
+		c.AccountKey = os.Getenv(azureKey)
+	}
+
+	if c.ContainerName == "" {
+		errs = append(errs, xerrors.Errorf("Azure storage container name is required"))
+	}
+	return
+}

config/chatworkconf.go

@@ -0,0 +1,33 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// ChatWorkConf is ChatWork config
+type ChatWorkConf struct {
+	APIToken string `json:"-"`
+	Room     string `json:"-"`
+	Enabled  bool   `toml:"-" json:"-"`
+}
+
+// Validate validates configuration
+func (c *ChatWorkConf) Validate() (errs []error) {
+	if !c.Enabled {
+		return
+	}
+	if len(c.Room) == 0 {
+		errs = append(errs, xerrors.New("chatWorkConf.room must not be empty"))
+	}
+
+	if len(c.APIToken) == 0 {
+		errs = append(errs, xerrors.New("chatWorkConf.ApiToken must not be empty"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}

config/config_test.go

@@ -2,6 +2,8 @@ package config
 
 import (
 	"testing"
+
+	. "github.com/future-architect/vuls/constant"
 )
 
 func TestSyslogConfValidate(t *testing.T) {
@@ -55,7 +57,7 @@ func TestSyslogConfValidate(t *testing.T) {
 	}
 
 	for i, tt := range tests {
-		Conf.ToSyslog = true
+		tt.conf.Enabled = true
 		errs := tt.conf.Validate()
 		if len(errs) != tt.expectedErrLength {
 			t.Errorf("test: %d, expected %d, actual %d", i, tt.expectedErrLength, len(errs))
@@ -63,7 +65,7 @@ func TestSyslogConfValidate(t *testing.T) {
 	}
 }
 
-func TestMajorVersion(t *testing.T) {
+func TestDistro_MajorVersion(t *testing.T) {
 	var tests = []struct {
 		in  Distro
 		out int

config/googlechatconf.go

@@ -0,0 +1,32 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// GoogleChatConf is GoogleChat config
+type GoogleChatConf struct {
+	WebHookURL       string `valid:"url" json:"-" toml:"webHookURL,omitempty"`
+	SkipIfNoCve      bool   `valid:"type(bool)" json:"-" toml:"skipIfNoCve"`
+	ServerNameRegexp string `valid:"type(string)" json:"-" toml:"serverNameRegexp,omitempty"`
+	Enabled          bool   `valid:"type(bool)" json:"-" toml:"-"`
+}
+
+// Validate validates configuration
+func (c *GoogleChatConf) Validate() (errs []error) {
+	if !c.Enabled {
+		return
+	}
+	if len(c.WebHookURL) == 0 {
+		errs = append(errs, xerrors.New("googleChatConf.webHookURL must not be empty"))
+	}
+	if !govalidator.IsRegex(c.ServerNameRegexp) {
+		errs = append(errs, xerrors.New("googleChatConf.serverNameRegexp must be regex"))
+	}
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}

config/httpconf.go

@@ -0,0 +1,32 @@
+package config
+
+import (
+	"os"
+
+	"github.com/asaskevich/govalidator"
+)
+
+// HTTPConf is HTTP config
+type HTTPConf struct {
+	URL     string `valid:"url" json:"-"`
+	Enabled bool   `toml:"-" json:"-"`
+}
+
+const httpKey = "VULS_HTTP_URL"
+
+// Validate validates configuration
+func (c *HTTPConf) Validate() (errs []error) {
+	if !c.Enabled {
+		return nil
+	}
+
+	// overwrite if env var is not empty
+	if os.Getenv(httpKey) != "" {
+		c.URL = os.Getenv(httpKey)
+	}
+
+	if _, err := govalidator.ValidateStruct(c); err != nil {
+		errs = append(errs, err)
+	}
+	return errs
+}

config/ips.go

@@ -1,9 +0,0 @@
-package config
-
-// IPS is
-type IPS string
-
-const (
-	// DeepSecurity is
-	DeepSecurity IPS = "deepsecurity"
-)

config/jsonloader.go

@@ -7,6 +7,6 @@ type JSONLoader struct {
 }
 
 // Load load the configuration JSON file specified by path arg.
-func (c JSONLoader) Load(path, sudoPass, keyPass string) (err error) {
+func (c JSONLoader) Load(_, _, _ string) (err error) {
 	return xerrors.New("Not implement yet")
 }

config/os.go

@@ -0,0 +1,211 @@
+package config
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/future-architect/vuls/constant"
+)
+
+// EOL has End-of-Life information
+type EOL struct {
+	StandardSupportUntil time.Time
+	ExtendedSupportUntil time.Time
+	Ended                bool
+}
+
+// IsStandardSupportEnded checks now is under standard support
+func (e EOL) IsStandardSupportEnded(now time.Time) bool {
+	return e.Ended ||
+		!e.ExtendedSupportUntil.IsZero() && e.StandardSupportUntil.IsZero() ||
+		!e.StandardSupportUntil.IsZero() && now.After(e.StandardSupportUntil)
+}
+
+// IsExtendedSuppportEnded checks now is under extended support
+func (e EOL) IsExtendedSuppportEnded(now time.Time) bool {
+	if e.Ended {
+		return true
+	}
+	if e.StandardSupportUntil.IsZero() && e.ExtendedSupportUntil.IsZero() {
+		return false
+	}
+	return !e.ExtendedSupportUntil.IsZero() && now.After(e.ExtendedSupportUntil) ||
+		e.ExtendedSupportUntil.IsZero() && now.After(e.StandardSupportUntil)
+}
+
+// GetEOL return EOL information for the OS-release passed by args
+// https://github.com/aquasecurity/trivy/blob/master/pkg/detector/ospkg/redhat/redhat.go#L20
+func GetEOL(family, release string) (eol EOL, found bool) {
+	switch family {
+	case constant.Amazon:
+		rel := "2"
+		if isAmazonLinux1(release) {
+			rel = "1"
+		}
+		eol, found = map[string]EOL{
+			"1": {StandardSupportUntil: time.Date(2023, 6, 30, 23, 59, 59, 0, time.UTC)},
+			"2": {},
+		}[rel]
+	case constant.RedHat:
+		// https://access.redhat.com/support/policy/updates/errata
+		eol, found = map[string]EOL{
+			"3": {Ended: true},
+			"4": {Ended: true},
+			"5": {Ended: true},
+			"6": {
+				StandardSupportUntil: time.Date(2020, 11, 30, 23, 59, 59, 0, time.UTC),
+				ExtendedSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC),
+			},
+			"7": {
+				StandardSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC),
+			},
+			"8": {
+				StandardSupportUntil: time.Date(2029, 5, 31, 23, 59, 59, 0, time.UTC),
+			},
+		}[major(release)]
+	case constant.CentOS:
+		// https://en.wikipedia.org/wiki/CentOS#End-of-support_schedule
+		// TODO Stream
+		eol, found = map[string]EOL{
+			"3": {Ended: true},
+			"4": {Ended: true},
+			"5": {Ended: true},
+			"6": {Ended: true},
+			"7": {StandardSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC)},
+			"8": {StandardSupportUntil: time.Date(2021, 12, 31, 23, 59, 59, 0, time.UTC)},
+		}[major(release)]
+	case constant.Alma:
+		eol, found = map[string]EOL{
+			"8": {StandardSupportUntil: time.Date(2029, 12, 31, 23, 59, 59, 0, time.UTC)},
+		}[major(release)]
+	case constant.Rocky:
+		eol, found = map[string]EOL{
+			"8": {StandardSupportUntil: time.Date(2029, 5, 31, 23, 59, 59, 0, time.UTC)},
+		}[major(release)]
+	case constant.Oracle:
+		eol, found = map[string]EOL{
+			// Source:
+			// https://www.oracle.com/a/ocom/docs/elsp-lifetime-069338.pdf
+			// https://community.oracle.com/docs/DOC-917964
+			"3": {Ended: true},
+			"4": {Ended: true},
+			"5": {Ended: true},
+			"6": {
+				StandardSupportUntil: time.Date(2021, 3, 1, 23, 59, 59, 0, time.UTC),
+				ExtendedSupportUntil: time.Date(2024, 3, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"7": {
+				StandardSupportUntil: time.Date(2024, 7, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"8": {
+				StandardSupportUntil: time.Date(2029, 7, 1, 23, 59, 59, 0, time.UTC),
+			},
+		}[major(release)]
+	case constant.Debian:
+		eol, found = map[string]EOL{
+			// https://wiki.debian.org/LTS
+			"6":  {Ended: true},
+			"7":  {Ended: true},
+			"8":  {Ended: true},
+			"9":  {StandardSupportUntil: time.Date(2022, 6, 30, 23, 59, 59, 0, time.UTC)},
+			"10": {StandardSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC)},
+			"11": {StandardSupportUntil: time.Date(2026, 6, 30, 23, 59, 59, 0, time.UTC)},
+		}[major(release)]
+	case constant.Raspbian:
+		// Not found
+		eol, found = map[string]EOL{}[major(release)]
+	case constant.Ubuntu:
+		// https://wiki.ubuntu.com/Releases
+		eol, found = map[string]EOL{
+			"14.10": {Ended: true},
+			"14.04": {
+				ExtendedSupportUntil: time.Date(2022, 4, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"15.04": {Ended: true},
+			"16.10": {Ended: true},
+			"17.04": {Ended: true},
+			"17.10": {Ended: true},
+			"16.04": {
+				StandardSupportUntil: time.Date(2021, 4, 1, 23, 59, 59, 0, time.UTC),
+				ExtendedSupportUntil: time.Date(2024, 4, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"18.04": {
+				StandardSupportUntil: time.Date(2023, 4, 1, 23, 59, 59, 0, time.UTC),
+				ExtendedSupportUntil: time.Date(2028, 4, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"18.10": {Ended: true},
+			"19.04": {Ended: true},
+			"19.10": {Ended: true},
+			"20.04": {
+				StandardSupportUntil: time.Date(2025, 4, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"20.10": {
+				StandardSupportUntil: time.Date(2021, 7, 22, 23, 59, 59, 0, time.UTC),
+			},
+			"21.04": {
+				StandardSupportUntil: time.Date(2022, 1, 22, 23, 59, 59, 0, time.UTC),
+			},
+			"21.10": {
+				StandardSupportUntil: time.Date(2022, 7, 1, 23, 59, 59, 0, time.UTC),
+			},
+		}[release]
+	case constant.SUSEEnterpriseServer:
+		//TODO
+	case constant.Alpine:
+		// https://github.com/aquasecurity/trivy/blob/master/pkg/detector/ospkg/alpine/alpine.go#L19
+		// https://wiki.alpinelinux.org/wiki/Alpine_Linux:Releases
+		eol, found = map[string]EOL{
+			"2.0":  {Ended: true},
+			"2.1":  {Ended: true},
+			"2.2":  {Ended: true},
+			"2.3":  {Ended: true},
+			"2.4":  {Ended: true},
+			"2.5":  {Ended: true},
+			"2.6":  {Ended: true},
+			"2.7":  {Ended: true},
+			"3.0":  {Ended: true},
+			"3.1":  {Ended: true},
+			"3.2":  {Ended: true},
+			"3.3":  {Ended: true},
+			"3.4":  {Ended: true},
+			"3.5":  {Ended: true},
+			"3.6":  {Ended: true},
+			"3.7":  {Ended: true},
+			"3.8":  {Ended: true},
+			"3.9":  {Ended: true},
+			"3.10": {StandardSupportUntil: time.Date(2021, 5, 1, 23, 59, 59, 0, time.UTC)},
+			"3.11": {StandardSupportUntil: time.Date(2021, 11, 1, 23, 59, 59, 0, time.UTC)},
+			"3.12": {StandardSupportUntil: time.Date(2022, 5, 1, 23, 59, 59, 0, time.UTC)},
+			"3.13": {StandardSupportUntil: time.Date(2022, 11, 1, 23, 59, 59, 0, time.UTC)},
+		}[majorDotMinor(release)]
+	case constant.FreeBSD:
+		// https://www.freebsd.org/security/
+		eol, found = map[string]EOL{
+			"7":  {Ended: true},
+			"8":  {Ended: true},
+			"9":  {Ended: true},
+			"10": {Ended: true},
+			"11": {StandardSupportUntil: time.Date(2021, 9, 30, 23, 59, 59, 0, time.UTC)},
+			"12": {StandardSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC)},
+			"13": {StandardSupportUntil: time.Date(2026, 1, 31, 23, 59, 59, 0, time.UTC)},
+		}[major(release)]
+	}
+	return
+}
+
+func major(osVer string) (majorVersion string) {
+	return strings.Split(osVer, ".")[0]
+}
+
+func majorDotMinor(osVer string) (majorDotMinor string) {
+	ss := strings.SplitN(osVer, ".", 3)
+	if len(ss) == 1 {
+		return osVer
+	}
+	return fmt.Sprintf("%s.%s", ss[0], ss[1])
+}
+
+func isAmazonLinux1(osRelease string) bool {
+	return len(strings.Fields(osRelease)) == 1
+}

config/os_test.go

@@ -0,0 +1,449 @@
+package config
+
+import (
+	"testing"
+	"time"
+
+	. "github.com/future-architect/vuls/constant"
+)
+
+func TestEOL_IsStandardSupportEnded(t *testing.T) {
+	type fields struct {
+		family  string
+		release string
+	}
+	tests := []struct {
+		name     string
+		fields   fields
+		now      time.Time
+		found    bool
+		stdEnded bool
+		extEnded bool
+	}{
+		// Amazon Linux
+		{
+			name:     "amazon linux 1 supported",
+			fields:   fields{family: Amazon, release: "2018.03"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "amazon linux 1 eol on 2023-6-30",
+			fields:   fields{family: Amazon, release: "2018.03"},
+			now:      time.Date(2023, 7, 1, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "amazon linux 2 supported",
+			fields:   fields{family: Amazon, release: "2 (Karoo)"},
+			now:      time.Date(2023, 7, 1, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		//RHEL
+		{
+			name:     "RHEL7 supported",
+			fields:   fields{family: RedHat, release: "7"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "RHEL8 supported",
+			fields:   fields{family: RedHat, release: "8"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "RHEL6 eol",
+			fields:   fields{family: RedHat, release: "6"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "RHEL9 not found",
+			fields:   fields{family: RedHat, release: "9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		//CentOS
+		{
+			name:     "CentOS 7 supported",
+			fields:   fields{family: CentOS, release: "7"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "CentOS 8 supported",
+			fields:   fields{family: CentOS, release: "8"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "CentOS 6 eol",
+			fields:   fields{family: CentOS, release: "6"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "CentOS 9 not found",
+			fields:   fields{family: CentOS, release: "9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		// Alma
+		{
+			name:     "Alma Linux 8 supported",
+			fields:   fields{family: Alma, release: "8"},
+			now:      time.Date(2021, 7, 2, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Alma Linux 8 EOL",
+			fields:   fields{family: Alma, release: "8"},
+			now:      time.Date(2029, 2, 1, 0, 0, 0, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Alma Linux 9 Not Found",
+			fields:   fields{family: Alma, release: "9"},
+			now:      time.Date(2021, 7, 2, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		// Rocky
+		{
+			name:     "Rocky Linux 8 supported",
+			fields:   fields{family: Rocky, release: "8"},
+			now:      time.Date(2021, 7, 2, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Rocky Linux 8 EOL",
+			fields:   fields{family: Rocky, release: "8"},
+			now:      time.Date(2026, 2, 1, 0, 0, 0, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Rocky Linux 9 Not Found",
+			fields:   fields{family: Rocky, release: "9"},
+			now:      time.Date(2021, 7, 2, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		//Oracle
+		{
+			name:     "Oracle Linux 7 supported",
+			fields:   fields{family: Oracle, release: "7"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Oracle Linux 8 supported",
+			fields:   fields{family: Oracle, release: "8"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Oracle Linux 6 eol",
+			fields:   fields{family: Oracle, release: "6"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Oracle Linux 9 not found",
+			fields:   fields{family: Oracle, release: "9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		//Ubuntu
+		{
+			name:     "Ubuntu 18.04 supported",
+			fields:   fields{family: Ubuntu, release: "18.04"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 18.04 ext supported",
+			fields:   fields{family: Ubuntu, release: "18.04"},
+			now:      time.Date(2025, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 16.04 supported",
+			fields:   fields{family: Ubuntu, release: "18.04"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 14.04 eol",
+			fields:   fields{family: Ubuntu, release: "14.04"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 14.10 eol",
+			fields:   fields{family: Ubuntu, release: "14.10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 12.10 not found",
+			fields:   fields{family: Ubuntu, release: "12.10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			found:    false,
+			stdEnded: false,
+			extEnded: false,
+		},
+		{
+			name:     "Ubuntu 20.10 supported",
+			fields:   fields{family: Ubuntu, release: "20.10"},
+			now:      time.Date(2021, 5, 1, 23, 59, 59, 0, time.UTC),
+			found:    true,
+			stdEnded: false,
+			extEnded: false,
+		},
+		{
+			name:     "Ubuntu 21.04 supported",
+			fields:   fields{family: Ubuntu, release: "21.04"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			found:    true,
+			stdEnded: false,
+			extEnded: false,
+		},
+		//Debian
+		{
+			name:     "Debian 9 supported",
+			fields:   fields{family: Debian, release: "9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Debian 10 supported",
+			fields:   fields{family: Debian, release: "10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Debian 8 supported",
+			fields:   fields{family: Debian, release: "8"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "Debian 11 supported",
+			fields:   fields{family: Debian, release: "11"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Debian 12 is not supported yet",
+			fields:   fields{family: Debian, release: "12"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		//alpine
+		{
+			name:     "alpine 3.10 supported",
+			fields:   fields{family: Alpine, release: "3.10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Alpine 3.11 supported",
+			fields:   fields{family: Alpine, release: "3.11"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Alpine 3.12 supported",
+			fields:   fields{family: Alpine, release: "3.12"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Alpine 3.9 eol",
+			fields:   fields{family: Alpine, release: "3.9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "Alpine 3.14 not found",
+			fields:   fields{family: Alpine, release: "3.14"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		// freebsd
+		{
+			name:     "freebsd 11 supported",
+			fields:   fields{family: FreeBSD, release: "11"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "freebsd 11 eol on 2021-9-30",
+			fields:   fields{family: FreeBSD, release: "11"},
+			now:      time.Date(2021, 10, 1, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "freebsd 12 supported",
+			fields:   fields{family: FreeBSD, release: "12"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "freebsd 13 supported",
+			fields:   fields{family: FreeBSD, release: "13"},
+			now:      time.Date(2021, 7, 2, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "freebsd 10 eol",
+			fields:   fields{family: FreeBSD, release: "10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			eol, found := GetEOL(tt.fields.family, tt.fields.release)
+			if found != tt.found {
+				t.Errorf("GetEOL.found = %v, want %v", found, tt.found)
+			}
+			if found {
+				if got := eol.IsStandardSupportEnded(tt.now); got != tt.stdEnded {
+					t.Errorf("EOL.IsStandardSupportEnded() = %v, want %v", got, tt.stdEnded)
+				}
+				if got := eol.IsExtendedSuppportEnded(tt.now); got != tt.extEnded {
+					t.Errorf("EOL.IsExtendedSupportEnded() = %v, want %v", got, tt.extEnded)
+				}
+			}
+		})
+	}
+}
+
+func Test_majorDotMinor(t *testing.T) {
+	type args struct {
+		osVer string
+	}
+	tests := []struct {
+		name              string
+		args              args
+		wantMajorDotMinor string
+	}{
+		{
+			name: "empty",
+			args: args{
+				osVer: "",
+			},
+			wantMajorDotMinor: "",
+		},
+		{
+			name: "major",
+			args: args{
+				osVer: "3",
+			},
+			wantMajorDotMinor: "3",
+		},
+		{
+			name: "major dot minor",
+			args: args{
+				osVer: "3.1",
+			},
+			wantMajorDotMinor: "3.1",
+		},
+		{
+			name: "major dot minor dot release",
+			args: args{
+				osVer: "3.1.4",
+			},
+			wantMajorDotMinor: "3.1",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if gotMajorDotMinor := majorDotMinor(tt.args.osVer); gotMajorDotMinor != tt.wantMajorDotMinor {
+				t.Errorf("majorDotMinor() = %v, want %v", gotMajorDotMinor, tt.wantMajorDotMinor)
+			}
+		})
+	}
+}

config/portscan.go

@@ -0,0 +1,222 @@
+package config
+
+import (
+	"os"
+	"os/exec"
+	"strconv"
+	"strings"
+
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// PortScanConf is the setting for using an external port scanner
+type PortScanConf struct {
+	IsUseExternalScanner bool `toml:"-" json:"-"`
+
+	// Path to external scanner
+	ScannerBinPath string `toml:"scannerBinPath,omitempty" json:"scannerBinPath,omitempty"`
+
+	// set user has privileged
+	HasPrivileged bool `toml:"hasPrivileged,omitempty" json:"hasPrivileged,omitempty"`
+
+	// set the ScanTechniques for ScannerBinPath
+	ScanTechniques []string `toml:"scanTechniques,omitempty" json:"scanTechniques,omitempty"`
+
+	// set the FIREWALL/IDS EVASION AND SPOOFING(Use given port number)
+	SourcePort string `toml:"sourcePort,omitempty" json:"sourcePort,omitempty"`
+}
+
+// ScanTechnique is implemented to represent the supported ScanTechniques in an Enum.
+type ScanTechnique int
+
+const (
+	// NotSupportTechnique is a ScanTechnique that is currently not supported.
+	NotSupportTechnique ScanTechnique = iota
+	// TCPSYN is SYN scan
+	TCPSYN
+	// TCPConnect is TCP connect scan
+	TCPConnect
+	// TCPACK is ACK scan
+	TCPACK
+	// TCPWindow is Window scan
+	TCPWindow
+	// TCPMaimon is Maimon scan
+	TCPMaimon
+	// TCPNull is Null scan
+	TCPNull
+	// TCPFIN is FIN scan
+	TCPFIN
+	// TCPXmas is Xmas scan
+	TCPXmas
+)
+
+var scanTechniqueMap = map[ScanTechnique]string{
+	TCPSYN:     "sS",
+	TCPConnect: "sT",
+	TCPACK:     "sA",
+	TCPWindow:  "sW",
+	TCPMaimon:  "sM",
+	TCPNull:    "sN",
+	TCPFIN:     "sF",
+	TCPXmas:    "sX",
+}
+
+func (s ScanTechnique) String() string {
+	switch s {
+	case TCPSYN:
+		return "TCPSYN"
+	case TCPConnect:
+		return "TCPConnect"
+	case TCPACK:
+		return "TCPACK"
+	case TCPWindow:
+		return "TCPWindow"
+	case TCPMaimon:
+		return "TCPMaimon"
+	case TCPNull:
+		return "TCPNull"
+	case TCPFIN:
+		return "TCPFIN"
+	case TCPXmas:
+		return "TCPXmas"
+	default:
+		return "NotSupportTechnique"
+	}
+}
+
+// GetScanTechniques converts ScanTechniques loaded from config.toml to []scanTechniques.
+func (c *PortScanConf) GetScanTechniques() []ScanTechnique {
+	if len(c.ScanTechniques) == 0 {
+		return []ScanTechnique{}
+	}
+
+	scanTechniques := []ScanTechnique{}
+	for _, technique := range c.ScanTechniques {
+		findScanTechniqueFlag := false
+		for key, value := range scanTechniqueMap {
+			if strings.EqualFold(value, technique) {
+				scanTechniques = append(scanTechniques, key)
+				findScanTechniqueFlag = true
+				break
+			}
+		}
+
+		if !findScanTechniqueFlag {
+			scanTechniques = append(scanTechniques, NotSupportTechnique)
+		}
+	}
+
+	if len(scanTechniques) == 0 {
+		return []ScanTechnique{NotSupportTechnique}
+	}
+	return scanTechniques
+}
+
+// Validate validates configuration
+func (c *PortScanConf) Validate() (errs []error) {
+	if !c.IsUseExternalScanner {
+		if c.IsZero() {
+			return
+		}
+		errs = append(errs, xerrors.New("To enable the PortScan option, ScannerBinPath must be set."))
+	}
+
+	if _, err := os.Stat(c.ScannerBinPath); err != nil {
+		errs = append(errs, xerrors.Errorf(
+			"scanner is not found. ScannerBinPath: %s not exists", c.ScannerBinPath))
+	}
+
+	scanTechniques := c.GetScanTechniques()
+	for _, scanTechnique := range scanTechniques {
+		if scanTechnique == NotSupportTechnique {
+			errs = append(errs, xerrors.New("There is an unsupported option in ScanTechniques."))
+		}
+	}
+
+	// It does not currently support multiple ScanTechniques.
+	// But if it supports UDP scanning, it will need to accept multiple ScanTechniques.
+	if len(scanTechniques) > 1 {
+		errs = append(errs, xerrors.New("Currently multiple ScanTechniques are not supported."))
+	}
+
+	if c.HasPrivileged {
+		if os.Geteuid() != 0 {
+			output, err := exec.Command("getcap", c.ScannerBinPath).Output()
+			if err != nil {
+				errs = append(errs, xerrors.Errorf("Failed to check capability of %s. error message: %w", c.ScannerBinPath, err))
+			} else {
+				parseOutput := strings.SplitN(string(output), "=", 2)
+				if len(parseOutput) != 2 {
+					errs = append(errs, xerrors.Errorf("Failed to parse getcap outputs. please execute this command: `$ getcap %s`. If the following string (`/usr/bin/nmap = ... `) is not displayed, you need to set the capability with the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", c.ScannerBinPath, c.ScannerBinPath))
+				} else {
+					parseCapability := strings.Split(strings.TrimSpace(parseOutput[1]), "+")
+					capabilities := strings.Split(parseCapability[0], ",")
+					for _, needCap := range []string{"cap_net_bind_service", "cap_net_admin", "cap_net_raw"} {
+						existCapFlag := false
+						for _, cap := range capabilities {
+							if needCap == cap {
+								existCapFlag = true
+								break
+							}
+						}
+
+						if existCapFlag {
+							continue
+						}
+
+						errs = append(errs, xerrors.Errorf("Not enough capability to execute. needs: ['cap_net_bind_service', 'cap_net_admin', 'cap_net_raw'], actual: %s. To fix this, run the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", capabilities, c.ScannerBinPath))
+						break
+					}
+
+					if parseCapability[1] != "eip" {
+						errs = append(errs, xerrors.Errorf("Capability(`cap_net_bind_service,cap_net_admin,cap_net_raw`) must belong to the following capability set(need: eip, actual: %s). To fix this, run the following command. `$ setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip %s`", parseCapability[1], c.ScannerBinPath))
+					}
+				}
+			}
+		}
+	}
+
+	if !c.HasPrivileged {
+		for _, scanTechnique := range scanTechniques {
+			if scanTechnique != TCPConnect && scanTechnique != NotSupportTechnique {
+				errs = append(errs, xerrors.New("If not privileged, only TCPConnect Scan(-sT) can be used."))
+				break
+			}
+		}
+	}
+
+	if c.SourcePort != "" {
+		for _, scanTechnique := range scanTechniques {
+			if scanTechnique == TCPConnect {
+				errs = append(errs, xerrors.New("SourcePort Option(-g/--source-port) is incompatible with the default TCPConnect Scan(-sT)."))
+				break
+			}
+		}
+
+		portNumber, err := strconv.Atoi(c.SourcePort)
+		if err != nil {
+			errs = append(errs, xerrors.Errorf("SourcePort conversion failed. %w", err))
+		} else {
+			if portNumber < 0 || 65535 < portNumber {
+				errs = append(errs, xerrors.Errorf("SourcePort(%s) must be between 0 and 65535.", c.SourcePort))
+			}
+
+			if portNumber == 0 {
+				errs = append(errs, xerrors.New("SourcePort(0) may not work on all systems."))
+			}
+		}
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+
+	return
+}
+
+// IsZero return  whether this struct is not specified in config.toml
+func (c PortScanConf) IsZero() bool {
+	return c.ScannerBinPath == "" && !c.HasPrivileged && len(c.ScanTechniques) == 0 && c.SourcePort == ""
+}

config/portscan_test.go

@@ -0,0 +1,69 @@
+package config
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestPortScanConf_getScanTechniques(t *testing.T) {
+	tests := []struct {
+		name       string
+		techniques []string
+		want       []ScanTechnique
+	}{
+		{
+			name:       "nil",
+			techniques: []string{},
+			want:       []ScanTechnique{},
+		},
+		{
+			name:       "single",
+			techniques: []string{"sS"},
+			want:       []ScanTechnique{TCPSYN},
+		},
+		{
+			name:       "multiple",
+			techniques: []string{"sS", "sT"},
+			want:       []ScanTechnique{TCPSYN, TCPConnect},
+		},
+		{
+			name:       "unknown",
+			techniques: []string{"sU"},
+			want:       []ScanTechnique{NotSupportTechnique},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			c := PortScanConf{ScanTechniques: tt.techniques}
+			if got := c.GetScanTechniques(); !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("PortScanConf.getScanTechniques() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestPortScanConf_IsZero(t *testing.T) {
+	tests := []struct {
+		name string
+		conf PortScanConf
+		want bool
+	}{
+		{
+			name: "not zero",
+			conf: PortScanConf{ScannerBinPath: "/usr/bin/nmap"},
+			want: false,
+		},
+		{
+			name: "zero",
+			conf: PortScanConf{},
+			want: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := tt.conf.IsZero(); got != tt.want {
+				t.Errorf("PortScanConf.IsZero() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

config/saasconf.go

@@ -0,0 +1,34 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// SaasConf is FutureVuls config
+type SaasConf struct {
+	GroupID int64  `json:"-"`
+	Token   string `json:"-"`
+	URL     string `json:"-"`
+}
+
+// Validate validates configuration
+func (c *SaasConf) Validate() (errs []error) {
+	if c.GroupID == 0 {
+		errs = append(errs, xerrors.New("GroupID must not be empty"))
+	}
+
+	if len(c.Token) == 0 {
+		errs = append(errs, xerrors.New("Token must not be empty"))
+	}
+
+	if len(c.URL) == 0 {
+		errs = append(errs, xerrors.New("URL must not be empty"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}

config/scanmode.go

@@ -0,0 +1,110 @@
+package config
+
+import (
+	"strings"
+
+	"golang.org/x/xerrors"
+)
+
+// ScanMode has a type of scan mode. fast, fast-root, deep and offline
+type ScanMode struct {
+	flag byte
+}
+
+const (
+	// Fast is fast scan mode
+	Fast = byte(1 << iota)
+	// FastRoot is scanmode
+	FastRoot
+	// Deep is scanmode
+	Deep
+	// Offline is scanmode
+	Offline
+
+	fastStr     = "fast"
+	fastRootStr = "fast-root"
+	deepStr     = "deep"
+	offlineStr  = "offline"
+)
+
+// Set mode
+func (s *ScanMode) Set(f byte) {
+	s.flag |= f
+}
+
+// IsFast return whether scan mode is fast
+func (s ScanMode) IsFast() bool {
+	return s.flag&Fast == Fast
+}
+
+// IsFastRoot return whether scan mode is fastroot
+func (s ScanMode) IsFastRoot() bool {
+	return s.flag&FastRoot == FastRoot
+}
+
+// IsDeep return whether scan mode is deep
+func (s ScanMode) IsDeep() bool {
+	return s.flag&Deep == Deep
+}
+
+// IsOffline return whether scan mode is offline
+func (s ScanMode) IsOffline() bool {
+	return s.flag&Offline == Offline
+}
+
+func (s *ScanMode) ensure() error {
+	numTrue := 0
+	for _, b := range []bool{s.IsFast(), s.IsFastRoot(), s.IsDeep()} {
+		if b {
+			numTrue++
+		}
+	}
+	if numTrue == 0 {
+		s.Set(Fast)
+	} else if s.IsDeep() && s.IsOffline() {
+		return xerrors.New("Don't specify both of deep and offline")
+	} else if numTrue != 1 {
+		return xerrors.New("Specify only one of offline, fast, fast-root or deep")
+	}
+	return nil
+}
+
+func (s ScanMode) String() string {
+	ss := ""
+	if s.IsFast() {
+		ss = fastStr
+	} else if s.IsFastRoot() {
+		ss = fastRootStr
+	} else if s.IsDeep() {
+		ss = deepStr
+	}
+	if s.IsOffline() {
+		ss += " " + offlineStr
+	}
+	return ss + " mode"
+}
+
+func setScanMode(server *ServerInfo) error {
+	if len(server.ScanMode) == 0 {
+		server.ScanMode = Conf.Default.ScanMode
+	}
+	for _, m := range server.ScanMode {
+		switch strings.ToLower(m) {
+		case fastStr:
+			server.Mode.Set(Fast)
+		case fastRootStr:
+			server.Mode.Set(FastRoot)
+		case deepStr:
+			server.Mode.Set(Deep)
+		case offlineStr:
+			server.Mode.Set(Offline)
+		default:
+			return xerrors.Errorf("scanMode: %s of %s is invalid. Specify -fast, -fast-root, -deep or offline",
+				m, server.ServerName)
+		}
+	}
+	if err := server.Mode.ensure(); err != nil {
+		return xerrors.Errorf("%s in %s", err, server.ServerName)
+	}
+	return nil
+}

config/scanmodule.go

@@ -0,0 +1,97 @@
+package config
+
+import (
+	"strings"
+
+	"golang.org/x/xerrors"
+)
+
+// ScanModule has a type of scan module
+type ScanModule struct {
+	flag byte
+}
+
+const (
+	// OSPkg is scanmodule
+	OSPkg = byte(1 << iota)
+	// WordPress is scanmodule
+	WordPress
+	// Lockfile is scanmodule
+	Lockfile
+	// Port is scanmodule
+	Port
+
+	osPkgStr     = "ospkg"
+	wordPressStr = "wordpress"
+	lockfileStr  = "lockfile"
+	portStr      = "port"
+)
+
+var allModules = []string{osPkgStr, wordPressStr, lockfileStr, portStr}
+
+// Set module
+func (s *ScanModule) Set(f byte) {
+	s.flag |= f
+}
+
+// IsScanOSPkg return whether scanning os pkg
+func (s ScanModule) IsScanOSPkg() bool {
+	return s.flag&OSPkg == OSPkg
+}
+
+// IsScanWordPress return whether scanning wordpress
+func (s ScanModule) IsScanWordPress() bool {
+	return s.flag&WordPress == WordPress
+}
+
+// IsScanLockFile whether scanning lock file
+func (s ScanModule) IsScanLockFile() bool {
+	return s.flag&Lockfile == Lockfile
+}
+
+// IsScanPort whether scanning listening ports
+func (s ScanModule) IsScanPort() bool {
+	return s.flag&Port == Port
+}
+
+// IsZero return the struct value are all false
+func (s ScanModule) IsZero() bool {
+	return !(s.IsScanOSPkg() || s.IsScanWordPress() || s.IsScanLockFile() || s.IsScanPort())
+}
+
+func (s *ScanModule) ensure() error {
+	if s.IsZero() {
+		s.Set(OSPkg)
+		s.Set(WordPress)
+		s.Set(Lockfile)
+		s.Set(Port)
+	} else if !s.IsScanOSPkg() && s.IsScanPort() {
+		return xerrors.New("When specifying the Port, Specify OSPkg as well")
+	}
+	return nil
+}
+
+func setScanModules(server *ServerInfo, d ServerInfo) error {
+	if len(server.ScanModules) == 0 {
+		server.ScanModules = d.ScanModules
+	}
+	for _, m := range server.ScanModules {
+		switch strings.ToLower(m) {
+		case osPkgStr:
+			server.Module.Set(OSPkg)
+		case wordPressStr:
+			server.Module.Set(WordPress)
+		case lockfileStr:
+			server.Module.Set(Lockfile)
+		case portStr:
+			server.Module.Set(Port)
+		default:
+			return xerrors.Errorf("scanMode: %s of %s is invalid. Specify %s",
+				m, server.ServerName, allModules)
+		}
+	}
+	if err := server.Module.ensure(); err != nil {
+		return xerrors.Errorf("%s in %s", err, server.ServerName)
+	}
+	return nil
+}

config/scanmodule_test.go

@@ -0,0 +1,65 @@
+package config
+
+import (
+	"testing"
+)
+
+func TestScanModule_IsZero(t *testing.T) {
+	tests := []struct {
+		name  string
+		modes []byte
+		want  bool
+	}{
+		{
+			name:  "not zero",
+			modes: []byte{OSPkg},
+			want:  false,
+		},
+		{
+			name:  "zero",
+			modes: []byte{},
+			want:  true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			s := ScanModule{}
+			for _, b := range tt.modes {
+				s.Set(b)
+			}
+			if got := s.IsZero(); got != tt.want {
+				t.Errorf("ScanModule.IsZero() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestScanModule_validate(t *testing.T) {
+	tests := []struct {
+		name    string
+		modes   []byte
+		wantErr bool
+	}{
+		{
+			name:    "valid",
+			modes:   []byte{},
+			wantErr: false,
+		},
+		{
+			name:    "err",
+			modes:   []byte{WordPress, Lockfile, Port},
+			wantErr: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			s := ScanModule{}
+			for _, b := range tt.modes {
+				s.Set(b)
+			}
+			if err := s.ensure(); (err != nil) != tt.wantErr {
+				t.Errorf("ScanModule.validate() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}

config/slackconf.go

@@ -0,0 +1,52 @@
+package config
+
+import (
+	"strings"
+
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// SlackConf is slack config
+type SlackConf struct {
+	HookURL     string   `valid:"url" json:"-" toml:"hookURL,omitempty"`
+	LegacyToken string   `json:"-" toml:"legacyToken,omitempty"`
+	Channel     string   `json:"-" toml:"channel,omitempty"`
+	IconEmoji   string   `json:"-" toml:"iconEmoji,omitempty"`
+	AuthUser    string   `json:"-" toml:"authUser,omitempty"`
+	NotifyUsers []string `toml:"notifyUsers,omitempty" json:"-"`
+	Text        string   `json:"-"`
+	Enabled     bool     `toml:"-" json:"-"`
+}
+
+// Validate validates configuration
+func (c *SlackConf) Validate() (errs []error) {
+	if !c.Enabled {
+		return
+	}
+
+	if len(c.HookURL) == 0 && len(c.LegacyToken) == 0 {
+		errs = append(errs, xerrors.New("slack.hookURL or slack.LegacyToken must not be empty"))
+	}
+
+	if len(c.Channel) == 0 {
+		errs = append(errs, xerrors.New("slack.channel must not be empty"))
+	} else {
+		if !(strings.HasPrefix(c.Channel, "#") ||
+			c.Channel == "${servername}") {
+			errs = append(errs, xerrors.Errorf(
+				"channel's prefix must be '#', channel: %s", c.Channel))
+		}
+	}
+
+	if len(c.AuthUser) == 0 {
+		errs = append(errs, xerrors.New("slack.authUser must not be empty"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+
+	return
+}

