Skip to content

Commit

Permalink
bump grype dev branch
Browse files Browse the repository at this point in the history
Signed-off-by: Alex Goodman <[email protected]>
  • Loading branch information
wagoodman committed Nov 26, 2024
1 parent 0b07ef5 commit 623b0e1
Show file tree
Hide file tree
Showing 8 changed files with 58 additions and 87 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ require (
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d
github.com/adrg/xdg v0.5.3
github.com/anchore/go-logger v0.0.0-20230725134548-c21dafa1ec5a
github.com/anchore/grype v0.85.1-0.20241121181803-ba4a2b41b64f
github.com/anchore/grype v0.85.1-0.20241126174746-de1008de96fd
github.com/anchore/syft v1.17.0
github.com/araddon/dateparse v0.0.0-20210429162001-6b43995a97de
github.com/dave/jennifer v1.7.1
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -252,8 +252,8 @@ github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 h1:VzprUTpc0v
github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04/go.mod h1:6dK64g27Qi1qGQZ67gFmBFvEHScy0/C8qhQhNe5B5pQ=
github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4 h1:rmZG77uXgE+o2gozGEBoUMpX27lsku+xrMwlmBZJtbg=
github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E=
github.com/anchore/grype v0.85.1-0.20241121181803-ba4a2b41b64f h1:U6dG0KfDU4SECpo4ix74Ci5XugRXbkU7ntp5K07+OQQ=
github.com/anchore/grype v0.85.1-0.20241121181803-ba4a2b41b64f/go.mod h1:8+byyl7POwrm6D/rya93DIZ70+vnWLVe+nSBmQ/wnoc=
github.com/anchore/grype v0.85.1-0.20241126174746-de1008de96fd h1:sPMrJVdj23eBLk3LNYMfE9oUUo+OCwIknXOVGSRxuXU=
github.com/anchore/grype v0.85.1-0.20241126174746-de1008de96fd/go.mod h1:8+byyl7POwrm6D/rya93DIZ70+vnWLVe+nSBmQ/wnoc=
github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f h1:dAQPIrQ3a5PBqZeZ+B9NGZsGmodk4NO9OjDIsQmQyQM=
github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f/go.mod h1:KoYIv7tdP5+CC9VGkeZV4/vGCKsY55VvoG+5dadg4YI=
github.com/anchore/stereoscope v0.0.9 h1:rLhYWe/CXhDq/UCUWQ3U5xtpGk4RFnssKaM0bHhs5us=
Expand Down
3 changes: 1 addition & 2 deletions pkg/process/v6/transformers/github/transform.go
Original file line number Diff line number Diff line change
Expand Up @@ -205,8 +205,7 @@ func getReferences(vulnerability unmarshal.GitHubAdvisory) []grypeDB.Reference {
// https://github.com/anchore/vunnel/issues/646 to capture this
refs := []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: vulnerability.Advisory.URL,
URL: vulnerability.Advisory.URL,
},
}

Expand Down
21 changes: 7 additions & 14 deletions pkg/process/v6/transformers/github/transform_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,8 +91,7 @@ func TestGetVulnerability(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://github.com/advisories/GHSA-2wgc-48g2-cj5w",
URL: "https://github.com/advisories/GHSA-2wgc-48g2-cj5w",
},
},
Aliases: []string{"CVE-2024-21653"},
Expand Down Expand Up @@ -129,8 +128,7 @@ func TestGetVulnerability(t *testing.T) {
Status: grypeDB.VulnerabilityRejected,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://github.com/advisories/GHSA-3x74-v64j-qc3f",
URL: "https://github.com/advisories/GHSA-3x74-v64j-qc3f",
},
},
Aliases: []string{"CVE-2023-30179"},
Expand Down Expand Up @@ -167,8 +165,7 @@ func TestGetVulnerability(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://github.com/advisories/GHSA-vc9j-fhvv-8vrf",
URL: "https://github.com/advisories/GHSA-vc9j-fhvv-8vrf",
},
},
Aliases: []string{"CVE-2020-14000"},
Expand Down Expand Up @@ -202,8 +199,7 @@ func TestGetVulnerability(t *testing.T) {
Description: "Low severity vulnerability that affects notebook",
References: []grypeDB.Reference{
{
URL: "https://github.com/advisories/GHSA-6cwv-x26c-w2q4",
Tags: []string{"advisory"},
URL: "https://github.com/advisories/GHSA-6cwv-x26c-w2q4",
},
},

