skip scan composer.lock in vendor dir (fanal#34)

analyzer/library/composer/composer.go

@@ -3,6 +3,7 @@ package composer
 import (
 	"bytes"
 	"path/filepath"
+	"strings"
 
 	"github.com/aquasecurity/fanal/analyzer"
 	"github.com/aquasecurity/fanal/extractor"
@@ -28,6 +29,11 @@ func (a composerLibraryAnalyzer) Analyze(fileMap extractor.FileMap) (map[analyze
 			continue
 		}
 
+		// skip analyze files which in dependency folder
+		if utils.StringInSlice(utils.COMPOSER_DEP_DIR, strings.Split(filename, utils.PathSeparator)) {
+			continue
+		}
+
 		r := bytes.NewBuffer(content)
 		libs, err := composer.Parse(r)
 		if err != nil {

utils/utils.go

@@ -7,8 +7,9 @@ import (
 )
 
 var (
-	NODE_DEP_DIR  = "node_modules"
+	NODE_DEP_DIR     = "node_modules"
-	PathSeparator = fmt.Sprintf("%c", os.PathSeparator)
+	COMPOSER_DEP_DIR = "vendor"
+	PathSeparator    = fmt.Sprintf("%c", os.PathSeparator)
 )
 
 func CacheDir() string {