Fix trivy parser test (#1014 )

* fix trivy parser test * fixed parser data
bump up version
2020-06-24 17:14:43 +09:00 · 2020-06-24 10:57:39 +09:00 · 2020-06-24 10:46:00 +09:00 · 2020-06-19 16:07:14 +09:00 · 2020-06-17 12:21:26 +09:00 · 2020-06-17 12:15:12 +09:00
23 changed files with 470 additions and 444 deletions
--- a/2
+++ b/2
@@ -11,7 +11,7 @@ COPY . $GOPATH/src/$REPOSITORY
 RUN cd $GOPATH/src/$REPOSITORY && make install


-FROM alpine:3.7
+FROM alpine:3.11

 MAINTAINER hikachan sadayuki-matsuno

--- a/commands/configtest.go
+++ b/commands/configtest.go
@@ -36,7 +36,7 @@ func (*ConfigtestCmd) Usage() string {
 			[-log-dir=/path/to/log]
 			[-ask-key-password]
 			[-timeout=300]
-			[-ssh-external]
+			[-ssh-config]
 			[-containers-only]
 			[-http-proxy=http://192.168.0.1:8080]
 			[-debug]
@@ -69,7 +69,7 @@ func (p *ConfigtestCmd) SetFlags(f *flag.FlagSet) {
 		"Use Native Go implementation of SSH. Default: Use the external command")

 	f.BoolVar(&c.Conf.SSHConfig, "ssh-config", false,
-		"Use SSH options specified in ssh_config preferentially")
+		"[Deprecated] Use SSH options specified in ssh_config preferentially")

 	f.BoolVar(&c.Conf.ContainersOnly, "containers-only", false,
 		"Test containers only. Default: Test both of hosts and containers")
@@ -108,6 +108,16 @@ func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interfa
 		return subcommands.ExitUsageError
 	}

+	if c.Conf.SSHConfig {
+		msg := []string{
+			"-ssh-config is deprecated",
+			"If you update Vuls and get this error, there may be incompatible changes in config.toml",
+			"Please check config.toml template : https://vuls.io/docs/en/usage-settings.html",
+		}
+		util.Log.Errorf("%s", strings.Join(msg, "\n"))
+		return subcommands.ExitUsageError
+	}
+
 	var servernames []string
 	if 0 < len(f.Args()) {
 		servernames = f.Args()
--- a/commands/discover.go
+++ b/commands/discover.go
@@ -187,6 +187,7 @@ sqlite3Path = "/path/to/go-exploitdb.sqlite3"
 host                = "{{$ip}}"
 #port               = "22"
 #user               = "root"
+#sshConfigPath		= "/home/username/.ssh/config"
 #keyPath            = "/home/username/.ssh/id_rsa"
 #scanMode           = ["fast", "fast-root", "deep", "offline"]
 #type               = "pseudo"
--- a/commands/scan.go
+++ b/commands/scan.go
@@ -80,7 +80,7 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
 		"Use Native Go implementation of SSH. Default: Use the external command")

 	f.BoolVar(&c.Conf.SSHConfig, "ssh-config", false,
-		"Use SSH options specified in ssh_config preferentially")
+		"[Deprecated] Use SSH options specified in ssh_config preferentially")

 	f.BoolVar(&c.Conf.ContainersOnly, "containers-only", false,
 		"Scan running containers only. Default: Scan both of hosts and running containers")
@@ -146,6 +146,16 @@ func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{})
 		return subcommands.ExitUsageError
 	}

+	if c.Conf.SSHConfig {
+		msg := []string{
+			"-ssh-config is deprecated",
+			"If you update Vuls and get this error, there may be incompatible changes in config.toml",
+			"Please check config.toml template : https://vuls.io/docs/en/usage-settings.html",
+		}
+		util.Log.Errorf("%s", strings.Join(msg, "\n"))
+		return subcommands.ExitUsageError
+	}
+
 	util.Log.Info("Start scanning")
 	util.Log.Infof("config: %s", p.configPath)

--- a/config/config.go
+++ b/config/config.go
@@ -16,7 +16,7 @@ import (
 )

 // Version of Vuls
-var Version = "0.9.6"
+var Version = "0.9.9"

 // Revision of Git
 var Revision string
@@ -1035,7 +1035,9 @@ type ServerInfo struct {
 	ServerName             string                      `toml:"-" json:"serverName,omitempty"`
 	User                   string                      `toml:"user,omitempty" json:"user,omitempty"`
 	Host                   string                      `toml:"host,omitempty" json:"host,omitempty"`
+	JumpServer             []string                    `toml:"jumpServer,omitempty" json:"jumpServer,omitempty"`
 	Port                   string                      `toml:"port,omitempty" json:"port,omitempty"`
+	SSHConfigPath          string                      `toml:"sshConfigPath,omitempty" json:"sshConfigPath,omitempty"`
 	KeyPath                string                      `toml:"keyPath,omitempty" json:"keyPath,omitempty"`
 	KeyPassword            string                      `json:"-,omitempty" toml:"-"`
 	CpeNames               []string                    `toml:"cpeNames,omitempty" json:"cpeNames,omitempty"`
--- a/config/tomlloader.go
+++ b/config/tomlloader.go
@@ -57,6 +57,11 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
 				return xerrors.Errorf("%s is invalid. host is empty", serverName)
 			}

+			s.JumpServer = v.JumpServer
+			if len(s.JumpServer) == 0 {
+				s.JumpServer = d.JumpServer
+			}
+
 			switch {
 			case v.Port != "":
 				s.Port = v.Port
@@ -77,6 +82,11 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
 				}
 			}

