split vulnerability into index & metadata (#51)

2024-09-20 06:21:56 +00:00 · 2020-07-16 14:59:35 -04:00 · 2020-07-16 14:59:35 -04:00 · afb8597aa2
commit afb8597aa2
parent 12aeee3b92
9 changed files with 115 additions and 59 deletions
--- a/cmd/db_status.go
+++ b/cmd/db_status.go
@ -0,0 +1,43 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/anchore/vulnscan/vulnscan/db"
+
+	"github.com/spf13/cobra"
+)
+
+var statusCmd = &cobra.Command{
+	Use:   "status",
+	Short: "display database status",
+	Run: func(cmd *cobra.Command, args []string) {
+		os.Exit(runDbStatusCmd(cmd, args))
+	},
+}
+
+func init() {
+	dbCmd.AddCommand(statusCmd)
+}
+
+func runDbStatusCmd(_ *cobra.Command, _ []string) int {
+	dbCurator, err := db.NewCurator(appConfig.Db.ToCuratorConfig())
+	if err != nil {
+		log.Errorf("could not curate database: %w", err)
+		return 1
+	}
+
+	status := dbCurator.Status()
+	fmt.Println("Location: ", status.Location)
+	fmt.Println("Built: ", status.Age.String())
+	fmt.Println("Version: ", status.SchemaVersion)
+	fmt.Println("Constraint: ", status.SchemaConstraint)
+	if status.Err != nil {
+		fmt.Printf("Status: INVALID [%+v]\n", status.Err)
+	} else {
+		fmt.Println("Status: Valid")
+	}
+
+	return 0
+}
--- a/cmd/root.go
+++ b/cmd/root.go
@ -65,7 +65,7 @@ func runDefaultCmd(_ *cobra.Command, args []string) int {
 	log.Infof("Fetching image '%s'", userImageStr)
 	img, err := stereoscope.GetImage(userImageStr)
 	if err != nil {
-		log.Errorf("could not fetch image '%s': %w", userImageStr, err)
+		log.Errorf("could not fetch image '%s': %+v", userImageStr, err)
 		return 1
 	}
 	defer stereoscope.Cleanup()
@ -73,7 +73,7 @@ func runDefaultCmd(_ *cobra.Command, args []string) int {
 	log.Info("Cataloging image")
 	catalog, err := imgbom.CatalogImg(img, appConfig.ScopeOpt)
 	if err != nil {
-		log.Errorf("could not catalog image: %w", err)
+		log.Errorf("could not catalog image: %+v", err)
 		return 1
 	}

@ -86,7 +86,7 @@ func runDefaultCmd(_ *cobra.Command, args []string) int {

 	dbCurator, err := db.NewCurator(appConfig.Db.ToCuratorConfig())
 	if err != nil {
-		log.Errorf("could not curate database: %w", err)
+		log.Errorf("could not curate database: %+v", err)
 		return 1
 	}

@ -108,7 +108,7 @@ func runDefaultCmd(_ *cobra.Command, args []string) int {

 	store, err := dbCurator.GetStore()
 	if err != nil {
-		log.Errorf("failed to load vulnerability database: %w", err)
+		log.Errorf("failed to load vulnerability database: %+v", err)
 		return 1
 	}

@ -125,7 +125,7 @@ func runDefaultCmd(_ *cobra.Command, args []string) int {

 	err = presenter.GetPresenter(presenterType).Present(os.Stdout, catalog, results)
 	if err != nil {
-		log.Errorf("could not format catalog results: %w", err)
+		log.Errorf("could not format catalog results: %+v", err)
 		return 1
 	}