Expand All @@ -226,8 +222,7 @@ func TestGetVulnerability(t *testing.T) {
Description: "Moderate severity vulnerability that affects Plone",
References: []grypeDB.Reference{
{
URL: "https://github.com/advisories/GHSA-p5wr-vp8g-q5p4",
Tags: []string{"advisory"},
URL: "https://github.com/advisories/GHSA-p5wr-vp8g-q5p4",
},
},
Aliases: []string{"CVE-2017-5524"},
Expand Down Expand Up @@ -256,8 +251,7 @@ func TestGetVulnerability(t *testing.T) {
Status: grypeDB.VulnerabilityRejected,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://github.com/advisories/GHSA-6cwv-x26c-w2q4",
URL: "https://github.com/advisories/GHSA-6cwv-x26c-w2q4",
},
},
Aliases: []string{"CVE-2018-8768"},
Expand All @@ -283,8 +277,7 @@ func TestGetVulnerability(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://github.com/advisories/GHSA-p5wr-vp8g-q5p4",
URL: "https://github.com/advisories/GHSA-p5wr-vp8g-q5p4",
},
},
Aliases: []string{"CVE-2017-5524"},
Expand Down
3 changes: 1 addition & 2 deletions pkg/process/v6/transformers/nvd/transform.go
Original file line number Diff line number Diff line change
Expand Up @@ -284,8 +284,7 @@ func getSeverities(vuln unmarshal.NVDVulnerability) []grypeDB.Severity {
func getReferences(vuln unmarshal.NVDVulnerability) []grypeDB.Reference {
references := []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/" + vuln.ID,
URL: "https://nvd.nist.gov/vuln/detail/" + vuln.ID,
},
}
for _, reference := range vuln.References {
Expand Down
40 changes: 20 additions & 20 deletions pkg/process/v6/transformers/nvd/transform_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,8 +68,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-5487",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-5487",
},
{
URL: "https://security.netapp.com/advisory/ntap-20180523-0001/",
Expand Down Expand Up @@ -144,8 +144,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000222",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000222",
},
{
URL: "https://github.com/libgd/libgd/issues/447",
Expand Down Expand Up @@ -232,8 +232,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-10189",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-10189",
},
{
URL: "https://github.com/mautic/mautic/releases/tag/2.13.0",
Expand Down Expand Up @@ -315,8 +315,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2015-8978",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2015-8978",
},
{
URL: "http://cpansearch.perl.org/src/PHRED/SOAP-Lite-1.20/Changes",
Expand Down Expand Up @@ -374,8 +374,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2022-26488",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2022-26488",
},
{
URL: "https://mail.python.org/archives/list/[email protected]/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/",
Expand Down Expand Up @@ -481,8 +481,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2022-0543",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2022-0543",
},
{
URL: "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
Expand Down Expand Up @@ -576,8 +576,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729",
},
{
URL: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089",
Expand Down Expand Up @@ -667,8 +667,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-38733",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-38733",
},
{
URL: "https://exchange.xforce.ibmcloud.com/vulnerabilities/262293",
Expand Down Expand Up @@ -755,8 +755,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-45283",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-45283",
},
{
URL: "http://www.openwall.com/lists/oss-security/2023/12/05/2",
Expand Down Expand Up @@ -866,8 +866,8 @@ func TestTransform(t *testing.T) {
Status: grypeDB.VulnerabilityActive,
References: []grypeDB.Reference{
{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-45283",

URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-45283",
},
{
URL: "http://www.openwall.com/lists/oss-security/2023/12/05/2",
Expand Down
6 changes: 2 additions & 4 deletions pkg/process/v6/transformers/os/transform.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,8 +112,7 @@ func getFix(fixedInEntry unmarshal.OSFixedIn) *grypeDB.Fix {
var refs []grypeDB.Reference
for _, l := range linkOrder {
refs = append(refs, grypeDB.Reference{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: l,
URL: l,
})
}

Expand Down Expand Up @@ -306,8 +305,7 @@ func getReferences(vuln unmarshal.OSVulnerability) []grypeDB.Reference {
for _, l := range linkOrder {
refs = append(refs,
grypeDB.Reference{
Tags: []string{grypeDB.AdvisoryReferenceTag},
URL: l,
URL: l,
},
)
}
Expand Down
Loading

0 comments on commit 623b0e1

Please sign in to comment.