Mirrors/grype
2
0
Fork 0
mirror of https://github.com/anchore/grype synced 2024-11-10 14:44:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

matchers: include Javascript (Npm) matching

Browse source 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
This commit is contained in:
Alfredo Deza 2020-07-23 13:31:46 -04:00
parent 8b17a43c28
commit fce21ddf6f
3 changed files with 41 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
vulnscan/match/matcher_type.go
View file

@ -7,6 +7,7 @@ const (
RpmDBMatcher
JavaMatcher
PythonMatcher
JavascriptMatcher
)
var matcherTypeStr = []string{
@ -16,6 +17,7 @@ var matcherTypeStr = []string{
"rpmdb-matcher",
"java-matcher",
"python-matcher",
"javascript-matcher",
}
var AllMatcherTypes = []MatcherType{
@ -24,6 +26,7 @@ var AllMatcherTypes = []MatcherType{
RpmDBMatcher,
JavaMatcher,
PythonMatcher,
JavascriptMatcher,
}
type MatcherType int

2
vulnscan/matcher/controller.go
View file

@ -8,6 +8,7 @@ import (
"github.com/anchore/vulnscan/vulnscan/matcher/bundler"
"github.com/anchore/vulnscan/vulnscan/matcher/dpkg"
"github.com/anchore/vulnscan/vulnscan/matcher/java"
"github.com/anchore/vulnscan/vulnscan/matcher/javascript"
"github.com/anchore/vulnscan/vulnscan/matcher/python"
"github.com/anchore/vulnscan/vulnscan/matcher/rpmdb"
"github.com/anchore/vulnscan/vulnscan/result"
@ -33,6 +34,7 @@ func newController() controller {
ctrlr.add(&python.Matcher{})
ctrlr.add(&rpmdb.Matcher{})
ctrlr.add(&java.Matcher{})
ctrlr.add(&javascript.Matcher{})
return ctrlr
}

36
vulnscan/matcher/javascript/matcher.go Normal file
View file

@ -0,0 +1,36 @@
package javascript
import (
"github.com/anchore/imgbom/imgbom/distro"
"github.com/anchore/imgbom/imgbom/pkg"
"github.com/anchore/vulnscan/vulnscan/match"
"github.com/anchore/vulnscan/vulnscan/matcher/common"
"github.com/anchore/vulnscan/vulnscan/vulnerability"
)
type Matcher struct {
}
func (m *Matcher) PackageTypes() []pkg.Type {
return []pkg.Type{pkg.NpmPkg}
}
func (m *Matcher) Type() match.MatcherType {
return match.JavascriptMatcher
}
func (m *Matcher) Match(store vulnerability.Provider, _ distro.Distro, p *pkg.Package) ([]match.Match, error) {
var matches = make([]match.Match, 0)
langMatches, err := common.FindMatchesByPackageLanguage(store, p.Language, p, m.Type())
if err != nil {
return nil, err
}
matches = append(matches, langMatches...)
cpeMatches, err := common.FindMatchesByPackageCPE(store, p, m.Type())
if err != nil {
return nil, err
}
matches = append(matches, cpeMatches...)
return matches, nil
}