--- a/cmd/status.go
+++ b/cmd/status.go
@ -1,24 +0,0 @@
-package cmd
-
-import (
-	"os"
-
-	"github.com/spf13/cobra"
-)
-
-var statusCmd = &cobra.Command{
-	Use:   "status",
-	Short: "display general status",
-	Run: func(cmd *cobra.Command, args []string) {
-		os.Exit(runStatusCmd(cmd, args))
-	},
-}
-
-func init() {
-	rootCmd.AddCommand(statusCmd)
-}
-
-func runStatusCmd(cmd *cobra.Command, args []string) int {
-	log.Error("status command...")
-	return 0
-}
--- a/go.mod
+++ b/go.mod
@ -7,7 +7,7 @@ require (
 	github.com/anchore/go-testutils v0.0.0-20200624184116-66aa578126db
 	github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b
 	github.com/anchore/imgbom v0.0.0-20200713170720-e8d11eec6992
-	github.com/anchore/siren-db v0.0.0-20200713191036-498d64d91776
+	github.com/anchore/siren-db v0.0.0-20200716152335-9bc4580f72a1
 	github.com/anchore/stereoscope v0.0.0-20200706164556-7cf39d7f4639
 	github.com/hashicorp/go-getter v1.4.1
 	github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a
--- a/go.sum
+++ b/go.sum
@ -109,25 +109,16 @@ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuy
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
-github.com/anchore/go-testutils v0.0.0-20200520222037-edc2bf1864fe h1:YMXe4RA3qy4Ri5fmGQii/Gn+Pxv3oBfiS/LqzeOVuwo=
-github.com/anchore/go-testutils v0.0.0-20200520222037-edc2bf1864fe/go.mod h1:D3rc2L/q4Hcp9eeX6AIJH4Q+kPjOtJCFhG9za90j+nU=
 github.com/anchore/go-testutils v0.0.0-20200624184116-66aa578126db h1:LWKezJnFTFxNkZ4MzajVf+YWvJS0+7hwFr59u6SS7cw=
 github.com/anchore/go-testutils v0.0.0-20200624184116-66aa578126db/go.mod h1:D3rc2L/q4Hcp9eeX6AIJH4Q+kPjOtJCFhG9za90j+nU=
 github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZVsCYMrIZBpFxwV26CbsuoEh5muXD5I1Ods=
 github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E=
-github.com/anchore/imgbom v0.0.0-20200707130654-e040fc89309c h1:ZtIiV609jCuFiqau4E/0swy+3DlQ7ZFuYtOR0m/BXog=
-github.com/anchore/imgbom v0.0.0-20200707130654-e040fc89309c/go.mod h1:vrV+LfqB1bcBUPiyfN7ijw88nDs9ZZPaTMaegaw4DUQ=
-github.com/anchore/imgbom v0.0.0-20200709210529-ef8c2157725a h1:50nHqj6giq050OpHjntV6oqV2sZFDzBwoRAVfMjzURg=
-github.com/anchore/imgbom v0.0.0-20200709210529-ef8c2157725a/go.mod h1:vrV+LfqB1bcBUPiyfN7ijw88nDs9ZZPaTMaegaw4DUQ=
-github.com/anchore/imgbom v0.0.0-20200710114513-502e2afd06eb h1:6TLZSeDqLO3ZBYGIkeev/iTJd2Of0p6NLcifD46QRFo=
-github.com/anchore/imgbom v0.0.0-20200710114513-502e2afd06eb/go.mod h1:vrV+LfqB1bcBUPiyfN7ijw88nDs9ZZPaTMaegaw4DUQ=
 github.com/anchore/imgbom v0.0.0-20200713170720-e8d11eec6992 h1:ERVRoY8sKpccEbuV53NyG/frJzIZ4n4NyOhbSGGOMSs=
 github.com/anchore/imgbom v0.0.0-20200713170720-e8d11eec6992/go.mod h1:b7euhNKBz5ReqVtal47okqWXg4YPT2/aitoWyQsDFns=
-github.com/anchore/siren-db v0.0.0-20200713191036-498d64d91776 h1:NwYrzqPB1zVdtH7xJqqfpNnM0hTyGxtgiKjFF4SZ1Ho=
-github.com/anchore/siren-db v0.0.0-20200713191036-498d64d91776/go.mod h1:iH1dk3aHPzrq7Qc82IG2UDCi6IVDwn9ikgEnnGr3rqU=
+github.com/anchore/siren-db v0.0.0-20200716152335-9bc4580f72a1 h1:0EorIdCoVGD/Nv6zNfXduCubAixzZ/0VH6PGrK8xKug=
+github.com/anchore/siren-db v0.0.0-20200716152335-9bc4580f72a1/go.mod h1:kw/8/5C2Shyk5TzyaLZvwABulWJNtJbFo6FaQzeQEs0=
 github.com/anchore/stereoscope v0.0.0-20200520221116-025e07f1c93e h1:QBwtrM0MXi0z+GcHk3RoSyzaQ+CLgas0bC/uOd1P+PQ=
 github.com/anchore/stereoscope v0.0.0-20200520221116-025e07f1c93e/go.mod h1:bkyLl5VITnrmgErv4S1vDfVz/TGAZ5il6161IQo7w2g=
-github.com/anchore/stereoscope v0.0.0-20200624175800-ef5dbfb7cae4/go.mod h1:f4LZpPnN/5RpQnzcznDsYNeYavFCAW8CpbHN01G3Lh8=
 github.com/anchore/stereoscope v0.0.0-20200706164556-7cf39d7f4639 h1:J1oytkj+aBuACNF2whtEiVxRXIZ8zwT+EiPTqm/FvwA=
