chore: Switch github.com/liamg dependencies to github.com/aquasecurity (

#3069)
aquasecurity · Oct 25, 2022 · b22e37e · b22e37e
1 parent 9b0e979
commit b22e37e
Show file tree

Hide file tree

Showing 42 changed files with 249 additions and 184 deletions.
diff --git a/examples/misconf/go-testing/go.sum b/examples/misconf/go-testing/go.sum
@@ -694,9 +694,6 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
 github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
-github.com/liamg/clinch v1.5.6/go.mod h1:IXM+nLBuZ5sOQAYYf9+G51nkaA0WY9cszxE5nPXexhE=
-github.com/liamg/tml v0.3.0/go.mod h1:0h4EAV/zBOsqI91EWONedjRpO8O0itjGJVd+wG5eC+E=
-github.com/liamg/tml v0.4.0/go.mod h1:0h4EAV/zBOsqI91EWONedjRpO8O0itjGJVd+wG5eC+E=
 github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=

diff --git a/examples/module/spring4shell/spring4shell.go b/examples/module/spring4shell/spring4shell.go
@@ -138,88 +138,90 @@ func (Spring4Shell) PostScanSpec() serialize.PostScanSpec {
 //
 // Example input:
 // [
-//  {
-//    "Target": "",
-//    "Class": "custom",
-//    "CustomResources": [
-//      {
-//        "Type": "spring4shell/java-major-version",
-//        "FilePath": "/usr/local/openjdk-8/release",
-//        "Layer": {
-//          "Digest": "sha256:d7b564a873af313eb2dbcb1ed0d393c57543e3666bdedcbe5d75841d72b1f791",
-//          "DiffID": "sha256:ba40706eccba610401e4942e29f50bdf36807f8638942ce20805b359ae3ac1c1"
-//        },
-//        "Data": "1.8.0_322"
-//      },
-//      {
-//        "Type": "spring4shell/tomcat-version",
-//        "FilePath": "/usr/local/tomcat/RELEASE-NOTES",
-//        "Layer": {
-//          "Digest": "sha256:59c0978ccb117247fd40d936973c40df89195f60466118c5acc6a55f8ba29f06",
-//          "DiffID": "sha256:85595543df2b1115a18284a8ef62d0b235c4bc29e3d33b55f89b54ee1eadf4c6"
-//        },
-//        "Data": "8.5.77"
-//      }
-//    ]
-//  },
-//  {
-//    "Target": "Java",
-//    "Class": "lang-pkgs",
-//    "Type": "jar",
-//    "Vulnerabilities": [
-//      {
-//        "VulnerabilityID": "CVE-2022-22965",
-//        "PkgName": "org.springframework.boot:spring-boot",
-//        "PkgPath": "usr/local/tomcat/webapps/helloworld.war",
-//        "InstalledVersion": "2.6.3",
-//        "FixedVersion": "2.5.12, 2.6.6",
-//        "Layer": {
-//          "Digest": "sha256:cc44af318e91e6f9f9bf73793fa4f0639487613f46aa1f819b02b6e8fb5c6c07",
-//          "DiffID": "sha256:eb769943b91f10a0418f2fc3b4a4fde6c6293be60c37293fcc0fa319edaf27a5"
-//        },
-//        "SeveritySource": "nvd",
-//        "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-22965",
-//        "DataSource": {
-//          "ID": "glad",
-//          "Name": "GitLab Advisory Database Community",
-//          "URL": "https://gitlab.com/gitlab-org/advisories-community"
-//        },
-//        "Title": "spring-framework: RCE via Data Binding on JDK 9+",
-//        "Description": "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.",
-//        "Severity": "CRITICAL",
-//        "CweIDs": [
-//          "CWE-94"
-//        ],
-//        "VendorSeverity": {
-//          "ghsa": 4,
-//          "nvd": 4,
-//          "redhat": 3
-//        },
-//        "CVSS": {
-//          "ghsa": {
-//            "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
-//            "V3Score": 9.8
-//          },
-//          "nvd": {
-//            "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
-//            "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