config/smtpconf.go

@@ -0,0 +1,65 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// SMTPConf is smtp config
+type SMTPConf struct {
+	SMTPAddr      string   `toml:"smtpAddr,omitempty" json:"-"`
+	SMTPPort      string   `toml:"smtpPort,omitempty" valid:"port" json:"-"`
+	User          string   `toml:"user,omitempty" json:"-"`
+	Password      string   `toml:"password,omitempty" json:"-"`
+	From          string   `toml:"from,omitempty" json:"-"`
+	To            []string `toml:"to,omitempty" json:"-"`
+	Cc            []string `toml:"cc,omitempty" json:"-"`
+	SubjectPrefix string   `toml:"subjectPrefix,omitempty" json:"-"`
+	Enabled       bool     `toml:"-" json:"-"`
+}
+
+func checkEmails(emails []string) (errs []error) {
+	for _, addr := range emails {
+		if len(addr) == 0 {
+			return
+		}
+		if ok := govalidator.IsEmail(addr); !ok {
+			errs = append(errs, xerrors.Errorf("Invalid email address. email: %s", addr))
+		}
+	}
+	return
+}
+
+// Validate SMTP configuration
+func (c *SMTPConf) Validate() (errs []error) {
+	if !c.Enabled {
+		return
+	}
+	emails := []string{}
+	emails = append(emails, c.From)
+	emails = append(emails, c.To...)
+	emails = append(emails, c.Cc...)
+
+	if emailErrs := checkEmails(emails); 0 < len(emailErrs) {
+		errs = append(errs, emailErrs...)
+	}
+
+	if c.SMTPAddr == "" {
+		errs = append(errs, xerrors.New("email.smtpAddr must not be empty"))
+	}
+	if c.SMTPPort == "" {
+		errs = append(errs, xerrors.New("email.smtpPort must not be empty"))
+	}
+	if len(c.To) == 0 {
+		errs = append(errs, xerrors.New("email.To required at least one address"))
+	}
+	if len(c.From) == 0 {
+		errs = append(errs, xerrors.New("email.From required at least one address"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}

config/syslogconf.go

@@ -0,0 +1,130 @@
+package config
+
+import (
+	"errors"
+	"log/syslog"
+
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// SyslogConf is syslog config
+type SyslogConf struct {
+	Protocol string `json:"-"`
+	Host     string `valid:"host" json:"-"`
+	Port     string `valid:"port" json:"-"`
+	Severity string `json:"-"`
+	Facility string `json:"-"`
+	Tag      string `json:"-"`
+	Verbose  bool   `json:"-"`
+	Enabled  bool   `toml:"-" json:"-"`
+}
+
+// Validate validates configuration
+func (c *SyslogConf) Validate() (errs []error) {
+	if !c.Enabled {
+		return nil
+	}
+	//  If protocol is empty, it will connect to the local syslog server.
+	if len(c.Protocol) > 0 && c.Protocol != "tcp" && c.Protocol != "udp" {
+		errs = append(errs, errors.New(`syslog.protocol must be "tcp" or "udp"`))
+	}
+
+	// Default port: 514
+	if c.Port == "" {
+		c.Port = "514"
+	}
+
+	if _, err := c.GetSeverity(); err != nil {
+		errs = append(errs, err)
+	}
+
+	if _, err := c.GetFacility(); err != nil {
+		errs = append(errs, err)
+	}
+
+	if _, err := govalidator.ValidateStruct(c); err != nil {
+		errs = append(errs, err)
+	}
+	return errs
+}
+
+// GetSeverity gets severity
+func (c *SyslogConf) GetSeverity() (syslog.Priority, error) {
+	if c.Severity == "" {
+		return syslog.LOG_INFO, nil
+	}
+
+	switch c.Severity {
+	case "emerg":
+		return syslog.LOG_EMERG, nil
+	case "alert":
+		return syslog.LOG_ALERT, nil
+	case "crit":
+		return syslog.LOG_CRIT, nil
+	case "err":
+		return syslog.LOG_ERR, nil
+	case "warning":
+		return syslog.LOG_WARNING, nil
+	case "notice":
+		return syslog.LOG_NOTICE, nil
+	case "info":
+		return syslog.LOG_INFO, nil
+	case "debug":
+		return syslog.LOG_DEBUG, nil
+	default:
+		return -1, xerrors.Errorf("Invalid severity: %s", c.Severity)
+	}
+}
+
+// GetFacility gets facility
+func (c *SyslogConf) GetFacility() (syslog.Priority, error) {
+	if c.Facility == "" {
+		return syslog.LOG_AUTH, nil
+	}
+
+	switch c.Facility {
+	case "kern":
+		return syslog.LOG_KERN, nil
+	case "user":
+		return syslog.LOG_USER, nil
+	case "mail":
+		return syslog.LOG_MAIL, nil
+	case "daemon":
+		return syslog.LOG_DAEMON, nil
+	case "auth":
+		return syslog.LOG_AUTH, nil
+	case "syslog":
+		return syslog.LOG_SYSLOG, nil
+	case "lpr":
+		return syslog.LOG_LPR, nil
+	case "news":
+		return syslog.LOG_NEWS, nil
+	case "uucp":
+		return syslog.LOG_UUCP, nil
+	case "cron":
+		return syslog.LOG_CRON, nil
+	case "authpriv":
+		return syslog.LOG_AUTHPRIV, nil
+	case "ftp":
+		return syslog.LOG_FTP, nil
+	case "local0":
+		return syslog.LOG_LOCAL0, nil
+	case "local1":
+		return syslog.LOG_LOCAL1, nil
+	case "local2":
+		return syslog.LOG_LOCAL2, nil
+	case "local3":
+		return syslog.LOG_LOCAL3, nil
+	case "local4":
+		return syslog.LOG_LOCAL4, nil
+	case "local5":
+		return syslog.LOG_LOCAL5, nil
+	case "local6":
+		return syslog.LOG_LOCAL6, nil
+	case "local7":
+		return syslog.LOG_LOCAL7, nil
+	default:
+		return -1, xerrors.Errorf("Invalid facility: %s", c.Facility)
+	}
+}

config/telegramconf.go

@@ -0,0 +1,33 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// TelegramConf is Telegram config
+type TelegramConf struct {
+	Token   string `json:"-"`
+	ChatID  string `json:"-"`
+	Enabled bool   `toml:"-" json:"-"`
+}
+
+// Validate validates configuration
+func (c *TelegramConf) Validate() (errs []error) {
+	if !c.Enabled {
+		return
+	}
+	if len(c.ChatID) == 0 {
+		errs = append(errs, xerrors.New("TelegramConf.ChatID must not be empty"))
+	}
+
+	if len(c.Token) == 0 {
+		errs = append(errs, xerrors.New("TelegramConf.Token must not be empty"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}

config/tomlloader.go

@@ -5,6 +5,7 @@ import (
 	"strings"
 
 	"github.com/BurntSushi/toml"
+	"github.com/future-architect/vuls/constant"
 	"github.com/knqyf263/go-cpe/naming"
 	"golang.org/x/xerrors"
 )
@@ -14,266 +15,218 @@ type TOMLLoader struct {
 }
 
 // Load load the configuration TOML file specified by path arg.
-func (c TOMLLoader) Load(pathToToml, keyPass string) error {
-	var conf Config
-	if _, err := toml.DecodeFile(pathToToml, &conf); err != nil {
+func (c TOMLLoader) Load(pathToToml, _ string) error {
+	// util.Log.Infof("Loading config: %s", pathToToml)
+	if _, err := toml.DecodeFile(pathToToml, &Conf); err != nil {
 		return err
 	}
-	Conf.EMail = conf.EMail
-	Conf.Slack = conf.Slack
-	Conf.Stride = conf.Stride
-	Conf.HipChat = conf.HipChat
-	Conf.ChatWork = conf.ChatWork
-	Conf.Telegram = conf.Telegram
-	Conf.Saas = conf.Saas
-	Conf.Syslog = conf.Syslog
-	Conf.HTTP = conf.HTTP
-	Conf.AWS = conf.AWS
-	Conf.Azure = conf.Azure
 
-	Conf.CveDict = conf.CveDict
-	Conf.OvalDict = conf.OvalDict
-	Conf.Gost = conf.Gost
-	Conf.Exploit = conf.Exploit
-	Conf.Metasploit = conf.Metasploit
-
-	d := conf.Default
-	Conf.Default = d
-	servers := make(map[string]ServerInfo)
-
-	if keyPass != "" {
-		d.KeyPassword = keyPass
+	for _, cnf := range []VulnDictInterface{
+		&Conf.CveDict,
+		&Conf.OvalDict,
+		&Conf.Gost,
+		&Conf.Exploit,
+		&Conf.Metasploit,
+	} {
+		cnf.Init()
 	}
 
-	i := 0
-	for serverName, v := range conf.Servers {
-		if 0 < len(v.KeyPassword) {
-			return xerrors.Errorf("[Deprecated] KEYPASSWORD IN CONFIG FILE ARE UNSECURE. REMOVE THEM IMMEDIATELY FOR A SECURITY REASONS. THEY WILL BE REMOVED IN A FUTURE RELEASE: %s", serverName)
+	index := 0
+	for name, server := range Conf.Servers {
+		server.ServerName = name
+		if err := setDefaultIfEmpty(&server); err != nil {
+			return xerrors.Errorf("Failed to set default value to config. server: %s, err: %w", name, err)
 		}
 
-		s := ServerInfo{ServerName: serverName}
-		if v.Type != ServerTypePseudo {
-			s.Host = v.Host
-			if len(s.Host) == 0 {
-				return xerrors.Errorf("%s is invalid. host is empty", serverName)
-			}
-
-			s.JumpServer = v.JumpServer
-			if len(s.JumpServer) == 0 {
-				s.JumpServer = d.JumpServer
-			}
-
-			switch {
-			case v.Port != "":
-				s.Port = v.Port
-			case d.Port != "":
-				s.Port = d.Port
-			default:
-				s.Port = "22"
-			}
-
-			switch {
-			case v.User != "":
-				s.User = v.User
-			case d.User != "":
-				s.User = d.User
-			default:
-				if s.Port != "local" {
-					return xerrors.Errorf("%s is invalid. User is empty", serverName)
-				}
-			}
-
-			s.SSHConfigPath = v.SSHConfigPath
-			if len(s.SSHConfigPath) == 0 {
-				s.SSHConfigPath = d.SSHConfigPath
-			}
-
-			s.KeyPath = v.KeyPath
-			if len(s.KeyPath) == 0 {
-				s.KeyPath = d.KeyPath
-			}
-			s.KeyPassword = v.KeyPassword
-			if len(s.KeyPassword) == 0 {
-				s.KeyPassword = d.KeyPassword
-			}
+		if err := setScanMode(&server); err != nil {
+			return xerrors.Errorf("Failed to set ScanMode: %w", err)
 		}
 
-		s.ScanMode = v.ScanMode
-		if len(s.ScanMode) == 0 {
-			s.ScanMode = d.ScanMode
-			if len(s.ScanMode) == 0 {
-				s.ScanMode = []string{"fast"}
-			}
-		}
-		for _, m := range s.ScanMode {
-			switch m {
-			case "fast":
-				s.Mode.Set(Fast)
-			case "fast-root":
-				s.Mode.Set(FastRoot)
-			case "deep":
-				s.Mode.Set(Deep)
-			case "offline":
-				s.Mode.Set(Offline)
-			default:
-				return xerrors.Errorf("scanMode: %s of %s is invalie. Specify -fast, -fast-root, -deep or offline", m, serverName)
-			}
-		}
-		if err := s.Mode.validate(); err != nil {
-			return xerrors.Errorf("%s in %s", err, serverName)
+		if err := setScanModules(&server, Conf.Default); err != nil {
+			return xerrors.Errorf("Failed to set ScanModule: %w", err)
 		}
 
-		s.CpeNames = v.CpeNames
-		if len(s.CpeNames) == 0 {
-			s.CpeNames = d.CpeNames
+		if len(server.CpeNames) == 0 {
+			server.CpeNames = Conf.Default.CpeNames
 		}
-
-		s.Lockfiles = v.Lockfiles
-		if len(s.Lockfiles) == 0 {
-			s.Lockfiles = d.Lockfiles
-		}
-
-		s.FindLock = v.FindLock
-
-		for i, n := range s.CpeNames {
+		for i, n := range server.CpeNames {
 			uri, err := toCpeURI(n)
 			if err != nil {
-				return xerrors.Errorf("Failed to parse CPENames %s in %s, err: %w", n, serverName, err)
+				return xerrors.Errorf("Failed to parse CPENames %s in %s, err: %w", n, name, err)
 			}
-			s.CpeNames[i] = uri
+			server.CpeNames[i] = uri
 		}
 
-		s.ContainersIncluded = v.ContainersIncluded
-		if len(s.ContainersIncluded) == 0 {
-			s.ContainersIncluded = d.ContainersIncluded
-		}
-
-		s.ContainersExcluded = v.ContainersExcluded
-		if len(s.ContainersExcluded) == 0 {
-			s.ContainersExcluded = d.ContainersExcluded
-		}
-
-		s.ContainerType = v.ContainerType
-		if len(s.ContainerType) == 0 {
-			s.ContainerType = d.ContainerType
-		}
-
-		s.Containers = v.Containers
-		for contName, cont := range s.Containers {
-			cont.IgnoreCves = append(cont.IgnoreCves, d.IgnoreCves...)
-			s.Containers[contName] = cont
-		}
-
-		if len(v.DependencyCheckXMLPath) != 0 || len(d.DependencyCheckXMLPath) != 0 {
-			return xerrors.Errorf("[DEPRECATED] dependencyCheckXMLPath IS DEPRECATED. USE owaspDCXMLPath INSTEAD: %s", serverName)
-		}
-
-		s.OwaspDCXMLPath = v.OwaspDCXMLPath
-		if len(s.OwaspDCXMLPath) == 0 {
-			s.OwaspDCXMLPath = d.OwaspDCXMLPath
-		}
-
-		s.Memo = v.Memo
-		if s.Memo == "" {
-			s.Memo = d.Memo
-		}
-
-		s.IgnoreCves = v.IgnoreCves
-		for _, cve := range d.IgnoreCves {
+		for _, cve := range Conf.Default.IgnoreCves {
 			found := false
-			for _, c := range s.IgnoreCves {
+			for _, c := range server.IgnoreCves {
 				if cve == c {
 					found = true
 					break
 				}
 			}
 			if !found {
-				s.IgnoreCves = append(s.IgnoreCves, cve)
+				server.IgnoreCves = append(server.IgnoreCves, cve)
 			}
 		}
 
-		s.IgnorePkgsRegexp = v.IgnorePkgsRegexp
-		for _, pkg := range d.IgnorePkgsRegexp {
+		for _, pkg := range Conf.Default.IgnorePkgsRegexp {
 			found := false
-			for _, p := range s.IgnorePkgsRegexp {
+			for _, p := range server.IgnorePkgsRegexp {
 				if pkg == p {
 					found = true
 					break
 				}
 			}
 			if !found {
-				s.IgnorePkgsRegexp = append(s.IgnorePkgsRegexp, pkg)
+				server.IgnorePkgsRegexp = append(server.IgnorePkgsRegexp, pkg)
 			}
 		}
-		for _, reg := range s.IgnorePkgsRegexp {
+		for _, reg := range server.IgnorePkgsRegexp {
 			_, err := regexp.Compile(reg)
 			if err != nil {
-				return xerrors.Errorf("Faild to parse %s in %s. err: %w", reg, serverName, err)
+				return xerrors.Errorf("Failed to parse %s in %s. err: %w", reg, name, err)
 			}
 		}
-		for contName, cont := range s.Containers {
+		for contName, cont := range server.Containers {
 			for _, reg := range cont.IgnorePkgsRegexp {
 				_, err := regexp.Compile(reg)
 				if err != nil {
-					return xerrors.Errorf("Faild to parse %s in %s@%s. err: %w",
-						reg, contName, serverName, err)
+					return xerrors.Errorf("Failed to parse %s in %s@%s. err: %w",
+						reg, contName, name, err)
 				}
 			}
 		}
 
-		opt := map[string]interface{}{}
-		for k, v := range d.Optional {
-			opt[k] = v
+		for ownerRepo, githubSetting := range server.GitHubRepos {
+			if ss := strings.Split(ownerRepo, "/"); len(ss) != 2 {
+				return xerrors.Errorf("Failed to parse GitHub owner/repo: %s in %s",
+					ownerRepo, name)
+			}
+			if githubSetting.Token == "" {
+				return xerrors.Errorf("GitHub owner/repo: %s in %s token is empty",
+					ownerRepo, name)
+			}
 		}
-		for k, v := range v.Optional {
-			opt[k] = v
-		}
-		s.Optional = opt
 
-		s.Enablerepo = v.Enablerepo
-		if len(s.Enablerepo) == 0 {
-			s.Enablerepo = d.Enablerepo
+		if len(server.Enablerepo) == 0 {
+			server.Enablerepo = Conf.Default.Enablerepo
 		}
-		if len(s.Enablerepo) != 0 {
-			for _, repo := range s.Enablerepo {
+		if len(server.Enablerepo) != 0 {
+			for _, repo := range server.Enablerepo {
 				switch repo {
 				case "base", "updates":
 					// nop
 				default:
 					return xerrors.Errorf(
-						"For now, enablerepo have to be base or updates: %s, servername: %s",
-						s.Enablerepo, serverName)
+						"For now, enablerepo have to be base or updates: %s",
+						server.Enablerepo)
 				}
 			}
 		}
 
-		s.GitHubRepos = v.GitHubRepos
-		for ownerRepo, githubSetting := range s.GitHubRepos {
-			if ss := strings.Split(ownerRepo, "/"); len(ss) != 2 {
-				return xerrors.Errorf("Failed to parse GitHub owner/repo: %s in %s",
-					ownerRepo, serverName)
-			}
-			if githubSetting.Token == "" {
-				return xerrors.Errorf("GitHub owner/repo: %s in %s token is empty",
-					ownerRepo, serverName)
+		if server.PortScan.ScannerBinPath != "" {
+			server.PortScan.IsUseExternalScanner = true
+		}
+
+		server.LogMsgAnsiColor = Colors[index%len(Colors)]
+		index++
+
+		Conf.Servers[name] = server
+	}
+	return nil
+}
+
+func setDefaultIfEmpty(server *ServerInfo) error {
+	if server.Type != constant.ServerTypePseudo {
+		if len(server.Host) == 0 {
+			return xerrors.Errorf("server.host is empty")
+		}
+
+		if len(server.JumpServer) == 0 {
+			server.JumpServer = Conf.Default.JumpServer
+		}
+
+		if server.Port == "" {
+			if Conf.Default.Port != "" {
+				server.Port = Conf.Default.Port
+			} else {
+				server.Port = "22"
 			}
 		}
 
-		s.UUIDs = v.UUIDs
-		s.Type = v.Type
+		if server.User == "" {
+			server.User = Conf.Default.User
+			if server.User == "" && server.Port != "local" {
+				return xerrors.Errorf("server.user is empty")
+			}
+		}
 
-		s.WordPress.WPVulnDBToken = v.WordPress.WPVulnDBToken
-		s.WordPress.CmdPath = v.WordPress.CmdPath
-		s.WordPress.DocRoot = v.WordPress.DocRoot
-		s.WordPress.OSUser = v.WordPress.OSUser
-		s.WordPress.IgnoreInactive = v.WordPress.IgnoreInactive
+		if server.SSHConfigPath == "" {
+			server.SSHConfigPath = Conf.Default.SSHConfigPath
+		}
 
-		s.LogMsgAnsiColor = Colors[i%len(Colors)]
-		i++
-
-		servers[serverName] = s
+		if server.KeyPath == "" {
+			server.KeyPath = Conf.Default.KeyPath
+		}
 	}
-	Conf.Servers = servers
+
+	if len(server.Lockfiles) == 0 {
+		server.Lockfiles = Conf.Default.Lockfiles
+	}
+
+	if len(server.ContainersIncluded) == 0 {
+		server.ContainersIncluded = Conf.Default.ContainersIncluded
+	}
+
+	if len(server.ContainersExcluded) == 0 {
+		server.ContainersExcluded = Conf.Default.ContainersExcluded
+	}
+
+	if server.ContainerType == "" {
+		server.ContainerType = Conf.Default.ContainerType
+	}
+
+	for contName, cont := range server.Containers {
+		cont.IgnoreCves = append(cont.IgnoreCves, Conf.Default.IgnoreCves...)
+		server.Containers[contName] = cont
+	}
+
+	if server.OwaspDCXMLPath == "" {
+		server.OwaspDCXMLPath = Conf.Default.OwaspDCXMLPath
+	}
+
+	if server.Memo == "" {
+		server.Memo = Conf.Default.Memo
+	}
+
+	if server.WordPress == nil {
+		server.WordPress = Conf.Default.WordPress
+		if server.WordPress == nil {
+			server.WordPress = &WordPressConf{}
+		}
+	}
+
+	if server.PortScan == nil {
+		server.PortScan = Conf.Default.PortScan
+		if server.PortScan == nil {
+			server.PortScan = &PortScanConf{}
+		}
+	}
+
+	if len(server.IgnoredJSONKeys) == 0 {
+		server.IgnoredJSONKeys = Conf.Default.IgnoredJSONKeys
+	}
+
+	opt := map[string]interface{}{}
+	for k, v := range Conf.Default.Optional {
+		opt[k] = v
+	}
+	for k, v := range server.Optional {
+		opt[k] = v
+	}
+	server.Optional = opt
+
 	return nil
 }
 
@@ -291,5 +244,5 @@ func toCpeURI(cpename string) (string, error) {
 		}
 		return naming.BindToURI(wfn), nil
 	}
-	return "", xerrors.Errorf("Unknow CPE format: %s", cpename)
+	return "", xerrors.Errorf("Unknown CPE format: %s", cpename)
 }

config/vulnDictConf.go

@@ -0,0 +1,276 @@
+package config
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/asaskevich/govalidator"
+	"github.com/future-architect/vuls/logging"
+	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
+)
+
+// VulnDictInterface is an interface of vulnsrc
+type VulnDictInterface interface {
+	Init()
+	Validate() error
+	IsFetchViaHTTP() bool
+	CheckHTTPHealth() error
+	GetName() string
+	GetType() string
+	GetURL() string
+	GetSQLite3Path() string
+	GetDebugSQL() bool
+}
+
+// VulnDict is a base struct of vuln dicts
+type VulnDict struct {
+	Name string
+
+	// DB type of CVE dictionary (sqlite3, mysql, postgres or redis)
+	Type string
+
+	// http://cve-dictionary.com:1323 or DB connection string
+	URL string `json:"-"`
+
+	// /path/to/cve.sqlite3
+	SQLite3Path string
+
+	DebugSQL bool
+}
+
+// GetType returns type
+func (cnf VulnDict) GetType() string {
+	return cnf.Type
+}
+
+// GetName returns name
+func (cnf VulnDict) GetName() string {
+	return cnf.Name
+}
+
+// GetURL returns url
+func (cnf VulnDict) GetURL() string {
+	return cnf.URL
+}
+
+// GetSQLite3Path return the path of SQLite3
+func (cnf VulnDict) GetSQLite3Path() string {
+	return cnf.SQLite3Path
+}
+
+// GetDebugSQL return debugSQL flag
+func (cnf VulnDict) GetDebugSQL() bool {
+	return cnf.DebugSQL
+}
+
+// Validate settings
+func (cnf VulnDict) Validate() error {
+	logging.Log.Infof("%s.type=%s, %s.url=%s, %s.SQLite3Path=%s",
+		cnf.Name, cnf.Type, cnf.Name, cnf.URL, cnf.Name, cnf.SQLite3Path)
+
+	switch cnf.Type {
+	case "sqlite3":
+		if cnf.URL != "" {
+			return xerrors.Errorf("To use SQLite3, specify %s.type=sqlite3 and %s.SQLite3Path. To use as HTTP server mode, specify %s.type=http and %s.url",
+				cnf.Name, cnf.Name, cnf.Name, cnf.Name)
+		}
+		if ok, _ := govalidator.IsFilePath(cnf.SQLite3Path); !ok {
+			return xerrors.Errorf("SQLite3 path must be a *Absolute* file path. %s.SQLite3Path: %s",
+				cnf.Name, cnf.SQLite3Path)
+		}
+		if _, err := os.Stat(cnf.SQLite3Path); os.IsNotExist(err) {
+			logging.Log.Warnf("%s.SQLite3Path=%s file not found", cnf.Name, cnf.SQLite3Path)
+		}
+	case "mysql":
+		if cnf.URL == "" {
+			return xerrors.Errorf(`MySQL connection string is needed. %s.url="user:pass@tcp(localhost:3306)/dbname"`, cnf.Name)
+		}
+	case "postgres":
+		if cnf.URL == "" {
+			return xerrors.Errorf(`PostgreSQL connection string is needed. %s.url="host=myhost user=user dbname=dbname sslmode=disable password=password"`, cnf.Name)
+		}
+	case "redis":
+		if cnf.URL == "" {
+			return xerrors.Errorf(`Redis connection string is needed. %s.url="redis://localhost/0"`, cnf.Name)
+		}
+	case "http":
+		if cnf.URL == "" {
+			return xerrors.Errorf(`URL is needed. -%s-url="http://localhost:1323"`, cnf.Name)
+		}
+	default:
+		return xerrors.Errorf("%s.type must be either 'sqlite3', 'mysql', 'postgres', 'redis' or 'http'.  %s.type: %s", cnf.Name, cnf.Name, cnf.Type)
+	}
+	return nil
+}
+
+// Init the struct
+func (cnf VulnDict) Init() {}
+
+func (cnf *VulnDict) setDefault(sqlite3Name string) {
+	if cnf.Type == "" {
+		cnf.Type = "sqlite3"
+	}
+	if cnf.URL == "" && cnf.SQLite3Path == "" {
+		wd, _ := os.Getwd()
+		cnf.SQLite3Path = filepath.Join(wd, sqlite3Name)
+	}
+}
+
+// IsFetchViaHTTP returns if fetch via HTTP
+func (cnf VulnDict) IsFetchViaHTTP() bool {
+	return cnf.Type == "http"
+}
+
+// CheckHTTPHealth checks http server status
+func (cnf VulnDict) CheckHTTPHealth() error {
+	if !cnf.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.URL)
+	resp, _, errs := gorequest.New().Timeout(10 * time.Second).SetDebug(Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return xerrors.Errorf("Failed to request to CVE server. url: %s, errs: %s",
+			url, errs)
+	}
+	return nil
+}
+
+// GovalDictConf is goval-dictionary config
+type GovalDictConf struct {
+	VulnDict
+}
+
+const govalType = "OVALDB_TYPE"
+const govalURL = "OVALDB_URL"
+const govalPATH = "OVALDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *GovalDictConf) Init() {
+	cnf.Name = "ovalDict"
+	if os.Getenv(govalType) != "" {
+		cnf.Type = os.Getenv(govalType)
+	}
+	if os.Getenv(govalURL) != "" {
+		cnf.URL = os.Getenv(govalURL)
+	}
+	if os.Getenv(govalPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(govalPATH)
+	}
+	cnf.setDefault("oval.sqlite3")
+	cnf.DebugSQL = Conf.DebugSQL
+}
+
+// ExploitConf is exploit config
+type ExploitConf struct {
+	VulnDict
+}
+
+const exploitDBType = "EXPLOITDB_TYPE"
+const exploitDBURL = "EXPLOITDB_URL"
+const exploitDBPATH = "EXPLOITDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *ExploitConf) Init() {
+	cnf.Name = "exploit"
+	if os.Getenv(exploitDBType) != "" {
+		cnf.Type = os.Getenv(exploitDBType)
+	}
+	if os.Getenv(exploitDBURL) != "" {
+		cnf.URL = os.Getenv(exploitDBURL)
+	}
+	if os.Getenv(exploitDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(exploitDBPATH)
+	}
+	cnf.setDefault("go-exploitdb.sqlite3")
+	cnf.DebugSQL = Conf.DebugSQL
+}
+
+// GoCveDictConf is GoCveDict config
+type GoCveDictConf struct {
+	VulnDict
+}
+
+const cveDBType = "CVEDB_TYPE"
+const cveDBURL = "CVEDB_URL"
+const cveDBPATH = "CVEDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *GoCveDictConf) Init() {
+	cnf.Name = "cveDict"
+	if os.Getenv(cveDBType) != "" {
+		cnf.Type = os.Getenv(cveDBType)
+	}
+	if os.Getenv(cveDBURL) != "" {
+		cnf.URL = os.Getenv(cveDBURL)
+	}
+	if os.Getenv(cveDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(cveDBPATH)
+	}
+	cnf.setDefault("cve.sqlite3")
+	cnf.DebugSQL = Conf.DebugSQL
+}
+
+// GostConf is gost config
+type GostConf struct {
+	VulnDict
+}
+
+const gostDBType = "GOSTDB_TYPE"
+const gostDBURL = "GOSTDB_URL"
+const gostDBPATH = "GOSTDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *GostConf) Init() {
+	cnf.Name = "gost"
+	if os.Getenv(gostDBType) != "" {
+		cnf.Type = os.Getenv(gostDBType)
+	}
+	if os.Getenv(gostDBURL) != "" {
+		cnf.URL = os.Getenv(gostDBURL)
+	}
+	if os.Getenv(gostDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(gostDBPATH)
+	}
+	cnf.setDefault("gost.sqlite3")
+	cnf.DebugSQL = Conf.DebugSQL
+}
+
+// MetasploitConf is gost go-metasploitdb
+type MetasploitConf struct {
+	VulnDict
+}
+
+const metasploitDBType = "METASPLOITDB_TYPE"
+const metasploitDBURL = "METASPLOITDB_URL"
+const metasploitDBPATH = "METASPLOITDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *MetasploitConf) Init() {
+	cnf.Name = "metasploit"
+	if os.Getenv(metasploitDBType) != "" {
+		cnf.Type = os.Getenv(metasploitDBType)
+	}
+	if os.Getenv(metasploitDBURL) != "" {
+		cnf.URL = os.Getenv(metasploitDBURL)
+	}
+	if os.Getenv(metasploitDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(metasploitDBPATH)
+	}
+	cnf.setDefault("go-msfdb.sqlite3")
+	cnf.DebugSQL = Conf.DebugSQL
+}

constant/constant.go

@@ -0,0 +1,67 @@
+package constant
+
+// Global constant
+// Pkg local constants should not be defined here.
+// Define them in the each package.
+
+const (
+	// RedHat is
+	RedHat = "redhat"
+
+	// Debian is
+	Debian = "debian"
+
+	// Ubuntu is
+	Ubuntu = "ubuntu"
+
+	// CentOS is
+	CentOS = "centos"
+
+	// Alma is
+	Alma = "alma"
+
+	// Rocky is
+	Rocky = "rocky"
+
+	// Fedora is
+	// Fedora = "fedora"
+
+	// Amazon is
+	Amazon = "amazon"
+
+	// Oracle is
+	Oracle = "oracle"
+
+	// FreeBSD is
+	FreeBSD = "freebsd"
+
+	// Raspbian is
+	Raspbian = "raspbian"
+
+	// Windows is
+	Windows = "windows"
+
+	// OpenSUSE is
+	OpenSUSE = "opensuse"
+
+	// OpenSUSELeap is
+	OpenSUSELeap = "opensuse.leap"
+
+	// SUSEEnterpriseServer is
+	SUSEEnterpriseServer = "suse.linux.enterprise.server"
+
+	// SUSEEnterpriseDesktop is
+	SUSEEnterpriseDesktop = "suse.linux.enterprise.desktop"
+
+	// SUSEOpenstackCloud is
+	SUSEOpenstackCloud = "suse.openstack.cloud"
+
+	// Alpine is
+	Alpine = "alpine"
+
+	// ServerTypePseudo is used for ServerInfo.Type, r.Family
+	ServerTypePseudo = "pseudo"
+
+	// DeepSecurity is
+	DeepSecurity = "deepsecurity"
+)

contrib/future-vuls/cmd/main.go

@@ -10,7 +10,7 @@ import (
 
 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
-	"github.com/future-architect/vuls/report"
+	"github.com/future-architect/vuls/saas"
 	"github.com/spf13/cobra"
 )
 
@@ -73,7 +73,7 @@ func main() {
 			config.Conf.Saas.GroupID = groupID
 			config.Conf.Saas.Token = token
 			config.Conf.Saas.URL = url
-			if err = (report.SaasWriter{}).Write(scanResult); err != nil {
+			if err = (saas.Writer{}).Write(scanResult); err != nil {
 				fmt.Println(err)
 				os.Exit(1)
 				return

contrib/trivy/parser/parser.go

@@ -6,8 +6,11 @@ import (
 	"time"
 
 	"github.com/aquasecurity/fanal/analyzer/os"
+	ftypes "github.com/aquasecurity/fanal/types"
 	"github.com/aquasecurity/trivy/pkg/report"
+
 	"github.com/aquasecurity/trivy/pkg/types"
+	"github.com/future-architect/vuls/constant"
 	"github.com/future-architect/vuls/models"
 )
 
@@ -22,6 +25,7 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 	vulnInfos := models.VulnInfos{}
 	uniqueLibraryScannerPaths := map[string]models.LibraryScanner{}
 	for _, trivyResult := range trivyResults {
+		setScanResultMeta(scanResult, &trivyResult)
 		for _, vuln := range trivyResult.Vulnerabilities {
 			if _, ok := vulnInfos[vuln.VulnerabilityID]; !ok {
 				vulnInfos[vuln.VulnerabilityID] = models.VulnInfo{
@@ -57,16 +61,28 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 				return references[i].Link < references[j].Link
 			})
 
+			var published time.Time
+			if vuln.PublishedDate != nil {
+				published = *vuln.PublishedDate
+			}
+
+			var lastModified time.Time
+			if vuln.LastModifiedDate != nil {
+				lastModified = *vuln.LastModifiedDate
+			}
+
 			vulnInfo.CveContents = models.CveContents{
-				models.Trivy: models.CveContent{
+				models.Trivy: []models.CveContent{{
 					Cvss3Severity: vuln.Severity,
 					References:    references,
 					Title:         vuln.Title,
 					Summary:       vuln.Description,
-				},
+					Published:     published,
+					LastModified:  lastModified,
+				}},
 			}
 			// do only if image type is Vuln
-			if IsTrivySupportedOS(trivyResult.Type) {
+			if isTrivySupportedOS(trivyResult.Type) {
 				pkgs[vuln.PkgName] = models.Package{
 					Name:    vuln.PkgName,
 					Version: vuln.InstalledVersion,
@@ -77,18 +93,7 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 					FixState:    fixState,
 					FixedIn:     vuln.FixedVersion,
 				})
-
-				// overwrite every time if os package
-				scanResult.Family = trivyResult.Type
-				scanResult.ServerName = trivyResult.Target
-				scanResult.Optional = map[string]interface{}{
-					"trivy-target": trivyResult.Target,
-				}
-				scanResult.ScannedAt = time.Now()
-				scanResult.ScannedBy = "trivy"
-				scanResult.ScannedVia = "trivy"
 			} else {
-				// LibraryScanの結果
 				vulnInfo.LibraryFixedIns = append(vulnInfo.LibraryFixedIns, models.LibraryFixedIn{
 					Key:     trivyResult.Type,
 					Name:    vuln.PkgName,
@@ -96,6 +101,7 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 					FixedIn: vuln.FixedVersion,
 				})
 				libScanner := uniqueLibraryScannerPaths[trivyResult.Target]
+				libScanner.Type = trivyResult.Type
 				libScanner.Libs = append(libScanner.Libs, types.Library{
 					Name:    vuln.PkgName,
 					Version: vuln.InstalledVersion,
@@ -123,6 +129,7 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 		})
 
 		libscanner := models.LibraryScanner{
+			Type: v.Type,
 			Path: path,
 			Libs: libraries,
 		}
@@ -137,28 +144,70 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 	return scanResult, nil
 }
 
