From cecd05374b13bbd7baafe2ab1e0cb7e53e7f923a Mon Sep 17 00:00:00 2001 From: sarahCx Date: Tue, 27 Aug 2024 17:39:39 +0300 Subject: [PATCH 1/8] add filter and test --- internal/commands/result.go | 32 ++++- internal/commands/result_test.go | 187 +++++++++++++++++++++++++ internal/params/flags.go | 31 ++-- internal/wrappers/mock/results-mock.go | 43 ++++++ 4 files changed, 277 insertions(+), 16 deletions(-) diff --git a/internal/commands/result.go b/internal/commands/result.go index 9c3c60655..d3ba2a0d8 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1040,6 +1040,32 @@ func setIsContainersEnabled(agent string, featureFlagsWrapper wrappers.FeatureFl containerEngineCLIEnabled, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.ContainerEngineCLIEnabled) wrappers.IsContainersEnabled = containerEngineCLIEnabled.Status && agentSupported } + +func filterResultsByAgent(results *wrappers.ScanResultsCollection, agent string) *wrappers.ScanResultsCollection { + if agent == commonParams.VSCodeAgent { + var filteredResults []*wrappers.ScanResult + for _, result := range results.Results { + if result.Type != commonParams.SCSScorecardType { + filteredResults = append(filteredResults, result) + } else { + results.TotalCount-- + } + } + results.Results = filteredResults + } else if agent != commonParams.DefaultAgent { + var filteredResults []*wrappers.ScanResult + for _, result := range results.Results { + if result.Type != commonParams.SCSScorecardType && result.Type != commonParams.SCSSecretDetectionType { + filteredResults = append(filteredResults, result) + } else { + results.TotalCount-- + } + } + results.Results = filteredResults + } + return results +} + func CreateScanReport( resultsWrapper wrappers.ResultsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, @@ -1088,7 +1114,7 @@ func CreateScanReport( } for _, reportType := range reportList { err = createReport(reportType, formatPdfToEmail, formatPdfOptions, formatSbomOptions, targetFile, - targetPath, results, summary, exportWrapper, resultsPdfReportsWrapper, featureFlagsWrapper) + targetPath, results, summary, exportWrapper, resultsPdfReportsWrapper, featureFlagsWrapper, agent) if err != nil { return err } @@ -1223,7 +1249,8 @@ func createReport(format, summary *wrappers.ResultSummary, exportWrapper wrappers.ExportWrapper, resultsPdfReportsWrapper wrappers.ResultsPdfWrapper, - featureFlagsWrapper wrappers.FeatureFlagsWrapper) error { + featureFlagsWrapper wrappers.FeatureFlagsWrapper, + agent string) error { if printer.IsFormat(format, printer.FormatIndentedJSON) { return nil } @@ -1236,6 +1263,7 @@ func createReport(format, return exportSonarResults(sonarRpt, results) } if printer.IsFormat(format, printer.FormatJSON) && isValidScanStatus(summary.Status, printer.FormatJSON) { + results = filterResultsByAgent(results, agent) jsonRpt := createTargetName(targetFile, targetPath, printer.FormatJSON) return exportJSONResults(jsonRpt, results) } diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index 4a7e4ed2e..cd3a4142f 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -5,6 +5,7 @@ package commands import ( "encoding/json" "fmt" + "io" "os" "regexp" "strings" @@ -132,6 +133,192 @@ func TestResultsExitCode_OnPartialScan_PrintOnlyFailedScannersInfoToConsole(t *t assert.Equal(t, results[0].Status, "Partial", "") } +func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { + executeCommand := func(agent string) *wrappers.ScanResultsCollection { + clearFlags() + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} + + _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), + "results", "show", "--scan-id", "SCS", "--report-format", "json", "--agent", agent) + assert.NilError(t, err) + + file, err := os.Open(fileName + ".json") + if err != nil { + t.Fatalf("failed to open file: %v", err) + } + defer file.Close() + + fileContents, err := io.ReadAll(file) + if err != nil { + t.Fatalf("failed to read file: %v", err) + } + + var results wrappers.ScanResultsCollection + err = json.Unmarshal(fileContents, &results) + assert.NilError(t, err) + return &results + } + + results := executeCommand(params.DefaultAgent) + scsSecretDetectionFound := false + scsScorecardFound := false + for _, result := range results.Results { + if result.Type == params.SCSSecretDetectionType { + scsSecretDetectionFound = true + } + if result.Type == params.SCSScorecardType { + scsScorecardFound = true + } + if scsSecretDetectionFound && scsScorecardFound { + break + } + } + assert.Assert(t, scsSecretDetectionFound && scsScorecardFound, "SCS results should be included for AST-CLI agent") + assert.Assert(t, results.TotalCount == 2, "SCS Scorecard results should be excluded for VS Code agent") + + defer os.Remove(fileName + ".json") +} + +func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing.T) { + executeCommand := func(agent string) *wrappers.ScanResultsCollection { + clearFlags() + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} + + _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), + "results", "show", "--scan-id", "SCS", "--report-format", "json", "--agent", agent) + assert.NilError(t, err) + + file, err := os.Open(fileName + ".json") + if err != nil { + t.Fatalf("failed to open file: %v", err) + } + defer file.Close() + + fileContents, err := io.ReadAll(file) + if err != nil { + t.Fatalf("failed to read file: %v", err) + } + + var results wrappers.ScanResultsCollection + err = json.Unmarshal(fileContents, &results) + assert.NilError(t, err) + return &results + } + + results := executeCommand(params.VSCodeAgent) + for _, result := range results.Results { + assert.Assert(t, result.Type != params.SCSScorecardType, "SCS Scorecard results should be excluded for VS Code agent") + } + assert.Assert(t, results.TotalCount == 1, "SCS Scorecard results should be excluded for VS Code agent") + + defer os.Remove(fileName + ".json") +} + +func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { + executeCommand := func(agent string) *wrappers.ScanResultsCollection { + clearFlags() + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} + + _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), + "results", "show", "--scan-id", "SCS", "--report-format", "json", "--agent", agent) + assert.NilError(t, err) + + file, err := os.Open(fileName + ".json") + if err != nil { + t.Fatalf("failed to open file: %v", err) + } + defer file.Close() + + fileContents, err := io.ReadAll(file) + if err != nil { + t.Fatalf("failed to read file: %v", err) + } + + var results wrappers.ScanResultsCollection + err = json.Unmarshal(fileContents, &results) + assert.NilError(t, err) + return &results + } + + results := executeCommand("Jetbrains") + for _, result := range results.Results { + assert.Assert(t, result.Type != params.SCSScorecardType && result.Type != params.SCSSecretDetectionType, "SCS results should be excluded for other agents") + } + assert.Assert(t, results.TotalCount == 0, "SCS Scorecard results should be excluded") + + defer os.Remove(fileName + ".json") +} + +func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) { + executeCommand := func(agent string) *wrappers.ScanResultsCollection { + clearFlags() + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true} + + _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), + "results", "show", "--scan-id", "MOCK", "--report-format", "json", "--agent", agent) + assert.NilError(t, err) + + file, err := os.Open(fileName + ".json") + if err != nil { + t.Fatalf("failed to open file: %v", err) + } + defer file.Close() + + fileContents, err := io.ReadAll(file) + if err != nil { + t.Fatalf("failed to read file: %v", err) + } + + var results wrappers.ScanResultsCollection + err = json.Unmarshal(fileContents, &results) + assert.NilError(t, err) + return &results + } + + results := executeCommand("Jetbrains") + for _, result := range results.Results { + assert.Assert(t, result.Type != params.SCSScorecardType && result.Type != params.SCSSecretDetectionType, "SCS results should be excluded for other agents") + } + assert.Assert(t, results.TotalCount == 7, "SCS Scorecard results should be excluded") + + defer os.Remove(fileName + ".json") +} + +func TestRunNilResults_Other_AgentsShouldNotShowAnyResults(t *testing.T) { + executeCommand := func(agent string) *wrappers.ScanResultsCollection { + clearFlags() + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true} + + _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), + "results", "show", "--scan-id", "NIL_RESULTS", "--report-format", "json", "--agent", agent) + assert.NilError(t, err) + + file, err := os.Open(fileName + ".json") + if err != nil { + t.Fatalf("failed to open file: %v", err) + } + defer file.Close() + + fileContents, err := io.ReadAll(file) + if err != nil { + t.Fatalf("failed to read file: %v", err) + } + + var results wrappers.ScanResultsCollection + err = json.Unmarshal(fileContents, &results) + assert.NilError(t, err) + return &results + } + + results := executeCommand("Jetbrains") + + assert.Assert(t, results.TotalCount == 0, "SCS Scorecard results should be excluded") + + defer os.Remove(fileName + ".json") +} + func TestResultsExitCode_OnCanceledScan_PrintOnlyScanIDAndStatusCanceledToConsole(t *testing.T) { model := wrappers.ScanResponseModel{ ID: "fake-scan-id-kics-fail-sast-canceled-id", diff --git a/internal/params/flags.go b/internal/params/flags.go index 466bf07c1..0a17d5d15 100644 --- a/internal/params/flags.go +++ b/internal/params/flags.go @@ -6,6 +6,7 @@ const ( AgentFlagUsage = "Scan origin name" ApplicationName = "application-name" DefaultAgent = "ASTCLI" + VSCodeAgent = "VS Code" DebugFlag = "debug" DebugUsage = "Debug mode with detailed logs" RetryFlag = "retry" @@ -230,20 +231,22 @@ const ( // Results const ( - SastType = "sast" - KicsType = "kics" - APISecurityType = "api-security" - AIProtectionType = "AI Protection" - ContainersType = "containers" - APIDocumentationFlag = "apisec-swagger-filter" - IacType = "iac-security" - IacLabel = "IaC Security" - APISecurityLabel = "API Security" - ScaType = "sca" - APISecType = "apisec" - ScsType = "scs" - MicroEnginesType = "microengines" // the scs scan type for scans API - Success = "success" + SastType = "sast" + KicsType = "kics" + APISecurityType = "api-security" + AIProtectionType = "AI Protection" + ContainersType = "containers" + APIDocumentationFlag = "apisec-swagger-filter" + IacType = "iac-security" + IacLabel = "IaC Security" + APISecurityLabel = "API Security" + ScaType = "sca" + APISecType = "apisec" + ScsType = "scs" + MicroEnginesType = "microengines" // the scs scan type for scans API + Success = "success" + SCSScorecardType = "sscs-Scorecard" + SCSSecretDetectionType = "sscs-Secret Detection" ) // ScaAgent AST Role diff --git a/internal/wrappers/mock/results-mock.go b/internal/wrappers/mock/results-mock.go index ed207b33f..b0699802c 100644 --- a/internal/wrappers/mock/results-mock.go +++ b/internal/wrappers/mock/results-mock.go @@ -29,6 +29,40 @@ var containersResults = &wrappers.ScanResult{ CweID: "CWE-1234", }, } +var scsResults = &wrappers.ScanResultsCollection{ + TotalCount: 2, + Results: []*wrappers.ScanResult{ + { + Type: "sscs-Secret Detection", + ID: "bhXbZjjoQZdGAwUhj6MLo9sh4fA=", + SimilarityID: "6deb156f325544aaefecee846b49a948571cecd4445d2b2b391a490641be5845", + Status: "NEW", + State: "TO_VERIFY", + Severity: "HIGH", + Created: "2024-07-30T12:49:56Z", + FirstFoundAt: "2023-07-06T10:28:49Z", + FoundAt: "2024-07-30T12:49:56Z", + FirstScanID: "3d922bcd-00fe-4774-b182-d51e739dff81", + Description: "Generic API Key has detected secret for file application.properties.", + VulnerabilityDetails: wrappers.VulnerabilityDetails{}, + }, + { + Type: "sscs-Scorecard", + ID: "n2a8iCzrIgbCe+dGKYk+cAApO0U=", + SimilarityID: "65323789a325544aaefecee846b49a948571cecd4445d2b2b391a490641be5845", + Status: "NEW", + State: "TO_VERIFY", + Severity: "HIGH", + Created: "2024-07-30T12:49:56Z", + FirstFoundAt: "2023-07-06T10:28:49Z", + FoundAt: "2024-07-30T12:49:56Z", + FirstScanID: "3d922bcd-00fe-4774-b182-d51e739dff81", + Description: "score is 0: branch protection not enabled on development/release branches:\\nWarn: branch protection not enabled for branch 'main'", + + VulnerabilityDetails: wrappers.VulnerabilityDetails{}, + }, + }, +} func (r ResultsMockWrapper) GetAllResultsByScanID(params map[string]string) ( *wrappers.ScanResultsCollection, @@ -49,6 +83,15 @@ func (r ResultsMockWrapper) GetAllResultsByScanID(params map[string]string) ( }, }, nil, nil } + if params["scan-id"] == "SCS" { + return scsResults, nil, nil + } + if params["scan-id"] == "NIL_RESULTS" { + return &wrappers.ScanResultsCollection{ + TotalCount: 0, + Results: nil, + }, nil, nil + } const mock = "mock" var dependencyPath = wrappers.DependencyPath{ID: mock, Name: mock, Version: mock, IsResolved: true, IsDevelopment: false, Locations: nil} var dependencyArray = [][]wrappers.DependencyPath{{dependencyPath}} From 6e38e2ffee5b32ee3b70d32bbfa9a44e4e537643 Mon Sep 17 00:00:00 2001 From: sarahCx Date: Wed, 28 Aug 2024 09:25:58 +0300 Subject: [PATCH 2/8] fix comments --- internal/commands/result.go | 46 ++++++---- internal/commands/result_test.go | 153 ++++++------------------------- 2 files changed, 56 insertions(+), 143 deletions(-) diff --git a/internal/commands/result.go b/internal/commands/result.go index d3ba2a0d8..7239e6a14 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1041,29 +1041,39 @@ func setIsContainersEnabled(agent string, featureFlagsWrapper wrappers.FeatureFl wrappers.IsContainersEnabled = containerEngineCLIEnabled.Status && agentSupported } +func filterVSCodeAgentResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { + var filteredResults []*wrappers.ScanResult + for _, result := range results.Results { + if result.Type != commonParams.SCSScorecardType { + filteredResults = append(filteredResults, result) + } else { + results.TotalCount-- + } + } + return filteredResults +} + +func filterOtherAgentResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { + var filteredResults []*wrappers.ScanResult + for _, result := range results.Results { + if result.Type != commonParams.SCSScorecardType && result.Type != commonParams.SCSSecretDetectionType { + filteredResults = append(filteredResults, result) + } else { + results.TotalCount-- + } + } + return filteredResults +} + func filterResultsByAgent(results *wrappers.ScanResultsCollection, agent string) *wrappers.ScanResultsCollection { + if agent == commonParams.VSCodeAgent { - var filteredResults []*wrappers.ScanResult - for _, result := range results.Results { - if result.Type != commonParams.SCSScorecardType { - filteredResults = append(filteredResults, result) - } else { - results.TotalCount-- - } - } - results.Results = filteredResults + results.Results = filterVSCodeAgentResults(results) } else if agent != commonParams.DefaultAgent { - var filteredResults []*wrappers.ScanResult - for _, result := range results.Results { - if result.Type != commonParams.SCSScorecardType && result.Type != commonParams.SCSSecretDetectionType { - filteredResults = append(filteredResults, result) - } else { - results.TotalCount-- - } - } - results.Results = filteredResults + results.Results = filterOtherAgentResults(results) } return results + } func CreateScanReport( diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index cd3a4142f..0a233794e 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -133,33 +133,34 @@ func TestResultsExitCode_OnPartialScan_PrintOnlyFailedScannersInfoToConsole(t *t assert.Equal(t, results[0].Status, "Partial", "") } -func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { - executeCommand := func(agent string) *wrappers.ScanResultsCollection { - clearFlags() - mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} - - _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), - "results", "show", "--scan-id", "SCS", "--report-format", "json", "--agent", agent) - assert.NilError(t, err) +var executeCommand = func(t *testing.T, agent string) *wrappers.ScanResultsCollection { + clearFlags() + mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} - file, err := os.Open(fileName + ".json") - if err != nil { - t.Fatalf("failed to open file: %v", err) - } - defer file.Close() + _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), + "results", "show", "--scan-id", "SCS", "--report-format", "json", "--agent", agent) + assert.NilError(t, err) - fileContents, err := io.ReadAll(file) - if err != nil { - t.Fatalf("failed to read file: %v", err) - } + file, err := os.Open(fileName + ".json") + if err != nil { + t.Fatalf("failed to open file: %v", err) + } + defer file.Close() - var results wrappers.ScanResultsCollection - err = json.Unmarshal(fileContents, &results) - assert.NilError(t, err) - return &results + fileContents, err := io.ReadAll(file) + if err != nil { + t.Fatalf("failed to read file: %v", err) } - results := executeCommand(params.DefaultAgent) + var results wrappers.ScanResultsCollection + err = json.Unmarshal(fileContents, &results) + assert.NilError(t, err) + return &results +} + +func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { + + results := executeCommand(t, params.DefaultAgent) scsSecretDetectionFound := false scsScorecardFound := false for _, result := range results.Results { @@ -180,32 +181,8 @@ func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { } func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing.T) { - executeCommand := func(agent string) *wrappers.ScanResultsCollection { - clearFlags() - mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} - _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), - "results", "show", "--scan-id", "SCS", "--report-format", "json", "--agent", agent) - assert.NilError(t, err) - - file, err := os.Open(fileName + ".json") - if err != nil { - t.Fatalf("failed to open file: %v", err) - } - defer file.Close() - - fileContents, err := io.ReadAll(file) - if err != nil { - t.Fatalf("failed to read file: %v", err) - } - - var results wrappers.ScanResultsCollection - err = json.Unmarshal(fileContents, &results) - assert.NilError(t, err) - return &results - } - - results := executeCommand(params.VSCodeAgent) + results := executeCommand(t, params.VSCodeAgent) for _, result := range results.Results { assert.Assert(t, result.Type != params.SCSScorecardType, "SCS Scorecard results should be excluded for VS Code agent") } @@ -215,32 +192,8 @@ func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing. } func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { - executeCommand := func(agent string) *wrappers.ScanResultsCollection { - clearFlags() - mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} - - _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), - "results", "show", "--scan-id", "SCS", "--report-format", "json", "--agent", agent) - assert.NilError(t, err) - - file, err := os.Open(fileName + ".json") - if err != nil { - t.Fatalf("failed to open file: %v", err) - } - defer file.Close() - - fileContents, err := io.ReadAll(file) - if err != nil { - t.Fatalf("failed to read file: %v", err) - } - - var results wrappers.ScanResultsCollection - err = json.Unmarshal(fileContents, &results) - assert.NilError(t, err) - return &results - } - results := executeCommand("Jetbrains") + results := executeCommand(t, "Jetbrains") for _, result := range results.Results { assert.Assert(t, result.Type != params.SCSScorecardType && result.Type != params.SCSSecretDetectionType, "SCS results should be excluded for other agents") } @@ -250,33 +203,8 @@ func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { } func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) { - executeCommand := func(agent string) *wrappers.ScanResultsCollection { - clearFlags() - mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} - mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true} - - _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), - "results", "show", "--scan-id", "MOCK", "--report-format", "json", "--agent", agent) - assert.NilError(t, err) - - file, err := os.Open(fileName + ".json") - if err != nil { - t.Fatalf("failed to open file: %v", err) - } - defer file.Close() - - fileContents, err := io.ReadAll(file) - if err != nil { - t.Fatalf("failed to read file: %v", err) - } - - var results wrappers.ScanResultsCollection - err = json.Unmarshal(fileContents, &results) - assert.NilError(t, err) - return &results - } - results := executeCommand("Jetbrains") + results := executeCommand(t, "Jetbrains") for _, result := range results.Results { assert.Assert(t, result.Type != params.SCSScorecardType && result.Type != params.SCSSecretDetectionType, "SCS results should be excluded for other agents") } @@ -286,37 +214,12 @@ func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) } func TestRunNilResults_Other_AgentsShouldNotShowAnyResults(t *testing.T) { - executeCommand := func(agent string) *wrappers.ScanResultsCollection { - clearFlags() - mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.SCSEngineCLIEnabled, Status: true} - mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true} - _, err := executeRedirectedOsStdoutTestCommand(createASTTestCommand(), - "results", "show", "--scan-id", "NIL_RESULTS", "--report-format", "json", "--agent", agent) - assert.NilError(t, err) - - file, err := os.Open(fileName + ".json") - if err != nil { - t.Fatalf("failed to open file: %v", err) - } - defer file.Close() - - fileContents, err := io.ReadAll(file) - if err != nil { - t.Fatalf("failed to read file: %v", err) - } - - var results wrappers.ScanResultsCollection - err = json.Unmarshal(fileContents, &results) - assert.NilError(t, err) - return &results - } - - results := executeCommand("Jetbrains") + results := executeCommand(t, "Jetbrains") assert.Assert(t, results.TotalCount == 0, "SCS Scorecard results should be excluded") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestResultsExitCode_OnCanceledScan_PrintOnlyScanIDAndStatusCanceledToConsole(t *testing.T) { From a23cd4f75a8a13cd5cb2dedc3b17b125c2cefcbc Mon Sep 17 00:00:00 2001 From: sarahCx Date: Wed, 28 Aug 2024 09:39:15 +0300 Subject: [PATCH 3/8] fix commgiigients and update go.mod --- go.mod | 30 ++++++++--------- go.sum | 56 ++++++++++++++++---------------- internal/commands/result.go | 12 +++---- internal/commands/result_test.go | 8 ++--- 4 files changed, 53 insertions(+), 53 deletions(-) diff --git a/go.mod b/go.mod index 30f70c3f6..f5056f128 100644 --- a/go.mod +++ b/go.mod @@ -3,10 +3,10 @@ module github.com/checkmarx/ast-cli go 1.22.5 require ( + github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 github.com/CheckmarxDev/containers-resolver v1.0.6 github.com/MakeNowJust/heredoc v1.0.0 github.com/checkmarxDev/gpt-wrapper v0.0.0-20230721160222-85da2fd1cc4c - github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 github.com/golang-jwt/jwt v3.2.2+incompatible github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 @@ -19,9 +19,10 @@ require ( github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.9.0 github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 - golang.org/x/crypto v0.22.0 + github.com/xeipuuv/gojsonschema v1.2.0 + golang.org/x/crypto v0.25.0 golang.org/x/sync v0.7.0 - golang.org/x/text v0.14.0 + golang.org/x/text v0.16.0 google.golang.org/grpc v1.63.2 google.golang.org/protobuf v1.33.0 gotest.tools v2.2.0+incompatible @@ -231,7 +232,6 @@ require ( github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect - github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect github.com/xlab/treeprint v1.2.0 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect @@ -247,8 +247,8 @@ require ( golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.24.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect - golang.org/x/sys v0.19.0 // indirect - golang.org/x/term v0.19.0 // indirect + golang.org/x/sys v0.22.0 // indirect + golang.org/x/term v0.22.0 // indirect golang.org/x/time v0.5.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/appengine v1.6.8 // indirect @@ -259,17 +259,17 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - helm.sh/helm/v3 v3.15.2 // indirect - k8s.io/api v0.30.0 // indirect - k8s.io/apiextensions-apiserver v0.30.0 // indirect - k8s.io/apimachinery v0.30.0 // indirect - k8s.io/apiserver v0.30.0 // indirect - k8s.io/cli-runtime v0.30.0 // indirect - k8s.io/client-go v0.30.0 // indirect - k8s.io/component-base v0.30.0 // indirect + helm.sh/helm/v3 v3.15.4 // indirect + k8s.io/api v0.30.3 // indirect + k8s.io/apiextensions-apiserver v0.30.3 // indirect + k8s.io/apimachinery v0.30.3 // indirect + k8s.io/apiserver v0.30.3 // indirect + k8s.io/cli-runtime v0.30.3 // indirect + k8s.io/client-go v0.30.3 // indirect + k8s.io/component-base v0.30.3 // indirect k8s.io/klog/v2 v2.120.1 // indirect k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect - k8s.io/kubectl v0.30.0 // indirect + k8s.io/kubectl v0.30.3 // indirect k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect oras.land/oras-go v1.2.5 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect diff --git a/go.sum b/go.sum index 71103cfba..96e8fc0c0 100644 --- a/go.sum +++ b/go.sum @@ -1001,8 +1001,8 @@ golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= -golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= +golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1206,16 +1206,16 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= -golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= -golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= +golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1229,8 +1229,8 @@ golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1292,8 +1292,8 @@ golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= -golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1486,8 +1486,8 @@ gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= -helm.sh/helm/v3 v3.15.2 h1:/3XINUFinJOBjQplGnjw92eLGpgXXp1L8chWPkCkDuw= -helm.sh/helm/v3 v3.15.2/go.mod h1:FzSIP8jDQaa6WAVg9F+OkKz7J0ZmAga4MABtTbsb9WQ= +helm.sh/helm/v3 v3.15.4 h1:UFHd6oZ1IN3FsUZ7XNhOQDyQ2QYknBNWRHH57e9cbHY= +helm.sh/helm/v3 v3.15.4/go.mod h1:phOwlxqGSgppCY/ysWBNRhG3MtnpsttOzxaTK+Mt40E= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -1495,26 +1495,26 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA= -k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE= -k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs= -k8s.io/apiextensions-apiserver v0.30.0/go.mod h1:N9ogQFGcrbWqAY9p2mUAL5mGxsLqwgtUce127VtRX5Y= -k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA= -k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= -k8s.io/apiserver v0.30.0 h1:QCec+U72tMQ+9tR6A0sMBB5Vh6ImCEkoKkTDRABWq6M= -k8s.io/apiserver v0.30.0/go.mod h1:smOIBq8t0MbKZi7O7SyIpjPsiKJ8qa+llcFCluKyqiY= -k8s.io/cli-runtime v0.30.0 h1:0vn6/XhOvn1RJ2KJOC6IRR2CGqrpT6QQF4+8pYpWQ48= -k8s.io/cli-runtime v0.30.0/go.mod h1:vATpDMATVTMA79sZ0YUCzlMelf6rUjoBzlp+RnoM+cg= -k8s.io/client-go v0.30.0 h1:sB1AGGlhY/o7KCyCEQ0bPWzYDL0pwOZO4vAtTSh/gJQ= -k8s.io/client-go v0.30.0/go.mod h1:g7li5O5256qe6TYdAMyX/otJqMhIiGgTapdLchhmOaY= -k8s.io/component-base v0.30.0 h1:cj6bp38g0ainlfYtaOQuRELh5KSYjhKxM+io7AUIk4o= -k8s.io/component-base v0.30.0/go.mod h1:V9x/0ePFNaKeKYA3bOvIbrNoluTSG+fSJKjLdjOoeXQ= +k8s.io/api v0.30.3 h1:ImHwK9DCsPA9uoU3rVh4QHAHHK5dTSv1nxJUapx8hoQ= +k8s.io/api v0.30.3/go.mod h1:GPc8jlzoe5JG3pb0KJCSLX5oAFIW3/qNJITlDj8BH04= +k8s.io/apiextensions-apiserver v0.30.3 h1:oChu5li2vsZHx2IvnGP3ah8Nj3KyqG3kRSaKmijhB9U= +k8s.io/apiextensions-apiserver v0.30.3/go.mod h1:uhXxYDkMAvl6CJw4lrDN4CPbONkF3+XL9cacCT44kV4= +k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= +k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/apiserver v0.30.3 h1:QZJndA9k2MjFqpnyYv/PH+9PE0SHhx3hBho4X0vE65g= +k8s.io/apiserver