-//            "V2Score": 7.5,
-//            "V3Score": 9.8
-//          },
-//          "redhat": {
-//            "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
-//            "V3Score": 8.1
-//          }
-//        },
-//        "References": [
-//          "https://github.com/advisories/GHSA-36p3-wjmg-h94x"
-//        ],
-//        "PublishedDate": "2022-04-01T23:15:00Z",
-//        "LastModifiedDate": "2022-05-19T14:21:00Z"
-//      }
-//    ]
-//  }
-//]
+//
+//	{
+//	  "Target": "",
+//	  "Class": "custom",
+//	  "CustomResources": [
+//	    {
+//	      "Type": "spring4shell/java-major-version",
+//	      "FilePath": "/usr/local/openjdk-8/release",
+//	      "Layer": {
+//	        "Digest": "sha256:d7b564a873af313eb2dbcb1ed0d393c57543e3666bdedcbe5d75841d72b1f791",
+//	        "DiffID": "sha256:ba40706eccba610401e4942e29f50bdf36807f8638942ce20805b359ae3ac1c1"
+//	      },
+//	      "Data": "1.8.0_322"
+//	    },
+//	    {
+//	      "Type": "spring4shell/tomcat-version",
+//	      "FilePath": "/usr/local/tomcat/RELEASE-NOTES",
+//	      "Layer": {
+//	        "Digest": "sha256:59c0978ccb117247fd40d936973c40df89195f60466118c5acc6a55f8ba29f06",
+//	        "DiffID": "sha256:85595543df2b1115a18284a8ef62d0b235c4bc29e3d33b55f89b54ee1eadf4c6"
+//	      },
+//	      "Data": "8.5.77"
+//	    }
+//	  ]
+//	},
+//	{
+//	  "Target": "Java",
+//	  "Class": "lang-pkgs",
+//	  "Type": "jar",
+//	  "Vulnerabilities": [
+//	    {
+//	      "VulnerabilityID": "CVE-2022-22965",
+//	      "PkgName": "org.springframework.boot:spring-boot",
+//	      "PkgPath": "usr/local/tomcat/webapps/helloworld.war",
+//	      "InstalledVersion": "2.6.3",
+//	      "FixedVersion": "2.5.12, 2.6.6",
+//	      "Layer": {
+//	        "Digest": "sha256:cc44af318e91e6f9f9bf73793fa4f0639487613f46aa1f819b02b6e8fb5c6c07",
+//	        "DiffID": "sha256:eb769943b91f10a0418f2fc3b4a4fde6c6293be60c37293fcc0fa319edaf27a5"
+//	      },
+//	      "SeveritySource": "nvd",
+//	      "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-22965",
+//	      "DataSource": {
+//	        "ID": "glad",
+//	        "Name": "GitLab Advisory Database Community",
+//	        "URL": "https://gitlab.com/gitlab-org/advisories-community"
+//	      },
+//	      "Title": "spring-framework: RCE via Data Binding on JDK 9+",
+//	      "Description": "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.",
+//	      "Severity": "CRITICAL",
+//	      "CweIDs": [
+//	        "CWE-94"
+//	      ],
+//	      "VendorSeverity": {
+//	        "ghsa": 4,
+//	        "nvd": 4,
+//	        "redhat": 3
+//	      },
+//	      "CVSS": {
+//	        "ghsa": {
+//	          "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+//	          "V3Score": 9.8
+//	        },
+//	        "nvd": {
+//	          "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+//	          "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+//	          "V2Score": 7.5,
+//	          "V3Score": 9.8
+//	        },
+//	        "redhat": {
+//	          "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+//	          "V3Score": 8.1
+//	        }
+//	      },
+//	      "References": [
+//	        "https://github.com/advisories/GHSA-36p3-wjmg-h94x"
+//	      ],
+//	      "PublishedDate": "2022-04-01T23:15:00Z",
+//	      "LastModifiedDate": "2022-05-19T14:21:00Z"
+//	    }
+//	  ]
+//	}
+//
+// ]
 func (Spring4Shell) PostScan(results serialize.Results) (serialize.Results, error) {
 	var javaMajorVersion int
 	var tomcatVersion string