-// IsTrivySupportedOS :
-func IsTrivySupportedOS(family string) bool {
-	supportedFamilies := []string{
-		os.RedHat,
-		os.Debian,
-		os.Ubuntu,
-		os.CentOS,
-		os.Fedora,
-		os.Amazon,
-		os.Oracle,
-		os.Windows,
-		os.OpenSUSE,
-		os.OpenSUSELeap,
-		os.OpenSUSETumbleweed,
-		os.SLES,
-		os.Photon,
-		os.Alpine,
-	}
-	for _, supportedFamily := range supportedFamilies {
-		if family == supportedFamily {
-			return true
+const trivyTarget = "trivy-target"
+
+func setScanResultMeta(scanResult *models.ScanResult, trivyResult *report.Result) {
+	if isTrivySupportedOS(trivyResult.Type) {
+		scanResult.Family = trivyResult.Type
+		scanResult.ServerName = trivyResult.Target
+		scanResult.Optional = map[string]interface{}{
+			trivyTarget: trivyResult.Target,
+		}
+	} else if isTrivySupportedLib(trivyResult.Type) {
+		if scanResult.Family == "" {
+			scanResult.Family = constant.ServerTypePseudo
+		}
+		if scanResult.ServerName == "" {
+			scanResult.ServerName = "library scan by trivy"
+		}
+		if _, ok := scanResult.Optional[trivyTarget]; !ok {
+			scanResult.Optional = map[string]interface{}{
+				trivyTarget: trivyResult.Target,
+			}
 		}
 	}
-	return false
+	scanResult.ScannedAt = time.Now()
+	scanResult.ScannedBy = "trivy"
+	scanResult.ScannedVia = "trivy"
+}
+
+// isTrivySupportedOS :
+func isTrivySupportedOS(family string) bool {
+	supportedFamilies := map[string]interface{}{
+		os.RedHat:             struct{}{},
+		os.Debian:             struct{}{},
+		os.Ubuntu:             struct{}{},
+		os.CentOS:             struct{}{},
+		os.Fedora:             struct{}{},
+		os.Amazon:             struct{}{},
+		os.Oracle:             struct{}{},
+		os.Windows:            struct{}{},
+		os.OpenSUSE:           struct{}{},
+		os.OpenSUSELeap:       struct{}{},
+		os.OpenSUSETumbleweed: struct{}{},
+		os.SLES:               struct{}{},
+		os.Photon:             struct{}{},
+		os.Alpine:             struct{}{},
+	}
+	_, ok := supportedFamilies[family]
+	return ok
+}
+
+func isTrivySupportedLib(typestr string) bool {
+	supportedLibs := map[string]interface{}{
+		ftypes.Bundler:  struct{}{},
+		ftypes.Cargo:    struct{}{},
+		ftypes.Composer: struct{}{},
+		ftypes.Npm:      struct{}{},
+		ftypes.NuGet:    struct{}{},
+		ftypes.Pip:      struct{}{},
+		ftypes.Pipenv:   struct{}{},
+		ftypes.Poetry:   struct{}{},
+		ftypes.Yarn:     struct{}{},
+		ftypes.Jar:      struct{}{},
+		ftypes.GoBinary: struct{}{},
+		ftypes.GoMod:    struct{}{},
+	}
+	_, ok := supportedLibs[typestr]
+	return ok
 }

detector/cve_client.go

@@ -0,0 +1,228 @@
+//go:build !scanner
+// +build !scanner
+
+package detector
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/cenkalti/backoff"
+	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/logging"
+	"github.com/future-architect/vuls/util"
+	cvedb "github.com/vulsio/go-cve-dictionary/db"
+	cvelog "github.com/vulsio/go-cve-dictionary/log"
+	cvemodels "github.com/vulsio/go-cve-dictionary/models"
+)
+
+type goCveDictClient struct {
+	cnf    config.VulnDictInterface
+	driver cvedb.DB
+}
+
+func newGoCveDictClient(cnf config.VulnDictInterface, o logging.LogOpts) (*goCveDictClient, error) {
+	if err := cvelog.SetLogger(o.LogToFile, o.LogDir, o.Debug, false); err != nil {
+		return nil, err
+	}
+
+	driver, locked, err := newCveDB(cnf)
+	if locked {
+		return nil, xerrors.Errorf("SQLite3 is locked: %s", cnf.GetSQLite3Path())
+	} else if err != nil {
+		return nil, err
+	}
+	return &goCveDictClient{cnf: cnf, driver: driver}, nil
+}
+
+func (api goCveDictClient) closeDB() error {
+	if api.driver == nil {
+		return nil
+	}
+	if err := api.driver.CloseDB(); err != nil {
+		return xerrors.Errorf("Failed to close DB: %+v", err)
+	}
+	return nil
+}
+
+func (api goCveDictClient) fetchCveDetails(cveIDs []string) (cveDetails []cvemodels.CveDetail, err error) {
+	for _, cveID := range cveIDs {
+		cveDetail, err := api.driver.Get(cveID)
+		if err != nil {
+			return nil, xerrors.Errorf("Failed to fetch CVE. err: %w", err)
+		}
+		cveDetails = append(cveDetails, *cveDetail)
+	}
+	return
+}
+
+type response struct {
+	Key       string
+	CveDetail cvemodels.CveDetail
+}
+
+func (api goCveDictClient) fetchCveDetailsViaHTTP(cveIDs []string) (cveDetails []cvemodels.CveDetail, err error) {
+	reqChan := make(chan string, len(cveIDs))
+	resChan := make(chan response, len(cveIDs))
+	errChan := make(chan error, len(cveIDs))
+	defer close(reqChan)
+	defer close(resChan)
+	defer close(errChan)
+
+	go func() {
+		for _, cveID := range cveIDs {
+			reqChan <- cveID
+		}
+	}()
+
+	concurrency := 10
+	tasks := util.GenWorkers(concurrency)
+	for range cveIDs {
+		tasks <- func() {
+			select {
+			case cveID := <-reqChan:
+				url, err := util.URLPathJoin(api.cnf.GetURL(), "cves", cveID)
+				if err != nil {
+					errChan <- err
+				} else {
+					logging.Log.Debugf("HTTP Request to %s", url)
+					api.httpGet(cveID, url, resChan, errChan)
+				}
+			}
+		}
+	}
+
+	timeout := time.After(2 * 60 * time.Second)
+	var errs []error
+	for range cveIDs {
+		select {
+		case res := <-resChan:
+			cveDetails = append(cveDetails, res.CveDetail)
+		case err := <-errChan:
+			errs = append(errs, err)
+		case <-timeout:
+			return nil, xerrors.New("Timeout Fetching CVE")
+		}
+	}
+	if len(errs) != 0 {
+		return nil,
+			xerrors.Errorf("Failed to fetch CVE. err: %w", errs)
+	}
+	return
+}
+
+func (api goCveDictClient) httpGet(key, url string, resChan chan<- response, errChan chan<- error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	f := func() (err error) {
+		resp, body, errs = gorequest.New().Timeout(10 * time.Second).Get(url).End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			return xerrors.Errorf("HTTP GET Error, url: %s, resp: %v, err: %+v",
+				url, resp, errs)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		logging.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %+v", t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		errChan <- xerrors.Errorf("HTTP Error: %w", err)
+		return
+	}
+	cveDetail := cvemodels.CveDetail{}
+	if err := json.Unmarshal([]byte(body), &cveDetail); err != nil {
+		errChan <- xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err)
+		return
+	}
+	resChan <- response{
+		key,
+		cveDetail,
+	}
+}
+
+func (api goCveDictClient) detectCveByCpeURI(cpeURI string, useJVN bool) (cves []cvemodels.CveDetail, err error) {
+	if api.cnf.IsFetchViaHTTP() {
+		url, err := util.URLPathJoin(api.cnf.GetURL(), "cpes")
+		if err != nil {
+			return nil, err
+		}
+
+		query := map[string]string{"name": cpeURI}
+		logging.Log.Debugf("HTTP Request to %s, query: %#v", url, query)
+		if cves, err = api.httpPost(url, query); err != nil {
+			return nil, err
+		}
+	} else {
+		if cves, err = api.driver.GetByCpeURI(cpeURI); err != nil {
+			return nil, err
+		}
+	}
+
+	if useJVN {
+		return cves, nil
+	}
+
+	nvdCves := []cvemodels.CveDetail{}
+	for _, cve := range cves {
+		if !cve.HasNvd() {
+			continue
+		}
+		cve.Jvns = []cvemodels.Jvn{}
+		nvdCves = append(nvdCves, cve)
+	}
+	return nvdCves, nil
+}
+
+func (api goCveDictClient) httpPost(url string, query map[string]string) ([]cvemodels.CveDetail, error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	f := func() (err error) {
+		req := gorequest.New().Timeout(10 * time.Second).Post(url)
+		for key := range query {
+			req = req.Send(fmt.Sprintf("%s=%s", key, query[key])).Type("json")
+		}
+		resp, body, errs = req.End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			return xerrors.Errorf("HTTP POST error. url: %s, resp: %v, err: %+v", url, resp, errs)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		logging.Log.Warnf("Failed to HTTP POST. retrying in %s seconds. err: %+v", t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		return nil, xerrors.Errorf("HTTP Error: %w", err)
+	}
+
+	cveDetails := []cvemodels.CveDetail{}
+	if err := json.Unmarshal([]byte(body), &cveDetails); err != nil {
+		return nil,
+			xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err)
+	}
+	return cveDetails, nil
+}
+
+func newCveDB(cnf config.VulnDictInterface) (driver cvedb.DB, locked bool, err error) {
+	if cnf.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.GetURL()
+	if cnf.GetType() == "sqlite3" {
+		path = cnf.GetSQLite3Path()
+	}
+	driver, locked, err = cvedb.NewDB(cnf.GetType(), path, cnf.GetDebugSQL())
+	if err != nil {
+		err = xerrors.Errorf("Failed to init CVE DB. err: %w, path: %s", err, path)
+		return nil, locked, err
+	}
+	return driver, false, nil
+}

detector/detector.go

@@ -0,0 +1,563 @@
+//go:build !scanner
+// +build !scanner
+
+package detector
+
+import (
+	"os"
+	"strings"
+	"time"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/constant"
+	"github.com/future-architect/vuls/contrib/owasp-dependency-check/parser"
+	"github.com/future-architect/vuls/cwe"
+	"github.com/future-architect/vuls/gost"
+	"github.com/future-architect/vuls/logging"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/oval"
+	"github.com/future-architect/vuls/reporter"
+	"github.com/future-architect/vuls/util"
+	cvemodels "github.com/vulsio/go-cve-dictionary/models"
+	"golang.org/x/xerrors"
+)
+
+// Cpe :
+type Cpe struct {
+	CpeURI string
+	UseJVN bool
+}
+
+// Detect vulns and fill CVE detailed information
+func Detect(rs []models.ScanResult, dir string) ([]models.ScanResult, error) {
+
+	// Use the same reportedAt for all rs
+	reportedAt := time.Now()
+	for i, r := range rs {
+		if !config.Conf.RefreshCve && !needToRefreshCve(r) {
+			logging.Log.Info("No need to refresh")
+			continue
+		}
+
+		if !reuseScannedCves(&r) {
+			r.ScannedCves = models.VulnInfos{}
+		}
+
+		if err := DetectLibsCves(&r, config.Conf.TrivyCacheDBDir, config.Conf.NoProgress); err != nil {
+			return nil, xerrors.Errorf("Failed to fill with Library dependency: %w", err)
+		}
+
+		if err := DetectPkgCves(&r, config.Conf.OvalDict, config.Conf.Gost); err != nil {
+			return nil, xerrors.Errorf("Failed to detect Pkg CVE: %w", err)
+		}
+
+		cpeURIs, owaspDCXMLPath := []string{}, ""
+		cpes := []Cpe{}
+		if len(r.Container.ContainerID) == 0 {
+			cpeURIs = config.Conf.Servers[r.ServerName].CpeNames
+			owaspDCXMLPath = config.Conf.Servers[r.ServerName].OwaspDCXMLPath
+		} else {
+			if s, ok := config.Conf.Servers[r.ServerName]; ok {
+				if con, ok := s.Containers[r.Container.Name]; ok {
+					cpeURIs = con.Cpes
+					owaspDCXMLPath = con.OwaspDCXMLPath
+				}
+			}
+		}
+		if owaspDCXMLPath != "" {
+			cpes, err := parser.Parse(owaspDCXMLPath)
+			if err != nil {
+				return nil, xerrors.Errorf("Failed to read OWASP Dependency Check XML on %s, `%s`, err: %w",
+					r.ServerInfo(), owaspDCXMLPath, err)
+			}
+			cpeURIs = append(cpeURIs, cpes...)
+		}
+		for _, uri := range cpeURIs {
+			cpes = append(cpes, Cpe{
+				CpeURI: uri,
+				UseJVN: true,
+			})
+		}
+		if err := DetectCpeURIsCves(&r, cpes, config.Conf.CveDict, config.Conf.LogOpts); err != nil {
+			return nil, xerrors.Errorf("Failed to detect CVE of `%s`: %w", cpeURIs, err)
+		}
+
+		repos := config.Conf.Servers[r.ServerName].GitHubRepos
+		if err := DetectGitHubCves(&r, repos); err != nil {
+			return nil, xerrors.Errorf("Failed to detect GitHub Cves: %w", err)
+		}
+
+		if err := DetectWordPressCves(&r, config.Conf.WpScan); err != nil {
+			return nil, xerrors.Errorf("Failed to detect WordPress Cves: %w", err)
+		}
+
+		if err := gost.FillCVEsWithRedHat(&r, config.Conf.Gost); err != nil {
+			return nil, xerrors.Errorf("Failed to fill with gost: %w", err)
+		}
+
+		if err := FillCvesWithNvdJvn(&r, config.Conf.CveDict, config.Conf.LogOpts); err != nil {
+			return nil, xerrors.Errorf("Failed to fill with CVE: %w", err)
+		}
+
+		nExploitCve, err := FillWithExploit(&r, config.Conf.Exploit)
+		if err != nil {
+			return nil, xerrors.Errorf("Failed to fill with exploit: %w", err)
+		}
+		logging.Log.Infof("%s: %d PoC are detected", r.FormatServerName(), nExploitCve)
+
+		nMetasploitCve, err := FillWithMetasploit(&r, config.Conf.Metasploit)
+		if err != nil {
+			return nil, xerrors.Errorf("Failed to fill with metasploit: %w", err)
+		}
+		logging.Log.Infof("%s: %d exploits are detected", r.FormatServerName(), nMetasploitCve)
+
+		FillCweDict(&r)
+
+		r.ReportedBy, _ = os.Hostname()
+		r.Lang = config.Conf.Lang
+		r.ReportedAt = reportedAt
+		r.ReportedVersion = config.Version
+		r.ReportedRevision = config.Revision
+		r.Config.Report = config.Conf
+		r.Config.Report.Servers = map[string]config.ServerInfo{
+			r.ServerName: config.Conf.Servers[r.ServerName],
+		}
+		rs[i] = r
+	}
+
+	// Overwrite the json file every time to clear the fields specified in config.IgnoredJSONKeys
+	for _, r := range rs {
+		if s, ok := config.Conf.Servers[r.ServerName]; ok {
+			r = r.ClearFields(s.IgnoredJSONKeys)
+		}
+		//TODO don't call here
+		if err := reporter.OverwriteJSONFile(dir, r); err != nil {
+			return nil, xerrors.Errorf("Failed to write JSON: %w", err)
+		}
+	}
+
+	if config.Conf.DiffPlus || config.Conf.DiffMinus {
+		prevs, err := loadPrevious(rs, config.Conf.ResultsDir)
+		if err != nil {
+			return nil, err
+		}
+		rs = diff(rs, prevs, config.Conf.DiffPlus, config.Conf.DiffMinus)
+	}
+
+	for i, r := range rs {
+		r.ScannedCves = r.ScannedCves.FilterByCvssOver(config.Conf.CvssScoreOver)
+		r.ScannedCves = r.ScannedCves.FilterUnfixed(config.Conf.IgnoreUnfixed)
+		r.ScannedCves = r.ScannedCves.FilterByConfidenceOver(config.Conf.ConfidenceScoreOver)
+
+		// IgnoreCves
+		ignoreCves := []string{}
+		if r.Container.Name == "" {
+			ignoreCves = config.Conf.Servers[r.ServerName].IgnoreCves
+		} else if con, ok := config.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {
+			ignoreCves = con.IgnoreCves
+		}
+		r.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)
+
+		// ignorePkgs
+		ignorePkgsRegexps := []string{}
+		if r.Container.Name == "" {
+			ignorePkgsRegexps = config.Conf.Servers[r.ServerName].IgnorePkgsRegexp
+		} else if s, ok := config.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {
+			ignorePkgsRegexps = s.IgnorePkgsRegexp
+		}
+		r.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)
+
+		// IgnoreUnscored
+		if config.Conf.IgnoreUnscoredCves {
+			r.ScannedCves = r.ScannedCves.FindScoredVulns()
+		}
+
+		r.FilterInactiveWordPressLibs(config.Conf.WpScan.DetectInactive)
+		rs[i] = r
+	}
+	return rs, nil
+}
+
+// DetectPkgCves detects OS pkg cves
+// pass 2 configs
+func DetectPkgCves(r *models.ScanResult, ovalCnf config.GovalDictConf, gostCnf config.GostConf) error {
+	// Pkg Scan
+	if r.Release != "" {
+		// OVAL, gost(Debian Security Tracker) does not support Package for Raspbian, so skip it.
+		if r.Family == constant.Raspbian {
+			r = r.RemoveRaspbianPackFromResult()
+		}
+
+		// OVAL
+		if err := detectPkgsCvesWithOval(ovalCnf, r); err != nil {
+			return xerrors.Errorf("Failed to detect CVE with OVAL: %w", err)
+		}
+
+		// gost
+		if err := detectPkgsCvesWithGost(gostCnf, r); err != nil {
+			return xerrors.Errorf("Failed to detect CVE with gost: %w", err)
+		}
+	} else if reuseScannedCves(r) {
+		logging.Log.Infof("r.Release is empty. Use CVEs as it as.")
+	} else if r.Family == constant.ServerTypePseudo {
+		logging.Log.Infof("pseudo type. Skip OVAL and gost detection")
+	} else {
+		logging.Log.Infof("r.Release is empty. detect as pseudo type. Skip OVAL and gost detection")
+	}
+
+	for i, v := range r.ScannedCves {
+		for j, p := range v.AffectedPackages {
+			if p.NotFixedYet && p.FixState == "" {
+				p.FixState = "Not fixed yet"
+				r.ScannedCves[i].AffectedPackages[j] = p
+			}
+		}
+	}
+
+	// To keep backward compatibility
+	// Newer versions use ListenPortStats,
+	// but older versions of Vuls are set to ListenPorts.
+	// Set ListenPorts to ListenPortStats to allow newer Vuls to report old results.
+	for i, pkg := range r.Packages {
+		for j, proc := range pkg.AffectedProcs {
+			for _, ipPort := range proc.ListenPorts {
+				ps, err := models.NewPortStat(ipPort)
+				if err != nil {
+					logging.Log.Warnf("Failed to parse ip:port: %s, err:%+v", ipPort, err)
+					continue
+				}
+				r.Packages[i].AffectedProcs[j].ListenPortStats = append(
+					r.Packages[i].AffectedProcs[j].ListenPortStats, *ps)
+			}
+		}
+	}
+
+	return nil
+}
+
+// DetectGitHubCves fetches CVEs from GitHub Security Alerts
+func DetectGitHubCves(r *models.ScanResult, githubConfs map[string]config.GitHubConf) error {
+	if len(githubConfs) == 0 {
+		return nil
+	}
+	for ownerRepo, setting := range githubConfs {
+		ss := strings.Split(ownerRepo, "/")
+		if len(ss) != 2 {
+			return xerrors.Errorf("Failed to parse GitHub owner/repo: %s", ownerRepo)
+		}
+		owner, repo := ss[0], ss[1]
+		n, err := DetectGitHubSecurityAlerts(r, owner, repo, setting.Token, setting.IgnoreGitHubDismissed)
+		if err != nil {
+			return xerrors.Errorf("Failed to access GitHub Security Alerts: %w", err)
+		}
+		logging.Log.Infof("%s: %d CVEs detected with GHSA %s/%s",
+			r.FormatServerName(), n, owner, repo)
+	}
+	return nil
+}
+
+// DetectWordPressCves detects CVEs of WordPress
+func DetectWordPressCves(r *models.ScanResult, wpCnf config.WpScanConf) error {
+	if len(r.WordPressPackages) == 0 {
+		return nil
+	}
+	logging.Log.Infof("%s: Detect WordPress CVE. Number of pkgs: %d ", r.ServerInfo(), len(r.WordPressPackages))
+	n, err := detectWordPressCves(r, wpCnf)
+	if err != nil {
+		return xerrors.Errorf("Failed to detect WordPress CVE: %w", err)
+	}
+	logging.Log.Infof("%s: found %d WordPress CVEs", r.FormatServerName(), n)
+	return nil
+}
+
+// FillCvesWithNvdJvn fills CVE detail with NVD, JVN
+func FillCvesWithNvdJvn(r *models.ScanResult, cnf config.GoCveDictConf, logOpts logging.LogOpts) (err error) {
+	cveIDs := []string{}
+	for _, v := range r.ScannedCves {
+		cveIDs = append(cveIDs, v.CveID)
+	}
+
+	client, err := newGoCveDictClient(&cnf, logOpts)
+	if err != nil {
+		return err
+	}
+	defer func() {
+		if err := client.closeDB(); err != nil {
+			logging.Log.Errorf("Failed to close DB. err: %+v", err)
+		}
+	}()
+
+	var ds []cvemodels.CveDetail
+	if cnf.IsFetchViaHTTP() {
+		ds, err = client.fetchCveDetailsViaHTTP(cveIDs)
+	} else {
+		ds, err = client.fetchCveDetails(cveIDs)
+	}
+	if err != nil {
+		return err
+	}
+
+	for _, d := range ds {
+		nvds, exploits, mitigations := models.ConvertNvdToModel(d.CveID, d.Nvds)
+		jvns := models.ConvertJvnToModel(d.CveID, d.Jvns)
+
+		alerts := fillCertAlerts(&d)
+		for cveID, vinfo := range r.ScannedCves {
+			if vinfo.CveID == d.CveID {
+				if vinfo.CveContents == nil {
+					vinfo.CveContents = models.CveContents{}
+				}
+				for _, con := range nvds {
+					if !con.Empty() {
+						vinfo.CveContents[con.Type] = []models.CveContent{con}
+					}
+				}
+				for _, con := range jvns {
+					if !con.Empty() {
+						found := false
+						for _, cveCont := range vinfo.CveContents[con.Type] {
+							if con.SourceLink == cveCont.SourceLink {
+								found = true
+								break
+							}
+						}
+						if !found {
+							vinfo.CveContents[con.Type] = append(vinfo.CveContents[con.Type], con)
+						}
+					}
+				}
+				vinfo.AlertDict = alerts
+				vinfo.Exploits = append(vinfo.Exploits, exploits...)
+				vinfo.Mitigations = append(vinfo.Mitigations, mitigations...)
+				r.ScannedCves[cveID] = vinfo
+				break
+			}
+		}
+	}
+	return nil
+}
+
+func fillCertAlerts(cvedetail *cvemodels.CveDetail) (dict models.AlertDict) {
+	for _, nvd := range cvedetail.Nvds {
+		for _, cert := range nvd.Certs {
+			dict.En = append(dict.En, models.Alert{
+				URL:   cert.Link,
+				Title: cert.Title,
+				Team:  "us",
+			})
+		}
+	}
+
+	for _, jvn := range cvedetail.Jvns {
+		for _, cert := range jvn.Certs {
+			dict.Ja = append(dict.Ja, models.Alert{
+				URL:   cert.Link,
+				Title: cert.Title,
+				Team:  "jp",
+			})
+		}
+	}
+
+	return dict
+}
+
+// detectPkgsCvesWithOval fetches OVAL database
+func detectPkgsCvesWithOval(cnf config.GovalDictConf, r *models.ScanResult) error {
+	ovalClient, err := oval.NewOVALClient(r.Family, cnf)
+	if err != nil {
+		return err
+	}
+	if ovalClient == nil {
+		return nil
+	}
+
+	logging.Log.Debugf("Check if oval fetched: %s %s", r.Family, r.Release)
+	ok, err := ovalClient.CheckIfOvalFetched(r.Family, r.Release)
+	if err != nil {
+		return err
+	}
+	if !ok {
+		if r.Family == constant.Debian {
+			logging.Log.Infof("Skip OVAL and Scan with gost alone.")
+			logging.Log.Infof("%s: %d CVEs are detected with OVAL", r.FormatServerName(), 0)
+			return nil
+		}
+		return xerrors.Errorf("OVAL entries of %s %s are not found. Fetch OVAL before reporting. For details, see `https://github.com/vulsio/goval-dictionary#usage`", r.Family, r.Release)
+	}
+
+	logging.Log.Debugf("Check if oval fresh: %s %s", r.Family, r.Release)
+	_, err = ovalClient.CheckIfOvalFresh(r.Family, r.Release)
+	if err != nil {
+		return err
+	}
+
+	logging.Log.Debugf("Fill with oval: %s %s", r.Family, r.Release)
+	nCVEs, err := ovalClient.FillWithOval(r)
+	if err != nil {
+		return err
+	}
+
+	logging.Log.Infof("%s: %d CVEs are detected with OVAL", r.FormatServerName(), nCVEs)
+	return nil
+}
+
+func detectPkgsCvesWithGost(cnf config.GostConf, r *models.ScanResult) error {
+	client, err := gost.NewClient(cnf, r.Family)
+	if err != nil {
+		return xerrors.Errorf("Failed to new a gost client: %w", err)
+	}
+
+	defer func() {
+		if err := client.CloseDB(); err != nil {
+			logging.Log.Errorf("Failed to close the gost DB. err: %+v", err)
+		}
+	}()
+
+	nCVEs, err := client.DetectCVEs(r, true)
+	if err != nil {
+		if r.Family == constant.Debian {
+			return xerrors.Errorf("Failed to detect CVEs with gost: %w", err)
+		}
+		return xerrors.Errorf("Failed to detect unfixed CVEs with gost: %w", err)
+	}
+
+	if r.Family == constant.Debian {
+		logging.Log.Infof("%s: %d CVEs are detected with gost",
+			r.FormatServerName(), nCVEs)
+	} else {
+		logging.Log.Infof("%s: %d unfixed CVEs are detected with gost",
+			r.FormatServerName(), nCVEs)
+	}
+	return nil
+}
+
+// DetectCpeURIsCves detects CVEs of given CPE-URIs
+func DetectCpeURIsCves(r *models.ScanResult, cpes []Cpe, cnf config.GoCveDictConf, logOpts logging.LogOpts) error {
+	client, err := newGoCveDictClient(&cnf, logOpts)
+	if err != nil {
+		return err
+	}
+	defer func() {
+		if err := client.closeDB(); err != nil {
+			logging.Log.Errorf("Failed to close DB. err: %+v", err)
+		}
+	}()
+
+	nCVEs := 0
+	for _, cpe := range cpes {
+		details, err := client.detectCveByCpeURI(cpe.CpeURI, cpe.UseJVN)
+		if err != nil {
+			return err
+		}
+
+		for _, detail := range details {
+			advisories := []models.DistroAdvisory{}
+			if !detail.HasNvd() && detail.HasJvn() {
+				for _, jvn := range detail.Jvns {
+					advisories = append(advisories, models.DistroAdvisory{
+						AdvisoryID: jvn.JvnID,
+					})
+				}
+			}
+			maxConfidence := getMaxConfidence(detail)
+
+			if val, ok := r.ScannedCves[detail.CveID]; ok {
+				val.CpeURIs = util.AppendIfMissing(val.CpeURIs, cpe.CpeURI)
+				val.Confidences.AppendIfMissing(maxConfidence)
+				val.DistroAdvisories = advisories
+				r.ScannedCves[detail.CveID] = val
+			} else {
+				v := models.VulnInfo{
+					CveID:            detail.CveID,
+					CpeURIs:          []string{cpe.CpeURI},
+					Confidences:      models.Confidences{maxConfidence},
+					DistroAdvisories: advisories,
+				}
+				r.ScannedCves[detail.CveID] = v
+				nCVEs++
+			}
+		}
+	}
+	logging.Log.Infof("%s: %d CVEs are detected with CPE", r.FormatServerName(), nCVEs)
+	return nil
+}
+
+func getMaxConfidence(detail cvemodels.CveDetail) (max models.Confidence) {
+	if !detail.HasNvd() && detail.HasJvn() {
+		return models.JvnVendorProductMatch
+	} else if detail.HasNvd() {
+		for _, nvd := range detail.Nvds {
+			confidence := models.Confidence{}
+			switch nvd.DetectionMethod {
+			case cvemodels.NvdExactVersionMatch:
+				confidence = models.NvdExactVersionMatch
+			case cvemodels.NvdRoughVersionMatch:
+				confidence = models.NvdRoughVersionMatch
+			case cvemodels.NvdVendorProductMatch:
+				confidence = models.NvdVendorProductMatch
+			}
+			if max.Score < confidence.Score {
+				max = confidence
+			}
+		}
+	}
+	return max
+}
+
+// FillCweDict fills CWE
+func FillCweDict(r *models.ScanResult) {
+	uniqCweIDMap := map[string]bool{}
+	for _, vinfo := range r.ScannedCves {
+		for _, conts := range vinfo.CveContents {
+			for _, cont := range conts {
+				for _, id := range cont.CweIDs {
+					if strings.HasPrefix(id, "CWE-") {
+						id = strings.TrimPrefix(id, "CWE-")
+						uniqCweIDMap[id] = true
+					}
+				}
+			}
+		}
+	}
+
+	dict := map[string]models.CweDictEntry{}
+	for id := range uniqCweIDMap {
+		entry := models.CweDictEntry{}
+		if e, ok := cwe.CweDictEn[id]; ok {
+			if rank, ok := cwe.OwaspTopTen2017[id]; ok {
+				entry.OwaspTopTen2017 = rank
+			}
+			if rank, ok := cwe.CweTopTwentyfive2019[id]; ok {
+				entry.CweTopTwentyfive2019 = rank
+			}
+			if rank, ok := cwe.SansTopTwentyfive[id]; ok {
+				entry.SansTopTwentyfive = rank
+			}
+			entry.En = &e
+		} else {
+			logging.Log.Debugf("CWE-ID %s is not found in English CWE Dict", id)
+			entry.En = &cwe.Cwe{CweID: id}
+		}
+
+		if r.Lang == "ja" {
+			if e, ok := cwe.CweDictJa[id]; ok {
+				if rank, ok := cwe.OwaspTopTen2017[id]; ok {
+					entry.OwaspTopTen2017 = rank
+				}
+				if rank, ok := cwe.CweTopTwentyfive2019[id]; ok {
+					entry.CweTopTwentyfive2019 = rank
+				}
+				if rank, ok := cwe.SansTopTwentyfive[id]; ok {
+					entry.SansTopTwentyfive = rank
+				}
+				entry.Ja = &e
+			} else {
+				logging.Log.Debugf("CWE-ID %s is not found in Japanese CWE Dict", id)
+				entry.Ja = &cwe.Cwe{CweID: id}
+			}
+		}
+		dict[id] = entry
+	}
+	r.CweDict = dict
+	return
+}

detector/detector_test.go

@@ -0,0 +1,90 @@
+//go:build !scanner
+// +build !scanner
+
+package detector
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/future-architect/vuls/models"
+	cvemodels "github.com/vulsio/go-cve-dictionary/models"
+)
+
+func Test_getMaxConfidence(t *testing.T) {
+	type args struct {
+		detail cvemodels.CveDetail
+	}
+	tests := []struct {
+		name    string
+		args    args
+		wantMax models.Confidence
+	}{
+		{
+			name: "JvnVendorProductMatch",
+			args: args{
+				detail: cvemodels.CveDetail{
+					Nvds: []cvemodels.Nvd{},
+					Jvns: []cvemodels.Jvn{{}},
+				},
+			},
+			wantMax: models.JvnVendorProductMatch,
+		},
+		{
+			name: "NvdExactVersionMatch",
+			args: args{
+				detail: cvemodels.CveDetail{
+					Nvds: []cvemodels.Nvd{
+						{DetectionMethod: cvemodels.NvdRoughVersionMatch},
+						{DetectionMethod: cvemodels.NvdVendorProductMatch},
+						{DetectionMethod: cvemodels.NvdExactVersionMatch},
+					},
+					Jvns: []cvemodels.Jvn{{DetectionMethod: cvemodels.JvnVendorProductMatch}},
+				},
+			},
+			wantMax: models.NvdExactVersionMatch,
+		},
+		{
+			name: "NvdRoughVersionMatch",
+			args: args{
+				detail: cvemodels.CveDetail{
+					Nvds: []cvemodels.Nvd{
+						{DetectionMethod: cvemodels.NvdRoughVersionMatch},
+						{DetectionMethod: cvemodels.NvdVendorProductMatch},
+					},
+					Jvns: []cvemodels.Jvn{},
+				},
+			},
+			wantMax: models.NvdRoughVersionMatch,
+		},
+		{
+			name: "NvdVendorProductMatch",
+			args: args{
+				detail: cvemodels.CveDetail{
+					Nvds: []cvemodels.Nvd{
+						{DetectionMethod: cvemodels.NvdVendorProductMatch},
+					},
+					Jvns: []cvemodels.Jvn{{DetectionMethod: cvemodels.JvnVendorProductMatch}},
+				},
+			},
+			wantMax: models.NvdVendorProductMatch,
+		},
+		{
+			name: "empty",
+			args: args{
+				detail: cvemodels.CveDetail{
+					Nvds: []cvemodels.Nvd{},
+					Jvns: []cvemodels.Jvn{},
+				},
+			},
+			wantMax: models.Confidence{},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if gotMax := getMaxConfidence(tt.args.detail); !reflect.DeepEqual(gotMax, tt.wantMax) {
+				t.Errorf("getMaxConfidence() = %v, want %v", gotMax, tt.wantMax)
+			}
+		})
+	}
+}

detector/exploitdb.go

@@ -0,0 +1,224 @@
+//go:build !scanner
+// +build !scanner
+
+package detector
+
+import (
+	"encoding/json"
+	"net/http"
+	"time"
+
+	"github.com/cenkalti/backoff"
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/logging"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/parnurzeal/gorequest"
+	exploitdb "github.com/vulsio/go-exploitdb/db"
+	exploitmodels "github.com/vulsio/go-exploitdb/models"
+
+	"golang.org/x/xerrors"
+)
+
+// FillWithExploit fills exploit information that has in Exploit
+func FillWithExploit(r *models.ScanResult, cnf config.ExploitConf) (nExploitCve int, err error) {
+	if cnf.IsFetchViaHTTP() {
+		var cveIDs []string
+		for cveID := range r.ScannedCves {
+			cveIDs = append(cveIDs, cveID)
+		}
+		prefix, _ := util.URLPathJoin(cnf.GetURL(), "cves")
+		responses, err := getCvesViaHTTP(cveIDs, prefix)
+		if err != nil {
+			return 0, err
+		}
+		for _, res := range responses {
+			exps := []exploitmodels.Exploit{}
+			if err := json.Unmarshal([]byte(res.json), &exps); err != nil {
+				return 0, err
+			}
+			exploits := ConvertToModels(exps)
+			v, ok := r.ScannedCves[res.request.cveID]
+			if ok {
+				v.Exploits = exploits
+			}
+			r.ScannedCves[res.request.cveID] = v
+			nExploitCve++
+		}
+	} else {
+
+		driver, locked, err := newExploitDB(&cnf)
+		if locked {
+			return 0, xerrors.Errorf("SQLite3 is locked: %s", cnf.GetSQLite3Path())
+		} else if err != nil {
+			return 0, err
+		}
+		defer func() {
+			if err := driver.CloseDB(); err != nil {
+				logging.Log.Errorf("Failed to close DB. err: %+v", err)
+			}
+		}()
+
+		for cveID, vuln := range r.ScannedCves {
+			if cveID == "" {
+				continue
+			}
+			es := driver.GetExploitByCveID(cveID)
+			if len(es) == 0 {
+				continue
+			}
+			exploits := ConvertToModels(es)
+			vuln.Exploits = exploits
+			r.ScannedCves[cveID] = vuln
+			nExploitCve++
+		}
+	}
+	return nExploitCve, nil
+}
+
+// ConvertToModels converts gost model to vuls model
+func ConvertToModels(es []exploitmodels.Exploit) (exploits []models.Exploit) {
+	for _, e := range es {
+		var documentURL, shellURL *string
+		if e.OffensiveSecurity != nil {
+			os := e.OffensiveSecurity
+			if os.Document != nil {
+				documentURL = &os.Document.DocumentURL
+			}
+			if os.ShellCode != nil {
+				shellURL = &os.ShellCode.ShellCodeURL
+			}
+		}
+		exploit := models.Exploit{
+			ExploitType:  e.ExploitType,
+			ID:           e.ExploitUniqueID,
+			URL:          e.URL,
+			Description:  e.Description,
+			DocumentURL:  documentURL,
+			ShellCodeURL: shellURL,
+		}
+		exploits = append(exploits, exploit)
+	}
+	return exploits
+}
+
+type exploitResponse struct {
+	request request
+	json    string
+}
+
+func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
+	responses []exploitResponse, err error) {
+	nReq := len(cveIDs)
+	reqChan := make(chan request, nReq)
+	resChan := make(chan exploitResponse, nReq)
+	errChan := make(chan error, nReq)
+	defer close(reqChan)
+	defer close(resChan)
+	defer close(errChan)
+
+	go func() {
+		for _, cveID := range cveIDs {
+			reqChan <- request{
+				cveID: cveID,
+			}
+		}
+	}()
+
+	concurrency := 10
+	tasks := util.GenWorkers(concurrency)
+	for i := 0; i < nReq; i++ {
+		tasks <- func() {
+			select {
+			case req := <-reqChan:
+				url, err := util.URLPathJoin(
+					urlPrefix,
+					req.cveID,
+				)
+				if err != nil {
+					errChan <- err
+				} else {
+					logging.Log.Debugf("HTTP Request to %s", url)
+					httpGet(url, req, resChan, errChan)
+				}
+			}
+		}
+	}
+
+	timeout := time.After(2 * 60 * time.Second)
+	var errs []error
+	for i := 0; i < nReq; i++ {
+		select {
+		case res := <-resChan:
+			responses = append(responses, res)
+		case err := <-errChan:
+			errs = append(errs, err)
+		case <-timeout:
+			return nil, xerrors.New("Timeout Fetching OVAL")
+		}
+	}
+	if len(errs) != 0 {
+		return nil, xerrors.Errorf("Failed to fetch OVAL. err: %w", errs)
+	}
+	return
+}
+
+type request struct {
+	osMajorVersion string
+	packName       string
+	isSrcPack      bool
+	cveID          string
+}
+
+func httpGet(url string, req request, resChan chan<- exploitResponse, errChan chan<- error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	count, retryMax := 0, 3
+	f := func() (err error) {
+		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+		resp, body, errs = gorequest.New().Timeout(10 * time.Second).Get(url).End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			count++
+			if count == retryMax {
+				return nil
+			}
+			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %+v", url, resp, errs)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		logging.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %+v", t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		errChan <- xerrors.Errorf("HTTP Error %w", err)
+		return
+	}
+	if count == retryMax {
+		errChan <- xerrors.New("Retry count exceeded")
+		return
+	}
+
+	resChan <- exploitResponse{
+		request: req,
+		json:    body,
+	}
+}
+
+func newExploitDB(cnf config.VulnDictInterface) (driver exploitdb.DB, locked bool, err error) {
+	if cnf.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.GetURL()
+	if cnf.GetType() == "sqlite3" {
+		path = cnf.GetSQLite3Path()
+	}
+	if driver, locked, err = exploitdb.NewDB(cnf.GetType(), path, cnf.GetDebugSQL()); err != nil {
+		if locked {
+			return nil, true, xerrors.Errorf("exploitDB is locked. err: %w", err)
+		}
+		return nil, false, err
+	}
+	return driver, false, nil
+}

detector/github.go

@@ -1,4 +1,7 @@
-package github
+//go:build !scanner
+// +build !scanner
+
+package detector
 
 import (
 	"bytes"
@@ -9,18 +12,18 @@ import (
 	"net/http"
 	"time"
 
-	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/errof"
 	"github.com/future-architect/vuls/models"
 	"golang.org/x/oauth2"
 )
 
-// FillGitHubSecurityAlerts access to owner/repo on GitHub and fetch scurity alerts of the repository via GitHub API v4 GraphQL and then set to the given ScanResult.
+// DetectGitHubSecurityAlerts access to owner/repo on GitHub and fetch security alerts of the repository via GitHub API v4 GraphQL and then set to the given ScanResult.
 // https://help.github.com/articles/about-security-alerts-for-vulnerable-dependencies/
-func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (nCVEs int, err error) {
+func DetectGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string, ignoreDismissed bool) (nCVEs int, err error) {
 	src := oauth2.StaticTokenSource(
 		&oauth2.Token{AccessToken: token},
 	)
+	//TODO Proxy
 	httpClient := oauth2.NewClient(context.Background(), src)
 
 	// TODO Use `https://github.com/shurcooL/githubv4` if the tool supports vulnerabilityAlerts Endpoint
@@ -31,10 +34,12 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
 
 	for {
 		jsonStr := fmt.Sprintf(jsonfmt, owner, repo, 100, after)
-		req, err := http.NewRequest("POST",
+		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+		req, err := http.NewRequestWithContext(ctx, http.MethodPost,
 			"https://api.github.com/graphql",
 			bytes.NewBuffer([]byte(jsonStr)),
 		)
+		defer cancel()
 		if err != nil {
 			return 0, err
 		}
@@ -65,14 +70,12 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
 		// util.Log.Debugf("%s", pp.Sprint(alerts))
 		// util.Log.Debugf("%s", string(body))
 		if alerts.Data.Repository.URL == "" {
-			return 0, errof.New(
-				errof.ErrFailedToAccessGithubAPI,
-				fmt.Sprintf("Failed to access to GitHub API. Response: %s", string(body)),
-			)
+			return 0, errof.New(errof.ErrFailedToAccessGithubAPI,
+				fmt.Sprintf("Failed to access to GitHub API. Response: %s", string(body)))
 		}
 
 		for _, v := range alerts.Data.Repository.VulnerabilityAlerts.Edges {
-			if config.Conf.IgnoreGitHubDismissed && v.Node.DismissReason != "" {
+			if ignoreDismissed && v.Node.DismissReason != "" {
 				continue
 			}
 
@@ -102,20 +105,39 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
 				cveIDs = other
 			}
 