v0.30.3/go.mod h1:6Oa88y1CZqnzetd2JdepO0UXzQX4ZnOekx2/PtEjrOg= +k8s.io/cli-runtime v0.30.3 h1:aG69oRzJuP2Q4o8dm+f5WJIX4ZBEwrvdID0+MXyUY6k= +k8s.io/cli-runtime v0.30.3/go.mod h1:hwrrRdd9P84CXSKzhHxrOivAR9BRnkMt0OeP5mj7X30= +k8s.io/client-go v0.30.3 h1:bHrJu3xQZNXIi8/MoxYtZBBWQQXwy16zqJwloXXfD3k= +k8s.io/client-go v0.30.3/go.mod h1:8d4pf8vYu665/kUbsxWAQ/JDBNWqfFeZnvFiVdmx89U= +k8s.io/component-base v0.30.3 h1:Ci0UqKWf4oiwy8hr1+E3dsnliKnkMLZMVbWzeorlk7s= +k8s.io/component-base v0.30.3/go.mod h1:C1SshT3rGPCuNtBs14RmVD2xW0EhRSeLvBh7AGk1quA= k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= -k8s.io/kubectl v0.30.0 h1:xbPvzagbJ6RNYVMVuiHArC1grrV5vSmmIcSZuCdzRyk= -k8s.io/kubectl v0.30.0/go.mod h1:zgolRw2MQXLPwmic2l/+iHs239L49fhSeICuMhQQXTI= +k8s.io/kubectl v0.30.3 h1:YIBBvMdTW0xcDpmrOBzcpUVsn+zOgjMYIu7kAq+yqiI= +k8s.io/kubectl v0.30.3/go.mod h1:IcR0I9RN2+zzTRUa1BzZCm4oM0NLOawE6RzlDvd1Fpo= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= modernc.org/libc v1.41.0 h1:g9YAc6BkKlgORsUWj+JwqoB1wU3o4DE3bM3yvA3k+Gk= diff --git a/internal/commands/result.go b/internal/commands/result.go index 7239e6a14..aa9c89fe4 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1041,7 +1041,7 @@ func setIsContainersEnabled(agent string, featureFlagsWrapper wrappers.FeatureFl wrappers.IsContainersEnabled = containerEngineCLIEnabled.Status && agentSupported } -func filterVSCodeAgentResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { +func filterVSCodeAgentScsResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { var filteredResults []*wrappers.ScanResult for _, result := range results.Results { if result.Type != commonParams.SCSScorecardType { @@ -1053,7 +1053,7 @@ func filterVSCodeAgentResults(results *wrappers.ScanResultsCollection) []*wrappe return filteredResults } -func filterOtherAgentResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { +func filterOtherAgentScsResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { var filteredResults []*wrappers.ScanResult for _, result := range results.Results { if result.Type != commonParams.SCSScorecardType && result.Type != commonParams.SCSSecretDetectionType { @@ -1065,12 +1065,12 @@ func filterOtherAgentResults(results *wrappers.ScanResultsCollection) []*wrapper return filteredResults } -func filterResultsByAgent(results *wrappers.ScanResultsCollection, agent string) *wrappers.ScanResultsCollection { +func filterScsResultsByAgent(results *wrappers.ScanResultsCollection, agent string) *wrappers.ScanResultsCollection { if agent == commonParams.VSCodeAgent { - results.Results = filterVSCodeAgentResults(results) + results.Results = filterVSCodeAgentScsResults(results) } else if agent != commonParams.DefaultAgent { - results.Results = filterOtherAgentResults(results) + results.Results = filterOtherAgentScsResults(results) } return results @@ -1273,7 +1273,7 @@ func createReport(format, return exportSonarResults(sonarRpt, results) } if printer.IsFormat(format, printer.FormatJSON) && isValidScanStatus(summary.Status, printer.FormatJSON) { - results = filterResultsByAgent(results, agent) + results = filterScsResultsByAgent(results, agent) jsonRpt := createTargetName(targetFile, targetPath, printer.FormatJSON) return exportJSONResults(jsonRpt, results) } diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index 0a233794e..7496f0ae3 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -177,7 +177,7 @@ func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { assert.Assert(t, scsSecretDetectionFound && scsScorecardFound, "SCS results should be included for AST-CLI agent") assert.Assert(t, results.TotalCount == 2, "SCS Scorecard results should be excluded for VS Code agent") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing.T) { @@ -188,7 +188,7 @@ func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing. } assert.Assert(t, results.TotalCount == 1, "SCS Scorecard results should be excluded for VS Code agent") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { @@ -199,7 +199,7 @@ func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { } assert.Assert(t, results.TotalCount == 0, "SCS Scorecard results should be excluded") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) { @@ -210,7 +210,7 @@ func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) } assert.Assert(t, results.TotalCount == 7, "SCS Scorecard results should be excluded") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestRunNilResults_Other_AgentsShouldNotShowAnyResults(t *testing.T) { From f616c0843169df700fc7d917e5044d25eff31139 Mon Sep 17 00:00:00 2001 From: sarahCx Date: Wed, 28 Aug 2024 14:40:44 +0300 Subject: [PATCH 4/8] Revert "Merge branch 'main' into filterScsResultsByAgent" This reverts commit f247ce21a0f6a0a4d543c2a812559fd1a0cd20b7, reversing changes made to a23cd4f75a8a13cd5cb2dedc3b17b125c2cefcbc. --- .github/workflows/ci.yml | 2 - go.mod | 91 ++++----- go.sum | 202 +++++++++---------- internal/commands/.scripts/integration_up.sh | 73 +------ internal/commands/result.go | 15 +- internal/services/export.go | 8 + internal/wrappers/export.go | 2 +- internal/wrappers/results-sca-package.go | 2 +- test/integration/result_test.go | 1 + test/integration/scan_test.go | 99 +++++---- 10 files changed, 211 insertions(+), 284 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 10c6172fb..78117e256 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,8 +43,6 @@ jobs: - run: go version - name: Go Build run: go build -o ./bin/cx ./cmd - - name: Install gocovmerge - run: go install github.com/wadey/gocovmerge@latest - name: Go Integration test shell: bash env: diff --git a/go.mod b/go.mod index 0a385fbf2..f5056f128 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.22.5 require ( github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 - github.com/CheckmarxDev/containers-resolver v1.0.10 + github.com/CheckmarxDev/containers-resolver v1.0.6 github.com/MakeNowJust/heredoc v1.0.0 github.com/checkmarxDev/gpt-wrapper v0.0.0-20230721160222-85da2fd1cc4c github.com/golang-jwt/jwt v3.2.2+incompatible @@ -15,13 +15,14 @@ require ( github.com/jsumners/go-getport v1.0.0 github.com/mssola/user_agent v0.6.0 github.com/pkg/errors v0.9.1 - github.com/spf13/cobra v1.8.1 + github.com/spf13/cobra v1.8.0 github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.9.0 github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 - golang.org/x/crypto v0.26.0 - golang.org/x/sync v0.8.0 - golang.org/x/text v0.17.0 + github.com/xeipuuv/gojsonschema v1.2.0 + golang.org/x/crypto v0.25.0 + golang.org/x/sync v0.7.0 + golang.org/x/text v0.16.0 google.golang.org/grpc v1.63.2 google.golang.org/protobuf v1.33.0 gotest.tools v2.2.0+incompatible @@ -32,8 +33,8 @@ require ( github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 // indirect github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect - github.com/BurntSushi/toml v1.4.0 // indirect - github.com/CycloneDX/cyclonedx-go v0.9.0 // indirect + github.com/BurntSushi/toml v1.3.2 // indirect + github.com/CycloneDX/cyclonedx-go v0.8.0 // indirect github.com/DataDog/zstd v1.5.5 // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver v1.5.0 // indirect @@ -44,17 +45,17 @@ require ( github.com/Microsoft/hcsshim v0.12.3 // indirect github.com/ProtonMail/go-crypto v1.0.0 // indirect github.com/acobaugh/osrelease v0.1.0 // indirect - github.com/adrg/xdg v0.5.0 // indirect - github.com/anchore/clio v0.0.0-20240522144804-d81e109008aa // indirect - github.com/anchore/fangs v0.0.0-20240508143433-f016b099950f // indirect + github.com/adrg/xdg v0.4.0 // indirect + github.com/anchore/clio v0.0.0-20240209204744-cb94e40a4f65 // indirect + github.com/anchore/fangs v0.0.0-20231201140849-5075d28d6d8b // indirect github.com/anchore/go-collections v0.0.0-20240216171411-9321230ce537 // indirect github.com/anchore/go-logger v0.0.0-20230725134548-c21dafa1ec5a // indirect github.com/anchore/go-macholibre v0.0.0-20220308212642-53e6d0aaf6fb // indirect github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 // indirect github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b // indirect - github.com/anchore/packageurl-go v0.1.1-0.20240507183024-848e011fc24f // indirect - github.com/anchore/stereoscope v0.0.3-0.20240725180315-50ce3be7aa1f // indirect - github.com/anchore/syft v1.11.1 // indirect + github.com/anchore/packageurl-go v0.1.1-0.20240312213626-055233e539b4 // indirect + github.com/anchore/stereoscope v0.0.2-0.20240229175558-fe426d1b1c84 // indirect + github.com/anchore/syft v1.2.0 // indirect github.com/andybalholm/brotli v1.1.0 // indirect github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 // indirect github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492 // indirect @@ -65,9 +66,8 @@ require ( github.com/bmatcuk/doublestar/v4 v4.6.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect - github.com/charmbracelet/lipgloss v0.12.1 // indirect - github.com/charmbracelet/x/ansi v0.1.4 // indirect - github.com/cloudflare/circl v1.3.8 // indirect + github.com/charmbracelet/lipgloss v0.10.0 // indirect + github.com/cloudflare/circl v1.3.7 // indirect github.com/containerd/cgroups/v3 v3.0.2 // indirect github.com/containerd/containerd v1.7.15 // indirect github.com/containerd/continuity v0.4.2 // indirect @@ -81,9 +81,9 @@ require ( github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/deitch/magic v0.0.0-20230404182410-1ff89d7342da // indirect github.com/distribution/reference v0.6.0 // indirect - github.com/docker/cli v27.1.1+incompatible // indirect + github.com/docker/cli v25.0.1+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect - github.com/docker/docker v27.1.2+incompatible // indirect + github.com/docker/docker v26.1.5+incompatible // indirect github.com/docker/docker-credential-helpers v0.7.0 // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect @@ -98,12 +98,12 @@ require ( github.com/evanphx/json-patch v5.7.0+incompatible // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/facebookincubator/nvdtools v0.1.5 // indirect - github.com/fatih/color v1.17.0 // indirect + github.com/fatih/color v1.15.0 // indirect github.com/felixge/fgprof v0.9.3 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/gabriel-vasile/mimetype v1.4.4 // indirect - github.com/github/go-spdx/v2 v2.3.1 // indirect + github.com/gabriel-vasile/mimetype v1.4.0 // indirect + github.com/github/go-spdx/v2 v2.2.0 // indirect github.com/go-errors/errors v1.4.2 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.5.0 // indirect @@ -123,10 +123,10 @@ require ( github.com/google/btree v1.0.1 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect - github.com/google/go-containerregistry v0.20.2 // indirect + github.com/google/go-containerregistry v0.19.1 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/licensecheck v0.3.1 // indirect - github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd // indirect + github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26 // indirect github.com/gorilla/mux v1.8.1 // indirect github.com/gorilla/websocket v1.5.0 // indirect github.com/gosuri/uitable v0.0.4 // indirect @@ -147,7 +147,7 @@ require ( github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.17.8 // indirect github.com/klauspost/pgzip v1.2.6 // indirect - github.com/knqyf263/go-rpmdb v0.1.1 // indirect + github.com/knqyf263/go-rpmdb v0.1.0 // indirect github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect github.com/lib/pq v1.10.9 // indirect @@ -156,7 +156,7 @@ require ( github.com/magiconair/properties v1.8.7 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-isatty v0.0.19 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect github.com/mholt/archiver/v3 v3.5.1 // indirect @@ -171,7 +171,7 @@ require ( github.com/moby/docker-image-spec v1.3.1 // indirect github.com/moby/locker v1.0.1 // indirect github.com/moby/spdystream v0.2.0 // indirect - github.com/moby/sys/mountinfo v0.7.2 // indirect + github.com/moby/sys/mountinfo v0.7.1 // indirect github.com/moby/sys/sequential v0.5.0 // indirect github.com/moby/sys/signal v0.7.0 // indirect github.com/moby/sys/user v0.1.0 // indirect @@ -179,6 +179,7 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect + github.com/muesli/reflow v0.3.0 // indirect github.com/muesli/termenv v0.15.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect @@ -203,28 +204,27 @@ require ( github.com/rivo/uniseg v0.4.7 // indirect github.com/rubenv/sql-migrate v1.5.2 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/saferwall/pe v1.5.4 // indirect + github.com/saferwall/pe v1.5.2 // indirect github.com/sagikazarmark/locafero v0.4.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect - github.com/sassoftware/go-rpmutils v0.4.0 // indirect + github.com/sassoftware/go-rpmutils v0.3.0 // indirect github.com/scylladb/go-set v1.0.3-0.20200225121959-cc7b2070d91e // indirect - github.com/secDre4mer/pkcs7 v0.0.0-20240322103146-665324a4461d // indirect github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/shopspring/decimal v1.3.1 // indirect github.com/sirupsen/logrus v1.9.3 // indirect github.com/skeema/knownhosts v1.2.2 // indirect github.com/sourcegraph/conc v0.3.0 // indirect - github.com/spdx/tools-golang v0.5.5 // indirect + github.com/spdx/tools-golang v0.5.3 // indirect github.com/spf13/afero v1.11.0 // indirect github.com/spf13/cast v1.6.0 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/subosito/gotenv v1.6.0 // indirect - github.com/sylabs/sif/v2 v2.17.1 // indirect - github.com/sylabs/squashfs v1.0.0 // indirect + github.com/sylabs/sif/v2 v2.11.5 // indirect + github.com/sylabs/squashfs v0.6.1 // indirect github.com/therootcompany/xz v1.0.1 // indirect github.com/ulikunitz/xz v0.5.12 // indirect - github.com/vbatts/go-mtree v0.5.4 // indirect + github.com/vbatts/go-mtree v0.5.3 // indirect github.com/vbatts/tar-split v0.11.3 // indirect github.com/vifraa/gopom v1.0.0 // indirect github.com/wagoodman/go-partybus v0.0.0-20230516145632-8ccac152c651 // indirect @@ -235,6 +235,7 @@ require ( github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect github.com/xlab/treeprint v1.2.0 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect + go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 // indirect go.opentelemetry.io/otel v1.25.0 // indirect @@ -243,11 +244,11 @@ require ( go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect - golang.org/x/mod v0.20.0 // indirect - golang.org/x/net v0.28.0 // indirect + golang.org/x/mod v0.17.0 // indirect + golang.org/x/net v0.24.