+			s.SSHConfigPath = v.SSHConfigPath
+			if len(s.SSHConfigPath) == 0 {
+				s.SSHConfigPath = d.SSHConfigPath
+			}
+
 			s.KeyPath = v.KeyPath
 			if len(s.KeyPath) == 0 {
 				s.KeyPath = d.KeyPath
--- a/contrib/trivy/cmd/main.go
+++ b/contrib/trivy/cmd/main.go
@@ -72,7 +72,7 @@ func main() {
 	var rootCmd = &cobra.Command{Use: "trivy-to-vuls"}
 	rootCmd.AddCommand(cmdTrivyToVuls)
 	if err = rootCmd.Execute(); err != nil {
-		os.Exit(1)
 		fmt.Println("Failed to execute command", err)
+		os.Exit(1)
 	}
 }
--- a/contrib/trivy/parser/parser.go
+++ b/contrib/trivy/parser/parser.go
@@ -45,13 +45,6 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 				notFixedYet = true
 				fixState = "Affected"
 			}
-			vulnInfo.AffectedPackages = append(vulnInfo.AffectedPackages, models.PackageFixStatus{
-				Name:        vuln.PkgName,
-				NotFixedYet: notFixedYet,
-				FixState:    fixState,
-				FixedIn:     vuln.FixedVersion,
-			})
-
 			var references models.References
 			for _, reference := range vuln.References {
 				references = append(references, models.Reference{
@@ -78,6 +71,13 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 					Name:    vuln.PkgName,
 					Version: vuln.InstalledVersion,
 				}
+				vulnInfo.AffectedPackages = append(vulnInfo.AffectedPackages, models.PackageFixStatus{
+					Name:        vuln.PkgName,
+					NotFixedYet: notFixedYet,
+					FixState:    fixState,
+					FixedIn:     vuln.FixedVersion,
+				})
+
 				// overwrite every time if os package
 				scanResult.Family = trivyResult.Type
 				scanResult.ServerName = trivyResult.Target
@@ -92,6 +92,7 @@ func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanR
 				vulnInfo.LibraryFixedIns = append(vulnInfo.LibraryFixedIns, models.LibraryFixedIn{
 					Key:     trivyResult.Type,
 					Name:    vuln.PkgName,
+					Path:    trivyResult.Target,
 					FixedIn: vuln.FixedVersion,
 				})
 				libScanner := uniqueLibraryScannerPaths[trivyResult.Target]
--- a/contrib/trivy/parser/parser_test.go
+++ b/contrib/trivy/parser/parser_test.go
@@ -154,14 +154,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "guzzlehttp/guzzle",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "4.2.4, 5.3.1, 6.2.1",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Title:         "PHP: sets environmental variable based on user supplied Proxy request header",
@@ -202,6 +195,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "php-app/composer.lock",
 								Key:     "composer",
 								Name:    "guzzlehttp/guzzle",
 								FixedIn: "4.2.4, 5.3.1, 6.2.1",
@@ -217,14 +211,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "lodash",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">=4.17.5",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "LOW",
@@ -240,6 +227,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "node-app/package-lock.json",
 								Key:     "npm",
 								Name:    "lodash",
 								FixedIn: ">=4.17.5",
@@ -255,14 +243,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "rails-html-sanitizer",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">= 1.0.4",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "MEDIUM",
@@ -277,6 +258,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "rails-html-sanitizer",
 								FixedIn: ">= 1.0.4",
@@ -497,14 +479,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "lodash",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">=4.17.11",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "HIGH",
@@ -520,6 +495,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "node-app/package-lock.json",
 								Key:     "npm",
 								Name:    "lodash",
 								FixedIn: ">=4.17.11",
@@ -1837,14 +1813,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "jquery",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">=3.4.0",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "MEDIUM",
@@ -1857,6 +1826,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "node-app/package-lock.json",
 								Key:     "npm",
 								Name:    "jquery",
 								FixedIn: ">=3.4.0",
@@ -1872,14 +1842,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "nokogiri",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">= 1.10.4",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "HIGH",
@@ -1900,6 +1863,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "nokogiri",
 								FixedIn: ">= 1.10.4",
@@ -2127,14 +2091,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "urllib3",
-								NotFixedYet: true,
-								FixState:    "Affected",
-								FixedIn:     "",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "MEDIUM",
@@ -2160,6 +2117,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "python-app/Pipfile.lock",
 								Key:     "pipenv",
 								Name:    "urllib3",
 								FixedIn: "",
@@ -2175,14 +2133,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "urllib3",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "1.24.2",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "MEDIUM",
@@ -2206,6 +2157,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "python-app/Pipfile.lock",
 								Key:     "pipenv",
 								Name:    "urllib3",
 								FixedIn: "1.24.2",
@@ -2221,14 +2173,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "jquery",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">=3.4.0",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "MEDIUM",
@@ -2305,6 +2250,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "node-app/package-lock.json",
 								Key:     "npm",
 								Name:    "jquery",
 								FixedIn: ">=3.4.0",
@@ -2367,14 +2313,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "nokogiri",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">= 1.10.5",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "MEDIUM",
@@ -2399,6 +2338,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "nokogiri",
 								FixedIn: ">= 1.10.5",
@@ -2526,14 +2466,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "loofah",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">= 2.3.1",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "MEDIUM",
@@ -2552,6 +2485,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "loofah",
 								FixedIn: ">= 2.3.1",
@@ -2653,14 +2587,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							{
-								Name:        "rack",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "~> 1.6.12, >= 2.0.8",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "MEDIUM",
@@ -2681,6 +2608,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "rack",
 								FixedIn: "~> 1.6.12, >= 2.0.8",
@@ -2695,14 +2623,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							{
-								Name:        "pyyaml",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "5.3.1",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "HIGH",
@@ -2719,6 +2640,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "python-app/Pipfile.lock",
 								Key:     "pipenv",
 								Name:    "pyyaml",
 								FixedIn: "5.3.1",
@@ -2733,14 +2655,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "actionview",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "~> 5.2.4, >= 5.2.4.2, >= 6.0.2.2",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "LOW",
@@ -2760,6 +2675,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "actionview",
 								FixedIn: "~> 5.2.4, >= 5.2.4.2, >= 6.0.2.2",
@@ -2774,14 +2690,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "nokogiri",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">= 1.10.8",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "MEDIUM",
@@ -2799,6 +2708,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							models.LibraryFixedIn{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "nokogiri",
 								FixedIn: ">= 1.10.8",
@@ -2813,14 +2723,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "rake",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">= 12.3.3",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "CRITICAL",
@@ -2839,6 +2742,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							models.LibraryFixedIn{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "rake",
 								FixedIn: ">= 12.3.3",
@@ -2853,14 +2757,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "rack",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "~> 2.1.3, >= 2.2.0",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "MEDIUM",
@@ -2874,6 +2771,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							models.LibraryFixedIn{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "rack",
 								FixedIn: "~> 2.1.3, >= 2.2.0",
@@ -2888,14 +2786,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "activestorage",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "~> 5.2.4.3, >= 6.0.3.1",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "UNKNOWN",
@@ -2909,6 +2800,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							models.LibraryFixedIn{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "activestorage",
 								FixedIn: "~> 5.2.4.3, >= 6.0.3.1",
@@ -2923,14 +2815,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "json",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     ">= 2.3.0",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "MEDIUM",
@@ -2947,6 +2832,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							models.LibraryFixedIn{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "json",
 								FixedIn: ">= 2.3.0",
@@ -2961,14 +2847,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "actionpack",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "~> 5.2.4.3, >= 6.0.3.1",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "UNKNOWN",
@@ -2979,6 +2858,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "actionpack",
 								FixedIn: "~> 5.2.4.3, >= 6.0.3.1",
@@ -2993,14 +2873,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "activesupport",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "~> 5.2.4.3, >= 6.0.3.1",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "UNKNOWN",
@@ -3011,6 +2884,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "activesupport",
 								FixedIn: "~> 5.2.4.3, >= 6.0.3.1",
@@ -3025,14 +2899,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "actionpack",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "~> 5.2.4.3, >= 6.0.3.1",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "UNKNOWN",
@@ -3043,6 +2910,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "actionpack",
 								FixedIn: "~> 5.2.4.3, >= 6.0.3.1",
@@ -3057,14 +2925,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "actionview",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "~> 5.2.4.3, >= 6.0.3.1",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "UNKNOWN",
@@ -3075,6 +2936,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "ruby-app/Gemfile.lock",
 								Key:     "bundler",
 								Name:    "actionview",
 								FixedIn: "~> 5.2.4.3, >= 6.0.3.1",
@@ -3089,14 +2951,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "lodash",
-								NotFixedYet: true,
-								FixState:    "Affected",
-								FixedIn:     "",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "HIGH",
@@ -3107,6 +2962,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "node-app/package-lock.json",
 								Key:     "npm",
 								Name:    "lodash",
 								FixedIn: "",
@@ -3121,14 +2977,7 @@ func TestParse(t *testing.T) {
 								DetectionMethod: "TrivyMatch",
 							},
 						},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "django-cors-headers",
-								NotFixedYet: false,
-								FixState:    "",
-								FixedIn:     "3.0.0",
-							},
-						},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": models.CveContent{
 								Cvss3Severity: "UNKNOWN",
@@ -3137,6 +2986,7 @@ func TestParse(t *testing.T) {
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
 							{
+								Path:    "python-app/Pipfile.lock",
 								Key:     "pipenv",
 								Name:    "django-cors-headers",
 								FixedIn: "3.0.0",
@@ -3144,16 +2994,9 @@ func TestParse(t *testing.T) {
 						},
 					},
 					"RUSTSEC-2016-0001": {
-						CveID:       "RUSTSEC-2016-0001",
-						Confidences: models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
-						AffectedPackages: models.PackageFixStatuses{
-							{
-								Name:        "openssl",
-								NotFixedYet: true,
-								FixState:    "Affected",
-								FixedIn:     "",
-							},
-						},
+						CveID:            "RUSTSEC-2016-0001",
+						Confidences:      models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "UNKNOWN",
@@ -3163,20 +3006,18 @@ func TestParse(t *testing.T) {
 							},
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
-							{Key: "cargo", Name: "openssl", FixedIn: ""},
+							{
+								Path:    "rust-app/Cargo.lock",
+								Key:     "cargo",
+								Name:    "openssl",
+								FixedIn: "",
+							},
 						},
 					},
 					"RUSTSEC-2018-0003": {
-						CveID:       "RUSTSEC-2018-0003",
-						Confidences: models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
-						AffectedPackages: models.PackageFixStatuses{
-							{
-								Name:        "smallvec",
-								NotFixedYet: true,
-								FixState:    "Affected",
-								FixedIn:     "",
-							},
-						},
+						CveID:            "RUSTSEC-2018-0003",
+						Confidences:      models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "UNKNOWN",
@@ -3186,20 +3027,18 @@ func TestParse(t *testing.T) {
 							},
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
-							{Key: "cargo", Name: "smallvec", FixedIn: ""},
+							{
+								Path:    "rust-app/Cargo.lock",
+								Key:     "cargo",
+								Name:    "smallvec",
+								FixedIn: "",
+							},
 						},
 					},
 					"RUSTSEC-2018-0010": {
-						CveID:       "RUSTSEC-2018-0010",
-						Confidences: models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
-						AffectedPackages: models.PackageFixStatuses{
-							models.PackageFixStatus{
-								Name:        "openssl",
-								NotFixedYet: true,
-								FixState:    "Affected",
-								FixedIn:     "",
-							},
-						},
+						CveID:            "RUSTSEC-2018-0010",
+						Confidences:      models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "UNKNOWN",
@@ -3209,19 +3048,18 @@ func TestParse(t *testing.T) {
 							},
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
-							{Key: "cargo", Name: "openssl", FixedIn: ""},
+							{
+								Path:    "rust-app/Cargo.lock",
+								Key:     "cargo",
+								Name:    "openssl",
+								FixedIn: "",
+							},
 						},
 					},
 					"RUSTSEC-2018-0017": {
-						CveID:       "RUSTSEC-2018-0017",
-						Confidences: models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
-						AffectedPackages: models.PackageFixStatuses{
-							{
-								Name:        "tempdir",
-								NotFixedYet: true,
-								FixState:    "Affected",
-							},
-						},
+						CveID:            "RUSTSEC-2018-0017",
+						Confidences:      models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "UNKNOWN",
@@ -3231,20 +3069,18 @@ func TestParse(t *testing.T) {
 							},
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
-							{Key: "cargo", Name: "tempdir", FixedIn: ""},
+							{
+								Path:    "rust-app/Cargo.lock",
+								Key:     "cargo",
+								Name:    "tempdir",
+								FixedIn: "",
+							},
 						},
 					},
 					"RUSTSEC-2019-0001": {
-						CveID:       "RUSTSEC-2019-0001",
-						Confidences: models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
-						AffectedPackages: models.PackageFixStatuses{
-							{
-								Name:        "ammonia",
-								NotFixedYet: true,
-								FixState:    "Affected",
-								FixedIn:     "",
-							},
-						},
+						CveID:            "RUSTSEC-2019-0001",
+						Confidences:      models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "UNKNOWN",
@@ -3254,18 +3090,17 @@ func TestParse(t *testing.T) {
 							},
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
-							{Key: "cargo", Name: "ammonia", FixedIn: ""},
+							{
+								Path:    "rust-app/Cargo.lock",
+								Key:     "cargo",
+								Name:    "ammonia",
+								FixedIn: "",
+							},
 						},
 					},
 					"RUSTSEC-2019-0009": {CveID: "RUSTSEC-2019-0009",
-						Confidences: models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
-						AffectedPackages: models.PackageFixStatuses{
-							{
-								Name:        "smallvec",
-								NotFixedYet: true,
-								FixState:    "Affected",
-							},
-						},
+						Confidences:      models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "UNKNOWN",
@@ -3275,20 +3110,18 @@ func TestParse(t *testing.T) {
 							},
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
-							{Key: "cargo", Name: "smallvec", FixedIn: ""},
+							{
+								Path:    "rust-app/Cargo.lock",
+								Key:     "cargo",
+								Name:    "smallvec",
+								FixedIn: "",
+							},
 						},
 					},
 					"RUSTSEC-2019-0012": {
-						CveID:       "RUSTSEC-2019-0012",
-						Confidences: models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
-						AffectedPackages: models.PackageFixStatuses{
-							{
-								Name:        "smallvec",
-								NotFixedYet: true,
-								FixState:    "Affected",
-								FixedIn:     "",
-							},
-						},
+						CveID:            "RUSTSEC-2019-0012",
+						Confidences:      models.Confidences{{Score: 100, DetectionMethod: "TrivyMatch"}},
+						AffectedPackages: models.PackageFixStatuses{},
 						CveContents: models.CveContents{
 							"trivy": {
 								Cvss3Severity: "UNKNOWN",
@@ -3298,7 +3131,12 @@ func TestParse(t *testing.T) {
 							},
 						},
 						LibraryFixedIns: models.LibraryFixedIns{
-							{Key: "cargo", Name: "smallvec", FixedIn: ""},
+							{
+								Path:    "rust-app/Cargo.lock",
+								Key:     "cargo",
+								Name:    "smallvec",
+								FixedIn: "",
+							},
 						},
 					},
 				},
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/future-architect/vuls

