admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-02-10 02:33:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
5d050ce274dba7679c6aeeefc6134d88975b0fc5
aquasecurity-trivy/pkg/dependency/parser/golang/sum/parse.go
Rutam Prita Mishra e872ec006c fix(go): Do not trim v prefix from versions in Go Mod Analyzer (#7733) 
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
2024-10-31 06:03:22 +00:00

51 lines
1.1 KiB
Go
Raw Blame History

package sum
import (
"bufio"
"strings"
"golang.org/x/xerrors"
"github.com/aquasecurity/trivy/pkg/dependency"
ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
xio "github.com/aquasecurity/trivy/pkg/x/io"
)
type Parser struct{}
func NewParser() *Parser {
return &Parser{}
}
// Parse parses a go.sum file
func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependency, error) {
var pkgs []ftypes.Package
uniquePkgs := make(map[string]string)
scanner := bufio.NewScanner(r)
for scanner.Scan() {
line := strings.TrimSpace(scanner.Text())
s := strings.Fields(line)
if len(s) < 2 {
continue
}
// go.sum records and sorts all non-major versions
// with the latest version as last entry
uniquePkgs[s[0]] = strings.TrimSuffix(s[1], "/go.mod")
}
if err := scanner.Err(); err != nil {
return nil, nil, xerrors.Errorf("scan error: %w", err)
}
for k, v := range uniquePkgs {
pkgs = append(pkgs, ftypes.Package{
ID: dependency.ID(ftypes.GoModule, k, v),
Name: k,
Version: v,
})
}
return pkgs, nil, nil
}
Reference in New Issue View Git Blame Copy Permalink