gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 07:10:41 -08:00
Code Issues Packages Projects Releases Wiki Activity

feat(vuln): remove duplicates in Fixed Version (#5596)

Browse Source 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
This commit is contained in:
Andrea Scarpino
2023-12-04 16:29:14 +00:00
committed by GitHub
parent 99c04c4383
commit a54d1e95fd
4 changed files with 55 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
pkg/detector/library/driver.go
View File

@@ -4,6 +4,7 @@ import (
"fmt" "fmt"
"strings" "strings"
"github.com/samber/lo"
"golang.org/x/xerrors" "golang.org/x/xerrors"
"github.com/aquasecurity/trivy-db/pkg/db" "github.com/aquasecurity/trivy-db/pkg/db"
@@ -136,7 +137,7 @@ func (d *Driver) DetectVulnerabilities(pkgID, pkgName, pkgVer string) ([]types.D
func createFixedVersions(advisory dbTypes.Advisory) string { func createFixedVersions(advisory dbTypes.Advisory) string {
if len(advisory.PatchedVersions) != 0 { if len(advisory.PatchedVersions) != 0 {
return strings.Join(advisory.PatchedVersions, ", ") return joinFixedVersions(advisory.PatchedVersions)
} }
var fixedVersions []string var fixedVersions []string
@@ -149,5 +150,9 @@ func createFixedVersions(advisory dbTypes.Advisory) string {
} }
} }
} }
return strings.Join(fixedVersions, ", ") return joinFixedVersions(fixedVersions)
}
func joinFixedVersions(fixedVersions []string) string {
return strings.Join(lo.Uniq(fixedVersions), ", ")
} }

25
pkg/detector/library/driver_test.go
View File

@@ -157,6 +157,31 @@ func TestDriver_Detect(t *testing.T) {
}, },
wantErr: "failed to unmarshal advisory JSON", wantErr: "failed to unmarshal advisory JSON",
}, },
{
name: "duplicated version in advisory",
fixtures: []string{
"testdata/fixtures/pip.yaml",
"testdata/fixtures/data-source.yaml",
},
libType: ftypes.PythonPkg,
args: args{
pkgName: "Django",
pkgVer: "4.2.1",
},
want: []types.DetectedVulnerability{
{
VulnerabilityID: "CVE-2023-36053",
PkgName: "Django",
InstalledVersion: "4.2.1",
FixedVersion: "4.2.3",
DataSource: &dbTypes.DataSource{
ID: vulnerability.GHSA,
Name: "GitHub Security Advisory Pip",
URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip",
},
},
},
},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {

5
pkg/detector/library/testdata/fixtures/data-source.yaml vendored
View File

@@ -20,3 +20,8 @@
ID: "ruby-advisory-db" ID: "ruby-advisory-db"
Name: "Ruby Advisory Database" Name: "Ruby Advisory Database"
URL: "https://github.com/rubysec/ruby-advisory-db" URL: "https://github.com/rubysec/ruby-advisory-db"
- key: "pip::GitHub Security Advisory Pip"
value:
ID: "ghsa"
Name: "GitHub Security Advisory Pip"
URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip"

18
pkg/detector/library/testdata/fixtures/pip.yaml vendored Normal file
View File

@@ -0,0 +1,18 @@
- bucket: "pip::GitHub Security Advisory Pip"
pairs:
- bucket: Django
pairs:
- key: CVE-2023-36053
value:
PatchedVersions:
- 4.2.3
VulnerableVersions:
- < 4.2.3
- bucket: django
pairs:
- key: CVE-2023-36053
value:
PatchedVersions:
- 4.2.3
VulnerableVersions:
- < 4.2.3