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect - golang.org/x/sys v0.24.0 // indirect - golang.org/x/term v0.23.0 // indirect + golang.org/x/sys v0.22.0 // indirect + golang.org/x/term v0.22.0 // indirect golang.org/x/time v0.5.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/appengine v1.6.8 // indirect @@ -258,14 +259,14 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - helm.sh/helm/v3 v3.15.3 // indirect - k8s.io/api v0.30.0 // indirect - k8s.io/apiextensions-apiserver v0.30.0 // indirect - k8s.io/apimachinery v0.30.0 // indirect - k8s.io/apiserver v0.30.0 // indirect - k8s.io/cli-runtime v0.30.0 // indirect - k8s.io/client-go v0.30.0 // indirect - k8s.io/component-base v0.30.0 // indirect + helm.sh/helm/v3 v3.15.4 // indirect + k8s.io/api v0.30.3 // indirect + k8s.io/apiextensions-apiserver v0.30.3 // indirect + k8s.io/apimachinery v0.30.3 // indirect + k8s.io/apiserver v0.30.3 // indirect + k8s.io/cli-runtime v0.30.3 // indirect + k8s.io/client-go v0.30.3 // indirect + k8s.io/component-base v0.30.3 // indirect k8s.io/klog/v2 v2.120.1 // indirect k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect k8s.io/kubectl v0.30.3 // indirect diff --git a/go.sum b/go.sum index 61e1ec2ba..96e8fc0c0 100644 --- a/go.sum +++ b/go.sum @@ -57,15 +57,15 @@ github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg6 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= -github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= +github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= +github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 h1:SCuTcE+CFvgjbIxUNL8rsdB2sAhfuNx85HvxImKta3g= github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63/go.mod h1:MI6lfLerXU+5eTV/EPTDavgnV3owz3GPT4g/msZBWPo= -github.com/CheckmarxDev/containers-resolver v1.0.10 h1:Co9tKzvcQYtmAP/iendcBcUHIZRwiCEQhSXigTXQ4xM= -github.com/CheckmarxDev/containers-resolver v1.0.10/go.mod h1:i9ZTKip7/EuzXxlW1FdGzAdWooAy0fwzkuwFBJnvcE4= -github.com/CycloneDX/cyclonedx-go v0.9.0 h1:inaif7qD8bivyxp7XLgxUYtOXWtDez7+j72qKTMQTb8= -github.com/CycloneDX/cyclonedx-go v0.9.0/go.mod h1:NE/EWvzELOFlG6+ljX/QeMlVt9VKcTwu8u0ccsACEsw= +github.com/CheckmarxDev/containers-resolver v1.0.6 h1:Y0CKTR5tlw0YV+nQpz44kF0sZxWwCyvgYtjOukfYm0E= +github.com/CheckmarxDev/containers-resolver v1.0.6/go.mod h1:S3m6qscOWqaJJw56hR/hZxBVdcZRn8AnRGU/6jtONI4= +github.com/CycloneDX/cyclonedx-go v0.8.0 h1:FyWVj6x6hoJrui5uRQdYZcSievw3Z32Z88uYzG/0D6M= +github.com/CycloneDX/cyclonedx-go v0.8.0/go.mod h1:K2bA+324+Og0X84fA8HhN2X066K7Bxz4rpMQ4ZhjtSk= github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= @@ -96,16 +96,16 @@ github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/O github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/acobaugh/osrelease v0.1.0 h1:Yb59HQDGGNhCj4suHaFQQfBps5wyoKLSSX/J/+UifRE= github.com/acobaugh/osrelease v0.1.0/go.mod h1:4bFEs0MtgHNHBrmHCt67gNisnabCRAlzdVasCEGHTWY= -github.com/adrg/xdg v0.5.0 h1:dDaZvhMXatArP1NPHhnfaQUqWBLBsmx1h1HXQdMoFCY= -github.com/adrg/xdg v0.5.0/go.mod h1:dDdY4M4DF9Rjy4kHPeNL+ilVF+p2lK8IdM9/rTSGcI4= +github.com/adrg/xdg v0.4.0 h1:RzRqFcjH4nE5C6oTAxhBtoE2IRyjBSa62SCbyPidvls= +github.com/adrg/xdg v0.4.0/go.mod h1:N6ag73EX4wyxeaoeHctc1mas01KZgsj5tYiAIwqJE/E= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/anchore/clio v0.0.0-20240522144804-d81e109008aa h1:pwlAn4O9SBUnlgfa69YcqIynbUyobLVFYu8HxSoCffA= -github.com/anchore/clio v0.0.0-20240522144804-d81e109008aa/go.mod h1:nD3H5uIvjxlfmakOBgtyFQbk5Zjp3l538kxfpHPslzI= -github.com/anchore/fangs v0.0.0-20240508143433-f016b099950f h1:NOhzafCyNYFi88qxkBFjMzQo4dRa1vDhBzx+0Uovx8Q= -github.com/anchore/fangs v0.0.0-20240508143433-f016b099950f/go.mod h1:sVpRS2yNCw6tLVpvA1QSDVWTJVpCuAm8JNZgn4Sjz/k= +github.com/anchore/clio v0.0.0-20240209204744-cb94e40a4f65 h1:u9XrEabKlGPsrmRvAER+kUKkwXiJfLyqGhmOTFsXjX4= +github.com/anchore/clio v0.0.0-20240209204744-cb94e40a4f65/go.mod h1:8Jr7CjmwFVcBPtkJdTpaAGHimoGJGfbExypjzOu87Og= +github.com/anchore/fangs v0.0.0-20231201140849-5075d28d6d8b h1:L/djgY7ZbZ/38+wUtdkk398W3PIBJLkt1N8nU/7e47A= +github.com/anchore/fangs v0.0.0-20231201140849-5075d28d6d8b/go.mod h1:TLcE0RE5+8oIx2/NPWem/dq1DeaMoC+fPEH7hoSzPLo= github.com/anchore/go-collections v0.0.0-20240216171411-9321230ce537 h1:GjNGuwK5jWjJMyVppBjYS54eOiiSNv4Ba869k4wh72Q= github.com/anchore/go-collections v0.0.0-20240216171411-9321230ce537/go.mod h1:1aiktV46ATCkuVg0O573ZrH56BUawTECPETbZyBcqT8= github.com/anchore/go-logger v0.0.0-20230725134548-c21dafa1ec5a h1:nJ2G8zWKASyVClGVgG7sfM5mwoZlZ2zYpIzN2OhjWkw= @@ -118,12 +118,12 @@ github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 h1:VzprUTpc0v github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04/go.mod h1:6dK64g27Qi1qGQZ67gFmBFvEHScy0/C8qhQhNe5B5pQ= github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZVsCYMrIZBpFxwV26CbsuoEh5muXD5I1Ods= github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= -github.com/anchore/packageurl-go v0.1.1-0.20240507183024-848e011fc24f h1:B/E9ixKNCasntpoch61NDaQyGPDXLEJlL+B9B/PbdbA= -github.com/anchore/packageurl-go v0.1.1-0.20240507183024-848e011fc24f/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4= -github.com/anchore/stereoscope v0.0.3-0.20240725180315-50ce3be7aa1f h1:xuBvotcht1Ns8IdaC4UuYV1U8MFln9c5ELeo5bzDEO8= -github.com/anchore/stereoscope v0.0.3-0.20240725180315-50ce3be7aa1f/go.mod h1:DcQdMes8SwpFli3rDH0v+Vd9qU9Jariq7JSHNJV5X/A= -github.com/anchore/syft v1.11.1 h1:uJVmZ1WuhMw2cutCsBj0aUgUZxaNlbBNimZEISFttWY= -github.com/anchore/syft v1.11.1/go.mod h1:iwb+87tx6Fg2+1bzKEzgNcaBS6zjFSx59uraw24xtIY= +github.com/anchore/packageurl-go v0.1.1-0.20240312213626-055233e539b4 h1:SjemQ90fgflz39HG+VMkNfrpUVJpcFW6ZFA3TDXqzBM= +github.com/anchore/packageurl-go v0.1.1-0.20240312213626-055233e539b4/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4= +github.com/anchore/stereoscope v0.0.2-0.20240229175558-fe426d1b1c84 h1:/E74wU51M87fX5UWHubLZiENXbuAci+xtbSb+JFsIYg= +github.com/anchore/stereoscope v0.0.2-0.20240229175558-fe426d1b1c84/go.mod h1:evQiJMQG56Z7/L5uhA8kfhhjF6ESJUZzUH9ms6bQ2Co= +github.com/anchore/syft v1.2.0 h1:e6cJVzHErrZuYTWlSjxI/JbXS5ipaN8cdjXwGpd34MQ= +github.com/anchore/syft v1.2.0/go.mod h1:0oY5LHY9MC/Mui6ZTjd0jcJRU6U6HNxaoQPWbZ4RhhY= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= github.com/andybalholm/brotli v1.1.0 h1:eLKJA0d02Lf0mVpIDgYnqXcUn0GqVmEFny3VuID1U3M= @@ -181,18 +181,10 @@ github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNS github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/charmbracelet/bubbles v0.18.0 h1:PYv1A036luoBGroX6VWjQIE9Syf2Wby2oOl/39KLfy0= github.com/charmbracelet/bubbles v0.18.0/go.mod h1:08qhZhtIwzgrtBjAcJnij1t1H0ZRjwHyGsy6AL11PSw= -github.com/charmbracelet/bubbletea v0.27.0 h1:Mznj+vvYuYagD9Pn2mY7fuelGvP0HAXtZYGgRBCbHvU= -github.com/charmbracelet/bubbletea v0.27.0/go.mod h1:5MdP9XH6MbQkgGhnlxUqCNmBXf9I74KRQ8HIidRxV1Y= -github.com/charmbracelet/lipgloss v0.12.1 h1:/gmzszl+pedQpjCOH+wFkZr/N90Snz40J/NR7A0zQcs= -github.com/charmbracelet/lipgloss v0.12.1/go.mod h1:V2CiwIuhx9S1S1ZlADfOj9HmxeMAORuz5izHb0zGbB8= -github.com/charmbracelet/x/ansi v0.1.4 h1:IEU3D6+dWwPSgZ6HBH+v6oUuZ/nVawMiWj5831KfiLM= -github.com/charmbracelet/x/ansi v0.1.4/go.mod h1:dk73KoMTT5AX5BsX0KrqhsTqAnhZZoCBjs7dGWp4Ktw= -github.com/charmbracelet/x/input v0.1.0 h1:TEsGSfZYQyOtp+STIjyBq6tpRaorH0qpwZUj8DavAhQ= -github.com/charmbracelet/x/input v0.1.0/go.mod h1:ZZwaBxPF7IG8gWWzPUVqHEtWhc1+HXJPNuerJGRGZ28= -github.com/charmbracelet/x/term v0.1.1 h1:3cosVAiPOig+EV4X9U+3LDgtwwAoEzJjNdwbXDjF6yI= -github.com/charmbracelet/x/term v0.1.1/go.mod h1:wB1fHt5ECsu3mXYusyzcngVWWlu1KKUmmLhfgr/Flxw= -github.com/charmbracelet/x/windows v0.1.0 h1:gTaxdvzDM5oMa/I2ZNF7wN78X/atWemG9Wph7Ika2k4= -github.com/charmbracelet/x/windows v0.1.0/go.mod h1:GLEO/l+lizvFDBPLIOk+49gdX49L9YWMB5t+DZd0jkQ= +github.com/charmbracelet/bubbletea v0.25.0 h1:bAfwk7jRz7FKFl9RzlIULPkStffg5k6pNt5dywy4TcM= +github.com/charmbracelet/bubbletea v0.25.0/go.mod h1:EN3QDR1T5ZdWmdfDzYcqOCAps45+QIJbLOBxmVNWNNg= +github.com/charmbracelet/lipgloss v0.10.0 h1:KWeXFSexGcfahHX+54URiZGkBFazf70JNMtwg/AFW3s= +github.com/charmbracelet/lipgloss v0.10.0/go.mod h1:Wig9DSfvANsxqkRsqj6x87irdy123SR4dOXlKa91ciE= github.com/checkmarxDev/gpt-wrapper v0.0.0-20230721160222-85da2fd1cc4c h1:oKI4C1dXYpi0B8pltDDzp1ZRiyeILv5enbp9h4ASQ3s= github.com/checkmarxDev/gpt-wrapper v0.0.0-20230721160222-85da2fd1cc4c/go.mod h1:l+0rISRGaps2HWkpvKbYPE1nsNx28vBj6bKorEm1M5o= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -202,8 +194,8 @@ github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6D github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= -github.com/cloudflare/circl v1.3.8 h1:j+V8jJt09PoeMFIu2uh5JUyEaIHTXVOHslFoLNAKqwI= -github.com/cloudflare/circl v1.3.8/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU= +github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= +github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= @@ -216,6 +208,8 @@ github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211130200136-a8f946100490/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/containerd/cgroups/v3 v3.0.2 h1:f5WFqIVSgo5IZmtTT3qVBo6TzI1ON6sycSBKkymb9L0= github.com/containerd/cgroups/v3 v3.0.2/go.mod h1:JUgITrzdFqp42uI2ryGA+ge0ap/nxzYgkGmIcetmErE= +github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY= +github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= github.com/containerd/containerd v1.7.15 h1:afEHXdil9iAm03BmhjzKyXnnEBtjaLJefdU7DV0IFes= github.com/containerd/containerd v1.7.15/go.mod h1:ISzRRTMF8EXNpJlTzyr2XMhN+j9K302C21/+cr3kUnY= github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG023MDM= @@ -237,7 +231,7 @@ github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= @@ -254,12 +248,12 @@ github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aB github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI= github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= -github.com/docker/cli v27.1.1+incompatible h1:goaZxOqs4QKxznZjjBWKONQci/MywhtRv2oNn0GkeZE= -github.com/docker/cli v27.1.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v25.0.1+incompatible h1:mFpqnrS6Hsm3v1k7Wa/BO23oz0k121MTbTO1lpcGSkU= +github.com/docker/cli v25.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v27.1.2+incompatible h1:AhGzR1xaQIy53qCkxARaFluI00WPGtXn0AJuoQsVYTY= -github.com/docker/docker v27.1.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v26.1.5+incompatible h1:NEAxTwEjxV6VbBMBoGG3zPqbiJosIApZjxlbrG9q3/g= +github.com/docker/docker v26.1.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A= github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0= github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= @@ -298,8 +292,6 @@ github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go. github.com/envoyproxy/go-control-plane v0.10.1/go.mod h1:AY7fTTXNdv/aJ2O5jwpxAPOWUZ7hQAEvzN5Pf27BkQQ= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E9/baC+qXE/TeeyBRzgJDws= -github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f h1:Y/CXytFA4m6baUTXGLOoWe4PQhGxaX0KpnayAqC48p4= -github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f/go.mod h1:vw97MGsxSvLiUE2X8qFplwetxpGLQrlU1Q9AUEIzCaM= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= @@ -310,8 +302,8 @@ github.com/facebookincubator/nvdtools v0.1.5/go.mod h1:Kh55SAWnjckS96TBSrXI99KrE github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4= -github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI= +github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/fatih/set v0.2.1 h1:nn2CaJyknWE/6txyUDGwysr3G5QC6xWB/PtVjPBbeaA= github.com/fatih/set v0.2.1/go.mod h1:+RKtMCH+favT2+3YecHGxcc0b4KyVWA1QWWJUs4E0CI= github.com/felixge/fgprof v0.9.3 h1:VvyZxILNuCiUCSXtPtYmmtGvb65nqXh2QFWc0Wpf2/g= @@ -325,11 +317,11 @@ github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7z github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/gabriel-vasile/mimetype v1.4.4 h1:QjV6pZ7/XZ7ryI2KuyeEDE8wnh7fHP9YnQy+R0LnH8I= -github.com/gabriel-vasile/mimetype v1.4.4/go.mod h1:JwLei5XPtWdGiMFB5Pjle1oEeoSeEuJfJE+TtfvdB/s= +github.com/gabriel-vasile/mimetype v1.4.0 h1:Cn9dkdYsMIu56tGho+fqzh7XmvY2YyGU0FnbhiOsEro= +github.com/gabriel-vasile/mimetype v1.4.0/go.mod h1:fA8fi6KUiG7MgQQ+mEWotXoEOvmxRtOJlERCzSmRvr8= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/github/go-spdx/v2 v2.3.1 h1:ffGuHTbHuHzWPt53n8f9o8clGutuLPObo3zB4JAjxU8= -github.com/github/go-spdx/v2 v2.3.1/go.mod h1:2ZxKsOhvBp+OYBDlsGnUMcchLeo2mrpEBn2L1C+U3IQ= +github.com/github/go-spdx/v2 v2.2.0 h1:yBBLMasHA70Ujd35OpL/OjJOWWVNXcJGbars0GinGRI= +github.com/github/go-spdx/v2 v2.2.0/go.mod h1:hMCrsFgT0QnCwn7G8gxy/MxMpy67WgZrwFeISTn0o6w= github.com/glebarez/go-sqlite v1.20.3 h1:89BkqGOXR9oRmG58ZrzgoY/Fhy5x0M+/WV48U5zVrZ4= github.com/glebarez/go-sqlite v1.20.3/go.mod h1:u3N6D/wftiAzIOJtZl6BmedqxmmkDfH3q+ihjqxC9u0= github.com/gliderlabs/ssh v0.3.7 h1:iV3Bqi942d9huXnzEF2Mt+CY9gLu8DNM4Obd+8bODRE= @@ -371,8 +363,8 @@ github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LB github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U= -github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= +github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg= +github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= github.com/gobuffalo/logger v1.0.6 