checkov:chore - removing pborman/ansi dependency (#975)

Signed-off-by: Ian Cardoso <ian.cardoso@zup.com.br>
ZupIT · Feb 10, 2022 · 9f7dd64 · 9f7dd64
1 parent aadaaed
commit 9f7dd64
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 5 deletions.
diff --git a/go.mod b/go.mod
@@ -18,7 +18,6 @@ require (
 	github.com/onsi/ginkgo v1.16.5
 	github.com/onsi/gomega v1.18.1
 	github.com/opencontainers/image-spec v1.0.2
-	github.com/pborman/ansi v1.0.0
 	github.com/sirupsen/logrus v1.8.1
 	github.com/spf13/cobra v1.3.0
 	github.com/spf13/pflag v1.0.5

diff --git a/go.sum b/go.sum
@@ -768,8 +768,6 @@ github.com/panjf2000/ants/v2 v2.4.7/go.mod h1:f6F0NZVFsGCp5A7QW/Zj/m92atWwOkY0OI
 github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
-github.com/pborman/ansi v1.0.0 h1:OqjHMhvlSuCCV5JT07yqPuJPQzQl+WXsiZ14gZsqOrQ=
-github.com/pborman/ansi v1.0.0/go.mod h1:SgWzwMAx1X/Ez7i90VqF8LRiQtx52pWDiQP+x3iGnzw=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc=
 github.com/pelletier/go-toml v1.9.4 h1:tjENF6MfZAg8e4ZmZTeWaWiT2vXtsoO6+iuOjFhECwM=

diff --git a/internal/services/formatters/hcl/checkov/formatter.go b/internal/services/formatters/hcl/checkov/formatter.go
@@ -17,13 +17,13 @@ package checkov
 import (
 	"bytes"
 	"encoding/json"
+	"regexp"
 
 	"github.com/ZupIT/horusec-devkit/pkg/entities/vulnerability"
 	"github.com/ZupIT/horusec-devkit/pkg/enums/languages"
 	"github.com/ZupIT/horusec-devkit/pkg/enums/severities"
 	"github.com/ZupIT/horusec-devkit/pkg/enums/tools"
 	"github.com/ZupIT/horusec-devkit/pkg/utils/logger"
-	"github.com/pborman/ansi"
 
 	"github.com/ZupIT/horusec/internal/entities/docker"
 	"github.com/ZupIT/horusec/internal/enums/images"
@@ -75,7 +75,8 @@ func (f *Formatter) getDockerConfig(projectSubPath string) *docker.AnalysisData
 
 func (f *Formatter) parseOutput(output string) error {
 	var vuln *checkovVulnerability
-	binary, _ := ansi.Strip([]byte(output))
+
+	binary := f.removeAnsiCharacters(output)
 	// For some reason checkov returns an empty list when no vulnerabilities are found
 	// and an object if vulnerabitilies are found, this checks ignores result when we have no vulnerabilities
 	if bytes.Equal(binary, checkovEmptyValue) {
@@ -90,6 +91,16 @@ func (f *Formatter) parseOutput(output string) error {
 	return nil
 }
 
+// nolint:lll // const ansi is a regex and cannot be break into more lines
+func (f *Formatter) removeAnsiCharacters(output string) []byte {
+	// ansi represents a regex that will match ansi characters ,so we can use just the ASCII characters to parse the results of checkov tool
+	const ansi = "[\u001B\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[a-zA-Z\\d]*)*)?\u0007)|(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PRZcf-ntqry=><~]))"
+
+	re := regexp.MustCompile(ansi)
+	binary := []byte(re.ReplaceAllString(output, ""))
+	return binary
+}
+
 func (f *Formatter) newVulnerability(check *checkovCheck) *vulnerability.Vulnerability {
 	vuln := &vulnerability.Vulnerability{
 		SecurityTool: tools.Checkov,