forked from zhanglimao/trivy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
detect.go
47 lines (38 loc) · 1.21 KB
/
detect.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package library
import (
"errors"
"golang.org/x/xerrors"
ftypes "github.com/zhyocean/trivy/pkg/fanal/types"
"github.com/zhyocean/trivy/pkg/types"
)
// Detect scans and returns vulnerabilities of library
func Detect(libType string, pkgs []ftypes.Package) ([]types.DetectedVulnerability, error) {
driver, err := NewDriver(libType)
if err != nil {
if errors.Is(err, ErrSBOMSupportOnly) {
return nil, nil
}
return nil, xerrors.Errorf("failed to initialize a driver: %w", err)
}
vulns, err := detect(driver, pkgs)
if err != nil {
return nil, xerrors.Errorf("failed to scan %s vulnerabilities: %w", driver.Type(), err)
}
return vulns, nil
}
func detect(driver Driver, libs []ftypes.Package) ([]types.DetectedVulnerability, error) {
var vulnerabilities []types.DetectedVulnerability
for _, lib := range libs {
vulns, err := driver.DetectVulnerabilities(lib.ID, lib.Name, lib.Version)
if err != nil {
return nil, xerrors.Errorf("failed to detect %s vulnerabilities: %w", driver.Type(), err)
}
for i := range vulns {
vulns[i].Layer = lib.Layer
vulns[i].PkgPath = lib.FilePath
vulns[i].PkgRef = lib.Ref
}
vulnerabilities = append(vulnerabilities, vulns...)
}
return vulnerabilities, nil
}