From abcea1a14de18e13e37424756cf9266056ad6766 Mon Sep 17 00:00:00 2001 From: Tomoya Amachi Date: Wed, 12 Jun 2019 18:50:07 +0900 Subject: [PATCH] add Library Scan (with image scan) (#829) * add static container image scan * server has many staticContainers * use go module * for staticContainer * fix typo * fix setErrs error * change name : StaticContainer -> Image * add scan -images-only flag * fix makefile * fix makefile for go module * use rpmcmd instead of rpm * add scrutinizer.yml * change scrutinizer.yml * fix scrutinizer.yml * fix scrutinizer.yml * fix scrutinizer.yml * fix scrutinizer.yml * delete scrutinizer * add report test * add sourcePackages and Arch * fix for sider * fix staticContainer -> image * init scan library * add library scan for servers * fix tui bug * fix lint error * divide WpPackageFixStats and LibraryPackageFixedIns * fix error * Delete libManager_test.go * stop use alpine os if err occurred in container * merge upstream/master * Delete libManager.go * update goval-dictionary * fix go.mod * update Readme * add feature : auto detect lockfiles --- .gitignore | 1 + GNUmakefile | 34 +- Gopkg.lock | 1046 -------------------------------------- Gopkg.toml | 49 -- README.md | 7 +- commands/scan.go | 5 +- config/config.go | 23 +- config/tomlloader.go | 28 + go.mod | 103 ++++ go.sum | 529 +++++++++++++++++++ libmanager/libManager.go | 33 ++ models/cvecontents.go | 34 +- models/library.go | 141 +++++ models/library_test.go | 52 ++ models/scanresults.go | 13 + models/vulninfos.go | 4 + report/report.go | 47 +- report/report_test.go | 50 ++ report/tui.go | 37 +- scan/base.go | 87 +++- scan/container.go | 222 ++++++++ scan/serverapi.go | 139 ++++- 22 files changed, 1527 insertions(+), 1157 deletions(-) delete mode 100644 Gopkg.lock delete mode 100644 Gopkg.toml create mode 100644 go.mod create mode 100644 go.sum create mode 100644 libmanager/libManager.go create mode 100644 models/library.go create mode 100644 models/library_test.go create mode 100644 scan/container.go diff --git a/.gitignore b/.gitignore index c265c2188c..3aec86b5f6 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,4 @@ results/ !setup/docker/* .DS_Store dist/ +.idea \ No newline at end of file diff --git a/GNUmakefile b/GNUmakefile index 9a81e05754..a0099e6aa1 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -1,6 +1,4 @@ .PHONY: \ - dep \ - depup \ build \ install \ all \ @@ -21,34 +19,27 @@ REVISION := $(shell git rev-parse --short HEAD) BUILDTIME := $(shell date "+%Y%m%d_%H%M%S") LDFLAGS := -X 'github.com/future-architect/vuls/config.Version=$(VERSION)' \ -X 'github.com/future-architect/vuls/config.Revision=build-$(BUILDTIME)_$(REVISION)' +GO := GO111MODULE=on go +GO_OFF := GO111MODULE=off go -all: dep build -dep: - go get -u github.com/golang/dep/... - dep ensure -v +all: build -depup: - go get -u github.com/golang/dep/... - dep ensure -update -v +build: main.go pretest + $(GO) build -a -ldflags "$(LDFLAGS)" -o vuls $< -build: main.go dep pretest - go build -a -ldflags "$(LDFLAGS)" -o vuls $< - -b: main.go dep pretest - go build -ldflags "$(LDFLAGS)" -o vuls $< - -install: main.go dep pretest - go install -ldflags "$(LDFLAGS)" +b: main.go pretest + $(GO) build -ldflags "$(LDFLAGS)" -o vuls $< +install: main.go pretest + $(GO) install -ldflags "$(LDFLAGS)" lint: - @ go get -v golang.org/x/lint/golint + $(GO_OFF) get -u golang.org/x/lint/golint golint $(PKGS) vet: - # @-go get -v golang.org/x/tools/cmd/vet - go vet ./... || exit; + echo $(PKGS) | xargs env $(GO) vet || exit; fmt: gofmt -s -w $(SRCS) @@ -62,7 +53,7 @@ fmtcheck: pretest: lint vet fmtcheck test: - echo $(PKGS) | xargs go test -cover -v || exit; + $(GO) test -cover -v ./... || exit; unused: $(foreach pkg,$(PKGS),unused $(pkg);) @@ -74,4 +65,5 @@ cov: clean: echo $(PKGS) | xargs go clean || exit; + echo $(PKGS) | xargs go clean || exit; diff --git a/Gopkg.lock b/Gopkg.lock deleted file mode 100644 index b522f5f8fc..0000000000 --- a/Gopkg.lock +++ /dev/null @@ -1,1046 +0,0 @@ -# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'. - - -[[projects]] - digest = "1:6b1426cad7057b717351eacf5b6fe70f053f11aac1ce254bbf2fd72c031719eb" - name = "contrib.go.opencensus.io/exporter/ocagent" - packages = ["."] - pruneopts = "UT" - revision = "dcb33c7f3b7cfe67e8a2cea10207ede1b7c40764" - version = "v0.4.12" - -[[projects]] - digest = "1:5d25df7e7ad3abe59af9d38e6a7c28c268e22cefdf453d68bfe8fc5920004a76" - name = "github.com/Azure/azure-sdk-for-go" - packages = [ - "storage", - "version", - ] - pruneopts = "UT" - revision = "5cd3deb00b42ed3b9199524cd8f70b8dd8bec2f0" - version = "v30.0.0" - -[[projects]] - digest = "1:b88fe174accff6609eee9dc7e4ec9f828cbda83e3646111538dbcc7f762f1a56" - name = "github.com/Azure/go-autorest" - packages = [ - "autorest", - "autorest/adal", - "autorest/azure", - "autorest/date", - "logger", - "tracing", - ] - pruneopts = "UT" - revision = "f29a2eccaa178b367df0405778cd85e0af7b4225" - version = "v12.1.0" - -[[projects]] - digest = "1:9f3b30d9f8e0d7040f729b82dcbc8f0dead820a133b3147ce355fc451f32d761" - name = "github.com/BurntSushi/toml" - packages = ["."] - pruneopts = "UT" - revision = "3012a1dbe2e4bd1391d42b32f0577cb7bbc7f005" - version = "v0.3.1" - -[[projects]] - branch = "master" - digest = "1:bb6c15391e666c4f44bdc604772301b93102233ed687be6df6d1c2abbde4f15c" - name = "github.com/RackSec/srslog" - packages = ["."] - pruneopts = "UT" - revision = "a4725f04ec91af1a91b380da679d6e0c2f061e59" - -[[projects]] - digest = "1:320e7ead93de9fd2b0e59b50fd92a4d50c1f8ab455d96bc2eb083267453a9709" - name = "github.com/asaskevich/govalidator" - packages = ["."] - pruneopts = "UT" - revision = "ccb8e960c48f04d6935e72476ae4a51028f9e22f" - version = "v9" - -[[projects]] - digest = "1:14155313f18932280b025613b2c8f40038757a57482e04a5e1bee7ac5700d4b9" - name = "github.com/aws/aws-sdk-go" - packages = [ - "aws", - "aws/awserr", - "aws/awsutil", - "aws/client", - "aws/client/metadata", - "aws/corehandlers", - "aws/credentials", - "aws/credentials/ec2rolecreds", - "aws/credentials/endpointcreds", - "aws/credentials/processcreds", - "aws/credentials/stscreds", - "aws/csm", - "aws/defaults", - "aws/ec2metadata", - "aws/endpoints", - "aws/request", - "aws/session", - "aws/signer/v4", - "internal/ini", - "internal/s3err", - "internal/sdkio", - "internal/sdkrand", - "internal/sdkuri", - "internal/shareddefaults", - "private/protocol", - "private/protocol/eventstream", - "private/protocol/eventstream/eventstreamapi", - "private/protocol/json/jsonutil", - "private/protocol/query", - "private/protocol/query/queryutil", - "private/protocol/rest", - "private/protocol/restxml", - "private/protocol/xml/xmlutil", - "service/s3", - "service/sts", - ] - pruneopts = "UT" - revision = "36f1478b1b241bd8ba1e21424b85eeb1f74f2bb4" - version = "v1.19.46" - -[[projects]] - digest = "1:0f98f59e9a2f4070d66f0c9c39561f68fcd1dc837b22a852d28d0003aebd1b1e" - name = "github.com/boltdb/bolt" - packages = ["."] - pruneopts = "UT" - revision = "2f1ce7a837dcb8da3ec595b1dac9d0632f0f99e8" - version = "v1.3.1" - -[[projects]] - digest = "1:c1100fc71e23b6a32b2c68a5202a848fd13811d5a10b12edb8019c3667d1cd9a" - name = "github.com/cenkalti/backoff" - packages = ["."] - pruneopts = "UT" - revision = "4b4cebaf850ec58f1bb1fec5bdebdf8501c2bc3f" - version = "v3.0.0" - -[[projects]] - digest = "1:fdb4ed936abeecb46a8c27dcac83f75c05c87a46d9ec7711411eb785c213fa02" - name = "github.com/census-instrumentation/opencensus-proto" - packages = [ - "gen-go/agent/common/v1", - "gen-go/agent/metrics/v1", - "gen-go/agent/trace/v1", - "gen-go/metrics/v1", - "gen-go/resource/v1", - "gen-go/trace/v1", - ] - pruneopts = "UT" - revision = "a105b96453fe85139acc07b68de48f2cbdd71249" - version = "v0.2.0" - -[[projects]] - digest = "1:e04c00d619875ce5fa67180891984a9b1fadcc031af36bcd7a3509cbdad1df15" - name = "github.com/cheggaaa/pb" - packages = ["."] - pruneopts = "UT" - revision = "c112833d014c77e8bde723fd0158e3156951639f" - version = "v2.0.6" - -[[projects]] - digest = "1:76dc72490af7174349349838f2fe118996381b31ea83243812a97e5a0fd5ed55" - name = "github.com/dgrijalva/jwt-go" - packages = ["."] - pruneopts = "UT" - revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e" - version = "v3.2.0" - -[[projects]] - digest = "1:865079840386857c809b72ce300be7580cb50d3d3129ce11bf9aa6ca2bc1934a" - name = "github.com/fatih/color" - packages = ["."] - pruneopts = "UT" - revision = "5b77d2a35fb0ede96d138fc9a99f5c9b6aef11b4" - version = "v1.7.0" - -[[projects]] - digest = "1:abeb38ade3f32a92943e5be54f55ed6d6e3b6602761d74b4aab4c9dd45c18abd" - name = "github.com/fsnotify/fsnotify" - packages = ["."] - pruneopts = "UT" - revision = "c2828203cd70a50dcccfb2761f8b1f8ceef9a8e9" - version = "v1.4.7" - -[[projects]] - digest = "1:c950e574951c7199fb3d990d0e7a61996f40f8e646ba7cf8a557878d4c737f53" - name = "github.com/go-redis/redis" - packages = [ - ".", - "internal", - "internal/consistenthash", - "internal/hashtag", - "internal/pool", - "internal/proto", - "internal/util", - ] - pruneopts = "UT" - revision = "75795aa4236dc7341eefac3bbe945e68c99ef9df" - version = "v6.15.3" - -[[projects]] - digest = "1:ec6f9bf5e274c833c911923c9193867f3f18788c461f76f05f62bb1510e0ae65" - name = "github.com/go-sql-driver/mysql" - packages = ["."] - pruneopts = "UT" - revision = "72cd26f257d44c1114970e19afddcd812016007e" - version = "v1.4.1" - -[[projects]] - digest = "1:586ea76dbd0374d6fb649a91d70d652b7fe0ccffb8910a77468e7702e7901f3d" - name = "github.com/go-stack/stack" - packages = ["."] - pruneopts = "UT" - revision = "2fee6af1a9795aafbe0253a0cfbdf668e1fb8a9a" - version = "v1.8.0" - -[[projects]] - digest = "1:489a99067cd08971bd9c1ee0055119ba8febc1429f9200ab0bec68d35e8c4833" - name = "github.com/golang/protobuf" - packages = [ - "jsonpb", - "proto", - "protoc-gen-go/descriptor", - "protoc-gen-go/generator", - "protoc-gen-go/generator/internal/remap", - "protoc-gen-go/plugin", - "ptypes", - "ptypes/any", - "ptypes/duration", - "ptypes/struct", - "ptypes/timestamp", - "ptypes/wrappers", - ] - pruneopts = "UT" - revision = "b5d812f8a3706043e23a9cd5babf2e5423744d30" - version = "v1.3.1" - -[[projects]] - digest = "1:9565826757d815638581d6e3a2704b64400928ef9cba84c3cb21b2dc93eca4d5" - name = "github.com/google/subcommands" - packages = ["."] - pruneopts = "UT" - revision = "d47216cd17848d55a33e6f651cbe408243ed55b8" - version = "1.0.1" - -[[projects]] - digest = "1:7b5c6e2eeaa9ae5907c391a91c132abfd5c9e8a784a341b5625e750c67e6825d" - name = "github.com/gorilla/websocket" - packages = ["."] - pruneopts = "UT" - revision = "66b9c49e59c6c48f0ffce28c2d8b8a5678502c6d" - version = "v1.4.0" - -[[projects]] - digest = "1:d959625ad576a561d91aae105f7266ea6b245d4822d86bc322823823bb88261a" - name = "github.com/gosuri/uitable" - packages = [ - ".", - "util/strutil", - "util/wordwrap", - ] - pruneopts = "UT" - revision = "2cf933346b8370a3a3d8867ef5cf54b2129d8ecf" - version = "v0.0.3" - -[[projects]] - branch = "master" - digest = "1:ff865425a7102b2337ddf6510f6a84f7d7aea0a4224c95c946e3d45c87141701" - name = "github.com/grokify/html-strip-tags-go" - packages = ["."] - pruneopts = "UT" - revision = "025bd760b27842de5d468168edd8b764d972a213" - -[[projects]] - digest = "1:4f30fff718a459f9be272e7aa87463cdf4ba27bb8bd7f586ac34c36d670aada4" - name = "github.com/grpc-ecosystem/grpc-gateway" - packages = [ - "internal", - "runtime", - "utilities", - ] - pruneopts = "UT" - revision = "8fd5fd9d19ce68183a6b0934519dfe7fe6269612" - version = "v1.9.0" - -[[projects]] - digest = "1:88e0b0baeb9072f0a4afbcf12dda615fc8be001d1802357538591155998da21b" - name = "github.com/hashicorp/go-version" - packages = ["."] - pruneopts = "UT" - revision = "ac23dc3fea5d1a983c43f6a0f6e2c13f0195d8bd" - version = "v1.2.0" - -[[projects]] - digest = "1:67474f760e9ac3799f740db2c489e6423a4cde45520673ec123ac831ad849cb8" - name = "github.com/hashicorp/golang-lru" - packages = ["simplelru"] - pruneopts = "UT" - revision = "7087cb70de9f7a8bc0a10c375cb0d2280a8edf9c" - version = "v0.5.1" - -[[projects]] - digest = "1:c0d19ab64b32ce9fe5cf4ddceba78d5bc9807f0016db6b1183599da3dcc24d10" - name = "github.com/hashicorp/hcl" - packages = [ - ".", - "hcl/ast", - "hcl/parser", - "hcl/printer", - "hcl/scanner", - "hcl/strconv", - "hcl/token", - "json/parser", - "json/scanner", - "json/token", - ] - pruneopts = "UT" - revision = "8cb6e5b959231cc1119e43259c4a608f9c51a241" - version = "v1.0.0" - -[[projects]] - branch = "master" - digest = "1:0f8b63af5601a93b6b6a63a420c857819e98a252369262d8faf66f3566ba294e" - name = "github.com/hashicorp/uuid" - packages = ["."] - pruneopts = "UT" - revision = "ebb0a03e909c9c642a36d2527729104324c44fdb" - -[[projects]] - branch = "master" - digest = "1:0778dc7fce1b4669a8bfa7ae506ec1f595b6ab0f8989c1c0d22a8ca1144e9972" - name = "github.com/howeyc/gopass" - packages = ["."] - pruneopts = "UT" - revision = "bf9dde6d0d2c004a008c27aaee91170c786f6db8" - -[[projects]] - digest = "1:89180842090b3c38430d0f311f2a514473bb77a29669d111840cfadd2fac0c7a" - name = "github.com/htcat/htcat" - packages = ["."] - pruneopts = "UT" - revision = "2e876d1aa131bd5e3a427b9bfacc5db7dc5a553d" - version = "v1.0.2" - -[[projects]] - digest = "1:e96640e5b9ce93e2d7ee18f48048483080fd23e72e3c38bc17e9c8b77062031a" - name = "github.com/inconshreveable/log15" - packages = ["."] - pruneopts = "UT" - revision = "67afb5ed74ec82fd7ac8f49d27c509ac6f991970" - version = "v2.14" - -[[projects]] - digest = "1:25697b37829fe0afed1e94c5b2e1c7645ac234c7d79ffa4534022e0899f63eec" - name = "github.com/jinzhu/gorm" - packages = [ - ".", - "dialects/mysql", - "dialects/postgres", - "dialects/sqlite", - ] - pruneopts = "UT" - revision = "b7156195f7f3415f97c20abbd6aff894b847fee8" - version = "v1.9.8" - -[[projects]] - branch = "master" - digest = "1:01ed62f8f4f574d8aff1d88caee113700a2b44c42351943fa73cc1808f736a50" - name = "github.com/jinzhu/inflection" - packages = ["."] - pruneopts = "UT" - revision = "f5c5f50e6090ae76a29240b61ae2a90dd810112e" - -[[projects]] - digest = "1:bb81097a5b62634f3e9fec1014657855610c82d19b9a40c17612e32651e35dca" - name = "github.com/jmespath/go-jmespath" - packages = ["."] - pruneopts = "UT" - revision = "c2b33e84" - -[[projects]] - digest = "1:114ecad51af93a73ae6781fd0d0bc28e52b433c852b84ab4b4c109c15e6c6b6d" - name = "github.com/jroimartin/gocui" - packages = ["."] - pruneopts = "UT" - revision = "c055c87ae801372cd74a0839b972db4f7697ae5f" - version = "v0.4.0" - -[[projects]] - digest = "1:86c75d55fde56a814f69515d092963634d6f5f6bc1c3e9091b01fbe373a9546e" - name = "github.com/k0kubun/pp" - packages = ["."] - pruneopts = "UT" - revision = "3d73dea227e0711e38b911ffa6fbafc8ff6b2991" - version = "v3.0.1" - -[[projects]] - branch = "master" - digest = "1:bdf08c9b41c029c60ba5dc99443a3ce74eedad842cf2adf9c255513f432422e2" - name = "github.com/knqyf263/go-cpe" - packages = [ - "common", - "matching", - "naming", - ] - pruneopts = "UT" - revision = "659663f6eca2ff32258e282557e7808115ea498a" - -[[projects]] - branch = "master" - digest = "1:4f716bd1685e2e990f23cff371823b6cfd6a24c3a986822da6b8ffa6acf6f256" - name = "github.com/knqyf263/go-deb-version" - packages = ["."] - pruneopts = "UT" - revision = "09fca494f03d83586ddc06a1cb3fa992626e4f79" - -[[projects]] - branch = "master" - digest = "1:5734c5362ef66c39ddf1b4a11dfe75fa3c1adb70e78059543c83c0c6e89f2bc0" - name = "github.com/knqyf263/go-rpm-version" - packages = ["."] - pruneopts = "UT" - revision = "74609b86c936dff800c69ec89fcf4bc52d5f13a4" - -[[projects]] - branch = "master" - digest = "1:acca5c567e76e94e81f8d65893e2a9cd12d914dd688731f461a5ebdb180d4938" - name = "github.com/knqyf263/gost" - packages = [ - "config", - "db", - "models", - "util", - ] - pruneopts = "UT" - revision = "39175c0da9e325ae7260df93ad14b0343d7d5559" - -[[projects]] - digest = "1:31e761d97c76151dde79e9d28964a812c46efc5baee4085b86f68f0c654450de" - name = "github.com/konsorten/go-windows-terminal-sequences" - packages = ["."] - pruneopts = "UT" - revision = "f55edac94c9bbba5d6182a4be46d86a2c9b5b50e" - version = "v1.0.2" - -[[projects]] - branch = "master" - digest = "1:b7132b491fe613cd364226a39cfb0862941c5661a92bab7e66b4c6190f10ee61" - name = "github.com/kotakanbe/go-cve-dictionary" - packages = [ - "config", - "db", - "log", - "models", - ] - pruneopts = "UT" - revision = "5fe52611f0b8dff9f95374d9cd7bdb23cc5fc67a" - -[[projects]] - digest = "1:54d3c90db1164399906830313a6fce7770917d7e4a12da8f2d8693d18ff5ef27" - name = "github.com/kotakanbe/go-pingscanner" - packages = ["."] - pruneopts = "UT" - revision = "641dc2cc2d3cbf295dad356667b74c69bcbd6f70" - version = "v0.1.0" - -[[projects]] - digest = "1:e5d1256691817d7f99ed824229c60d89a50301c82a1520625049c83492e88ab0" - name = "github.com/kotakanbe/goval-dictionary" - packages = [ - "config", - "db", - "db/rdb", - "fetcher", - "models", - "util", - ] - pruneopts = "UT" - revision = "199e1232155a76746cc702947e5667547e5f725d" - version = "v0.1.2" - -[[projects]] - branch = "master" - digest = "1:0daead102d7ca3af110dfb832e8c14393f197d94e5ffe3f0639f10ea2cc55530" - name = "github.com/kotakanbe/logrus-prefixed-formatter" - packages = ["."] - pruneopts = "UT" - revision = "928f7356cb964637e2489a6ef37eee55181676c5" - -[[projects]] - digest = "1:9bc108827ac1d8783dea294f1ef07732fa4ca7d6e20518c04888a85828eba4ce" - name = "github.com/labstack/gommon" - packages = [ - "color", - "log", - ] - pruneopts = "UT" - revision = "ab0bfd9a5eba33a8c364bf3390d809ed23c31f97" - version = "v0.2.9" - -[[projects]] - digest = "1:0e06e487551e2f9e0d6967a15c42223354e37c2e9869b301b14a42e4b51ea3e0" - name = "github.com/lib/pq" - packages = [ - ".", - "hstore", - "oid", - "scram", - ] - pruneopts = "UT" - revision = "bc6a3c0594130b1e34005880bc600b6d3f49fa7f" - version = "v1.1.1" - -[[projects]] - digest = "1:5a0ef768465592efca0412f7e838cdc0826712f8447e70e6ccc52eb441e9ab13" - name = "github.com/magiconair/properties" - packages = ["."] - pruneopts = "UT" - revision = "de8848e004dd33dc07a2947b3d76f618a7fc7ef1" - version = "v1.8.1" - -[[projects]] - digest = "1:c658e84ad3916da105a761660dcaeb01e63416c8ec7bc62256a9b411a05fcd67" - name = "github.com/mattn/go-colorable" - packages = ["."] - pruneopts = "UT" - revision = "167de6bfdfba052fa6b2d3664c8f5272e23c9072" - version = "v0.0.9" - -[[projects]] - digest = "1:9b90c7639a41697f3d4ad12d7d67dfacc9a7a4a6e0bbfae4fc72d0da57c28871" - name = "github.com/mattn/go-isatty" - packages = ["."] - pruneopts = "UT" - revision = "1311e847b0cb909da63b5fecfb5370aa66236465" - version = "v0.0.8" - -[[projects]] - digest = "1:0356f3312c9bd1cbeda81505b7fd437501d8e778ab66998ef69f00d7f9b3a0d7" - name = "github.com/mattn/go-runewidth" - packages = ["."] - pruneopts = "UT" - revision = "3ee7d812e62a0804a7d0a324e0249ca2db3476d3" - version = "v0.0.4" - -[[projects]] - digest = "1:4a49346ca45376a2bba679ca0e83bec949d780d4e927931317904bad482943ec" - name = "github.com/mattn/go-sqlite3" - packages = ["."] - pruneopts = "UT" - revision = "c7c4067b79cc51e6dfdcef5c702e74b1e0fa7c75" - version = "v1.10.0" - -[[projects]] - branch = "master" - digest = "1:2b32af4d2a529083275afc192d1067d8126b578c7a9613b26600e4df9c735155" - name = "github.com/mgutz/ansi" - packages = ["."] - pruneopts = "UT" - revision = "9520e82c474b0a04dd04f8a40959027271bab992" - -[[projects]] - digest = "1:5d231480e1c64a726869bc4142d270184c419749d34f167646baa21008eb0a79" - name = "github.com/mitchellh/go-homedir" - packages = ["."] - pruneopts = "UT" - revision = "af06845cf3004701891bf4fdb884bfe4920b3727" - version = "v1.1.0" - -[[projects]] - digest = "1:53bc4cd4914cd7cd52139990d5170d6dc99067ae31c56530621b18b35fc30318" - name = "github.com/mitchellh/mapstructure" - packages = ["."] - pruneopts = "UT" - revision = "3536a929edddb9a5b34bd6861dc4a9647cb459fe" - version = "v1.1.2" - -[[projects]] - digest = "1:7aefb397a53fc437c90f0fdb3e1419c751c5a3a165ced52325d5d797edf1aca6" - name = "github.com/moul/http2curl" - packages = ["."] - pruneopts = "UT" - revision = "9ac6cf4d929b2fa8fd2d2e6dec5bb0feb4f4911d" - version = "v1.0.0" - -[[projects]] - branch = "master" - digest = "1:800f856349089adbb2987d9581a937e5908d2f0b486e7179e03725e8c354693f" - name = "github.com/mozqnet/go-exploitdb" - packages = [ - "db", - "models", - "util", - ] - pruneopts = "UT" - revision = "a055cc2c195de03290d5a286f617abd604e00997" - -[[projects]] - digest = "1:95d38d218bf2290987c6b0e885a9f0f2d3d3239235acaddca01c3fe36e5e5566" - name = "github.com/nlopes/slack" - packages = [ - ".", - "slackutilsx", - ] - pruneopts = "UT" - revision = "b9033a72a20bf84563485e86a2adbea4bf265804" - version = "v0.4.0" - -[[projects]] - branch = "master" - digest = "1:e4f1b6b3c33388b1f6f3d630280d9b0870c1e2f80379dfd2f89dd06425e9e6b9" - name = "github.com/nsf/termbox-go" - packages = ["."] - pruneopts = "UT" - revision = "288510b9734e30e7966ec2f22b87c5f8e67345e3" - -[[projects]] - digest = "1:abcdbf03ca6ca13d3697e2186edc1f33863bbdac2b3a44dfa39015e8903f7409" - name = "github.com/olekukonko/tablewriter" - packages = ["."] - pruneopts = "UT" - revision = "e6d60cf7ba1f42d86d54cdf5508611c4aafb3970" - version = "v0.0.1" - -[[projects]] - digest = "1:d776f3e95774a8719f2e57fabbbb33103035fe072dcf6f1864f33abd17b753e5" - name = "github.com/parnurzeal/gorequest" - packages = ["."] - pruneopts = "UT" - revision = "a578a48e8d6ca8b01a3b18314c43c6716bb5f5a3" - version = "v0.2.15" - -[[projects]] - digest = "1:93131d8002d7025da13582877c32d1fc302486775a1b06f62241741006428c5e" - name = "github.com/pelletier/go-toml" - packages = ["."] - pruneopts = "UT" - revision = "728039f679cbcd4f6a54e080d2219a4c4928c546" - version = "v1.4.0" - -[[projects]] - digest = "1:cf31692c14422fa27c83a05292eb5cbe0fb2775972e8f1f8446a71549bd8980b" - name = "github.com/pkg/errors" - packages = ["."] - pruneopts = "UT" - revision = "ba968bfe8b2f7e042a574c888954fccecfa385b4" - version = "v0.8.1" - -[[projects]] - digest = "1:1a23fdd843129ef761ffe7651bc5fe7c5b09fbe933e92783ab06cc11c37b7b37" - name = "github.com/rifflock/lfshook" - packages = ["."] - pruneopts = "UT" - revision = "b9218ef580f59a2e72dad1aa33d660150445d05a" - version = "v2.4" - -[[projects]] - digest = "1:274f67cb6fed9588ea2521ecdac05a6d62a8c51c074c1fccc6a49a40ba80e925" - name = "github.com/satori/go.uuid" - packages = ["."] - pruneopts = "UT" - revision = "f58768cc1a7a7e77a3bd49e98cdd21419399b6a3" - version = "v1.2.0" - -[[projects]] - branch = "master" - digest = "1:9ffd8274c90a47cb2bdf4f469722a95027ee0dce146571d86211f08f7d8e2547" - name = "github.com/sirupsen/logrus" - packages = ["."] - pruneopts = "UT" - revision = "2a22dbedbad1fd454910cd1f44f210ef90c28464" - -[[projects]] - digest = "1:bb495ec276ab82d3dd08504bbc0594a65de8c3b22c6f2aaa92d05b73fbf3a82e" - name = "github.com/spf13/afero" - packages = [ - ".", - "mem", - ] - pruneopts = "UT" - revision = "588a75ec4f32903aa5e39a2619ba6a4631e28424" - version = "v1.2.2" - -[[projects]] - digest = "1:08d65904057412fc0270fc4812a1c90c594186819243160dc779a402d4b6d0bc" - name = "github.com/spf13/cast" - packages = ["."] - pruneopts = "UT" - revision = "8c9545af88b134710ab1cd196795e7f2388358d7" - version = "v1.3.0" - -[[projects]] - digest = "1:1b753ec16506f5864d26a28b43703c58831255059644351bbcb019b843950900" - name = "github.com/spf13/jwalterweatherman" - packages = ["."] - pruneopts = "UT" - revision = "94f6ae3ed3bceceafa716478c5fbf8d29ca601a1" - version = "v1.1.0" - -[[projects]] - digest = "1:c1b1102241e7f645bc8e0c22ae352e8f0dc6484b6cb4d132fa9f24174e0119e2" - name = "github.com/spf13/pflag" - packages = ["."] - pruneopts = "UT" - revision = "298182f68c66c05229eb03ac171abe6e309ee79a" - version = "v1.0.3" - -[[projects]] - digest = "1:11118bd196646c6515fea3d6c43f66162833c6ae4939bfb229b9956d91c6cf17" - name = "github.com/spf13/viper" - packages = ["."] - pruneopts = "UT" - revision = "b5bf975e5823809fb22c7644d008757f78a4259e" - version = "v1.4.0" - -[[projects]] - digest = "1:c468422f334a6b46a19448ad59aaffdfc0a36b08fdcc1c749a0b29b6453d7e59" - name = "github.com/valyala/bytebufferpool" - packages = ["."] - pruneopts = "UT" - revision = "e746df99fe4a3986f4d4f79e13c1e0117ce9c2f7" - version = "v1.0.0" - -[[projects]] - digest = "1:4d29fdc69817829d8c78473d61613d984ce59675110cee7a2f0314f332cc70a2" - name = "github.com/valyala/fasttemplate" - packages = ["."] - pruneopts = "UT" - revision = "8b5e4e491ab636663841c42ea3c5a9adebabaf36" - version = "v1.0.1" - -[[projects]] - branch = "master" - digest = "1:0792df7c7ff49b81c7a8c5a2a47aee897c5bab31fb348c8e2f80a560d675f941" - name = "github.com/ymomoi/goval-parser" - packages = ["oval"] - pruneopts = "UT" - revision = "0a0be1dd9d0855b50be0be5a10ad3085382b6d59" - -[[projects]] - digest = "1:4c93890bbbb5016505e856cb06b5c5a2ff5b7217584d33f2a9071ebef4b5d473" - name = "go.opencensus.io" - packages = [ - ".", - "internal", - "internal/tagencoding", - "metric/metricdata", - "metric/metricproducer", - "plugin/ocgrpc", - "plugin/ochttp", - "plugin/ochttp/propagation/b3", - "plugin/ochttp/propagation/tracecontext", - "resource", - "stats", - "stats/internal", - "stats/view", - "tag", - "trace", - "trace/internal", - "trace/propagation", - "trace/tracestate", - ] - pruneopts = "UT" - revision = "43463a80402d8447b7fce0d2c58edf1687ff0b58" - version = "v0.19.3" - -[[projects]] - branch = "master" - digest = "1:616f478cc557408da913c3b2d87b5c8d21ba353262a1bb19ebc51fcf519f020a" - name = "golang.org/x/crypto" - packages = [ - "curve25519", - "ed25519", - "ed25519/internal/edwards25519", - "internal/chacha20", - "internal/subtle", - "poly1305", - "ssh", - "ssh/agent", - "ssh/terminal", - ] - pruneopts = "UT" - revision = "f99c8df09eb5bff426315721bfa5f16a99cad32c" - -[[projects]] - branch = "master" - digest = "1:2e99dfa3436481d6b77b598aeef796b04d090a572b8150c1927af2a9b1ebb334" - name = "golang.org/x/net" - packages = [ - "context", - "context/ctxhttp", - "http/httpguts", - "http2", - "http2/hpack", - "idna", - "internal/timeseries", - "publicsuffix", - "trace", - ] - pruneopts = "UT" - revision = "461777fb6f67e8cb9d70cda16573678d085a74cf" - -[[projects]] - branch = "master" - digest = "1:8d1c112fb1679fa097e9a9255a786ee47383fa2549a3da71bcb1334a693ebcfe" - name = "golang.org/x/oauth2" - packages = [ - ".", - "internal", - ] - pruneopts = "UT" - revision = "0f29369cfe4552d0e4bcddc57cc75f4d7e672a33" - -[[projects]] - branch = "master" - digest = "1:382bb5a7fb4034db3b6a2d19e5a4a6bcf52f4750530603c01ca18a172fa3089b" - name = "golang.org/x/sync" - packages = ["semaphore"] - pruneopts = "UT" - revision = "112230192c580c3556b8cee6403af37a4fc5f28c" - -[[projects]] - branch = "master" - digest = "1:8fb335850bdc86a194ee285848bb372c39ec2f3ad2b914e7448122085657dbd8" - name = "golang.org/x/sys" - packages = [ - "cpu", - "unix", - "windows", - ] - pruneopts = "UT" - revision = "1e42afee0f762ed3d76e6dd942e4181855fd1849" - -[[projects]] - digest = "1:8d8faad6b12a3a4c819a3f9618cb6ee1fa1cfc33253abeeea8b55336721e3405" - name = "golang.org/x/text" - packages = [ - "collate", - "collate/build", - "internal/colltab", - "internal/gen", - "internal/language", - "internal/language/compact", - "internal/tag", - "internal/triegen", - "internal/ucd", - "language", - "secure/bidirule", - "transform", - "unicode/bidi", - "unicode/cldr", - "unicode/norm", - "unicode/rangetable", - ] - pruneopts = "UT" - revision = "342b2e1fbaa52c93f31447ad2c6abc048c63e475" - version = "v0.3.2" - -[[projects]] - branch = "master" - digest = "1:c44a77760372a998be8d4656e8d3c865f68735ec4cad1743a245903a58f64249" - name = "golang.org/x/xerrors" - packages = [ - ".", - "internal", - ] - pruneopts = "UT" - revision = "3ee3066db522c6628d440a3a91c4abdd7f5ef22f" - -[[projects]] - digest = "1:5f003878aabe31d7f6b842d4de32b41c46c214bb629bb485387dbcce1edf5643" - name = "google.golang.org/api" - packages = ["support/bundler"] - pruneopts = "UT" - revision = "aac82e61c0c8fe133c297b4b59316b9f481e1f0a" - version = "v0.6.0" - -[[projects]] - digest = "1:7e8b9c5ae49011b12ae8473834ac1a7bb8ac029ba201270c723e4c280c9e4855" - name = "google.golang.org/appengine" - packages = [ - "cloudsql", - "internal", - "internal/base", - "internal/datastore", - "internal/log", - "internal/remote_api", - "internal/urlfetch", - "urlfetch", - ] - pruneopts = "UT" - revision = "b2f4a3cf3c67576a2ee09e1fe62656a5086ce880" - version = "v1.6.1" - -[[projects]] - branch = "master" - digest = "1:3565a93b7692277a5dea355bc47bd6315754f3246ed07a224be6aec28972a805" - name = "google.golang.org/genproto" - packages = [ - "googleapis/api/httpbody", - "googleapis/rpc/status", - "protobuf/field_mask", - ] - pruneopts = "UT" - revision = "eb0b1bdb6ae60fcfc41b8d907b50dfb346112301" - -[[projects]] - digest = "1:e8800ddadd6bce3bc0c5ffd7bc55dbdddc6e750956c10cc10271cade542fccbe" - name = "google.golang.org/grpc" - packages = [ - ".", - "balancer", - "balancer/base", - "balancer/roundrobin", - "binarylog/grpc_binarylog_v1", - "codes", - "connectivity", - "credentials", - "credentials/internal", - "encoding", - "encoding/proto", - "grpclog", - "internal", - "internal/backoff", - "internal/balancerload", - "internal/binarylog", - "internal/channelz", - "internal/envconfig", - "internal/grpcrand", - "internal/grpcsync", - "internal/syscall", - "internal/transport", - "keepalive", - "metadata", - "naming", - "peer", - "resolver", - "resolver/dns", - "resolver/passthrough", - "stats", - "status", - "tap", - ] - pruneopts = "UT" - revision = "501c41df7f472c740d0674ff27122f3f48c80ce7" - version = "v1.21.1" - -[[projects]] - digest = "1:e626376fab8608a972d47e91b3c1bbbddaecaf1d42b82be6dcc52d10a7557893" - name = "gopkg.in/VividCortex/ewma.v1" - packages = ["."] - pruneopts = "UT" - revision = "b24eb346a94c3ba12c1da1e564dbac1b498a77ce" - version = "v1.1.1" - -[[projects]] - digest = "1:d219400f09c151f0ada918bab650ef46f7ebdb1ff4fea923fdcb839481ec7ec1" - name = "gopkg.in/cheggaaa/pb.v1" - packages = ["."] - pruneopts = "UT" - revision = "f907f6f5dd81f77c2bbc1cde92e4c5a04720cb11" - version = "v1.0.28" - -[[projects]] - digest = "1:256938e7d43c73bd5e7bb97dd281d1ebe294b2928403ee1fbec96249915d1150" - name = "gopkg.in/cheggaaa/pb.v2" - packages = ["termutil"] - pruneopts = "UT" - revision = "c112833d014c77e8bde723fd0158e3156951639f" - version = "v2.0.6" - -[[projects]] - digest = "1:865079840386857c809b72ce300be7580cb50d3d3129ce11bf9aa6ca2bc1934a" - name = "gopkg.in/fatih/color.v1" - packages = ["."] - pruneopts = "UT" - revision = "5b77d2a35fb0ede96d138fc9a99f5c9b6aef11b4" - version = "v1.7.0" - -[[projects]] - digest = "1:c658e84ad3916da105a761660dcaeb01e63416c8ec7bc62256a9b411a05fcd67" - name = "gopkg.in/mattn/go-colorable.v0" - packages = ["."] - pruneopts = "UT" - revision = "167de6bfdfba052fa6b2d3664c8f5272e23c9072" - version = "v0.0.9" - -[[projects]] - digest = "1:9b90c7639a41697f3d4ad12d7d67dfacc9a7a4a6e0bbfae4fc72d0da57c28871" - name = "gopkg.in/mattn/go-isatty.v0" - packages = ["."] - pruneopts = "UT" - revision = "1311e847b0cb909da63b5fecfb5370aa66236465" - version = "v0.0.8" - -[[projects]] - digest = "1:0356f3312c9bd1cbeda81505b7fd437501d8e778ab66998ef69f00d7f9b3a0d7" - name = "gopkg.in/mattn/go-runewidth.v0" - packages = ["."] - pruneopts = "UT" - revision = "3ee7d812e62a0804a7d0a324e0249ca2db3476d3" - version = "v0.0.4" - -[[projects]] - digest = "1:4d2e5a73dc1500038e504a8d78b986630e3626dc027bc030ba5c75da257cdb96" - name = "gopkg.in/yaml.v2" - packages = ["."] - pruneopts = "UT" - revision = "51d6538a90f86fe93ac480b35f37b2be17fef232" - version = "v2.2.2" - -[solve-meta] - analyzer-name = "dep" - analyzer-version = 1 - input-imports = [ - "github.com/Azure/azure-sdk-for-go/storage", - "github.com/BurntSushi/toml", - "github.com/RackSec/srslog", - "github.com/asaskevich/govalidator", - "github.com/aws/aws-sdk-go/aws", - "github.com/aws/aws-sdk-go/aws/credentials", - "github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds", - "github.com/aws/aws-sdk-go/aws/ec2metadata", - "github.com/aws/aws-sdk-go/aws/session", - "github.com/aws/aws-sdk-go/service/s3", - "github.com/aws/aws-sdk-go/service/sts", - "github.com/boltdb/bolt", - "github.com/cenkalti/backoff", - "github.com/google/subcommands", - "github.com/gosuri/uitable", - "github.com/hashicorp/go-version", - "github.com/hashicorp/uuid", - "github.com/howeyc/gopass", - "github.com/jroimartin/gocui", - "github.com/k0kubun/pp", - "github.com/knqyf263/go-cpe/naming", - "github.com/knqyf263/go-deb-version", - "github.com/knqyf263/go-rpm-version", - "github.com/knqyf263/gost/db", - "github.com/knqyf263/gost/models", - "github.com/kotakanbe/go-cve-dictionary/db", - "github.com/kotakanbe/go-cve-dictionary/log", - "github.com/kotakanbe/go-cve-dictionary/models", - "github.com/kotakanbe/go-pingscanner", - "github.com/kotakanbe/goval-dictionary/db", - "github.com/kotakanbe/goval-dictionary/models", - "github.com/kotakanbe/logrus-prefixed-formatter", - "github.com/mitchellh/go-homedir", - "github.com/mozqnet/go-exploitdb/db", - "github.com/mozqnet/go-exploitdb/models", - "github.com/nlopes/slack", - "github.com/olekukonko/tablewriter", - "github.com/parnurzeal/gorequest", - "github.com/rifflock/lfshook", - "github.com/sirupsen/logrus", - "golang.org/x/crypto/ssh", - "golang.org/x/crypto/ssh/agent", - "golang.org/x/oauth2", - "golang.org/x/xerrors", - ] - solver-name = "gps-cdcl" - solver-version = 1 diff --git a/Gopkg.toml b/Gopkg.toml deleted file mode 100644 index db1cc3e4c1..0000000000 --- a/Gopkg.toml +++ /dev/null @@ -1,49 +0,0 @@ -# Gopkg.toml example -# -# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html -# for detailed Gopkg.toml documentation. -# -# required = ["github.com/user/thing/cmd/thing"] -# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"] -# -# [[constraint]] name = "github.com/user/project" version = "1.0.0" -# -# [[constraint]] -# name = "github.com/user/project2" -# branch = "dev" -# source = "github.com/myfork/project2" -# -# [[override]] -# name = "github.com/x/y" -# version = "2.4.0" -# -# [prune] -# non-go = false -# go-tests = true -# unused-packages = true - -[[constraint]] - name = "github.com/knqyf263/gost" - branch = "master" - -[[constraint]] - name = "github.com/kotakanbe/go-cve-dictionary" - branch = "master" - -[[constraint]] - name = "github.com/mozqnet/go-exploitdb" - branch = "master" - -[[constraint]] - name = "github.com/nlopes/slack" - version = "v0.4.0" - -[prune] - go-tests = true - unused-packages = true - -[[constraint]] - branch = "master" - name = "golang.org/x/xerrors" - - diff --git a/README.md b/README.md index c0284736fd..c9c189cdfc 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,7 @@ Vuls is a tool created to solve the problems listed above. It has the following - Alpine, Amazon Linux, CentOS, Debian, Oracle Linux, Raspbian, RHEL, SUSE Enterprise Linux, and Ubuntu - FreeBSD -- Cloud, on-premise, and Docker +- Cloud, on-premise, Docker Container and Docker Image ### High-quality scan @@ -89,6 +89,11 @@ Vuls uses multiple vulnerability databases - [US-CERT](https://www.us-cert.gov/ncas/alerts) - [JPCERT](http://www.jpcert.or.jp/at/2019.html) - [WPVulnDB](https://wpvulndb.com/api) +- [Node.js Security Working Group](https://github.com/nodejs/security-wg) +- [Ruby Advisory Database](https://github.com/rubysec/ruby-advisory-db) +- [Safety DB(Python)](https://github.com/pyupio/safety-db) +- [PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories) +- [RustSec Advisory Database](https://github.com/RustSec/advisory-db) - Changelog ### Fast scan and Deep scan diff --git a/commands/scan.go b/commands/scan.go index ab50c98db2..a0b426dc66 100644 --- a/commands/scan.go +++ b/commands/scan.go @@ -96,7 +96,10 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) { "Use SSH options specified in ssh_config preferentially") f.BoolVar(&c.Conf.ContainersOnly, "containers-only", false, - "Scan containers only. Default: Scan both of hosts and containers") + "Scan running containers only. Default: Scan both of hosts and running containers") + + f.BoolVar(&c.Conf.ImagesOnly, "images-only", false, + "Scan container images only. Default: Scan both of hosts and images") f.BoolVar(&c.Conf.SkipBroken, "skip-broken", false, "[For CentOS] yum update changelog with --skip-broken option") diff --git a/config/config.go b/config/config.go index f707495dbf..7c3566b40d 100644 --- a/config/config.go +++ b/config/config.go @@ -27,10 +27,10 @@ import ( "strings" syslog "github.com/RackSec/srslog" - "golang.org/x/xerrors" - valid "github.com/asaskevich/govalidator" + "github.com/knqyf263/fanal/types" log "github.com/sirupsen/logrus" + "golang.org/x/xerrors" ) // Version of Vuls @@ -118,6 +118,7 @@ type Config struct { SSHNative bool `json:"sshNative,omitempty"` SSHConfig bool `json:"sshConfig,omitempty"` ContainersOnly bool `json:"containersOnly,omitempty"` + ImagesOnly bool `json:"imagesOnly,omitempty"` SkipBroken bool `json:"skipBroken,omitempty"` CacheDBPath string `json:"cacheDBPath,omitempty"` Vvv bool `json:"vvv,omitempty"` @@ -1059,12 +1060,14 @@ type ServerInfo struct { IgnoreCves []string `toml:"ignoreCves,omitempty" json:"ignoreCves,omitempty"` IgnorePkgsRegexp []string `toml:"ignorePkgsRegexp,omitempty" json:"ignorePkgsRegexp,omitempty"` GitHubRepos map[string]GitHubConf `toml:"githubs" json:"githubs,omitempty"` // key: owner/repo + Images map[string]Image `toml:"images" json:"images,omitempty"` UUIDs map[string]string `toml:"uuids,omitempty" json:"uuids,omitempty"` Memo string `toml:"memo,omitempty" json:"memo,omitempty"` Enablerepo []string `toml:"enablerepo,omitempty" json:"enablerepo,omitempty"` // For CentOS, RHEL, Amazon Optional map[string]interface{} `toml:"optional,omitempty" json:"optional,omitempty"` // Optional key-value set that will be outputted to JSON - - Type string `toml:"type,omitempty" json:"type,omitempty"` // "pseudo" or "" + Lockfiles []string `toml:"lockfiles,omitempty" json:"lockfiles,omitempty"` // ie) path/to/package-lock.json + FindLock bool `toml:"findLock,omitempty" json:"findLock,omitempty"` + Type string `toml:"type,omitempty" json:"type,omitempty"` // "pseudo" or "" WordPress WordPressConf `toml:"wordpress,omitempty" json:"wordpress,omitempty"` @@ -1074,6 +1077,7 @@ type ServerInfo struct { LogMsgAnsiColor string `toml:"-" json:"-"` // DebugLog Color Container Container `toml:"-" json:"-"` + Image Image `toml:"-" json:"-"` Distro Distro `toml:"-" json:"-"` Mode ScanMode `toml:"-" json:"-"` } @@ -1095,6 +1099,17 @@ type WordPressConf struct { IgnoreInactive bool `json:"ignoreInactive,omitempty"` } +// Image is a scan container image info +type Image struct { + Name string `json:"name"` + Tag string `json:"tag"` + DockerOption types.DockerOption `json:"dockerOption,omitempty"` + Cpes []string `json:"cpes,omitempty"` + OwaspDCXMLPath string `json:"owaspDCXMLPath"` + IgnorePkgsRegexp []string `json:"ignorePkgsRegexp,omitempty"` + IgnoreCves []string `json:"ignoreCves,omitempty"` +} + // GitHubConf is used for GitHub integration type GitHubConf struct { Token string `json:"-"` diff --git a/config/tomlloader.go b/config/tomlloader.go index aa72406e0e..826fd061ee 100644 --- a/config/tomlloader.go +++ b/config/tomlloader.go @@ -69,6 +69,16 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error { } s := ServerInfo{ServerName: serverName} + s.Images = make(map[string]Image) + + // image are able to set any server type + for name, image := range v.Images { + if err := IsValidImage(image); err != nil { + return err + } + s.Images[name] = image + } + if v.Type != ServerTypePseudo { s.Host = v.Host if len(s.Host) == 0 { @@ -142,6 +152,13 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error { s.CpeNames = d.CpeNames } + s.Lockfiles = v.Lockfiles + if len(s.Lockfiles) == 0 { + s.Lockfiles = d.Lockfiles + } + + s.FindLock = v.FindLock + for i, n := range s.CpeNames { uri, err := toCpeURI(n) if err != nil { @@ -300,3 +317,14 @@ func toCpeURI(cpename string) (string, error) { } return "", xerrors.Errorf("Unknow CPE format: %s", cpename) } + +// IsValidImage checks a container configuration +func IsValidImage(c Image) error { + if c.Name == "" { + return xerrors.New("Invalid arguments : no image name") + } + if c.Tag == "" { + return xerrors.New("Invalid arguments : no image tag") + } + return nil +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000000..93c3988d00 --- /dev/null +++ b/go.mod @@ -0,0 +1,103 @@ +module github.com/future-architect/vuls + +go 1.12 + +require ( + cloud.google.com/go v0.38.0 // indirect + contrib.go.opencensus.io/exporter/ocagent v0.4.12 // indirect + github.com/Azure/azure-sdk-for-go v28.1.0+incompatible + github.com/Azure/go-autorest v12.0.0+incompatible // indirect + github.com/BurntSushi/toml v0.3.1 + github.com/Microsoft/go-winio v0.4.12 // indirect + github.com/RackSec/srslog v0.0.0-20180709174129-a4725f04ec91 + github.com/asaskevich/govalidator v0.0.0-20180315120708-ccb8e960c48f + github.com/aws/aws-sdk-go v1.19.24 + github.com/beorn7/perks v1.0.0 // indirect + github.com/boltdb/bolt v1.3.1 + github.com/cenkalti/backoff v2.1.1+incompatible + github.com/cheggaaa/pb v2.0.6+incompatible // indirect + github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc // indirect + github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect + github.com/dnaeon/go-vcr v1.0.1 // indirect + github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f // indirect + github.com/elazarl/goproxy/ext v0.0.0-20190421051319-9d40249d3c2f // indirect + github.com/genuinetools/reg v0.16.1 // indirect + github.com/go-redis/redis v6.15.2+incompatible // indirect + github.com/gogo/protobuf v1.2.1 // indirect + github.com/google/subcommands v1.0.1 + github.com/gorilla/mux v1.7.1 // indirect + github.com/gorilla/websocket v1.4.0 // indirect + github.com/gosuri/uitable v0.0.1 + github.com/grokify/html-strip-tags-go v0.0.0-20190424092004-025bd760b278 // indirect + github.com/hashicorp/go-version v1.2.0 + github.com/hashicorp/golang-lru v0.5.1 // indirect + github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c + github.com/howeyc/gopass v0.0.0-20170109162249-bf9dde6d0d2c + github.com/htcat/htcat v1.0.2 // indirect + github.com/inconshreveable/log15 v0.0.0-20180818164646-67afb5ed74ec // indirect + github.com/jinzhu/gorm v1.9.5 // indirect + github.com/jroimartin/gocui v0.4.0 + github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88 // indirect + github.com/k0kubun/pp v3.0.1+incompatible + github.com/knqyf263/fanal v0.0.0-20190528042547-07e27879b658 + github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2 + github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d + github.com/knqyf263/go-dep-parser v0.0.0-20190521150559-1ef8521d17a0 + github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936 + github.com/knqyf263/go-version v1.1.1 + github.com/knqyf263/gost v0.0.0-20190326022014-39175c0da9e3 + github.com/knqyf263/trivy v0.1.1 + github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect + github.com/kotakanbe/go-cve-dictionary v0.0.0-20190327053454-5fe52611f0b8 + github.com/kotakanbe/go-pingscanner v0.1.0 + github.com/kotakanbe/goval-dictionary v0.1.2 + github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96 + github.com/labstack/gommon v0.2.8 // indirect + github.com/lusis/go-slackbot v0.0.0-20180109053408-401027ccfef5 // indirect + github.com/lusis/slack-test v0.0.0-20190426140909-c40012f20018 // indirect + github.com/mattn/go-isatty v0.0.7 // indirect + github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect + github.com/mitchellh/go-homedir v1.1.0 + github.com/moul/http2curl v1.0.0 // indirect + github.com/mozqnet/go-exploitdb v0.0.0-20190426034301-a055cc2c195d + github.com/nlopes/slack v0.4.0 + github.com/nsf/termbox-go v0.0.0-20190325093121-288510b9734e // indirect + github.com/olekukonko/tablewriter v0.0.1 + github.com/opencontainers/go-digest v1.0.0-rc1 // indirect + github.com/parnurzeal/gorequest v0.2.15 + github.com/pelletier/go-toml v1.4.0 // indirect + github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90 // indirect + github.com/prometheus/common v0.3.0 // indirect + github.com/prometheus/procfs v0.0.0-20190503130316-740c07785007 // indirect + github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5 + github.com/satori/go.uuid v1.2.0 // indirect + github.com/sirupsen/logrus v1.2.0 + github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a // indirect + github.com/spf13/afero v1.2.2 