-go 1.13
+go 1.14

 replace (
 	gopkg.in/mattn/go-colorable.v0 => github.com/mattn/go-colorable v0.1.0
@@ -8,50 +8,47 @@ replace (
 )

 require (
-	github.com/Azure/azure-sdk-for-go v42.0.0+incompatible
+	github.com/Azure/azure-sdk-for-go v43.3.0+incompatible
 	github.com/BurntSushi/toml v0.3.1
 	github.com/RackSec/srslog v0.0.0-20180709174129-a4725f04ec91
-	github.com/aquasecurity/fanal v0.0.0-20200505074551-9239a362deca
-	github.com/aquasecurity/go-dep-parser v0.0.0-20200123140603-4dc0125084da // indirect
-	github.com/aquasecurity/trivy v0.8.0
-	github.com/aquasecurity/trivy-db v0.0.0-20200514134639-7e57e3e02470
+	github.com/aquasecurity/fanal v0.0.0-20200615091807-df25cfa5f9af
+	github.com/aquasecurity/trivy v0.9.1
+	github.com/aquasecurity/trivy-db v0.0.0-20200616161554-cd5b3da29bc8
 	github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
-	github.com/aws/aws-sdk-go v1.30.16
+	github.com/aws/aws-sdk-go v1.32.6
 	github.com/boltdb/bolt v1.3.1
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/d4l3k/messagediff v1.2.2-0.20190829033028-7e0a312ae40b
 	github.com/google/subcommands v1.2.0
 	github.com/gosuri/uitable v0.0.4
 	github.com/hashicorp/go-uuid v1.0.2
-	github.com/hashicorp/go-version v1.2.0
+	github.com/hashicorp/go-version v1.2.1
 	github.com/howeyc/gopass v0.0.0-20190910152052-7cb4b85ec19c
 	github.com/jesseduffield/gocui v0.3.0
 	github.com/k0kubun/pp v3.0.1+incompatible
-	github.com/knqyf263/go-apk-version v0.0.0-20200507080916-9f84b1e3c54c
+	github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f
 	github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2
 	github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d
 	github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936
 	github.com/knqyf263/go-version v1.1.1
 	github.com/knqyf263/gost v0.1.3
-	github.com/kotakanbe/go-cve-dictionary v0.4.2
+	github.com/kotakanbe/go-cve-dictionary v0.5.0
 	github.com/kotakanbe/go-pingscanner v0.1.0
-	github.com/kotakanbe/goval-dictionary v0.2.5
+	github.com/kotakanbe/goval-dictionary v0.2.8
 	github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96
 	github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/mozqnet/go-exploitdb v0.0.0-20190911093644-f647f17ea8ca
+	github.com/mozqnet/go-exploitdb v0.0.0-20200612044106-ea30f49f0902
 	github.com/nlopes/slack v0.6.0
 	github.com/nsf/termbox-go v0.0.0-20200418040025-38ba6e5628f1 // indirect
 	github.com/olekukonko/tablewriter v0.0.4
 	github.com/parnurzeal/gorequest v0.2.16
 	github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5
-	github.com/sirupsen/logrus v1.5.0
-	github.com/spf13/afero v1.2.2
+	github.com/sirupsen/logrus v1.6.0
+	github.com/spf13/afero v1.3.0
 	github.com/spf13/cobra v0.0.5
-	golang.org/x/crypto v0.0.0-20200414173820-0848c9571904
-	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
+	golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9
 	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
-	golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d // indirect
 	golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
-	k8s.io/utils v0.0.0-20191114184206-e782cd3c129f
+	k8s.io/utils v0.0.0-20200619165400-6e3d28b6ed19
 )
--- a/go.sum
+++ b/go.sum
@@ -1,13 +1,11 @@
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.37.4/go.mod h1:NHPJ89PdicEuT9hdPXMROBD91xc5uRDxsMtSB16k7hw=
-cloud.google.com/go v0.38.0 h1:ROfEUZz+Gh5pa62DJWXSaonyu3StP6EA6lPEXPI6mCo=
 cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
 github.com/Azure/azure-sdk-for-go v35.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/azure-sdk-for-go v38.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go v42.0.0+incompatible h1:yz6sFf5bHZ+gEOQVuK5JhPqTTAmv+OvSLSaqgzqaCwY=
-github.com/Azure/azure-sdk-for-go v42.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
+github.com/Azure/azure-sdk-for-go v43.3.0+incompatible h1:o0G4JAsOzeVJEwU0Ud9bh+lUHPUc0GkFENJ02dk51Uo=
+github.com/Azure/azure-sdk-for-go v43.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
 github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
 github.com/Azure/go-autorest/autorest v0.9.3 h1:OZEIaBbMdUE/Js+BQKlpO81XlISgipr6yDJ+PSwsgi4=
@@ -34,12 +32,10 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt
 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
-github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0 h1:wykTgKwhVr2t2qs+xI020s6W5dt614QqCHV+7W9dg64=
 github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs=
 github.com/GoogleCloudPlatform/k8s-cloud-provider v0.0.0-20190822182118-27a4ced34534/go.mod h1:iroGtC8B3tQiqtds1l+mgk/BBOrxbqjH+eUfFQYRc14=
 github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
 github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
-github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 h1:ygIc8M6trr62pF5DucadTWGdEB4mEyvzi0e2nbcmcyA=
 github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw=
 github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg=
 github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
@@ -63,34 +59,36 @@ github.com/andybalholm/cascadia v1.0.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9Pq
 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
 github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
 github.com/aquasecurity/fanal v0.0.0-20190819081512-f04452b627c6/go.mod h1:enEz4FFetw4XAbkffaYgyCVq1556R9Ry+noqT4rq9BE=
-github.com/aquasecurity/fanal v0.0.0-20200505074551-9239a362deca h1:xNs3bLA5k8hySXtV6S6oOc88zDxpL2gXo4Z2qPXmx4c=
-github.com/aquasecurity/fanal v0.0.0-20200505074551-9239a362deca/go.mod h1:3H3F3x2XtcdFH3o1LQJEzfu2sS/rf+XufPIngMZrKO4=
+github.com/aquasecurity/fanal v0.0.0-20200528202907-79693bf4a058/go.mod h1:omM/xBVqAPNzdV/MegrjayEkKEZzI+eUpyjCXpbTMG0=
+github.com/aquasecurity/fanal v0.0.0-20200615091807-df25cfa5f9af h1:UG06S07LRZvMzxKyQuMZVtIDim7Ac6MWSc6bMGoiTKE=
+github.com/aquasecurity/fanal v0.0.0-20200615091807-df25cfa5f9af/go.mod h1:omM/xBVqAPNzdV/MegrjayEkKEZzI+eUpyjCXpbTMG0=
+github.com/aquasecurity/go-dep-parser v0.0.0-20190819075924-ea223f0ef24b h1:55Ulc/gvfWm4ylhVaR7MxOwujRjA6et7KhmUbSgUFf4=
 github.com/aquasecurity/go-dep-parser v0.0.0-20190819075924-ea223f0ef24b/go.mod h1:BpNTD9vHfrejKsED9rx04ldM1WIbeyXGYxUrqTVwxVQ=
-github.com/aquasecurity/go-dep-parser v0.0.0-20200123140603-4dc0125084da h1:bZwcALhBf7ksmkprrT370z+z+UHAxOwbEeCDtDr5bR0=
-github.com/aquasecurity/go-dep-parser v0.0.0-20200123140603-4dc0125084da/go.mod h1:X42mTIRhgPalSm81Om2kD+3ydeunbC8TZtZj1bvgRo8=
-github.com/aquasecurity/testdocker v0.0.0-20200426142840-5f05bce6f12a h1:hsw7PpiymXP64evn/K7gsj3hWzMqLrdoeE6JkqDocVg=
 github.com/aquasecurity/testdocker v0.0.0-20200426142840-5f05bce6f12a/go.mod h1:psfu0MVaiTDLpNxCoNsTeILSKY2EICBwv345f3M+Ffs=
 github.com/aquasecurity/trivy v0.1.6/go.mod h1:5hobyhxLzDtxruHzPxpND2PUKOssvGUdE9BocpJUwo4=
-github.com/aquasecurity/trivy v0.8.0 h1:mlDrzDtLO/gnW7ivJQkhHEfjESk/MXVBKLeGKKPAGkA=
-github.com/aquasecurity/trivy v0.8.0/go.mod h1:h05Fj8acbpAR7ZzYYW4sx7dm/uVt7Fi1pXMCgPvAFM8=
-github.com/aquasecurity/trivy-db v0.0.0-20200514134639-7e57e3e02470 h1:6VE+g4AK2uivPqZtVk/QtcCBb2rUjAvKqDNexSgqMC0=
+github.com/aquasecurity/trivy v0.9.1 h1:pDPZEXGLzQ1ctgD0xX/BRK71+av9+NlmPwGe7zEjqQw=
+github.com/aquasecurity/trivy v0.9.1/go.mod h1:J3WSvlfS288/4KqgPTnwV2ja+gUZRle8GPvj3wjdAiQ=
 github.com/aquasecurity/trivy-db v0.0.0-20200514134639-7e57e3e02470/go.mod h1:F77bF2nRbcH4EIhhcNEP585MoAKdLpEP3dihF9V1Hbw=
+github.com/aquasecurity/trivy-db v0.0.0-20200616161554-cd5b3da29bc8 h1:PvRcn3v8lpccqmEEzmJmXrm47ag47OCt8ui+9APi4hA=
+github.com/aquasecurity/trivy-db v0.0.0-20200616161554-cd5b3da29bc8/go.mod h1:EiFA908RL0ACrbYo/9HfT7f9QcdC2bZoIO5XAAcvz9A=
 github.com/aquasecurity/vuln-list-update v0.0.0-20191016075347-3d158c2bf9a2/go.mod h1:6NhOP0CjZJL27bZZcaHECtzWdwDDm2g6yCY0QgXEGQQ=
 github.com/araddon/dateparse v0.0.0-20190426192744-0d74ffceef83/go.mod h1:SLqhdZcd+dF3TEVL2RMoob5bBP5R1P1qkox+HtCBgGI=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA=
 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
 github.com/aws/aws-sdk-go v1.16.26/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 github.com/aws/aws-sdk-go v1.19.11/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 github.com/aws/aws-sdk-go v1.27.1/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
-github.com/aws/aws-sdk-go v1.30.16 h1:1eabOZiVGl+XB02/VG9NpR+3fngaNc74pgb5RmyzgLY=
-github.com/aws/aws-sdk-go v1.30.16/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
+github.com/aws/aws-sdk-go v1.32.6 h1:HoswAabUWgnrUF7X/9dr4WRgrr8DyscxXvTDm7Qw/5c=
+github.com/aws/aws-sdk-go v1.32.6/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
 github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
 github.com/boltdb/bolt v1.3.1 h1:JQmyP4ZBrce+ZQu0dY660FMfatumYDLun9hBCUVIkF4=
 github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps=
+github.com/briandowns/spinner v0.0.0-20190319032542-ac46072a5a91 h1:GMmnK0dvr0Sf0gx3DvTbln0c8DE07B7sPVD9dgHOqo4=
 github.com/briandowns/spinner v0.0.0-20190319032542-ac46072a5a91/go.mod h1:hw/JEQBIE+c/BLI4aKM8UU8v+ZqrD3h7HC27kKt8JQU=
 github.com/caarlos0/env/v6 v6.0.0 h1:NZt6FAoB8ieKO5lEwRdwCzYxWFx7ZYF2R7UcoyaWtyc=
 github.com/caarlos0/env/v6 v6.0.0/go.mod h1:+wdyOmtjoZIW2GJOc2OYa5NoOFuWD/bIpWqm30NgtRk=
@@ -106,7 +104,6 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
 github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.3.3 h1:LoIzb5y9x5l8VKAlyrbusNPXqBY0+kviRloxFUMFwKc=
 github.com/containerd/containerd v1.3.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
 github.com/containerd/continuity v0.0.0-20180921161001-7f53d412b9eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
 github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
@@ -122,18 +119,16 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7
 github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/coreos/pkg v0.0.0-20180108230652-97fdf19511ea/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
-github.com/cpuguy83/go-md2man v1.0.10 h1:BSKMNlYxDvnunlTymqtgONjNnaRV1sTpcovwwjF22jk=