h1:nnZNpxYo0zx+Aj9RfMPBm+x9zAU2OayFh/xrAWi34HU= github.com/gobuffalo/logger v1.0.6/go.mod h1:J31TBEHR1QLV2683OXTAItYIg8pv2JMHnF/quuAbMjs= github.com/gobuffalo/packd v1.0.1 h1:U2wXfRr4E9DH8IdsDLlRFwTZTK7hLfq9qT/QHXGVe/0= @@ -450,8 +442,8 @@ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-containerregistry v0.20.2 h1:B1wPJ1SN/S7pB+ZAimcciVD+r+yV/l/DSArMxlbwseo= -github.com/google/go-containerregistry v0.20.2/go.mod h1:z38EKdKh4h7IP2gSfUUqEvalZBqs6AoLeWfUy34nQC8= +github.com/google/go-containerregistry v0.19.1 h1:yMQ62Al6/V0Z7CqIrrS1iYoA5/oQCm88DeNujc7C1KY= +github.com/google/go-containerregistry v0.19.1/go.mod h1:YCMFNQeeXeLF+dnhhWkqDItx/JSkH01j1Kis4PsjzFI= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -476,8 +468,8 @@ github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20211214055906-6f57359322fd/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg= -github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd h1:gbpYu9NMq8jhDVbvlGkMFWCjLFlqqEZjEmObmhUy6Vo= -github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= +github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26 h1:Xim43kblpZXfIBQsbuBVKCudVG457BR2GZFIz3uw3hQ= +github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26/go.mod h1:dDKJzRmX4S37WGHujM7tX//fmj1uioxKzKxz3lo4HJo= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= @@ -534,8 +526,6 @@ github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= -github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= @@ -595,8 +585,8 @@ github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgo github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/klauspost/pgzip v1.2.6 h1:8RXeL5crjEUFnR2/Sn6GJNWtSQ3Dk8pq4CL3jvdDyjU= github.com/klauspost/pgzip v1.2.6/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= -github.com/knqyf263/go-rpmdb v0.1.1 h1:oh68mTCvp1XzxdU7EfafcWzzfstUZAEa3MW0IJye584= -github.com/knqyf263/go-rpmdb v0.1.1/go.mod h1:9LQcoMCMQ9vrF7HcDtXfvqGO4+ddxFQ8+YF/0CVGDww= +github.com/knqyf263/go-rpmdb v0.1.0 h1:pOgjtOGtW0B+ibY905hP3ETrYFmLZsHiReKsplcs+to= +github.com/knqyf263/go-rpmdb v0.1.0/go.mod h1:9LQcoMCMQ9vrF7HcDtXfvqGO4+ddxFQ8+YF/0CVGDww= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= @@ -618,8 +608,8 @@ github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= -github.com/logrusorgru/aurora v2.0.3+incompatible h1:tOpm7WcpBTn4fjmVfgpQq0EfczGlG91VSDkswnjF5A8= -github.com/logrusorgru/aurora v2.0.3+incompatible/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4= +github.com/logrusorgru/aurora v0.0.0-20200102142835-e9ef32dff381 h1:bqDmpDG49ZRnB5PcgP0RXtQvnMSgIF14M7CBd2shtXs= +github.com/logrusorgru/aurora v0.0.0-20200102142835-e9ef32dff381/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4= github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY= github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0= github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w= @@ -648,11 +638,12 @@ github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOA github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= -github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= +github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-localereader v0.0.2-0.20220822084749-2491eb6c1c75 h1:P8UmIzZMYDR+NGImiFvErt6VWfIRPuGM+vyjiEdkmIw= github.com/mattn/go-localereader v0.0.2-0.20220822084749-2491eb6c1c75/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= +github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= @@ -695,8 +686,8 @@ github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/moby/sys/mountinfo v0.7.2 h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9KouLrg= -github.com/moby/sys/mountinfo v0.7.2/go.mod h1:1YOa8w8Ih7uW0wALDUgT1dTTSBrZ+HiBLGws92L2RU4= +github.com/moby/sys/mountinfo v0.7.1 h1:/tTvQaSJRr2FshkhXiIpux6fQ2Zvc4j7tAhMTStAG2g= +github.com/moby/sys/mountinfo v0.7.1/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc= github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo= github.com/moby/sys/signal v0.7.0 h1:25RW3d5TnQEoKvRbEKUGay6DCQ46IxAVTT9CUMgmsSI= @@ -718,8 +709,8 @@ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mssola/user_agent v0.6.0 h1:uwPR4rtWlCHRFyyP9u2KOV0u8iQXmS7Z7feTrstQwk4= github.com/mssola/user_agent v0.6.0/go.mod h1:TTPno8LPY3wAIEKRpAtkdMT0f8SE24pLRGPahjCH4uw= -github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI= -github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo= +github.com/muesli/ansi v0.0.0-20211031195517-c9f0611b6c70 h1:kMlmsLSbjkikxQJ1IPwaM+7LJ9ltFu/fi8CRzvSnQmA= +github.com/muesli/ansi v0.0.0-20211031195517-c9f0611b6c70/go.mod h1:fQuZ0gauxyBcmsdE3ZT4NasjaRdxmbCS0jRHsrWu3Ho= github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA= github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo= github.com/muesli/reflow v0.3.0 h1:IFsN6K9NfGtjeggFP+68I4chLZV2yIKsXJFNZ+eWh6s= @@ -807,6 +798,7 @@ github.com/prometheus/procfs v0.14.0 h1:Lw4VdGGoKEZilJsayHf0B+9YgLGREba2C6xr+Fdf github.com/prometheus/procfs v0.14.0/go.mod h1:XL+Iwz8k8ZabyZfMFHPiilCniixqQarAy5Mu67pHlNQ= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= +github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= @@ -820,8 +812,8 @@ github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/saferwall/pe v1.5.4 h1:tLmMggEMUfeqrpJ25zS/okUQmyFdD5xWKL2+z9njCqg= -github.com/saferwall/pe v1.5.4/go.mod h1:mJx+PuptmNpoPFBNhWs/uDMFL/kTHVZIkg0d4OUJFbQ= +github.com/saferwall/pe v1.5.2 h1:h5lLtLsyxGHQ9dN6cd8EfeLEBEo5gdqJpkuw4o4vTMY= +github.com/saferwall/pe v1.5.2/go.mod h1:SNzv3cdgk8SBI0UwHfyTcdjawfdnN+nbydnEL7GZ25s= github.com/sagikazarmark/crypt v0.3.0/go.mod h1:uD/D+6UF4SrIR1uGEv7bBNkNqLGqUr43MRiaGWX1Nig= github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ= github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4= @@ -833,15 +825,13 @@ github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d h1:hrujxIzL1woJ7 github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d/go.mod h1:uugorj2VCxiV1x+LzaIdVa9b4S4qGAcH6cbhh4qVxOU= github.com/sanity-io/litter v1.5.5 h1:iE+sBxPBzoK6uaEP5Lt3fHNgpKcHXc/A2HGETy0uJQo= github.com/sanity-io/litter v1.5.5/go.mod h1:9gzJgR2i4ZpjZHsKvUXIRQVk7P+yM3e+jAF7bU2UI5U= -github.com/sassoftware/go-rpmutils v0.4.0 h1:ojND82NYBxgwrV+mX1CWsd5QJvvEZTKddtCdFLPWhpg= -github.com/sassoftware/go-rpmutils v0.4.0/go.mod h1:3goNWi7PGAT3/dlql2lv3+MSN5jNYPjT5mVcQcIsYzI= +github.com/sassoftware/go-rpmutils v0.3.0 h1:tE4TZ8KcOXay5iIP64P291s6Qxd9MQCYhI7DU+f3gFA= +github.com/sassoftware/go-rpmutils v0.3.0/go.mod h1:hM9wdxFsjUFR/tJ6SMsLrJuChcucCa0DsCzE9RMfwMo= github.com/scylladb/go-set v1.0.3-0.20200225121959-cc7b2070d91e h1:7q6NSFZDeGfvvtIRwBrU/aegEYJYmvev0cHAwo17zZQ= github.com/scylladb/go-set v1.0.3-0.20200225121959-cc7b2070d91e/go.mod h1:DkpGd78rljTxKAnTDPFqXSGxvETQnJyuSOQwsHycqfs= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/sebdah/goldie/v2 v2.5.3 h1:9ES/mNN+HNUbNWpVAlrzuZ7jE+Nrczbj8uFRjM7624Y= github.com/sebdah/goldie/v2 v2.5.3/go.mod h1:oZ9fp0+se1eapSRjfYbsV/0Hqhbuu3bJVvKI/NNtssI= -github.com/secDre4mer/pkcs7 v0.0.0-20240322103146-665324a4461d h1:RQqyEogx5J6wPdoxqL132b100j8KjcVHO1c0KLRoIhc= -github.com/secDre4mer/pkcs7 v0.0.0-20240322103146-665324a4461d/go.mod h1:PegD7EVqlN88z7TpCqH92hHP+GBpfomGCCnw1PFtNOA= github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8= @@ -862,8 +852,8 @@ github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9yS github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= -github.com/spdx/tools-golang v0.5.5 h1:61c0KLfAcNqAjlg6UNMdkwpMernhw3zVRwDZ2x9XOmk= -github.com/spdx/tools-golang v0.5.5/go.mod h1:MVIsXx8ZZzaRWNQpUDhC4Dud34edUYJYecciXgrw5vE= +github.com/spdx/tools-golang v0.5.3 h1:ialnHeEYUC4+hkm5vJm4qz2x+oEJbS0mAMFrNXdQraY= +github.com/spdx/tools-golang v0.5.3/go.mod h1:/ETOahiAo96Ob0/RAIBmFZw6XN0yTnyr/uFZm2NTMhI= github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= @@ -873,8 +863,8 @@ github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.3.0/go.mod h1:BrRVncBjOJa/eUcVVm9CE+oC6as8k+VYr4NY7WCi9V4= -github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= -github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= @@ -902,10 +892,10 @@ github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= -github.com/sylabs/sif/v2 v2.17.1 h1:p6Sl0LWyShXBj2SBsS1dMOMIMrZHe8pwBnBrYt6uo4M= -github.com/sylabs/sif/v2 v2.17.1/go.mod h1:XUGB6AQUXGkms3qPOPdevctT3lBLRLWZNWHVnt5HMKE= -github.com/sylabs/squashfs v1.0.0 h1:xAyMS21ogglkuR5HaY55PCfqY3H32ma9GkasTYo28Zg= -github.com/sylabs/squashfs v1.0.0/go.mod h1:rhWzvgefq1X+R+LZdts10hfMsTg3g74OfGunW8tvg/4= +github.com/sylabs/sif/v2 v2.11.5 h1:7ssPH3epSonsTrzbS1YxeJ9KuqAN7ISlSM61a7j/mQM= +github.com/sylabs/sif/v2 v2.11.5/go.mod h1:GBoZs9LU3e4yJH1dcZ3Akf/jsqYgy5SeguJQC+zd75Y= +github.com/sylabs/squashfs v0.6.1 h1:4hgvHnD9JGlYWwT0bPYNt9zaz23mAV3Js+VEgQoRGYQ= +github.com/sylabs/squashfs v0.6.1/go.mod h1:ZwpbPCj0ocIvMy2br6KZmix6Gzh6fsGQcCnydMF+Kx8= github.com/terminalstatic/go-xsd-validate v0.1.5 h1:RqpJnf6HGE2CB/lZB1A8BYguk8uRtcvYAPLCF15qguo= github.com/terminalstatic/go-xsd-validate v0.1.5/go.mod h1:18lsvYFofBflqCrvo1umpABZ99+GneNTw2kEEc8UPJw= github.com/therootcompany/xz v1.0.1 h1:CmOtsn1CbtmyYiusbfmhmkpAAETj0wBIH6kCYaX+xzw= @@ -919,8 +909,8 @@ github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc= github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/urfave/cli v1.22.12/go.mod h1:sSBEIC79qR6OvcmsD4U3KABeOTxDqQtdDnaFuUN30b8= github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= -github.com/vbatts/go-mtree v0.5.4 h1:OMAb8jaCyiFA7zXj0Zc/oARcxBDBoeu2LizjB8BVJl0= -github.com/vbatts/go-mtree v0.5.4/go.mod h1:5GqJbVhm9BBiCc4K5uc/c42FPgXulHaQs4sFUEfIWMo= +github.com/vbatts/go-mtree v0.5.3 h1:S/jYlfG8rZ+a0bhZd+RANXejy7M4Js8fq9U+XoWTd5w= +github.com/vbatts/go-mtree v0.5.3/go.mod h1:eXsdoPMdL2jcJx6HweWi9lYQxBsTp4lNhqqAjgkZUg8= github.com/vbatts/tar-split v0.11.3 h1:hLFqsOLQ1SsppQNTMpkpPXClLDfC2A3Zgy9OUU+RVck= github.com/vbatts/tar-split v0.11.3/go.mod h1:9QlHN18E+fEH7RdG+QAJJcuya3rqT7eXSTY7wGrAokY= github.com/vifraa/gopom v1.0.0 h1:L9XlKbyvid8PAIK8nr0lihMApJQg/12OBvMA28BcWh0= @@ -959,6 +949,8 @@ github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go go.etcd.io/etcd/api/v3 v3.5.1/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/client/pkg/v3 v3.5.1/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= go.etcd.io/etcd/client/v2 v2.305.1/go.mod h1:pMEacxZW7o8pg4CrFE7pquyCJJzZvkvdD2RibOCCCGs= +go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 h1:CCriYyAfq1Br1aIYettdHZTy8mBTIPo7We18TuO/bak= +go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -1009,8 +1001,8 @@ golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= -golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= +golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1051,8 +1043,8 @@ golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.20.0 h1:utOm6MM3R3dnawAiJgn0y+xvuYRsm1RKM/4giyfDgV0= -golang.org/x/mod v0.20.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1093,14 +1085,15 @@ golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLd golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210505024714-0287a6fb4125/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= -golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1133,8 +1126,8 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= -golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1213,16 +1206,16 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= -golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= -golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= +golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1236,8 +1229,8 @@ golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= -golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1493,8 +1486,8 @@ gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= -helm.sh/helm/v3 v3.15.3 h1:HcZDaVFe9uHa6hpsR54mJjYyRy4uz/pc6csg27nxFOc= -helm.sh/helm/v3 v3.15.3/go.mod h1:FzSIP8jDQaa6WAVg9F+OkKz7J0ZmAga4MABtTbsb9WQ= +helm.sh/helm/v3 v3.15.4 h1:UFHd6oZ1IN3FsUZ7XNhOQDyQ2QYknBNWRHH57e9cbHY= +helm.sh/helm/v3 v3.15.4/go.mod h1:phOwlxqGSgppCY/ysWBNRhG3MtnpsttOzxaTK+Mt40E= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -1524,20 +1517,14 @@ k8s.io/kubectl v0.30.3 h1:YIBBvMdTW0xcDpmrOBzcpUVsn+zOgjMYIu7kAq+yqiI= k8s.io/kubectl v0.30.3/go.mod h1:IcR0I9RN2+zzTRUa1BzZCm4oM0NLOawE6RzlDvd1Fpo= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 h1:5D53IMaUuA5InSeMu9eJtlQXS2NxAhyWQvkKEgXZhHI= -modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6/go.mod h1:Qz0X07sNOR1jWYCrJMEnbW/X55x206Q7Vt4mz6/wHp4= -modernc.org/libc v1.55.3 h1:AzcW1mhlPNrRtjS5sS+eW2ISCgSOLLNyFzRh/V3Qj/U= -modernc.org/libc v1.55.3/go.mod h1:qFXepLhz+JjFThQ4kzwzOjA/y/artDeg+pcYnY+Q83w= +modernc.org/libc v1.41.0 h1:g9YAc6BkKlgORsUWj+JwqoB1wU3o4DE3bM3yvA3k+Gk= +modernc.org/libc v1.41.0/go.mod h1:w0eszPsiXoOnoMJgrXjglgLuDy/bt5RR4y3QzUUeodY= modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4= modernc.org/mathutil v1.6.0/go.mod h1:Ui5Q9q1TR2gFm0AQRqQUaBWFLAhQpCwNcuhBOSedWPo= -modernc.org/memory v1.8.0 h1:IqGTL6eFMaDZZhEWwcREgeMXYwmW83LYW8cROZYkg+E= -modernc.org/memory v1.8.0/go.mod h1:XPZ936zp5OMKGWPqbD3JShgd/ZoQ7899TUuQqxY+peU= -modernc.org/sqlite v1.32.0 h1:6BM4uGza7bWypsw4fdLRsLxut6bHe4c58VeqjRgST8s= -modernc.org/sqlite v1.32.0/go.mod h1:UqoylwmTb9F+IqXERT8bW9zzOWN8qwAIcLdzeBZs4hA= -modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA= -modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0= -modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y= -modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= +modernc.org/memory v1.7.2 h1:Klh90S215mmH8c9gO98QxQFsY+W451E8AnzjoE2ee1E= +modernc.org/memory v1.7.2/go.mod h1:NO4NVCQy0N7ln+T9ngWqOQfi7ley4vpwvARR+Hjw95E= +modernc.org/sqlite v1.29.6 h1:0lOXGrycJPptfHDuohfYgNqoe4hu+gYuN/pKgY5XjS4= +modernc.org/sqlite v1.29.6/go.mod h1:S02dvcmm7TnTRvGhv8IGYyLnIt7AS2KPaB1F/71p75U= oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo= oras.land/oras-go