+			refs := []models.Reference{}
+			for _, r := range v.Node.SecurityAdvisory.References {
+				refs = append(refs, models.Reference{Link: r.URL})
+			}
+
 			for _, cveID := range cveIDs {
+				cveContent := models.CveContent{
+					Type:          models.GitHub,
+					CveID:         cveID,
+					Title:         v.Node.SecurityAdvisory.Summary,
+					Summary:       v.Node.SecurityAdvisory.Description,
+					Cvss2Severity: v.Node.SecurityVulnerability.Severity,
+					Cvss3Severity: v.Node.SecurityVulnerability.Severity,
+					SourceLink:    v.Node.SecurityAdvisory.Permalink,
+					References:    refs,
+					Published:     v.Node.SecurityAdvisory.PublishedAt,
+					LastModified:  v.Node.SecurityAdvisory.UpdatedAt,
+				}
+
 				if val, ok := r.ScannedCves[cveID]; ok {
 					val.GitHubSecurityAlerts = val.GitHubSecurityAlerts.Add(m)
+					val.CveContents[models.GitHub] = []models.CveContent{cveContent}
 					r.ScannedCves[cveID] = val
-					nCVEs++
 				} else {
 					v := models.VulnInfo{
 						CveID:                cveID,
 						Confidences:          models.Confidences{models.GitHubMatch},
 						GitHubSecurityAlerts: models.GitHubSecurityAlerts{m},
+						CveContents:          models.NewCveContents(cveContent),
 					}
 					r.ScannedCves[cveID] = v
-					nCVEs++
 				}
+				nCVEs++
 			}
 		}
 		if !alerts.Data.Repository.VulnerabilityAlerts.PageInfo.HasNextPage {

detector/library.go

@@ -1,4 +1,7 @@
-package libmanager
+//go:build !scanner
+// +build !scanner
+
+package detector
 
 import (
 	"context"
@@ -12,13 +15,13 @@ import (
 	"golang.org/x/xerrors"
 	"k8s.io/utils/clock"
 
-	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
-	"github.com/future-architect/vuls/util"
 )
 
-// FillLibrary fills LibraryScanner informations
-func FillLibrary(r *models.ScanResult) (totalCnt int, err error) {
+// DetectLibsCves fills LibraryScanner information
+func DetectLibsCves(r *models.ScanResult, cacheDir string, noProgress bool) (err error) {
+	totalCnt := 0
 	if len(r.LibraryScanners) == 0 {
 		return
 	}
@@ -26,23 +29,23 @@ func FillLibrary(r *models.ScanResult) (totalCnt int, err error) {
 	// initialize trivy's logger and db
 	err = log.InitLogger(false, false)
 	if err != nil {
-		return 0, err
+		return err
 	}
 
-	util.Log.Info("Updating library db...")
-	if err := downloadDB(config.Version, config.Conf.TrivyCacheDBDir, config.Conf.NoProgress, false, false); err != nil {
-		return 0, err
+	logging.Log.Info("Updating library db...")
+	if err := downloadDB("", cacheDir, noProgress, false, false); err != nil {
+		return err
 	}
 
-	if err := db2.Init(config.Conf.TrivyCacheDBDir); err != nil {
-		return 0, err
+	if err := db2.Init(cacheDir); err != nil {
+		return err
 	}
 	defer db2.Close()
 
 	for _, lib := range r.LibraryScanners {
 		vinfos, err := lib.Scan()
 		if err != nil {
-			return 0, err
+			return err
 		}
 		for _, vinfo := range vinfos {
 			vinfo.Confidences.AppendIfMissing(models.TrivyMatch)
@@ -56,7 +59,10 @@ func FillLibrary(r *models.ScanResult) (totalCnt int, err error) {
 		totalCnt += len(vinfos)
 	}
 
-	return totalCnt, nil
+	logging.Log.Infof("%s: %d CVEs are detected with Library",
+		r.FormatServerName(), totalCnt)
+
+	return nil
 }
 
 func downloadDB(appVersion, cacheDir string, quiet, light, skipUpdate bool) error {
@@ -68,8 +74,8 @@ func downloadDB(appVersion, cacheDir string, quiet, light, skipUpdate bool) erro
 	}
 
 	if needsUpdate {
-		util.Log.Info("Need to update DB")
-		util.Log.Info("Downloading DB...")
+		logging.Log.Info("Need to update DB")
+		logging.Log.Info("Downloading DB...")
 		if err := client.Download(ctx, cacheDir, light); err != nil {
 			return xerrors.Errorf("failed to download vulnerability DB: %w", err)
 		}
@@ -102,7 +108,7 @@ func showDBInfo(cacheDir string) error {
 	if err != nil {
 		return xerrors.Errorf("something wrong with DB: %w", err)
 	}
-	util.Log.Debugf("DB Schema: %d, Type: %d, UpdatedAt: %s, NextUpdate: %s",
+	logging.Log.Debugf("DB Schema: %d, Type: %d, UpdatedAt: %s, NextUpdate: %s",
 		metadata.Version, metadata.Type, metadata.UpdatedAt, metadata.NextUpdate)
 	return nil
 }

detector/msf.go

@@ -0,0 +1,82 @@
+//go:build !scanner
+// +build !scanner
+
+package detector
+
+import (
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/logging"
+	"github.com/future-architect/vuls/models"
+	metasploitdb "github.com/vulsio/go-msfdb/db"
+	metasploitmodels "github.com/vulsio/go-msfdb/models"
+	"golang.org/x/xerrors"
+)
+
+// FillWithMetasploit fills metasploit module information that has in module
+func FillWithMetasploit(r *models.ScanResult, cnf config.MetasploitConf) (nMetasploitCve int, err error) {
+
+	driver, locked, err := newMetasploitDB(&cnf)
+	if locked {
+		return 0, xerrors.Errorf("SQLite3 is locked: %s", cnf.GetSQLite3Path())
+	} else if err != nil {
+		return 0, err
+	}
+	defer func() {
+		if err := driver.CloseDB(); err != nil {
+			logging.Log.Errorf("Failed to close DB. err: %+v", err)
+		}
+	}()
+
+	for cveID, vuln := range r.ScannedCves {
+		if cveID == "" {
+			continue
+		}
+		ms := driver.GetModuleByCveID(cveID)
+		if len(ms) == 0 {
+			continue
+		}
+		modules := ConvertToModelsMsf(ms)
+		vuln.Metasploits = modules
+		r.ScannedCves[cveID] = vuln
+		nMetasploitCve++
+	}
+
+	return nMetasploitCve, nil
+}
+
+// ConvertToModelsMsf converts gost model to vuls model
+func ConvertToModelsMsf(ms []metasploitmodels.Metasploit) (modules []models.Metasploit) {
+	for _, m := range ms {
+		var links []string
+		if 0 < len(m.References) {
+			for _, u := range m.References {
+				links = append(links, u.Link)
+			}
+		}
+		module := models.Metasploit{
+			Name:        m.Name,
+			Title:       m.Title,
+			Description: m.Description,
+			URLs:        links,
+		}
+		modules = append(modules, module)
+	}
+	return modules
+}
+
+func newMetasploitDB(cnf config.VulnDictInterface) (driver metasploitdb.DB, locked bool, err error) {
+	if cnf.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.GetURL()
+	if cnf.GetType() == "sqlite3" {
+		path = cnf.GetSQLite3Path()
+	}
+	if driver, locked, err = metasploitdb.NewDB(cnf.GetType(), path, cnf.GetDebugSQL()); err != nil {
+		if locked {
+			return nil, true, xerrors.Errorf("metasploitDB is locked. err: %w", err)
+		}
+		return nil, false, err
+	}
+	return driver, false, nil
+}

detector/util.go

@@ -0,0 +1,277 @@
+//go:build !scanner
+// +build !scanner
+
+package detector
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"regexp"
+	"sort"
+	"time"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/constant"
+	"github.com/future-architect/vuls/logging"
+	"github.com/future-architect/vuls/models"
+	"golang.org/x/xerrors"
+)
+
+func reuseScannedCves(r *models.ScanResult) bool {
+	switch r.Family {
+	case constant.FreeBSD, constant.Raspbian:
+		return true
+	}
+	if isTrivyResult(r) {
+		return true
+	}
+	return false
+}
+
+func isTrivyResult(r *models.ScanResult) bool {
+	_, ok := r.Optional["trivy-target"]
+	return ok
+}
+
+func needToRefreshCve(r models.ScanResult) bool {
+	for _, cve := range r.ScannedCves {
+		if 0 < len(cve.CveContents) {
+			return false
+		}
+	}
+	return true
+}
+
+func loadPrevious(currs models.ScanResults, resultsDir string) (prevs models.ScanResults, err error) {
+	dirs, err := ListValidJSONDirs(resultsDir)
+	if err != nil {
+		return
+	}
+
+	for _, result := range currs {
+		filename := result.ServerName + ".json"
+		if result.Container.Name != "" {
+			filename = fmt.Sprintf("%s@%s.json", result.Container.Name, result.ServerName)
+		}
+		for _, dir := range dirs[1:] {
+			path := filepath.Join(dir, filename)
+			r, err := loadOneServerScanResult(path)
+			if err != nil {
+				logging.Log.Debugf("%+v", err)
+				continue
+			}
+			if r.Family == result.Family && r.Release == result.Release {
+				prevs = append(prevs, *r)
+				logging.Log.Infof("Previous json found: %s", path)
+				break
+			}
+			logging.Log.Infof("Previous json is different family.Release: %s, pre: %s.%s cur: %s.%s",
+				path, r.Family, r.Release, result.Family, result.Release)
+		}
+	}
+	return prevs, nil
+}
+
+func diff(curResults, preResults models.ScanResults, isPlus, isMinus bool) (diffed models.ScanResults) {
+	for _, current := range curResults {
+		found := false
+		var previous models.ScanResult
+		for _, r := range preResults {
+			if current.ServerName == r.ServerName && current.Container.Name == r.Container.Name {
+				found = true
+				previous = r
+				break
+			}
+		}
+
+		if !found {
+			diffed = append(diffed, current)
+			continue
+		}
+
+		cves := models.VulnInfos{}
+		if isPlus {
+			cves = getPlusDiffCves(previous, current)
+		}
+		if isMinus {
+			minus := getMinusDiffCves(previous, current)
+			if len(cves) == 0 {
+				cves = minus
+			} else {
+				for k, v := range minus {
+					cves[k] = v
+				}
+			}
+		}
+
+		packages := models.Packages{}
+		for _, s := range cves {
+			for _, affected := range s.AffectedPackages {
+				var p models.Package
+				if s.DiffStatus == models.DiffPlus {
+					p = current.Packages[affected.Name]
+				} else {
+					p = previous.Packages[affected.Name]
+				}
+				packages[affected.Name] = p
+			}
+		}
+		current.ScannedCves = cves
+		current.Packages = packages
+		diffed = append(diffed, current)
+	}
+	return
+}
+
+func getPlusDiffCves(previous, current models.ScanResult) models.VulnInfos {
+	previousCveIDsSet := map[string]bool{}
+	for _, previousVulnInfo := range previous.ScannedCves {
+		previousCveIDsSet[previousVulnInfo.CveID] = true
+	}
+
+	new := models.VulnInfos{}
+	updated := models.VulnInfos{}
+	for _, v := range current.ScannedCves {
+		if previousCveIDsSet[v.CveID] {
+			if isCveInfoUpdated(v.CveID, previous, current) {
+				v.DiffStatus = models.DiffPlus
+				updated[v.CveID] = v
+				logging.Log.Debugf("updated: %s", v.CveID)
+
+				// TODO commented out because  a bug of diff logic when multiple oval defs found for a certain CVE-ID and same updated_at
+				// if these OVAL defs have different affected packages, this logic detects as updated.
+				// This logic will be uncomented after integration with gost https://github.com/vulsio/gost
+				// } else if isCveFixed(v, previous) {
+				// updated[v.CveID] = v
+				// logging.Log.Debugf("fixed: %s", v.CveID)
+
+			} else {
+				logging.Log.Debugf("same: %s", v.CveID)
+			}
+		} else {
+			logging.Log.Debugf("new: %s", v.CveID)
+			v.DiffStatus = models.DiffPlus
+			new[v.CveID] = v
+		}
+	}
+
+	if len(updated) == 0 && len(new) == 0 {
+		logging.Log.Infof("%s: There are %d vulnerabilities, but no difference between current result and previous one.", current.FormatServerName(), len(current.ScannedCves))
+	}
+
+	for cveID, vuln := range new {
+		updated[cveID] = vuln
+	}
+	return updated
+}
+
+func getMinusDiffCves(previous, current models.ScanResult) models.VulnInfos {
+	currentCveIDsSet := map[string]bool{}
+	for _, currentVulnInfo := range current.ScannedCves {
+		currentCveIDsSet[currentVulnInfo.CveID] = true
+	}
+
+	clear := models.VulnInfos{}
+	for _, v := range previous.ScannedCves {
+		if !currentCveIDsSet[v.CveID] {
+			v.DiffStatus = models.DiffMinus
+			clear[v.CveID] = v
+			logging.Log.Debugf("clear: %s", v.CveID)
+		}
+	}
+	if len(clear) == 0 {
+		logging.Log.Infof("%s: There are %d vulnerabilities, but no difference between current result and previous one.", current.FormatServerName(), len(current.ScannedCves))
+	}
+
+	return clear
+}
+
+func isCveInfoUpdated(cveID string, previous, current models.ScanResult) bool {
+	cTypes := []models.CveContentType{
+		models.Nvd,
+		models.Jvn,
+		models.NewCveContentType(current.Family),
+	}
+
+	prevLastModified := map[models.CveContentType][]time.Time{}
+	preVinfo, ok := previous.ScannedCves[cveID]
+	if !ok {
+		return true
+	}
+	for _, cType := range cTypes {
+		if conts, ok := preVinfo.CveContents[cType]; ok {
+			for _, cont := range conts {
+				prevLastModified[cType] = append(prevLastModified[cType], cont.LastModified)
+			}
+		}
+	}
+
+	curLastModified := map[models.CveContentType][]time.Time{}
+	curVinfo, ok := current.ScannedCves[cveID]
+	if !ok {
+		return true
+	}
+	for _, cType := range cTypes {
+		if conts, ok := curVinfo.CveContents[cType]; ok {
+			for _, cont := range conts {
+				curLastModified[cType] = append(curLastModified[cType], cont.LastModified)
+			}
+		}
+	}
+
+	for _, t := range cTypes {
+		if !reflect.DeepEqual(curLastModified[t], prevLastModified[t]) {
+			logging.Log.Debugf("%s LastModified not equal: \n%s\n%s",
+				cveID, curLastModified[t], prevLastModified[t])
+			return true
+		}
+	}
+	return false
+}
+
+// jsonDirPattern is file name pattern of JSON directory
+// 2016-11-16T10:43:28+09:00
+// 2016-11-16T10:43:28Z
+var jsonDirPattern = regexp.MustCompile(
+	`^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:Z|[+-]\d{2}:\d{2})$`)
+
+// ListValidJSONDirs returns valid json directory as array
+// Returned array is sorted so that recent directories are at the head
+func ListValidJSONDirs(resultsDir string) (dirs []string, err error) {
+	var dirInfo []os.FileInfo
+	if dirInfo, err = ioutil.ReadDir(resultsDir); err != nil {
+		err = xerrors.Errorf("Failed to read %s: %w",
+			config.Conf.ResultsDir, err)
+		return
+	}
+	for _, d := range dirInfo {
+		if d.IsDir() && jsonDirPattern.MatchString(d.Name()) {
+			jsonDir := filepath.Join(resultsDir, d.Name())
+			dirs = append(dirs, jsonDir)
+		}
+	}
+	sort.Slice(dirs, func(i, j int) bool {
+		return dirs[j] < dirs[i]
+	})
+	return
+}
+
+// loadOneServerScanResult read JSON data of one server
+func loadOneServerScanResult(jsonFile string) (*models.ScanResult, error) {
+	var (
+		data []byte
+		err  error
+	)
+	if data, err = ioutil.ReadFile(jsonFile); err != nil {
+		return nil, xerrors.Errorf("Failed to read %s: %w", jsonFile, err)
+	}
+	result := &models.ScanResult{}
+	if err := json.Unmarshal(data, result); err != nil {
+		return nil, xerrors.Errorf("Failed to parse %s: %w", jsonFile, err)
+	}
+	return result, nil
+}

detector/wordpress.go

@@ -1,6 +1,10 @@
-package wordpress
+//go:build !scanner
+// +build !scanner
+
+package detector
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -8,14 +12,16 @@ import (
 	"strings"
 	"time"
 
-	c "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/errof"
+	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
 	version "github.com/hashicorp/go-version"
 	"golang.org/x/xerrors"
 )
 
-//WpCveInfos is for wpvulndb's json
+//WpCveInfos is for wpscan json
 type WpCveInfos struct {
 	ReleaseDate  string `json:"release_date"`
 	ChangelogURL string `json:"changelog_url"`
@@ -27,151 +33,75 @@ type WpCveInfos struct {
 	Error           string      `json:"error"`
 }
 
-//WpCveInfo is for wpvulndb's json
+//WpCveInfo is for wpscan json
 type WpCveInfo struct {
-	ID        int    `json:"id"`
-	Title     string `json:"title"`
-	CreatedAt string `json:"created_at"`
-	UpdatedAt string `json:"updated_at"`
-	// PublishedDate string     `json:"published_date"`
+	ID         string     `json:"id"`
+	Title      string     `json:"title"`
+	CreatedAt  time.Time  `json:"created_at"`
+	UpdatedAt  time.Time  `json:"updated_at"`
 	VulnType   string     `json:"vuln_type"`
 	References References `json:"references"`
 	FixedIn    string     `json:"fixed_in"`
 }
 
-//References is for wpvulndb's json
+//References is for wpscan json
 type References struct {
 	URL     []string `json:"url"`
 	Cve     []string `json:"cve"`
 	Secunia []string `json:"secunia"`
 }
 
-// FillWordPress access to wpvulndb and fetch scurity alerts and then set to the given ScanResult.
-// https://wpvulndb.com/
-func FillWordPress(r *models.ScanResult, token string, wpVulnCaches *map[string]string) (int, error) {
+// DetectWordPressCves access to wpscan and fetch scurity alerts and then set to the given ScanResult.
+// https://wpscan.com/
+func detectWordPressCves(r *models.ScanResult, cnf config.WpScanConf) (int, error) {
+	if len(r.WordPressPackages) == 0 {
+		return 0, nil
+	}
 	// Core
 	ver := strings.Replace(r.WordPressPackages.CoreVersion(), ".", "", -1)
 	if ver == "" {
-		return 0, xerrors.New("Failed to get WordPress core version")
+		return 0, errof.New(errof.ErrFailedToAccessWpScan,
+			fmt.Sprintf("Failed to get WordPress core version."))
 	}
-
-	body, ok := searchCache(ver, wpVulnCaches)
-	if !ok {
-		url := fmt.Sprintf("https://wpvulndb.com/api/v3/wordpresses/%s", ver)
-		var err error
-		body, err = httpRequest(url, token)
-		if err != nil {
-			return 0, err
-		}
-		if body == "" {
-			util.Log.Warnf("A result of REST access is empty: %s", url)
-		}
-
-		(*wpVulnCaches)[ver] = body
-	}
-
-	wpVinfos, err := convertToVinfos(models.WPCore, body)
+	url := fmt.Sprintf("https://wpscan.com/api/v3/wordpresses/%s", ver)
+	wpVinfos, err := wpscan(url, ver, cnf.Token, true)
 	if err != nil {
 		return 0, err
 	}
 
-	themes := r.WordPressPackages.Themes()
-	plugins := r.WordPressPackages.Plugins()
-
-	if c.Conf.WpIgnoreInactive {
-		themes = removeInactives(themes)
-		plugins = removeInactives(plugins)
-	}
-
 	// Themes
+	themes := r.WordPressPackages.Themes()
+	if !cnf.DetectInactive {
+		themes = removeInactives(themes)
+	}
 	for _, p := range themes {
-		body, ok := searchCache(p.Name, wpVulnCaches)
-		if !ok {
-			url := fmt.Sprintf("https://wpvulndb.com/api/v3/themes/%s", p.Name)
-			var err error
-			body, err = httpRequest(url, token)
-			if err != nil {
-				return 0, err
-			}
-			(*wpVulnCaches)[p.Name] = body
-		}
-
-		if body == "" {
-			continue
-		}
-
-		templateVinfos, err := convertToVinfos(p.Name, body)
+		url := fmt.Sprintf("https://wpscan.com/api/v3/themes/%s", p.Name)
+		candidates, err := wpscan(url, p.Name, cnf.Token, false)
 		if err != nil {
 			return 0, err
 		}
-
-		for _, v := range templateVinfos {
-			for _, fixstat := range v.WpPackageFixStats {
-				pkg, ok := r.WordPressPackages.Find(fixstat.Name)
-				if !ok {
-					continue
-				}
-				ok, err := match(pkg.Version, fixstat.FixedIn)
-				if err != nil {
-					return 0, xerrors.Errorf("Not a semantic versioning: %w", err)
-				}
-				if ok {
-					wpVinfos = append(wpVinfos, v)
-					util.Log.Infof("[match] %s installed: %s, fixedIn: %s", pkg.Name, pkg.Version, fixstat.FixedIn)
-				} else {
-					util.Log.Debugf("[miss] %s installed: %s, fixedIn: %s", pkg.Name, pkg.Version, fixstat.FixedIn)
-				}
-			}
-		}
+		vulns := detect(p, candidates)
+		wpVinfos = append(wpVinfos, vulns...)
 	}
 
 	// Plugins
+	plugins := r.WordPressPackages.Plugins()
+	if !cnf.DetectInactive {
+		plugins = removeInactives(plugins)
+	}
 	for _, p := range plugins {
-		body, ok := searchCache(p.Name, wpVulnCaches)
-		if !ok {
-			url := fmt.Sprintf("https://wpvulndb.com/api/v3/plugins/%s", p.Name)
-			var err error
-			body, err = httpRequest(url, token)
-			if err != nil {
-				return 0, err
-			}
-			(*wpVulnCaches)[p.Name] = body
-		}
-
-		if body == "" {
-			continue
-		}
-
-		pluginVinfos, err := convertToVinfos(p.Name, body)
+		url := fmt.Sprintf("https://wpscan.com/api/v3/plugins/%s", p.Name)
+		candidates, err := wpscan(url, p.Name, cnf.Token, false)
 		if err != nil {
 			return 0, err
 		}
-
-		for _, v := range pluginVinfos {
-			for _, fixstat := range v.WpPackageFixStats {
-				pkg, ok := r.WordPressPackages.Find(fixstat.Name)
-				if !ok {
-					continue
-				}
-				ok, err := match(pkg.Version, fixstat.FixedIn)
-				if err != nil {
-					return 0, xerrors.Errorf("Not a semantic versioning: %w", err)
-				}
-				if ok {
-					wpVinfos = append(wpVinfos, v)
-					//TODO Debugf
-					util.Log.Infof("[match] %s installed: %s, fixedIn: %s", pkg.Name, pkg.Version, fixstat.FixedIn)
-				} else {
-					//TODO Debugf
-					util.Log.Infof("[miss] %s installed: %s, fixedIn: %s", pkg.Name, pkg.Version, fixstat.FixedIn)
-				}
-			}
-		}
+		vulns := detect(p, candidates)
+		wpVinfos = append(wpVinfos, vulns...)
 	}
 
 	for _, wpVinfo := range wpVinfos {
 		if vinfo, ok := r.ScannedCves[wpVinfo.CveID]; ok {
-			vinfo.CveContents[models.WPVulnDB] = wpVinfo.CveContents[models.WPVulnDB]
+			vinfo.CveContents[models.WpScan] = wpVinfo.CveContents[models.WpScan]
 			vinfo.VulnType = wpVinfo.VulnType
 			vinfo.Confidences = append(vinfo.Confidences, wpVinfo.Confidences...)
 			vinfo.WpPackageFixStats = append(vinfo.WpPackageFixStats, wpVinfo.WpPackageFixStats...)
@@ -183,6 +113,43 @@ func FillWordPress(r *models.ScanResult, token string, wpVulnCaches *map[string]
 	return len(wpVinfos), nil
 }
 
+func wpscan(url, name, token string, isCore bool) (vinfos []models.VulnInfo, err error) {
+	body, err := httpRequest(url, token)
+	if err != nil {
+		return nil, err
+	}
+	if body == "" {
+		logging.Log.Debugf("wpscan.com response body is empty. URL: %s", url)
+	}
+	if isCore {
+		name = "core"
+	}
+	return convertToVinfos(name, body)
+}
+
+func detect(installed models.WpPackage, candidates []models.VulnInfo) (vulns []models.VulnInfo) {
+	for _, v := range candidates {
+		for _, fixstat := range v.WpPackageFixStats {
+			ok, err := match(installed.Version, fixstat.FixedIn)
+			if err != nil {
+				logging.Log.Warnf("Failed to compare versions %s installed: %s, fixedIn: %s, v: %+v",
+					installed.Name, installed.Version, fixstat.FixedIn, v)
+				// continue scanning
+				continue
+			}
+			if ok {
+				vulns = append(vulns, v)
+				logging.Log.Debugf("Affected: %s installed: %s, fixedIn: %s",
+					installed.Name, installed.Version, fixstat.FixedIn)
+			} else {
+				logging.Log.Debugf("Not affected: %s : %s, fixedIn: %s",
+					installed.Name, installed.Version, fixstat.FixedIn)
+			}
+		}
+	}
+	return
+}
+
 func match(installedVer, fixedIn string) (bool, error) {
 	v1, err := version.NewVersion(installedVer)
 	if err != nil {
@@ -217,7 +184,7 @@ func extractToVulnInfos(pkgName string, cves []WpCveInfo) (vinfos []models.VulnI
 		var cveIDs []string
 
 		if len(vulnerability.References.Cve) == 0 {
-			cveIDs = append(cveIDs, fmt.Sprintf("WPVDBID-%d", vulnerability.ID))
+			cveIDs = append(cveIDs, fmt.Sprintf("WPVDBID-%s", vulnerability.ID))
 		}
 		for _, cveNumber := range vulnerability.References.Cve {
 			cveIDs = append(cveIDs, "CVE-"+cveNumber)
@@ -235,15 +202,17 @@ func extractToVulnInfos(pkgName string, cves []WpCveInfo) (vinfos []models.VulnI
 				CveID: cveID,
 				CveContents: models.NewCveContents(
 					models.CveContent{
-						Type:       models.WPVulnDB,
-						CveID:      cveID,
-						Title:      vulnerability.Title,
-						References: refs,
+						Type:         models.WpScan,
+						CveID:        cveID,
+						Title:        vulnerability.Title,
+						References:   refs,
+						Published:    vulnerability.CreatedAt,
+						LastModified: vulnerability.UpdatedAt,
 					},
 				),
 				VulnType: vulnerability.VulnType,
 				Confidences: []models.Confidence{
-					models.WPVulnDBMatch,
+					models.WpScanMatch,
 				},
 				WpPackageFixStats: []models.WpPackageFixStatus{{
 					Name:    pkgName,
@@ -256,36 +225,41 @@ func extractToVulnInfos(pkgName string, cves []WpCveInfo) (vinfos []models.VulnI
 }
 
 func httpRequest(url, token string) (string, error) {
-	retry := 1
-	util.Log.Debugf("%s", url)
-	req, err := http.NewRequest("GET", url, nil)
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
+	defer cancel()
+	if err != nil {
+		return "", errof.New(errof.ErrFailedToAccessWpScan,
+			fmt.Sprintf("Failed to access to wpscan.com. err: %s", err))
+	}
+	req.Header.Set("Authorization", fmt.Sprintf("Token token=%s", token))
+	client, err := util.GetHTTPClient(config.Conf.HTTPProxy)
 	if err != nil {
 		return "", err
 	}
-	req.Header.Set("Authorization", fmt.Sprintf("Token token=%s", token))
-loop:
-	resp, err := new(http.Client).Do(req)
+	resp, err := client.Do(req)
 	if err != nil {
-		return "", err
+		return "", errof.New(errof.ErrFailedToAccessWpScan,
+			fmt.Sprintf("Failed to access to wpscan.com. err: %s", err))
 	}
 	body, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
-		return "", err
+		return "", errof.New(errof.ErrFailedToAccessWpScan,
+			fmt.Sprintf("Failed to access to wpscan.com. err: %s", err))
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode == 200 {
 		return string(body), nil
 	} else if resp.StatusCode == 404 {
-		// This package is not in WPVulnDB
+		// This package is not in wpscan
+		return "", nil
+	} else if resp.StatusCode == 429 {
+		return "", errof.New(errof.ErrWpScanAPILimitExceeded,
+			fmt.Sprintf("wpscan.com API limit exceeded: %+v", resp.Status))
+	} else {
+		logging.Log.Warnf("wpscan.com unknown status code: %+v", resp.Status)
 		return "", nil
-	} else if resp.StatusCode == 429 && retry <= 3 {
-		// 429 Too Many Requests
-		util.Log.Debugf("sleep %d min(s): %s", retry, resp.Status)
-		time.Sleep(time.Duration(retry) * time.Minute)
-		retry++
-		goto loop
 	}
-	return "", err
 }
 
 func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPackages) {
@@ -297,11 +271,3 @@ func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPac
 	}
 	return removed
 }
-
-func searchCache(name string, wpVulnCaches *map[string]string) (string, bool) {
-	value, ok := (*wpVulnCaches)[name]
-	if ok {
-		return value, true
-	}
-	return "", false
-}

detector/wordpress_test.go

@@ -1,4 +1,7 @@
-package wordpress
+//go:build !scanner
+// +build !scanner
+
+package detector
 
 import (
 	"reflect"
@@ -79,52 +82,3 @@ func TestRemoveInactive(t *testing.T) {
 		}
 	}
 }
-
-func TestSearchCache(t *testing.T) {
-
-	var tests = []struct {
-		name        string
-		wpVulnCache map[string]string
-		value       string
-		ok          bool
-	}{
-		{
-			name: "akismet",
-			wpVulnCache: map[string]string{
-				"akismet": "body",
-			},
-			value: "body",
-			ok:    true,
-		},
-		{
-			name: "akismet",
-			wpVulnCache: map[string]string{
-				"BackWPup": "body",
-				"akismet":  "body",
-			},
-			value: "body",
-			ok:    true,
-		},
-		{
-			name: "akismet",
-			wpVulnCache: map[string]string{
-				"BackWPup": "body",
-			},
-			value: "",
-			ok:    false,
-		},
-		{
-			name:        "akismet",
-			wpVulnCache: nil,
-			value:       "",
-			ok:          false,
-		},
-	}
-
-	for i, tt := range tests {
-		value, ok := searchCache(tt.name, &tt.wpVulnCache)
-		if value != tt.value || ok != tt.ok {
-			t.Errorf("[%d] searchCache error ", i)
-		}
-	}
-}

errof/errof.go

@@ -16,6 +16,12 @@ func (e Error) Error() string {
 var (
 	// ErrFailedToAccessGithubAPI is error of github alert's api access
 	ErrFailedToAccessGithubAPI ErrorCode = "ErrFailedToAccessGithubAPI"
+
+	// ErrFailedToAccessWpScan is error of wpscan.com api access
+	ErrFailedToAccessWpScan ErrorCode = "ErrFailedToAccessWpScan"
+
+	// ErrWpScanAPILimitExceeded is error of wpscan.com api limit exceeded
+	ErrWpScanAPILimitExceeded ErrorCode = "ErrWpScanAPILimitExceeded"
 )
 
 // New :

exploit/exploit.go

@@ -1,117 +0,0 @@
-package exploit
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-
-	cnf "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/models"
-	"github.com/future-architect/vuls/util"
-	"github.com/mozqnet/go-exploitdb/db"
-	exploitmodels "github.com/mozqnet/go-exploitdb/models"
-	"github.com/parnurzeal/gorequest"
-	"golang.org/x/xerrors"
-)
-
-// FillWithExploit fills exploit information that has in Exploit
-func FillWithExploit(driver db.DB, r *models.ScanResult) (nExploitCve int, err error) {
-	if cnf.Conf.Exploit.IsFetchViaHTTP() {
-		var cveIDs []string
-		for cveID := range r.ScannedCves {
-			cveIDs = append(cveIDs, cveID)
-		}
-		prefix, _ := util.URLPathJoin(cnf.Conf.Exploit.URL, "cves")
-		responses, err := getCvesViaHTTP(cveIDs, prefix)
-		if err != nil {
-			return 0, err
-		}
-		for _, res := range responses {
-			exps := []*exploitmodels.Exploit{}
-			if err := json.Unmarshal([]byte(res.json), &exps); err != nil {
-				return 0, err
-			}
-			exploits := ConvertToModels(exps)
-			v, ok := r.ScannedCves[res.request.cveID]
-			if ok {
-				v.Exploits = exploits
-			}
-			r.ScannedCves[res.request.cveID] = v
-			nExploitCve++
-		}
-	} else {
-		if driver == nil {
-			return 0, nil
-		}
-		for cveID, vuln := range r.ScannedCves {
-			if cveID == "" {
-				continue
-			}
-			es := driver.GetExploitByCveID(cveID)
-			if len(es) == 0 {
-				continue
-			}
-			exploits := ConvertToModels(es)
-			vuln.Exploits = exploits
-			r.ScannedCves[cveID] = vuln
-			nExploitCve++
-		}
-	}
-	return nExploitCve, nil
-}
-
-// ConvertToModels converts gost model to vuls model
-func ConvertToModels(es []*exploitmodels.Exploit) (exploits []models.Exploit) {
-	for _, e := range es {
-		var documentURL, shellURL *string
-		if e.OffensiveSecurity != nil {
-			os := e.OffensiveSecurity
-			if os.Document != nil {
-				documentURL = &os.Document.DocumentURL
-			}
-			if os.ShellCode != nil {
-				shellURL = &os.ShellCode.ShellCodeURL
-			}
-		}
-		exploit := models.Exploit{
-			ExploitType:  e.ExploitType,
-			ID:           e.ExploitUniqueID,
-			URL:          e.URL,
-			Description:  e.Description,
-			DocumentURL:  documentURL,
-			ShellCodeURL: shellURL,
-		}
-		exploits = append(exploits, exploit)
-	}
-	return exploits
-}
-
-// CheckHTTPHealth do health check
-func CheckHTTPHealth() error {
-	if !cnf.Conf.Exploit.IsFetchViaHTTP() {
-		return nil
-	}
-
-	url := fmt.Sprintf("%s/health", cnf.Conf.Exploit.URL)
-	var errs []error
-	var resp *http.Response
-	resp, _, errs = gorequest.New().Get(url).End()
-	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
-	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-		return xerrors.Errorf("Failed to connect to exploit server. url: %s, errs: %w", url, errs)
-	}
-	return nil
-}
-
-// CheckIfExploitFetched checks if oval entries are in DB by family, release.
-func CheckIfExploitFetched(driver db.DB, osFamily string) (fetched bool, err error) {
-	//TODO
-	return true, nil
-}
-
-// CheckIfExploitFresh checks if oval entries are fresh enough
-func CheckIfExploitFresh(driver db.DB, osFamily string) (ok bool, err error) {
-	//TODO
-	return true, nil
-}

exploit/util.go

@@ -1,115 +0,0 @@
-package exploit
-
-import (
-	"net/http"
-	"time"
-
-	"github.com/cenkalti/backoff"
-	"github.com/future-architect/vuls/util"
-	"github.com/parnurzeal/gorequest"
-	"golang.org/x/xerrors"
-)
-
-type response struct {
-	request request
-	json    string
-}
-
-func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
-	responses []response, err error) {
-	nReq := len(cveIDs)
-	reqChan := make(chan request, nReq)
-	resChan := make(chan response, nReq)
-	errChan := make(chan error, nReq)
-	defer close(reqChan)
-	defer close(resChan)
-	defer close(errChan)
-
-	go func() {
-		for _, cveID := range cveIDs {
-			reqChan <- request{
-				cveID: cveID,
-			}
-		}
-	}()
-
-	concurrency := 10
-	tasks := util.GenWorkers(concurrency)
-	for i := 0; i < nReq; i++ {
-		tasks <- func() {
-			select {
-			case req := <-reqChan:
-				url, err := util.URLPathJoin(
-					urlPrefix,
-					req.cveID,
-				)
-				if err != nil {
-					errChan <- err
-				} else {
-					util.Log.Debugf("HTTP Request to %s", url)
-					httpGet(url, req, resChan, errChan)
-				}
-			}
-		}
-	}
-
-	timeout := time.After(2 * 60 * time.Second)
-	var errs []error
-	for i := 0; i < nReq; i++ {
-		select {
-		case res := <-resChan:
-			responses = append(responses, res)
-		case err := <-errChan:
-			errs = append(errs, err)
-		case <-timeout:
-			return nil, xerrors.New("Timeout Fetching OVAL")
-		}
-	}
-	if len(errs) != 0 {
-		return nil, xerrors.Errorf("Failed to fetch OVAL. err: %w", errs)
-	}
-	return
-}
-
-type request struct {
-	osMajorVersion string
-	packName       string
-	isSrcPack      bool
-	cveID          string
-}
-
-func httpGet(url string, req request, resChan chan<- response, errChan chan<- error) {
-	var body string
-	var errs []error
-	var resp *http.Response
-	count, retryMax := 0, 3
-	f := func() (err error) {
-		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-		resp, body, errs = gorequest.New().Get(url).End()
-		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-			count++
-			if count == retryMax {
-				return nil
-			}
-			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
-		}
-		return nil
-	}
-	notify := func(err error, t time.Duration) {
-		util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
-	}
-	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
-	if err != nil {
-		errChan <- xerrors.Errorf("HTTP Error %w", err)
-		return
-	}
-	if count == retryMax {
-		errChan <- xerrors.New("Retry count exceeded")
-		return
-	}
-
-	resChan <- response{
-		request: req,
-		json:    body,
-	}
-}

go.mod

@@ -1,56 +1,153 @@
 module github.com/future-architect/vuls
 
-go 1.14
-
-replace (
-	gopkg.in/mattn/go-colorable.v0 => github.com/mattn/go-colorable v0.1.0
-	gopkg.in/mattn/go-isatty.v0 => github.com/mattn/go-isatty v0.0.6
-)
+go 1.17
 