 github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
-github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/d4l3k/messagediff v1.2.2-0.20190829033028-7e0a312ae40b h1:02XNVBBC2x90C1IKnZ0iyrIxL1pdIRsusn0lqSEIOD0=
 github.com/d4l3k/messagediff v1.2.2-0.20190829033028-7e0a312ae40b/go.mod h1:Oozbb1TVXFac9FtSIxHBMnBCq2qeH/2KkEQxENCrlLo=
 github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/deckarep/golang-set v1.7.1 h1:SCQV0S6gTtp6itiFrTqI+pfmJ4LN85S1YzhDf9rTHJQ=
 github.com/deckarep/golang-set v1.7.1/go.mod h1:93vsz/8Wt4joVM7c2AVqh+YRMiUSc14yDtF28KmMOgQ=
 github.com/denisenkom/go-mssqldb v0.0.0-20190515213511-eb9f6a1743f3/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM=
 github.com/denisenkom/go-mssqldb v0.0.0-20190909000816-272160613861 h1:qLpBq6uLTG2OUlPqS6D3uQf8zJteDR5vOJGPjF2Elu4=
@@ -144,29 +139,22 @@ github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8
 github.com/dnaeon/go-vcr v1.0.1 h1:r8L/HqC0Hje5AXMu1ooW8oyQyOFv4GxqpL0nRP7SLLY=
 github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
 github.com/docker/cli v0.0.0-20180920165730-54c19e67f69c/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
-github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017 h1:2HQmlpI3yI9deH18Q6xiSOIjXD4sLI55Y/gfpa8/558=
 github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v0.0.0-20180920194744-16128bbac47f/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug=
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/docker v0.0.0-20180924202107-a9c061deec0f/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker v0.7.3-0.20190506211059-b20a14b54661/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7 h1:Cvj7S8I4Xpx78KAl6TwTmMHuHlZ/0SM60NUneGJQ7IE=
 github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-ce v0.0.0-20180924210327-f53bd8bb8e43/go.mod h1:l1FUGRYBvbjnZ8MS6A2xOji4aZFlY/Qmgz7p4oXH7ac=
 github.com/docker/docker-credential-helpers v0.6.1/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y=
-github.com/docker/docker-credential-helpers v0.6.3 h1:zI2p9+1NQYdnG6sMU26EX4aVGlqbInSQxQXLvzJ4RPQ=
 github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y=
 github.com/docker/go-connections v0.0.0-20180821093606-97c2040d34df/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
-github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI=
 github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
-github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=
 github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
-github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 h1:UhxFibDNY/bfvqU5CAUmr9zpesgbU6SWc8/B4mflAE4=
 github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE=
 github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM=
 github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
@@ -206,6 +194,11 @@ github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm
 github.com/gin-gonic/gin v1.5.0/go.mod h1:Nd6IXA8m5kNZdNEHMBd93KT+mdY3+bewLgRvmCsR2Do=
 github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
 github.com/gliderlabs/ssh v0.1.3/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
+github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
+github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E=
+github.com/go-git/go-billy/v5 v5.0.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
+github.com/go-git/go-git-fixtures/v4 v4.0.1/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw=
+github.com/go-git/go-git/v5 v5.0.0/go.mod h1:oYD8y9kWsGINPFJoLdaScGCN6dlKg23blmClfZwtUVA=
 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
@@ -237,7 +230,6 @@ github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7a
 github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
 github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
-github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
@@ -246,7 +238,6 @@ github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4er
 github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/mock v1.2.0 h1:28o5sBqPkBsMGnC6b4MvE2TzSr5/AT4c/1fLqVGIwlk=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -259,7 +250,6 @@ github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Z
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-containerregistry v0.0.0-20200331213917-3d03ed9b1ca2 h1:k2YJ1fw6LwICNNUQHZNp9vTtHMuVqHJtMjZOc5SDIJo=
 github.com/google/go-containerregistry v0.0.0-20200331213917-3d03ed9b1ca2/go.mod h1:pD1UFYs7MCAx+ZLShBdttcaOSbyc8F9Na/9IZLNwJeA=
@@ -288,7 +278,6 @@ github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORR
 github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
 github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
 github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
-github.com/gorilla/mux v1.7.4 h1:VuZ8uybHlWmqV03+zRzdwKL4tUnIp1MAQtp1mIFE1bc=
 github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
 github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
 github.com/gorilla/websocket v1.2.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
@@ -305,14 +294,13 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgf
 github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw=
 github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
-github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
-github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI=
 github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA=
 github.com/hashicorp/go-uuid v1.0.2 h1:cfejS+Tpcp13yd5nYHWDI6qVCny6wyX2Mt5SGur2IGE=
 github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
-github.com/hashicorp/go-version v1.2.0 h1:3vNe/fWF5CBgRIguda1meWhsZHy3m8gCJ5wx+dIzX/E=
 github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
+github.com/hashicorp/go-version v1.2.1 h1:zEfKbn2+PDgroKdiOzqiE8rsmLqU2uwi5PB5pBJ3TkI=
+github.com/hashicorp/go-version v1.2.1/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
@@ -357,12 +345,13 @@ github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q
 github.com/k0kubun/pp v3.0.1+incompatible h1:3tqvf7QgUnZ5tXO6pNAZlrvHgl6DvifjDrd9g2S9Z40=
 github.com/k0kubun/pp v3.0.1+incompatible/go.mod h1:GWse8YhT0p8pT4ir3ZgBbfZild3tgzSScAn6HmfYukg=
 github.com/kevinburke/ssh_config v0.0.0-20180830205328-81db2a75821e/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
+github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/knqyf263/berkeleydb v0.0.0-20190501065933-fafe01fb9662/go.mod h1:bu1CcN4tUtoRcI/B/RFHhxMNKFHVq/c3SV+UTyduoXg=
-github.com/knqyf263/go-apk-version v0.0.0-20200507080916-9f84b1e3c54c h1:qHcn6FUgD+GRk2ieUL3Re+/+rgjh+QK7Db2ClEUQ0RM=
-github.com/knqyf263/go-apk-version v0.0.0-20200507080916-9f84b1e3c54c/go.mod h1:q59u9px8b7UTj0nIjEjvmTWekazka6xIt6Uogz5Dm+8=
+github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f h1:GvCU5GXhHq+7LeOzx/haG7HSIZokl3/0GkoUFzsRJjg=
+github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f/go.mod h1:q59u9px8b7UTj0nIjEjvmTWekazka6xIt6Uogz5Dm+8=
 github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2 h1:9CYbtr3i56D/rD6u6jJ/Aocsic9G+MupyVu7gb+QHF4=
 github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2/go.mod h1:XM58Cg7dN+g0J9UPVmKjiXWlGi55lx+9IMs0IMoFWQo=
 github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d h1:X4cedH4Kn3JPupAwwWuo4AzYp16P0OyLO9d7OnMZc/c=
@@ -377,23 +366,25 @@ github.com/knqyf263/gost v0.1.3/go.mod h1:okRxldLs7RVZEjNVBOQEqKj93OU91TmULMnHWU
 github.com/knqyf263/nested v0.0.1 h1:Sv26CegUMhjt19zqbBKntjwESdxe5hxVPSk0+AKjdUc=
 github.com/knqyf263/nested v0.0.1/go.mod h1:zwhsIhMkBg90DTOJQvxPkKIypEHPYkgWHs4gybdlUmk=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s=
 github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/kotakanbe/go-cve-dictionary v0.4.2 h1:UuEi6yr1wDN2MQJKkvdY9nSjqG5tJksk3MPyozGRRXo=
-github.com/kotakanbe/go-cve-dictionary v0.4.2/go.mod h1:zgnFBROvdhyd30KU0yekNI0J1kQkjTMND8GqlL8y25k=
+github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8=
+github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/kotakanbe/go-cve-dictionary v0.5.0 h1:wai3ymaI0BFhcofW7ITOAAILm4CvsBnFwTJJFuf/p30=
+github.com/kotakanbe/go-cve-dictionary v0.5.0/go.mod h1:zgnFBROvdhyd30KU0yekNI0J1kQkjTMND8GqlL8y25k=
 github.com/kotakanbe/go-pingscanner v0.1.0 h1:VG4/9l0i8WeToXclj7bIGoAZAu7a07Z3qmQiIfU0gT0=
 github.com/kotakanbe/go-pingscanner v0.1.0/go.mod h1:/761QZzuZFcfN8h/1QuawUA+pKukp3qcNj5mxJCOiAk=
-github.com/kotakanbe/goval-dictionary v0.2.5 h1:wae0zFw4UnakJaApdxwWgw+QDE7dWP4AeDPtMencPN4=
-github.com/kotakanbe/goval-dictionary v0.2.5/go.mod h1:OozI5ZbKWHIPcjYgOITYHRy+Vo6ZbksY1FU8aCwojK4=
+github.com/kotakanbe/goval-dictionary v0.2.8 h1:C2hAEA3HdsaJbSoWjyZjZFeBjBoF/CVLmZJxSrcpAkM=
+github.com/kotakanbe/goval-dictionary v0.2.8/go.mod h1:OozI5ZbKWHIPcjYgOITYHRy+Vo6ZbksY1FU8aCwojK4=
 github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96 h1:xNVK0mQJdQjw+QYeaMM4G6fvucWr8rTGGIhlPakx1wU=
 github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96/go.mod h1:ljq48H1V+0Vh0u7ucA3LjR4AfkAeCpxrf7LaaCk8Vmo=
+github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
-github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
 github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
@@ -451,15 +442,16 @@ github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lN
 github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
-github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
 github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
 github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ=
-github.com/mozqnet/go-exploitdb v0.0.0-20190911093644-f647f17ea8ca h1:YdnY8FDl9NbO++O+q/kx1iledsHAk1KZLICZpEhqWFo=
-github.com/mozqnet/go-exploitdb v0.0.0-20190911093644-f647f17ea8ca/go.mod h1:TsEciLihBvN8yO9iCHBahCLxZff11NxbBO/xm8nVH9g=
+github.com/mozqnet/go-exploitdb v0.0.0-20200612044106-ea30f49f0902 h1:JXh+QEZqWJ5SIWdm8WsztZqvaeLubj9IZ/vvir0jMEY=
+github.com/mozqnet/go-exploitdb v0.0.0-20200612044106-ea30f49f0902/go.mod h1:TsEciLihBvN8yO9iCHBahCLxZff11NxbBO/xm8nVH9g=
 github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/nlopes/slack v0.6.0 h1:jt0jxVQGhssx1Ib7naAOZEZcGdtIhTzkP0nopK0AsRA=