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/viper v1.3.2 // indirect + github.com/valyala/fasttemplate v1.0.1 // indirect + github.com/ymomoi/goval-parser v0.0.0-20170813122243-0a0be1dd9d08 // indirect + golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734 + golang.org/x/net v0.0.0-20190502183928-7f726cade0ab // indirect + golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a + golang.org/x/sync v0.0.0-20190423024810-112230192c58 // indirect + golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82 // indirect + golang.org/x/text v0.3.2 // indirect + golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373 + google.golang.org/appengine v1.5.0 // indirect + google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873 // indirect + google.golang.org/grpc v1.20.1 // indirect + gopkg.in/VividCortex/ewma.v1 v1.1.1 // indirect + gopkg.in/cheggaaa/pb.v2 v2.0.6 // indirect + gopkg.in/fatih/color.v1 v1.7.0 // indirect + gopkg.in/mattn/go-colorable.v0 v0.0.0-00010101000000-000000000000 // indirect + gopkg.in/mattn/go-isatty.v0 v0.0.0-00010101000000-000000000000 // indirect + gopkg.in/mattn/go-runewidth.v0 v0.0.4 // indirect +) + +replace github.com/genuinetools/reg => github.com/tomoyamachi/reg v0.16.2-0.20190418055600-c6010b917a55 + +replace gopkg.in/mattn/go-colorable.v0 => github.com/mattn/go-colorable v0.1.0 + +replace gopkg.in/mattn/go-isatty.v0 => github.com/mattn/go-isatty v0.0.6 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000000..dcfc3d957d --- /dev/null +++ b/go.sum @@ -0,0 +1,529 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.37.4/go.mod h1:NHPJ89PdicEuT9hdPXMROBD91xc5uRDxsMtSB16k7hw= +cloud.google.com/go v0.38.0 h1:ROfEUZz+Gh5pa62DJWXSaonyu3StP6EA6lPEXPI6mCo= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +contrib.go.opencensus.io/exporter/ocagent v0.4.12 h1:jGFvw3l57ViIVEPKKEUXPcLYIXJmQxLUh6ey1eJhwyc= +contrib.go.opencensus.io/exporter/ocagent v0.4.12/go.mod h1:450APlNTSR6FrvC3CTRqYosuDstRB9un7SOx2k/9ckA= +github.com/Azure/azure-sdk-for-go v28.1.0+incompatible h1:uApF+FNMxRibKyoWxLatbrBJse505r7UVdrOm3dEtfk= +github.com/Azure/azure-sdk-for-go v28.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8= +github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= +github.com/Azure/go-autorest v12.0.0+incompatible h1:N+VqClcomLGD/sHb3smbSYYtNMgKpVV3Cd5r5i8z6bQ= +github.com/Azure/go-autorest v12.0.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0 h1:wykTgKwhVr2t2qs+xI020s6W5dt614QqCHV+7W9dg64= +github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs= +github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= +github.com/Microsoft/go-winio v0.4.12 h1:xAfWHN1IrQ0NJ9TBC0KBZoqLjzDTr1ML+4MywiUOryc= +github.com/Microsoft/go-winio v0.4.12/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= +github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= +github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= +github.com/RackSec/srslog v0.0.0-20180709174129-a4725f04ec91 h1:vX+gnvBc56EbWYrmlhYbFYRaeikAke1GL84N4BEYOFE= +github.com/RackSec/srslog v0.0.0-20180709174129-a4725f04ec91/go.mod h1:cDLGBht23g0XQdLjzn6xOGXDkLK182YfINAaZEQLCHQ= +github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= +github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= +github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7 h1:uSoVVbwJiQipAclBbw+8quDsfcvFjOpI5iCf4p/cqCs= +github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= +github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= +github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= +github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= +github.com/asaskevich/govalidator v0.0.0-20180315120708-ccb8e960c48f h1:y2hSFdXeA1y5z5f0vfNO0Dg5qVY036qzlz3Pds0B92o= +github.com/asaskevich/govalidator v0.0.0-20180315120708-ccb8e960c48f/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/aws/aws-sdk-go v1.19.11/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.19.24 h1:qOIYaFxcFg07Vdn799ERpGiuUUIEi5MQ2vYib3CNMp4= +github.com/aws/aws-sdk-go v1.19.24/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v1.0.0 h1:HWo1m869IqiPhD389kmkxeTalrjNbbJTC8LXupb+sl0= +github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/boltdb/bolt v1.3.1 h1:JQmyP4ZBrce+ZQu0dY660FMfatumYDLun9hBCUVIkF4= +github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps= +github.com/briandowns/spinner v0.0.0-20190319032542-ac46072a5a91 h1:GMmnK0dvr0Sf0gx3DvTbln0c8DE07B7sPVD9dgHOqo4= +github.com/briandowns/spinner v0.0.0-20190319032542-ac46072a5a91/go.mod h1:hw/JEQBIE+c/BLI4aKM8UU8v+ZqrD3h7HC27kKt8JQU= +github.com/cenkalti/backoff v2.1.1+incompatible h1:tKJnvO2kl0zmb/jA5UKAt4VoEVw1qxKWjE/Bpp46npY= +github.com/cenkalti/backoff v2.1.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= +github.com/census-instrumentation/opencensus-proto v0.2.0 h1:LzQXZOgg4CQfE6bFvXGM30YZL1WW/M337pXml+GrcZ4= +github.com/census-instrumentation/opencensus-proto v0.2.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cheggaaa/pb v2.0.6+incompatible h1:sutSx+mRaNbeJUMCAtyqNWU/tQ0B/xBm+hyb1JQmQYs= +github.com/cheggaaa/pb v2.0.6+incompatible/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/containerd/continuity v0.0.0-20180921161001-7f53d412b9eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= +github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc h1:TP+534wVlf61smEIq1nwLLAjQVEK2EADoW3CX9AuT+8= +github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= +github.com/coreos/clair v0.0.0-20180919182544-44ae4bc9590a/go.mod h1:uXhHPWAoRqw0jJc2f8RrPCwRhIo9otQ8OEWUFtpCiwA= +github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= +github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/deckarep/golang-set v1.7.1 h1:SCQV0S6gTtp6itiFrTqI+pfmJ4LN85S1YzhDf9rTHJQ= +github.com/deckarep/golang-set v1.7.1/go.mod h1:93vsz/8Wt4joVM7c2AVqh+YRMiUSc14yDtF28KmMOgQ= +github.com/denisenkom/go-mssqldb v0.0.0-20190423183735-731ef375ac02 h1:PS3xfVPa8N84AzoWZHFCbA0+ikz4f4skktfjQoNMsgk= +github.com/denisenkom/go-mssqldb v0.0.0-20190423183735-731ef375ac02/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM= +github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dnaeon/go-vcr v1.0.1 h1:r8L/HqC0Hje5AXMu1ooW8oyQyOFv4GxqpL0nRP7SLLY= +github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= +github.com/docker/cli v0.0.0-20180920165730-54c19e67f69c h1:QlAVcyoF7QQVN7zV+xYBjgwtRVlRU3WCTCpb2mcqQrM= +github.com/docker/cli v0.0.0-20180920165730-54c19e67f69c/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/distribution v0.0.0-20180920194744-16128bbac47f h1:hYf+mPizfvpH6VgIxdntnOmQHd1F1mQUc1oG+j3Ol2g= +github.com/docker/distribution v0.0.0-20180920194744-16128bbac47f/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v0.0.0-20180924202107-a9c061deec0f h1:W4fbqg0JUwy6lLesoJaV/rE0fwAmtdtinMa64X1CEh0= +github.com/docker/docker v0.0.0-20180924202107-a9c061deec0f/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker-ce v0.0.0-20180924210327-f53bd8bb8e43 h1:gZ4lWixV821UVbYtr+oz1ZPCHkbtE+ivfmHyZRgyl2Y= +github.com/docker/docker-ce v0.0.0-20180924210327-f53bd8bb8e43/go.mod h1:l1FUGRYBvbjnZ8MS6A2xOji4aZFlY/Qmgz7p4oXH7ac= +github.com/docker/docker-credential-helpers v0.6.1 h1:Dq4iIfcM7cNtddhLVWe9h4QDjsi4OER3Z8voPu/I52g= +github.com/docker/docker-credential-helpers v0.6.1/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= +github.com/docker/go-connections v0.0.0-20180821093606-97c2040d34df/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= +github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= +github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= +github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916 h1:yWHOI+vFjEsAakUTSrtqc/SAHrhSkmn48pqjidZX3QA= +github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= +github.com/docker/go-units v0.3.3 h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk= +github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 h1:UhxFibDNY/bfvqU5CAUmr9zpesgbU6SWc8/B4mflAE4= +github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= +github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= +github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= +github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= +github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f h1:8GDPb0tCY8LQ+OJ3dbHb5sA6YZWXFORQYZx5sdsTlMs= +github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/elazarl/goproxy/ext v0.0.0-20190421051319-9d40249d3c2f h1:AUj1VoZUfhPhOPHULCQQDnGhRelpFWHMLhQVWDsS0v4= +github.com/elazarl/goproxy/ext v0.0.0-20190421051319-9d40249d3c2f/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= +github.com/emirpasic/gods v1.9.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= +github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg= +github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= +github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y= +github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0= +github.com/etcd-io/bbolt v1.3.2 h1:RLRQ0TKLX7DlBRXAJHvbmXL17Q3KNnTBtZ9B6Qo+/Y0= +github.com/etcd-io/bbolt v1.3.2/go.mod h1:ZF2nL25h33cCyBtcyWeZ2/I3HQOfTP+0PIEvHjkjCrw= +github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys= +github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/fernet/fernet-go v0.0.0-20180830025343-9eac43b88a5e/go.mod h1:2H9hjfbpSMHwY503FclkV/lZTBh2YlOmLLSda12uL8c= +github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 h1:BHsljHzVlRcyQhjrss6TZTdY2VfCqZPbv5k3iBFa2ZQ= +github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= +github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/genuinetools/pkg v0.0.0-20180910213200-1c141f661797/go.mod h1:XTcrCYlXPxnxL2UpnwuRn7tcaTn9HAhxFoFJucootk8= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= +github.com/gliderlabs/ssh v0.1.3 h1:cBU46h1lYQk5f2Z+jZbewFKy+1zzE2aUX/ilcPDAm9M= +github.com/gliderlabs/ssh v0.1.3/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-redis/redis v6.15.2+incompatible h1:9SpNVG76gr6InJGxoZ6IuuxaCOQwDAhzyXg+Bs+0Sb4= +github.com/go-redis/redis v6.15.2+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA= +github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA= +github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= +github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.2.1 h1:/s5zKNz0uPFCZ5hddgPdo2TK2TVrUNMn0OOX8/aZMTE= +github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0 h1:28o5sBqPkBsMGnC6b4MvE2TzSr5/AT4c/1fLqVGIwlk= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1 h1:YF8+flBXS5eO826T4nzqPrxfhQThhXl0YzfuUPu4SBg= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0 h1:+dTQ8DZQJz0Mb/HjFlkptS1FeQ4cWSnN941F8aEG4SQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/subcommands v1.0.1 h1:/eqq+otEXm5vhfBrbREPCSVQbvofip6kIz+mX5TUH7k= +github.com/google/subcommands v1.0.1/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= +github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= +github.com/gorilla/mux v1.7.1 h1:Dw4jY2nghMMRsh1ol8dv1axHkDwMQK2DHerMNJsIpJU= +github.com/gorilla/mux v1.7.1/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= +github.com/gorilla/websocket v1.4.0 h1:WDFjx/TMzVgy9VdMMQi2K2Emtwi2QcUQsztZ/zLaH/Q= +github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/gosuri/uitable v0.0.1 h1:M9sMNgSZPyAu1FJZJLpJ16ofL8q5ko2EDUkICsynvlY= +github.com/gosuri/uitable v0.0.1/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= +github.com/grokify/html-strip-tags-go v0.0.0-20190424092004-025bd760b278 h1:DZo48DQFIDo/YWjUeFip1dfJztBhRuaxfUnPd+gAfcs= +github.com/grokify/html-strip-tags-go v0.0.0-20190424092004-025bd760b278/go.mod h1:Xk7G0nwBiIloTMbLddk4WWJOqi4i/JLhadLd0HUXO30= +github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= +github.com/grpc-ecosystem/grpc-gateway v1.8.5 h1:2+KSC78XiO6Qy0hIjfc1OD9H+hsaJdJlb8Kqsd41CTE= +github.com/grpc-ecosystem/grpc-gateway v1.8.