diff --git a/go.mod b/go.mod
@@ -14,8 +14,11 @@ require (
 	github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798
 	github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46
 	github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492
+	github.com/aquasecurity/loading v0.0.5
+	github.com/aquasecurity/memoryfs v1.4.4
 	github.com/aquasecurity/table v1.8.0
 	github.com/aquasecurity/testdocker v0.0.0-20210911155206-e1e85f5a1516
+	github.com/aquasecurity/tml v0.6.1
 	github.com/aquasecurity/trivy-db v0.0.0-20220627104749-930461748b63
 	github.com/aquasecurity/trivy-kubernetes v0.3.1-0.20221021174315-8d74450b4506
 	github.com/aws/aws-sdk-go v1.44.114
@@ -45,9 +48,6 @@ require (
 	github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d
 	github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075
 	github.com/kylelemons/godebug v1.1.0
-	github.com/liamg/loading v0.0.4
-	github.com/liamg/memoryfs v1.4.3
-	github.com/liamg/tml v0.6.0
 	github.com/mailru/easyjson v0.7.7
 	github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08
 	github.com/mitchellh/hashstructure/v2 v2.0.2
@@ -135,6 +135,9 @@ require (
 	github.com/googleapis/enterprise-certificate-proxy v0.1.0 // indirect
 	github.com/googleapis/go-type-adapters v1.0.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/liamg/iamgo v0.0.9 // indirect
+	github.com/liamg/jfather v0.0.7 // indirect
+	github.com/liamg/memoryfs v1.4.3 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.0.5 // indirect
@@ -260,8 +263,6 @@ require (
 	github.com/knqyf263/nested v0.0.1
 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
 	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
-	github.com/liamg/iamgo v0.0.9 // indirect
-	github.com/liamg/jfather v0.0.7 // indirect
 	github.com/lib/pq v1.10.6 // indirect
 	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
 	github.com/magiconair/properties v1.8.6 // indirect

