github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/licensing/scanner.go (about) 1 package licensing 2 3 import ( 4 "golang.org/x/exp/slices" 5 6 dbTypes "github.com/aquasecurity/trivy-db/pkg/types" 7 "github.com/devseccon/trivy/pkg/fanal/types" 8 ) 9 10 type ScannerOption struct { 11 IgnoredLicenses []string 12 LicenseCategories map[types.LicenseCategory][]string 13 } 14 15 type Scanner struct { 16 categories map[types.LicenseCategory][]string 17 } 18 19 func NewScanner(categories map[types.LicenseCategory][]string) Scanner { 20 return Scanner{categories: categories} 21 } 22 23 func (s *Scanner) Scan(licenseName string) (types.LicenseCategory, string) { 24 for category, names := range s.categories { 25 if slices.Contains(names, licenseName) { 26 return category, categoryToSeverity(category).String() 27 } 28 } 29 return types.CategoryUnknown, dbTypes.SeverityUnknown.String() 30 } 31 32 func categoryToSeverity(category types.LicenseCategory) dbTypes.Severity { 33 switch category { 34 case types.CategoryForbidden: 35 return dbTypes.SeverityCritical 36 case types.CategoryRestricted: 37 return dbTypes.SeverityHigh 38 case types.CategoryReciprocal: 39 return dbTypes.SeverityMedium 40 case types.CategoryNotice, types.CategoryPermissive, types.CategoryUnencumbered: 41 return dbTypes.SeverityLow 42 } 43 return dbTypes.SeverityUnknown 44 }