- Add Root.io documentation in others directory
- Update vulnerability scanner data sources to include Root.io
- Add Root.io to mkdocs navigation
- Update others index to include Root.io images
- Remove mock VulnSrc implementation
- Use real trivy-db rootio.VulnSrc
- Update go.mod to use trivy-db fork with Root.io support
- Fix FixedVersion field mapping to use PatchedVersions
- Fix empty error handling blocks in vulnsrc.go by properly returning errors
- Add missing newline at end of driver.go file
- Fix import order in provider_test.go as flagged by linter
- All lint checks now pass with 0 issues
- Fix Alpine Root.io pattern from 'roo7' to '-r\d007\d' (e.g., -r10071, -r20072)
- Change Debian/Ubuntu pattern from 'root.io' to '.root.io' using regex
- Unify pattern matching using single hasPackageWithPattern function with precompiled regex
- Simplify tests to only test public Provider function using rootio_test package
- Remove redundant private function tests as requested
- Fix import sorting in test file
- Simplify Scanner struct by removing baseOS field (only used in NewScanner)
- Add logger field with Root.io prefix for better debugging
- Improve constraint checking logic to use VulnerableVersions array
- Update isVulnerable method to handle constraint-based vulnerability detection
- Add proper error handling and logging in constraint validation
- Enhance comments and documentation
- Add realistic mockVulnSrc that integrates with existing OS-specific VulnSrc implementations
- Fetch advisories from original distributors (Debian, Ubuntu, Alpine)
- Transform fixed versions to constraint format (VulnerableVersions, PatchedVersions)
- Merge advisories from base OS and Root.io sources
- Use actual trivy-db components for more realistic behavior
- Add version constraint library supporting 5 operators (>, <, >=, <=, ==, !=)
- Implement DriverProvider pattern for dynamic driver selection
- Add Root.io environment detection based on package version suffixes
- Support Debian/Ubuntu (root.io suffix) and Alpine (roo7 suffix)
- Add constraint-based vulnerability detection using version ranges
- Include comprehensive tests for all components
- Add constraint.go with support for 5 operators (>, <, >=, <=, ==, !=)
- Add compare.go with DEBComparer and APKComparer implementations
- Support both comma and space separated constraints
- Return errors for empty constraints/versions for security
- Comprehensive test coverage with version_test package
- All linter issues resolved
