mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-23 07:29:00 -08:00
44656f2853
* refactor: replace string with defined types Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: add gci Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(purl): not confuse trivy type with purl type Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: fix cyclonedx fixture Signed-off-by: knqyf263 <knqyf263@gmail.com> * fix(template): cast TargetType to string Signed-off-by: knqyf263 <knqyf263@gmail.com> * chore: bump TinyGo to v0.29.0 Signed-off-by: knqyf263 <knqyf263@gmail.com> * test: change license to licence Signed-off-by: knqyf263 <knqyf263@gmail.com> * use `analyzer.TypeGoMod` for gomod analyzer * ignore `licence` for misspell linter --------- Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
43 lines
1.1 KiB
Go
43 lines
1.1 KiB
Go
package library
|
|
|
|
import (
|
|
"golang.org/x/xerrors"
|
|
|
|
ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
|
|
"github.com/aquasecurity/trivy/pkg/types"
|
|
)
|
|
|
|
// Detect scans and returns vulnerabilities of library
|
|
func Detect(libType ftypes.LangType, pkgs []ftypes.Package) ([]types.DetectedVulnerability, error) {
|
|
driver, ok := NewDriver(libType)
|
|
if !ok {
|
|
return nil, nil
|
|
}
|
|
|
|
vulns, err := detect(driver, pkgs)
|
|
if err != nil {
|
|
return nil, xerrors.Errorf("failed to scan %s vulnerabilities: %w", driver.Type(), err)
|
|
}
|
|
|
|
return vulns, nil
|
|
}
|
|
|
|
func detect(driver Driver, libs []ftypes.Package) ([]types.DetectedVulnerability, error) {
|
|
var vulnerabilities []types.DetectedVulnerability
|
|
for _, lib := range libs {
|
|
vulns, err := driver.DetectVulnerabilities(lib.ID, lib.Name, lib.Version)
|
|
if err != nil {
|
|
return nil, xerrors.Errorf("failed to detect %s vulnerabilities: %w", driver.Type(), err)
|
|
}
|
|
|
|
for i := range vulns {
|
|
vulns[i].Layer = lib.Layer
|
|
vulns[i].PkgPath = lib.FilePath
|
|
vulns[i].PkgRef = lib.Ref
|
|
}
|
|
vulnerabilities = append(vulnerabilities, vulns...)
|
|
}
|
|
|
|
return vulnerabilities, nil
|
|
}
|