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/hashicorp/go-version v1.2.0 h1:3vNe/fWF5CBgRIguda1meWhsZHy3m8gCJ5wx+dIzX/E= +github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c h1:nQcv325vxv2fFHJsOt53eSRf1eINt6vOdYUFfXs4rgk= +github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c/go.mod h1:fHzc09UnyJyqyW+bFuq864eh+wC7dj65aXmXLRe5to0= +github.com/howeyc/gopass v0.0.0-20170109162249-bf9dde6d0d2c h1:kQWxfPIHVLbgLzphqk3QUflDy9QdksZR4ygR807bpy0= +github.com/howeyc/gopass v0.0.0-20170109162249-bf9dde6d0d2c/go.mod h1:lADxMC39cJJqL93Duh1xhAs4I2Zs8mKS89XWXFGp9cs= +github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/htcat/htcat v1.0.2 h1:zro95dGwkKDeZOgq9ei+9szd5qurGxBGfHY8hRehA7k= +github.com/htcat/htcat v1.0.2/go.mod h1:i8ViQbjSi2+lJzM6Lx20FIxHENCz6mzJglK3HH06W3s= +github.com/inconshreveable/log15 v0.0.0-20180818164646-67afb5ed74ec h1:CGkYB1Q7DSsH/ku+to+foV4agt2F2miquaLUgF6L178= +github.com/inconshreveable/log15 v0.0.0-20180818164646-67afb5ed74ec/go.mod h1:cOaXtrgN4ScfRrD9Bre7U1thNq5RtJ8ZoP4iXVGRj6o= +github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= +github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= +github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/jinzhu/gorm v1.9.5 h1:sc+tBaUPibSnfkb6xezGWjUp45CtSwt4wsYt+LJan6w= +github.com/jinzhu/gorm v1.9.5/go.mod h1:bdqTT3q6dhSph2K3pWxrHP6nqxuAp2yQ3KFtc3U3F84= +github.com/jinzhu/inflection v0.0.0-20180308033659-04140366298a h1:eeaG9XMUvRBYXJi4pg1ZKM7nxc5AfXfojeLLW7O5J3k= +github.com/jinzhu/inflection v0.0.0-20180308033659-04140366298a/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= +github.com/jinzhu/now v1.0.0 h1:6WV8LvwPpDhKjo5U9O6b4+xdG/jTXNPwlDme/MTo8Ns= +github.com/jinzhu/now v1.0.0/go.mod h1:oHTiXerJ20+SfYcrdlBO7rzZRJWGwSTQ0iUY2jI6Gfc= +github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM= +github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jroimartin/gocui v0.4.0 h1:52jnalstgmc25FmtGcWqa0tcbMEWS6RpFLsOIO+I+E8= +github.com/jroimartin/gocui v0.4.0/go.mod h1:7i7bbj99OgFHzo7kB2zPb8pXLqMBSQegY7azfqXMkyY= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= +github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88 h1:uC1QfSlInpQF+M0ao65imhwqKnz3Q2z/d8PWZRMQvDM= +github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= +github.com/k0kubun/pp v3.0.1+incompatible h1:3tqvf7QgUnZ5tXO6pNAZlrvHgl6DvifjDrd9g2S9Z40= +github.com/k0kubun/pp v3.0.1+incompatible/go.mod h1:GWse8YhT0p8pT4ir3ZgBbfZild3tgzSScAn6HmfYukg= +github.com/kevinburke/ssh_config v0.0.0-20180830205328-81db2a75821e h1:RgQk53JHp/Cjunrr1WlsXSZpqXn+uREuHvUVcK82CV8= +github.com/kevinburke/ssh_config v0.0.0-20180830205328-81db2a75821e/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/knqyf263/berkeleydb v0.0.0-20190501065933-fafe01fb9662 h1:UGS0RbPHwXJkq8tcba8OD0nvVUWLf2h7uUJznuHPPB0= +github.com/knqyf263/berkeleydb v0.0.0-20190501065933-fafe01fb9662/go.mod h1:bu1CcN4tUtoRcI/B/RFHhxMNKFHVq/c3SV+UTyduoXg= +github.com/knqyf263/fanal v0.0.0-20190521154631-a2dde7e171c6/go.mod h1:guPOH3Sfj5M4j/LvCOoWmuYCXnjReDIwJO+S89Fje1E= +github.com/knqyf263/fanal v0.0.0-20190528042547-07e27879b658 h1:m0FCzKmngHBMqrbBpxadWR8Py3/jWYnWiWxmOW7ovVU= +github.com/knqyf263/fanal v0.0.0-20190528042547-07e27879b658/go.mod h1:guPOH3Sfj5M4j/LvCOoWmuYCXnjReDIwJO+S89Fje1E= +github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2 h1:9CYbtr3i56D/rD6u6jJ/Aocsic9G+MupyVu7gb+QHF4= +github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2/go.mod h1:XM58Cg7dN+g0J9UPVmKjiXWlGi55lx+9IMs0IMoFWQo= +github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d h1:X4cedH4Kn3JPupAwwWuo4AzYp16P0OyLO9d7OnMZc/c= +github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d/go.mod h1:o8sgWoz3JADecfc/cTYD92/Et1yMqMy0utV1z+VaZao= +github.com/knqyf263/go-dep-parser v0.0.0-20190521150559-1ef8521d17a0 h1:DOQ2UbTciy48dV9vpZ25BOiShrWIWZwBdMOy7SD1Wow= +github.com/knqyf263/go-dep-parser v0.0.0-20190521150559-1ef8521d17a0/go.mod h1:gSiqSkOFPstUZu/qZ4wnNJS69PtQQnPl397vxKHJ5mQ= +github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936 h1:HDjRqotkViMNcGMGicb7cgxklx8OwnjtCBmyWEqrRvM= +github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936/go.mod h1:i4sF0l1fFnY1aiw08QQSwVAFxHEm311Me3WsU/X7nL0= +github.com/knqyf263/go-rpmdb v0.0.0-20190501070121-10a1c42a10dc h1:pumO9pqmRAjvic6oove22RGh9wDZQnj96XQjJSbSEPs= +github.com/knqyf263/go-rpmdb v0.0.0-20190501070121-10a1c42a10dc/go.mod h1:MrSSvdMpTSymaQWk1yFr9sxFSyQmKMj6jkbvGrchBV8= +github.com/knqyf263/go-version v1.1.1 h1:+MpcBC9b7rk5ihag8Y/FLG8get1H2GjniwKQ+9DxI2o= +github.com/knqyf263/go-version v1.1.1/go.mod h1:0tBvHvOBSf5TqGNcY+/ih9o8qo3R16iZCpB9rP0D3VM= +github.com/knqyf263/gost v0.0.0-20190326022014-39175c0da9e3 h1:TPlz2V0Hpgg3Ecw5hozTSBUDZF286CQ21P4QFSYPJvo= +github.com/knqyf263/gost v0.0.0-20190326022014-39175c0da9e3/go.mod h1:tktdrQ3uwKVTxlSF9kAgxjW2xkuaY8IrIHmjVQoslOc= +github.com/knqyf263/nested v0.0.1 h1:Sv26CegUMhjt19zqbBKntjwESdxe5hxVPSk0+AKjdUc= +github.com/knqyf263/nested v0.0.1/go.mod h1:zwhsIhMkBg90DTOJQvxPkKIypEHPYkgWHs4gybdlUmk= +github.com/knqyf263/trivy v0.1.1 h1:K7k9TsKTdN0rdSsL9103G71WC9NWCZQF6QhfsByOnHg= +github.com/knqyf263/trivy v0.1.1/go.mod h1:AjYD8rbiW7vw2KOv9urd0BqCVfyNNjRNBfVfevikqj8= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s= +github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kotakanbe/go-cve-dictionary v0.0.0-20190327053454-5fe52611f0b8 h1:0zo7jVQn8KjV0xT5AOHHNIzABmYBDJ2WWKVeqyOdTKc= +github.com/kotakanbe/go-cve-dictionary v0.0.0-20190327053454-5fe52611f0b8/go.mod h1:CNVaCVSeqjxCFQm93uCWPT8mR+a0514XHiiBJx9yrkQ= +github.com/kotakanbe/go-pingscanner v0.1.0 h1:VG4/9l0i8WeToXclj7bIGoAZAu7a07Z3qmQiIfU0gT0= +github.com/kotakanbe/go-pingscanner v0.1.0/go.mod h1:/761QZzuZFcfN8h/1QuawUA+pKukp3qcNj5mxJCOiAk= +github.com/kotakanbe/goval-dictionary v0.1.2 h1:XnninBr9KJcP3557PcR8qkUq9zlQbCukVIkU7AHWxd4= +github.com/kotakanbe/goval-dictionary v0.1.2/go.mod h1:lzsw634rJIxLteds6RAACIKZCoXKT06o/xHsTWf6v5o= +github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96 h1:xNVK0mQJdQjw+QYeaMM4G6fvucWr8rTGGIhlPakx1wU= +github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96/go.mod h1:ljq48H1V+0Vh0u7ucA3LjR4AfkAeCpxrf7LaaCk8Vmo= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= +github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= +github.com/labstack/gommon v0.2.8 h1:JvRqmeZcfrHC5u6uVleB4NxxNbzx6gpbJiQknDbKQu0= +github.com/labstack/gommon v0.2.8/go.mod h1:/tj9csK2iPSBvn+3NLM9e52usepMtrd5ilFYA+wQNJ4= +github.com/lib/pq v1.1.0 h1:/5u4a+KGJptBRqGzPvYQL9p0d/tPR4S31+Tnzj9lEO4= +github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lusis/go-slackbot v0.0.0-20180109053408-401027ccfef5 h1:AsEBgzv3DhuYHI/GiQh2HxvTP71HCCE9E/tzGUzGdtU= +github.com/lusis/go-slackbot v0.0.0-20180109053408-401027ccfef5/go.mod h1:c2mYKRyMb1BPkO5St0c/ps62L4S0W2NAkaTXj9qEI+0= +github.com/lusis/slack-test v0.0.0-20190426140909-c40012f20018 h1:MNApn+Z+fIT4NPZopPfCc1obT6aY3SVM6DOctz1A9ZU= +github.com/lusis/slack-test v0.0.0-20190426140909-c40012f20018/go.mod h1:sFlOUpQL1YcjhFVXhg1CG8ZASEs/Mf1oVb6H75JL/zg= +github.com/magiconair/properties v1.8.0 h1:LLgXmsheXeRoUOBOjtwPQCWIYqM/LU1ayDtDePerRcY= +github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/mattn/go-colorable v0.1.0 h1:v2XXALHHh6zHfYTJ+cSkwtyffnaOyR1MXaA91mTrb8o= +github.com/mattn/go-colorable v0.1.0/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-colorable v0.1.1 h1:G1f5SKeVxmagw/IyvzvtZE4Gybcc4Tr1tf7I8z0XgOg= +github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= +github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.6 h1:SrwhHcpV4nWrMGdNcC2kXpMfcBVYGDuTArqyhocJgvA= +github.com/mattn/go-isatty v0.0.6/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.7 h1:UvyT9uN+3r7yLEYSlJsbQGdsaB/a0DlgWP3pql6iwOc= +github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-runewidth v0.0.4 h1:2BvfKmzob6Bmd4YsL0zygOqfdFnK7GR4QL06Do4/p7Y= +github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/mattn/go-sqlite3 v1.10.0 h1:jbhqpg7tQe4SupckyijYiy0mJJ/pRyHvXf7JdWK860o= +github.com/mattn/go-sqlite3 v1.10.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= +github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1fWh90gTKwiN4QCGoY9TWyyO4= +github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE= +github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/moul/http2curl v1.0.0 h1:dRMWoAtb+ePxMlLkrCbAqh4TlPHXvoGUSQ323/9Zahs= +github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ= +github.com/mozqnet/go-exploitdb v0.0.0-20190426034301-a055cc2c195d h1:ujS/a5AnCh6CNKIBfvrisDw2edwFa0TmHQHEQ6g5COg= +github.com/mozqnet/go-exploitdb v0.0.0-20190426034301-a055cc2c195d/go.mod h1:tqVnRPFR/8bkvCzGsGjwq+vb5dS6jwFFa+sEAbWPbDI= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/nlopes/slack v0.4.0 h1:OVnHm7lv5gGT5gkcHsZAyw++oHVFihbjWbL3UceUpiA= +github.com/nlopes/slack v0.4.0/go.mod h1:jVI4BBK3lSktibKahxBF74txcK2vyvkza1z/+rRnVAM= +github.com/nsf/termbox-go v0.0.0-20190325093121-288510b9734e h1:Vbib8wJAaMEF9jusI/kMSYMr/LtRzM7+F9MJgt/nH8k= +github.com/nsf/termbox-go v0.0.0-20190325093121-288510b9734e/go.mod h1:IuKpRQcYE1Tfu+oAQqaLisqDeXgjyyltCfsaoYN18NQ= +github.com/olekukonko/tablewriter v0.0.1 h1:b3iUnf1v+ppJiOfNX4yxxqfWKMQPZR5yoh8urCTFX88= +github.com/olekukonko/tablewriter v0.0.1/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.7.0 h1:WSHQ+IS43OoUrWtD1/bbclrwK8TTH5hzp+umCiuxHgs= +github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/gomega v1.4.2/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/onsi/gomega v1.4.3 h1:RE1xgDvH7imwFD45h+u2SgIfERHlS2yNG4DObb5BSKU= +github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= +github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ= +github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= +github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI= +github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/runc v0.1.1 h1:GlxAyO6x8rfZYN9Tt0Kti5a/cP41iuiO2yYT0IJGY8Y= +github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= +github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw= +github.com/parnurzeal/gorequest v0.2.15 h1:oPjDCsF5IkD4gUk6vIgsxYNaSgvAnIh1EJeROn3HdJU= +github.com/parnurzeal/gorequest v0.2.15/go.mod h1:3Kh2QUMJoqw3icWAecsyzkpY7UzRfDhbRdTjtNwNiUE= +github.com/pelletier/go-buffruneio v0.2.0 h1:U4t4R6YkofJ5xHm3dJzuRpPZ0mr5MMCoAWooScCR7aA= +github.com/pelletier/go-buffruneio v0.2.0/go.mod h1:JkE26KsDizTr40EUHkXVtNPvgGtbSNq5BcowyYOWdKo= +github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pelletier/go-toml v1.4.0 h1:u3Z1r+oOXJIkxqw34zVhyPgjBsm6X2wn21NWs/HfSeg= +github.com/pelletier/go-toml v1.4.0/go.mod h1:PN7xzY2wHTK0K9p34ErDQMlFxa51Fk0OUruD3k1mMwo= +github.com/peterhellberg/link v1.0.0 h1:mUWkiegowUXEcmlb+ybF75Q/8D2Y0BjZtR8cxoKhaQo= +github.com/peterhellberg/link v1.0.0/go.mod h1:gtSlOT4jmkY8P47hbTc8PTgiDDWpdPbFYl75keYyBB8= +github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v0.0.0-20180924113449-f69c853d21c1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829 h1:D+CiwcpGTW6pL6bv6KI3KbyEyCKyS+1JWS2h8PNDnGA= +github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90 h1:S/YWwWx/RA8rT8tKFRuGUZhuA90OyIBpPCXkcbwU8DE= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/common v0.3.0 h1:taZ4h8Tkxv2kNyoSctBvfXEHmBmxrwmIidZTIaHons4= +github.com/prometheus/common v0.3.