github.com/quay/claircore@v1.5.28/gobin/matcher.go (about)

     1  package gobin
     2  
     3  import (
     4  	"context"
     5  
     6  	"github.com/quay/claircore"
     7  	"github.com/quay/claircore/libvuln/driver"
     8  )
     9  
    10  var (
    11  	_ driver.Matcher       = (*Matcher)(nil)
    12  	_ driver.VersionFilter = (*Matcher)(nil)
    13  )
    14  
    15  // Matcher matches discovered go packages against advisories provided via OSV.
    16  type Matcher struct{}
    17  
    18  // Name implements driver.Matcher.
    19  func (m *Matcher) Name() string { return "gobin" }
    20  
    21  // Filter implements driver.Matcher.
    22  func (matcher *Matcher) Filter(record *claircore.IndexRecord) bool {
    23  	return record.Repository != nil &&
    24  		record.Repository.URI == "https://pkg.go.dev/"
    25  }
    26  
    27  // Query implements driver.Matcher.
    28  func (matcher *Matcher) Query() []driver.MatchConstraint {
    29  	return []driver.MatchConstraint{driver.RepositoryName}
    30  }
    31  
    32  // Vulnerable implements driver.Matcher.
    33  func (matcher *Matcher) Vulnerable(ctx context.Context, record *claircore.IndexRecord, vuln *claircore.Vulnerability) (bool, error) {
    34  	// no-op
    35  	return false, nil
    36  }
    37  
    38  func (matcher *Matcher) VersionFilter()             {}
    39  func (matcher *Matcher) VersionAuthoritative() bool { return true }