 github.com/anchore/stereoscope v0.0.0-20200706164556-7cf39d7f4639/go.mod h1:WntReQTI/I27FOQ87UgLVVzWgku6+ZsqfOTLxpIZFCs=
 github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
@ -212,6 +203,8 @@ github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/denisenkom/go-mssqldb v0.0.0-20191124224453-732737034ffd h1:83Wprp6ROGeiHFAP8WJdI2RoxALQYgdllERc3N5N2DM=
+github.com/denisenkom/go-mssqldb v0.0.0-20191124224453-732737034ffd/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 github.com/devigned/tab v0.1.1/go.mod h1:XG9mPq0dFghrYvoBF3xdRrJzSTX1b7IQrvaL9mzjeJY=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
@ -241,6 +234,8 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y=
+github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0=
 github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
@ -277,6 +272,7 @@ github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh
 github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
 github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
 github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
+github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gGcHOs=
 github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/go-test/deep v1.0.6 h1:UHSEyLZUwX9Qoi99vVwvewiMC8mM2bf7XEM2nqvzEn8=
@ -306,6 +302,8 @@ github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zV
 github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
 github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
+github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY=
+github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@ -470,6 +468,12 @@ github.com/jarcoal/httpmock v1.0.5/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT
 github.com/jingyugao/rowserrcheck v0.0.0-20191204022205-72ab7603b68a/go.mod h1:xRskid8CManxVta/ALEhJha/pweKBaVG6fWgc0yH25s=
 github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o=
 github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s=
+github.com/jinzhu/gorm v1.9.14 h1:Kg3ShyTPcM6nzVo148fRrcMO6MNKuqtOUwnzqMgVniM=
+github.com/jinzhu/gorm v1.9.14/go.mod h1:G3LB3wezTOWM2ITLzPxEXgSkOXAntiLHS7UdBefADcs=
+github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
+github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
+github.com/jinzhu/now v1.0.1 h1:HjfetcXq097iXP0uoPCdnM4Efp5/9MsM0/M+XOTeR3M=
+github.com/jinzhu/now v1.0.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/jirfag/go-printf-func-name v0.0.0-20191110105641-45db9963cdd3/go.mod h1:HEWGJkRDzjJY2sqdDwxccsGicWEf9BQOZsq2tV+xzM0=
 github.com/jirfag/go-printf-func-name v0.0.0-20200119135958-7558a9eaa5af/go.mod h1:HEWGJkRDzjJY2sqdDwxccsGicWEf9BQOZsq2tV+xzM0=
 github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
@ -523,6 +527,7 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.2.0 h1:LXpIM/LZ5xGFhOpXAQUIMM1HdyqzVYM13zNdjCEEcA0=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/logrusorgru/aurora v0.0.0-20181002194514-a7b3b318ed4e/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4=
 github.com/logrusorgru/aurora v0.0.0-20200102142835-e9ef32dff381 h1:bqDmpDG49ZRnB5PcgP0RXtQvnMSgIF14M7CBd2shtXs=
@ -825,6 +830,7 @@ golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnf
 golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190228161510-8dd112bcdc25/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@ -832,6 +838,7 @@ golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191002192127-34f69633bfdc/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20191205180655-e7c4368fe9dd/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 h1:cg5LA/zNPRzIXIWSCxQW10Rvpy94aQh3LT/ShoCpkHw=
--- a/internal/file/hasher.go
+++ b/internal/file/hasher.go
@ -11,23 +11,25 @@ import (
 	"github.com/spf13/afero"
 )

