Skip to content

Commit

Permalink
fix: skip scanning the gpg-pubkey package (aquasecurity#4720)
Browse files Browse the repository at this point in the history
  • Loading branch information
DmitriyLewen authored and AnaisUrlichs committed Aug 10, 2023
1 parent a22b1de commit 1781e13
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion pkg/detector/ospkg/detect.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package ospkg
import (
"time"

"github.com/samber/lo"
"golang.org/x/xerrors"

"github.com/aquasecurity/trivy/pkg/detector/ospkg/alma"
Expand Down Expand Up @@ -67,7 +68,12 @@ func Detect(_, osFamily, osName string, repo *ftypes.Repository, _ time.Time, pk

eosl := !driver.IsSupportedVersion(osFamily, osName)

vulns, err := driver.Detect(osName, repo, pkgs)
// Package `gpg-pubkey` doesn't use the correct version.
// We don't need to find vulnerabilities for this package.
filteredPkgs := lo.Filter(pkgs, func(pkg ftypes.Package, index int) bool {
return pkg.Name != "gpg-pubkey"
})
vulns, err := driver.Detect(osName, repo, filteredPkgs)
if err != nil {
return nil, false, xerrors.Errorf("failed detection: %w", err)
}
Expand Down

0 comments on commit 1781e13

Please sign in to comment.