diff --git a/go.sum b/go.sum
@@ -206,10 +206,16 @@ github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46/go.
 github.com/aquasecurity/go-version v0.0.0-20201107203531-5e48ac5d022a/go.mod h1:9Beu8XsUNNfzml7WBf3QmyPToP1wm1Gj/Vc5UJKqTzU=
 github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492 h1:rcEG5HI490FF0a7zuvxOxen52ddygCfNVjP0XOCMl+M=
 github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492/go.mod h1:9Beu8XsUNNfzml7WBf3QmyPToP1wm1Gj/Vc5UJKqTzU=
+github.com/aquasecurity/loading v0.0.5 h1:2iq02sPSSMU+ULFPmk0v0lXnK/eZ2e0dRAj/Dl5TvuM=
+github.com/aquasecurity/loading v0.0.5/go.mod h1:NSHeeq1JTDTFuXAe87q4yQ2DX57pXiaQMqq8Zm9HCJA=
+github.com/aquasecurity/memoryfs v1.4.4 h1:HdkShi6jjKZLAgQ+6/CXXDB/zwH2hAMp2oklo9w5t7A=
+github.com/aquasecurity/memoryfs v1.4.4/go.mod h1:kLxvGxhdyG0zmlFUJB6VAkLn4WRPOycLW/UYO6dspao=
 github.com/aquasecurity/table v1.8.0 h1:9ntpSwrUfjrM6/YviArlx/ZBGd6ix8W+MtojQcM7tv0=
 github.com/aquasecurity/table v1.8.0/go.mod h1:eqOmvjjB7AhXFgFqpJUEE/ietg7RrMSJZXyTN8E/wZw=
 github.com/aquasecurity/testdocker v0.0.0-20210911155206-e1e85f5a1516 h1:moQmzbpLo5dxHQCyEhqzizsDSNrNhn/7uRTCZzo4A1o=
 github.com/aquasecurity/testdocker v0.0.0-20210911155206-e1e85f5a1516/go.mod h1:gTd97VdQ0rg8Mkiic3rPgNOQdprZ7feTAhiD5mGQjgM=
+github.com/aquasecurity/tml v0.6.1 h1:y2ZlGSfrhnn7t4ZJ/0rotuH+v5Jgv6BDDO5jB6A9gwo=
+github.com/aquasecurity/tml v0.6.1/go.mod h1:OnYMWY5lvI9ejU7yH9LCberWaaTBW7hBFsITiIMY2yY=
 github.com/aquasecurity/trivy-db v0.0.0-20220627104749-930461748b63 h1:hgGD7zqlNe6sWJZPFFv1Z6T1EuYW8XD/hqx/dxjNp3Q=
 github.com/aquasecurity/trivy-db v0.0.0-20220627104749-930461748b63/go.mod h1:/nULgnDeq/JMPMVwE1dmf4kWlYn++7VrM3O2naj4BHA=
 github.com/aquasecurity/trivy-kubernetes v0.3.1-0.20221021174315-8d74450b4506 h1:maijOWmI5Ec/R7V0wpXoqvQC7fTjQD+PbDktKIK1VXs=
@@ -1106,12 +1112,8 @@ github.com/liamg/iamgo v0.0.9 h1:tADGm3xVotyRJmuKKaH4+zsBn7LOcvgdpuF3WsSKW3c=
 github.com/liamg/iamgo v0.0.9/go.mod h1:Kk6ZxBF/GQqG9nnaUjIi6jf+WXNpeOTyhwc6gnguaZQ=
 github.com/liamg/jfather v0.0.7 h1:Xf78zS263yfT+xr2VSo6+kyAy4ROlCacRqJG7s5jt4k=
 github.com/liamg/jfather v0.0.7/go.mod h1:xXBGiBoiZ6tmHhfy5Jzw8sugzajwYdi6VosIpB3/cPM=
-github.com/liamg/loading v0.0.4 h1:i3+8cxqCbwVnz6RLqRZG4zHPKnY31T6NfM0h48mucvg=
-github.com/liamg/loading v0.0.4/go.mod h1:MpUOigKhyrByiW/te5JtMB9/f2MbZ4ZDk4wjorOwlpI=
 github.com/liamg/memoryfs v1.4.3 h1:+ChjcuPRYpjJSulD13PXDNR3JeJ5HUYKjLHyWVK0bqU=
 github.com/liamg/memoryfs v1.4.3/go.mod h1:z7mfqXFQS8eSeBBsFjYLlxYRMRyiPktytvYCYTb3BSk=
-github.com/liamg/tml v0.6.0 h1:yOC/Q9p9Io3J11U9LdYVIwpRTnTE1GPMNFLrygkmE2Y=
-github.com/liamg/tml v0.6.0/go.mod h1:0h4EAV/zBOsqI91EWONedjRpO8O0itjGJVd+wG5eC+E=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.10.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/lib/pq v1.10.6 h1:jbk+ZieJ0D7EVGJYpL9QTz7/YW6UHbmdnZWYyK5cdBs=

diff --git a/pkg/cloud/aws/commands/run_test.go b/pkg/cloud/aws/commands/run_test.go
@@ -3,14 +3,16 @@ package commands
 import (
 	"bytes"
 	"context"
-	dbTypes "github.com/aquasecurity/trivy-db/pkg/types"
-	"github.com/aquasecurity/trivy/pkg/flag"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 	"os"
 	"path/filepath"
 	"testing"
 	"time"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	dbTypes "github.com/aquasecurity/trivy-db/pkg/types"
+	"github.com/aquasecurity/trivy/pkg/flag"
 )
 
 func Test_Run(t *testing.T) {

diff --git a/pkg/cloud/aws/scanner/progress.go b/pkg/cloud/aws/scanner/progress.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/liamg/loading/pkg/bar"
+	"github.com/aquasecurity/loading/pkg/bar"
 )
 
 type progressTracker struct {

diff --git a/pkg/cloud/report/report.go b/pkg/cloud/report/report.go
@@ -8,7 +8,7 @@ import (
 
