Skip to content

Commit 37e7e3e

Browse files
DmitriyLewenDmitriyLewen
authored
fix(java): check if a version exists when determining GAV by file name for jar files (aquasecurity#5630)
1 parent d0c81e2 commit 37e7e3e

File tree

3 files changed

+8
-8
lines changed

3 files changed

+8
-8
lines changed

go.mod

+2-2
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ require (
1414
github.com/alicebob/miniredis/v2 v2.31.0
1515
github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986
1616
github.com/aquasecurity/defsec v0.93.2-0.20231208181342-318642ac6f08
17-
github.com/aquasecurity/go-dep-parser v0.0.0-20231120074854-8322cc2242bf
17+
github.com/aquasecurity/go-dep-parser v0.0.0-20231128011057-a175d05161dd
1818
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce
1919
github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798
2020
github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46
@@ -26,7 +26,7 @@ require (
2626
github.com/aquasecurity/trivy-aws v0.5.0
2727
github.com/aquasecurity/trivy-db v0.0.0-20231005141211-4fc651f7ac8d
2828
github.com/aquasecurity/trivy-iac v0.7.1
29-
github.com/aquasecurity/trivy-java-db v0.0.0-20230209231723-7cddb1406728
29+
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48
3030
github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231203080602-50a069120091
3131
github.com/aquasecurity/trivy-policies v0.6.1-0.20231120231532-f6f2330bf842
3232
github.com/aws/aws-sdk-go-v2 v1.24.1

go.sum

+4-4
Original file line numberDiff line numberDiff line change
@@ -328,8 +328,8 @@ github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 h1:2a30
328328
github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986/go.mod h1:NT+jyeCzXk6vXR5MTkdn4z64TgGfE5HMLC8qfj5unl8=
329329
github.com/aquasecurity/defsec v0.93.2-0.20231208181342-318642ac6f08 h1:mjQvKTiKYXWGxHU5pw37q1n6deky0KcJq5JJwtuVrF4=
330330
github.com/aquasecurity/defsec v0.93.2-0.20231208181342-318642ac6f08/go.mod h1:NBF6hvbQSc4s/WCHdKV5sNNxLl258M2OiIFoUfgEn/k=
331-
github.com/aquasecurity/go-dep-parser v0.0.0-20231120074854-8322cc2242bf h1:kweQrNMfarPfjZGI1537GtuujhpzhsuT/MvmW2FwaBE=
332-
github.com/aquasecurity/go-dep-parser v0.0.0-20231120074854-8322cc2242bf/go.mod h1:7+xrs6AWD5+onpmX8f7qIkAhUgkPP0mhUdBjxJBcfas=
331+
github.com/aquasecurity/go-dep-parser v0.0.0-20231128011057-a175d05161dd h1:bhSbfJyZg4okPlAfIQ8pKsj8BCvs9LZErdkqUcpvD04=
332+
github.com/aquasecurity/go-dep-parser v0.0.0-20231128011057-a175d05161dd/go.mod h1:7+xrs6AWD5+onpmX8f7qIkAhUgkPP0mhUdBjxJBcfas=
333333
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM=
334334
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce/go.mod h1:HXgVzOPvXhVGLJs4ZKO817idqr/xhwsTcj17CLYY74s=
335335
github.com/aquasecurity/go-mock-aws v0.0.0-20230810212901-d6feebd39060 h1:V7nC90NpRDEubNpNEgRDtTfLH3RKQlZeY9/HSqxEze8=
@@ -355,8 +355,8 @@ github.com/aquasecurity/trivy-db v0.0.0-20231005141211-4fc651f7ac8d h1:fjI9mkoTU
355355
github.com/aquasecurity/trivy-db v0.0.0-20231005141211-4fc651f7ac8d/go.mod h1:cj9/QmD9N3OZnKQMp+/DvdV+ym3HyIkd4e+F0ZM3ZGs=
356356
github.com/aquasecurity/trivy-iac v0.7.1 h1:YqA0B1P/5uJy2YOrT+QtoB8Z/DCqMxApsMkvmyd5Lsg=
357357
github.com/aquasecurity/trivy-iac v0.7.1/go.mod h1:SK5XaVwGh5M17QV81139BSPXNlm3bIGp+YmAYs7slRw=
358-
github.com/aquasecurity/trivy-java-db v0.0.0-20230209231723-7cddb1406728 h1:0eS+V7SXHgqoT99tV1mtMW6HL4HdoB9qGLMCb1fZp8A=
359-
github.com/aquasecurity/trivy-java-db v0.0.0-20230209231723-7cddb1406728/go.mod h1:Ldya37FLi0e/5Cjq2T5Bty7cFkzUDwTcPeQua+2M8i8=
358+
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 h1:JVgBIuIYbwG+ekC5lUHUpGJboPYiCcxiz06RCtz8neI=
359+
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48/go.mod h1:Ldya37FLi0e/5Cjq2T5Bty7cFkzUDwTcPeQua+2M8i8=
360360
github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231203080602-50a069120091 h1:OTJMSbvKQYxbQ2NQ8Nht2NSL1bL36YfBCrlsGGxHPlI=
361361
github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231203080602-50a069120091/go.mod h1:Yh+tmpPtbqVWYONrAuapImHfD1ghZgnZHLlMBA6Ukfg=
362362
github.com/aquasecurity/trivy-policies v0.6.1-0.20231120231532-f6f2330bf842 h1:RnxM3eTcwPlA/WBwnmaEpeEk3WOCDcnz7yTIFxVL7us=

pkg/javadb/client.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -142,8 +142,8 @@ func (d *DB) SearchBySHA1(sha1 string) (jar.Properties, error) {
142142
}, nil
143143
}
144144

145-
func (d *DB) SearchByArtifactID(artifactID string) (string, error) {
146-
indexes, err := d.driver.SelectIndexesByArtifactIDAndFileType(artifactID, types.JarType)
145+
func (d *DB) SearchByArtifactID(artifactID, version string) (string, error) {
146+
indexes, err := d.driver.SelectIndexesByArtifactIDAndFileType(artifactID, version, types.JarType)
147147
if err != nil {
148148
return "", xerrors.Errorf("select error: %w", err)
149149
} else if len(indexes) == 0 {

0 commit comments

Comments
 (0)