feat(misconf): Added fs.FS based scanning via latest defsec (#2084)

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2025-12-22 23:26:39 -08:00 · 2022-05-10 13:05:00 +01:00
parent fbb83c42d9
commit 5a58e41476
44 changed files with 516 additions and 2129 deletions
--- a/pkg/commands/operation/operation.go
+++ b/pkg/commands/operation/operation.go
@@ -15,7 +15,6 @@ import (
 	"github.com/aquasecurity/trivy/pkg/commands/option"
 	"github.com/aquasecurity/trivy/pkg/db"
 	"github.com/aquasecurity/trivy/pkg/log"
-	"github.com/aquasecurity/trivy/pkg/policy"
 	"github.com/aquasecurity/trivy/pkg/utils"
 )

@@ -123,40 +122,6 @@ func DownloadDB(appVersion, cacheDir, dbRepository string, quiet, skipUpdate boo
 	return nil
 }

-// InitBuiltinPolicies downloads the built-in policies and loads them
-func InitBuiltinPolicies(ctx context.Context, cacheDir string, quiet, skipUpdate bool) ([]string, error) {
-	client, err := policy.NewClient(cacheDir, quiet)
-	if err != nil {
-		return nil, xerrors.Errorf("policy client error: %w", err)
-	}
-
-	needsUpdate := false
-	if !skipUpdate {
-		needsUpdate, err = client.NeedsUpdate()
-		if err != nil {
-			return nil, xerrors.Errorf("unable to check if built-in policies need to be updated: %w", err)
-		}
-	}
-
-	if needsUpdate {
-		log.Logger.Info("Need to update the built-in policies")
-		log.Logger.Info("Downloading the built-in policies...")
-		if err = client.DownloadBuiltinPolicies(ctx); err != nil {
-			return nil, xerrors.Errorf("failed to download built-in policies: %w", err)
-		}
-	}
-
-	policyPaths, err := client.LoadBuiltinPolicies()
-	if err != nil {
-		if skipUpdate {
-			log.Logger.Info("No built-in policies were loaded")
-			return nil, nil
-		}
-		return nil, xerrors.Errorf("policy load error: %w", err)
-	}
-	return policyPaths, nil
-}
-
 func showDBInfo(cacheDir string) error {
 	m := metadata.NewClient(cacheDir)
 	meta, err := m.Get()