 github.com/nlopes/slack v0.6.0/go.mod h1:JzQ9m3PMAqcpeCam7UaHSuBuupz7CmpjehYMayT6YOk=
 github.com/nsf/termbox-go v0.0.0-20200418040025-38ba6e5628f1 h1:lh3PyZvY+B9nFliSGTn5uFuqQQJGuNrD0MLCokv09ag=
@@ -483,10 +475,8 @@ github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1Cpa
 github.com/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME=
 github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
-github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ=
 github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
 github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
-github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6 h1:yN8BPXVwMBAm3Cuvh1L5XE8XpvYRMdsVLd82ILprhUU=
 github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
 github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
 github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw=
@@ -497,13 +487,13 @@ github.com/pelletier/go-buffruneio v0.2.0/go.mod h1:JkE26KsDizTr40EUHkXVtNPvgGtb
 github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
-github.com/peterhellberg/link v1.0.0 h1:mUWkiegowUXEcmlb+ybF75Q/8D2Y0BjZtR8cxoKhaQo=
 github.com/peterhellberg/link v1.0.0/go.mod h1:gtSlOT4jmkY8P47hbTc8PTgiDDWpdPbFYl75keYyBB8=
 github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
 github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
@@ -536,34 +526,36 @@ github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6So
 github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rubiojr/go-vhd v0.0.0-20160810183302-0bfd3b39853c/go.mod h1:DM5xW0nvfNNm2uytzsvhI3OnX8uzaRAg8UX/CnDqbto=
-github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
-github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/saracen/walker v0.0.0-20191201085201-324a081bae7e/go.mod h1:G0Z6yVPru183i2MuRJx1DcR4dgIZtLcTdaaE/pC1BJU=
 github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww=
 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
+github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg=
-github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/simplereach/timeutils v1.2.0/go.mod h1:VVbQDfN/FHRZa1LSqcwo4kNZ62OOyqLLGQKYB3pB0Q8=
 github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
-github.com/sirupsen/logrus v1.5.0 h1:1N5EYkVAPEywqZRJd7cwnRtCb6xJx7NH3T3WUTF980Q=
 github.com/sirupsen/logrus v1.5.0/go.mod h1:+F7Ogzej0PZc/94MaYx/nvG9jOFMD2osvC3s+Squfpo=
+github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I=
+github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
 github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
 github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337 h1:WN9BUFbdyOsSH/XohnWpXOlq9NBD5sGAB2FciQMUEe8=
 github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
 github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
+github.com/sosedoff/gitkit v0.2.0/go.mod h1:A+o6ZazfVJwetlcHz3ah6th66XcBdsyzLo+aBt/AsK4=
 github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
-github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
+github.com/spf13/afero v1.3.0 h1:Ysnmjh1Di8EaWaBv40CYR4IdaIsBc5996Gh1oZzCBKk=
+github.com/spf13/afero v1.3.0/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4=
 github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
 github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
@@ -613,7 +605,6 @@ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 github.com/ymomoi/goval-parser v0.0.0-20170813122243-0a0be1dd9d08 h1:OsHsjWw5m3P0r+RJITvigJu9dn6L8812S54x42jxeII=
 github.com/ymomoi/goval-parser v0.0.0-20170813122243-0a0be1dd9d08/go.mod h1:ox1Nt/rGgWuhVrNg+jKYonAs4BiQG1tRJwj4ue91iy4=
-github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.4 h1:hi1bXHMVrlQh6WwxAy+qZCV/SYIlqo+Ushwdpa4tAKg=
@@ -647,12 +638,14 @@ golang.org/x/crypto v0.0.0-20190404164418-38d8ce5564a5/go.mod h1:WFFai1msRO1wXaE
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190907121410-71b5226ff739/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200414173820-0848c9571904 h1:bXoxMPcSLOq08zI3/c5dEBT6lE4eh+jOh886GHrn6V8=
-golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 h1:vEg9joUBmeBcK9iSJftGNf3coIG4HqZElCPehJsfAYM=
+golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -661,19 +654,14 @@ golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTk
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3 h1:XQyxROzUlZH+WIQwySDgnISgOivlhjIEwaQaJEJrrN0=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k=
-golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee h1:WG0RUwxtNT4qqaXX3DPA8zHFNm/D9xaBpxzHt1WcA/E=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ=
-golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -697,11 +685,10 @@ golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190909003024-a7b16738d86b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20191108221443-4ba9e2ef068c/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI=
 golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200226121028-0de0cce0169b h1:0mm1VjtFUOIlE1SbDlwjYaDxZVDP2S5ou6y0gSgXHu8=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200301022130-244492dfa37a h1:GuSPYbZzB5/dcLNCwLQLsg3obCJtX9IJhpXkvY7kzk0=
+golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -711,9 +698,7 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -746,6 +731,7 @@ golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191128015809-6d18c012aee9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200327173247-9dae0f8f5775 h1:TC0v2RSO1u2kn1ZugjrFXkRZAEaqMN/RW+OTZkBzmLE=
 golang.org/x/sys v0.0.0-20200327173247-9dae0f8f5775/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -756,7 +742,6 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180810170437-e96c4e24768d/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -774,19 +759,16 @@ golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3
 golang.org/x/tools v0.0.0-20190422233926-fe54fb35175b/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
-golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b h1:mSUCVIwDx4hfXJfWsOPfdzEHxzb2Xjl6BQ8YgPnazQA=
 golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
 golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191011211836-4c025a95b26e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20200210192313-1ace956b0e17 h1:a/Fd23DJvg1CaeDH0dYHahE+hCI0v9rFgxSNIThoUcM=
 golang.org/x/tools v0.0.0-20200210192313-1ace956b0e17/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d h1:lzLdP95xJmMpwQ6LUHwrc5V7js93hTiY7gkznu0BgmY=
-golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -809,7 +791,6 @@ google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRn
 google.golang.org/genproto v0.0.0-20190404172233-64821d5d2107/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 h1:gSJIx1SDwno+2ElGhA4+qG2zF97qiUzTM+rQ0klBOcE=
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/grpc v1.15.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio=
 google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
@@ -820,7 +801,6 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac
 google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
 google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA=
 google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
-google.golang.org/grpc v1.28.0 h1:bO/TA4OxCOummhSf10siHuG7vJOiwh7SpRpFZDkOgl4=
 google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
 gopkg.in/VividCortex/ewma.v1 v1.1.1 h1:tWHEKkKq802K/JT9RiqGCBU5fW3raAPnJGTE9ostZvg=
 gopkg.in/VividCortex/ewma.v1 v1.1.1/go.mod h1:TekXuFipeiHWiAlO1+wSS23vTcyFau5u3rxXUSXj710=
@@ -828,8 +808,9 @@ gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
+gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
 gopkg.in/cheggaaa/pb.v1 v1.0.28 h1:n1tBJnnK2r7g9OW2btFH91V92STTUevLXYFb8gy9EMk=
 gopkg.in/cheggaaa/pb.v1 v1.0.28/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
@@ -868,7 +849,6 @@ gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gotest.tools v0.0.0-20181223230014-1083505acf35/go.mod h1:R//lfYlUuTOTfblYI3lGoAAAebUdzjvbmQsuB7Ykd90=
 gotest.tools v2.1.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
-gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
 gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
 honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@@ -890,11 +870,13 @@ k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8
 k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
 k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
 k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
+k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
 k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
 k8s.io/legacy-cloud-providers v0.17.4/go.mod h1:FikRNoD64ECjkxO36gkDgJeiQWwyZTuBkhu+yxOc1Js=
 k8s.io/utils v0.0.0-20191010214722-8d271d903fe4/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
-k8s.io/utils v0.0.0-20191114184206-e782cd3c129f h1:GiPwtSzdP43eI1hpPCbROQCCIgCuiMMNF8YUVLF3vJo=
 k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
+k8s.io/utils v0.0.0-20200619165400-6e3d28b6ed19 h1:7Nu2dTj82c6IaWvL7hImJzcXoTPz1MsSCH7r+0m6rfo=
+k8s.io/utils v0.0.0-20200619165400-6e3d28b6ed19/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
 modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw=
 modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk=
 modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k=
--- a/libmanager/libManager.go
+++ b/libmanager/libManager.go
@@ -46,7 +46,12 @@ func FillLibrary(r *models.ScanResult) (totalCnt int, err error) {
 		}
 		for _, vinfo := range vinfos {
 			vinfo.Confidences.AppendIfMissing(models.TrivyMatch)
-			r.ScannedCves[vinfo.CveID] = vinfo
+			if v, ok := r.ScannedCves[vinfo.CveID]; !ok {
+				r.ScannedCves[vinfo.CveID] = vinfo
+			} else {
+				v.LibraryFixedIns = append(v.LibraryFixedIns, vinfo.LibraryFixedIns...)
+				r.ScannedCves[vinfo.CveID] = v
+			}
 		}
 		totalCnt += len(vinfos)
 	}
--- a/models/library.go
+++ b/models/library.go
@@ -19,11 +19,11 @@ import (
 type LibraryScanners []LibraryScanner

