2021-08-15 11:46:44 +03:00
|
|
|
package language
|
2020-05-28 23:29:07 +03:00
|
|
|
|
|
|
|
|
import (
|
2021-01-11 06:47:04 +02:00
|
|
|
"golang.org/x/xerrors"
|
|
|
|
|
|
2022-05-03 22:06:36 +06:00
|
|
|
dio "github.com/aquasecurity/go-dep-parser/pkg/io"
|
2020-05-28 23:29:07 +03:00
|
|
|
godeptypes "github.com/aquasecurity/go-dep-parser/pkg/types"
|
2022-06-20 09:43:33 +01:00
|
|
|
"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
|
|
|
|
|
"github.com/aquasecurity/trivy/pkg/fanal/types"
|
2020-05-28 23:29:07 +03:00
|
|
|
)
|
|
|
|
|
|
2022-05-03 22:06:36 +06:00
|
|
|
func Analyze(fileType, filePath string, r dio.ReadSeekerAt, parser godeptypes.Parser) (*analyzer.AnalysisResult, error) {
|
|
|
|
|
parsedLibs, parsedDependencies, err := parser.Parse(r)
|
2020-05-28 23:29:07 +03:00
|
|
|
if err != nil {
|
2021-02-14 14:28:59 +02:00
|
|
|
return nil, xerrors.Errorf("failed to parse %s: %w", filePath, err)
|
2020-05-28 23:29:07 +03:00
|
|
|
}
|
2021-01-11 06:47:04 +02:00
|
|
|
|
2022-05-03 22:06:36 +06:00
|
|
|
// The file path of each library should be empty in case of dependency list such as lock file
|
|
|
|
|
// since they all will be the same path.
|
|
|
|
|
return ToAnalysisResult(fileType, filePath, "", parsedLibs, parsedDependencies), nil
|
2021-02-14 14:28:59 +02:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 18:04:23 +06:00
|
|
|
func ToAnalysisResult(fileType, filePath, libFilePath string, libs []godeptypes.Library, depGraph []godeptypes.Dependency) *analyzer.AnalysisResult {
|
2022-05-03 22:06:36 +06:00
|
|
|
if len(libs) == 0 {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-31 18:04:23 +06:00
|
|
|
deps := make(map[string][]string)
|
|
|
|
|
for _, dep := range depGraph {
|
|
|
|
|
deps[dep.ID] = dep.DependsOn
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-06 02:20:59 +09:00
|
|
|
var pkgs []types.Package
|
2021-02-14 14:28:59 +02:00
|
|
|
for _, lib := range libs {
|
2021-10-06 02:20:59 +09:00
|
|
|
pkgs = append(pkgs, types.Package{
|
2022-05-31 18:04:23 +06:00
|
|
|
ID: lib.ID,
|
|
|
|
|
Name: lib.Name,
|
|
|
|
|
Version: lib.Version,
|
|
|
|
|
FilePath: libFilePath,
|
|
|
|
|
Indirect: lib.Indirect,
|
|
|
|
|
License: lib.License,
|
|
|
|
|
DependsOn: deps[lib.ID],
|
2021-01-11 06:47:04 +02:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
apps := []types.Application{{
|
2022-05-31 18:04:23 +06:00
|
|
|
Type: fileType,
|
|
|
|
|
FilePath: filePath,
|
|
|
|
|
Libraries: pkgs,
|
2021-01-11 06:47:04 +02:00
|
|
|
}}
|
|
|
|
|
|
2021-02-14 14:28:59 +02:00
|
|
|
return &analyzer.AnalysisResult{Applications: apps}
|
2020-05-28 23:29:07 +03:00
|
|
|
}
|