-func ValidateByHash(fs afero.Fs, path, hashStr string) (bool, error) {
+func ValidateByHash(fs afero.Fs, path, hashStr string) (bool, string, error) {
 	var hasher hash.Hash
+	var hashFn string
 	switch {
 	case strings.HasPrefix(hashStr, "sha256:"):
+		hashFn = "sha256"
 		hasher = sha256.New()
 	default:
-		return false, fmt.Errorf("hasher not supported or specified (given: %s)", hashStr)
+		return false, "", fmt.Errorf("hasher not supported or specified (given: %s)", hashStr)
 	}

 	hashNoPrefix := strings.Split(hashStr, ":")[1]

 	actualHash, err := HashFile(fs, path, hasher)
 	if err != nil {
-		return false, err
+		return false, "", err
 	}

-	return actualHash == hashNoPrefix, nil
+	return actualHash == hashNoPrefix, hashFn + ":" + actualHash, nil
 }

 func HashFile(fs afero.Fs, path string, hasher hash.Hash) (string, error) {
--- a/vulnscan/constants.go
+++ b/vulnscan/constants.go
@ -2,3 +2,4 @@ package vulnscan

 // note: must be a single word, all lowercase
 const LibraryName = "vulnscan"
+const DbSchemaConstraint = ">= 1.0.0, < 2.0.0"
--- a/vulnscan/db/curator.go
+++ b/vulnscan/db/curator.go
@ -9,15 +9,15 @@ import (
 	"github.com/anchore/go-version"
 	"github.com/anchore/siren-db/pkg/curation"
 	"github.com/anchore/siren-db/pkg/db"
-	"github.com/anchore/siren-db/pkg/store/sqlite"
+	"github.com/anchore/siren-db/pkg/store"
 	"github.com/anchore/vulnscan/internal/file"
 	"github.com/anchore/vulnscan/internal/log"
+	"github.com/anchore/vulnscan/vulnscan"
 	"github.com/spf13/afero"
 )

 const (
-	supportedVersion = "<1.0.0"
-	FileName         = db.StoreFileName
+	FileName = db.VulnerabilityStoreFileName
 )

 type Config struct {
@ -33,9 +33,9 @@ type Curator struct {
 }

 func NewCurator(cfg Config) (Curator, error) {
-	constraint, err := version.NewConstraint(supportedVersion)
+	constraint, err := version.NewConstraint(vulnscan.DbSchemaConstraint)
 	if err != nil {
-		return Curator{}, fmt.Errorf("unable to set DB curator version constraint (%s): %w", supportedVersion, err)
+		return Curator{}, fmt.Errorf("unable to set DB curator version constraint (%s): %w", vulnscan.DbSchemaConstraint, err)
 	}

 	return Curator{
@ -53,15 +53,31 @@ func (c *Curator) GetStore() (db.VulnerabilityStoreReader, error) {
 		return nil, fmt.Errorf("vulnerability database is corrupt (run db update to correct): %+v", err)
 	}

-	// provide an abstraction for the underlying store
-	connectOptions := sqlite.Options{
-		FilePath: path.Join(c.config.DbDir, FileName),
-	}
-	store, _, err := sqlite.NewStore(&connectOptions)
+	dbPath := path.Join(c.config.DbDir, FileName)
+	s, _, err := store.LoadCurrent(dbPath, false)
+	return s, err
+}
+
+func (c *Curator) Status() Status {
+	metadata, err := curation.NewMetadataFromDir(c.fs, c.config.DbDir)
 	if err != nil {
-		return nil, fmt.Errorf("unable to get vulnerability store: %w", err)
+		err = fmt.Errorf("failed to parse database metadata (%s): %w", c.config.DbDir, err)
+	}
+	if metadata == nil {
+		err = fmt.Errorf("database metadata not found at %q", c.config.DbDir)
+	}
+
+	if err == nil {
+		err = c.Validate()
+	}
+
+	return Status{
+		Age:              metadata.Built,
+		SchemaVersion:    metadata.Version.String(),
+		SchemaConstraint: vulnscan.DbSchemaConstraint,
+		Location:         c.config.DbDir,
+		Err:              err,
 	}
-	return store, nil
 }

 func (c *Curator) Delete() error {
@ -193,12 +209,12 @@ func (c *Curator) validate(dbDirPath string) error {
 	}

 	dbPath := path.Join(dbDirPath, FileName)
-	valid, err := file.ValidateByHash(c.fs, dbPath, metadata.Checksum)
+	valid, actualHash, err := file.ValidateByHash(c.fs, dbPath, metadata.Checksum)
 	if err != nil {
 		return err
 	}
 	if !valid {
-		return fmt.Errorf("bad db checksum (%s)", dbDirPath)
+		return fmt.Errorf("bad db checksum (%s): %q vs %q", dbPath, metadata.Checksum, actualHash)
 	}

 	if !c.versionConstraint.Check(metadata.Version) {
--- a/vulnscan/db/status.go
+++ b/vulnscan/db/status.go
@ -0,0 +1,11 @@
+package db
+
+import "time"
+
+type Status struct {
+	Age              time.Time
+	SchemaVersion    string
+	SchemaConstraint string
+	Location         string
+	Err              error
+}