 // Find : find by name
-func (lss LibraryScanners) Find(name string) map[string]types.Library {
+func (lss LibraryScanners) Find(path, name string) map[string]types.Library {
 	filtered := map[string]types.Library{}
 	for _, ls := range lss {
 		for _, lib := range ls.Libs {
-			if lib.Name == name {
+			if ls.Path == path && lib.Name == name {
 				filtered[ls.Path] = lib
 				break
 			}
@@ -40,11 +40,10 @@ type LibraryScanner struct {

 // Scan : scan target library
 func (s LibraryScanner) Scan() ([]VulnInfo, error) {
-	scanner := library.DriverFactory{}.NewDriver(filepath.Base(string(s.Path)))
-	if scanner == nil {
-		return nil, xerrors.New("unknown file type")
+	scanner, err := library.DriverFactory{}.NewDriver(filepath.Base(string(s.Path)))
+	if err != nil {
+		return nil, xerrors.Errorf("Faild to new a library driver: %w", err)
 	}
-
 	var vulnerabilities = []VulnInfo{}
 	for _, pkg := range s.Libs {
 		v, err := version.NewVersion(pkg.Version)
@@ -94,6 +93,7 @@ func (s LibraryScanner) getVulnDetail(tvuln types.DetectedVulnerability) (vinfo
 				Key:     s.GetLibraryKey(),
 				Name:    tvuln.PkgName,
 				FixedIn: tvuln.FixedVersion,
+				Path:    s.Path,
 			},
 		}
 	}
@@ -141,4 +141,5 @@ type LibraryFixedIn struct {
 	Key     string `json:"key,omitempty"`
 	Name    string `json:"name,omitempty"`
 	FixedIn string `json:"fixedIn,omitempty"`
+	Path    string `json:"path,omitempty"`
 }
--- a/models/library_test.go
+++ b/models/library_test.go
@@ -9,6 +9,7 @@ import (

 func TestLibraryScanners_Find(t *testing.T) {
 	type args struct {
+		path string
 		name string
 	}
 	tests := []struct {
@@ -30,7 +31,7 @@ func TestLibraryScanners_Find(t *testing.T) {
 					},
 				},
 			},
-			args: args{"libA"},
+			args: args{"/pathA", "libA"},
 			want: map[string]types.Library{
 				"/pathA": {
 					Name:    "libA",
@@ -60,16 +61,12 @@ func TestLibraryScanners_Find(t *testing.T) {
 					},
 				},
 			},
-			args: args{"libA"},
+			args: args{"/pathA", "libA"},
 			want: map[string]types.Library{
 				"/pathA": {
 					Name:    "libA",
 					Version: "1.0.0",
 				},
-				"/pathB": {
-					Name:    "libA",
-					Version: "1.0.5",
-				},
 			},
 		},
 		{
@@ -85,13 +82,13 @@ func TestLibraryScanners_Find(t *testing.T) {
 					},
 				},
 			},
-			args: args{"libB"},
+			args: args{"/pathA", "libB"},
 			want: map[string]types.Library{},
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := tt.lss.Find(tt.args.name); !reflect.DeepEqual(got, tt.want) {
+			if got := tt.lss.Find(tt.args.path, tt.args.name); !reflect.DeepEqual(got, tt.want) {
 				t.Errorf("LibraryScanners.Find() = %v, want %v", got, tt.want)
 			}
 		})
--- a/report/email.go
+++ b/report/email.go
@@ -1,6 +1,7 @@
 package report

 import (
+	"crypto/tls"
 	"fmt"
 	"net"
 	"net/mail"
@@ -87,6 +88,61 @@ type emailSender struct {
 	send func(string, smtp.Auth, string, []string, []byte) error
 }

