mirror of
https://github.com/anchore/grype
synced 2024-11-10 06:34:13 +00:00
chore: break assumption that syft cpe.CPE is wfn.Attributes (#1675)
* chore: break assumption that syft cpe.CPE is wfn.Attributes Previously, Syft's cpe.CPE type was an alias for wfn.Attributes. Fix a couple places where Grype's compilation depended on that fact, since it will stop being true in the next Syft release. Signed-off-by: Will Murphy <will.murphy@anchore.com> * chore: fix linter Signed-off-by: Will Murphy <will.murphy@anchore.com> --------- Signed-off-by: Will Murphy <will.murphy@anchore.com>
This commit is contained in:
William Murphy
GitHub
parent
636248daba
commit
73cb5f6647
3 changed files with 9 additions and 13 deletions
|
|
@ -1,6 +1,8 @@
|
||||||
package cpe
|
package cpe
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"github.com/facebookincubator/nvdtools/wfn"
|
||||||
|
|
||||||
"github.com/anchore/grype/internal/log"
|
"github.com/anchore/grype/internal/log"
|
||||||
"github.com/anchore/syft/syft/cpe"
|
"github.com/anchore/syft/syft/cpe"
|
||||||
)
|
)
|
||||||
|
|
@ -21,9 +23,10 @@ func NewSlice(cpeStrs ...string) ([]cpe.CPE, error) {
|
||||||
|
|
||||||
func MatchWithoutVersion(c cpe.CPE, candidates []cpe.CPE) []cpe.CPE {
|
func MatchWithoutVersion(c cpe.CPE, candidates []cpe.CPE) []cpe.CPE {
|
||||||
matches := make([]cpe.CPE, 0)
|
matches := make([]cpe.CPE, 0)
|
||||||
|
a := wfn.Attributes(c) // nolint:unconvert // TODO: remove nolint when syft upgrade in grype
|
||||||
for _, candidate := range candidates {
|
for _, candidate := range candidates {
|
||||||
canCopy := candidate
|
canCopy := wfn.Attributes(candidate) // nolint:unconvert // TODO: remove nolint when syft upgrade in grype
|
||||||
if c.MatchWithoutVersion(&canCopy) {
|
if a.MatchWithoutVersion(&canCopy) {
|
||||||
matches = append(matches, candidate)
|
matches = append(matches, candidate)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,6 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/facebookincubator/nvdtools/wfn"
|
|
||||||
"github.com/mitchellh/go-homedir"
|
"github.com/mitchellh/go-homedir"
|
||||||
|
|
||||||
"github.com/anchore/packageurl-go"
|
"github.com/anchore/packageurl-go"
|
||||||
|
|
@ -53,7 +52,7 @@ func decodePurlFile(reader io.Reader) ([]Package, error) {
|
||||||
return nil, fmt.Errorf("unable to decode purl %s: %w", rawLine, err)
|
return nil, fmt.Errorf("unable to decode purl %s: %w", rawLine, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
cpes := []wfn.Attributes{}
|
cpes := []cpe.CPE{}
|
||||||
epoch := "0"
|
epoch := "0"
|
||||||
for _, qualifier := range purl.Qualifiers {
|
for _, qualifier := range purl.Qualifiers {
|
||||||
if qualifier.Key == cpesQualifierKey {
|
if qualifier.Key == cpesQualifierKey {
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,6 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/facebookincubator/nvdtools/wfn"
|
|
||||||
"github.com/google/go-cmp/cmp"
|
"github.com/google/go-cmp/cmp"
|
||||||
"github.com/google/go-cmp/cmp/cmpopts"
|
"github.com/google/go-cmp/cmp/cmpopts"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
@ -23,6 +22,7 @@ import (
|
||||||
"github.com/anchore/stereoscope/pkg/imagetest"
|
"github.com/anchore/stereoscope/pkg/imagetest"
|
||||||
"github.com/anchore/syft/syft"
|
"github.com/anchore/syft/syft"
|
||||||
"github.com/anchore/syft/syft/cataloging/pkgcataloging"
|
"github.com/anchore/syft/syft/cataloging/pkgcataloging"
|
||||||
|
"github.com/anchore/syft/syft/cpe"
|
||||||
"github.com/anchore/syft/syft/linux"
|
"github.com/anchore/syft/syft/linux"
|
||||||
syftPkg "github.com/anchore/syft/syft/pkg"
|
syftPkg "github.com/anchore/syft/syft/pkg"