v1.2.5/go.mod h1:PuAwRShRZCsZb7g8Ar3jKKQR/2A/qN+pkYxIOd/FAoo= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= @@ -1551,5 +1538,6 @@ sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/internal/commands/.scripts/integration_up.sh b/internal/commands/.scripts/integration_up.sh index 853c58310..2168c7ff3 100755 --- a/internal/commands/.scripts/integration_up.sh +++ b/internal/commands/.scripts/integration_up.sh @@ -1,4 +1,3 @@ -# Start the Squid proxy in a Docker container docker run \ --name squid \ -d \ @@ -7,79 +6,23 @@ docker run \ -v $(pwd)/internal/commands/.scripts/squid/passwords:/etc/squid/passwords \ ubuntu/squid:5.2-22.04_beta -# Download and extract the ScaResolver tool wget https://sca-downloads.s3.amazonaws.com/cli/latest/ScaResolver-linux64.tar.gz tar -xzvf ScaResolver-linux64.tar.gz -C /tmp rm -rf ScaResolver-linux64.tar.gz -# Step 1: Check if the failedTests file exists -FAILED_TESTS_FILE="failedTests" - -# Step 2: Create the failedTests file -echo "Creating $FAILED_TESTS_FILE..." -touch "$FAILED_TESTS_FILE" - -# Step 3: Run all tests and write failed test names to failedTests file -echo "Running all tests..." go test \ - -tags integration \ - -v \ - -timeout 210m \ - -coverpkg github.com/checkmarx/ast-cli/internal/commands,github.com/checkmarx/ast-cli/internal/services,github.com/checkmarx/ast-cli/internal/wrappers \ - -coverprofile cover.out \ - github.com/checkmarx/ast-cli/test/integration 2>&1 | tee test_output.log - -# Generate the initial HTML coverage report -go tool cover -html=cover.out -o coverage.html - -# Extract names of failed tests and save them in the failedTests file -grep -E "^--- FAIL: " test_output.log | awk '{print $3}' > "$FAILED_TESTS_FILE" + -tags integration \ + -v \ + -timeout 210m \ + -coverpkg github.com/checkmarx/ast-cli/internal/commands,github.com/checkmarx/ast-cli/internal/services,github.com/checkmarx/ast-cli/internal/wrappers \ + -coverprofile cover.out \ + github.com/checkmarx/ast-cli/test/integration -# Capture the exit status of the tests status=$? echo "status value after tests $status" if [ $status -ne 0 ]; then echo "Integration tests failed" + rm cover.out fi -# Step 4: Check if failedTests file is empty -if [ ! -s "$FAILED_TESTS_FILE" ]; then - # If the file is empty, all tests passed - echo "All tests passed." - rm -f "$FAILED_TESTS_FILE" test_output.log - exit 0 -else - # If the file is not empty, rerun the failed tests - echo "Rerunning failed tests..." - rerun_status=0 - while IFS= read -r testName; do - go test \ - -tags integration \ - -v \ - -timeout 210m \ - -coverpkg github.com/checkmarx/ast-cli/internal/commands,github.com/checkmarx/ast-cli/internal/services,github.com/checkmarx/ast-cli/internal/wrappers \ - -coverprofile cover_rerun.out \ - -run "^$testName$" \ - github.com/checkmarx/ast-cli/test/integration || rerun_status=1 - done < "$FAILED_TESTS_FILE" - - # Step 5: Merge the original and rerun coverage profiles - if [ -f cover_rerun.out ]; then - echo "Merging coverage profiles..." - gocovmerge cover.out cover_rerun.out > merged_coverage.out - mv merged_coverage.out cover.out - go tool cover -html=cover.out -o coverage.html - rm -f cover_rerun.out - fi - - # Step 6: Check if any tests failed again - if [ $rerun_status -eq 1 ]; then - echo "Some tests are still failing." - rm -f "$FAILED_TESTS_FILE" test_output.log - exit 1 - else - echo "All failed tests passed on rerun." - rm -f "$FAILED_TESTS_FILE" test_output.log - exit 0 - fi -fi +go tool cover -html=cover.out -o coverage.html diff --git a/internal/commands/result.go b/internal/commands/result.go index 101e88b63..aa9c89fe4 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -2358,8 +2358,7 @@ func buildAuxiliaryScaMaps(resultsModel *wrappers.ScanResultsCollection, scaPack locationsByID[packages.ID] = currentPackage.Locations } for _, types := range *scaTypeModel { - identifier := fmt.Sprintf("%s:%s", types.ID, types.PackageID) - typesByCVE[identifier] = types + typesByCVE[types.ID] = types } } } @@ -2367,8 +2366,7 @@ func buildAuxiliaryScaMaps(resultsModel *wrappers.ScanResultsCollection, scaPack } func buildScaType(typesByCVE map[string]wrappers.ScaTypeCollection, result *wrappers.ScanResult) string { - identifier := buildVulnerabilityIdentifier(result) - types, ok := typesByCVE[identifier] + types, ok := typesByCVE[result.ID] if ok && types.Type == "SupplyChain" { return "Supply Chain" } @@ -2376,16 +2374,15 @@ func buildScaType(typesByCVE map[string]wrappers.ScaTypeCollection, result *wrap } func buildScaState(typesByCVE map[string]wrappers.ScaTypeCollection, result *wrappers.ScanResult) string { - identifier := buildVulnerabilityIdentifier(result) - types, ok := typesByCVE[identifier] - if ok && types.IsIgnored { + types, ok := typesByCVE[result.ID] + if ok && (types.IsIgnored || isSnoozeOrMutePackage(&types)) { return notExploitable } return result.State } -func buildVulnerabilityIdentifier(result *wrappers.ScanResult) string { - return fmt.Sprintf("%s:%s", result.ID, result.ScanResultData.PackageIdentifier) +func isSnoozeOrMutePackage(result *wrappers.ScaTypeCollection) bool { + return strings.EqualFold(result.RiskState, snoozeLabel) || strings.EqualFold(result.RiskState, muteLabel) } func addPackageInformation( diff --git a/internal/services/export.go b/internal/services/export.go index 3c866c74e..3fb593f81 100644 --- a/internal/services/export.go +++ b/internal/services/export.go @@ -28,6 +28,14 @@ func GetExportPackage(exportWrapper wrappers.ExportWrapper, scanID string) (*wra payload := &wrappers.ExportRequestPayload{ ScanID: scanID, FileFormat: "ScanReportJson", + ExportParameters: wrappers.ExportParameters{ + HideDevAndTestDependencies: true, + ShowOnlyEffectiveLicenses: true, + ExcludePackages: false, + ExcludeLicenses: true, + ExcludeVulnerabilities: false, + ExcludePolicies: true, + }, } exportID, err := exportWrapper.InitiateExportRequest(payload) diff --git a/internal/wrappers/export.go b/internal/wrappers/export.go index 28b9305bd..22e915efb 100644 --- a/internal/wrappers/export.go +++ b/internal/wrappers/export.go @@ -38,5 +38,5 @@ type ScaType struct { ID string `json:"Id,omitempty"` Type string `json:"Type,omitempty"` IsIgnored bool `json:"IsIgnored,omitempty"` - PackageID string `json:"PackageID,omitempty"` + RiskState string `json:"RiskState,omitempty"` } diff --git a/internal/wrappers/results-sca-package.go b/internal/wrappers/results-sca-package.go index 4bcab0675..0f977755e 100644 --- a/internal/wrappers/results-sca-package.go +++ b/internal/wrappers/results-sca-package.go @@ -26,5 +26,5 @@ type ScaTypeCollection struct { ID string `json:"id,omitempty"` Type string `json:"type,omitempty"` IsIgnored bool `json:"isIgnored,omitempty"` - PackageID string `json:"omitempty"` + RiskState string `json:"omitempty"` } diff --git a/test/integration/result_test.go b/test/integration/result_test.go index fb2b827de..475b53c6e 100644 --- a/test/integration/result_test.go +++ b/test/integration/result_test.go @@ -125,6 +125,7 @@ func assertResultFilesCreated(t *testing.T) { } func TestResultListForGlReports(t *testing.T) { + assertRequiredParameter(t, "Please provide a scan ID", "results", "show") scanID, _ := getRootScan(t) diff --git a/test/integration/scan_test.go b/test/integration/scan_test.go index e5292215b..5da716af2 100644 --- a/test/integration/scan_test.go +++ b/test/integration/scan_test.go @@ -8,6 +8,7 @@ import ( "context" "encoding/json" "fmt" + "github.com/google/uuid" "io" "log" "os" @@ -18,8 +19,6 @@ import ( "testing" "time" - "github.com/google/uuid" - "github.com/checkmarx/ast-cli/internal/commands" realtime "github.com/checkmarx/ast-cli/internal/commands/scarealtime" "github.com/checkmarx/ast-cli/internal/commands/scarealtime/scaconfig" @@ -53,7 +52,6 @@ const ( invalidClientSecret = "invalidClientSecret" invalidAPIKey = "invalidAPI" invalidTenant = "invalidTenant" - timeout = 10 * time.Minute ) var ( @@ -85,7 +83,7 @@ func TestCreateScan_WithOnlyValidApikeyFlag_Success(t *testing.T) { "scan", "create", flag(params.ProjectName), "project", flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", flag(params.AstAPIKeyFlag), originals[params.AstAPIKeyEnv], } @@ -109,7 +107,7 @@ func TestCreateScan_WithOnlyValidApikeyEnvVar_Success(t *testing.T) { "scan", "create", flag(params.ProjectName), "project", flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", } @@ -133,7 +131,7 @@ func TestCreateScan_WithOnlyInvalidApikeyEnvVar_Fail(t *testing.T) { "scan", "create", flag(params.ProjectName), "project", flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", } @@ -157,7 +155,7 @@ func TestCreateScan_WithOnlyInvalidApikeyFlag_Fail(t *testing.T) { "scan", "create", flag(params.ProjectName), "project", flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", flag(params.AstAPIKeyFlag), "invalid_apikey", } @@ -182,7 +180,7 @@ func TestCreateScan_WithValidClientCredentialsFlag_Success(t *testing.T) { "scan", "create", flag(params.ProjectName), "project", flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", flag(params.AccessKeyIDFlag), originals[params.AccessKeyIDEnv], flag(params.AccessKeySecretFlag), originals[params.AccessKeySecretEnv], @@ -209,7 +207,7 @@ func TestCreateScan_WithInvalidClientCredentialsFlag_Fail(t *testing.T) { "scan", "create", flag(params.ProjectName), "project", flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", flag(params.AccessKeyIDFlag), "invalid_client_ID", flag(params.AccessKeySecretFlag), "invalid_client_secret", @@ -232,7 +230,7 @@ func TestCreateScan_WithValidClientCredentialsEnvVars_Success(t *testing.T) { "scan", "create", flag(params.ProjectName), "project", flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", } @@ -256,7 +254,7 @@ func TestCreateScan_WithInvalidClientCredentialsEnvVars_Fail(t *testing.T) { "scan", "create", flag(params.ProjectName), "project", flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", } @@ -286,7 +284,7 @@ func TestScanCreateEmptyProjectName(t *testing.T) { "scan", "create", flag(params.ProjectName), "", flag(params.SourcesFlag), ".", - flag(params.ScanTypes), params.SastType, + flag(params.ScanTypes), "sast", flag(params.BranchFlag), "dummy_branch", } @@ -300,7 +298,7 @@ func TestScanCreate_ExistingApplicationAndExistingProject_CreateScanSuccessfully flag(params.ApplicationName), "my-application", flag(params.ProjectName), "my-project", flag(params.SourcesFlag), ".", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "sast", flag(params.BranchFlag), "dummy_branch", } @@ -313,7 +311,7 @@ func TestScanCreate_FolderWithSymbolicLinkWithAbsolutePath_CreateScanSuccessfull "scan", "create", flag(params.ProjectName), "my-project", flag(params.SourcesFlag), "data/project-with-directory-symlink", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", } err, _ := executeCommand(t, args...) @@ -325,7 +323,7 @@ func TestScanCreate_FolderWithSymbolicLinkWithRelativePath_CreateScanSuccessfull "scan", "create", flag(params.ProjectName), "my-project", flag(params.SourcesFlag), "data/symlink-relative-path-folder", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "iac-security", flag(params.BranchFlag), "dummy_branch", } err, _ := executeCommand(t, args...) @@ -338,7 +336,7 @@ func TestScanCreate_ExistingApplicationAndNotExistingProject_CreatingNewProjectA flag(params.ApplicationName), "my-application", flag(params.ProjectName), projectNameRandom, flag(params.SourcesFlag), ".", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "sast", flag(params.BranchFlag), "dummy_branch", flag(params.ScanInfoFormatFlag), printer.FormatJSON, } @@ -354,7 +352,7 @@ func TestScanCreate_ApplicationDoesntExist_FailScanWithError(t *testing.T) { flag(params.ApplicationName), "application-that-doesnt-exist", flag(params.ProjectName), "my-project", flag(params.SourcesFlag), ".", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "sast", flag(params.BranchFlag), "dummy_branch", } @@ -368,7 +366,7 @@ func TestContainerEngineScansE2E_ContainerImagesFlagAndScanType(t *testing.T) { "scan", "create", flag(params.ProjectName), getProjectNameForScanTests(), flag(params.SourcesFlag), "data/Dockerfile-mysql571.zip", - flag(params.ScanTypes), params.ContainersTypeFlag, + flag(params.ScanTypes), "container-security", flag(params.ContainerImagesFlag), "nginx:alpine,debian:9", flag(params.BranchFlag), "dummy_branch", flag(params.ScanInfoFormatFlag), printer.FormatJSON, @@ -389,7 +387,6 @@ func TestContainerEngineScansE2E_ContainerImagesFlagOnly(t *testing.T) { flag(params.SourcesFlag), "data/insecure.zip", flag(params.ContainerImagesFlag), "nginx:alpine", flag(params.BranchFlag), "dummy_branch", - flag(params.ScanTypes), params.ContainersTypeFlag, flag(params.ScanInfoFormatFlag), printer.FormatJSON, } if isFFEnabled(t, wrappers.ContainerEngineCLIEnabled) { @@ -409,7 +406,6 @@ func TestContainerEngineScansE2E_ContainerImagesAndDebugFlags(t *testing.T) { flag(params.ContainerImagesFlag), "mysql:5.7", flag(params.BranchFlag), "dummy_branch", flag(params.DebugFlag), - flag(params.ScanTypes), params.ContainersTypeFlag, flag(params.ScanInfoFormatFlag), printer.FormatJSON, } if isFFEnabled(t, wrappers.ContainerEngineCLIEnabled) { @@ -429,7 +425,6 @@ func TestContainerEngineScansE2E_ContainerImagesFlagAndEmptyFolderProject(t *tes flag(params.ContainerImagesFlag), "mysql:5.7", flag(params.BranchFlag), "dummy_branch", flag(params.ScanInfoFormatFlag), printer.FormatJSON, - flag(params.ScanTypes), params.ContainersTypeFlag, } if isFFEnabled(t, wrappers.ContainerEngineCLIEnabled) { scanID, projectID := executeCreateScan(t, testArgs) @@ -483,9 +478,9 @@ func createScanWithFastScan(t *testing.T, source string, name string, tags map[s } func TestScansUpdateProjectGroups(t *testing.T) { - scanID, projectID := executeCreateScan(t, getCreateArgs(Zip, Tags, params.IacType)) + scanID, projectID := executeCreateScan(t, getCreateArgs(Zip, Tags, "sast")) response := listScanByID(t, scanID) - scanID, projectID = executeCreateScan(t, getCreateArgsWithNameAndGroups(Zip, Tags, Groups, response[0].ProjectName, params.IacType)) + scanID, projectID = executeCreateScan(t, getCreateArgsWithNameAndGroups(Zip, Tags, Groups, response[0].ProjectName, "sast")) defer deleteProject(t, projectID) executeScanAssertions(t, projectID, scanID, Tags) @@ -529,7 +524,7 @@ func TestScaResolverArg(t *testing.T) { t, Dir, map[string]string{}, - params.IacType, + "sast,iac-security", viper.GetString(resolverEnvVar), ) @@ -550,7 +545,7 @@ func TestScaResolverArgFailed(t *testing.T) { flag(params.ProjectName), "resolver", flag(params.SourcesFlag), ".", flag(params.ScaResolverFlag), "./nonexisting", - flag(params.ScanTypes), "iac-security,sca", + flag(params.ScanTypes), "sast,iac-security,sca", flag(params.BranchFlag), "dummy_branch", } @@ -562,7 +557,7 @@ func TestScaResolverArgFailed(t *testing.T) { flag(params.ProjectName), "resolver", flag(params.SourcesFlag), ".", flag(params.ScaResolverFlag), viper.GetString(resolverEnvVar), - flag(params.ScanTypes), "iac-security,sca", + flag(params.ScanTypes), "sast,iac-security,sca", flag(params.BranchFlag), "dummy_branch", flag(params.ScaResolverParamsFlag), "-q --invalid-param \"invalid\"", } @@ -611,7 +606,7 @@ func TestScanCreateIncludeFilter(t *testing.T) { "scan", "create", flag(params.ProjectName), projectName, flag(params.SourcesFlag), ".", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "sast", flag(params.PresetName), "Checkmarx Default", flag(params.SourceDirFilterFlag), "!