+func smtps(emailConf config.SMTPConf, message string) (err error) {
+	auth := smtp.PlainAuth("",
+		emailConf.User,
+		emailConf.Password,
+		emailConf.SMTPAddr,
+	)
+
+	//TLS Config
+	tlsConfig := &tls.Config{
+		ServerName: emailConf.SMTPAddr,
+	}
+
+	smtpServer := net.JoinHostPort(emailConf.SMTPAddr, emailConf.SMTPPort)
+	//New TLS connection
+	con, err := tls.Dial("tcp", smtpServer, tlsConfig)
+	if err != nil {
+		return xerrors.Errorf("Failed to create TLS connection: %w", err)
+	}
+	defer con.Close()
+
+	c, err := smtp.NewClient(con, emailConf.SMTPAddr)
+	if err != nil {
+		return xerrors.Errorf("Failed to create new client: %w", err)
+	}
+	if err = c.Auth(auth); err != nil {
+		return xerrors.Errorf("Failed to authenticate: %w", err)
+	}
+	if err = c.Mail(emailConf.From); err != nil {
+		return xerrors.Errorf("Failed to send Mail command: %w", err)
+	}
+	for _, to := range emailConf.To {
+		if err = c.Rcpt(to); err != nil {
+			return xerrors.Errorf("Failed to send Rcpt command: %w", err)
+		}
+	}
+
+	w, err := c.Data()
+	if err != nil {
+		return xerrors.Errorf("Failed to send Data command: %w", err)
+	}
+	_, err = w.Write([]byte(message))
+	if err != nil {
+		return xerrors.Errorf("Failed to write EMail message: %w", err)
+	}
+	err = w.Close()
+	if err != nil {
+		return xerrors.Errorf("Failed to close Writer: %w", err)
+	}
+	err = c.Quit()
+	if err != nil {
+		return xerrors.Errorf("Failed to close connection: %w", err)
+	}
+	return nil
+}
+
 func (e *emailSender) Send(subject, body string) (err error) {
 	emailConf := e.conf
 	to := strings.Join(emailConf.To[:], ", ")
@@ -113,20 +169,28 @@ func (e *emailSender) Send(subject, body string) (err error) {
 	smtpServer := net.JoinHostPort(emailConf.SMTPAddr, emailConf.SMTPPort)

 	if emailConf.User != "" && emailConf.Password != "" {
-		err = e.send(
-			smtpServer,
-			smtp.PlainAuth(
-				"",
-				emailConf.User,
-				emailConf.Password,
-				emailConf.SMTPAddr,
-			),
-			emailConf.From,
-			mailAddresses,
-			[]byte(message),
-		)
-		if err != nil {
-			return xerrors.Errorf("Failed to send emails: %w", err)
+		switch emailConf.SMTPPort {
+		case "465":
+			err := smtps(emailConf, message)
+			if err != nil {
+				return xerrors.Errorf("Failed to send emails: %w", err)
+			}
+		default:
+			err = e.send(
+				smtpServer,
+				smtp.PlainAuth(
+					"",
+					emailConf.User,
+					emailConf.Password,
+					emailConf.SMTPAddr,
+				),
+				emailConf.From,
+				mailAddresses,
+				[]byte(message),
+			)
+			if err != nil {
+				return xerrors.Errorf("Failed to send emails: %w", err)
+			}
 		}
 		return nil
 	}
--- a/report/report.go
+++ b/report/report.go
@@ -44,6 +44,7 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode
 	var filledResults []models.ScanResult
 	reportedAt := time.Now()
 	hostname, _ := os.Hostname()
+	wpVulnCaches := map[string]string{}
 	for _, r := range rs {
 		if c.Conf.RefreshCve || needToRefreshCve(r) {
 			if ovalSupported(&r) {
@@ -83,7 +84,7 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode
 			// Integrations
 			githubInts := GithubSecurityAlerts(c.Conf.Servers[r.ServerName].GitHubRepos)

-			wpOpt := WordPressOption{c.Conf.Servers[r.ServerName].WordPress.WPVulnDBToken}
+			wpOpt := WordPressOption{c.Conf.Servers[r.ServerName].WordPress.WPVulnDBToken, &wpVulnCaches}

 			if err := FillCveInfo(dbclient,
 				&r,
@@ -429,14 +430,15 @@ func (g GithubSecurityAlertOption) apply(r *models.ScanResult, ints *integration

 // WordPressOption :
 type WordPressOption struct {
-	token string
+	token        string
+	wpVulnCaches *map[string]string
 }

 func (g WordPressOption) apply(r *models.ScanResult, ints *integrationResults) (err error) {
 	if g.token == "" {
 		return nil
 	}
-	n, err := wordpress.FillWordPress(r, g.token)
+	n, err := wordpress.FillWordPress(r, g.token, g.wpVulnCaches)
 	if err != nil {
 		return xerrors.Errorf("Failed to fetch from WPVulnDB. Check the WPVulnDBToken in config.toml. err: %w", err)
 	}
--- a/report/tui.go
+++ b/report/tui.go
@@ -745,7 +745,7 @@ func setChangelogLayout(g *gocui.Gui) error {
 		}

 		for _, l := range vinfo.LibraryFixedIns {
-			libs := r.LibraryScanners.Find(l.Name)
+			libs := r.LibraryScanners.Find(l.Path, l.Name)
 			for path, lib := range libs {
 				lines = append(lines, fmt.Sprintf("%s-%s, FixedIn: %s (%s)",
 					lib.Name, lib.Version, l.FixedIn, path))
--- a/report/util.go
+++ b/report/util.go
@@ -292,7 +292,7 @@ No CVE-IDs are found in updatable packages.
 		}

 		for _, l := range vuln.LibraryFixedIns {
-			libs := r.LibraryScanners.Find(l.Name)
+			libs := r.LibraryScanners.Find(l.Path, l.Name)
 			for path, lib := range libs {
 				data = append(data, []string{l.Key,
 					fmt.Sprintf("%s-%s, FixedIn: %s (%s)",
@@ -515,6 +515,10 @@ func getDiffCves(previous, current models.ScanResult) models.VulnInfos {
 		}
 	}

+	if len(updated) == 0 {
+		util.Log.Infof("%s: There are %d vulnerabilities, but no difference between current result and previous one.", current.FormatServerName(), len(current.ScannedCves))
+	}
+
 	for cveID, vuln := range new {
 		updated[cveID] = vuln
 	}
--- a/scan/base.go
+++ b/scan/base.go
@@ -5,12 +5,12 @@ import (
 	"encoding/json"
 	"fmt"
 	"net"
+	"os"
 	"regexp"
 	"strings"
 	"time"

 	"github.com/aquasecurity/fanal/analyzer"
-	"github.com/aquasecurity/fanal/extractor"

 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
@@ -534,8 +534,7 @@ func (l *base) scanLibraries() (err error) {
 		return nil
 	}

-	libFilemap := extractor.FileMap{}
-
+	libFilemap := map[string][]byte{}
 	detectFiles := l.ServerInfo.Lockfiles

 	// auto detect lockfile
@@ -571,17 +570,31 @@ func (l *base) scanLibraries() (err error) {
 		libFilemap[path] = []byte(r.Stdout)
 	}

-	results, err := analyzer.GetLibraries(libFilemap)
-	if err != nil {
-		return xerrors.Errorf("Failed to get libs: %w", err)
-	}
-	l.LibraryScanners, err = convertLibWithScanner(results)
-	if err != nil {
-		return xerrors.Errorf("Failed to scan libraries: %w", err)
+	for path, b := range libFilemap {
+		res, err := analyzer.AnalyzeFile(path, &DummyFileInfo{}, func() ([]byte, error) {
+			return b, nil
+		})
+		if err != nil {
+			return xerrors.Errorf("Failed to get libs: %w", err)
+		}
+		libscan, err := convertLibWithScanner(res.Applications)
+		if err != nil {
+			return xerrors.Errorf("Failed to scan libraries: %w", err)
+		}
+		l.LibraryScanners = append(l.LibraryScanners, libscan...)
 	}
 	return nil
 }

