Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* enable merging of matches Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add ability for matches constructor to take initial matches Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update tests to include IDs on package objects Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * rename common matcher helper package to search package Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * rename search functions and add SearchByCriteria Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * cleanup imports Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
- Loading branch information
Showing
55 changed files
with
874 additions
and
689 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
package match | ||
|
||
import ( | ||
"fmt" | ||
|
||
"github.com/mitchellh/hashstructure/v2" | ||
) | ||
|
||
type Details []Detail | ||
|
||
type Detail struct { | ||
Type Type // The kind of match made (an exact match, fuzzy match, indirect vs direct, etc). | ||
SearchedBy interface{} // The specific attributes that were used to search (other than package name and version) --this indicates "how" the match was made. | ||
Found interface{} // The specific attributes on the vulnerability object that were matched with --this indicates "what" was matched on / within. | ||
Matcher MatcherType // The matcher object that discovered the match. | ||
Confidence float64 // The certainty of the match as a ratio (currently unused, reserved for future use). | ||
} | ||
|
||
// String is the string representation of select match fields. | ||
func (m Detail) String() string { | ||
return fmt.Sprintf("Detail(searchedBy=%q found=%q matcher=%q)", m.SearchedBy, m.Found, m.Matcher) | ||
} | ||
|
||
func (m Details) Matchers() (tys []MatcherType) { | ||
if len(m) == 0 { | ||
return nil | ||
} | ||
for _, d := range m { | ||
tys = append(tys, d.Matcher) | ||
} | ||
return tys | ||
} | ||
|
||
func (m Details) Types() (tys []Type) { | ||
if len(m) == 0 { | ||
return nil | ||
} | ||
for _, d := range m { | ||
tys = append(tys, d.Type) | ||
} | ||
return tys | ||
} | ||
|
||
func (m Detail) ID() string { | ||
f, err := hashstructure.Hash(&m, hashstructure.FormatV2, &hashstructure.HashOptions{ | ||
ZeroNil: true, | ||
SlicesAsSets: true, | ||
}) | ||
if err != nil { | ||
return "" | ||
} | ||
|
||
return fmt.Sprintf("%x", f) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
package match | ||
|
||
import ( | ||
"fmt" | ||
|
||
"github.com/anchore/grype/grype/pkg" | ||
"github.com/mitchellh/hashstructure/v2" | ||
) | ||
|
||
type Fingerprint struct { | ||
vulnerabilityID string | ||
vulnerabilityNamespace string | ||
vulnerabilityFixes string | ||
packageID pkg.ID // note: this encodes package name, version, type, location | ||
} | ||
|
||
func (m Fingerprint) String() string { | ||
return fmt.Sprintf("Fingerprint(vuln=%q namespace=%q fixes=%q package=%q)", m.vulnerabilityID, m.vulnerabilityNamespace, m.vulnerabilityFixes, m.packageID) | ||
} | ||
|
||
func (m Fingerprint) ID() string { | ||
f, err := hashstructure.Hash(&m, hashstructure.FormatV2, &hashstructure.HashOptions{ | ||
ZeroNil: true, | ||
SlicesAsSets: true, | ||
}) | ||
if err != nil { | ||
return "" | ||
} | ||
|
||
return fmt.Sprintf("%x", f) | ||
} |
Oops, something went wrong.