 	ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
 
-	"github.com/liamg/tml"
+	"github.com/aquasecurity/tml"
 
 	"github.com/aquasecurity/trivy/pkg/flag"
 

diff --git a/pkg/cloud/report/resource.go b/pkg/cloud/report/resource.go
@@ -6,7 +6,7 @@ import (
 	"sort"
 	"strconv"
 
-	"github.com/liamg/tml"
+	"github.com/aquasecurity/tml"
 
 	"golang.org/x/term"
 

diff --git a/pkg/cloud/report/result.go b/pkg/cloud/report/result.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"io"
 
-	"github.com/liamg/tml"
+	"github.com/aquasecurity/tml"
 
 	renderer "github.com/aquasecurity/trivy/pkg/report/table"
 

diff --git a/pkg/cloud/report/service.go b/pkg/cloud/report/service.go
@@ -7,7 +7,7 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/liamg/tml"
+	"github.com/aquasecurity/tml"
 
 	"github.com/aquasecurity/table"
 	pkgReport "github.com/aquasecurity/trivy/pkg/report/table"

diff --git a/pkg/commands/artifact/wire_gen.go b/pkg/commands/artifact/wire_gen.go
diff --git a/pkg/detector/ospkg/redhat/redhat_test.go b/pkg/detector/ospkg/redhat/redhat_test.go
@@ -8,14 +8,15 @@ import (
 	"github.com/stretchr/testify/require"
 	fake "k8s.io/utils/clock/testing"
 
+	"github.com/stretchr/testify/assert"
+
 	dbTypes "github.com/aquasecurity/trivy-db/pkg/types"
 	"github.com/aquasecurity/trivy-db/pkg/vulnsrc/vulnerability"
 	"github.com/aquasecurity/trivy/pkg/dbtest"
 	"github.com/aquasecurity/trivy/pkg/detector/ospkg/redhat"
 	ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
 	"github.com/aquasecurity/trivy/pkg/log"
 	"github.com/aquasecurity/trivy/pkg/types"
-	"github.com/stretchr/testify/assert"
 )
 
 func TestMain(m *testing.M) {

diff --git a/pkg/fanal/analyzer/language/c/conan/conan_test.go b/pkg/fanal/analyzer/language/c/conan/conan_test.go
@@ -6,10 +6,11 @@ import (
 	"sort"
 	"testing"
 
-	"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
-	"github.com/aquasecurity/trivy/pkg/fanal/types"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
+	"github.com/aquasecurity/trivy/pkg/fanal/types"
 )
 
 func Test_conanLockAnalyzer_Analyze(t *testing.T) {

diff --git a/pkg/fanal/analyzer/language/java/gradle/lockfile_test.go b/pkg/fanal/analyzer/language/java/gradle/lockfile_test.go
@@ -5,10 +5,11 @@ import (
 	"path/filepath"
 	"testing"
 
-	"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
-	"github.com/aquasecurity/trivy/pkg/fanal/types"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
+	"github.com/aquasecurity/trivy/pkg/fanal/types"
 )
 
 func Test_gradleLockAnalyzer_Analyze(t *testing.T) {

diff --git a/pkg/fanal/analyzer/language/nodejs/npm/npm_test.go b/pkg/fanal/analyzer/language/nodejs/npm/npm_test.go
@@ -7,10 +7,11 @@ import (
 	"strings"
 	"testing"
 
-	"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
-	"github.com/aquasecurity/trivy/pkg/fanal/types"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
+	"github.com/aquasecurity/trivy/pkg/fanal/types"
 )
 
 func Test_npmLibraryAnalyzer_Analyze(t *testing.T) {

diff --git a/pkg/fanal/cache/mock_cache.go b/pkg/fanal/cache/mock_cache.go