*go,!*Dockerfile,!*js,!*json,!*tf", flag(params.IacsFilterFlag), "!Dockerfile", @@ -619,7 +614,7 @@ func TestScanCreateIncludeFilter(t *testing.T) { } args[11] = "*js" - executeCmdWithTimeOutNilAssertion(t, "Including zip should fix the scan", timeout, args...) + executeCmdWithTimeOutNilAssertion(t, "Including zip should fix the scan", 5*time.Minute, args...) } // Create a scan with the sources @@ -631,7 +626,7 @@ func TestScanCreateWithThresholdShouldBlock(t *testing.T) { "scan", "create", flag(params.ProjectName), projectName, flag(params.SourcesFlag), Zip, - flag(params.ScanTypes), params.SastType, + flag(params.ScanTypes), "sast", flag(params.PresetName), "Checkmarx Default", flag(params.Threshold), "sast-high=1;sast-low=1;", flag(params.KicsFilterFlag), "!Dockerfile", @@ -649,9 +644,9 @@ func TestScanCreateWithThreshold(t *testing.T) { "scan", "create", flag(params.ProjectName), projectName, flag(params.SourcesFlag), Zip, - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "sast", flag(params.PresetName), "Checkmarx Default", - flag(params.Threshold), "iac-security-high=100;", + flag(params.Threshold), "sast-high=100;", flag(params.KicsFilterFlag), "!Dockerfile", flag(params.BranchFlag), "dummy_branch", } @@ -669,7 +664,6 @@ func TestScansAPISecThresholdShouldBlock(t *testing.T) { flag(params.BranchFlag), "dummy_branch", flag(params.ScanInfoFormatFlag), printer.FormatJSON, flag(params.ScanTypes), "sast, api-security", - flag(params.SastFastScanFlag), flag(params.Threshold), "api-security-high=1", } _, _ = executeCommand(t, testArgs...) @@ -684,9 +678,9 @@ func TestScanCreateWithThresholdParseError(t *testing.T) { "scan", "create", flag(params.ProjectName), projectName, flag(params.SourcesFlag), Zip, - flag(params.ScanTypes), "sca", + flag(params.ScanTypes), "sast, sca", flag(params.PresetName), "Checkmarx Default", - flag(params.Threshold), "sca-high=error;", + flag(params.Threshold), "sast-high=error; sca-high=error;", flag(params.BranchFlag), "dummy_branch", } @@ -714,10 +708,10 @@ func TestScanCreateWithThresholdAndReportGenerate(t *testing.T) { "scan", "create", flag(params.ProjectName), projectName, flag(params.SourcesFlag), Zip, - flag(params.ScanTypes), "sca", + flag(params.ScanTypes), "sast, sca", flag(params.SastRedundancyFlag), flag(params.PresetName), "Checkmarx Default", - flag(params.Threshold), "sca-high=1", + flag(params.Threshold), "sast-high=1;sast-low=1; sca-high=1", flag(params.BranchFlag), "dummy_branch", flag(params.TargetFormatFlag), "json", flag(params.TargetPathFlag), "/tmp/", @@ -743,7 +737,7 @@ func TestScanCreateIgnoreExclusionFolders(t *testing.T) { "scan", "create", flag(params.ProjectName), projectName, flag(params.SourcesFlag), "../..", - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "sast,sca", flag(params.PresetName), "Checkmarx Default", flag(params.SourceDirFilterFlag), ".git,*.js", // needed one code file or the scan will end with partial code flag(params.BranchFlag), "dummy_branch", @@ -867,7 +861,7 @@ func executeScanAssertions(t *testing.T, projectID, scanID string, tags map[stri func createScan(t *testing.T, source string, tags map[string]string) (string, string) { if isFFEnabled(t, wrappers.ContainerEngineCLIEnabled) { - return executeCreateScan(t, getCreateArgs(source, tags, "sast , sca , iac-security , api-security, container-security, scs")) + return executeCreateScan(t, getCreateArgs(source, tags, "sast , sca , iac-security , api-security, scs,container-security")) } else { return executeCreateScan(t, getCreateArgs(source, tags, "sast , sca , iac-security , api-security, scs")) } @@ -925,7 +919,6 @@ func getCreateArgsWithName(source string, tags map[string]string, projectName, s return getCreateArgsWithNameAndGroups(source, tags, nil, projectName, scanTypes) } func getCreateArgsWithNameAndGroups(source string, tags map[string]string, groups []string, projectName, scanTypes string) []string { - args := []string{ "scan", "create", flag(params.ProjectName), projectName, @@ -959,7 +952,7 @@ func executeCreateScan(t *testing.T, args []string) (string, string) { } func executeScanGetBuffer(t *testing.T, args []string) *bytes.Buffer { - return executeCmdWithTimeOutNilAssertion(t, "Creating a scan should pass", timeout, args...) + return executeCmdWithTimeOutNilAssertion(t, "Creating a scan should pass", 10*time.Minute, args...) } func deleteScan(t *testing.T, scanID string) { @@ -1041,7 +1034,7 @@ func TestScanLogsSAST(t *testing.T) { args := []string{ "scan", "logs", flag(params.ScanIDFlag), scanID, - flag(params.ScanTypes), "sast", + flag(params.ScanTypeFlag), "sast", } cmd := createASTIntegrationTestCommand(t) err := execute(cmd, args...) @@ -1053,7 +1046,7 @@ func TestScanLogsKICSDeprecated(t *testing.T) { args := []string{ "scan", "logs", flag(params.ScanIDFlag), scanID, - flag(params.ScanTypes), "kics", + flag(params.ScanTypeFlag), "kics", } cmd := createASTIntegrationTestCommand(t) err := execute(cmd, args...) @@ -1065,7 +1058,7 @@ func TestScanLogsKICS(t *testing.T) { args := []string{ "scan", "logs", flag(params.ScanIDFlag), scanID, - flag(params.ScanTypes), "iac-security", + flag(params.ScanTypeFlag), "iac-security", } cmd := createASTIntegrationTestCommand(t) err := execute(cmd, args...) @@ -1169,11 +1162,10 @@ func TestScanCreateWithSSHKey(t *testing.T) { flag(params.SourcesFlag), SSHRepo, flag(params.BranchFlag), "main", flag(params.SSHKeyFlag), SSHKeyFilePath, - flag(params.ScanTypes), params.IacType, flag(params.IgnorePolicyFlag), } - executeCmdWithTimeOutNilAssertion(t, "Create a scan with ssh-key should pass", timeout, args...) + executeCmdWithTimeOutNilAssertion(t, "Create a scan with ssh-key should pass", 4*time.Minute, args...) } func TestScanGLReportValidation(t *testing.T) { @@ -1222,10 +1214,9 @@ func TestCreateScanFilterZipFile(t *testing.T) { flag(params.SourcesFlag), Zip, flag(params.SourceDirFilterFlag), "!*.html", flag(params.IgnorePolicyFlag), - flag(params.ScanTypes), params.IacType, } - executeCmdWithTimeOutNilAssertion(t, "Scan must complete successfully", timeout, args...) + executeCmdWithTimeOutNilAssertion(t, "Scan must complete successfully", 10*time.Minute, args...) } func TestRunKicsScan(t *testing.T) { @@ -1686,7 +1677,7 @@ func TestScanWithPolicy(t *testing.T) { args := []string{scanCommand, "create", flag(params.ProjectName), "TiagoBaptista/testingCli/testingCli", flag(params.SourcesFlag), Zip, - flag(params.ScanTypes), params.IacType, + flag(params.ScanTypes), "sast", flag(params.BranchFlag), "main", flag(params.TargetFormatFlag), "markdown,summaryConsole,summaryHTML"} @@ -1733,7 +1724,7 @@ func TestCreateScan_WithNoScanTypesFlag_SuccessAndScsNotScanned(t *testing.T) { flag(params.SCSRepoTokenFlag), scsRepoToken, } - output := executeCmdWithTimeOutNilAssertion(t, "Scan must complete successfully if no scan-types specified, even if missing scs-repo flags", timeout, args...) + output := executeCmdWithTimeOutNilAssertion(t, "Scan must complete successfully if no scan-types specified, even if missing scs-repo flags", 4*time.Minute, args...) assert.Assert(t, !strings.Contains(output.String(), params.ScsType), "Scs scan must not run if all required flags are not provided") } @@ -1759,7 +1750,7 @@ func TestCreateScan_WithTypeScsMissingRepoURL_Fail(t *testing.T) { "scan", "create", flag(params.ProjectName), projectName, flag(params.SourcesFlag), Zip, - flag(params.ScanTypes), "iac-security, scs", + flag(params.ScanTypes), "sast, scs", flag(params.BranchFlag), "main", flag(params.SCSRepoTokenFlag), scsRepoToken, } @@ -1775,7 +1766,7 @@ func TestCreateScan_WithTypeScsMissingRepoToken_Fail(t *testing.T) { "scan", "create", flag(params.ProjectName), projectName, flag(params.SourcesFlag), Zip, - flag(params.ScanTypes), "iac-security, scs", + flag(params.ScanTypes), "sast, scs", flag(params.BranchFlag), "main", flag(params.SCSRepoURLFlag), scsRepoURL, } @@ -1797,7 +1788,7 @@ func TestCreateScan_WithTypeScsOnlySecretDetection_Success(t *testing.T) { } executeCmdWithTimeOutNilAssertion(t, - "SCS with only secret-detection scan must complete successfully, even if missing scs-repo flags", timeout, args...) + "SCS with only secret-detection scan must complete successfully, even if missing scs-repo flags", 4*time.Minute, args...) } func TestCreateScan_WithNoScanTypesFlagScsAndOnlySecretDetection_Success(t *testing.T) { @@ -1812,7 +1803,7 @@ func TestCreateScan_WithNoScanTypesFlagScsAndOnlySecretDetection_Success(t *test } executeCmdWithTimeOutNilAssertion(t, - "SCS with only secret-detection scan must complete successfully, even if missing scs-repo flags", timeout, args...) + "SCS with only secret-detection scan must complete successfully, even if missing scs-repo flags", 4*time.Minute, args...) } func TestCreateScan_WithScanTypesScsAndOnlyScorecardMissingRepoFlags_Fail(t *testing.T) { @@ -1867,7 +1858,7 @@ func addSCSDefaultFlagsToArgs(args *[]string) { func TestCreateScanAndValidateCheckmarxDomains(t *testing.T) { wrappers.Domains = make(map[string]struct{}) - _, _ = executeCreateScan(t, getCreateArgsWithGroups(Zip, Tags, Groups, "iac-security")) + _, _ = executeCreateScan(t, getCreateArgsWithGroups(Zip, Tags, Groups, "sast,iac-security,sca")) usedDomainsInTests := []string{"deu.iam.checkmarx.net", "deu.ast.checkmarx.net"} validateCheckmarxDomains(t, usedDomainsInTests) } From 3935fa758b700221708c0dd098cba8816037d7c8 Mon Sep 17 00:00:00 2001 From: sarahCx Date: Wed, 28 Aug 2024 14:43:59 +0300 Subject: [PATCH 5/8] Revert "fix commgiigients and update go.mod" This reverts commit a23cd4f75a8a13cd5cb2dedc3b17b125c2cefcbc. --- go.mod | 30 ++++++++--------- go.sum | 56 ++++++++++++++++---------------- internal/commands/result.go | 12 +++---- internal/commands/result_test.go | 8 ++--- 4 files changed, 53 insertions(+), 53 deletions(-) diff --git a/go.mod b/go.mod index f5056f128..30f70c3f6 100644 --- a/go.mod +++ b/go.mod @@ -3,10 +3,10 @@ module github.com/checkmarx/ast-cli go 1.22.5 require ( - github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 github.com/CheckmarxDev/containers-resolver v1.0.6 github.com/MakeNowJust/heredoc v1.0.0 github.com/checkmarxDev/gpt-wrapper v0.0.0-20230721160222-85da2fd1cc4c + github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 github.com/golang-jwt/jwt v3.2.2+incompatible github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 @@ -19,10 +19,9 @@ require ( github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.9.0 github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 - github.com/xeipuuv/gojsonschema v1.2.0 - golang.org/x/crypto v0.25.0 + golang.org/x/crypto v0.22.0 golang.org/x/sync v0.7.0 - golang.org/x/text v0.16.0 + golang.org/x/text v0.14.0 google.golang.org/grpc v1.63.2 google.golang.org/protobuf v1.33.0 gotest.tools v2.2.0+incompatible @@ -232,6 +231,7 @@ require ( github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect + github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect github.com/xlab/treeprint v1.2.0 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect @@ -247,8 +247,8 @@ require ( golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.24.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect - golang.org/x/sys v0.22.0 // indirect - golang.org/x/term v0.22.0 // indirect + golang.org/x/sys v0.19.0 // indirect + golang.org/x/term v0.19.0 // indirect golang.org/x/time v0.5.