github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/detector/library/detect.go

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/detector/library/detect.go (about)

     1  package library
     2  
     3  import (
     4  	"golang.org/x/xerrors"
     5  
     6  	ftypes "github.com/devseccon/trivy/pkg/fanal/types"
     7  	"github.com/devseccon/trivy/pkg/types"
     8  )
     9  
    10  // Detect scans and returns vulnerabilities of library
    11  func Detect(libType ftypes.LangType, pkgs []ftypes.Package) ([]types.DetectedVulnerability, error) {
    12  	driver, ok := NewDriver(libType)
    13  	if !ok {
    14  		return nil, nil
    15  	}
    16  
    17  	vulns, err := detect(driver, pkgs)
    18  	if err != nil {
    19  		return nil, xerrors.Errorf("failed to scan %s vulnerabilities: %w", driver.Type(), err)
    20  	}
    21  
    22  	return vulns, nil
    23  }
    24  
    25  func detect(driver Driver, libs []ftypes.Package) ([]types.DetectedVulnerability, error) {
    26  	var vulnerabilities []types.DetectedVulnerability
    27  	for _, lib := range libs {
    28  		vulns, err := driver.DetectVulnerabilities(lib.ID, lib.Name, lib.Version)
    29  		if err != nil {
    30  			return nil, xerrors.Errorf("failed to detect %s vulnerabilities: %w", driver.Type(), err)
    31  		}
    32  
    33  		for i := range vulns {
    34  			vulns[i].Layer = lib.Layer
    35  			vulns[i].PkgPath = lib.FilePath
    36  			vulns[i].PkgRef = lib.Ref
    37  		}
    38  		vulnerabilities = append(vulnerabilities, vulns...)
    39  	}
    40  
    41  	return vulnerabilities, nil
    42  }