Warn when a user attempts to use trivy without a detectable lockfile (#…

…729) * Warn when a user attempts to use trivy without a detectable lockfile * Update pkg/scanner/local/scan.go Co-authored-by: Teppei Fukuda <knqyf263@gmail.com> Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
aquasecurity · Oct 29, 2020 · 8442528 · 8442528
1 parent d09787e
commit 8442528
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/pkg/scanner/local/scan.go b/pkg/scanner/local/scan.go
@@ -151,6 +151,10 @@ func (s Scanner) scanOSPkg(target, osFamily, osName string, pkgs []ftypes.Packag
 }
 
 func (s Scanner) scanLibrary(apps []ftypes.Application, options types.ScanOptions) (report.Results, error) {
+	if len(apps) == 0 {
+		log.Logger.Info("Trivy skips scanning programming language libraries because no supported file was detected")
+		return nil, nil
+	}
 	var results report.Results
 	for _, app := range apps {
 		vulns, err := s.libDetector.Detect("", app.FilePath, time.Time{}, app.Libraries)