Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: replace containers/image with google/go-containerregistry #456

Merged
merged 14 commits into from
Apr 14, 2020
Merged

fix: replace containers/image with google/go-containerregistry #456

merged 14 commits into from
Apr 14, 2020

Conversation

knqyf263
Copy link
Collaborator

@knqyf263 knqyf263 commented Apr 9, 2020

@knqyf263 knqyf263 self-assigned this Apr 9, 2020
@knqyf263 knqyf263 marked this pull request as draft April 9, 2020 11:10
@knqyf263 knqyf263 force-pushed the go_containerregistry branch from 57776e0 to ebd9e93 Compare April 9, 2020 11:26
@knqyf263 knqyf263 marked this pull request as ready for review April 9, 2020 14:36
@knqyf263 knqyf263 requested a review from simar7 April 9, 2020 14:36
simar7
simar7 reviewed Apr 9, 2020
View reviewed changes
rpc/common/service.pb.go
@@ -366,7 +366,7 @@ type Vulnerability struct {
Description string `protobuf:"bytes,6,opt,name=description,proto3" json:"description,omitempty"`
Severity Severity `protobuf:"varint,7,opt,name=severity,proto3,enum=trivy.common.Severity" json:"severity,omitempty"`
References []string `protobuf:"bytes,8,rep,name=references,proto3" json:"references,omitempty"`
LayerId string `protobuf:"bytes,9,opt,name=layer_id,json=layerId,proto3" json:"layer_id,omitempty"`
Layer *Layer `protobuf:"bytes,10,opt,name=layer,proto3" json:"layer,omitempty"`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm just curious: Why is this by reference? Are custom types always passed by reference?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure, but other custom types are also references.

trivy/rpc/cache/service.pb.go

Line 32 in 1b112c3

HistoryPackages []*common.Package `protobuf:"bytes,6,rep,name=history_packages,json=historyPackages,proto3" json:"history_packages,omitempty"`

simar7
simar7 reviewed Apr 9, 2020
View reviewed changes
pkg/detector/ospkg/debian/debian.go
@@ -102,8 +102,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV
VulnerabilityID: adv.VulnerabilityID,
PkgName: pkg.Name,
InstalledVersion: installed,
//FixedVersion: adv.FixedVersion, // TODO: Why is this missing?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would you know why is this missing?

Copy link
Collaborator Author

@knqyf263 knqyf263 Apr 10, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is because this bucket stores only unfixed vulnerabilities. I added comments. 49d98c0

simar7
simar7 approved these changes Apr 9, 2020
View reviewed changes
Copy link
Member

@simar7 simar7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢 it!

@knqyf263 knqyf263 merged commit 329f245 into master Apr 14, 2020
@knqyf263 knqyf263 deleted the go_containerregistry branch April 14, 2020 10:31
GuaoGuao pushed a commit to GuaoGuao/trivy that referenced this pull request Jun 24, 2020
@knqyf263
fix: replace containers/image with google/go-containerregistry (aquas…
697f9eb 
…ecurity#456)

* chore(mod): update dependencies

* fix(internal): remove cleanup

* fix: use only diff_id

* fix: use string instead of digest

* fix: replace LayerID with Layer

* test(integration): negotiate API version

* feat(conf): add TRIVY_NONSSL

* test(integration): update golden files

* test(integration): fix the error message

* chore(debian): add comments

* chore(mod): update dependencies
liamg pushed a commit that referenced this pull request Jun 7, 2022
@knqyf263
fix: replace containers/image with google/go-containerregistry (#456)
22aa6b7 
* chore(mod): update dependencies

* fix(internal): remove cleanup

* fix: use only diff_id

* fix: use string instead of digest

* fix: replace LayerID with Layer

* test(integration): negotiate API version

* feat(conf): add TRIVY_NONSSL

* test(integration): update golden files

* test(integration): fix the error message

* chore(debian): add comments

* chore(mod): update dependencies
josedonizetti pushed a commit to josedonizetti/trivy that referenced this pull request Jun 24, 2022
chore: make the created folder for downloaded content deletable (aqua…
87897dc 
…security#456)

Signed-off-by: Owen Rumney <owen.rumney@aquasec.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simar7 simar7 simar7 approved these changes

Assignees

@knqyf263 knqyf263

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@knqyf263 @simar7