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/procfs v0.0.0-20180920065004-418d78d0b9a7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20190503130316-740c07785007 h1:gT4PpkbWSQM4J8fup/aXeQhY5jLDyHuPq8y2dHspqFw= +github.com/prometheus/procfs v0.0.0-20190503130316-740c07785007/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= +github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5 h1:mZHayPoR0lNmnHyvtYjDeq0zlVHn9K/ZXoy17ylucdo= +github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5/go.mod h1:GEXHk5HgEKCvEIIrSpFI3ozzG5xOKA2DVlEX/gGnewM= +github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= +github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww= +github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= +github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= +github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= +github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= +github.com/sirupsen/logrus v1.2.0 h1:juTguoYk5qI21pwyTXY3B3Y5cOTH3ZUyZCg1v/mihuo= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= +github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= +github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a h1:pa8hGb/2YqsZKovtsgrwcDH1RZhVbTKCjLp47XpqCDs= +github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= +github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= +github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= +github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= +github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= +github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= +github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/viper v1.3.2 h1:VUFqw5KcqRf7i70GOzW7N+Q7+gxVBkSSqiXB12+JQ4M= +github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= +github.com/src-d/gcfg v1.4.0 h1:xXbNR5AlLSA315x2UO+fTSSAXCDf+Ar38/6oyGbDKQ4= +github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/tomoyamachi/reg v0.16.2-0.20190418055600-c6010b917a55 h1:O7Xl4zpk6zjYnwxUd7lubrx7xdzQ+PqfTgaxLE9nF+o= +github.com/tomoyamachi/reg v0.16.2-0.20190418055600-c6010b917a55/go.mod h1:12Fe9EIvK3dG/qWhNk5e9O96I8SGmCKLsJ8GsXUbk+Y= +github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= +github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= +github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= +github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= +github.com/valyala/fasttemplate v1.0.1 h1:tY9CJiPnMXf1ERmG2EyK7gNUd+c6RKGD0IfU8WdUSz8= +github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= +github.com/xanzy/ssh-agent v0.2.0/go.mod h1:0NyE30eGUDliuLEHJgYte/zncp2zdTStcOnWhgSqHD8= +github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70= +github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= +github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= +github.com/ymomoi/goval-parser v0.0.0-20170813122243-0a0be1dd9d08 h1:OsHsjWw5m3P0r+RJITvigJu9dn6L8812S54x42jxeII= +github.com/ymomoi/goval-parser v0.0.0-20170813122243-0a0be1dd9d08/go.mod h1:ox1Nt/rGgWuhVrNg+jKYonAs4BiQG1tRJwj4ue91iy4= +go.etcd.io/bbolt v1.3.2 h1:Z/90sZLPOeCy2PwprqkFa25PdkusRzaj9P8zm/KNyvk= +go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= +go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= +go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= +go.opencensus.io v0.21.0 h1:mU6zScU4U1YAFPHEHYk+3JC4SY7JxgkqS10ZOSyksNg= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.uber.org/atomic v1.3.2 h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4= +go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/zap v1.9.1 h1:XCJQEf3W6eZaVwhRBof6ImoYGJSITeKWsyeh3HFu/5o= +go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20180910181607-0e37d006457b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190404164418-38d8ce5564a5/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= +golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734 h1:p/H982KKEjUnLJkM3tt/LemDnOc1GiZL5FCVlORJ5zo= +golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180925072008-f04abc6bdfa7/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190502183928-7f726cade0ab h1:9RfW3ktsOZxgo9YNbBAjq1FWzc/igwEcUzZz8IXgSbk= +golang.org/x/net v0.0.0-20190502183928-7f726cade0ab/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a h1:tImsplftrFpALCYumobsd0K86vlAs/eXGFms2txfJfA= +golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180903190138-2b024373dcd9/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180925112736-b09afc3d579e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190405154228-4b34438f7a67/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82 h1:vsphBvatvfbhlb4PO1BYSr9dzugGxJ/SQHoNufZJq1w= +golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c h1:fqgJT0MGcGpPgpWU7VRdRjuArfcOvC4AoJmILihzhDg= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373 h1:PPwnA7z1Pjf7XYaBP9GL1VAMZmcIWyFz7QCMSIIa3Bg= +golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= +google.golang.org/api v0.4.0 h1:KKgc1aqhV8wDPbDzlDtpvyjZFY3vjz85FP7p4wcQUyI= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0 h1:KxkO13IPW4Lslp2bz+KHP2E3gtFlrIGNThxkZQ3g+4c= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20180924164928-221a8d4f7494/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190404172233-64821d5d2107/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873 h1:nfPFGzJkUDX6uBmpN/pSw7MbOAWegH5QDQuoXFHedLg= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/grpc v1.15.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= +google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.19.1/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1 h1:Hz2g2wirWK7H0qIIhGIqRGTuMwTE8HEKFnDZZ7lm9NU= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +gopkg.in/VividCortex/ewma.v1 v1.1.1 h1:tWHEKkKq802K/JT9RiqGCBU5fW3raAPnJGTE9ostZvg= +gopkg.in/VividCortex/ewma.v1 v1.1.1/go.mod h1:TekXuFipeiHWiAlO1+wSS23vTcyFau5u3rxXUSXj710= +gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/cheggaaa/pb.v1 v1.0.28 h1:n1tBJnnK2r7g9OW2btFH91V92STTUevLXYFb8gy9EMk= +gopkg.in/cheggaaa/pb.v1 v1.0.28/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= +gopkg.in/cheggaaa/pb.v2 v2.0.6 h1:L2KAo2l2ZQTzxmh8b9RdQpzgLpK2mX3paGCMJSUugBk= +gopkg.in/cheggaaa/pb.v2 v2.0.6/go.mod h1:0CiZ1p8pvtxBlQpLXkHuUTpdJ1shm3OqCF1QugkjHL4= +gopkg.in/fatih/color.v1 v1.7.0 h1:bYGjb+HezBM6j/QmgBfgm1adxHpzzrss6bj4r9ROppk= +gopkg.in/fatih/color.v1 v1.7.0/go.mod h1:P7yosIhqIl/sX8J8UypY5M+dDpD2KmyfP5IRs5v/fo0= +gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= +gopkg.in/mattn/go-runewidth.v0 v0.0.4 h1:r0P71TnzQDlNIcizCqvPSSANoFa3WVGtcNJf3TWurcY= +gopkg.in/mattn/go-runewidth.v0 v0.0.4/go.mod h1:BmXejnxvhwdaATwiJbB1vZ2dtXkQKZGu9yLFCZb4msQ= +gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= +gopkg.in/src-d/go-billy.v4 v4.2.1/go.mod h1:tm33zBoOwxjYHZIE+OV8bxTWFMJLrconzFMd38aARFk= +gopkg.in/src-d/go-billy.v4 v4.3.0 h1:KtlZ4c1OWbIs4jCv5ZXrTqG8EQocr0g/d4DjNg70aek= +gopkg.in/src-d/go-billy.v4 v4.3.0/go.mod h1:tm33zBoOwxjYHZIE+OV8bxTWFMJLrconzFMd38aARFk= +gopkg.in/src-d/go-git-fixtures.v3 v3.1.1/go.mod h1:dLBcvytrw/TYZsNTWCnkNF2DSIlzWYqTe3rJR56Ac7g= +gopkg.in/src-d/go-git-fixtures.v3 v3.4.0 h1:KFpaNTUcLHLoP/OkdcRXR+MA5p55MhA41YVb7Wd8EfM= +gopkg.in/src-d/go-git-fixtures.v3 v3.4.0/go.mod h1:dLBcvytrw/TYZsNTWCnkNF2DSIlzWYqTe3rJR56Ac7g= +gopkg.in/src-d/go-git.v4 v4.10.0 h1:NWjTJTQnk8UpIGlssuefyDZ6JruEjo5s88vm88uASbw= +gopkg.in/src-d/go-git.v4 v4.10.0/go.mod h1:Vtut8izDyrM8BUVQnzJ+YvmNcem2J89EmfZYCkLokZk= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= +gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= +gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gotest.tools v2.1.0+incompatible h1:5USw7CrJBYKqjg9R7QlA6jzqZKEAtvW82aNmsxxGPxw= +gotest.tools v2.1.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= +honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/libmanager/libManager.go b/libmanager/libManager.go new file mode 100644 index 0000000000..7e6406722d --- /dev/null +++ b/libmanager/libManager.go @@ -0,0 +1,33 @@ +package libmanager + +import ( + "github.com/knqyf263/trivy/pkg/db" + "github.com/knqyf263/trivy/pkg/log" + + "github.com/future-architect/vuls/models" +) + +// FillLibrary fills LibraryScanner informations +func FillLibrary(r *models.ScanResult) (totalCnt int, err error) { + // initialize trivy's logger and db + err = log.InitLogger(false) + if err != nil { + return 0, err + } + if err := db.Init(); err != nil { + return 0, err + } + for _, lib := range r.LibraryScanners { + vinfos, err := lib.Scan() + if err != nil { + return 0, err + } + for _, vinfo := range vinfos { + r.ScannedCves[vinfo.CveID] = vinfo + } + totalCnt += len(vinfos) + } + db.Close() + + return totalCnt, nil +} diff --git a/models/cvecontents.go b/models/cvecontents.go index 311bc17dd2..ff73504d55 100644 --- a/models/cvecontents.go +++ b/models/cvecontents.go @@ -19,6 +19,8 @@ package models import ( "time" + + "github.com/knqyf263/trivy/pkg/vulnsrc/vulnerability" ) // CveContents has CveContent @@ -226,7 +228,7 @@ func NewCveContentType(name string) CveContentType { return Oracle case "ubuntu": return Ubuntu - case "debian": + case "debian", vulnerability.DebianOVAL: return Debian case "redhat_api": return RedHatAPI @@ -238,6 +240,16 @@ func NewCveContentType(name string) CveContentType { return WPVulnDB case "amazon": return Amazon + case vulnerability.NodejsSecurityWg: + return NodeSec + case vulnerability.PythonSafetyDB: + return PythonSec + case vulnerability.RustSec: + return RustSec + case vulnerability.PhpSecurityAdvisories: + return PhpSec + case vulnerability.RubySec: + return RubySec default: return Unknown } @@ -283,6 +295,21 @@ const ( // WPVulnDB is WordPress WPVulnDB CveContentType = "wpvulndb" + // NodeSec : for JS + NodeSec CveContentType = "node" + + // PythonSec : for PHP + PythonSec CveContentType = "python" + + // PhpSec : for PHP + PhpSec CveContentType = "php" + + // RubySec : for Ruby + RubySec CveContentType = "ruby" + + // RustSec : for Rust + RustSec CveContentType = "rust" + // Unknown is Unknown Unknown