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/appengine v1.6.8 // indirect @@ -259,17 +259,17 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - helm.sh/helm/v3 v3.15.4 // indirect - k8s.io/api v0.30.3 // indirect - k8s.io/apiextensions-apiserver v0.30.3 // indirect - k8s.io/apimachinery v0.30.3 // indirect - k8s.io/apiserver v0.30.3 // indirect - k8s.io/cli-runtime v0.30.3 // indirect - k8s.io/client-go v0.30.3 // indirect - k8s.io/component-base v0.30.3 // indirect + helm.sh/helm/v3 v3.15.2 // indirect + k8s.io/api v0.30.0 // indirect + k8s.io/apiextensions-apiserver v0.30.0 // indirect + k8s.io/apimachinery v0.30.0 // indirect + k8s.io/apiserver v0.30.0 // indirect + k8s.io/cli-runtime v0.30.0 // indirect + k8s.io/client-go v0.30.0 // indirect + k8s.io/component-base v0.30.0 // indirect k8s.io/klog/v2 v2.120.1 // indirect k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect - k8s.io/kubectl v0.30.3 // indirect + k8s.io/kubectl v0.30.0 // indirect k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect oras.land/oras-go v1.2.5 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect diff --git a/go.sum b/go.sum index 96e8fc0c0..71103cfba 100644 --- a/go.sum +++ b/go.sum @@ -1001,8 +1001,8 @@ golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= -golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1206,16 +1206,16 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= -golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= -golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= +golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= +golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1229,8 +1229,8 @@ golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1292,8 +1292,8 @@ golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= +golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1486,8 +1486,8 @@ gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= -helm.sh/helm/v3 v3.15.4 h1:UFHd6oZ1IN3FsUZ7XNhOQDyQ2QYknBNWRHH57e9cbHY= -helm.sh/helm/v3 v3.15.4/go.mod h1:phOwlxqGSgppCY/ysWBNRhG3MtnpsttOzxaTK+Mt40E= +helm.sh/helm/v3 v3.15.2 h1:/3XINUFinJOBjQplGnjw92eLGpgXXp1L8chWPkCkDuw= +helm.sh/helm/v3 v3.15.2/go.mod h1:FzSIP8jDQaa6WAVg9F+OkKz7J0ZmAga4MABtTbsb9WQ= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -1495,26 +1495,26 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.30.3 h1:ImHwK9DCsPA9uoU3rVh4QHAHHK5dTSv1nxJUapx8hoQ= -k8s.io/api v0.30.3/go.mod h1:GPc8jlzoe5JG3pb0KJCSLX5oAFIW3/qNJITlDj8BH04= -k8s.io/apiextensions-apiserver v0.30.3 h1:oChu5li2vsZHx2IvnGP3ah8Nj3KyqG3kRSaKmijhB9U= -k8s.io/apiextensions-apiserver v0.30.3/go.mod h1:uhXxYDkMAvl6CJw4lrDN4CPbONkF3+XL9cacCT44kV4= -k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= -k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= -k8s.io/apiserver v0.30.3 h1:QZJndA9k2MjFqpnyYv/PH+9PE0SHhx3hBho4X0vE65g= -k8s.io/apiserver v0.30.3/go.mod h1:6Oa88y1CZqnzetd2JdepO0UXzQX4ZnOekx2/PtEjrOg= -k8s.io/cli-runtime v0.30.3 h1:aG69oRzJuP2Q4o8dm+f5WJIX4ZBEwrvdID0+MXyUY6k= -k8s.io/cli-runtime v0.30.3/go.mod h1:hwrrRdd9P84CXSKzhHxrOivAR9BRnkMt0OeP5mj7X30= -k8s.io/client-go v0.30.3 h1:bHrJu3xQZNXIi8/MoxYtZBBWQQXwy16zqJwloXXfD3k= -k8s.io/client-go v0.30.3/go.mod h1:8d4pf8vYu665/kUbsxWAQ/JDBNWqfFeZnvFiVdmx89U= -k8s.io/component-base v0.30.3 h1:Ci0UqKWf4oiwy8hr1+E3dsnliKnkMLZMVbWzeorlk7s= -k8s.io/component-base v0.30.3/go.mod h1:C1SshT3rGPCuNtBs14RmVD2xW0EhRSeLvBh7AGk1quA= +k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA= +k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE= +k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs= +k8s.io/apiextensions-apiserver v0.30.0/go.mod h1:N9ogQFGcrbWqAY9p2mUAL5mGxsLqwgtUce127VtRX5Y= +k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA= +k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/apiserver v0.30.0 h1:QCec+U72tMQ+9tR6A0sMBB5Vh6ImCEkoKkTDRABWq6M= +k8s.io/apiserver v0.30.0/go.mod h1:smOIBq8t0MbKZi7O7SyIpjPsiKJ8qa+llcFCluKyqiY= +k8s.io/cli-runtime v0.30.0 h1:0vn6/XhOvn1RJ2KJOC6IRR2CGqrpT6QQF4+8pYpWQ48= +k8s.io/cli-runtime v0.30.0/go.mod h1:vATpDMATVTMA79sZ0YUCzlMelf6rUjoBzlp+RnoM+cg= +k8s.io/client-go v0.30.0 h1:sB1AGGlhY/o7KCyCEQ0bPWzYDL0pwOZO4vAtTSh/gJQ= +k8s.io/client-go v0.30.0/go.mod h1:g7li5O5256qe6TYdAMyX/otJqMhIiGgTapdLchhmOaY= +k8s.io/component-base v0.30.0 h1:cj6bp38g0ainlfYtaOQuRELh5KSYjhKxM+io7AUIk4o= +k8s.io/component-base v0.30.0/go.mod h1:V9x/0ePFNaKeKYA3bOvIbrNoluTSG+fSJKjLdjOoeXQ= k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= -k8s.io/kubectl v0.30.3 h1:YIBBvMdTW0xcDpmrOBzcpUVsn+zOgjMYIu7kAq+yqiI= -k8s.io/kubectl v0.30.3/go.mod h1:IcR0I9RN2+zzTRUa1BzZCm4oM0NLOawE6RzlDvd1Fpo= +k8s.io/kubectl v0.30.0 h1:xbPvzagbJ6RNYVMVuiHArC1grrV5vSmmIcSZuCdzRyk= +k8s.io/kubectl v0.30.0/go.mod h1:zgolRw2MQXLPwmic2l/+iHs239L49fhSeICuMhQQXTI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= modernc.org/libc v1.41.0 h1:g9YAc6BkKlgORsUWj+JwqoB1wU3o4DE3bM3yvA3k+Gk= diff --git a/internal/commands/result.go b/internal/commands/result.go index aa9c89fe4..7239e6a14 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1041,7 +1041,7 @@ func setIsContainersEnabled(agent string, featureFlagsWrapper wrappers.FeatureFl wrappers.IsContainersEnabled = containerEngineCLIEnabled.Status && agentSupported } -func filterVSCodeAgentScsResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { +func filterVSCodeAgentResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { var filteredResults []*wrappers.ScanResult for _, result := range results.Results { if result.Type != commonParams.SCSScorecardType { @@ -1053,7 +1053,7 @@ func filterVSCodeAgentScsResults(results *wrappers.ScanResultsCollection) []*wra return filteredResults } -func filterOtherAgentScsResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { +func filterOtherAgentResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { var filteredResults []*wrappers.ScanResult for _, result := range results.Results { if result.Type != commonParams.SCSScorecardType && result.Type != commonParams.SCSSecretDetectionType { @@ -1065,12 +1065,12 @@ func filterOtherAgentScsResults(results *wrappers.ScanResultsCollection) []*wrap return filteredResults } -func filterScsResultsByAgent(results *wrappers.ScanResultsCollection, agent string) *wrappers.ScanResultsCollection { +func filterResultsByAgent(results *wrappers.ScanResultsCollection, agent string) *wrappers.ScanResultsCollection { if agent == commonParams.VSCodeAgent { - results.Results = filterVSCodeAgentScsResults(results) + results.Results = filterVSCodeAgentResults(results) } else if agent != commonParams.DefaultAgent { - results.Results = filterOtherAgentScsResults(results) + results.Results = filterOtherAgentResults(results) } return results @@ -1273,7 +1273,7 @@ func createReport(format, return exportSonarResults(sonarRpt, results) } if printer.IsFormat(format, printer.FormatJSON) && isValidScanStatus(summary.Status, printer.FormatJSON) { - results = filterScsResultsByAgent(results, agent) + results = filterResultsByAgent(results, agent) jsonRpt := createTargetName(targetFile, targetPath, printer.FormatJSON) return exportJSONResults(jsonRpt, results) } diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index 7496f0ae3..0a233794e 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -177,7 +177,7 @@ func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { assert.Assert(t, scsSecretDetectionFound && scsScorecardFound, "SCS results should be included for AST-CLI agent") assert.Assert(t, results.TotalCount == 2, "SCS Scorecard results should be excluded for VS Code agent") - os.Remove(fileName + ".json") + defer os.Remove(fileName + ".json") } func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing.T) { @@ -188,7 +188,7 @@ func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing. } assert.Assert(t, results.TotalCount == 1, "SCS Scorecard results should be excluded for VS Code agent") - os.Remove(fileName + ".json") + defer os.Remove(fileName + ".json") } func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { @@ -199,7 +199,7 @@ func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { } assert.Assert(t, results.TotalCount == 0, "SCS Scorecard results should be excluded") - os.Remove(fileName + ".json") + defer os.Remove(fileName + ".json") } func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) { @@ -210,7 +210,7 @@ func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) } assert.Assert(t, results.TotalCount == 7, "SCS Scorecard results should be excluded") - os.Remove(fileName + ".json") + defer os.Remove(fileName + ".json") } func TestRunNilResults_Other_AgentsShouldNotShowAnyResults(t *testing.T) { From 77ab0b68f3849c419390b3ffe4d4e78be7037e24 Mon Sep 17 00:00:00 2001 From: sarahCx Date: Wed, 28 Aug 2024 15:11:48 +0300 Subject: [PATCH 6/8] change function name --- internal/commands/result.go | 14 ++++++-------- internal/commands/result_test.go | 9 ++++----- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/internal/commands/result.go b/internal/commands/result.go index 7239e6a14..4a5198913 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1041,7 +1041,7 @@ func setIsContainersEnabled(agent string, featureFlagsWrapper wrappers.FeatureFl wrappers.IsContainersEnabled = containerEngineCLIEnabled.Status && agentSupported } -func filterVSCodeAgentResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { +func filterScorecardResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { var filteredResults []*wrappers.ScanResult for _, result := range results.Results { if result.Type != commonParams.SCSScorecardType { @@ -1053,7 +1053,7 @@ func filterVSCodeAgentResults(results *wrappers.ScanResultsCollection) []*wrappe return filteredResults } -func filterOtherAgentResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { +func filterScsResults(results *wrappers.ScanResultsCollection) []*wrappers.ScanResult { var filteredResults []*wrappers.ScanResult for _, result := range results.Results { if result.Type != commonParams.SCSScorecardType && result.Type != commonParams.SCSSecretDetectionType { @@ -1065,15 +1065,13 @@ func filterOtherAgentResults(results *wrappers.ScanResultsCollection) []*wrapper return filteredResults } -func filterResultsByAgent(results *wrappers.ScanResultsCollection, agent string) *wrappers.ScanResultsCollection { - +func filterScsResultsByAgent(results *wrappers.ScanResultsCollection, agent string) *wrappers.ScanResultsCollection { if agent == commonParams.VSCodeAgent { - results.Results = filterVSCodeAgentResults(results) + results.Results = filterScorecardResults(results) } else if agent != commonParams.DefaultAgent { - results.Results = filterOtherAgentResults(results) + results.Results = filterScsResults(results) } return results - } func CreateScanReport( @@ -1273,7 +1271,7 @@ func createReport(format, return exportSonarResults(sonarRpt, results) } if printer.IsFormat(format, printer.FormatJSON) && isValidScanStatus(summary.Status, printer.FormatJSON) { - results = filterResultsByAgent(results, agent) + results = filterScsResultsByAgent(results, agent) jsonRpt := createTargetName(targetFile, targetPath, printer.FormatJSON) return exportJSONResults(jsonRpt, results) } diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index 0a233794e..fede0e3e0 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -159,7 +159,6 @@ var executeCommand = func(t *testing.T, agent string) *wrappers.ScanResultsColle } func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { - results := executeCommand(t, params.DefaultAgent) scsSecretDetectionFound := false scsScorecardFound := false @@ -177,7 +176,7 @@ func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { assert.Assert(t, scsSecretDetectionFound && scsScorecardFound, "SCS results should be included for AST-CLI agent") assert.Assert(t, results.TotalCount == 2, "SCS Scorecard results should be excluded for VS Code agent") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing.T) { @@ -188,7 +187,7 @@ func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing. } assert.Assert(t, results.TotalCount == 1, "SCS Scorecard results should be excluded for VS Code agent") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { @@ -199,7 +198,7 @@ func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { } assert.Assert(t, results.TotalCount == 0, "SCS Scorecard results should be excluded") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) { @@ -210,7 +209,7 @@ func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) } assert.Assert(t, results.TotalCount == 7, "SCS Scorecard results should be excluded") - defer os.Remove(fileName + ".json") + os.Remove(fileName + ".json") } func TestRunNilResults_Other_AgentsShouldNotShowAnyResults(t *testing.T) { From ecdbc99b614c5598e409e0098eefd8d21644e6bd Mon Sep 17 00:00:00 2001 From: sarahCx Date: Wed, 28 Aug 2024 15:20:20 +0300 Subject: [PATCH 7/8] fix lint error --- internal/commands/result_test.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index fede0e3e0..a53594389 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -180,7 +180,6 @@ func TestRunScsResultsShow_ASTCLI_AgentShouldShowAllResults(t *testing.T) { } func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing.T) { - results := executeCommand(t, params.VSCodeAgent) for _, result := range results.Results { assert.Assert(t, result.Type != params.SCSScorecardType, "SCS Scorecard results should be excluded for VS Code agent") @@ -191,7 +190,6 @@ func TestRunScsResultsShow_VSCode_AgentShouldNotShowScorecardResults(t *testing. } func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { - results := executeCommand(t, "Jetbrains") for _, result := range results.Results { assert.Assert(t, result.Type != params.SCSScorecardType && result.Type != params.SCSSecretDetectionType, "SCS results should be excluded for other agents") @@ -202,7 +200,6 @@ func TestRunScsResultsShow_Other_AgentsShouldNotShowScsResults(t *testing.T) { } func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) { - results := executeCommand(t, "Jetbrains") for _, result := range results.Results { assert.Assert(t, result.Type != params.SCSScorecardType && result.Type != params.SCSSecretDetectionType, "SCS results should be excluded for other agents") From 8fe59942dee04592266813fe0d3568d0fc36422f Mon Sep 17 00:00:00 2001 From: sarahCx Date: Wed, 28 Aug 2024 15:34:50 +0300 Subject: [PATCH 8/8] fix lint error --- internal/commands/result_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index a53594389..ccf196a69 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -210,7 +210,6 @@ func TestRunWithoutScsResults_Other_AgentsShouldNotShowScsResults(t *testing.T) } func TestRunNilResults_Other_AgentsShouldNotShowAnyResults(t *testing.T) { - results := executeCommand(t, "Jetbrains") assert.Assert(t, results.TotalCount == 0, "SCS Scorecard results should be excluded")