|
||||||
"github.com/anchore/syft/syft/source"
|
"github.com/anchore/syft/syft/source"
|
||||||
|
|
@ -142,7 +142,6 @@ func addPythonMatches(t *testing.T, theSource source.Source, catalog *syftPkg.Co
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
theResult.Add(match.Match{
|
theResult.Add(match.Match{
|
||||||
|
|
||||||
Vulnerability: *vulnObj,
|
Vulnerability: *vulnObj,
|
||||||
Package: thePkg,
|
Package: thePkg,
|
||||||
Details: []match.Detail{
|
Details: []match.Detail{
|
||||||
|
|
@ -183,7 +182,6 @@ func addDotnetMatches(t *testing.T, theSource source.Source, catalog *syftPkg.Co
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
theResult.Add(match.Match{
|
theResult.Add(match.Match{
|
||||||
|
|
||||||
Vulnerability: *vulnObj,
|
Vulnerability: *vulnObj,
|
||||||
Package: thePkg,
|
Package: thePkg,
|
||||||
Details: []match.Detail{
|
Details: []match.Detail{
|
||||||
|
|
@ -220,7 +218,6 @@ func addRubyMatches(t *testing.T, theSource source.Source, catalog *syftPkg.Coll
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
theResult.Add(match.Match{
|
theResult.Add(match.Match{
|
||||||
|
|
||||||
Vulnerability: *vulnObj,
|
Vulnerability: *vulnObj,
|
||||||
Package: thePkg,
|
Package: thePkg,
|
||||||
Details: []match.Detail{
|
Details: []match.Detail{
|
||||||
|
|
@ -363,7 +360,6 @@ func addDpkgMatches(t *testing.T, theSource source.Source, catalog *syftPkg.Coll
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
theResult.Add(match.Match{
|
theResult.Add(match.Match{
|
||||||
|
|
||||||
Vulnerability: *vulnObj,
|
Vulnerability: *vulnObj,
|
||||||
Package: thePkg,
|
Package: thePkg,
|
||||||
Details: []match.Detail{
|
Details: []match.Detail{
|
||||||
|
|
@ -442,7 +438,6 @@ func addRhelMatches(t *testing.T, theSource source.Source, catalog *syftPkg.Coll
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
theResult.Add(match.Match{
|
theResult.Add(match.Match{
|
||||||
|
|
||||||
Vulnerability: *vulnObj,
|
Vulnerability: *vulnObj,
|
||||||
Package: thePkg,
|
Package: thePkg,
|
||||||
Details: []match.Detail{
|
Details: []match.Detail{
|
||||||
|
|
@ -764,7 +759,6 @@ func TestMatchByImage(t *testing.T) {
|
||||||
|
|
||||||
t.Log(cmp.Diff(defs, obs))
|
t.Log(cmp.Diff(defs, obs))
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// testIgnoredMatches returns an list of ignored matches to test the vex
|
// testIgnoredMatches returns an list of ignored matches to test the vex
|
||||||
|
|
@ -783,7 +777,7 @@ func testIgnoredMatches() []match.IgnoredMatch {
|
||||||
Version: "0.9.9",
|
Version: "0.9.9",
|
||||||
Licenses: []string{"GPL-2.0-or-later"},
|
Licenses: []string{"GPL-2.0-or-later"},
|
||||||
Type: "apk",
|
Type: "apk",
|
||||||
CPEs: []wfn.Attributes{
|
CPEs: []cpe.CPE{
|
||||||
{
|
{
|
||||||
Part: "a",
|
Part: "a",
|
||||||
Vendor: "libvncserver",
|
Vendor: "libvncserver",
|
||||||
|
|
@ -858,7 +852,7 @@ func vexMatches(t *testing.T, ignoredMatches []match.IgnoredMatch, vexStatus vex
|
||||||
|
|
||||||
func assertMatches(t *testing.T, expected, actual []match.Match) {
|
func assertMatches(t *testing.T, expected, actual []match.Match) {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
var opts = []cmp.Option{
|
opts := []cmp.Option{
|
||||||
cmpopts.IgnoreFields(vulnerability.Vulnerability{}, "Constraint"),
|
cmpopts.IgnoreFields(vulnerability.Vulnerability{}, "Constraint"),
|
||||||
cmpopts.IgnoreFields(pkg.Package{}, "Locations"),
|
cmpopts.IgnoreFields(pkg.Package{}, "Locations"),
|
||||||
cmpopts.SortSlices(func(a, b match.Match) bool {
|
cmpopts.SortSlices(func(a, b match.Match) bool {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue