diff --git a/integration/testdata/alpine-310-registry.json.golden b/integration/testdata/alpine-310-registry.json.golden index f1606bf9792d..cf8f991e049b 100644 --- a/integration/testdata/alpine-310-registry.json.golden +++ b/integration/testdata/alpine-310-registry.json.golden @@ -1,6 +1,6 @@ { "SchemaVersion": 2, - "ArtifactName": "localhost:32839/alpine:3.10", + "ArtifactName": "localhost:55844/alpine:3.10", "ArtifactType": "container_image", "Metadata": { "OS": { @@ -13,10 +13,10 @@ "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" ], "RepoTags": [ - "localhost:32839/alpine:3.10" + "localhost:55844/alpine:3.10" ], "RepoDigests": [ - "localhost:32839/alpine@sha256:b1c5a500182b21d0bfa5a584a8526b56d8be316f89e87d951be04abed2446e60" + "localhost:55844/alpine@sha256:b1c5a500182b21d0bfa5a584a8526b56d8be316f89e87d951be04abed2446e60" ], "ImageConfig": { "architecture": "amd64", @@ -55,7 +55,7 @@ }, "Results": [ { - "Target": "localhost:32839/alpine:3.10 (alpine 3.10.2)", + "Target": "localhost:55844/alpine:3.10 (alpine 3.10.2)", "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ diff --git a/integration/testdata/centos-7-cyclonedx.json.golden b/integration/testdata/centos-7-cyclonedx.json.golden index cb0114f65dea..6def05ead7df 100644 --- a/integration/testdata/centos-7-cyclonedx.json.golden +++ b/integration/testdata/centos-7-cyclonedx.json.golden @@ -3,7 +3,7 @@ "specVersion": "1.4", "version": 1, "metadata": { - "timestamp": "2023-05-15T09:50:02+00:00", + "timestamp": "2023-05-19T10:38:43+00:00", "tools": [ { "vendor": "aquasecurity", diff --git a/integration/testdata/conda-cyclonedx.json.golden b/integration/testdata/conda-cyclonedx.json.golden index 1b4fd4a0094c..a6f33ceb6a7c 100644 --- a/integration/testdata/conda-cyclonedx.json.golden +++ b/integration/testdata/conda-cyclonedx.json.golden @@ -1,10 +1,10 @@ { "bomFormat": "CycloneDX", "specVersion": "1.4", - "serialNumber": "urn:uuid:c283a9bb-93f1-49fb-9605-110b5f005a74", + "serialNumber": "urn:uuid:e1f49b6f-018f-4bf3-97c8-85cd92a82c7c", "version": 1, "metadata": { - "timestamp": "2023-05-15T09:49:59+00:00", + "timestamp": "2023-05-19T10:38:39+00:00", "tools": [ { "vendor": "aquasecurity", @@ -13,7 +13,7 @@ } ], "component": { - "bom-ref": "6497c0eb-7ca3-401e-b1f6-29234b2ec32c", + "bom-ref": "cd0ebb00-5c53-4b82-a3f7-271add663c51", "type": "application", "name": "testdata/fixtures/fs/conda", "properties": [ @@ -26,16 +26,16 @@ }, "components": [ { - "bom-ref": "pkg:conda/openssl@1.1.1q?file_path=miniconda3%2Fenvs%2Ftestenv%2Fconda-meta%2Fopenssl-1.1.1q-h7f8727e_0.json", + "bom-ref": "pkg:conda/pip@22.2.2?file_path=miniconda3%2Fenvs%2Ftestenv%2Fconda-meta%2Fpip-22.2.2-py38h06a4308_0.json", "type": "library", - "name": "openssl", - "version": "1.1.1q", + "name": "pip", + "version": "22.2.2", "licenses": [ { - "expression": "OpenSSL" + "expression": "MIT" } ], - "purl": "pkg:conda/openssl@1.1.1q", + "purl": "pkg:conda/pip@22.2.2", "properties": [ { "name": "aquasecurity:trivy:PkgType", @@ -43,21 +43,21 @@ }, { "name": "aquasecurity:trivy:FilePath", - "value": "miniconda3/envs/testenv/conda-meta/openssl-1.1.1q-h7f8727e_0.json" + "value": "miniconda3/envs/testenv/conda-meta/pip-22.2.2-py38h06a4308_0.json" } ] }, { - "bom-ref": "pkg:conda/pip@22.2.2?file_path=miniconda3%2Fenvs%2Ftestenv%2Fconda-meta%2Fpip-22.2.2-py38h06a4308_0.json", + "bom-ref": "pkg:conda/openssl@1.1.1q?file_path=miniconda3%2Fenvs%2Ftestenv%2Fconda-meta%2Fopenssl-1.1.1q-h7f8727e_0.json", "type": "library", - "name": "pip", - "version": "22.2.2", + "name": "openssl", + "version": "1.1.1q", "licenses": [ { - "expression": "MIT" + "expression": "OpenSSL" } ], - "purl": "pkg:conda/pip@22.2.2", + "purl": "pkg:conda/openssl@1.1.1q", "properties": [ { "name": "aquasecurity:trivy:PkgType", @@ -65,14 +65,14 @@ }, { "name": "aquasecurity:trivy:FilePath", - "value": "miniconda3/envs/testenv/conda-meta/pip-22.2.2-py38h06a4308_0.json" + "value": "miniconda3/envs/testenv/conda-meta/openssl-1.1.1q-h7f8727e_0.json" } ] } ], "dependencies": [ { - "ref": "6497c0eb-7ca3-401e-b1f6-29234b2ec32c", + "ref": "cd0ebb00-5c53-4b82-a3f7-271add663c51", "dependsOn": [ "pkg:conda/openssl@1.1.1q?file_path=miniconda3%2Fenvs%2Ftestenv%2Fconda-meta%2Fopenssl-1.1.1q-h7f8727e_0.json", "pkg:conda/pip@22.2.2?file_path=miniconda3%2Fenvs%2Ftestenv%2Fconda-meta%2Fpip-22.2.2-py38h06a4308_0.json" diff --git a/integration/testdata/conda-spdx.json.golden b/integration/testdata/conda-spdx.json.golden index 6f321987b024..c0ea6ffe8777 100644 --- a/integration/testdata/conda-spdx.json.golden +++ b/integration/testdata/conda-spdx.json.golden @@ -3,14 +3,14 @@ "dataLicense": "CC0-1.0", "SPDXID": "SPDXRef-DOCUMENT", "name": "testdata/fixtures/fs/conda", - "documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/testdata/fixtures/fs/conda-f50748fc-93cb-48c4-87c5-25a03e4ddb00", + "documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/testdata/fixtures/fs/conda-e854267f-30a6-497d-9183-2f45dee37b09", "creationInfo": { "licenseListVersion": "", "creators": [ "Organization: aquasecurity", "Tool: trivy-dev" ], - "created": "2023-05-16T05:26:41Z" + "created": "2023-05-19T10:38:39Z" }, "packages": [ { diff --git a/integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden b/integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden index c65d9fbe98fd..f0e23ca46398 100644 --- a/integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden +++ b/integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden @@ -3,7 +3,7 @@ "specVersion": "1.4", "version": 1, "metadata": { - "timestamp": "2023-05-15T09:50:02+00:00", + "timestamp": "2023-05-19T10:38:42+00:00", "tools": [ { "vendor": "aquasecurity", diff --git a/pkg/fanal/analyzer/analyzer_test.go b/pkg/fanal/analyzer/analyzer_test.go index fec8761c7dab..db85f7c5803d 100644 --- a/pkg/fanal/analyzer/analyzer_test.go +++ b/pkg/fanal/analyzer/analyzer_test.go @@ -344,6 +344,7 @@ func TestAnalyzerGroup_AnalyzeFile(t *testing.T) { SrcName: "musl", SrcVersion: "1.1.24-r2", Licenses: []string{"MIT"}, + Arch: "x86_64", Digest: "sha1:cb2316a189ebee5282c4a9bd98794cc2477a74c6", }, }, diff --git a/pkg/fanal/analyzer/pkg/apk/apk.go b/pkg/fanal/analyzer/pkg/apk/apk.go index 48895a6d6cef..defccaeee1c9 100644 --- a/pkg/fanal/analyzer/pkg/apk/apk.go +++ b/pkg/fanal/analyzer/pkg/apk/apk.go @@ -94,6 +94,8 @@ func (a alpinePkgAnalyzer) parseApkInfo(scanner *bufio.Scanner) ([]types.Package a.parseProvides(line, pkg.ID, provides) case "D:": // dependencies (corresponds to depend in PKGINFO, concatenated by spaces into a single line) pkg.DependsOn = a.parseDependencies(line) + case "A:": + pkg.Arch = line[2:] case "C:": d := decodeChecksumLine(line) if d != "" { diff --git a/pkg/fanal/analyzer/pkg/apk/apk_test.go b/pkg/fanal/analyzer/pkg/apk/apk_test.go index 24d7624ae07c..1c1230404574 100644 --- a/pkg/fanal/analyzer/pkg/apk/apk_test.go +++ b/pkg/fanal/analyzer/pkg/apk/apk_test.go @@ -26,6 +26,7 @@ func TestParseApkInfo(t *testing.T) { SrcName: "musl", SrcVersion: "1.1.14-r10", Licenses: []string{"MIT"}, + Arch: "x86_64", Digest: "sha1:d68b402f35f57750f49156b0cb4e886a2ad35d2d", }, { @@ -36,6 +37,7 @@ func TestParseApkInfo(t *testing.T) { SrcVersion: "1.24.2-r9", Licenses: []string{"GPL-2.0"}, DependsOn: []string{"musl@1.1.14-r10"}, + Arch: "x86_64", Digest: "sha1:ca124719267cd0bedc2f4cb850a286ac13f0ad44", }, { @@ -46,6 +48,7 @@ func TestParseApkInfo(t *testing.T) { SrcVersion: "3.0.3-r0", Licenses: []string{"GPL-2.0"}, DependsOn: []string{"busybox@1.24.2-r9", "musl@1.1.14-r10"}, + Arch: "x86_64", Digest: "sha1:a214896150411d72dd1fafdb32d1c6c4855cccfa", }, { @@ -55,6 +58,7 @@ func TestParseApkInfo(t *testing.T) { SrcName: "alpine-keys", SrcVersion: "1.1-r0", Licenses: []string{"GPL-3.0"}, + Arch: "x86_64", Digest: "sha1:4def7ffaee6aeba700c1d62570326f75cbb8fa25", }, { @@ -65,6 +69,7 @@ func TestParseApkInfo(t *testing.T) { SrcVersion: "1.2.8-r2", Licenses: []string{"Zlib"}, DependsOn: []string{"musl@1.1.14-r10"}, + Arch: "x86_64", Digest: "sha1:efd04d34d40aa8eb331480127364c27a8ba760ef", }, { @@ -75,6 +80,7 @@ func TestParseApkInfo(t *testing.T) { SrcVersion: "1.0.2h-r1", Licenses: []string{"openssl"}, DependsOn: []string{"musl@1.1.14-r10", "zlib@1.2.8-r2"}, + Arch: "x86_64", Digest: "sha1:65c860ff8f103b664f40ba849a3f5a51c69c8beb", }, { @@ -89,6 +95,7 @@ func TestParseApkInfo(t *testing.T) { "libcrypto1.0@1.0.2h-r1", "musl@1.1.14-r10", }, + Arch: "x86_64", }, { ID: "apk-tools@2.6.7-r0", @@ -104,6 +111,7 @@ func TestParseApkInfo(t *testing.T) { "musl@1.1.14-r10", "zlib@1.2.8-r2", }, + Arch: "x86_64", }, { ID: "scanelf@1.1.6-r0", @@ -114,6 +122,7 @@ func TestParseApkInfo(t *testing.T) { Licenses: []string{"GPL-2.0"}, Digest: "sha1:f9bab817c5ad93e92a6218bc0f7596b657c02d90", DependsOn: []string{"musl@1.1.14-r10"}, + Arch: "x86_64", }, { ID: "musl-utils@1.1.14-r10", @@ -127,6 +136,7 @@ func TestParseApkInfo(t *testing.T) { "musl@1.1.14-r10", "scanelf@1.1.6-r0", }, + Arch: "x86_64", }, { ID: "libc-utils@0.7-r0", @@ -137,6 +147,7 @@ func TestParseApkInfo(t *testing.T) { Licenses: []string{"GPL-3.0"}, Digest: "sha1:9055bc7afd76cf2672198042f72fc4a5ed4fa961", DependsOn: []string{"musl-utils@1.1.14-r10"}, + Arch: "x86_64", }, { ID: "pkgconf@1.6.0-r0", @@ -147,6 +158,7 @@ func TestParseApkInfo(t *testing.T) { Licenses: []string{"ISC"}, Digest: "sha1:e6242ac29589c8a84a4b179b491ea7c29fce66a9", DependsOn: []string{"musl@1.1.14-r10"}, + Arch: "x86_64", }, { @@ -158,6 +170,7 @@ func TestParseApkInfo(t *testing.T) { Licenses: []string{"Public-Domain"}, Digest: "sha1:1464946c3a5f0dd5a67ca1af930fc17af7a74474", DependsOn: []string{"musl@1.1.14-r10"}, + Arch: "x86_64", }, { @@ -172,6 +185,7 @@ func TestParseApkInfo(t *testing.T) { "pkgconf@1.6.0-r0", "sqlite-libs@3.26.0-r3", }, + Arch: "x86_64", }, }, wantFiles: []string{ diff --git a/pkg/fanal/artifact/image/image_test.go b/pkg/fanal/artifact/image/image_test.go index 4416f869447f..0ee024cea538 100644 --- a/pkg/fanal/artifact/image/image_test.go +++ b/pkg/fanal/artifact/image/image_test.go @@ -46,6 +46,7 @@ func TestArtifact_Inspect(t *testing.T) { "busybox@1.31.1-r9", "musl@1.1.24-r2", }, + Arch: "x86_64", }, { ID: "alpine-keys@2.1-r2", @@ -54,6 +55,7 @@ func TestArtifact_Inspect(t *testing.T) { SrcName: "alpine-keys", SrcVersion: "2.1-r2", Licenses: []string{"MIT"}, + Arch: "x86_64", Digest: "sha1:64929f85b7f8b4adbb664d905410312936b79d9b", }, { @@ -70,6 +72,7 @@ func TestArtifact_Inspect(t *testing.T) { "musl@1.1.24-r2", "zlib@1.2.11-r3", }, + Arch: "x86_64", }, { ID: "busybox@1.31.1-r9", @@ -82,6 +85,7 @@ func TestArtifact_Inspect(t *testing.T) { DependsOn: []string{ "musl@1.1.24-r2", }, + Arch: "x86_64", }, { ID: "ca-certificates-cacert@20191127-r1", @@ -93,6 +97,7 @@ func TestArtifact_Inspect(t *testing.T) { "MPL-2.0", "GPL-2.0", }, + Arch: "x86_64", Digest: "sha1:3aeb8a90d7179d2a187782e980a964494e08c5fb", }, { @@ -106,6 +111,7 @@ func TestArtifact_Inspect(t *testing.T) { DependsOn: []string{ "musl-utils@1.1.24-r2", }, + Arch: "x86_64", }, { ID: "libcrypto1.1@1.1.1d-r3", @@ -118,6 +124,7 @@ func TestArtifact_Inspect(t *testing.T) { DependsOn: []string{ "musl@1.1.24-r2", }, + Arch: "x86_64", }, { ID: "libssl1.1@1.1.1d-r3", @@ -131,6 +138,7 @@ func TestArtifact_Inspect(t *testing.T) { "libcrypto1.1@1.1.1d-r3", "musl@1.1.24-r2", }, + Arch: "x86_64", }, { ID: "libtls-standalone@2.9.1-r0", @@ -146,6 +154,7 @@ func TestArtifact_Inspect(t *testing.T) { "libssl1.1@1.1.1d-r3", "musl@1.1.24-r2", }, + Arch: "x86_64", }, { ID: "musl@1.1.24-r2", @@ -154,6 +163,7 @@ func TestArtifact_Inspect(t *testing.T) { SrcName: "musl", SrcVersion: "1.1.24-r2", Licenses: []string{"MIT"}, + Arch: "x86_64", Digest: "sha1:cb2316a189ebee5282c4a9bd98794cc2477a74c6", }, { @@ -172,6 +182,7 @@ func TestArtifact_Inspect(t *testing.T) { "musl@1.1.24-r2", "scanelf@1.2.4-r0", }, + Arch: "x86_64", }, { ID: "scanelf@1.2.4-r0", @@ -184,6 +195,7 @@ func TestArtifact_Inspect(t *testing.T) { DependsOn: []string{ "musl@1.1.24-r2", }, + Arch: "x86_64", }, { ID: "ssl_client@1.31.1-r9", @@ -197,6 +209,7 @@ func TestArtifact_Inspect(t *testing.T) { "libtls-standalone@2.9.1-r0", "musl@1.1.24-r2", }, + Arch: "x86_64", }, { ID: "zlib@1.2.11-r3", @@ -209,6 +222,7 @@ func TestArtifact_Inspect(t *testing.T) { DependsOn: []string{ "musl@1.1.24-r2", }, + Arch: "x86_64", }, } diff --git a/pkg/fanal/artifact/local/fs_test.go b/pkg/fanal/artifact/local/fs_test.go index 673f7f337f4f..ff60336143a7 100644 --- a/pkg/fanal/artifact/local/fs_test.go +++ b/pkg/fanal/artifact/local/fs_test.go @@ -47,7 +47,7 @@ func TestArtifact_Inspect(t *testing.T) { }, putBlobExpectation: cache.ArtifactCachePutBlobExpectation{ Args: cache.ArtifactCachePutBlobArgs{ - BlobID: "sha256:2846219523ad45fe4a17495304ed0a36163f1bd66e7fb0b4c19c5d1d4a966c82", + BlobID: "sha256:4018e87db7a7d4574587e9632876a6b658d30fd83758f42d1ec645fcf7d43e50", BlobInfo: types.BlobInfo{ SchemaVersion: types.BlobJSONSchemaVersion, OS: types.OS{ @@ -65,6 +65,7 @@ func TestArtifact_Inspect(t *testing.T) { SrcName: "musl", SrcVersion: "1.1.24-r2", Licenses: []string{"MIT"}, + Arch: "x86_64", Digest: "sha1:cb2316a189ebee5282c4a9bd98794cc2477a74c6", }, }, @@ -77,9 +78,9 @@ func TestArtifact_Inspect(t *testing.T) { want: types.ArtifactReference{ Name: "host", Type: types.ArtifactFilesystem, - ID: "sha256:2846219523ad45fe4a17495304ed0a36163f1bd66e7fb0b4c19c5d1d4a966c82", + ID: "sha256:4018e87db7a7d4574587e9632876a6b658d30fd83758f42d1ec645fcf7d43e50", BlobIDs: []string{ - "sha256:2846219523ad45fe4a17495304ed0a36163f1bd66e7fb0b4c19c5d1d4a966c82", + "sha256:4018e87db7a7d4574587e9632876a6b658d30fd83758f42d1ec645fcf7d43e50", }, }, }, @@ -120,7 +121,7 @@ func TestArtifact_Inspect(t *testing.T) { }, putBlobExpectation: cache.ArtifactCachePutBlobExpectation{ Args: cache.ArtifactCachePutBlobArgs{ - BlobID: "sha256:2846219523ad45fe4a17495304ed0a36163f1bd66e7fb0b4c19c5d1d4a966c82", + BlobID: "sha256:4018e87db7a7d4574587e9632876a6b658d30fd83758f42d1ec645fcf7d43e50", BlobInfo: types.BlobInfo{ SchemaVersion: types.BlobJSONSchemaVersion, OS: types.OS{ @@ -138,6 +139,7 @@ func TestArtifact_Inspect(t *testing.T) { SrcName: "musl", SrcVersion: "1.1.24-r2", Licenses: []string{"MIT"}, + Arch: "x86_64", Digest: "sha1:cb2316a189ebee5282c4a9bd98794cc2477a74c6", }, }, diff --git a/pkg/fanal/test/integration/testdata/goldens/packages/alpine-310.json.golden b/pkg/fanal/test/integration/testdata/goldens/packages/alpine-310.json.golden index 31c762759652..ab6041b77636 100644 --- a/pkg/fanal/test/integration/testdata/goldens/packages/alpine-310.json.golden +++ b/pkg/fanal/test/integration/testdata/goldens/packages/alpine-310.json.golden @@ -3,6 +3,7 @@ "ID": "alpine-baselayout@3.1.2-r0", "Name": "alpine-baselayout", "Version": "3.1.2-r0", + "Arch": "x86_64", "SrcName": "alpine-baselayout", "SrcVersion": "3.1.2-r0", "Licenses": [ @@ -22,6 +23,7 @@ "ID": "alpine-keys@2.1-r2", "Name": "alpine-keys", "Version": "2.1-r2", + "Arch": "x86_64", "SrcName": "alpine-keys", "SrcVersion": "2.1-r2", "Licenses": [ @@ -37,6 +39,7 @@ "ID": "apk-tools@2.10.4-r2", "Name": "apk-tools", "Version": "2.10.4-r2", + "Arch": "x86_64", "SrcName": "apk-tools", "SrcVersion": "2.10.4-r2", "Licenses": [ @@ -58,6 +61,7 @@ "ID": "busybox@1.30.1-r2", "Name": "busybox", "Version": "1.30.1-r2", + "Arch": "x86_64", "SrcName": "busybox", "SrcVersion": "1.30.1-r2", "Licenses": [ @@ -76,6 +80,7 @@ "ID": "ca-certificates-cacert@20190108-r0", "Name": "ca-certificates-cacert", "Version": "20190108-r0", + "Arch": "x86_64", "SrcName": "ca-certificates", "SrcVersion": "20190108-r0", "Licenses": [ @@ -92,6 +97,7 @@ "ID": "libc-utils@0.7.1-r0", "Name": "libc-utils", "Version": "0.7.1-r0", + "Arch": "x86_64", "SrcName": "libc-dev", "SrcVersion": "0.7.1-r0", "Licenses": [ @@ -110,6 +116,7 @@ "ID": "libcrypto1.1@1.1.1c-r0", "Name": "libcrypto1.1", "Version": "1.1.1c-r0", + "Arch": "x86_64", "SrcName": "openssl", "SrcVersion": "1.1.1c-r0", "Licenses": [ @@ -128,6 +135,7 @@ "ID": "libssl1.1@1.1.1c-r0", "Name": "libssl1.1", "Version": "1.1.1c-r0", + "Arch": "x86_64", "SrcName": "openssl", "SrcVersion": "1.1.1c-r0", "Licenses": [ @@ -147,6 +155,7 @@ "ID": "libtls-standalone@2.9.1-r0", "Name": "libtls-standalone", "Version": "2.9.1-r0", + "Arch": "x86_64", "SrcName": "libtls-standalone", "SrcVersion": "2.9.1-r0", "Licenses": [ @@ -168,6 +177,7 @@ "ID": "musl@1.1.22-r3", "Name": "musl", "Version": "1.1.22-r3", + "Arch": "x86_64", "SrcName": "musl", "SrcVersion": "1.1.22-r3", "Licenses": [ @@ -183,6 +193,7 @@ "ID": "musl-utils@1.1.22-r3", "Name": "musl-utils", "Version": "1.1.22-r3", + "Arch": "x86_64", "SrcName": "musl", "SrcVersion": "1.1.22-r3", "Licenses": [ @@ -204,6 +215,7 @@ "ID": "scanelf@1.2.3-r0", "Name": "scanelf", "Version": "1.2.3-r0", + "Arch": "x86_64", "SrcName": "pax-utils", "SrcVersion": "1.2.3-r0", "Licenses": [ @@ -222,6 +234,7 @@ "ID": "ssl_client@1.30.1-r2", "Name": "ssl_client", "Version": "1.30.1-r2", + "Arch": "x86_64", "SrcName": "busybox", "SrcVersion": "1.30.1-r2", "Licenses": [ @@ -241,6 +254,7 @@ "ID": "zlib@1.2.11-r1", "Name": "zlib", "Version": "1.2.11-r1", + "Arch": "x86_64", "SrcName": "zlib", "SrcVersion": "1.2.11-r1", "Licenses": [ diff --git a/pkg/fanal/test/integration/testdata/goldens/packages/vulnimage.json.golden b/pkg/fanal/test/integration/testdata/goldens/packages/vulnimage.json.golden index 85f78f3886c7..6f49b9c2b616 100644 --- a/pkg/fanal/test/integration/testdata/goldens/packages/vulnimage.json.golden +++ b/pkg/fanal/test/integration/testdata/goldens/packages/vulnimage.json.golden @@ -3,6 +3,7 @@ "ID": ".composer-phpext-rundeps@0", "Name": ".composer-phpext-rundeps", "Version": "0", + "Arch": "noarch", "DependsOn": [ "libsodium@1.0.15-r0", "musl@1.1.18-r3", @@ -18,6 +19,7 @@ "ID": ".persistent-deps@0", "Name": ".persistent-deps", "Version": "0", + "Arch": "noarch", "DependsOn": [ "ca-certificates@20171114-r0", "curl@7.61.0-r0", @@ -35,6 +37,7 @@ "ID": ".php-rundeps@0", "Name": ".php-rundeps", "Version": "0", + "Arch": "noarch", "DependsOn": [ "libcurl@7.61.1-r0", "libedit@20170329.3.1-r3", @@ -55,6 +58,7 @@ "ID": "alpine-baselayout@3.0.5-r2", "Name": "alpine-baselayout", "Version": "3.0.5-r2", + "Arch": "x86_64", "SrcName": "alpine-baselayout", "SrcVersion": "3.0.5-r2", "Licenses": [ @@ -74,6 +78,7 @@ "ID": "alpine-keys@2.1-r1", "Name": "alpine-keys", "Version": "2.1-r1", + "Arch": "x86_64", "SrcName": "alpine-keys", "SrcVersion": "2.1-r1", "Licenses": [ @@ -89,6 +94,7 @@ "ID": "apk-tools@2.10.1-r0", "Name": "apk-tools", "Version": "2.10.1-r0", + "Arch": "x86_64", "SrcName": "apk-tools", "SrcVersion": "2.10.1-r0", "Licenses": [ @@ -110,6 +116,7 @@ "ID": "apr@1.6.3-r0", "Name": "apr", "Version": "1.6.3-r0", + "Arch": "x86_64", "SrcName": "apr", "SrcVersion": "1.6.3-r0", "Licenses": [ @@ -129,6 +136,7 @@ "ID": "apr-util@1.6.1-r1", "Name": "apr-util", "Version": "1.6.1-r1", + "Arch": "x86_64", "SrcName": "apr-util", "SrcVersion": "1.6.1-r1", "Licenses": [ @@ -150,6 +158,7 @@ "ID": "bash@4.4.19-r1", "Name": "bash", "Version": "4.4.19-r1", + "Arch": "x86_64", "SrcName": "bash", "SrcVersion": "4.4.19-r1", "Licenses": [ @@ -171,6 +180,7 @@ "ID": "busybox@1.27.2-r11", "Name": "busybox", "Version": "1.27.2-r11", + "Arch": "x86_64", "SrcName": "busybox", "SrcVersion": "1.27.2-r11", "Licenses": [ @@ -189,6 +199,7 @@ "ID": "ca-certificates@20171114-r0", "Name": "ca-certificates", "Version": "20171114-r0", + "Arch": "x86_64", "SrcName": "ca-certificates", "SrcVersion": "20171114-r0", "Licenses": [ @@ -210,6 +221,7 @@ "ID": "curl@7.61.0-r0", "Name": "curl", "Version": "7.61.0-r0", + "Arch": "x86_64", "SrcName": "curl", "SrcVersion": "7.61.0-r0", "Licenses": [ @@ -231,6 +243,7 @@ "ID": "db@5.3.28-r0", "Name": "db", "Version": "5.3.28-r0", + "Arch": "x86_64", "SrcName": "db", "SrcVersion": "5.3.28-r0", "Licenses": [ @@ -249,6 +262,7 @@ "ID": "expat@2.2.5-r0", "Name": "expat", "Version": "2.2.5-r0", + "Arch": "x86_64", "SrcName": "expat", "SrcVersion": "2.2.5-r0", "Licenses": [ @@ -267,6 +281,7 @@ "ID": "gdbm@1.13-r1", "Name": "gdbm", "Version": "1.13-r1", + "Arch": "x86_64", "SrcName": "gdbm", "SrcVersion": "1.13-r1", "Licenses": [ @@ -285,6 +300,7 @@ "ID": "git@2.15.2-r0", "Name": "git", "Version": "2.15.2-r0", + "Arch": "x86_64", "SrcName": "git", "SrcVersion": "2.15.2-r0", "Licenses": [ @@ -307,6 +323,7 @@ "ID": "libbz2@1.0.6-r6", "Name": "libbz2", "Version": "1.0.6-r6", + "Arch": "x86_64", "SrcName": "bzip2", "SrcVersion": "1.0.6-r6", "Licenses": [ @@ -325,6 +342,7 @@ "ID": "libc-utils@0.7.1-r0", "Name": "libc-utils", "Version": "0.7.1-r0", + "Arch": "x86_64", "SrcName": "libc-dev", "SrcVersion": "0.7.1-r0", "Licenses": [ @@ -343,6 +361,7 @@ "ID": "libcurl@7.61.1-r0", "Name": "libcurl", "Version": "7.61.1-r0", + "Arch": "x86_64", "SrcName": "curl", "SrcVersion": "7.61.1-r0", "Licenses": [ @@ -366,6 +385,7 @@ "ID": "libedit@20170329.3.1-r3", "Name": "libedit", "Version": "20170329.3.1-r3", + "Arch": "x86_64", "SrcName": "libedit", "SrcVersion": "20170329.3.1-r3", "Licenses": [ @@ -385,6 +405,7 @@ "ID": "libffi@3.2.1-r4", "Name": "libffi", "Version": "3.2.1-r4", + "Arch": "x86_64", "SrcName": "libffi", "SrcVersion": "3.2.1-r4", "Licenses": [ @@ -403,6 +424,7 @@ "ID": "libressl@2.6.5-r0", "Name": "libressl", "Version": "2.6.5-r0", + "Arch": "x86_64", "SrcName": "libressl", "SrcVersion": "2.6.5-r0", "Licenses": [ @@ -424,6 +446,7 @@ "ID": "libressl2.6-libcrypto@2.6.5-r0", "Name": "libressl2.6-libcrypto", "Version": "2.6.5-r0", + "Arch": "x86_64", "SrcName": "libressl", "SrcVersion": "2.6.5-r0", "Licenses": [ @@ -442,6 +465,7 @@ "ID": "libressl2.6-libssl@2.6.5-r0", "Name": "libressl2.6-libssl", "Version": "2.6.5-r0", + "Arch": "x86_64", "SrcName": "libressl", "SrcVersion": "2.6.5-r0", "Licenses": [ @@ -461,6 +485,7 @@ "ID": "libressl2.6-libtls@2.6.5-r0", "Name": "libressl2.6-libtls", "Version": "2.6.5-r0", + "Arch": "x86_64", "SrcName": "libressl", "SrcVersion": "2.6.5-r0", "Licenses": [ @@ -481,6 +506,7 @@ "ID": "libsasl@2.1.26-r11", "Name": "libsasl", "Version": "2.1.26-r11", + "Arch": "x86_64", "SrcName": "cyrus-sasl", "SrcVersion": "2.1.26-r11", "Licenses": [ @@ -500,6 +526,7 @@ "ID": "libsodium@1.0.15-r0", "Name": "libsodium", "Version": "1.0.15-r0", + "Arch": "x86_64", "SrcName": "libsodium", "SrcVersion": "1.0.15-r0", "Licenses": [ @@ -518,6 +545,7 @@ "ID": "libssh2@1.8.0-r2", "Name": "libssh2", "Version": "1.8.0-r2", + "Arch": "x86_64", "SrcName": "libssh2", "SrcVersion": "1.8.0-r2", "Licenses": [ @@ -538,6 +566,7 @@ "ID": "libuuid@2.31-r0", "Name": "libuuid", "Version": "2.31-r0", + "Arch": "x86_64", "SrcName": "util-linux", "SrcVersion": "2.31-r0", "Licenses": [ @@ -561,6 +590,7 @@ "ID": "libxml2@2.9.7-r0", "Name": "libxml2", "Version": "2.9.7-r0", + "Arch": "x86_64", "SrcName": "libxml2", "SrcVersion": "2.9.7-r0", "Licenses": [ @@ -580,6 +610,7 @@ "ID": "mercurial@4.5.2-r0", "Name": "mercurial", "Version": "4.5.2-r0", + "Arch": "x86_64", "SrcName": "mercurial", "SrcVersion": "4.5.2-r0", "Licenses": [ @@ -599,6 +630,7 @@ "ID": "musl@1.1.18-r3", "Name": "musl", "Version": "1.1.18-r3", + "Arch": "x86_64", "SrcName": "musl", "SrcVersion": "1.1.18-r3", "Licenses": [ @@ -614,6 +646,7 @@ "ID": "musl-utils@1.1.18-r3", "Name": "musl-utils", "Version": "1.1.18-r3", + "Arch": "x86_64", "SrcName": "musl", "SrcVersion": "1.1.18-r3", "Licenses": [ @@ -635,6 +668,7 @@ "ID": "ncurses-libs@6.0_p20171125-r1", "Name": "ncurses-libs", "Version": "6.0_p20171125-r1", + "Arch": "x86_64", "SrcName": "ncurses", "SrcVersion": "6.0_p20171125-r1", "Licenses": [ @@ -655,6 +689,7 @@ "ID": "ncurses-terminfo@6.0_p20171125-r1", "Name": "ncurses-terminfo", "Version": "6.0_p20171125-r1", + "Arch": "x86_64", "SrcName": "ncurses", "SrcVersion": "6.0_p20171125-r1", "Licenses": [ @@ -673,6 +708,7 @@ "ID": "ncurses-terminfo-base@6.0_p20171125-r1", "Name": "ncurses-terminfo-base", "Version": "6.0_p20171125-r1", + "Arch": "x86_64", "SrcName": "ncurses", "SrcVersion": "6.0_p20171125-r1", "Licenses": [ @@ -688,6 +724,7 @@ "ID": "openssh@7.5_p1-r9", "Name": "openssh", "Version": "7.5_p1-r9", + "Arch": "x86_64", "SrcName": "openssh", "SrcVersion": "7.5_p1-r9", "Licenses": [ @@ -710,6 +747,7 @@ "ID": "openssh-client@7.5_p1-r9", "Name": "openssh-client", "Version": "7.5_p1-r9", + "Arch": "x86_64", "SrcName": "openssh", "SrcVersion": "7.5_p1-r9", "Licenses": [ @@ -731,6 +769,7 @@ "ID": "openssh-keygen@7.5_p1-r9", "Name": "openssh-keygen", "Version": "7.5_p1-r9", + "Arch": "x86_64", "SrcName": "openssh", "SrcVersion": "7.5_p1-r9", "Licenses": [ @@ -750,6 +789,7 @@ "ID": "openssh-server@7.5_p1-r9", "Name": "openssh-server", "Version": "7.5_p1-r9", + "Arch": "x86_64", "SrcName": "openssh", "SrcVersion": "7.5_p1-r9", "Licenses": [ @@ -772,6 +812,7 @@ "ID": "openssh-server-common@7.5_p1-r9", "Name": "openssh-server-common", "Version": "7.5_p1-r9", + "Arch": "x86_64", "SrcName": "openssh", "SrcVersion": "7.5_p1-r9", "Licenses": [ @@ -787,6 +828,7 @@ "ID": "openssh-sftp-server@7.5_p1-r9", "Name": "openssh-sftp-server", "Version": "7.5_p1-r9", + "Arch": "x86_64", "SrcName": "openssh", "SrcVersion": "7.5_p1-r9", "Licenses": [ @@ -805,6 +847,7 @@ "ID": "patch@2.7.5-r2", "Name": "patch", "Version": "2.7.5-r2", + "Arch": "x86_64", "SrcName": "patch", "SrcVersion": "2.7.5-r2", "Licenses": [ @@ -823,6 +866,7 @@ "ID": "pcre2@10.30-r0", "Name": "pcre2", "Version": "10.30-r0", + "Arch": "x86_64", "SrcName": "pcre2", "SrcVersion": "10.30-r0", "Licenses": [ @@ -841,6 +885,7 @@ "ID": "pkgconf@1.3.10-r0", "Name": "pkgconf", "Version": "1.3.10-r0", + "Arch": "x86_64", "SrcName": "pkgconf", "SrcVersion": "1.3.10-r0", "Licenses": [ @@ -859,6 +904,7 @@ "ID": "python2@2.7.15-r2", "Name": "python2", "Version": "2.7.15-r2", + "Arch": "x86_64", "SrcName": "python2", "SrcVersion": "2.7.15-r2", "Licenses": [ @@ -887,6 +933,7 @@ "ID": "readline@7.0.003-r0", "Name": "readline", "Version": "7.0.003-r0", + "Arch": "x86_64", "SrcName": "readline", "SrcVersion": "7.0.003-r0", "Licenses": [ @@ -906,6 +953,7 @@ "ID": "scanelf@1.2.2-r1", "Name": "scanelf", "Version": "1.2.2-r1", + "Arch": "x86_64", "SrcName": "pax-utils", "SrcVersion": "1.2.2-r1", "Licenses": [ @@ -924,6 +972,7 @@ "ID": "serf@1.3.9-r3", "Name": "serf", "Version": "1.3.9-r3", + "Arch": "x86_64", "SrcName": "serf", "SrcVersion": "1.3.9-r3", "Licenses": [ @@ -947,6 +996,7 @@ "ID": "sqlite-libs@3.21.0-r1", "Name": "sqlite-libs", "Version": "3.21.0-r1", + "Arch": "x86_64", "SrcName": "sqlite", "SrcVersion": "3.21.0-r1", "Licenses": [ @@ -965,6 +1015,7 @@ "ID": "ssl_client@1.27.2-r11", "Name": "ssl_client", "Version": "1.27.2-r11", + "Arch": "x86_64", "SrcName": "busybox", "SrcVersion": "1.27.2-r11", "Licenses": [ @@ -984,6 +1035,7 @@ "ID": "subversion@1.9.7-r0", "Name": "subversion", "Version": "1.9.7-r0", + "Arch": "x86_64", "SrcName": "subversion", "SrcVersion": "1.9.7-r0", "Licenses": [ @@ -1008,6 +1060,7 @@ "ID": "subversion-libs@1.9.7-r0", "Name": "subversion-libs", "Version": "1.9.7-r0", + "Arch": "x86_64", "SrcName": "subversion", "SrcVersion": "1.9.7-r0", "Licenses": [ @@ -1035,6 +1088,7 @@ "ID": "tar@1.29-r1", "Name": "tar", "Version": "1.29-r1", + "Arch": "x86_64", "SrcName": "tar", "SrcVersion": "1.29-r1", "Licenses": [ @@ -1053,6 +1107,7 @@ "ID": "tini@0.16.1-r0", "Name": "tini", "Version": "0.16.1-r0", + "Arch": "x86_64", "SrcName": "tini", "SrcVersion": "0.16.1-r0", "Licenses": [ @@ -1071,6 +1126,7 @@ "ID": "xz@5.2.3-r1", "Name": "xz", "Version": "5.2.3-r1", + "Arch": "x86_64", "SrcName": "xz", "SrcVersion": "5.2.3-r1", "Licenses": [ @@ -1090,6 +1146,7 @@ "ID": "xz-libs@5.2.3-r1", "Name": "xz-libs", "Version": "5.2.3-r1", + "Arch": "x86_64", "SrcName": "xz", "SrcVersion": "5.2.3-r1", "Licenses": [ @@ -1108,6 +1165,7 @@ "ID": "zlib@1.2.11-r1", "Name": "zlib", "Version": "1.2.11-r1", + "Arch": "x86_64", "SrcName": "zlib", "SrcVersion": "1.2.11-r1", "Licenses": [