+type DummyFileInfo struct{}
+
+func (d *DummyFileInfo) Name() string       { return "dummy" }
+func (d *DummyFileInfo) Size() int64        { return 0 }
+func (d *DummyFileInfo) Mode() os.FileMode  { return 0 }
+func (d *DummyFileInfo) ModTime() time.Time { return time.Now() }
+func (d *DummyFileInfo) IsDir() bool        { return false }
+func (d *DummyFileInfo) Sys() interface{}   { return nil }
+
 func (l *base) scanWordPress() (err error) {
 	wpOpts := []string{l.ServerInfo.WordPress.OSUser,
 		l.ServerInfo.WordPress.DocRoot,
--- a/scan/executil.go
+++ b/scan/executil.go
@@ -260,7 +260,9 @@ func sshExecExternal(c conf.ServerInfo, cmd string, sudo bool) (result execResul

 	defaultSSHArgs := []string{"-tt"}

-	if !conf.Conf.SSHConfig {
+	if 0 < len(c.SSHConfigPath) {
+		defaultSSHArgs = append(defaultSSHArgs, "-F", c.SSHConfigPath)
+	} else {
 		home, err := homedir.Dir()
 		if err != nil {
 			msg := fmt.Sprintf("Failed to get HOME directory: %s", err)
@@ -285,6 +287,10 @@ func sshExecExternal(c conf.ServerInfo, cmd string, sudo bool) (result execResul
 		defaultSSHArgs = append(defaultSSHArgs, "-vvv")
 	}

+	if len(c.JumpServer) != 0 {
+		defaultSSHArgs = append(defaultSSHArgs, "-J", strings.Join(c.JumpServer, ","))
+	}
+
 	args := append(defaultSSHArgs, fmt.Sprintf("%s@%s", c.User, c.Host))
 	args = append(args, "-p", c.Port)
 	if 0 < len(c.KeyPath) {
--- a/server/server.go
+++ b/server/server.go
@@ -62,6 +62,12 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	// set ReportedAt to current time when it's set to the epoch, ensures that ReportedAt will be set
+	// properly for scans sent to vuls when running in server mode
+	if result.ReportedAt.IsZero() {
+		result.ReportedAt = time.Now()
+	}
+
 	// report
 	reports := []report.ResultWriter{
 		report.HTTPResponseWriter{Writer: w},
--- a/wordpress/wordpress.go
+++ b/wordpress/wordpress.go
@@ -48,20 +48,28 @@ type References struct {

 // FillWordPress access to wpvulndb and fetch scurity alerts and then set to the given ScanResult.
 // https://wpvulndb.com/
-func FillWordPress(r *models.ScanResult, token string) (int, error) {
+func FillWordPress(r *models.ScanResult, token string, wpVulnCaches *map[string]string) (int, error) {
 	// Core
 	ver := strings.Replace(r.WordPressPackages.CoreVersion(), ".", "", -1)
 	if ver == "" {
 		return 0, xerrors.New("Failed to get WordPress core version")
 	}
-	url := fmt.Sprintf("https://wpvulndb.com/api/v3/wordpresses/%s", ver)
-	body, err := httpRequest(url, token)
-	if err != nil {
-		return 0, err
-	}
-	if body == "" {
-		util.Log.Warnf("A result of REST access is empty: %s", url)
+
+	body, ok := searchCache(ver, wpVulnCaches)
+	if !ok {
+		url := fmt.Sprintf("https://wpvulndb.com/api/v3/wordpresses/%s", ver)
+		var err error
+		body, err = httpRequest(url, token)
+		if err != nil {
+			return 0, err
+		}
+		if body == "" {
+			util.Log.Warnf("A result of REST access is empty: %s", url)
+		}
+
+		(*wpVulnCaches)[ver] = body
 	}
+
 	wpVinfos, err := convertToVinfos(models.WPCore, body)
 	if err != nil {
 		return 0, err
@@ -77,11 +85,17 @@ func FillWordPress(r *models.ScanResult, token string) (int, error) {

 	// Themes
 	for _, p := range themes {
-		url := fmt.Sprintf("https://wpvulndb.com/api/v3/themes/%s", p.Name)
-		body, err := httpRequest(url, token)
-		if err != nil {
-			return 0, err
+		body, ok := searchCache(p.Name, wpVulnCaches)
+		if !ok {
+			url := fmt.Sprintf("https://wpvulndb.com/api/v3/themes/%s", p.Name)
+			var err error
+			body, err = httpRequest(url, token)
+			if err != nil {
+				return 0, err
+			}
+			(*wpVulnCaches)[p.Name] = body
 		}
+
 		if body == "" {
 			continue
 		}
@@ -113,11 +127,17 @@ func FillWordPress(r *models.ScanResult, token string) (int, error) {

 	// Plugins
 	for _, p := range plugins {
-		url := fmt.Sprintf("https://wpvulndb.com/api/v3/plugins/%s", p.Name)
-		body, err := httpRequest(url, token)
-		if err != nil {
-			return 0, err
+		body, ok := searchCache(p.Name, wpVulnCaches)
+		if !ok {
+			url := fmt.Sprintf("https://wpvulndb.com/api/v3/plugins/%s", p.Name)
+			var err error
+			body, err = httpRequest(url, token)
+			if err != nil {
+				return 0, err
+			}
+			(*wpVulnCaches)[p.Name] = body
 		}
+
 		if body == "" {
 			continue
 		}
@@ -277,3 +297,11 @@ func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPac
 	}
 	return removed
 }
+
+func searchCache(name string, wpVulnCaches *map[string]string) (string, bool) {
+	value, ok := (*wpVulnCaches)[name]
+	if ok {
+		return value, true
+	}
+	return "", false
+}
--- a/wordpress/wordpress_test.go
+++ b/wordpress/wordpress_test.go
@@ -79,3 +79,52 @@ func TestRemoveInactive(t *testing.T) {
 		}
 	}
 }
+
+func TestSearchCache(t *testing.T) {
+
+	var tests = []struct {
+		name        string
+		wpVulnCache map[string]string
+		value       string
+		ok          bool
+	}{
+		{
+			name: "akismet",
+			wpVulnCache: map[string]string{
+				"akismet": "body",
+			},
+			value: "body",
+			ok:    true,
+		},
+		{
+			name: "akismet",
+			wpVulnCache: map[string]string{
+				"BackWPup": "body",
+				"akismet":  "body",
+			},
+			value: "body",
+			ok:    true,
+		},
+		{
+			name: "akismet",
+			wpVulnCache: map[string]string{
+				"BackWPup": "body",
+			},
+			value: "",
+			ok:    false,
+		},
+		{
+			name:        "akismet",
+			wpVulnCache: nil,
+			value:       "",
+			ok:          false,
+		},
+	}
+
+	for i, tt := range tests {
+		value, ok := searchCache(tt.name, &tt.wpVulnCache)
+		if value != tt.value || ok != tt.ok {
+			t.Errorf("[%d] searchCache error ", i)
+		}
+	}
+}
Author	SHA1	Message	Date
sadayuki-matsuno	89f49b0e29	Fix trivy parser test (#1014 ) * fix trivy parser test * fixed parser data	2020-06-24 17:14:43 +09:00
Kota Kanbe	72457cbf8e	bump up version	2020-06-24 10:57:39 +09:00
Kota Kanbe	c11ba27509	fix(libscan): include a lockfile path of libs (#1012 )	2020-06-24 10:46:00 +09:00
segatomo	8a611f9ba6	add diff-mode info (#1008 )	2020-06-19 16:07:14 +09:00
Kota Kanbe	4a73875e4d	bump up version (#1007 )	2020-06-17 12:21:26 +09:00
shopper	d9d5e612ff	Support ProxyJump option when using ssh command (#1004 ) * Add proxyjump func * Run go mod tidy * Run make fmt	2020-06-17 12:15:12 +09:00
Kota Kanbe	4d8599e4fc	update deps (#1006 ) see https://github.com/knqyf263/go-apk-version/pull/1	2020-06-16 07:48:07 +09:00
Norihiro NAKAOKA	59c7061d29	Fix SSH failure due to .ssh/config owner (#1005 ) * use -F option, success configtest and scan * add sshConfigPath in config.toml * Use sshConfigPath in config.toml when using ssh -F * change -ssh-config to deprecated * fix typo * add sshConfigPath in tomltemplate	2020-06-16 05:48:31 +09:00
segatomo	996557c667	support alpine3.11 (#1002 )	2020-06-12 13:42:11 +09:00
ahulab	519fb19a77	Added ReportedAt time for server mode reports (#996 ) - Fixes #928	2020-06-11 11:42:04 +09:00
kazuminn	36456cb151	feat(wordpress): Cache WpVulnDB (#989 ) * add wpVulnCache * fix bug * add test * fmt * fix bug * refactor * fix bug	2020-06-05 16:08:28 +09:00
sadayuki-matsuno	4ae87cc36c	Fix releaser (#988 ) * fix releaser * fix releaser * fix releaser * fix releaser * add 32 bit releaser and add exit code in cmd * delete 32 bit releaser * fix	2020-06-05 15:04:06 +09:00
shopper	b37df89fb1	Support SMTPS when using report -to-email (#991 ) * Add smtps func * Add SMTPS implementation * fix error message	2020-06-05 14:42:01 +09:00