 require (
-	github.com/Azure/azure-sdk-for-go v43.3.0+incompatible
-	github.com/BurntSushi/toml v0.3.1
-	github.com/RackSec/srslog v0.0.0-20180709174129-a4725f04ec91
-	github.com/aquasecurity/fanal v0.0.0-20200615091807-df25cfa5f9af
-	github.com/aquasecurity/trivy v0.9.1
-	github.com/aquasecurity/trivy-db v0.0.0-20200616161554-cd5b3da29bc8
-	github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
-	github.com/aws/aws-sdk-go v1.32.6
+	github.com/Azure/azure-sdk-for-go v50.2.0+incompatible
+	github.com/BurntSushi/toml v0.4.1
+	github.com/Ullaakut/nmap/v2 v2.1.2-0.20210406060955-59a52fe80a4f
+	github.com/VividCortex/ewma v1.2.0 // indirect
+	github.com/aquasecurity/fanal v0.0.0-20210815095355-42429a80d0e3
+	github.com/aquasecurity/trivy v0.19.3-0.20210909113250-19c0b70d2613
+	github.com/aquasecurity/trivy-db v0.0.0-20210809142931-da8e09204404
+	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d
+	github.com/aws/aws-sdk-go v1.40.22
 	github.com/boltdb/bolt v1.3.1
+	github.com/briandowns/spinner v1.16.0 // indirect
 	github.com/cenkalti/backoff v2.2.1+incompatible
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/cheggaaa/pb/v3 v3.0.8 // indirect
 	github.com/d4l3k/messagediff v1.2.2-0.20190829033028-7e0a312ae40b
+	github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21
+	github.com/emersion/go-smtp v0.14.0
+	github.com/fatih/color v1.12.0 // indirect
+	github.com/fsnotify/fsnotify v1.5.1 // indirect
+	github.com/go-redis/redis/v8 v8.11.3 // indirect
+	github.com/go-stack/stack v1.8.1 // indirect
 	github.com/google/subcommands v1.2.0
 	github.com/gosuri/uitable v0.0.4
 	github.com/hashicorp/go-uuid v1.0.2
-	github.com/hashicorp/go-version v1.2.1
+	github.com/hashicorp/go-version v1.3.0
 	github.com/howeyc/gopass v0.0.0-20190910152052-7cb4b85ec19c
 	github.com/jesseduffield/gocui v0.3.0
 	github.com/k0kubun/pp v3.0.1+incompatible
 	github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f
-	github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2
+	github.com/knqyf263/go-cpe v0.0.0-20201213041631-54f6ab28673f
 	github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d
 	github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936
-	github.com/knqyf263/go-version v1.1.1
-	github.com/knqyf263/gost v0.1.3
-	github.com/kotakanbe/go-cve-dictionary v0.5.0
 	github.com/kotakanbe/go-pingscanner v0.1.0
-	github.com/kotakanbe/goval-dictionary v0.2.8
 	github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96
-	github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
+	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-runewidth v0.0.13 // indirect
+	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/mozqnet/go-exploitdb v0.0.0-20200612044106-ea30f49f0902
 	github.com/nlopes/slack v0.6.0
 	github.com/nsf/termbox-go v0.0.0-20200418040025-38ba6e5628f1 // indirect
-	github.com/olekukonko/tablewriter v0.0.4
+	github.com/olekukonko/tablewriter v0.0.5
 	github.com/parnurzeal/gorequest v0.2.16
+	github.com/pelletier/go-toml v1.9.4 // indirect
 	github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5
-	github.com/sirupsen/logrus v1.6.0
-	github.com/spf13/afero v1.3.0
-	github.com/spf13/cobra v1.0.0
-	github.com/takuzoo3868/go-msfdb v0.1.0
-	golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9
-	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
-	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
-	golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
-	k8s.io/utils v0.0.0-20200619165400-6e3d28b6ed19
+	github.com/sirupsen/logrus v1.8.1
+	github.com/spf13/afero v1.6.0
+	github.com/spf13/cast v1.4.1 // indirect
+	github.com/spf13/cobra v1.2.1
+	github.com/vulsio/go-cve-dictionary v0.8.1
+	github.com/vulsio/go-exploitdb v0.4.0
+	github.com/vulsio/go-msfdb v0.2.0
+	github.com/vulsio/gost v0.4.1-0.20210919121048-2a7957bf1885
+	github.com/vulsio/goval-dictionary v0.6.1
+	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 // indirect
+	golang.org/x/net v0.0.0-20210902165921-8d991716f632 // indirect
+	golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c
+	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
+	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1
+	gopkg.in/ini.v1 v1.63.2 // indirect
+	gorm.io/driver/mysql v1.1.2 // indirect
+	gorm.io/driver/postgres v1.1.1 // indirect
+	gorm.io/driver/sqlite v1.1.5 // indirect
+	k8s.io/utils v0.0.0-20210111153108-fddb29f9d009
+)
+
+require (
+	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
+	github.com/Azure/go-autorest/autorest v0.11.1 // indirect
+	github.com/Azure/go-autorest/autorest/adal v0.9.5 // indirect
+	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
+	github.com/Azure/go-autorest/logger v0.2.0 // indirect
+	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
+	github.com/Masterminds/goutils v1.1.1 // indirect
+	github.com/Masterminds/semver v1.5.0 // indirect
+	github.com/Masterminds/sprig v2.22.0+incompatible // indirect
+	github.com/PuerkitoBio/goquery v1.7.1 // indirect
+	github.com/andybalholm/cascadia v1.2.0 // indirect
+	github.com/aquasecurity/go-dep-parser v0.0.0-20210815080135-5be65146849a // indirect
+	github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce // indirect
+	github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 // indirect
+	github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 // indirect
+	github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492 // indirect
+	github.com/caarlos0/env/v6 v6.0.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+	github.com/form3tech-oss/jwt-go v3.2.2+incompatible // indirect
+	github.com/go-sql-driver/mysql v1.6.0 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/go-github/v33 v33.0.0 // indirect
+	github.com/google/go-querystring v1.0.0 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/google/wire v0.4.0 // indirect
+	github.com/gorilla/websocket v1.4.2 // indirect
+	github.com/grokify/html-strip-tags-go v0.0.1 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.1 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-retryablehttp v0.6.8 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/htcat/htcat v1.0.2 // indirect
+	github.com/huandu/xstrings v1.3.2 // indirect
+	github.com/imdario/mergo v0.3.12 // indirect
+	github.com/inconshreveable/log15 v0.0.0-20201112154412-8562bdadbbac // indirect
+	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/jackc/chunkreader/v2 v2.0.1 // indirect
+	github.com/jackc/pgconn v1.10.0 // indirect
+	github.com/jackc/pgio v1.0.0 // indirect
+	github.com/jackc/pgpassfile v1.0.0 // indirect
+	github.com/jackc/pgproto3/v2 v2.1.1 // indirect
+	github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b // indirect
+	github.com/jackc/pgtype v1.8.1 // indirect
+	github.com/jackc/pgx/v4 v4.13.0 // indirect
+	github.com/jinzhu/inflection v1.0.0 // indirect
+	github.com/jinzhu/now v1.1.2 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/magiconair/properties v1.8.5 // indirect
+	github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08 // indirect
+	github.com/mattn/go-colorable v0.1.8 // indirect
+	github.com/mattn/go-sqlite3 v2.0.3+incompatible // indirect
+	github.com/mitchellh/copystructure v1.1.1 // indirect
+	github.com/mitchellh/mapstructure v1.4.2 // indirect
+	github.com/mitchellh/reflectwalk v1.0.1 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/satori/go.uuid v1.2.0 // indirect
+	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/spf13/viper v1.8.1 // indirect
+	github.com/stretchr/objx v0.3.0 // indirect
+	github.com/stretchr/testify v1.7.0 // indirect
+	github.com/subosito/gotenv v1.2.0 // indirect
+	github.com/ymomoi/goval-parser v0.0.0-20170813122243-0a0be1dd9d08 // indirect
+	go.etcd.io/bbolt v1.3.6 // indirect
+	go.uber.org/atomic v1.7.0 // indirect
+	go.uber.org/multierr v1.6.0 // indirect
+	go.uber.org/zap v1.17.0 // indirect
+	golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069 // indirect
+	golang.org/x/term v0.0.0-20201210144234-2321bbc49cbf // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.26.0 // indirect
+	gopkg.in/cheggaaa/pb.v1 v1.0.28 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+	gorm.io/gorm v1.21.15 // indirect
+	moul.io/http2curl v1.0.0 // indirect
 )

gost/base.go

@@ -1,51 +0,0 @@
-package gost
-
-import (
-	"fmt"
-	"net/http"
-
-	cnf "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/models"
-	"github.com/knqyf263/gost/db"
-	"github.com/parnurzeal/gorequest"
-	"golang.org/x/xerrors"
-)
-
-// Base is a base struct
-type Base struct {
-}
-
-// FillCVEsWithRedHat fills cve information that has in Gost
-func (b Base) FillCVEsWithRedHat(driver db.DB, r *models.ScanResult) error {
-	return RedHat{}.fillFixed(driver, r)
-}
-
-// CheckHTTPHealth do health check
-func (b Base) CheckHTTPHealth() error {
-	if !cnf.Conf.Gost.IsFetchViaHTTP() {
-		return nil
-	}
-
-	url := fmt.Sprintf("%s/health", cnf.Conf.Gost.URL)
-	var errs []error
-	var resp *http.Response
-	resp, _, errs = gorequest.New().Get(url).End()
-	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
-	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-		return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %w", url, errs)
-	}
-	return nil
-}
-
-// CheckIfGostFetched checks if oval entries are in DB by family, release.
-func (b Base) CheckIfGostFetched(driver db.DB, osFamily string) (fetched bool, err error) {
-	//TODO
-	return true, nil
-}
-
-// CheckIfGostFresh checks if oval entries are fresh enough
-func (b Base) CheckIfGostFresh(driver db.DB, osFamily string) (ok bool, err error) {
-	//TODO
-	return true, nil
-}

gost/debian.go

@@ -1,13 +1,17 @@
+//go:build !scanner
+// +build !scanner
+
 package gost
 
 import (
 	"encoding/json"
 
-	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
-	"github.com/knqyf263/gost/db"
-	gostmodels "github.com/knqyf263/gost/models"
+	debver "github.com/knqyf263/go-deb-version"
+	gostmodels "github.com/vulsio/gost/models"
+	"golang.org/x/xerrors"
 )
 
 // Debian is Gost client for Debian GNU/Linux
@@ -19,15 +23,31 @@ type packCves struct {
 	packName  string
 	isSrcPack bool
 	cves      []models.CveContent
+	fixes     models.PackageFixStatuses
 }
 
-// DetectUnfixed fills cve information that has in Gost
-func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCVEs int, err error) {
-	linuxImage := "linux-image-" + r.RunningKernel.Release
-	// Add linux and set the version of running kernel to search OVAL.
+func (deb Debian) supported(major string) bool {
+	_, ok := map[string]string{
+		"8":  "jessie",
+		"9":  "stretch",
+		"10": "buster",
+		"11": "bullseye",
+	}[major]
+	return ok
+}
+
+// DetectCVEs fills cve information that has in Gost
+func (deb Debian) DetectCVEs(r *models.ScanResult, _ bool) (nCVEs int, err error) {
+	if !deb.supported(major(r.Release)) {
+		// only logging
+		logging.Log.Warnf("Debian %s is not supported yet", r.Release)
+		return 0, nil
+	}
+
+	// Add linux and set the version of running kernel to search Gost.
 	if r.Container.ContainerID == "" {
 		newVer := ""
-		if p, ok := r.Packages[linuxImage]; ok {
+		if p, ok := r.Packages["linux-image-"+r.RunningKernel.Release]; ok {
 			newVer = p.NewVersion
 		}
 		r.Packages["linux"] = models.Package{
@@ -37,10 +57,35 @@ func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCV
 		}
 	}
 
+	stashLinuxPackage := r.Packages["linux"]
+	nFixedCVEs, err := deb.detectCVEsWithFixState(r, "resolved")
+	if err != nil {
+		return 0, err
+	}
+
+	r.Packages["linux"] = stashLinuxPackage
+	nUnfixedCVEs, err := deb.detectCVEsWithFixState(r, "open")
+	if err != nil {
+		return 0, err
+	}
+
+	return (nFixedCVEs + nUnfixedCVEs), nil
+}
+
+func (deb Debian) detectCVEsWithFixState(r *models.ScanResult, fixStatus string) (nCVEs int, err error) {
+	if fixStatus != "resolved" && fixStatus != "open" {
+		return 0, xerrors.Errorf(`Failed to detectCVEsWithFixState. fixStatus is not allowed except "open" and "resolved"(actual: fixStatus -> %s).`, fixStatus)
+	}
+
 	packCvesList := []packCves{}
-	if config.Conf.Gost.IsFetchViaHTTP() {
-		url, _ := util.URLPathJoin(config.Conf.Gost.URL, "debian", major(r.Release), "pkgs")
-		responses, err := getAllUnfixedCvesViaHTTP(r, url)
+	if deb.DBDriver.Cnf.IsFetchViaHTTP() {
+		url, _ := util.URLPathJoin(deb.DBDriver.Cnf.GetURL(), "debian", major(r.Release), "pkgs")
+		s := "unfixed-cves"
+		if s == "resolved" {
+			s = "fixed-cves"
+		}
+
+		responses, err := getCvesWithFixStateViaHTTP(r, url, s)
 		if err != nil {
 			return 0, err
 		}
@@ -51,43 +96,40 @@ func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCV
 				return 0, err
 			}
 			cves := []models.CveContent{}
+			fixes := []models.PackageFixStatus{}
 			for _, debcve := range debCves {
 				cves = append(cves, *deb.ConvertToModel(&debcve))
+				fixes = append(fixes, checkPackageFixStatus(&debcve)...)
 			}
 			packCvesList = append(packCvesList, packCves{
 				packName:  res.request.packName,
 				isSrcPack: res.request.isSrcPack,
 				cves:      cves,
+				fixes:     fixes,
 			})
 		}
 	} else {
-		if driver == nil {
+		if deb.DBDriver.DB == nil {
 			return 0, nil
 		}
 		for _, pack := range r.Packages {
-			cveDebs := driver.GetUnfixedCvesDebian(major(r.Release), pack.Name)
-			cves := []models.CveContent{}
-			for _, cveDeb := range cveDebs {
-				cves = append(cves, *deb.ConvertToModel(&cveDeb))
-			}
+			cves, fixes := deb.getCvesDebianWithfixStatus(fixStatus, major(r.Release), pack.Name)
 			packCvesList = append(packCvesList, packCves{
 				packName:  pack.Name,
 				isSrcPack: false,
 				cves:      cves,
+				fixes:     fixes,
 			})
 		}
 
 		// SrcPack
 		for _, pack := range r.SrcPackages {
-			cveDebs := driver.GetUnfixedCvesDebian(major(r.Release), pack.Name)
-			cves := []models.CveContent{}
-			for _, cveDeb := range cveDebs {
-				cves = append(cves, *deb.ConvertToModel(&cveDeb))
-			}
+			cves, fixes := deb.getCvesDebianWithfixStatus(fixStatus, major(r.Release), pack.Name)
 			packCvesList = append(packCvesList, packCves{
 				packName:  pack.Name,
 				isSrcPack: true,
 				cves:      cves,
+				fixes:     fixes,
 			})
 		}
 	}
@@ -95,13 +137,14 @@ func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCV
 	delete(r.Packages, "linux")
 
 	for _, p := range packCvesList {
-		for _, cve := range p.cves {
+		for i, cve := range p.cves {
 			v, ok := r.ScannedCves[cve.CveID]
 			if ok {
 				if v.CveContents == nil {
 					v.CveContents = models.NewCveContents(cve)
 				} else {
-					v.CveContents[models.DebianSecurityTracker] = cve
+					v.CveContents[models.DebianSecurityTracker] = []models.CveContent{cve}
+					v.Confidences = models.Confidences{models.DebianSecurityTrackerMatch}
 				}
 			} else {
 				v = models.VulnInfo{
@@ -109,6 +152,31 @@ func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCV
 					CveContents: models.NewCveContents(cve),
 					Confidences: models.Confidences{models.DebianSecurityTrackerMatch},
 				}
+
+				if fixStatus == "resolved" {
+					versionRelease := ""
+					if p.isSrcPack {
+						versionRelease = r.SrcPackages[p.packName].Version
+					} else {
+						versionRelease = r.Packages[p.packName].FormatVer()
+					}
+
+					if versionRelease == "" {
+						break
+					}
+
+					affected, err := isGostDefAffected(versionRelease, p.fixes[i].FixedIn)
+					if err != nil {
+						logging.Log.Debugf("Failed to parse versions: %s, Ver: %s, Gost: %s",
+							err, versionRelease, p.fixes[i].FixedIn)
+						continue
+					}
+
+					if !affected {
+						continue
+					}
+				}
+
 				nCVEs++
 			}
 
@@ -123,25 +191,65 @@ func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCV
 				}
 			} else {
 				if p.packName == "linux" {
-					names = append(names, linuxImage)
+					names = append(names, "linux-image-"+r.RunningKernel.Release)
 				} else {
 					names = append(names, p.packName)
 				}
 			}
 
-			for _, name := range names {
-				v.AffectedPackages = v.AffectedPackages.Store(models.PackageFixStatus{
-					Name:        name,
-					FixState:    "open",
-					NotFixedYet: true,
-				})
+			if fixStatus == "resolved" {
+				for _, name := range names {
+					v.AffectedPackages = v.AffectedPackages.Store(models.PackageFixStatus{
+						Name:    name,
+						FixedIn: p.fixes[i].FixedIn,
+					})
+				}
+			} else {
+				for _, name := range names {
+					v.AffectedPackages = v.AffectedPackages.Store(models.PackageFixStatus{
+						Name:        name,
+						FixState:    "open",
+						NotFixedYet: true,
+					})
+				}
 			}
+
 			r.ScannedCves[cve.CveID] = v
 		}
 	}
+
 	return nCVEs, nil
 }
 
+func isGostDefAffected(versionRelease, gostVersion string) (affected bool, err error) {
+	vera, err := debver.NewVersion(versionRelease)
+	if err != nil {
+		return false, err
+	}
+	verb, err := debver.NewVersion(gostVersion)
+	if err != nil {
+		return false, err
+	}
+	return vera.LessThan(verb), nil
+}
+
+func (deb Debian) getCvesDebianWithfixStatus(fixStatus, release, pkgName string) (cves []models.CveContent, fixes []models.PackageFixStatus) {
+	var f func(string, string) map[string]gostmodels.DebianCVE
+
+	if fixStatus == "resolved" {
+		f = deb.DBDriver.DB.GetFixedCvesDebian
+	} else {
+		f = deb.DBDriver.DB.GetUnfixedCvesDebian
+	}
+
+	for _, cveDeb := range f(release, pkgName) {
+		cves = append(cves, *deb.ConvertToModel(&cveDeb))
+		fixes = append(fixes, checkPackageFixStatus(&cveDeb)...)
+	}
+
+	return
+}
+
 // ConvertToModel converts gost model to vuls model
 func (deb Debian) ConvertToModel(cve *gostmodels.DebianCVE) *models.CveContent {
 	severity := ""
@@ -163,3 +271,22 @@ func (deb Debian) ConvertToModel(cve *gostmodels.DebianCVE) *models.CveContent {
 		},
 	}
 }
+
+func checkPackageFixStatus(cve *gostmodels.DebianCVE) []models.PackageFixStatus {
+	fixes := []models.PackageFixStatus{}
+	for _, p := range cve.Package {
+		for _, r := range p.Release {
+			f := models.PackageFixStatus{Name: p.PackageName}
+
+			if r.Status == "open" {
+				f.NotFixedYet = true
+			} else {
+				f.FixedIn = r.FixedVersion
+			}
+
+			fixes = append(fixes, f)
+		}
+	}
+
+	return fixes
+}

gost/debian_test.go

@@ -0,0 +1,71 @@
+//go:build !scanner
+// +build !scanner
+
+package gost
+
+import "testing"
+
+func TestDebian_Supported(t *testing.T) {
+	type fields struct {
+		Base Base
+	}
+	type args struct {
+		major string
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "8 is supported",
+			args: args{
+				major: "8",
+			},
+			want: true,
+		},
+		{
+			name: "9 is supported",
+			args: args{
+				major: "9",
+			},
+			want: true,
+		},
+		{
+			name: "10 is supported",
+			args: args{
+				major: "10",
+			},
+			want: true,
+		},
+		{
+			name: "11 is supported",
+			args: args{
+				major: "11",
+			},
+			want: true,
+		},
+		{
+			name: "12 is not supported yet",
+			args: args{
+				major: "12",
+			},
+			want: false,
+		},
+		{
+			name: "empty string is not supported yet",
+			args: args{
+				major: "",
+			},
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			deb := Debian{}
+			if got := deb.supported(tt.args.major); got != tt.want {
+				t.Errorf("Debian.Supported() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

gost/gost.go

@@ -1,33 +1,98 @@
+//go:build !scanner
+// +build !scanner
+
 package gost
 
 import (
-	cnf "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
-	"github.com/knqyf263/gost/db"
+	"github.com/vulsio/gost/db"
+	"golang.org/x/xerrors"
+
+	"github.com/future-architect/vuls/constant"
 )
 
+// DBDriver is a DB Driver
+type DBDriver struct {
+	DB  db.DB
+	Cnf config.VulnDictInterface
+}
+
 // Client is the interface of OVAL client.
 type Client interface {
-	DetectUnfixed(db.DB, *models.ScanResult, bool) (int, error)
-	FillCVEsWithRedHat(db.DB, *models.ScanResult) error
+	DetectCVEs(*models.ScanResult, bool) (int, error)
+	CloseDB() error
+}
 
-	//TODO implement
-	// CheckHTTPHealth() error
-	// CheckIfGostFetched checks if Gost entries are fetched
-	// CheckIfGostFetched(db.DB, string, string) (bool, error)
-	// CheckIfGostFresh(db.DB, string, string) (bool, error)
+// Base is a base struct
+type Base struct {
+	DBDriver DBDriver
+}
+
+// CloseDB close a DB connection
+func (b Base) CloseDB() error {
+	if b.DBDriver.DB == nil {
+		return nil
+	}
+	return b.DBDriver.DB.CloseDB()
+}
+
+// FillCVEsWithRedHat fills CVE detailed with Red Hat Security
+func FillCVEsWithRedHat(r *models.ScanResult, cnf config.GostConf) error {
+	db, locked, err := newGostDB(cnf)
+	if locked {
+		return xerrors.Errorf("SQLite3 is locked: %s", cnf.GetSQLite3Path())
+	} else if err != nil {
+		return err
+	}
+	defer func() {
+		if err := db.CloseDB(); err != nil {
+			logging.Log.Errorf("Failed to close DB. err: %+v", err)
+		}
+	}()
+	return RedHat{Base{DBDriver{DB: db, Cnf: &cnf}}}.fillCvesWithRedHatAPI(r)
 }
 
 // NewClient make Client by family
-func NewClient(family string) Client {
+func NewClient(cnf config.GostConf, family string) (Client, error) {
+	db, locked, err := newGostDB(cnf)
+	if locked {
+		return nil, xerrors.Errorf("SQLite3 is locked: %s", cnf.GetSQLite3Path())
+	} else if err != nil {
+		return nil, err
+	}
+
+	driver := DBDriver{DB: db, Cnf: &cnf}
+
 	switch family {
-	case cnf.RedHat, cnf.CentOS:
-		return RedHat{}
-	case cnf.Debian:
-		return Debian{}
-	case cnf.Windows:
-		return Microsoft{}
+	case constant.RedHat, constant.CentOS, constant.Rocky, constant.Alma:
+		return RedHat{Base{DBDriver: driver}}, nil
+	case constant.Debian, constant.Raspbian:
+		return Debian{Base{DBDriver: driver}}, nil
+	case constant.Ubuntu:
+		return Ubuntu{Base{DBDriver: driver}}, nil
+	case constant.Windows:
+		return Microsoft{Base{DBDriver: driver}}, nil
 	default:
-		return Pseudo{}
+		return Pseudo{Base{DBDriver: driver}}, nil
 	}
 }
+
+// NewGostDB returns db client for Gost
+func newGostDB(cnf config.GostConf) (driver db.DB, locked bool, err error) {
+	if cnf.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.GetURL()
+	if cnf.GetType() == "sqlite3" {
+		path = cnf.GetSQLite3Path()
+	}
+	if driver, locked, err = db.NewDB(cnf.GetType(), path, cnf.GetDebugSQL()); err != nil {
+		if locked {
+			return nil, true, xerrors.Errorf("gostDB is locked. err: %w", err)
+		}
+		return nil, false, err
+	}
+	return driver, false, nil
+}

gost/gost_test.go

@@ -1,3 +1,6 @@
+//go:build !scanner
+// +build !scanner
+
 package gost
 
 import (
@@ -5,7 +8,7 @@ import (
 	"testing"
 
 	"github.com/future-architect/vuls/models"
-	gostmodels "github.com/knqyf263/gost/models"
+	gostmodels "github.com/vulsio/gost/models"
 )
 
 func TestSetPackageStates(t *testing.T) {

gost/microsoft.go

@@ -1,11 +1,14 @@
+//go:build !scanner
+// +build !scanner
+
 package gost
 
 import (
+	"sort"
 	"strings"
 
 	"github.com/future-architect/vuls/models"
-	"github.com/knqyf263/gost/db"
-	gostmodels "github.com/knqyf263/gost/models"
+	gostmodels "github.com/vulsio/gost/models"
 )
 
 // Microsoft is Gost client for windows
@@ -13,32 +16,36 @@ type Microsoft struct {
 	Base
 }
 
-// DetectUnfixed fills cve information that has in Gost
-func (ms Microsoft) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCVEs int, err error) {
-	if driver == nil {
+// DetectCVEs fills cve information that has in Gost
+func (ms Microsoft) DetectCVEs(r *models.ScanResult, _ bool) (nCVEs int, err error) {
+	if ms.DBDriver.DB == nil {
 		return 0, nil
 	}
 	cveIDs := []string{}
 	for cveID := range r.ScannedCves {
 		cveIDs = append(cveIDs, cveID)
 	}
-	for cveID, msCve := range driver.GetMicrosoftMulti(cveIDs) {
+	for cveID, msCve := range ms.DBDriver.DB.GetMicrosoftMulti(cveIDs) {
 		if _, ok := r.ScannedCves[cveID]; !ok {
 			continue
 		}
-		cveCont := ms.ConvertToModel(&msCve)
+		cveCont, mitigations := ms.ConvertToModel(&msCve)
 		v, _ := r.ScannedCves[cveID]
 		if v.CveContents == nil {
 			v.CveContents = models.CveContents{}
 		}
-		v.CveContents[models.Microsoft] = *cveCont
+		v.CveContents[models.Microsoft] = []models.CveContent{*cveCont}
+		v.Mitigations = append(v.Mitigations, mitigations...)
 		r.ScannedCves[cveID] = v
 	}
 	return len(cveIDs), nil
 }
 
 // ConvertToModel converts gost model to vuls model
-func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveContent {
+func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) (*models.CveContent, []models.Mitigation) {
+	sort.Slice(cve.ScoreSets, func(i, j int) bool {
+		return cve.ScoreSets[i].Vector < cve.ScoreSets[j].Vector
+	})
 	v3score := 0.0
 	var v3Vector string
 	for _, scoreSet := range cve.ScoreSets {
@@ -67,11 +74,10 @@ func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveCont
 
 	option := map[string]string{}
 	if 0 < len(cve.ExploitStatus) {
+		// TODO: CVE-2020-0739
+		// "exploit_status": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A",
 		option["exploit"] = cve.ExploitStatus
 	}
-	if 0 < len(cve.Workaround) {
-		option["workaround"] = cve.Workaround
-	}
 	kbids := []string{}
 	for _, kbid := range cve.KBIDs {
 		kbids = append(kbids, kbid.KBID)
@@ -80,6 +86,23 @@ func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveCont
 		option["kbids"] = strings.Join(kbids, ",")
 	}
 
+	vendorURL := "https://msrc.microsoft.com/update-guide/vulnerability/" + cve.CveID
+	mitigations := []models.Mitigation{}
+	if cve.Mitigation != "" {
+		mitigations = append(mitigations, models.Mitigation{
+			CveContentType: models.Microsoft,
+			Mitigation:     cve.Mitigation,
+			URL:            vendorURL,
+		})
+	}
+	if cve.Workaround != "" {
+		mitigations = append(mitigations, models.Mitigation{
+			CveContentType: models.Microsoft,
+			Mitigation:     cve.Workaround,
+			URL:            vendorURL,
+		})
+	}
+
 	return &models.CveContent{
 		Type:          models.Microsoft,
 		CveID:         cve.CveID,
@@ -90,10 +113,9 @@ func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveCont
 		Cvss3Severity: v3Severity,
 		References:    refs,
 		CweIDs:        cwe,
-		Mitigation:    cve.Mitigation,
 		Published:     cve.PublishDate,
 		LastModified:  cve.LastUpdateDate,
-		SourceLink:    "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/" + cve.CveID,
+		SourceLink:    vendorURL,
 		Optional:      option,
-	}
+	}, mitigations
 }

gost/pseudo.go

@@ -1,10 +1,10 @@
+//go:build !scanner
+// +build !scanner
+
 package gost
 
 import (
-	"strings"
-
 	"github.com/future-architect/vuls/models"
-	"github.com/knqyf263/gost/db"
 )
 
 // Pseudo is Gost client except for RedHat family and Debian
@@ -12,11 +12,7 @@ type Pseudo struct {
 	Base
 }
 
-// DetectUnfixed fills cve information that has in Gost
-func (pse Pseudo) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (int, error) {
+// DetectCVEs fills cve information that has in Gost
+func (pse Pseudo) DetectCVEs(_ *models.ScanResult, _ bool) (int, error) {
 	return 0, nil
 }
-
-func major(osVer string) (majorVersion string) {
-	return strings.Split(osVer, ".")[0]
-}

gost/redhat.go

@@ -1,3 +1,6 @@
+//go:build !scanner
+// +build !scanner
+
 package gost
 
 import (
@@ -8,8 +11,7 @@ import (
 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
-	"github.com/knqyf263/gost/db"
-	gostmodels "github.com/knqyf263/gost/models"
+	gostmodels "github.com/vulsio/gost/models"
 )
 
 // RedHat is Gost client for RedHat family linux
@@ -17,12 +19,44 @@ type RedHat struct {
 	Base
 }
 
-// DetectUnfixed fills cve information that has in Gost
-func (red RedHat) DetectUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
-	return red.fillUnfixed(driver, r, ignoreWillNotFix)
+// DetectCVEs fills cve information that has in Gost
+func (red RedHat) DetectCVEs(r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
+	if red.DBDriver.Cnf.IsFetchViaHTTP() {
+		prefix, _ := util.URLPathJoin(red.DBDriver.Cnf.GetURL(), "redhat", major(r.Release), "pkgs")
+		responses, err := getAllUnfixedCvesViaHTTP(r, prefix)
+		if err != nil {
+			return 0, err
+		}
+		for _, res := range responses {
+			// CVE-ID: RedhatCVE
+			cves := map[string]gostmodels.RedhatCVE{}
+			if err := json.Unmarshal([]byte(res.json), &cves); err != nil {
+				return 0, err
+			}
+			for _, cve := range cves {
+				if newly := red.setUnfixedCveToScanResult(&cve, r); newly {
+					nCVEs++
+				}
+			}
+		}
+	} else {
+		if red.DBDriver.DB == nil {
+			return 0, nil
+		}
+		for _, pack := range r.Packages {
+			// CVE-ID: RedhatCVE
+			cves := red.DBDriver.DB.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix)
+			for _, cve := range cves {
+				if newly := red.setUnfixedCveToScanResult(&cve, r); newly {
+					nCVEs++
+				}
+			}
+		}
+	}
+	return nCVEs, nil
 }
 
-func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
+func (red RedHat) fillCvesWithRedHatAPI(r *models.ScanResult) error {
 	cveIDs := []string{}
 	for cveID, vuln := range r.ScannedCves {
 		if _, ok := vuln.CveContents[models.RedHatAPI]; ok {
@@ -31,9 +65,8 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
 		cveIDs = append(cveIDs, cveID)
 	}
 
-	if config.Conf.Gost.IsFetchViaHTTP() {
-		prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
-			"redhat", "cves")
+	if red.DBDriver.Cnf.IsFetchViaHTTP() {
+		prefix, _ := util.URLPathJoin(config.Conf.Gost.URL, "redhat", "cves")
 		responses, err := getCvesViaHTTP(cveIDs, prefix)
 		if err != nil {
 			return err
@@ -46,128 +79,68 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
 			if redCve.ID == 0 {
 				continue
 			}
-			cveCont := red.ConvertToModel(&redCve)
-			v, ok := r.ScannedCves[res.request.cveID]
-			if ok {
-				if v.CveContents == nil {
-					v.CveContents = models.NewCveContents(*cveCont)
-				} else {
-					v.CveContents[models.RedHatAPI] = *cveCont
-				}
-			} else {
-				v = models.VulnInfo{
-					CveID:       cveCont.CveID,
-					CveContents: models.NewCveContents(*cveCont),
-					Confidences: models.Confidences{models.RedHatAPIMatch},
-				}
-			}
-			r.ScannedCves[res.request.cveID] = v
+			red.setFixedCveToScanResult(&redCve, r)
 		}
 	} else {
-		if driver == nil {
+		if red.DBDriver.DB == nil {
 			return nil
 		}
-		for cveID, redCve := range driver.GetRedhatMulti(cveIDs) {
+		for _, redCve := range red.DBDriver.DB.GetRedhatMulti(cveIDs) {
 			if len(redCve.Name) == 0 {
 				continue
 			}
-			cveCont := red.ConvertToModel(&redCve)
-			v, ok := r.ScannedCves[cveID]
-			if ok {
-				if v.CveContents == nil {
-					v.CveContents = models.NewCveContents(*cveCont)
-				} else {
-					v.CveContents[models.RedHatAPI] = *cveCont
-				}
-			} else {
-				v = models.VulnInfo{
-					CveID:       cveCont.CveID,
-					CveContents: models.NewCveContents(*cveCont),
-					Confidences: models.Confidences{models.RedHatAPIMatch},
-				}
-			}
-			r.ScannedCves[cveID] = v
+			red.setFixedCveToScanResult(&redCve, r)
 		}
 	}
 
 	return nil
 }
 
-func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
-	if config.Conf.Gost.IsFetchViaHTTP() {
-		prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
-			"redhat", major(r.Release), "pkgs")
-		responses, err := getAllUnfixedCvesViaHTTP(r, prefix)
-		if err != nil {
-			return 0, err
-		}
-		for _, res := range responses {
-			// CVE-ID: RedhatCVE
-			cves := map[string]gostmodels.RedhatCVE{}
-			if err := json.Unmarshal([]byte(res.json), &cves); err != nil {
-				return 0, err
-			}
-
-			for _, cve := range cves {
-				cveCont := red.ConvertToModel(&cve)
-				v, ok := r.ScannedCves[cve.Name]
-				if ok {
-					if v.CveContents == nil {
-						v.CveContents = models.NewCveContents(*cveCont)
-					} else {
-						v.CveContents[models.RedHatAPI] = *cveCont
-					}
-				} else {
-					v = models.VulnInfo{
-						CveID:       cveCont.CveID,
-						CveContents: models.NewCveContents(*cveCont),
-						Confidences: models.Confidences{models.RedHatAPIMatch},
-					}
-					nCVEs++
-				}
-				pkgStats := red.mergePackageStates(v,
-					cve.PackageState, r.Packages, r.Release)
-				if 0 < len(pkgStats) {
-					v.AffectedPackages = pkgStats
-					r.ScannedCves[cve.Name] = v
-				}
-			}
+func (red RedHat) setFixedCveToScanResult(cve *gostmodels.RedhatCVE, r *models.ScanResult) {
+	cveCont, mitigations := red.ConvertToModel(cve)
+	v, ok := r.ScannedCves[cveCont.CveID]
+	if ok {
+		if v.CveContents == nil {
+			v.CveContents = models.NewCveContents(*cveCont)
+		} else {
+			v.CveContents[models.RedHatAPI] = []models.CveContent{*cveCont}
 		}
 	} else {
-		if driver == nil {
-			return 0, nil
-		}
-		for _, pack := range r.Packages {
-			// CVE-ID: RedhatCVE
-			cves := driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix)
-			for _, cve := range cves {
-				cveCont := red.ConvertToModel(&cve)
-				v, ok := r.ScannedCves[cve.Name]
-				if ok {
-					if v.CveContents == nil {
-						v.CveContents = models.NewCveContents(*cveCont)
-					} else {
-						v.CveContents[models.RedHatAPI] = *cveCont
-					}
-				} else {
-					v = models.VulnInfo{
-						CveID:       cveCont.CveID,
-						CveContents: models.NewCveContents(*cveCont),
-						Confidences: models.Confidences{models.RedHatAPIMatch},
-					}
-					nCVEs++
-				}
-
-				pkgStats := red.mergePackageStates(v,
-					cve.PackageState, r.Packages, r.Release)
-				if 0 < len(pkgStats) {
-					v.AffectedPackages = pkgStats
-					r.ScannedCves[cve.Name] = v
-				}
-			}
+		v = models.VulnInfo{
+			CveID:       cveCont.CveID,
+			CveContents: models.NewCveContents(*cveCont),
+			Confidences: models.Confidences{models.RedHatAPIMatch},
 		}
 	}
-	return nCVEs, nil
+	v.Mitigations = append(v.Mitigations, mitigations...)
+	r.ScannedCves[cveCont.CveID] = v
+}
+
+func (red RedHat) setUnfixedCveToScanResult(cve *gostmodels.RedhatCVE, r *models.ScanResult) (newly bool) {
+	cveCont, mitigations := red.ConvertToModel(cve)
+	v, ok := r.ScannedCves[cve.Name]
+	if ok {
+		if v.CveContents == nil {
+			v.CveContents = models.NewCveContents(*cveCont)
+		} else {
+			v.CveContents[models.RedHatAPI] = []models.CveContent{*cveCont}
+		}
+	} else {
+		v = models.VulnInfo{
+			CveID:       cveCont.CveID,
+			CveContents: models.NewCveContents(*cveCont),
+			Confidences: models.Confidences{models.RedHatAPIMatch},
+		}
+		newly = true
+	}
+	v.Mitigations = append(v.Mitigations, mitigations...)
+	pkgStats := red.mergePackageStates(v,
+		cve.PackageState, r.Packages, r.Release)
+	if 0 < len(pkgStats) {
+		v.AffectedPackages = pkgStats
+		r.ScannedCves[cve.Name] = v
+	}
+	return
 }
 
 func (red RedHat) mergePackageStates(v models.VulnInfo, ps []gostmodels.RedhatPackageState, installed models.Packages, release string) (pkgStats models.PackageFixStatuses) {
@@ -218,7 +191,7 @@ func (red RedHat) parseCwe(str string) (cwes []string) {
 }
 
 // ConvertToModel converts gost model to vuls model
-func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
+func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) (*models.CveContent, []models.Mitigation) {
 	cwes := red.parseCwe(cve.Cwe)
 
 	details := []string{}
@@ -249,6 +222,18 @@ func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
 		refs = append(refs, models.Reference{Link: r.Reference})
 	}
 
