feat(lang-pkg): add data sources (#1625)

2025-12-22 07:10:41 -08:00 · 2022-01-27 14:22:06 +02:00
parent a31ddbe971
commit 50bb938a21
26 changed files with 176 additions and 99 deletions
--- a/pkg/detector/library/driver_test.go
+++ b/pkg/detector/library/driver_test.go
@@ -8,6 +8,7 @@ import (

 	ftypes "github.com/aquasecurity/fanal/types"
 	"github.com/aquasecurity/trivy-db/pkg/db"
+	dbTypes "github.com/aquasecurity/trivy-db/pkg/types"
 	"github.com/aquasecurity/trivy/pkg/dbtest"
 	"github.com/aquasecurity/trivy/pkg/detector/library"
 	"github.com/aquasecurity/trivy/pkg/types"
@@ -27,9 +28,12 @@ func TestDriver_Detect(t *testing.T) {
 		wantErr  string
 	}{
 		{
-			name:     "happy path",
-			fixtures: []string{"testdata/fixtures/php.yaml"},
-			libType:  ftypes.Composer,
+			name: "happy path",
+			fixtures: []string{
+				"testdata/fixtures/php.yaml",
+				"testdata/fixtures/data-source.yaml",
+			},
+			libType: ftypes.Composer,
 			args: args{
 				pkgName: "symfony/symfony",
 				pkgVer:  "4.2.6",
@@ -40,6 +44,10 @@ func TestDriver_Detect(t *testing.T) {
 					PkgName:          "symfony/symfony",
 					InstalledVersion: "4.2.6",
 					FixedVersion:     "4.2.7",
+					DataSource: &dbTypes.DataSource{
+						Name: "GitLab Advisory Database Community",
+						URL:  "https://gitlab.com/gitlab-org/advisories-community",
+					},
 				},
 			},
 		},
@@ -61,9 +69,12 @@ func TestDriver_Detect(t *testing.T) {
 			},
 		},
 		{
-			name:     "no patched versions in the advisory",
-			fixtures: []string{"testdata/fixtures/php.yaml"},
-			libType:  ftypes.Composer,
+			name: "no patched versions in the advisory",
+			fixtures: []string{
+				"testdata/fixtures/php.yaml",
+				"testdata/fixtures/data-source.yaml",
+			},
+			libType: ftypes.Composer,
 			args: args{
 				pkgName: "symfony/symfony",
 				pkgVer:  "4.4.6",
@@ -74,13 +85,20 @@ func TestDriver_Detect(t *testing.T) {
 					PkgName:          "symfony/symfony",
 					InstalledVersion: "4.4.6",
 					FixedVersion:     "4.4.7",
+					DataSource: &dbTypes.DataSource{
+						Name: "PHP Security Advisories Database",
+						URL:  "https://github.com/FriendsOfPHP/security-advisories",
+					},
 				},
 			},
 		},
 		{
-			name:     "no vulnerable versions in the advisory",
-			fixtures: []string{"testdata/fixtures/ruby.yaml"},
-			libType:  ftypes.Bundler,
+			name: "no vulnerable versions in the advisory",
+			fixtures: []string{
+				"testdata/fixtures/ruby.yaml",
+				"testdata/fixtures/data-source.yaml",
+			},
+			libType: ftypes.Bundler,
 			args: args{
 				pkgName: "activesupport",
 				pkgVer:  "4.1.1",
@@ -91,6 +109,10 @@ func TestDriver_Detect(t *testing.T) {
 					PkgName:          "activesupport",
 					InstalledVersion: "4.1.1",
 					FixedVersion:     ">= 4.2.2, ~> 4.1.11",
+					DataSource: &dbTypes.DataSource{
+						Name: "Ruby Advisory Database",
+						URL:  "https://github.com/rubysec/ruby-advisory-db",
+					},
 				},
 			},
 		},