gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 07:10:41 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
cf9d00dfc2809a2e54ecbbeabe31adb55502fff9
trivy/analyzer/library/composer/composer.go
Teppei Fukuda cf9d00dfc2 feat(library): ignore files under vendor dir (fanal#44)
2019-10-31 12:25:12 +02:00

44 lines
1.1 KiB
Go
Raw Blame History

package composer
import (
"bytes"
"path/filepath"
"github.com/aquasecurity/fanal/analyzer"
"github.com/aquasecurity/fanal/extractor"
"github.com/aquasecurity/fanal/utils"
"github.com/aquasecurity/go-dep-parser/pkg/composer"
"github.com/aquasecurity/go-dep-parser/pkg/types"
"golang.org/x/xerrors"
)
func init() {
analyzer.RegisterLibraryAnalyzer(&composerLibraryAnalyzer{})
}
type composerLibraryAnalyzer struct{}
func (a composerLibraryAnalyzer) Analyze(fileMap extractor.FileMap) (map[analyzer.FilePath][]types.Library, error) {
libMap := map[analyzer.FilePath][]types.Library{}
requiredFiles := a.RequiredFiles()
for filename, content := range fileMap {
basename := filepath.Base(filename)
if !utils.StringInSlice(basename, requiredFiles) {
continue
}
r := bytes.NewBuffer(content)
libs, err := composer.Parse(r)
if err != nil {
return nil, xerrors.Errorf("invalid composer.lock format: %w", err)
}
libMap[analyzer.FilePath(filename)] = libs
}
return libMap, nil
}
func (a composerLibraryAnalyzer) RequiredFiles() []string {
return []string{"composer.lock"}
}
Reference in New Issue View Git Blame Copy Permalink