Alex Goodman
564fffec6d
rename to grype
2020-07-23 21:29:05 -04:00
Alex Goodman
6340b2da3a
add release pipeline & replace imgbom with syft ( #60 )
2020-07-23 21:26:03 -04:00
Alex Goodman
bc3f298d64
use sqlite reader (remove a cgo dependency) ( #57 )
2020-07-21 13:41:48 -04:00
Alex Goodman
c8bca755ff
Add integration tests ( #54 )
...
* add integration tests + add matcher types
* tweak db auto update var; rm dead cache cmd
* Update cmd/root.go
Co-authored-by: Alfredo Deza <adeza@anchore.com>
Co-authored-by: Alfredo Deza <adeza@anchore.com>
2020-07-21 12:34:39 -04:00
Alex Goodman
66453e65f2
add app upate check on startup ( #56 )
2020-07-21 11:58:00 -04:00
Alex Goodman
c83ddc1fa2
validate input arg length ( #55 )
2020-07-20 12:00:25 -04:00
Alfredo Deza
924d7f9a28
cmd: use NewScope abstraction from imgbom, supports dirs/imgs
...
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-07-17 13:58:07 -04:00
Alex Goodman
bbff869499
Add matching by CPE ( #40 )
...
* Commit just to share progress, needs to be squashed/fixed-up once working.
Signed-off-by: Zach Hill <zach@anchore.com>
* minor fixes
* add cpe obj
* add cpe matching
* report cpe in search key
* add verbose logging for matches; bump vulnscan-db ver
* add dev profiler option; tweak logging
* test support for CPE URI bindings
addresses https://github.com/anchore/vulnscan/pull/40#discussion_r455389937
* rename nvdv2 to nvd
* reduce scope of cpe matching to non-distro packages
* normalize nil constraint strings
Co-authored-by: Zach Hill <zach@anchore.com>
2020-07-16 15:12:19 -04:00
Alex Goodman
afb8597aa2
split vulnerability into index & metadata ( #51 )
2020-07-16 14:59:35 -04:00
Alex Goodman
12aeee3b92
add java matcher ( #44 )
2020-07-15 07:17:21 -04:00
Alex Goodman
765d5dfb5b
add rpm version + constraint, rpmdb matching; refactor dpkg constraint
2020-07-07 09:22:14 -04:00
Alex Goodman
a004668056
add db archive import
2020-06-29 10:10:02 -04:00
Alex Goodman
9c70953dfb
add curation of db file
2020-06-19 10:57:06 -04:00
Alfredo Deza
7f00f5c945
cmd: automatically detect distro based on img input
...
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-06-18 17:43:50 -04:00
Alfredo Deza
4fc7fbc1fd
cmd: default to json output, connect to presenter
...
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-06-18 10:12:23 -04:00
Alex Goodman
622f09feff
add matcher tests + dpkg constraint adapter (add <)
2020-06-04 10:23:18 -04:00
Alex Goodman
d9c922218c
add store provider tests
2020-06-02 20:54:19 -04:00
Alex Goodman
88eecbd2de
add indirect dpkg source matching
2020-06-02 17:22:57 -04:00
Alex Goodman
b72e25afea
add sqlite vulnscan-db integrations
2020-06-02 14:12:20 -04:00
Alex Goodman
490ba9cd4b
rename os -> distro
2020-06-01 10:43:58 -04:00
Alex Goodman
aacc624033
add FindVulnerability lib function, wire up main with matcher
2020-06-01 07:21:07 -04:00
Alex Goodman
02556fdd9c
add basic matching execution flow
2020-05-28 18:28:29 -04:00
Alex Goodman
4e310ebbe2
simplify initializers
2020-05-26 13:37:47 -04:00
Alex Goodman
d813ac84ca
add CLI commands / subcommands
2020-05-26 13:31:50 -04:00
Alex Goodman
3c6ae01619
initial project structure
2020-05-26 10:41:23 -04:00