Skip to content

Commit

Permalink
Output description and references to JSON
Browse files Browse the repository at this point in the history
  • Loading branch information
@knqyf263
knqyf263 committed May 8, 2019
1 parent 34ba0ca commit 53ad8c2
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 18 deletions.
11 changes: 10 additions & 1 deletion pkg/report/writer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,17 @@ func (tw TableWriter) write(result Result) {
severityCount := map[string]int{}
for _, v := range result.Vulnerabilities {
severityCount[v.Severity]++

title := v.Title
if title == "" {
title = v.Description
}
splittedTitle := strings.Split(title, " ")
if len(splittedTitle) >= 12 {
title = strings.Join(splittedTitle[:12], " ") + "..."
}
table.Append([]string{v.PkgName, v.VulnerabilityID, vulnerability.ColorizeSeverity(v.Severity),
v.InstalledVersion, v.FixedVersion, v.Title})
v.InstalledVersion, v.FixedVersion, title})
}

var results []string
Expand Down
40 changes: 25 additions & 15 deletions pkg/scanner/scan.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import (
"fmt"
"os"
"sort"
"strings"

"github.com/knqyf263/trivy/pkg/log"

Expand Down Expand Up @@ -101,13 +100,15 @@ func ScanFile(f *os.File, severities []vulnerability.Severity) (report.Result, e
func processVulnerabilties(vulns []types.Vulnerability, severities []vulnerability.Severity, ignoreUnfixed bool) []types.Vulnerability {
var vulnerabilities []types.Vulnerability
for _, vuln := range vulns {
sev, title := getDetail(vuln.VulnerabilityID)
sev, title, description, references := getDetail(vuln.VulnerabilityID)

// Filter vulnerabilities by severity
for _, s := range severities {
if s == sev {
vuln.Severity = fmt.Sprint(sev)
vuln.Title = title
vuln.Description = description
vuln.References = references

// Ignore unfixed vulnerabilities
if ignoreUnfixed && vuln.FixedVersion == "" {
Expand Down Expand Up @@ -139,24 +140,15 @@ func openStream(path string) (*os.File, error) {
return os.Open(path)
}

func getDetail(vulnID string) (vulnerability.Severity, string) {
func getDetail(vulnID string) (vulnerability.Severity, string, string, []string) {
details, err := vulnerability.Get(vulnID)
if err != nil {
log.Logger.Debug(err)
return vulnerability.SeverityUnknown, ""
return vulnerability.SeverityUnknown, "", "", nil
} else if len(details) == 0 {
return vulnerability.SeverityUnknown, ""
return vulnerability.SeverityUnknown, "", "", nil
}
severity := getSeverity(details)
title := getTitle(details)
if title == "" {
title = getDescription(details)
}
splittedTitle := strings.Split(title, " ")
if len(splittedTitle) >= 12 {
title = strings.Join(splittedTitle[:12], " ") + "..."
}
return severity, title
return getSeverity(details), getTitle(details), getDescription(details), getReferences(details)
}

func getSeverity(details map[string]vulnerability.Vulnerability) vulnerability.Severity {
Expand Down Expand Up @@ -204,6 +196,24 @@ func getDescription(details map[string]vulnerability.Vulnerability) string {
return ""
}

func getReferences(details map[string]vulnerability.Vulnerability) []string {
references := map[string]struct{}{}
for _, source := range sources {
d, ok := details[source]
if !ok {
continue
}
for _, ref := range d.References {
references[ref] = struct{}{}
}
}
var refs []string
for ref := range references {
refs = append(refs, ref)
}
return refs
}

func scoreToSeverity(score float64) vulnerability.Severity {
if score >= 9.0 {
return vulnerability.SeverityCritical
Expand Down
6 changes: 4 additions & 2 deletions pkg/types/vulnerability.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ type Vulnerability struct {
InstalledVersion string
FixedVersion string

Title string
Severity string
Title string
Description string
Severity string
References []string
}

0 comments on commit 53ad8c2

Please sign in to comment.