+	vendorURL := "https://access.redhat.com/security/cve/" + cve.Name
+	mitigations := []models.Mitigation{}
+	if cve.Mitigation != "" {
+		mitigations = []models.Mitigation{
+			{
+				CveContentType: models.RedHatAPI,
+				Mitigation:     cve.Mitigation,
+				URL:            vendorURL,
+			},
+		}
+	}
+
 	return &models.CveContent{
 		Type:          models.RedHatAPI,
 		CveID:         cve.Name,
@@ -262,8 +247,7 @@ func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
 		Cvss3Severity: v3severity,
 		References:    refs,
 		CweIDs:        cwes,
-		Mitigation:    cve.Mitigation,
 		Published:     cve.PublicDate,
-		SourceLink:    "https://access.redhat.com/security/cve/" + cve.Name,
-	}
+		SourceLink:    vendorURL,
+	}, mitigations
 }

gost/redhat_test.go

@@ -1,3 +1,6 @@
+//go:build !scanner
+// +build !scanner
+
 package gost
 
 import (

gost/ubuntu.go

@@ -0,0 +1,191 @@
+//go:build !scanner
+// +build !scanner
+
+package gost
+
+import (
+	"encoding/json"
+	"strings"
+
+	"github.com/future-architect/vuls/logging"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	gostmodels "github.com/vulsio/gost/models"
+)
+
+// Ubuntu is Gost client for Ubuntu
+type Ubuntu struct {
+	Base
+}
+
+func (ubu Ubuntu) supported(version string) bool {
+	_, ok := map[string]string{
+		"1404": "trusty",
+		"1604": "xenial",
+		"1804": "bionic",
+		"2004": "focal",
+		"2010": "groovy",
+		"2104": "hirsute",
+	}[version]
+	return ok
+}
+
+// DetectCVEs fills cve information that has in Gost
+func (ubu Ubuntu) DetectCVEs(r *models.ScanResult, _ bool) (nCVEs int, err error) {
+	ubuReleaseVer := strings.Replace(r.Release, ".", "", 1)
+	if !ubu.supported(ubuReleaseVer) {
+		logging.Log.Warnf("Ubuntu %s is not supported yet", r.Release)
+		return 0, nil
+	}
+
+	linuxImage := "linux-image-" + r.RunningKernel.Release
+	// Add linux and set the version of running kernel to search Gost.
+	if r.Container.ContainerID == "" {
+		newVer := ""
+		if p, ok := r.Packages[linuxImage]; ok {
+			newVer = p.NewVersion
+		}
+		r.Packages["linux"] = models.Package{
+			Name:       "linux",
+			Version:    r.RunningKernel.Version,
+			NewVersion: newVer,
+		}
+	}
+
+	packCvesList := []packCves{}
+	if ubu.DBDriver.Cnf.IsFetchViaHTTP() {
+		url, _ := util.URLPathJoin(ubu.DBDriver.Cnf.GetURL(), "ubuntu", ubuReleaseVer, "pkgs")
+		responses, err := getAllUnfixedCvesViaHTTP(r, url)
+		if err != nil {
+			return 0, err
+		}
+
+		for _, res := range responses {
+			ubuCves := map[string]gostmodels.UbuntuCVE{}
+			if err := json.Unmarshal([]byte(res.json), &ubuCves); err != nil {
+				return 0, err
+			}
+			cves := []models.CveContent{}
+			for _, ubucve := range ubuCves {
+				cves = append(cves, *ubu.ConvertToModel(&ubucve))
+			}
+			packCvesList = append(packCvesList, packCves{
+				packName:  res.request.packName,
+				isSrcPack: res.request.isSrcPack,
+				cves:      cves,
+			})
+		}
+	} else {
+		if ubu.DBDriver.DB == nil {
+			return 0, nil
+		}
+		for _, pack := range r.Packages {
+			ubuCves := ubu.DBDriver.DB.GetUnfixedCvesUbuntu(ubuReleaseVer, pack.Name)
+			cves := []models.CveContent{}
+			for _, ubucve := range ubuCves {
+				cves = append(cves, *ubu.ConvertToModel(&ubucve))
+			}
+			packCvesList = append(packCvesList, packCves{
+				packName:  pack.Name,
+				isSrcPack: false,
+				cves:      cves,
+			})
+		}
+
+		// SrcPack
+		for _, pack := range r.SrcPackages {
+			ubuCves := ubu.DBDriver.DB.GetUnfixedCvesUbuntu(ubuReleaseVer, pack.Name)
+			cves := []models.CveContent{}
+			for _, ubucve := range ubuCves {
+				cves = append(cves, *ubu.ConvertToModel(&ubucve))
+			}
+			packCvesList = append(packCvesList, packCves{
+				packName:  pack.Name,
+				isSrcPack: true,
+				cves:      cves,
+			})
+		}
+	}
+
+	delete(r.Packages, "linux")
+
+	for _, p := range packCvesList {
+		for _, cve := range p.cves {
+			v, ok := r.ScannedCves[cve.CveID]
+			if ok {
+				if v.CveContents == nil {
+					v.CveContents = models.NewCveContents(cve)
+				} else {
+					v.CveContents[models.UbuntuAPI] = []models.CveContent{cve}
+				}
+			} else {
+				v = models.VulnInfo{
+					CveID:       cve.CveID,
+					CveContents: models.NewCveContents(cve),
+					Confidences: models.Confidences{models.UbuntuAPIMatch},
+				}
+				nCVEs++
+			}
+
+			names := []string{}
+			if p.isSrcPack {
+				if srcPack, ok := r.SrcPackages[p.packName]; ok {
+					for _, binName := range srcPack.BinaryNames {
+						if _, ok := r.Packages[binName]; ok {
+							names = append(names, binName)
+						}
+					}
+				}
+			} else {
+				if p.packName == "linux" {
+					names = append(names, linuxImage)
+				} else {
+					names = append(names, p.packName)
+				}
+			}
+
+			for _, name := range names {
+				v.AffectedPackages = v.AffectedPackages.Store(models.PackageFixStatus{
+					Name:        name,
+					FixState:    "open",
+					NotFixedYet: true,
+				})
+			}
+			r.ScannedCves[cve.CveID] = v
+		}
+	}
+	return nCVEs, nil
+}
+
+// ConvertToModel converts gost model to vuls model
+func (ubu Ubuntu) ConvertToModel(cve *gostmodels.UbuntuCVE) *models.CveContent {
+	references := []models.Reference{}
+	for _, r := range cve.References {
+		if strings.Contains(r.Reference, "https://cve.mitre.org/cgi-bin/cvename.cgi?name=") {
+			references = append(references, models.Reference{Source: "CVE", Link: r.Reference})
+		} else {
+			references = append(references, models.Reference{Link: r.Reference})
+		}
+	}
+
+	for _, b := range cve.Bugs {
+		references = append(references, models.Reference{Source: "Bug", Link: b.Bug})
+	}
+
+	for _, u := range cve.Upstreams {
+		for _, upstreamLink := range u.UpstreamLinks {
+			references = append(references, models.Reference{Source: "UPSTREAM", Link: upstreamLink.Link})
+		}
+	}
+
+	return &models.CveContent{
+		Type:          models.UbuntuAPI,
+		CveID:         cve.Candidate,
+		Summary:       cve.Description,
+		Cvss2Severity: cve.Priority,
+		Cvss3Severity: cve.Priority,
+		SourceLink:    "https://ubuntu.com/security/" + cve.Candidate,
+		References:    references,
+		Published:     cve.PublicDate,
+	}
+}

gost/ubuntu_test.go

@@ -0,0 +1,137 @@
+package gost
+
+import (
+	"reflect"
+	"testing"
+	"time"
+
+	"github.com/future-architect/vuls/models"
+	gostmodels "github.com/vulsio/gost/models"
+)
+
+func TestUbuntu_Supported(t *testing.T) {
+	type args struct {
+		ubuReleaseVer string
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "14.04 is supported",
+			args: args{
+				ubuReleaseVer: "1404",
+			},
+			want: true,
+		},
+		{
+			name: "16.04 is supported",
+			args: args{
+				ubuReleaseVer: "1604",
+			},
+			want: true,
+		},
+		{
+			name: "18.04 is supported",
+			args: args{
+				ubuReleaseVer: "1804",
+			},
+			want: true,
+		},
+		{
+			name: "20.04 is supported",
+			args: args{
+				ubuReleaseVer: "2004",
+			},
+			want: true,
+		},
+		{
+			name: "20.10 is supported",
+			args: args{
+				ubuReleaseVer: "2010",
+			},
+			want: true,
+		},
+		{
+			name: "21.04 is supported",
+			args: args{
+				ubuReleaseVer: "2104",
+			},
+			want: true,
+		},
+		{
+			name: "empty string is not supported yet",
+			args: args{
+				ubuReleaseVer: "",
+			},
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			ubu := Ubuntu{}
+			if got := ubu.supported(tt.args.ubuReleaseVer); got != tt.want {
+				t.Errorf("Ubuntu.Supported() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestUbuntuConvertToModel(t *testing.T) {
+	tests := []struct {
+		name     string
+		input    gostmodels.UbuntuCVE
+		expected models.CveContent
+	}{
+		{
+			name: "gost Ubuntu.ConvertToModel",
+			input: gostmodels.UbuntuCVE{
+				Candidate:  "CVE-2021-3517",
+				PublicDate: time.Date(2021, 5, 19, 14, 15, 0, 0, time.UTC),
+				References: []gostmodels.UbuntuReference{
+					{Reference: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517"},
+					{Reference: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/235"},
+					{Reference: "https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2"}},
+				Description: "description.",
+				Notes:       []gostmodels.UbuntuNote{},
+				Bugs:        []gostmodels.UbuntuBug{{Bug: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738"}},
+				Priority:    "medium",
+				Patches: []gostmodels.UbuntuPatch{
+					{PackageName: "libxml2", ReleasePatches: []gostmodels.UbuntuReleasePatch{
+						{ReleaseName: "focal", Status: "needed", Note: ""},
+					}},
+				},
+				Upstreams: []gostmodels.UbuntuUpstream{{
+					PackageName: "libxml2", UpstreamLinks: []gostmodels.UbuntuUpstreamLink{
+						{Link: "https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2"},
+					},
+				}},
+			},
+			expected: models.CveContent{
+				Type:          models.UbuntuAPI,
+				CveID:         "CVE-2021-3517",
+				Summary:       "description.",
+				Cvss2Severity: "medium",
+				Cvss3Severity: "medium",
+				SourceLink:    "https://ubuntu.com/security/CVE-2021-3517",
+				References: []models.Reference{
+					{Source: "CVE", Link: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517"},
+					{Link: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/235"},
+					{Link: "https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2"},
+					{Source: "Bug", Link: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738"},
+					{Source: "UPSTREAM", Link: "https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2"}},
+				Published: time.Date(2021, 5, 19, 14, 15, 0, 0, time.UTC),
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			ubu := Ubuntu{}
+			got := ubu.ConvertToModel(&tt.input)
+			if !reflect.DeepEqual(got, &tt.expected) {
+				t.Errorf("Ubuntu.ConvertToModel() = %#v, want %#v", got, &tt.expected)
+			}
+		})
+	}
+}

gost/util.go

@@ -1,10 +1,15 @@
+//go:build !scanner
+// +build !scanner
+
 package gost
 
 import (
 	"net/http"
+	"strings"
 	"time"
 
 	"github.com/cenkalti/backoff"
+	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
 	"github.com/parnurzeal/gorequest"
@@ -47,7 +52,7 @@ func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
 				if err != nil {
 					errChan <- err
 				} else {
-					util.Log.Debugf("HTTP Request to %s", url)
+					logging.Log.Debugf("HTTP Request to %s", url)
 					httpGet(url, req, resChan, errChan)
 				}
 			}
@@ -81,7 +86,10 @@ type request struct {
 
 func getAllUnfixedCvesViaHTTP(r *models.ScanResult, urlPrefix string) (
 	responses []response, err error) {
+	return getCvesWithFixStateViaHTTP(r, urlPrefix, "unfixed-cves")
+}
 
+func getCvesWithFixStateViaHTTP(r *models.ScanResult, urlPrefix, fixState string) (responses []response, err error) {
 	nReq := len(r.Packages) + len(r.SrcPackages)
 	reqChan := make(chan request, nReq)
 	resChan := make(chan response, nReq)
@@ -116,12 +124,12 @@ func getAllUnfixedCvesViaHTTP(r *models.ScanResult, urlPrefix string) (
 				url, err := util.URLPathJoin(
 					urlPrefix,
 					req.packName,
-					"unfixed-cves",
+					fixState,
 				)
 				if err != nil {
 					errChan <- err
 				} else {
-					util.Log.Debugf("HTTP Request to %s", url)
+					logging.Log.Debugf("HTTP Request to %s", url)
 					httpGet(url, req, resChan, errChan)
 				}
 			}
@@ -153,18 +161,18 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er
 	count, retryMax := 0, 3
 	f := func() (err error) {
 		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-		resp, body, errs = gorequest.New().Get(url).End()
+		resp, body, errs = gorequest.New().Timeout(10 * time.Second).Get(url).End()
 		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
 			count++
 			if count == retryMax {
 				return nil
 			}
-			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
+			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %+v", url, resp, errs)
 		}
 		return nil
 	}
 	notify := func(err error, t time.Duration) {
-		util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
+		logging.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %+v", t, err)
 	}
 	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
 	if err != nil {
@@ -181,3 +189,7 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er
 		json:    body,
 	}
 }
+
+func major(osVer string) (majorVersion string) {
+	return strings.Split(osVer, ".")[0]
+}

img/vuls-scan-flow-fast.graphml

@@ -1,414 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.17-->
-  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
-  <key for="port" id="d1" yfiles.type="portgraphics"/>
-  <key for="port" id="d2" yfiles.type="portgeometry"/>
-  <key for="port" id="d3" yfiles.type="portuserdata"/>
-  <key attr.name="url" attr.type="string" for="node" id="d4"/>
-  <key attr.name="description" attr.type="string" for="node" id="d5"/>
-  <key for="node" id="d6" yfiles.type="nodegraphics"/>
-  <key for="graphml" id="d7" yfiles.type="resources"/>
-  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
-  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
-  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
-  <graph edgedefault="directed" id="G">
-    <data key="d0"/>
-    <node id="n0">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="0.0"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="83.482421875" x="92.2587890625" y="18.93359375">Detect the OS<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n1">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.decision">
-          <y:Geometry height="40.0" width="80.0" x="403.6849206349206" y="206.44247787610618"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="38.0" y="18.0">
-            <y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n2">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="90.44247787610618" width="268.0" x="309.6849206349206" y="86.0"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="right" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="88.796875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="170.763671875" x="48.61816406250006" y="0.8228014380530908">Get installed packages
-Alpine: apk
-Debian/Ubuntu: dpkg-query
-Amazon/RHEL/CentOS: rpm
-SUSE: zypper
-FreeBSD: pkg<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n3">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="630.0546766682629"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="152.634765625" x="57.6826171875" y="18.93359375">Write results to JSON files<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n4">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="287.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="232.744140625" x="17.6279296875" y="4.80078125">Get CVE IDs by using package manager
-Amazon: yum plugin security
-FreeBSD: pkg audit<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n5">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="750.4705298628534"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="42.595703125" x="112.7021484375" y="18.93359375">Report<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n6" yfiles.foldertype="group">
-      <data key="d4"/>
-      <data key="d6">
-        <y:ProxyAutoBoundsNode>
-          <y:Realizers active="0">
-            <y:GroupNode>
-              <y:Geometry height="116.89483989807195" width="333.6788874841973" x="234.29467728596296" y="709.1901021013174"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="333.6788874841973" x="0.0" y="0.0">Vulnerability Database</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-            <y:GroupNode>
-              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 1</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-          </y:Realizers>
-        </y:ProxyAutoBoundsNode>
-      </data>
-      <graph edgedefault="directed" id="n6:">
-        <node id="n6::n0">
-          <data key="d6">
-            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="416.1341210280616" y="745.8561177263174"/>
-              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="117.970703125" x="9.434370308549205" y="23.548005886535975">CVE DB (NVD / JVN)<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-            </y:GenericNode>
-          </data>
-        </node>
-        <node id="n6::n1">
-          <data key="d6">
-            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="249.29467728596296" y="745.8561177263174"/>
-              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.533203125" x="40.653120308549205" y="23.548005886535975">OVAL DB<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-            </y:GenericNode>
-          </data>
-        </node>
-      </graph>
-    </node>
-    <node id="n7">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="27.144753476611868" y="287.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="260.83984375" x="3.580078125" y="11.8671875">Check upgradable packages
-Debian/Ubuntu: apt-get upgrade --dry-run<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n8">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.loopLimit">
-          <y:Geometry height="51.10998735777497" width="137.19216182048035" x="92.54867256637169" y="376.28592169721867"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.751953125" x="2.7201043477401754" y="9.422181178887513">foreach 
-upgradable  packages<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="5.551115123125783E-16" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n9">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="27.144753476611868" y="459.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="213.619140625" x="27.1904296875" y="11.8671875">Parse changelog and get  CVE IDs
-Debian/Ubuntu: aptitude changelog<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n10">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.loopLimitEnd">
-          <y:Geometry height="50.0" width="137.0" x="92.64475347661187" y="545.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.24609375" x="40.876953125" y="15.93359375">end loop<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <edge id="e0" source="n2" target="n1">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="45.22123893805309" tx="0.0" ty="-20.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e1" source="n1" target="n4">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="40.0" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="743.3698412698412" y="226.44247787610618"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="51.806640625" x="183.35883739927397" y="2.000003510871693">Amazon
-FreeBSD<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="1.9999999999998863" distanceToCenter="false" position="right" ratio="0.7796030035582084" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e2" source="n0" target="n2">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-45.22123893805309"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e3" source="n5" target="n6">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="10.8330078125"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e4" source="n1" target="n3">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="-123.36984126984123" ty="0.0">
-            <y:Point x="443.6849206349206" y="658.0546766682629"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="102.9296875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="77.078125" x="-97.68364242524859" y="5.005267793098369">Alpine Linux
-CentOS
-RHEL
-Ubuntu
-Debian
-Oracle Linux
-Suse<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="59.14459455430983" distanceToCenter="true" position="right" ratio="0.0" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e5" source="n4" target="n3">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e6" source="n7" target="n8">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.554993678887485"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e7" source="n8" target="n9">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="25.554993678887485" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e8" source="n9" target="n10">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e9" source="n3" target="n5">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e10" source="n1" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
-            <y:Point x="161.14475347661187" y="226.44247787610618"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="56.98046875" x="-196.80057112212188" y="20.933597260871807">Raspbian<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="left" ratio="0.6447921222409765" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e11" source="n10" target="n3">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="-125.78842258255952" ty="0.0">
-            <y:Point x="161.14475347661187" y="658.0546766682629"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-  </graph>
-  <data key="d7">
-    <y:Resources/>
-  </data>
-</graphml>

img/vuls-scan-flow.graphml

@@ -1,515 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.17-->
-  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
-  <key for="port" id="d1" yfiles.type="portgraphics"/>
-  <key for="port" id="d2" yfiles.type="portgeometry"/>
-  <key for="port" id="d3" yfiles.type="portuserdata"/>
-  <key attr.name="url" attr.type="string" for="node" id="d4"/>
-  <key attr.name="description" attr.type="string" for="node" id="d5"/>
-  <key for="node" id="d6" yfiles.type="nodegraphics"/>
-  <key for="graphml" id="d7" yfiles.type="resources"/>
-  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
-  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
-  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
-  <graph edgedefault="directed" id="G">
-    <data key="d0"/>
-    <node id="n0">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="0.0"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="83.482421875" x="92.2587890625" y="18.93359375">Detect the OS<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n1">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.decision">
-          <y:Geometry height="40.0" width="80.0" x="403.6849206349206" y="206.44247787610618"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="38.0" y="18.0">
-            <y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n2">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="90.44247787610618" width="268.0" x="309.6849206349206" y="86.0"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="right" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="88.796875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="170.763671875" x="48.61816406250006" y="0.8228014380530908">Get installed packages
-Alpine Linux: apk
-Debian/Ubuntu: dpkg-query
-Amazon/RHEL/CentOS: rpm
-FreeBSD: pkg
-SUSE: zypper<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n3">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="10.0" y="287.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="260.83984375" x="3.580078125" y="11.8671875">Check upgradable packages
-Debian/Ubuntu: apt-get upgrade --dry-run<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n4">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.loopLimit">
-          <y:Geometry height="51.10998735777497" width="137.19216182048035" x="75.40391908975982" y="376.28592169721867"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.751953125" x="2.7201043477401754" y="9.422181178887513">foreach 
-upgradable  packages<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="5.551115123125783E-16" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n5">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="10.0" y="459.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="213.619140625" x="27.1904296875" y="11.8671875">Parse changelog and get  CVE IDs
-Debian/Ubuntu: aptitude changelog<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n6">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.loopLimitEnd">
-          <y:Geometry height="50.0" width="137.0" x="75.5" y="545.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.24609375" x="40.876953125" y="15.93359375">end loop<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n7">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="625.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="152.634765625" x="57.6826171875" y="18.93359375">Write results to JSON files<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n8">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="287.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="232.744140625" x="17.6279296875" y="4.80078125">Get CVE IDs by using package manager
-Amazon/RHEL: yum plugin security
-FreeBSD: pkg audit<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n9">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="716.4553275126422"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="42.595703125" x="112.7021484375" y="18.93359375">Report<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n10">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="371.39590905499364"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="293.06640625" x="-12.533203124999943" y="11.8671875">Get all changelogs of updatable packages at once
-yum changelog<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n11">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.68492063492056" y="459.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="205.52734375" x="31.236328125000057" y="18.93359375">Parse changelogs and get CVE IDs <y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n12">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="373.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="293.06640625" x="-12.533203124999886" y="11.8671875">Get all changelogs of updatable packages at once
-Amazon / RHEL: yum changelog<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n13" yfiles.foldertype="group">
-      <data key="d4"/>
-      <data key="d6">
-        <y:ProxyAutoBoundsNode>
-          <y:Realizers active="0">
-            <y:GroupNode>
-              <y:Geometry height="116.89483989807195" width="333.6788874841973" x="229.74083438685204" y="675.1748997511062"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="333.6788874841973" x="0.0" y="0.0">Vulnerability Database</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-            <y:GroupNode>
-              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 1</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-          </y:Realizers>
-        </y:ProxyAutoBoundsNode>
-      </data>
-      <graph edgedefault="directed" id="n13:">
-        <node id="n13::n0">
-          <data key="d6">
-            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="411.5802781289507" y="711.8409153761062"/>
-              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="117.970703125" x="9.434370308549205" y="23.548005886535975">CVE DB (NVD / JVN)<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-            </y:GenericNode>
-          </data>
-        </node>
-        <node id="n13::n1">
-          <data key="d6">
-            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="244.74083438685204" y="711.8409153761062"/>
-              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.533203125" x="40.653120308549205" y="23.548005886535975">OVAL DB<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-            </y:GenericNode>
-          </data>
-        </node>
-      </graph>
-    </node>
-    <edge id="e0" source="n2" target="n1">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="45.22123893805309" tx="0.0" ty="-20.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e1" source="n1" target="n3">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="-40.0" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="144.0" y="226.44247787610618"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="56.98046875" x="-257.65322875976574" y="2.0000035108718635">Debian
-Ubuntu
-Raspbian<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="1.9999999999998863" distanceToCenter="false" position="left" ratio="0.8652035780364729" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e2" source="n3" target="n4">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.554993678887485"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e3" source="n4" target="n5">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="25.554993678887485" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e4" source="n5" target="n6">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e5" source="n6" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="68.5" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="743.3698412698412" y="570.8409153761062"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e6" source="n1" target="n8">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="40.0" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="743.3698412698412" y="226.44247787610618"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="51.806640625" x="200.87829463898197" y="4.000003510871693">Amazon
-RHEL
-FreeBSD<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="6.999999999999886" distanceToCenter="false" position="right" ratio="0.8192728556300707" segment="-1"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e7" source="n0" target="n2">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-45.22123893805309"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e8" source="n7" target="n9">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e9" source="n1" target="n10">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="20.0" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="46.708984375" x="-53.35447755843876" y="5.000003510871807">CentOS<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="right" ratio="0.0" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e10" source="n10" target="n11">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e11" source="n11" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="-24.34091537610618">
-            <y:Point x="743.3698412698412" y="487.8409153761062"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e12" source="n8" target="n12">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e13" source="n12" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e14" source="n9" target="n13">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="10.8330078125"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e15" source="n1" target="n7">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
-            <y:Point x="999.0" y="226.44247787610618"/>
-            <y:Point x="999.0" y="570.8409153761062"/>
-            <y:Point x="743.3698412698412" y="570.8409153761062"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="76.8203125" x="422.923942251054" y="13.867191010871807">Alpine Linux
-SUSE<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="right" ratio="0.8856709076027529" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-  </graph>
-  <data key="d7">
-    <y:Resources/>
-  </data>
-</graphml>

img/vuls-usecase-elb-rails-rds-all.graphml

@@ -1,265 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.14.2-->
-  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
-  <key for="port" id="d1" yfiles.type="portgraphics"/>
-  <key for="port" id="d2" yfiles.type="portgeometry"/>
-  <key for="port" id="d3" yfiles.type="portuserdata"/>
-  <key attr.name="url" attr.type="string" for="node" id="d4"/>
-  <key attr.name="description" attr.type="string" for="node" id="d5"/>
-  <key for="node" id="d6" yfiles.type="nodegraphics"/>
-  <key for="graphml" id="d7" yfiles.type="resources"/>
-  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
-  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
-  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
-  <graph edgedefault="directed" id="G">
-    <data key="d0"/>
-    <node id="n0">
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="478.6165008544913" y="1358.206868489578"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="28.87890625" x="22.185546875" y="15.93359375">Vuls<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n1">
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="711.9623756408686" y="1043.7241210937468"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="38.623046875" x="17.3134765625" y="15.93359375">Nginx<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n2">
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="711.9623756408686" y="1287.206868489578"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="42.7890625" x="15.23046875" y="15.93359375">MySQL<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n3" yfiles.foldertype="group">
-      <data key="d4"/>
-      <data key="d6">
-        <y:ProxyAutoBoundsNode>
-          <y:Realizers active="0">
-            <y:GroupNode>
-              <y:Geometry height="101.666015625" width="291.7208747863772" x="602.72693824768" y="1146.2994791666624"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" modelName="internal" modelPosition="t" textColor="#000000" visible="true" width="291.7208747863772" x="0.0" y="0.0">Web/App</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="23" leftF="23.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-            <y:GroupNode>
-              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" modelName="internal" modelPosition="t" textColor="#000000" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 5</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-          </y:Realizers>
-        </y:ProxyAutoBoundsNode>
-      </data>
-      <graph edgedefault="directed" id="n3:">
-        <node id="n3::n0">
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="640.72693824768" y="1182.9654947916624"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-        <node id="n3::n1">
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="723.4623756408686" y="1182.9654947916624"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-        <node id="n3::n2">
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="806.1978130340572" y="1182.9654947916624"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-      </graph>
-    </node>
-    <node id="n4">
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="821.1978130340572" y="1287.206868489578"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="35.412109375" x="18.9189453125" y="15.93359375">Redis<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <edge id="e0" source="n3" target="n1">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e1" source="n3" target="n2">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e2" source="n0" target="n3::n0">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e3" source="n0" target="n3::n1">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e4" source="n0" target="n3::n2">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e5" source="n3" target="n4">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e6" source="n0" target="n4">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e7" source="n0" target="n1">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e8" source="n0" target="n2">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-  </graph>
-  <data key="d7">
-    <y:Resources/>
-  </data>
-</graphml>

img/vuls-usecase-elb-rails-rds-single.graphml

@@ -1,194 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.14.2-->
-  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
-  <key for="port" id="d1" yfiles.type="portgraphics"/>
-  <key for="port" id="d2" yfiles.type="portgeometry"/>
-  <key for="port" id="d3" yfiles.type="portuserdata"/>
-  <key attr.name="url" attr.type="string" for="node" id="d4"/>
-  <key attr.name="description" attr.type="string" for="node" id="d5"/>
-  <key for="node" id="d6" yfiles.type="nodegraphics"/>
-  <key for="graphml" id="d7" yfiles.type="resources"/>
-  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
-  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
-  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
-  <graph edgedefault="directed" id="G">
-    <data key="d0"/>
-    <node id="n0">
-      <data key="d5"/>
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="508.30825042724564" y="1132.4827473958312"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="28.87890625" x="22.185546875" y="15.93359375">Vuls<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n1">
-      <data key="d5"/>
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="749.6541252136229" y="993.2413736979156"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="23.8046875" x="24.72265625" y="15.93359375">ELB<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n2">
-      <data key="d5"/>
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="749.6541252136229" y="1236.7241210937468"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="27.0390625" x="23.10546875" y="15.93359375">RDS<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n3" yfiles.foldertype="group">
-      <data key="d4"/>
-      <data key="d5"/>
-      <data key="d6">
-        <y:ProxyAutoBoundsNode>
-          <y:Realizers active="0">
-            <y:GroupNode>
-              <y:Geometry height="101.666015625" width="291.7208747863772" x="640.4186878204343" y="1095.8167317708312"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" modelName="internal" modelPosition="t" textColor="#000000" visible="true" width="291.7208747863772" x="0.0" y="0.0">Web/App</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="23" leftF="23.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-            <y:GroupNode>
-              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" modelName="internal" modelPosition="t" textColor="#000000" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 5</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-          </y:Realizers>
-        </y:ProxyAutoBoundsNode>
-      </data>
-      <graph edgedefault="directed" id="n3:">
-        <node id="n3::n0">
-          <data key="d5"/>
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="678.4186878204343" y="1132.4827473958312"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-        <node id="n3::n1">
-          <data key="d5"/>
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="761.1541252136229" y="1132.4827473958312"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-        <node id="n3::n2">
-          <data key="d5"/>
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="843.8895626068115" y="1132.4827473958312"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-      </graph>
-    </node>
-    <edge id="e0" source="n3" target="n1">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e1" source="n3" target="n2">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e2" source="n0" target="n3::n0">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-  </graph>
-  <data key="d7">
-    <y:Resources/>
-  </data>
-</graphml>

integration/data/lockfile/Gemfile.lock

@@ -0,0 +1,311 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actionmailer (4.2.6)
+      actionpack (= 4.2.6)
+      actionview (= 4.2.6)
+      activejob (= 4.2.6)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+    actionpack (4.2.6)
+      actionview (= 4.2.6)
+      activesupport (= 4.2.6)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionpack-action_caching (1.1.1)
+      actionpack (>= 4.0.0, < 5.0)
+    actionpack-xml_parser (1.0.2)
+      actionpack (>= 4.0.0, < 5)
+    actionview (4.2.6)
+      activesupport (= 4.2.6)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    activejob (4.2.6)
+      activesupport (= 4.2.6)
+      globalid (>= 0.3.0)
+    activemodel (4.2.6)
+      activesupport (= 4.2.6)
+      builder (~> 3.1)
+    activerecord (4.2.6)
+      activemodel (= 4.2.6)
+      activesupport (= 4.2.6)
+      arel (~> 6.0)
+    activesupport (4.2.6)
+      i18n (~> 0.7)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    addressable (2.4.0)
+    arel (6.0.3)
+    bourbon (4.2.7)
+      sass (~> 3.4)
+      thor (~> 0.19)
+    builder (3.2.2)
+    byebug (8.2.4)
+    capistrano (3.4.1)
+      i18n
+      rake (>= 10.0.0)
+      sshkit (~> 1.3)
+    capistrano-bundler (1.1.4)
+      capistrano (~> 3.1)
+      sshkit (~> 1.2)
+    capistrano-passenger (0.2.0)
+      capistrano (~> 3.0)
+    capistrano-rails (1.1.6)
+      capistrano (~> 3.1)
+      capistrano-bundler (~> 1.1)
+    capybara (2.7.0)
+      addressable
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      xpath (~> 2.0)
+    childprocess (0.5.9)
+      ffi (~> 1.0, >= 1.0.11)
+    coderay (1.1.1)
+    concurrent-ruby (1.0.1)
+    css_parser (1.3.7)
+      addressable
+    daemons (1.2.3)
+    database_cleaner (1.5.2)
+    diff-lcs (1.2.5)
+    docile (1.1.5)
+    erubis (2.7.0)
+    eventmachine (1.2.0.1)
+    faraday (0.8.11)
+      multipart-post (~> 1.2.0)
+    faraday_middleware (0.9.2)
+      faraday (>= 0.7.4, < 0.10)
+    ffi (1.9.10)
+    fuubar (2.0.0)
+      rspec (~> 3.0)
+      ruby-progressbar (~> 1.4)
+    gemoji (1.5.0)
+    globalid (0.3.6)
+      activesupport (>= 4.1.0)
+    hashie (1.2.0)
+    headless (2.2.3)
+    htmlentities (4.3.1)
+    i18n (0.7.0)
+    inifile (3.0.0)
+    jquery-rails (3.1.4)
+      railties (>= 3.0, < 5.0)
+      thor (>= 0.14, < 2.0)
+    json (1.8.3)
+    le (2.7.1)
+    loofah (2.0.3)
+      nokogiri (>= 1.5.9)
+    mail (2.6.4)
+      mime-types (>= 1.16, < 4)
+    metaclass (0.0.4)
+    method_source (0.8.2)
+    mime-types (3.0)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0221)
+    mini_portile2 (2.0.0)
+    minitest (5.8.4)
+    mocha (1.1.0)
+      metaclass (~> 0.0.1)
+    multi_json (1.11.2)
+    multipart-post (1.2.0)
+    net-ldap (0.12.1)
+    net-scp (1.2.1)
+      net-ssh (>= 2.6.5)
+    net-ssh (3.1.1)
+    nokogiri (1.6.7.2)
+      mini_portile2 (~> 2.0.0.rc2)
+    pg (0.18.4)
+    power_assert (0.2.7)
+    protected_attributes (1.1.3)
+      activemodel (>= 4.0.1, < 5.0)
+    pry (0.10.3)
+      coderay (~> 1.1.0)
+      method_source (~> 0.8.1)
+      slop (~> 3.4)
+    pry-byebug (3.3.0)
+      byebug (~> 8.0)
+      pry (~> 0.10)
+    pry-nav (0.2.4)
+      pry (>= 0.9.10, < 0.11.0)
+    rack (1.6.4)
+    rack-openid (1.4.2)
+      rack (>= 1.1.0)
+      ruby-openid (>= 2.1.8)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails (4.2.6)
+      actionmailer (= 4.2.6)
+      actionpack (= 4.2.6)
+      actionview (= 4.2.6)
+      activejob (= 4.2.6)
+      activemodel (= 4.2.6)
+      activerecord (= 4.2.6)
+      activesupport (= 4.2.6)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 4.2.6)
+      sprockets-rails
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.7)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6.0)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    railties (4.2.6)
+      actionpack (= 4.2.6)
+      activesupport (= 4.2.6)
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (11.1.2)
+    rbpdf (1.19.0)
+      htmlentities (= 4.3.1)
+      rbpdf-font (~> 1.19.0)
+    rbpdf-font (1.19.0)
+    rdoc (4.2.2)
+      json (~> 1.4)
+    redcarpet (3.3.4)
+    request_store (1.0.5)
+    rmagick (2.15.4)
+    roadie (3.1.1)
+      css_parser (~> 1.3.4)
+      nokogiri (>= 1.5.0, < 1.7.0)
+    roadie-rails (1.1.1)
+      railties (>= 3.0, < 5.1)
+      roadie (~> 3.1)
+    rspec (3.4.0)
+      rspec-core (~> 3.4.0)
+      rspec-expectations (~> 3.4.0)
+      rspec-mocks (~> 3.4.0)
+    rspec-core (3.4.4)
+      rspec-support (~> 3.4.0)
+    rspec-expectations (3.4.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.4.0)
+    rspec-mocks (3.4.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.4.0)
+    rspec-rails (3.4.2)
+      actionpack (>= 3.0, < 4.3)
+      activesupport (>= 3.0, < 4.3)
+      railties (>= 3.0, < 4.3)
+      rspec-core (~> 3.4.0)
+      rspec-expectations (~> 3.4.0)
+      rspec-mocks (~> 3.4.0)
+      rspec-support (~> 3.4.0)
+    rspec-support (3.4.1)
+    ruby-openid (2.3.0)
+    ruby-progressbar (1.7.5)
+    rubyzip (1.2.0)
+    sass (3.4.22)
+    selenium-webdriver (2.53.0)
+      childprocess (~> 0.5)
+      rubyzip (~> 1.0)
+      websocket (~> 1.0)
+    simplecov (0.9.2)
+      docile (~> 1.1.0)
+      multi_json (~> 1.0)
+      simplecov-html (~> 0.9.0)
+    simplecov-html (0.9.0)
+    simplecov-rcov (0.2.3)
+      simplecov (>= 0.4.1)
+    slim (3.0.6)
+      temple (~> 0.7.3)
+      tilt (>= 1.3.3, < 2.1)
+    slop (3.6.0)
+    sprockets (3.6.0)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.0.4)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sshkit (1.9.0)
+      net-scp (>= 1.1.2)
+      net-ssh (>= 2.8.0)
+    temple (0.7.6)
+    test-unit (3.1.8)
+      power_assert
+    thin (1.6.4)
+      daemons (~> 1.0, >= 1.0.9)
+      eventmachine (~> 1.0, >= 1.0.4)
+      rack (~> 1.0)
+    thor (0.19.1)
+    thread_safe (0.3.5)
+    tilt (2.0.2)
+    transifex-ruby-fork-jg (0.1.0)
+      faraday (~> 0.8.0)
+      faraday_middleware (~> 0.9.0)
+      hashie (~> 1.2.0)
+    tzinfo (1.2.2)
+      thread_safe (~> 0.1)
+    websocket (1.2.3)
+    xpath (2.0.0)
+      nokogiri (~> 1.3)
+    yard (0.8.7.6)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  actionpack-action_caching
+  actionpack-xml_parser
+  activerecord-jdbc-adapter (~> 1.3.2)
+  activerecord-jdbcpostgresql-adapter
+  bourbon
+  builder (>= 3.0.4)
+  capistrano (~> 3.1)
+  capistrano-bundler (~> 1.1.2)
+  capistrano-passenger
+  capistrano-rails (~> 1.1)
+  capybara
+  coderay (~> 1.1.0)
+  database_cleaner
+  fuubar
+  gemoji (= 1.5.0)
+  headless
+  inifile
+  jquery-rails (~> 3.1.4)
+  le
+  mime-types (~> 3.0)
+  minitest
+  mocha
+  net-ldap (~> 0.12.0)
+  nokogiri (>= 1.6.7.2)
+  pg (~> 0.18.1)
+  protected_attributes
+  pry
+  pry-byebug
+  pry-nav
+  rack-openid
+  rails (= 4.2.6)
+  rails-dom-testing
+  rails-html-sanitizer (>= 1.0.3)
+  rbpdf (~> 1.19.0)
+  rdoc (>= 2.4.2)
+  redcarpet (~> 3.3.2)
+  request_store (= 1.0.5)
+  rmagick (>= 2.14.0)
+  roadie-rails
+  rspec (~> 3.0)
+  rspec-rails
+  ruby-openid (~> 2.3.0)
+  sass
+  selenium-webdriver
+  simplecov (~> 0.9.1)
+  simplecov-rcov
+  slim
+  test-unit
+  thin
+  transifex-ruby-fork-jg (= 0.1.0)
+  tzinfo-data
+  yard
+
+BUNDLED WITH
+   1.11.2

integration/data/lockfile/Pipfile.lock

@@ -0,0 +1,650 @@
+{
+    "_meta": {
+        "hash": {
+            "sha256": "947e36f68d4acdd1ec855ae6f4a38c54c59773bf89725674a97dc4d5d4f512ca"
+        },
+        "pipfile-spec": 6,
+        "requires": {
+            "python_version": "3.9"
+        },
+        "sources": [
+            {
+                "name": "pypi",
+                "url": "https://pypi.org/simple",
+                "verify_ssl": true
+            }
+        ]
+    },
+    "default": {
+        "babel": {
+            "hashes": [
+                "sha256:9d35c22fcc79893c3ecc85ac4a56cde1ecf3f19c540bba0922308a6c06ca6fa5",
+                "sha256:da031ab54472314f210b0adcff1588ee5d1d1d0ba4dbd07b94dba82bde791e05"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==0.9.0"
+        },
+        "certifi": {
+            "hashes": [
+                "sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c",
+                "sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"
+            ],
+            "version": "==2020.12.5"
+        },
+        "chardet": {
+            "hashes": [
+                "sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa",
+                "sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
+            "version": "==4.0.0"
+        },
+        "click": {
+            "hashes": [
+                "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a",
+                "sha256:dacca89f4bfadd5de3d7489b7c8a566eee0d3676333fbb50030263894c38c0dc"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
+            "version": "==7.1.2"
+        },
+        "flask": {
+            "hashes": [
+                "sha256:4efa1ae2d7c9865af48986de8aeb8504bf32c7f3d6fdc9353d34b21f4b127060",
+                "sha256:8a4fdd8936eba2512e9c85df320a37e694c93945b33ef33c89946a340a238557"
+            ],
+            "index": "pypi",
+            "version": "==0.1.2"
+        },
+        "flask-talisman": {
+            "hashes": [
+                "sha256:468131464a249274ed226efc21b372518f442487e58918ccab8357eaa638fd1f",
+                "sha256:eaa754f4b771dfbe473843391d69643b79e3a38c865790011ac5e4179c68e3ec"
+            ],
+            "index": "pypi",
+            "version": "==0.7.0"
+        },
+        "gunicorn": {
+            "hashes": [
+                "sha256:1904bb2b8a43658807108d59c3f3d56c2b6121a701161de0ddf9ad140073c626",
+                "sha256:cd4a810dd51bf497552cf3f863b575dabd73d6ad6a91075b65936b151cbf4f9c"
+            ],
+            "index": "pypi",
+            "version": "==20.0.4"
+        },
+        "idna": {
+            "hashes": [
+                "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6",
+                "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==2.10"
+        },
+        "itsdangerous": {
+            "hashes": [
+                "sha256:321b033d07f2a4136d3ec762eac9f16a10ccd60f53c0c91af90217ace7ba1f19",
+                "sha256:b12271b2047cb23eeb98c8b5622e2e5c5e9abd9784a153e9d8ef9cb4dd09d749"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==1.1.0"
+        },
+        "jinja2": {
+            "hashes": [
+                "sha256:03e47ad063331dd6a3f04a43eddca8a966a26ba0c5b7207a9a9e4e08f1b29419",
+                "sha256:a6d58433de0ae800347cab1fa3043cebbabe8baa9d29e668f1c768cb87a333c6"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
+            "version": "==0.11.3"
+        },
+        "markupsafe": {
+            "hashes": [
+                "sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473",
+                "sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161",
+                "sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235",
+                "sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5",
+                "sha256:13d3144e1e340870b25e7b10b98d779608c02016d5184cfb9927a9f10c689f42",
+                "sha256:195d7d2c4fbb0ee8139a6cf67194f3973a6b3042d742ebe0a9ed36d8b6f0c07f",
+                "sha256:22c178a091fc6630d0d045bdb5992d2dfe14e3259760e713c490da5323866c39",
+                "sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff",
+                "sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b",
+                "sha256:2beec1e0de6924ea551859edb9e7679da6e4870d32cb766240ce17e0a0ba2014",
+                "sha256:3b8a6499709d29c2e2399569d96719a1b21dcd94410a586a18526b143ec8470f",
+                "sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1",
+                "sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e",
+                "sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183",
+                "sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66",
+                "sha256:596510de112c685489095da617b5bcbbac7dd6384aeebeda4df6025d0256a81b",
+                "sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1",
+                "sha256:6788b695d50a51edb699cb55e35487e430fa21f1ed838122d722e0ff0ac5ba15",
+                "sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1",
+                "sha256:6f1e273a344928347c1290119b493a1f0303c52f5a5eae5f16d74f48c15d4a85",
+                "sha256:6fffc775d90dcc9aed1b89219549b329a9250d918fd0b8fa8d93d154918422e1",
+                "sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e",
+                "sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b",
+                "sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905",
+                "sha256:7fed13866cf14bba33e7176717346713881f56d9d2bcebab207f7a036f41b850",
+                "sha256:84dee80c15f1b560d55bcfe6d47b27d070b4681c699c572af2e3c7cc90a3b8e0",
+                "sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735",
+                "sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d",
+                "sha256:98bae9582248d6cf62321dcb52aaf5d9adf0bad3b40582925ef7c7f0ed85fceb",
+                "sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e",
+                "sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d",
+                "sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c",
+                "sha256:a6a744282b7718a2a62d2ed9d993cad6f5f585605ad352c11de459f4108df0a1",
+                "sha256:acf08ac40292838b3cbbb06cfe9b2cb9ec78fce8baca31ddb87aaac2e2dc3bc2",
+                "sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21",
+                "sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2",
+                "sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5",
+                "sha256:b1dba4527182c95a0db8b6060cc98ac49b9e2f5e64320e2b56e47cb2831978c7",
+                "sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b",
+                "sha256:b7d644ddb4dbd407d31ffb699f1d140bc35478da613b441c582aeb7c43838dd8",
+                "sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6",
+                "sha256:bf5aa3cbcfdf57fa2ee9cd1822c862ef23037f5c832ad09cfea57fa846dec193",
+                "sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f",
+                "sha256:caabedc8323f1e93231b52fc32bdcde6db817623d33e100708d9a68e1f53b26b",
+                "sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f",
+                "sha256:cdb132fc825c38e1aeec2c8aa9338310d29d337bebbd7baa06889d09a60a1fa2",
+                "sha256:d53bc011414228441014aa71dbec320c66468c1030aae3a6e29778a3382d96e5",
+                "sha256:d73a845f227b0bfe8a7455ee623525ee656a9e2e749e4742706d80a6065d5e2c",
+                "sha256:d9be0ba6c527163cbed5e0857c451fcd092ce83947944d6c14bc95441203f032",
+                "sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7",
+                "sha256:e8313f01ba26fbbe36c7be1966a7b7424942f670f38e666995b88d012765b9be",
+                "sha256:feb7b34d6325451ef96bc0e36e1a6c0c1c64bc1fbec4b854f4529e51887b1621"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==1.1.1"
+        },
+        "omise": {
+            "hashes": [
+                "sha256:15d5f0ae466d6d5fda7d53f99fd92c08be86d3b4e8162ae7e75ff2246e35d57c",
+                "sha256:d4fa58da2aae4e08ece622db8b27fe24158a7ecb2d50acf90b5496d7bdd3a73f"
+            ],
+            "index": "pypi",
+            "version": "==0.11.0"
+        },
+        "py-money": {
+            "hashes": [
+                "sha256:6c0f3597022a7d16fe65273c046614b7f30dd63aa0a0765ac7044092e2959014",
+                "sha256:e2ba7fe399a2986913753735874063c5cb816941bba737db7ec1353a04321338"
+            ],
+            "index": "pypi",
+            "version": "==0.5.0"
+        },
+        "python-dotenv": {
+            "hashes": [
+                "sha256:0c8d1b80d1a1e91717ea7d526178e3882732420b03f08afea0406db6402e220e",
+                "sha256:587825ed60b1711daea4832cf37524dfd404325b7db5e25ebe88c495c9f807a0"
+            ],
+            "index": "pypi",
+            "version": "==0.15.0"
+        },
+        "pytz": {
+            "hashes": [
+                "sha256:83a4a90894bf38e243cf052c8b58f381bfe9a7a483f6a9cab140bc7f702ac4da",
+                "sha256:eb10ce3e7736052ed3623d49975ce333bcd712c7bb19a58b9e2089d4057d0798"
+            ],
+            "version": "==2021.1"
+        },
+        "requests": {
+            "hashes": [
+                "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804",
+                "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
+            "version": "==2.25.1"
+        },
+        "six": {
+            "hashes": [
+                "sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259",
+                "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==1.15.0"
+        },
+        "urllib3": {
+            "hashes": [
+                "sha256:1b465e494e3e0d8939b50680403e3aedaa2bc434b7d5af64dfd3c958d7f5ae80",
+                "sha256:de3eedaad74a2683334e282005cd8d7f22f4d55fa690a2a1020a416cb0a47e73"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'",
+            "version": "==0.26.3"
+        },
+        "werkzeug": {
+            "hashes": [
+                "sha256:2de2a5db0baeae7b2d2664949077c2ac63fbd16d98da0ff71837f7d1dea3fd43",
+                "sha256:6c80b1e5ad3665290ea39320b91e1be1e0d5f60652b964a3070216de83d2e47c"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
+            "version": "==1.0.1"
+        }
+    },
+    "develop": {
+        "appdirs": {
+            "hashes": [
+                "sha256:7d5d0167b2b1ba821647616af46a749d1c653740dd0d2415100fe26e27afdf41",
+                "sha256:a841dacd6b99318a741b166adb07e19ee71a274450e68237b4650ca1055ab128"
+            ],
+            "version": "==1.4.4"
+        },
+        "astroid": {
+            "hashes": [
+                "sha256:2f4078c2a41bf377eea06d71c9d2ba4eb8f6b1af2135bec27bbbb7d8f12bb703",
+                "sha256:bc58d83eb610252fd8de6363e39d4f1d0619c894b0ed24603b881c02e64c7386"
+            ],
+            "markers": "python_version >= '3.5'",
+            "version": "==2.4.2"
+        },
+        "attrs": {
+            "hashes": [
+                "sha256:31b2eced602aa8423c2aea9c76a724617ed67cf9513173fd3a4f03e3a929c7e6",
+                "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==20.3.0"
+        },
+        "autopep8": {
+            "hashes": [
+                "sha256:9e136c472c475f4ee4978b51a88a494bfcd4e3ed17950a44a988d9e434837bea",
+                "sha256:cae4bc0fb616408191af41d062d7ec7ef8679c7f27b068875ca3a9e2878d5443"
+            ],
+            "index": "pypi",
+            "version": "==1.5.5"
+        },
+        "black": {
+            "hashes": [
+                "sha256:1c02557aa099101b9d21496f8a914e9ed2222ef70336404eeeac8edba836fbea"
+            ],
+            "markers": "python_version >= '3.6'",
+            "version": "==20.8b1"
+        },
+        "click": {
+            "hashes": [
+                "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a",
+                "sha256:dacca89f4bfadd5de3d7489b7c8a566eee0d3676333fbb50030263894c38c0dc"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
+            "version": "==7.1.2"
+        },
+        "flake8": {
+            "hashes": [
+                "sha256:749dbbd6bfd0cf1318af27bf97a14e28e5ff548ef8e5b1566ccfb25a11e7c839",
+                "sha256:aadae8761ec651813c24be05c6f7b4680857ef6afaae4651a4eccaef97ce6c3b"
+            ],
+            "version": "==3.8.4"
+        },
+        "iniconfig": {
+            "hashes": [
+                "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3",
+                "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32"
+            ],
+            "version": "==1.1.1"
+        },
+        "isort": {
+            "hashes": [
+                "sha256:c729845434366216d320e936b8ad6f9d681aab72dc7cbc2d51bedc3582f3ad1e",
+                "sha256:fff4f0c04e1825522ce6949973e83110a6e907750cd92d128b0d14aaaadbffdc"
+            ],
+            "markers": "python_version >= '3.6' and python_version < '4.0'",
+            "version": "==5.7.0"
+        },
+        "jedi": {
+            "hashes": [
+                "sha256:86ed7d9b750603e4ba582ea8edc678657fb4007894a12bcf6f4bb97892f31d20",
+                "sha256:98cc583fa0f2f8304968199b01b6b4b94f469a1f4a74c1560506ca2a211378b5"
+            ],
+            "index": "pypi",
+            "version": "==0.17.2"
+        },
+        "lazy-object-proxy": {
+            "hashes": [
+                "sha256:0c4b206227a8097f05c4dbdd323c50edf81f15db3b8dc064d08c62d37e1a504d",
+                "sha256:194d092e6f246b906e8f70884e620e459fc54db3259e60cf69a4d66c3fda3449",
+                "sha256:1be7e4c9f96948003609aa6c974ae59830a6baecc5376c25c92d7d697e684c08",
+                "sha256:4677f594e474c91da97f489fea5b7daa17b5517190899cf213697e48d3902f5a",
+                "sha256:48dab84ebd4831077b150572aec802f303117c8cc5c871e182447281ebf3ac50",
+                "sha256:5541cada25cd173702dbd99f8e22434105456314462326f06dba3e180f203dfd",
+                "sha256:59f79fef100b09564bc2df42ea2d8d21a64fdcda64979c0fa3db7bdaabaf6239",
+                "sha256:8d859b89baf8ef7f8bc6b00aa20316483d67f0b1cbf422f5b4dc56701c8f2ffb",
+                "sha256:9254f4358b9b541e3441b007a0ea0764b9d056afdeafc1a5569eee1cc6c1b9ea",
+                "sha256:9651375199045a358eb6741df3e02a651e0330be090b3bc79f6d0de31a80ec3e",
+                "sha256:97bb5884f6f1cdce0099f86b907aa41c970c3c672ac8b9c8352789e103cf3156",
+                "sha256:9b15f3f4c0f35727d3a0fba4b770b3c4ebbb1fa907dbcc046a1d2799f3edd142",
+                "sha256:a2238e9d1bb71a56cd710611a1614d1194dc10a175c1e08d75e1a7bcc250d442",
+                "sha256:a6ae12d08c0bf9909ce12385803a543bfe99b95fe01e752536a60af2b7797c62",
+                "sha256:ca0a928a3ddbc5725be2dd1cf895ec0a254798915fb3a36af0964a0a4149e3db",
+                "sha256:cb2c7c57005a6804ab66f106ceb8482da55f5314b7fcb06551db1edae4ad1531",
+                "sha256:d74bb8693bf9cf75ac3b47a54d716bbb1a92648d5f781fc799347cfc95952383",
+                "sha256:d945239a5639b3ff35b70a88c5f2f491913eb94871780ebfabb2568bd58afc5a",
+                "sha256:eba7011090323c1dadf18b3b689845fd96a61ba0a1dfbd7f24b921398affc357",
+                "sha256:efa1909120ce98bbb3777e8b6f92237f5d5c8ea6758efea36a473e1d38f7d3e4",
+                "sha256:f3900e8a5de27447acbf900b4750b0ddfd7ec1ea7fbaf11dfa911141bc522af0"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==1.4.3"
+        },
+        "mccabe": {
+            "hashes": [
+                "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42",
+                "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f"
+            ],
+            "version": "==0.6.1"
+        },
+        "mypy": {
+            "hashes": [
+                "sha256:0d2fc8beb99cd88f2d7e20d69131353053fbecea17904ee6f0348759302c52fa",
+                "sha256:2b216eacca0ec0ee124af9429bfd858d5619a0725ee5f88057e6e076f9eb1a7b",
+                "sha256:319ee5c248a7c3f94477f92a729b7ab06bf8a6d04447ef3aa8c9ba2aa47c6dcf",
+                "sha256:3e0c159a7853e3521e3f582adb1f3eac66d0b0639d434278e2867af3a8c62653",
+                "sha256:5615785d3e2f4f03ab7697983d82c4b98af5c321614f51b8f1034eb9ebe48363",
+                "sha256:5ff616787122774f510caeb7b980542a7cc2222be3f00837a304ea85cd56e488",
+                "sha256:6f8425fecd2ba6007e526209bb985ce7f49ed0d2ac1cc1a44f243380a06a84fb",
+                "sha256:74f5aa50d0866bc6fb8e213441c41e466c86678c800700b87b012ed11c0a13e0",
+                "sha256:90b6f46dc2181d74f80617deca611925d7e63007cf416397358aa42efb593e07",
+                "sha256:947126195bfe4709c360e89b40114c6746ae248f04d379dca6f6ab677aa07641",
+                "sha256:a301da58d566aca05f8f449403c710c50a9860782148332322decf73a603280b",
+                "sha256:aa9d4901f3ee1a986a3a79fe079ffbf7f999478c281376f48faa31daaa814e86",
+                "sha256:b9150db14a48a8fa114189bfe49baccdff89da8c6639c2717750c7ae62316738",
+                "sha256:b95068a3ce3b50332c40e31a955653be245666a4bc7819d3c8898aa9fb9ea496",
+                "sha256:ca7ad5aed210841f1e77f5f2f7d725b62c78fa77519312042c719ed2ab937876",
+                "sha256:d16c54b0dffb861dc6318a8730952265876d90c5101085a4bc56913e8521ba19",
+                "sha256:e0202e37756ed09daf4b0ba64ad2c245d357659e014c3f51d8cd0681ba66940a",
+                "sha256:e1c84c65ff6d69fb42958ece5b1255394714e0aac4df5ffe151bc4fe19c7600a",
+                "sha256:e32b7b282c4ed4e378bba8b8dfa08e1cfa6f6574067ef22f86bee5b1039de0c9",
+                "sha256:e3b8432f8df19e3c11235c4563a7250666dc9aa7cdda58d21b4177b20256ca9f",
+                "sha256:e497a544391f733eca922fdcb326d19e894789cd4ff61d48b4b195776476c5cf",
+                "sha256:f5fdf935a46aa20aa937f2478480ebf4be9186e98e49cc3843af9a5795a49a25"
+            ],
+            "markers": "python_version >= '3.5'",
+            "version": "==0.800"
+        },
+        "mypy-extensions": {
+            "hashes": [
+                "sha256:090fedd75945a69ae91ce1303b5824f428daf5a028d2f6ab8a299250a846f15d",
+                "sha256:2d82818f5bb3e369420cb3c4060a7970edba416647068eb4c5343488a6c604a8"
+            ],
+            "version": "==0.4.3"
+        },
+        "packaging": {
+            "hashes": [
+                "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5",
+                "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==20.9"
+        },
+        "parso": {
+            "hashes": [
+                "sha256:97218d9159b2520ff45eb78028ba8b50d2bc61dcc062a9682666f2dc4bd331ea",
+                "sha256:caba44724b994a8a5e086460bb212abc5a8bc46951bf4a9a1210745953622eb9"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==0.7.1"
+        },
+        "pathspec": {
+            "hashes": [
+                "sha256:86379d6b86d75816baba717e64b1a3a3469deb93bb76d613c9ce79edc5cb68fd",
+                "sha256:aa0cb481c4041bf52ffa7b0d8fa6cd3e88a2ca4879c533c9153882ee2556790d"
+            ],
+            "version": "==0.8.1"
+        },
+        "pluggy": {
+            "hashes": [
+                "sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0",
+                "sha256:966c145cd83c96502c3c3868f50408687b38434af77734af1e9ca461a4081d2d"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==0.13.1"
+        },
+        "py": {
+            "hashes": [
+                "sha256:21b81bda15b66ef5e1a777a21c4dcd9c20ad3efd0b3f817e7a809035269e1bd3",
+                "sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==1.10.0"
+        },
+        "pycodestyle": {
+            "hashes": [
+                "sha256:2295e7b2f6b5bd100585ebcb1f616591b652db8a741695b3d8f5d28bdc934367",
+                "sha256:c58a7d2815e0e8d7972bf1803331fb0152f867bd89adf8a01dfd55085434192e"
+            ],
+            "version": "==2.6.0"
+        },
+        "pydocstyle": {
+            "hashes": [
+                "sha256:19b86fa8617ed916776a11cd8bc0197e5b9856d5433b777f51a3defe13075325",
+                "sha256:aca749e190a01726a4fb472dd4ef23b5c9da7b9205c0a7857c06533de13fd678"
+            ],
+            "version": "==5.1.1"
+        },
+        "pyflakes": {
+            "hashes": [
+                "sha256:0d94e0e05a19e57a99444b6ddcf9a6eb2e5c68d3ca1e98e90707af8152c90a92",
+                "sha256:35b2d75ee967ea93b55750aa9edbbf72813e06a66ba54438df2cfac9e3c27fc8"
+            ],
+            "version": "==2.2.0"
+        },
+        "pylint": {
+            "hashes": [
+                "sha256:bb4a908c9dadbc3aac18860550e870f58e1a02c9f2c204fdf5693d73be061210",
+                "sha256:bfe68f020f8a0fece830a22dd4d5dddb4ecc6137db04face4c3420a46a52239f"
+            ],
+            "version": "==2.6.0"
+        },
+        "pyls-black": {
+            "hashes": [
+                "sha256:33700e5ed605636ea7ba39188a1362d2f8602f7301f8f2b8544773886f965663",
+                "sha256:8f5fb8fed503588c10435d2d48e2c3751437f1bdb8116134b05a4591c4899940"
+            ],
+            "index": "pypi",
+            "version": "==0.4.6"
+        },
+        "pyls-isort": {
+            "hashes": [
+                "sha256:a6c292332746d3dc690f2a3dcdb9a01d913b9ee8444defe3cbffcddb7e3874eb"
+            ],
+            "index": "pypi",
+            "version": "==0.2.0"
+        },
+        "pyls-mypy": {
+            "hashes": [
+                "sha256:3fd83028961f0ca9eb3048b7a01cf42a9e3d46d8ea4935c1424c33da22c3eb03"
+            ],
+            "index": "pypi",
+            "version": "==0.1.8"
+        },
+        "pyparsing": {
+            "hashes": [
+                "sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1",
+                "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b"
+            ],
+            "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==2.4.7"
+        },
+        "pytest": {
+            "hashes": [
+                "sha256:9d1edf9e7d0b84d72ea3dbcdfd22b35fb543a5e8f2a60092dd578936bf63d7f9",
+                "sha256:b574b57423e818210672e07ca1fa90aaf194a4f63f3ab909a2c67ebb22913839"
+            ],
+            "index": "pypi",
+            "version": "==6.2.2"
+        },
+        "python-jsonrpc-server": {
+            "hashes": [
+                "sha256:62c543e541f101ec5b57dc654efc212d2c2e3ea47ff6f54b2e7dcb36ecf20595",
+                "sha256:e5a908ff182e620aac07db5f57887eeb0afe33993008f57dc1b85b594cea250c"
+            ],
+            "version": "==0.4.0"
+        },
+        "python-language-server": {
+            "extras": [
+                "all"
+            ],
+            "hashes": [
+                "sha256:9984c84a67ee2c5102c8e703215f407fcfa5e62b0ae86c9572d0ada8c4b417b0",
+                "sha256:a0ad0aca03f4a20c1c40f4f230c6773eac82c9b7cdb026cb09ba10237f4815d5"
+            ],
+            "index": "pypi",
+            "version": "==0.36.2"
+        },
+        "regex": {
+            "hashes": [
+                "sha256:02951b7dacb123d8ea6da44fe45ddd084aa6777d4b2454fa0da61d569c6fa538",
+                "sha256:0d08e71e70c0237883d0bef12cad5145b84c3705e9c6a588b2a9c7080e5af2a4",
+                "sha256:1862a9d9194fae76a7aaf0150d5f2a8ec1da89e8b55890b1786b8f88a0f619dc",
+                "sha256:1ab79fcb02b930de09c76d024d279686ec5d532eb814fd0ed1e0051eb8bd2daa",
+                "sha256:1fa7ee9c2a0e30405e21031d07d7ba8617bc590d391adfc2b7f1e8b99f46f444",
+                "sha256:262c6825b309e6485ec2493ffc7e62a13cf13fb2a8b6d212f72bd53ad34118f1",
+                "sha256:2a11a3e90bd9901d70a5b31d7dd85114755a581a5da3fc996abfefa48aee78af",
+                "sha256:2c99e97d388cd0a8d30f7c514d67887d8021541b875baf09791a3baad48bb4f8",
+                "sha256:3128e30d83f2e70b0bed9b2a34e92707d0877e460b402faca908c6667092ada9",
+                "sha256:38c8fd190db64f513fe4e1baa59fed086ae71fa45083b6936b52d34df8f86a88",
+                "sha256:3bddc701bdd1efa0d5264d2649588cbfda549b2899dc8d50417e47a82e1387ba",
+                "sha256:4902e6aa086cbb224241adbc2f06235927d5cdacffb2425c73e6570e8d862364",
+                "sha256:49cae022fa13f09be91b2c880e58e14b6da5d10639ed45ca69b85faf039f7a4e",
+                "sha256:56e01daca75eae420bce184edd8bb341c8eebb19dd3bce7266332258f9fb9dd7",
+                "sha256:5862975b45d451b6db51c2e654990c1820523a5b07100fc6903e9c86575202a0",
+                "sha256:6a8ce43923c518c24a2579fda49f093f1397dad5d18346211e46f134fc624e31",
+                "sha256:6c54ce4b5d61a7129bad5c5dc279e222afd00e721bf92f9ef09e4fae28755683",
+                "sha256:6e4b08c6f8daca7d8f07c8d24e4331ae7953333dbd09c648ed6ebd24db5a10ee",
+                "sha256:717881211f46de3ab130b58ec0908267961fadc06e44f974466d1887f865bd5b",
+                "sha256:749078d1eb89484db5f34b4012092ad14b327944ee7f1c4f74d6279a6e4d1884",
+                "sha256:7913bd25f4ab274ba37bc97ad0e21c31004224ccb02765ad984eef43e04acc6c",
+                "sha256:7a25fcbeae08f96a754b45bdc050e1fb94b95cab046bf56b016c25e9ab127b3e",
+                "sha256:83d6b356e116ca119db8e7c6fc2983289d87b27b3fac238cfe5dca529d884562",
+                "sha256:8b882a78c320478b12ff024e81dc7d43c1462aa4a3341c754ee65d857a521f85",
+                "sha256:8f6a2229e8ad946e36815f2a03386bb8353d4bde368fdf8ca5f0cb97264d3b5c",
+                "sha256:9801c4c1d9ae6a70aeb2128e5b4b68c45d4f0af0d1535500884d644fa9b768c6",
+                "sha256:a15f64ae3a027b64496a71ab1f722355e570c3fac5ba2801cafce846bf5af01d",
+                "sha256:a3d748383762e56337c39ab35c6ed4deb88df5326f97a38946ddd19028ecce6b",
+                "sha256:a63f1a07932c9686d2d416fb295ec2c01ab246e89b4d58e5fa468089cab44b70",
+                "sha256:b2b1a5ddae3677d89b686e5c625fc5547c6e492bd755b520de5332773a8af06b",
+                "sha256:b2f4007bff007c96a173e24dcda236e5e83bde4358a557f9ccf5e014439eae4b",
+                "sha256:baf378ba6151f6e272824b86a774326f692bc2ef4cc5ce8d5bc76e38c813a55f",
+                "sha256:bafb01b4688833e099d79e7efd23f99172f501a15c44f21ea2118681473fdba0",
+                "sha256:bba349276b126947b014e50ab3316c027cac1495992f10e5682dc677b3dfa0c5",
+                "sha256:c084582d4215593f2f1d28b65d2a2f3aceff8342aa85afd7be23a9cad74a0de5",
+                "sha256:d1ebb090a426db66dd80df8ca85adc4abfcbad8a7c2e9a5ec7513ede522e0a8f",
+                "sha256:d2d8ce12b7c12c87e41123997ebaf1a5767a5be3ec545f64675388970f415e2e",
+                "sha256:e32f5f3d1b1c663af7f9c4c1e72e6ffe9a78c03a31e149259f531e0fed826512",
+                "sha256:e3faaf10a0d1e8e23a9b51d1900b72e1635c2d5b0e1bea1c18022486a8e2e52d",
+                "sha256:f7d29a6fc4760300f86ae329e3b6ca28ea9c20823df123a2ea8693e967b29917",
+                "sha256:f8f295db00ef5f8bae530fc39af0b40486ca6068733fb860b42115052206466f"
+            ],
+            "version": "==2020.11.13"
+        },
+        "rope": {
+            "hashes": [
+                "sha256:786b5c38c530d4846aa68a42604f61b4e69a493390e3ca11b88df0fbfdc3ed04"
+            ],
+            "version": "==0.18.0"
+        },
+        "six": {
+            "hashes": [
+                "sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259",
+                "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==1.15.0"
+        },
+        "snowballstemmer": {
+            "hashes": [
+                "sha256:b51b447bea85f9968c13b650126a888aabd4cb4463fca868ec596826325dedc2",
+                "sha256:e997baa4f2e9139951b6f4c631bad912dfd3c792467e2f03d7239464af90e914"
+            ],
+            "version": "==2.1.0"
+        },
+        "toml": {
+            "hashes": [
+                "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b",
+                "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"
+            ],
+            "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "version": "==0.10.2"
+        },
+        "typed-ast": {
+            "hashes": [
+                "sha256:07d49388d5bf7e863f7fa2f124b1b1d89d8aa0e2f7812faff0a5658c01c59aa1",
+                "sha256:14bf1522cdee369e8f5581238edac09150c765ec1cb33615855889cf33dcb92d",
+                "sha256:240296b27397e4e37874abb1df2a608a92df85cf3e2a04d0d4d61055c8305ba6",
+                "sha256:36d829b31ab67d6fcb30e185ec996e1f72b892255a745d3a82138c97d21ed1cd",
+                "sha256:37f48d46d733d57cc70fd5f30572d11ab8ed92da6e6b28e024e4a3edfb456e37",
+                "sha256:4c790331247081ea7c632a76d5b2a265e6d325ecd3179d06e9cf8d46d90dd151",
+                "sha256:5dcfc2e264bd8a1db8b11a892bd1647154ce03eeba94b461effe68790d8b8e07",
+                "sha256:7147e2a76c75f0f64c4319886e7639e490fee87c9d25cb1d4faef1d8cf83a440",
+                "sha256:7703620125e4fb79b64aa52427ec192822e9f45d37d4b6625ab37ef403e1df70",
+                "sha256:8368f83e93c7156ccd40e49a783a6a6850ca25b556c0fa0240ed0f659d2fe496",
+                "sha256:84aa6223d71012c68d577c83f4e7db50d11d6b1399a9c779046d75e24bed74ea",
+                "sha256:85f95aa97a35bdb2f2f7d10ec5bbdac0aeb9dafdaf88e17492da0504de2e6400",
+                "sha256:8db0e856712f79c45956da0c9a40ca4246abc3485ae0d7ecc86a20f5e4c09abc",
+                "sha256:9044ef2df88d7f33692ae3f18d3be63dec69c4fb1b5a4a9ac950f9b4ba571606",
+                "sha256:963c80b583b0661918718b095e02303d8078950b26cc00b5e5ea9ababe0de1fc",
+                "sha256:987f15737aba2ab5f3928c617ccf1ce412e2e321c77ab16ca5a293e7bbffd581",
+                "sha256:9ec45db0c766f196ae629e509f059ff05fc3148f9ffd28f3cfe75d4afb485412",
+                "sha256:9fc0b3cb5d1720e7141d103cf4819aea239f7d136acf9ee4a69b047b7986175a",
+                "sha256:a2c927c49f2029291fbabd673d51a2180038f8cd5a5b2f290f78c4516be48be2",
+                "sha256:a38878a223bdd37c9709d07cd357bb79f4c760b29210e14ad0fb395294583787",
+                "sha256:b4fcdcfa302538f70929eb7b392f536a237cbe2ed9cba88e3bf5027b39f5f77f",
+                "sha256:c0c74e5579af4b977c8b932f40a5464764b2f86681327410aa028a22d2f54937",
+                "sha256:c1c876fd795b36126f773db9cbb393f19808edd2637e00fd6caba0e25f2c7b64",
+                "sha256:c9aadc4924d4b5799112837b226160428524a9a45f830e0d0f184b19e4090487",
+                "sha256:cc7b98bf58167b7f2db91a4327da24fb93368838eb84a44c472283778fc2446b",
+                "sha256:cf54cfa843f297991b7388c281cb3855d911137223c6b6d2dd82a47ae5125a41",
+                "sha256:d003156bb6a59cda9050e983441b7fa2487f7800d76bdc065566b7d728b4581a",
+                "sha256:d175297e9533d8d37437abc14e8a83cbc68af93cc9c1c59c2c292ec59a0697a3",
+                "sha256:d746a437cdbca200622385305aedd9aef68e8a645e385cc483bdc5e488f07166",
+                "sha256:e683e409e5c45d5c9082dc1daf13f6374300806240719f95dc783d1fc942af10"
+            ],
+            "markers": "python_version < '3.8' and implementation_name == 'cpython'",
+            "version": "==1.4.2"
+        },
+        "typing-extensions": {
+            "hashes": [
+                "sha256:7cb407020f00f7bfc3cb3e7881628838e69d8f3fcab2f64742a5e76b2f841918",
+                "sha256:99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c",
+                "sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f"
+            ],
+            "markers": "python_version < '3.8'",
+            "version": "==3.7.4.3"
+        },
+        "ujson": {
+            "hashes": [
+                "sha256:0190d26c0e990c17ad072ec8593647218fe1c675d11089cd3d1440175b568967",
+                "sha256:0ea07fe57f9157118ca689e7f6db72759395b99121c0ff038d2e38649c626fb1",
+                "sha256:30962467c36ff6de6161d784cd2a6aac1097f0128b522d6e9291678e34fb2b47",
+                "sha256:4d6d061563470cac889c0a9fd367013a5dbd8efc36ad01ab3e67a57e56cad720",
+                "sha256:5e1636b94c7f1f59a8ead4c8a7bab1b12cc52d4c21ababa295ffec56b445fd2a",
+                "sha256:7333e8bc45ea28c74ae26157eacaed5e5629dbada32e0103c23eb368f93af108",
+                "sha256:84b1dca0d53b0a8d58835f72ea2894e4d6cf7a5dd8f520ab4cbd698c81e49737",
+                "sha256:91396a585ba51f84dc71c8da60cdc86de6b60ba0272c389b6482020a1fac9394",
+                "sha256:a214ba5a21dad71a43c0f5aef917cd56a2d70bc974d845be211c66b6742a471c",
+                "sha256:aad6d92f4d71e37ea70e966500f1951ecd065edca3a70d3861b37b176dd6702c",
+                "sha256:b3a6dcc660220539aa718bcc9dbd6dedf2a01d19c875d1033f028f212e36d6bb",
+                "sha256:b5c70704962cf93ec6ea3271a47d952b75ae1980d6c56b8496cec2a722075939",
+                "sha256:c615a9e9e378a7383b756b7e7a73c38b22aeb8967a8bfbffd4741f7ffd043c4d",
+                "sha256:d3a87888c40b5bfcf69b4030427cd666893e826e82cc8608d1ba8b4b5e04ea99",
+                "sha256:e2cadeb0ddc98e3963bea266cc5b884e5d77d73adf807f0bda9eca64d1c509d5",
+                "sha256:e390df0dcc7897ffb98e17eae1f4c442c39c91814c298ad84d935a3c5c7a32fa",
+                "sha256:e6e90330670c78e727d6637bb5a215d3e093d8e3570d439fd4922942f88da361",
+                "sha256:eb6b25a7670c7537a5998e695fa62ff13c7f9c33faf82927adf4daa460d5f62e",
+                "sha256:f273a875c0b42c2a019c337631bc1907f6fdfbc84210cc0d1fff0e2019bbfaec",
+                "sha256:f8aded54c2bc554ce20b397f72101737dd61ee7b81c771684a7dd7805e6cca0c",
+                "sha256:fc51e545d65689c398161f07fd405104956ec27f22453de85898fa088b2cd4bb"
+            ],
+            "markers": "python_version >= '3.1'",
+            "version": "==4.0.2"
+        },
+        "wrapt": {
+            "hashes": [
+                "sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7"
+            ],
+            "version": "==1.12.1"
+        },
+        "yapf": {
+            "hashes": [
+                "sha256:3000abee4c28daebad55da6c85f3cd07b8062ce48e2e9943c8da1b9667d48427",
+                "sha256:3abf61ba67cf603069710d30acbc88cfe565d907e16ad81429ae90ce9651e0c9"
+            ],
+            "version": "==0.30.0"
+        }
+    }
+}

integration/data/lockfile/go.sum

@@ -0,0 +1,707 @@
+
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.30.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.37.4/go.mod h1:NHPJ89PdicEuT9hdPXMROBD91xc5uRDxsMtSB16k7hw=
+cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
+cloud.google.com/go v0.40.0/go.mod h1:Tk58MuI9rbLMKlAjeO/bDnteAx7tX2gJIXw4T5Jwlro=
+cloud.google.com/go v0.41.0/go.mod h1:OauMR7DV8fzvZIl2qg6rkaIhD/vmgk4iwEw/h6ercmg=
+cloud.google.com/go v0.42.0/go.mod h1:BOSR3VbTLkk6FDC/TcffxP4NF/FFBGA5ku+jvKOP7pg=
+cloud.google.com/go v0.43.0/go.mod h1:BOSR3VbTLkk6FDC/TcffxP4NF/FFBGA5ku+jvKOP7pg=
+cloud.google.com/go v0.44.0/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
+cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
+cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
+cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
+cloud.google.com/go v0.45.0/go.mod h1:452BcPOeI9AZfbvDw0Tbo7D32wA+WX9WME8AZwMEDZU=
+cloud.google.com/go/bigquery v1.0.0/go.mod h1:W6nZUO55RX1ze8f54muIveLNA7ouiqcTlNELudKtFaM=
+cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
+cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
+code.gitea.io/gitea v1.9.0-dev/go.mod h1:wWyKwhnrzHgqiqguunHKA6yzZXYsLSC7V6WvI+GlOx8=
+code.gitea.io/gitea v1.9.0-rc1/go.mod h1:WJbOBnfoAP54J4mP5ylCEKYxytCh8SMZBeSOBdcZBkw=
+code.gitea.io/gitea v1.9.0-rc2/go.mod h1:3yZ+sXUqEshMeUwfr8bB3SvttSBcstgk2zXgePfDx4Y=
+code.gitea.io/gitea v1.9.0/go.mod h1:HzXskRRacnLWs4z/B6Bt6gFpCl6cicdHM0GfZMTEmtI=
+code.gitea.io/gitea v1.9.1/go.mod h1:HzXskRRacnLWs4z/B6Bt6gFpCl6cicdHM0GfZMTEmtI=
+code.gitea.io/gitea v1.9.2/go.mod h1:HzXskRRacnLWs4z/B6Bt6gFpCl6cicdHM0GfZMTEmtI=
+code.gitea.io/gitea v1.9.3/go.mod h1:HzXskRRacnLWs4z/B6Bt6gFpCl6cicdHM0GfZMTEmtI=
+code.gitea.io/gitea v1.9.4/go.mod h1:nwqMi+nJMcJC7r+SdGt5RdDNLFkWwHZ+GpLKV13WifE=
+code.gitea.io/gitea v1.9.5/go.mod h1:nwqMi+nJMcJC7r+SdGt5RdDNLFkWwHZ+GpLKV13WifE=
+code.gitea.io/gitea v1.9.6/go.mod h1:mkxMeXN4KE+t6JLCNzKaFrM8SOOWZusNcuG3p5RI+f4=
+code.gitea.io/gitea v1.10.0-dev/go.mod h1:WJbOBnfoAP54J4mP5ylCEKYxytCh8SMZBeSOBdcZBkw=
+code.gitea.io/gitea v1.10.0-rc1/go.mod h1:Z/ysRJuQTNdT5BysAUhfPcKU7cv4X9h1qFrFN359cgw=
+code.gitea.io/gitea v1.10.0-rc2/go.mod h1:Z/ysRJuQTNdT5BysAUhfPcKU7cv4X9h1qFrFN359cgw=
+code.gitea.io/gitea v1.10.0/go.mod h1:Z/ysRJuQTNdT5BysAUhfPcKU7cv4X9h1qFrFN359cgw=
+code.gitea.io/gitea v1.10.1/go.mod h1:DIJZcrFaYaSmWR2f2eSKO6j2n1mPSD2zVO7A/tdWxbM=
+code.gitea.io/gitea v1.10.2/go.mod h1:DIJZcrFaYaSmWR2f2eSKO6j2n1mPSD2zVO7A/tdWxbM=
+code.gitea.io/gitea v1.10.3/go.mod h1:DIJZcrFaYaSmWR2f2eSKO6j2n1mPSD2zVO7A/tdWxbM=
+gitea.com/lunny/levelqueue v0.1.0/go.mod h1:G7hVb908t0Bl0uk7zGSg14fyzNtxgtD9Shf04wkMK7s=
+gitea.com/macaron/binding v0.0.0-20190822013154-a5f53841ed2b/go.mod h1:Cxadig6POWpPYYSfg23E7jo35Yf0yvsdC1lifoKWmPo=
+gitea.com/macaron/cache v0.0.0-20190822004001-a6e7fee4ee76/go.mod h1:NFHb9Of+LUnU86bU20CiXXg6ZlgCJ4XytP14UsHOXFs=
+gitea.com/macaron/captcha v0.0.0-20190822015246-daa973478bae/go.mod h1:J5h3N+1nKTXtU1x4GxexaQKgAz8UiWecNwi/CfX7CtQ=
+gitea.com/macaron/cors v0.0.0-20190821152825-7dcef4a17175/go.mod h1:rtOK4J20kpMD9XcNsnO5YA843YSTe/MUMbDj/TJ/Q7A=
+gitea.com/macaron/cors v0.0.0-20190826180238-95aec09ea8b4/go.mod h1:rtOK4J20kpMD9XcNsnO5YA843YSTe/MUMbDj/TJ/Q7A=
+gitea.com/macaron/csrf v0.0.0-20190822024205-3dc5a4474439/go.mod h1:IsQPHx73HnnqFBYiVHjg87q4XBZyGXXu77xANukvZuk=
+gitea.com/macaron/i18n v0.0.0-20190822004228-474e714e2223/go.mod h1:+qsc10s4hBsHKU/9luGGumFh4m5FFVc7uih+8/mM1NY=
+gitea.com/macaron/inject v0.0.0-20190803172902-8375ba841591/go.mod h1:h6E4kLao1Yko6DOU6QDnQPcuoNzvbZqzj2mtPcEn1aM=
+gitea.com/macaron/inject v0.0.0-20190805023432-d4c86e31027a/go.mod h1:h6E4kLao1Yko6DOU6QDnQPcuoNzvbZqzj2mtPcEn1aM=
+gitea.com/macaron/macaron v1.3.2/go.mod h1:x30d38SbJFBUEO2Mgz7loekCzr87U9UaUDNbSAOxg5k=
+gitea.com/macaron/macaron v1.3.3-0.20190803174002-53e005ff4827/go.mod h1:/rvxMjIkOq4BM8uPUb+VHuU02ZfAO6R4+wD//tiCiRw=
+gitea.com/macaron/macaron v1.3.3-0.20190821202302-9646c0587edb/go.mod h1:0coI+mSPSwbsyAbOuFllVS38awuk9mevhLD52l50Gjs=
+gitea.com/macaron/macaron v1.4.0/go.mod h1:P7hfDbQjcW22lkYkXlxdRIfWOXxH2+K4EogN4Q0UlLY=
+gitea.com/macaron/session v0.0.0-20190821211443-122c47c5f705/go.mod h1:1ujH0jD6Ca4iK9NL0Q2a7fG2chvXx5hVa7hBfABwpkA=
+gitea.com/macaron/session v0.0.0-20191207215012-613cebf0674d/go.mod h1:FanKy3WjWb5iw/iZBPk4ggoQT9FcM6bkBPvmDmsH6tY=
+gitea.com/macaron/toolbox v0.0.0-20190822013122-05ff0fc766b7/go.mod h1:kgsbFPPS4P+acDYDOPDa3N4IWWOuDJt5/INKRUz7aks=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
+github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
+github.com/OneOfOne/xxhash v1.2.5/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q=
+github.com/PuerkitoBio/goquery v0.0.0-20170324135448-ed7d758e9a34/go.mod h1:T9ezsOHcCrDCgA8aF1Cqr3sSYbO/xgdy8/R/XiIMAhA=
+github.com/PuerkitoBio/goquery v1.5.0/go.mod h1:qD2PgZ9lccMbQlc7eEOjaeRlFQON7xY8kdmcsrnKqMg=
+github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
+github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
+github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
+github.com/RoaringBitmap/roaring v0.4.7/go.mod h1:8khRDP4HmeXns4xIj9oGrKSz7XTQiJx2zgh7AcNke4w=
+github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
+github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
+github.com/Unknwon/cae v0.0.0-20160715032808-c6aac99ea2ca/go.mod h1:IRSre9/SEhVuy972TVuJLyaPTS73+8Owhe0Y0l9NXHc=
+github.com/Unknwon/com v0.0.0-20190321035513-0fed4efef755/go.mod h1:voKvFVpXBJxdIPeqjoJuLK+UVcRlo/JLjeToGxPYu68=
+github.com/Unknwon/i18n v0.0.0-20171114194641-b64d33658966/go.mod h1:SFtfq0zFPsENI7DpE87QM2hcYu5QQ0fRdCgP+P1Hrqo=
+github.com/Unknwon/paginater v0.0.0-20151104151617-7748a72e0141/go.mod h1:fw0McLecf/G5NFwddCRmDckU6yovtk1YsgWIoepMbYo=
+github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs=
+github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
+github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
+github.com/andybalholm/cascadia v0.0.0-20161224141413-349dd0209470/go.mod h1:3I+3V7B6gTBYfdpYgIG2ymALS9H+5VDKUl3lHH7ToM4=
+github.com/andybalholm/cascadia v1.0.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9PqHO0sqidkEA4Y=
+github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
+github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
+github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
+github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
+github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
+github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
+github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
+github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
+github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
+github.com/blevesearch/bleve v0.0.0-20190214220507-05d86ea8f6e3/go.mod h1:Y2lmIkzV6mcNfAnAdOd+ZxHkHchhBfU/xroGIp61wfw=
+github.com/blevesearch/blevex v0.0.0-20180227211930-4b158bb555a3/go.mod h1:WH+MU2F4T0VmSdaPX+Wu5GYoZBrYWdOZWSjzvYcDmqQ=
+github.com/blevesearch/go-porterstemmer v0.0.0-20141230013033-23a2c8e5cf1f/go.mod h1:haWQqFT3RdOGz7PJuM3or/pWNJS1pKkoZJWCkWu0DVA=
+github.com/blevesearch/segment v0.0.0-20160105220820-db70c57796cc/go.mod h1:IInt5XRvpiGE09KOk9mmCMLjHhydIhNPKPPFLFBB7L8=
+github.com/boombuler/barcode v0.0.0-20161226211916-fe0f26ff6d26/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
+github.com/bradfitz/gomemcache v0.0.0-20160117192205-fb1f79c6b65a/go.mod h1:PmM6Mmwb0LSuEubjR8N7PtNe1KxZLtOUHtbeikc5h60=
+github.com/bradfitz/gomemcache v0.0.0-20190329173943-551aad21a668/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA=
+github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA=
+github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
+github.com/chaseadamsio/goorgeous v0.0.0-20170901132237-098da33fde5f/go.mod h1:6QaC0vFoKWYDth94dHFNgRT2YkT5FHdQp/Yx15aAAi0=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
+github.com/corbym/gocrest v1.0.3/go.mod h1:maVFL5lbdS2PgfOQgGRWDYTeunSWQeiEgoNdTABShCs=
+github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
+github.com/coreos/bbolt v1.3.3/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
+github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
+github.com/coreos/etcd v3.3.15+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
+github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
+github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
+github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
+github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
+github.com/couchbase/gomemcached v0.0.0-20181122193126-5125a94a666c/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c=
+github.com/couchbase/gomemcached v0.0.0-20190515232915-c4b4ca0eb21d/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c=
+github.com/couchbase/goutils v0.0.0-20180530154633-e865a1461c8a/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
+github.com/couchbase/goutils v0.0.0-20190315194238-f9d42b11473b/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
+github.com/couchbase/goutils v0.0.0-20191018232750-b49639060d85/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
+github.com/couchbase/vellum v0.0.0-20190111184608-e91b68ff3efe/go.mod h1:prYTC8EgTu3gwbqJihkud9zRXISvyulAplQ6exdCo1g=
+github.com/couchbaselabs/go-couchbase v0.0.0-20190117181324-d904413d884d/go.mod h1:mby/05p8HE5yHEAKiIH/555NoblMs7PtW6NrYshDruc=
+github.com/couchbaselabs/go-couchbase v0.0.0-20190708161019-23e7ca2ce2b7/go.mod h1:mby/05p8HE5yHEAKiIH/555NoblMs7PtW6NrYshDruc=
+github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
+github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76/go.mod h1:vYwsqCOLxGiisLwp9rITslkFNpZD5rz43tf41QFkTWY=
+github.com/cznic/b v0.0.0-20181122101859-a26611c4d92d/go.mod h1:URriBxXwVq5ijiJ12C7iIZqlA69nTlI+LgI6/pwftG8=
+github.com/cznic/mathutil v0.0.0-20181122101859-297441e03548/go.mod h1:e6NPNENfs9mPDVNRekM7lKScauxd5kXTr1Mfyig6TDM=
+github.com/cznic/strutil v0.0.0-20181122101858-275e90344537/go.mod h1:AHHPPPXTw0h6pVabbcbyGRK1DckRn7r/STdZEeIDzZc=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/denisenkom/go-mssqldb v0.0.0-20190121005146-b04fd42d9952/go.mod h1:xN/JuLBIz4bjkxNmByTiV1IbhfnYb6oo99phBn4Eqhc=
+github.com/denisenkom/go-mssqldb v0.0.0-20190707035753-2be1aa521ff4/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM=
+github.com/denisenkom/go-mssqldb v0.0.0-20190724012636-11b2859924c1/go.mod h1:uU0N10vx1abI4qeVe79CxepBP6PPREVTgMS5Gx6/mOk=
+github.com/denisenkom/go-mssqldb v0.0.0-20190924004331-208c0a498538/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
+github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
+github.com/dgryski/go-sip13 v0.0.0-20190329191031-25c5027a8c7b/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
+github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
+github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
+github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
+github.com/edsrzf/mmap-go v0.0.0-20170320065105-0bce6a688712/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
+github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
+github.com/emirpasic/gods v1.9.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o=
+github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o=
+github.com/etcd-io/bbolt v1.3.2/go.mod h1:ZF2nL25h33cCyBtcyWeZ2/I3HQOfTP+0PIEvHjkjCrw=
+github.com/ethantkoenig/rupture v0.0.0-20180203182544-0a76f03a811a/go.mod h1:MkKY/CB98aVE4VxO63X5vTQKUgcn+3XP15LMASe3lYs=
+github.com/facebookgo/clock v0.0.0-20150410010913-600d898af40a/go.mod h1:7Ga40egUymuWXxAe151lTNnCv97MddSOVsjpPPkityA=
+github.com/facebookgo/ensure v0.0.0-20160127193407-b4ab57deab51/go.mod h1:Yg+htXGokKKdzcwhuNDwVvN+uBxDGXJ7G/VN1d8fa64=
+github.com/facebookgo/freeport v0.0.0-20150612182905-d4adf43b75b9/go.mod h1:uPmAp6Sws4L7+Q/OokbWDAK1ibXYhB3PXFP1kol5hPg=
+github.com/facebookgo/grace v0.0.0-20160926231715-5729e484473f/go.mod h1:KigFdumBXUPSwzLDbeuzyt0elrL7+CP7TKuhrhT4bcU=
+github.com/facebookgo/httpdown v0.0.0-20160323221027-a3b1354551a2/go.mod h1:TUV/fX3XrTtBQb5+ttSUJzcFgLNpILONFTKmBuk5RSw=
+github.com/facebookgo/stack v0.0.0-20160209184415-751773369052/go.mod h1:UbMTZqLaRiH3MsBH8va0n7s1pQYcu3uTb8G4tygF4Zg=
+github.com/facebookgo/stats v0.0.0-20151006221625-1b76add642e4/go.mod h1:vsJz7uE339KUCpBXx3JAJzSRH7Uk4iGGyJzR529qDIA=
+github.com/facebookgo/subset v0.0.0-20150612182917-8dac2c3c4870/go.mod h1:5tD+neXqOorC30/tWg0LCSkrqj/AR6gu8yY8/fpw1q0=
+github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
+github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
+github.com/gliderlabs/ssh v0.1.3/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
+github.com/gliderlabs/ssh v0.1.4/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
+github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
+github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q=
+github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q=
+github.com/glycerine/go-unsnap-stream v0.0.0-20180323001048-9f0cb55181dd/go.mod h1:/20jfyN9Y5QPEAprSgKAUr+glWDY39ZiUEAYOEv5dsE=
+github.com/glycerine/goconvey v0.0.0-20190315024820-982ee783a72e/go.mod h1:Ogl1Tioa0aV7gstGFO7KhffUsb9M4ydbEbbxpcEDc24=
+github.com/go-gitea/gitea v1.2.3 h1:L0SC8kIr3+UnxNAte9M9bmdQ8Bdrc6I5b4Zuz/T+NCw=
+github.com/go-gitea/gitea v1.2.3/go.mod h1:g8iUbfFNyuJp8u7GsSggxI8NQyuxeGTyqxogl3imbQM=
+github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
+github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
+github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
+github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
+github.com/go-macaron/binding v0.0.0-20160711225916-9440f336b443/go.mod h1:u+H6rwW+HQwUL+w5uaEJSpIlVZDye1o9MB4Su0JfRfM=
+github.com/go-macaron/cache v0.0.0-20151013081102-561735312776/go.mod h1:hHAsZm/oBZVcY+S7qdQL6Vbg5VrXF6RuKGuqsszt3Ok=
+github.com/go-macaron/captcha v0.0.0-20151123225153-8aa5919789ab/go.mod h1:j9TJ+0nwUOWBvNnm0bheHIPFf3cC62EQo7n7O6PbjZA=
+github.com/go-macaron/captcha v0.0.0-20190710000913-8dc5911259df/go.mod h1:j9TJ+0nwUOWBvNnm0bheHIPFf3cC62EQo7n7O6PbjZA=
+github.com/go-macaron/cors v0.0.0-20190418220122-6fd6a9bfe14e/go.mod h1:utmMRnVIrXPSfA9MFcpIYKEpKawjKxf62vv62k4707E=
+github.com/go-macaron/inject v0.0.0-20160627170012-d8a0b8677191/go.mod h1:VFI2o2q9kYsC4o7VP1HrEVosiZZTd+MVT3YZx4gqvJw=
+github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI=
+github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
+github.com/go-openapi/analysis v0.17.2/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
+github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
+github.com/go-openapi/analysis v0.19.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
+github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk=
+github.com/go-openapi/analysis v0.19.3/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk=
+github.com/go-openapi/analysis v0.19.4/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk=
+github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU=
+github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0=
+github.com/go-openapi/errors v0.17.2/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0=
+github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0=
+github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94=
+github.com/go-openapi/inflect v0.19.0/go.mod h1:lHpZVlpIQqLyKwJ4N+YSc9hchQy/i12fJykb83CRBH4=
+github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M=
+github.com/go-openapi/jsonpointer v0.17.2/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M=
+github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M=
+github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg=
+github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
+github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I=
+github.com/go-openapi/jsonreference v0.17.2/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I=
+github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I=
+github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc=
+github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8=
+github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
+github.com/go-openapi/loads v0.17.2/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
+github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
+github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU=
+github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs=
+github.com/go-openapi/loads v0.19.3/go.mod h1:YVfqhUCdahYwR3f3iiwQLhicVRvLlU/WO5WPaZvcvSI=
+github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA=
+github.com/go-openapi/runtime v0.18.0/go.mod h1:uI6pHuxWYTy94zZxgcwJkUWa9wbIlhteGfloI10GD4U=
+github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64=
+github.com/go-openapi/runtime v0.19.2/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4=
+github.com/go-openapi/runtime v0.19.3/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4=
+github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4=
+github.com/go-openapi/runtime v0.19.5/go.mod h1:WIH6IYPXOrtgTClTV8xzdrD20jBlrK25D0aQbdSlqp8=
+github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI=
+github.com/go-openapi/spec v0.17.2/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI=
+github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI=
+github.com/go-openapi/spec v0.19.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI=
+github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY=
+github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo=
+github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU=
+github.com/go-openapi/strfmt v0.17.2/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU=
+github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU=
+github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY=
+github.com/go-openapi/strfmt v0.19.2/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU=
+github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU=
+github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg=
+github.com/go-openapi/swag v0.17.2/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg=
+github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg=
+github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
+github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
+github.com/go-openapi/validate v0.17.2/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4=
+github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4=
+github.com/go-openapi/validate v0.19.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4=
+github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA=
+github.com/go-openapi/validate v0.19.3/go.mod h1:90Vh6jjkTn+OT1Eefm0ZixWNFjhtOH7vS9k0lo6zwJo=
+github.com/go-redis/redis v6.15.2+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
+github.com/go-redis/redis v6.15.7+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
+github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
+github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/go-swagger/go-swagger v0.19.0/go.mod h1:fOcXeMI1KPNv3uk4u7cR4VSyq0NyrYx4SS1/ajuTWDg=
+github.com/go-swagger/go-swagger v0.20.0/go.mod h1:ylaOr/j+CVsLUsIEhQA49ewFKvVwVSQqVCdDdALNcCw=
+github.com/go-swagger/go-swagger v0.20.1/go.mod h1:LoTpv6FHYXUvYnECHNLvi/qYNybk0d9wkJGH1cTANWE=
+github.com/go-swagger/scan-repo-boundary v0.0.0-20180623220736-973b3573c013/go.mod h1:b65mBPzqzZWxOZGxSWrqs4GInLIn+u99Q9q7p+GKni0=
+github.com/go-xorm/builder v0.3.3/go.mod h1:v8mE3MFBgtL+RGFNfUnAMUqqfk/Y4W5KuwCFQIEpQLk=
+github.com/go-xorm/core v0.6.2/go.mod h1:bwPIfLdm/FzWgVUH8WPVlr+uJhscvNGFcaZKXsI3n2c=
+github.com/go-xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:56xuuqnHyryaerycW3BfssRdxQstACi0Epw/yC5E2xM=
+github.com/go-xorm/xorm v0.7.3/go.mod h1:npNkX0GgFcODSSKHj7nhJPobHwa5E7usBBZUFaxCsXA=
+github.com/go-xorm/xorm v0.7.4/go.mod h1:vpza5fydeRgt+stvo9qgMhSNohYqmNt0I1/D6hkCekA=
+github.com/go-xorm/xorm v0.7.5/go.mod h1:nqz2TAsuOHWH2yk4FYWtacCGgdbrcdZ5mF1XadqEHls=
+github.com/go-xorm/xorm v0.7.6/go.mod h1:nqz2TAsuOHWH2yk4FYWtacCGgdbrcdZ5mF1XadqEHls=
+github.com/go-xorm/xorm v0.7.7/go.mod h1:BS8F0smoUxtyUqKnAtvoQecDRNs8SruHci62u9lRAJQ=
+github.com/go-xorm/xorm v0.7.8/go.mod h1:XiVxrMMIhFkwSkh96BW7PACl7UhLtx2iJIHMdmjh5sQ=
+github.com/go-xorm/xorm v0.7.9/go.mod h1:XiVxrMMIhFkwSkh96BW7PACl7UhLtx2iJIHMdmjh5sQ=
+github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
+github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
+github.com/gogits/chardet v0.0.0-20150115103509-2404f7772561/go.mod h1:YgYOrVn3Nj9Tq0EvjmFbphRytDj7JNRoWSStJZWDJTQ=
+github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
+github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
+github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
+github.com/gogs/cron v0.0.0-20171120032916-9f6c956d3e14/go.mod h1:jPoNZLWDAqA5N3G5amEoiNbhVrmM+ZQEcnQvNQ2KaZk=
+github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
+github.com/google/go-github/v24 v24.0.1/go.mod h1:CRqaW1Uns1TCkP0wqTpxYyRxRjxwvKU/XSS44u6X74M=
+github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
+github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/pprof v0.0.0-20190723021845-34ac40c74b70/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.1.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
+github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
+github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gopherjs/gopherjs v0.0.0-20190430165422-3e4dfb77656c/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gophish/gophish v0.1.2 h1:OWsIzbGf+JbkCNOokbY1sS+nkArDs+9G9kPzRBJz4c4=
+github.com/gophish/gophish v0.1.2/go.mod h1:3nVgumCxriDReEVZ47/9PK5JtN43TcCE9TXt++zFJe8=
+github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
+github.com/gorilla/handlers v1.4.2/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ=
+github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
+github.com/gorilla/pat v0.0.0-20180118222023-199c85a7f6d1/go.mod h1:YeAe0gNeiNT5hoiZRI4yiOky6jVdNvfO2N6Kav/HmxY=
+github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
+github.com/gorilla/sessions v1.1.1/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w=
+github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
+github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
+github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
+github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
+github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
+github.com/grpc-ecosystem/grpc-gateway v1.9.6/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
+github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
+github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
+github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/issue9/assert v1.3.2/go.mod h1:9Ger+iz8X7r1zMYYwEhh++2wMGWcNN2oVI+zIQXxcio=
+github.com/issue9/identicon v0.0.0-20160320065130-d36b54562f4c/go.mod h1:5mTb/PQNkqmq2x3IxlQZE0aSnTksJg7fg/oWmJ5SKXQ=
+github.com/jackc/fake v0.0.0-20150926172116-812a484cc733/go.mod h1:WrMFNQdiFJ80sQsxDoMokWK1W5TQtxBFNpzWTD84ibQ=
+github.com/jackc/pgx v3.3.0+incompatible/go.mod h1:0ZGrqGqkRlliWnWB4zKnWtjbSWbGkVEFm4TeybAXq+I=
+github.com/jackc/pgx v3.6.0+incompatible/go.mod h1:0ZGrqGqkRlliWnWB4zKnWtjbSWbGkVEFm4TeybAXq+I=
+github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da/go.mod h1:ks+b9deReOc7jgqp+e7LuFiCBH6Rm5hL32cLcEAArb4=
+github.com/jaytaylor/html2text v0.0.0-20160923191438-8fb95d837f7d/go.mod h1:CVKlgaMiht+LXvHG173ujK6JUhZXKb2u/BQtjPDIvyk=
+github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
+github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
+github.com/jmhodges/levigo v1.0.0/go.mod h1:Q6Qx+uH3RAqyK4rFQroq9RL7mdkABMcfhEI+nNuzMJQ=
+github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
+github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
+github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
+github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
+github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
+github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
+github.com/kballard/go-shellquote v0.0.0-20170619183022-cd60e84ee657/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
+github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
+github.com/kevinburke/ssh_config v0.0.0-20180830205328-81db2a75821e/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
+github.com/kevinburke/ssh_config v0.0.0-20190724205821-6cfae18c12b8/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
+github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
+github.com/keybase/go-crypto v0.0.0-20170605145657-00ac4db533f6/go.mod h1:ghbZscTyKdM07+Fw3KSi0hcJm+AlEUWj8QLlPtijN/M=
+github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
+github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/klauspost/compress v0.0.0-20161025140425-8df558b6cb6f/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
+github.com/klauspost/cpuid v0.0.0-20160302075316-09cded8978dc/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
+github.com/klauspost/crc32 v0.0.0-20161016154125-cb6bfca970f6/go.mod h1:+ZoRqAPRLkC4NPOvfYeR5KNOrY6TD+/sAC3HXPZgDYg=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA=
+github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/lafriks/xormstore v1.0.0/go.mod h1:dD8vHNRfEp3Uy+JvX9cMi2SXcRKJ0x4pYKsZuy843Ic=
+github.com/lafriks/xormstore v1.1.0/go.mod h1:wqtf8B94a8EtE463Ka1MaUT9ZDRl8FICA0nr65xr2wM=
+github.com/lafriks/xormstore v1.2.0/go.mod h1:g47/cl3RfWykO5c4nw/Io3N0R+JuDqiD2YY7NzfWDoU=
+github.com/lafriks/xormstore v1.3.0/go.mod h1:RAhtOztWBjK9xeZpXwKq59rhUxoRgo1zfYl0H1mtK7A=
+github.com/lafriks/xormstore v1.3.1/go.mod h1:qALRD4Vto2Ic7/A5eplMpu5V62mugtSqFysRwz8FETs=
+github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96/go.mod h1:mmIfjCSQlGYXmJ95jFN84AkQFnVABtKuJL8IrzwvUKQ=
+github.com/lunny/log v0.0.0-20160921050905-7887c61bf0de/go.mod h1:3q8WtuPQsoRbatJuy3nvq/hRSvuBJrHHr+ybPPiNvHQ=
+github.com/lunny/nodb v0.0.0-20160621015157-fc1ef06ad4af/go.mod h1:Cqz6pqow14VObJ7peltM+2n3PWOz7yTrfUuGbVFkzN0=
+github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
+github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
+github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs=
+github.com/markbates/going v1.0.0/go.mod h1:I6mnB4BPnEeqo85ynXIx1ZFLLbtiLHNXVgWeFO9OGOA=
+github.com/markbates/goth v1.56.0/go.mod h1:zZmAw0Es0Dpm7TT/4AdN14QrkiWLMrrU9Xei1o+/mdA=
+github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/mattn/go-oci8 v0.0.0-20190320171441-14ba190cf52d/go.mod h1:/M9VLO+lUPmxvoOK2PfWRZ8mTtB4q1Hy9lEGijv9Nr8=
+github.com/mattn/go-sqlite3 v1.10.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
+github.com/mattn/go-sqlite3 v1.11.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
+github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
+github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
+github.com/mcuadros/go-version v0.0.0-20190308113854-92cdf37c5b75/go.mod h1:76rfSfYPWj01Z85hUf/ituArm797mNKcvINh1OlsZKo=
+github.com/mcuadros/go-version v0.0.0-20190830083331-035f6764e8d2/go.mod h1:76rfSfYPWj01Z85hUf/ituArm797mNKcvINh1OlsZKo=
+github.com/microcosm-cc/bluemonday v0.0.0-20161012083705-f77f16ffc87a/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
+github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/mrjones/oauth v0.0.0-20180629183705-f4e24b6d100c/go.mod h1:skjdDftzkFALcuGzYSklqYd8gvat6F1gZJ4YPVbkZpM=
+github.com/mschoch/smat v0.0.0-20160514031455-90eadee771ae/go.mod h1:qAyveg+e4CE+eKJXWVjKXM4ck2QobLqTDytGJbLLhJg=
+github.com/msteinert/pam v0.0.0-20151204160544-02ccfbfaf0cc/go.mod h1:np1wUFZ6tyoke22qDJZY40URn9Ae51gX7ljIWXN5TJs=
+github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
+github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
+github.com/nfnt/resize v0.0.0-20160724205520-891127d8d1b5/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8=
+github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
+github.com/oliamb/cutter v0.2.2/go.mod h1:4BenG2/4GuRBDbVm/OPahDVqbrOemzpPiG5mi1iryBU=
+github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
+github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
+github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw=
+github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
+github.com/pelletier/go-buffruneio v0.2.0/go.mod h1:JkE26KsDizTr40EUHkXVtNPvgGtbSNq5BcowyYOWdKo=
+github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
+github.com/pelletier/go-toml v1.4.0/go.mod h1:PN7xzY2wHTK0K9p34ErDQMlFxa51Fk0OUruD3k1mMwo=
+github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
+github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
+github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA=
+github.com/pquerna/otp v0.0.0-20160912161815-54653902c20e/go.mod h1:Zad1CMQfSQZI5KLpahDiSUX4tMMREnXw98IvL1nhgMk=
+github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
+github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
+github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
+github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
+github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g=
+github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
+github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
+github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
+github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
+github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc=
+github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
+github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
+github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
+github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
+github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
+github.com/prometheus/procfs v0.0.4/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
+github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
+github.com/prometheus/tsdb v0.10.0/go.mod h1:oi49uRhEe9dPUTlS3JRZOwJuVi6tmh10QSgwXEyGCt4=
+github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
+github.com/remyoudompheng/bigfft v0.0.0-20190321074620-2f0d2b0e0001/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
+github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
+github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/russross/blackfriday v0.0.0-20180428102519-11635eb403ff/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
+github.com/saintfish/chardet v0.0.0-20120816061221-3af4cd4741ca/go.mod h1:uugorj2VCxiV1x+LzaIdVa9b4S4qGAcH6cbhh4qVxOU=
+github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
+github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
+github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
+github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
+github.com/shurcooL/httpfs v0.0.0-20190527155220-6a4d4a70508b/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg=
+github.com/shurcooL/sanitized_anchor_name v0.0.0-20160918041101-1dba4b3954bc/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
+github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
+github.com/shurcooL/vfsgen v0.0.0-20181202132449-6a9ea43bcacd/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw=
+github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726/go.mod h1:3yhqj7WBBfRhbBlzyOC3gUxftwsU0u8gqevxwIHQpMw=
+github.com/siddontang/go-snappy v0.0.0-20140704025258-d8f7bb82a96d/go.mod h1:vq0tzqLRu6TS7Id0wMo2N5QzJoKedVeovOpHjnykSzY=
+github.com/siddontang/ledisdb v0.0.0-20190202134119-8ceb77e66a92/go.mod h1:mF1DpOSOUiJRMR+FDqaqu3EBqrybQtrDDszLUZ6oxPg=
+github.com/siddontang/rdb v0.0.0-20150307021120-fc89ed2e418d/go.mod h1:AMEsy7v5z92TR1JKMkLLoaOQk++LVnOKL3ScbJ8GNGA=
+github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
+github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
+github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
+github.com/smartystreets/assertions v1.0.1/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM=
+github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s=
+github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
+github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
+github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
+github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
+github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
+github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
+github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
+github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
+github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo=
+github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
+github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI=
+github.com/steveyen/gtreap v0.0.0-20150807155958-0abe01ef9be2/go.mod h1:mjqs7N0Q6m5HpR7QfXVBZXZWSqTjQLeTujjA/xUp2uw=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/syndtr/goleveldb v0.0.0-20190203031304-2f17a3356c66/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
+github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
+github.com/tecbot/gorocksdb v0.0.0-20181010114359-8752a9433481/go.mod h1:ahpPrc7HpcfEWDQRZEmnXMzHY03mLDYMCxeDzy46i+8=
+github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
+github.com/tinylib/msgp v0.0.0-20180516164116-c8cf64dff200/go.mod h1:+d+yLhGm8mzTaHzB+wgMYrodPfmZrzkirds8fDWklFE=
+github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
+github.com/toqueteos/webbrowser v1.2.0/go.mod h1:XWoZq4cyp9WeUeak7w7LXRUQf1F1ATJMir8RTqb4ayM=
+github.com/tstranex/u2f v1.0.0/go.mod h1:eahSLaqAS0zsIEv80+vXT7WanXs7MQQDg3j3wGBSayo=
+github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
+github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
+github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=
+github.com/unknwon/cae v0.0.0-20190822084630-55a0b64484a1/go.mod h1:QaSeRctcea9fK6piJpAMCCPKxzJ01+xFcr2k1m3WRPU=
+github.com/unknwon/cae v1.0.0/go.mod h1:QaSeRctcea9fK6piJpAMCCPKxzJ01+xFcr2k1m3WRPU=
+github.com/unknwon/com v0.0.0-20181010210213-41959bdd855f/go.mod h1:7l5Mh6tAHnDUu0AqU0g7Sm0dgGkYZLRGxJqMYXXBlok=
+github.com/unknwon/com v0.0.0-20190804042917-757f69c95f3e/go.mod h1:tOOxU81rwgoCLoOVVPHb6T/wt8HZygqH5id+GNnlCXM=
+github.com/unknwon/com v1.0.1/go.mod h1:tOOxU81rwgoCLoOVVPHb6T/wt8HZygqH5id+GNnlCXM=
+github.com/unknwon/i18n v0.0.0-20190805065654-5c6446a380b6/go.mod h1:+5rDk6sDGpl3azws3O+f+GpFSyN9GVr0K8cvQLQM2ZQ=
+github.com/unknwon/paginater v0.0.0-20151104151617-7748a72e0141/go.mod h1:TBwoao3Q4Eb/cp+dHbXDfRTrZSsj/k7kLr2j1oWRWC0=
+github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
+github.com/willf/bitset v0.0.0-20180426185212-8ce1146b8621/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
+github.com/xanzy/ssh-agent v0.2.0/go.mod h1:0NyE30eGUDliuLEHJgYte/zncp2zdTStcOnWhgSqHD8=
+github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4=
+github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
+github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
+github.com/yohcop/openid-go v0.0.0-20160914080427-2c050d2dae53/go.mod h1:f6elajwZV+xceiaqgRL090YzLEDGSbqr3poGL3ZgXYo=
+github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0=
+go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
+go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
+go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
+go.mongodb.org/mongo-driver v1.1.0/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
+go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
+go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
+go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
+go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
+go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
+go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+golang.org/x/crypto v0.0.0-20180820150726-614d502a4dac/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20190122013713-64072686203f/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190927123631-a832865fa7ad/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20191119213627-4f8c1d86b1ba h1:9bFeDpN3gTqNanMVqNcoR/pJQuP5uroC3t1D7eXozTE=
+golang.org/x/crypto v0.0.0-20191119213627-4f8c1d86b1ba/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
+golang.org/x/exp v0.0.0-20190731235908-ec7cb31e5a56/go.mod h1:JhuoJpWY28nO4Vef9tZUw9qufEGTyX1+7lmHxV5q5G4=
+golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
+golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
+golang.org/x/mobile v0.0.0-20190814143026-e8b3e6111d02/go.mod h1:z5wpDCy2wbnXyFdvEuY3LhY9gBUL86/IOILm+Hsjx+E=
+golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
+golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
+golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190909003024-a7b16738d86b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/oauth2 v0.0.0-20180620175406-ef147856a6dd/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180824143301-4910a1d54f87/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180903190138-2b024373dcd9/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190730183949-1393eb018365/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190910064555-bbd175535a8b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190624190245-7f2218787638/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190729092621-ff9f1409240a/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
+golang.org/x/tools v0.0.0-20190808195139-e713427fea3f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20190820033707-85edb9ef3283/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20190910221609-7f5965fd7709/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
+google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
+google.golang.org/api v0.6.0/go.mod h1:btoxGiFvQNVUZQ8W08zLtrVS08CNpINPEfxXxgJL1Q4=
+google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
+google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
+google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.6.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
+google.golang.org/appengine v1.6.2/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
+google.golang.org/appengine v1.6.3/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
+google.golang.org/appengine v1.6.4/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190404172233-64821d5d2107/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s=
+google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
+google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
+google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
+gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk=
+gopkg.in/asn1-ber.v1 v1.0.0-20150924051756-4e86f4367175/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/editorconfig/editorconfig-core-go.v1 v1.3.0/go.mod h1:s2mQFI9McjArkyCwyEwU//+luQENTnD/Lfb/7Sj3/kQ=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw=
+gopkg.in/ini.v1 v1.44.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/ini.v1 v1.44.2/go.mod h1:M3Cogqpuv0QCi3ExAY5V4uOt4qb/R3xZubo9m8lK5wg=
+gopkg.in/ini.v1 v1.46.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/ini.v1 v1.55.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/ldap.v3 v3.0.2/go.mod h1:oxD7NyBuxchC+SgJDE1Q5Od05eGt29SDQVBmV+HYbzw=
+gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
+gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
+gopkg.in/src-d/go-billy.v4 v4.2.1/go.mod h1:tm33zBoOwxjYHZIE+OV8bxTWFMJLrconzFMd38aARFk=
+gopkg.in/src-d/go-billy.v4 v4.3.2/go.mod h1:nDjArDMp+XMs1aFAESLRjfGSgfvoYN0hDfzEk0GjC98=
+gopkg.in/src-d/go-git-fixtures.v3 v3.1.1/go.mod h1:dLBcvytrw/TYZsNTWCnkNF2DSIlzWYqTe3rJR56Ac7g=
+gopkg.in/src-d/go-git-fixtures.v3 v3.5.0/go.mod h1:dLBcvytrw/TYZsNTWCnkNF2DSIlzWYqTe3rJR56Ac7g=
+gopkg.in/src-d/go-git.v4 v4.11.0/go.mod h1:Vtut8izDyrM8BUVQnzJ+YvmNcem2J89EmfZYCkLokZk=
+gopkg.in/src-d/go-git.v4 v4.12.0/go.mod h1:zjlNnzc1Wjn43v3Mtii7RVxiReNP0fIu9npcXKzuNp4=
+gopkg.in/src-d/go-git.v4 v4.13.0/go.mod h1:nx5NYcxdKxq5fpltdHnPa2Exj4Sx0EclMWZQbYDu2z8=
+gopkg.in/src-d/go-git.v4 v4.13.1/go.mod h1:nx5NYcxdKxq5fpltdHnPa2Exj4Sx0EclMWZQbYDu2z8=
+gopkg.in/stretchr/testify.v1 v1.2.2/go.mod h1:QI5V/q6UbPmuhtm10CaFZxED9NreB8PnFYN9JcR6TxU=
+gopkg.in/testfixtures.v2 v2.5.0/go.mod h1:vyAq+MYCgNpR29qitQdLZhdbLFf4mR/2MFJRFoQZZ2M=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
+gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
+gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+honnef.co/go/tools v0.0.0-2019.2/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+honnef.co/go/tools v0.0.0-2019.2.1/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.1-2019.2.2/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+mvdan.cc/xurls/v2 v2.1.0/go.mod h1:5GrSd9rOnKOpZaji1OZLYL/yeAAtGDlo/cFe+8K5n8E=
+rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
+strk.kbt.io/projects/go/libravatar v0.0.0-20191008002943-06d1c002b251/go.mod h1:FJGmPh3vz9jSos1L/F91iAgnC/aejc0wIIrF2ZwJxdY=
+xorm.io/builder v0.3.6/go.mod h1:LEFAPISnRzG+zxaxj2vPicRwz67BdhFreKg8yv8/TgU=
+xorm.io/core v0.7.2-0.20190928055935-90aeac8d08eb/go.mod h1:jJfd0UAEzZ4t87nbQYtVjmqpIODugN6PD2D9E+dJvdM=
+xorm.io/core v0.7.2/go.mod h1:jJfd0UAEzZ4t87nbQYtVjmqpIODugN6PD2D9E+dJvdM=