CveContentType = "unknown" ) @@ -303,6 +330,11 @@ var AllCveContetTypes = CveContentTypes{ SUSE, DebianSecurityTracker, WPVulnDB, + NodeSec, + PythonSec, + PhpSec, + RubySec, + RustSec, } // Except returns CveContentTypes except for given args diff --git a/models/library.go b/models/library.go new file mode 100644 index 0000000000..66895202a9 --- /dev/null +++ b/models/library.go @@ -0,0 +1,141 @@ +package models + +import ( + "path/filepath" + + "github.com/future-architect/vuls/util" + "github.com/knqyf263/trivy/pkg/scanner/library" + "github.com/knqyf263/trivy/pkg/vulnsrc/vulnerability" + "golang.org/x/xerrors" + + "github.com/knqyf263/go-dep-parser/pkg/types" + "github.com/knqyf263/go-version" +) + +// LibraryScanner has libraries information +type LibraryScanner struct { + Path string + Libs []types.Library +} + +// Scan : scan target library +func (s LibraryScanner) Scan() ([]VulnInfo, error) { + scanner := library.NewScanner(filepath.Base(string(s.Path))) + if scanner == nil { + return nil, xerrors.New("unknown file type") + } + + util.Log.Info("Updating library db...") + err := scanner.UpdateDB() + if err != nil { + return nil, xerrors.Errorf("failed to update %s advisories: %w", scanner.Type(), err) + } + + var vulnerabilities []VulnInfo + for _, pkg := range s.Libs { + v, err := version.NewVersion(pkg.Version) + if err != nil { + util.Log.Debugf("new version cant detected %s@%s", pkg.Name, pkg.Version) + continue + } + + tvulns, err := scanner.Detect(pkg.Name, v) + if err != nil { + return nil, xerrors.Errorf("failed to detect %s vulnerabilities: %w", scanner.Type(), err) + } + + vulns := s.convertFanalToVuln(tvulns) + vulnerabilities = append(vulnerabilities, vulns...) + } + + return vulnerabilities, nil +} + +func (s LibraryScanner) convertFanalToVuln(tvulns []vulnerability.DetectedVulnerability) (vulns []VulnInfo) { + for _, tvuln := range tvulns { + vinfo, _ := s.getVulnDetail(tvuln) + vulns = append(vulns, vinfo) + } + return vulns +} + +func (s LibraryScanner) getVulnDetail(tvuln vulnerability.DetectedVulnerability) (vinfo VulnInfo, err error) { + details, err := vulnerability.Get(tvuln.VulnerabilityID) + if err != nil { + return vinfo, err + } else if len(details) == 0 { + return vinfo, xerrors.Errorf("Unknown vulnID : %s", tvuln.VulnerabilityID) + } + vinfo.CveID = tvuln.VulnerabilityID + vinfo.CveContents = getCveContents(details) + if tvuln.FixedVersion != "" { + + vinfo.LibraryFixedIns = []LibraryFixedIn{ + { + Key: s.GetLibraryKey(), + Name: tvuln.PkgName, + FixedIn: tvuln.FixedVersion, + }, + } + } + return vinfo, nil +} + +func getCveContents(details map[string]vulnerability.Vulnerability) (contents map[CveContentType]CveContent) { + contents = map[CveContentType]CveContent{} + for source, detail := range details { + refs := []Reference{} + for _, refURL := range detail.References { + refs = append(refs, Reference{Source: refURL, Link: refURL}) + } + + content := CveContent{ + Type: NewCveContentType(source), + CveID: detail.ID, + Title: detail.Title, + Summary: detail.Description, + Cvss3Score: detail.CvssScoreV3, + Cvss3Severity: string(detail.SeverityV3), + Cvss2Score: detail.CvssScore, + Cvss2Severity: string(detail.Severity), + References: refs, + + //SourceLink string `json:"sourceLink"` + //Cvss2Vector string `json:"cvss2Vector"` + //Cvss3Vector string `json:"cvss3Vector"` + //Cvss3Severity string `json:"cvss3Severity"` + //Cpes []Cpe `json:"cpes,omitempty"` + //CweIDs []string `json:"cweIDs,omitempty"` + //Published time.Time `json:"published"` + //LastModified time.Time `json:"lastModified"` + //Mitigation string `json:"mitigation"` // RedHat API + //Optional map[string]string `json:"optional,omitempty"` + } + contents[NewCveContentType(source)] = content + } + return contents +} + +// LibraryMap is filename and library type +var LibraryMap = map[string]string{ + "package-lock.json": "node", + "yarn.lock": "node", + "Gemfile.lock": "ruby", + "Cargo.lock": "rust", + "composer.json": "php", + "Pipfile.lock": "python", + "poetry.lock": "python", +} + +// GetLibraryKey returns target library key +func (s LibraryScanner) GetLibraryKey() string { + fileName := filepath.Base(s.Path) + return LibraryMap[fileName] +} + +// LibraryFixedIn has library fixed information +type LibraryFixedIn struct { + Key string `json:"key,omitempty"` + Name string `json:"name,omitempty"` + FixedIn string `json:"fixedIn,omitempty"` +} diff --git a/models/library_test.go b/models/library_test.go new file mode 100644 index 0000000000..513e510a5a --- /dev/null +++ b/models/library_test.go @@ -0,0 +1,52 @@ +package models + +import ( + "testing" + + godeptypes "github.com/knqyf263/go-dep-parser/pkg/types" + "github.com/knqyf263/trivy/pkg/db" + "github.com/knqyf263/trivy/pkg/log" +) + +func TestScan(t *testing.T) { + var tests = []struct { + path string + pkgs []godeptypes.Library + }{ + { + path: "app/package-lock.json", + pkgs: []godeptypes.Library{ + { + Name: "jquery", + Version: "2.2.4", + }, + { + Name: "@babel/traverse", + Version: "7.4.4", + }, + }, + }, + } + + if err := log.InitLogger(false); err != nil { + t.Errorf("trivy logger failed") + } + + if err := db.Init(); err != nil { + t.Errorf("trivy db.Init failed") + } + for _, v := range tests { + lib := LibraryScanner{ + Path: v.path, + Libs: v.pkgs, + } + actual, err := lib.Scan() + if err != nil { + t.Errorf("error occurred") + } + if len(actual) == 0 { + t.Errorf("no vuln found : actual: %v\n", actual) + } + } + db.Close() +} diff --git a/models/scanresults.go b/models/scanresults.go index 119876be83..ea08e86d6b 100644 --- a/models/scanresults.go +++ b/models/scanresults.go @@ -43,6 +43,7 @@ type ScanResult struct { Family string `json:"family"` Release string `json:"release"` Container Container `json:"container"` + Image Image `json:"image"` Platform Platform `json:"platform"` IPv4Addrs []string `json:"ipv4Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast) IPv6Addrs []string `json:"ipv6Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast) @@ -65,6 +66,7 @@ type ScanResult struct { Packages Packages `json:"packages"` SrcPackages SrcPackages `json:",omitempty"` WordPressPackages *WordPressPackages `json:",omitempty"` + LibraryScanners []LibraryScanner `json:"libScanners"` CweDict CweDict `json:"cweDict,omitempty"` Optional map[string]interface{} `json:",omitempty"` Config struct { @@ -439,6 +441,11 @@ func (r ScanResult) IsContainer() bool { return 0 < len(r.Container.ContainerID) } +// IsImage returns whether this ServerInfo is about container +func (r ScanResult) IsImage() bool { + return 0 < len(r.Image.Name) +} + // IsDeepScanMode checks if the scan mode is deep scan mode. func (r ScanResult) IsDeepScanMode() bool { for _, s := range r.Config.Scan.Servers { @@ -460,6 +467,12 @@ type Container struct { UUID string `json:"uuid"` } +// Image has Container information +type Image struct { + Name string `json:"name"` + Tag string `json:"tag"` +} + // Platform has platform information type Platform struct { Name string `json:"name"` // aws or azure or gcp or other... diff --git a/models/vulninfos.go b/models/vulninfos.go index 09c48d0372..b969cd3220 100644 --- a/models/vulninfos.go +++ b/models/vulninfos.go @@ -172,6 +172,7 @@ type VulnInfo struct { CpeURIs []string `json:"cpeURIs,omitempty"` // CpeURIs related to this CVE defined in config.toml GitHubSecurityAlerts GitHubSecurityAlerts `json:"gitHubSecurityAlerts,omitempty"` WpPackageFixStats WpPackageFixStats `json:"wpPackageFixStats,omitempty"` + LibraryFixedIns LibraryFixedIns `json:"libraryFixedIns,omitempty"` VulnType string `json:"vulnType,omitempty"` } @@ -207,6 +208,9 @@ type GitHubSecurityAlert struct { DismissReason string `json:"dismissReason"` } +// LibraryFixedIns is a list of Library's FixedIn +type LibraryFixedIns []LibraryFixedIn + // WpPackageFixStats is a list of WpPackageFixStatus type WpPackageFixStats []WpPackageFixStatus diff --git a/report/report.go b/report/report.go index 2f10545afd..0033e60c37 100644 --- a/report/report.go +++ b/report/report.go @@ -28,6 +28,8 @@ import ( "strings" "time" + "github.com/future-architect/vuls/libmanager" + "github.com/BurntSushi/toml" "github.com/future-architect/vuls/config" c "github.com/future-architect/vuls/config" @@ -64,6 +66,8 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode r.ScannedCves = models.VulnInfos{} } cpeURIs := []string{} + + // runningContainer if len(r.Container.ContainerID) == 0 { cpeURIs = c.Conf.Servers[r.ServerName].CpeNames owaspDCXMLPath := c.Conf.Servers[r.ServerName].OwaspDCXMLPath @@ -161,7 +165,15 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, integrations ...Integration) error { util.Log.Debugf("need to refresh") - nCVEs, err := FillWithOval(dbclient.OvalDB, r) + nCVEs, err := libmanager.FillLibrary(r) + if err != nil { + return xerrors.Errorf("Failed to fill with Library dependency: %w", err) + } + util.Log.Infof("%s: %d CVEs are detected with Library", + r.FormatServerName(), nCVEs) + + nCVEs, err = FillWithOval(dbclient.OvalDB, r) + if err != nil { return xerrors.Errorf("Failed to fill with OVAL: %w", err) } @@ -483,6 +495,20 @@ func fillAlerts(r *models.ScanResult) (enCnt int, jaCnt int) { const reUUID = "[\\da-f]{8}-[\\da-f]{4}-[\\da-f]{4}-[\\da-f]{4}-[\\da-f]{12}" +// Scanning with the -containers-only, -images-only flag at scan time, the UUID of Container Host may not be generated, +// so check it. Otherwise create a UUID of the Container Host and set it. +func getOrCreateServerUUID(r models.ScanResult, server c.ServerInfo) (serverUUID string) { + if id, ok := server.UUIDs[r.ServerName]; !ok { + serverUUID = uuid.GenerateUUID() + } else { + matched, err := regexp.MatchString(reUUID, id) + if !matched || err != nil { + serverUUID = uuid.GenerateUUID() + } + } + return serverUUID +} + // EnsureUUIDs generate a new UUID of the scan target server if UUID is not assigned yet. // And then set the generated UUID to config.toml and scan results. func EnsureUUIDs(configPath string, results models.ScanResults) error { @@ -503,20 +529,13 @@ func EnsureUUIDs(configPath string, results models.ScanResults) error { name := "" if r.IsContainer() { name = fmt.Sprintf("%s@%s", r.Container.Name, r.ServerName) - - // Scanning with the -containers-only flag at scan time, the UUID of Container Host may not be generated, - // so check it. Otherwise create a UUID of the Container Host and set it. - serverUUID := "" - if id, ok := server.UUIDs[r.ServerName]; !ok { - serverUUID = uuid.GenerateUUID() - } else { - matched, err := regexp.MatchString(reUUID, id) - if !matched || err != nil { - serverUUID = uuid.GenerateUUID() - } + if uuid := getOrCreateServerUUID(r, server); uuid != "" { + server.UUIDs[r.ServerName] = uuid } - if serverUUID != "" { - server.UUIDs[r.ServerName] = serverUUID + } else if r.IsImage() { + name = fmt.Sprintf("%s:%s@%s", r.Image.Name, r.Image.Tag, r.ServerName) + if uuid := getOrCreateServerUUID(r, server); uuid != "" { + server.UUIDs[r.ServerName] = uuid } } else { name = r.ServerName diff --git a/report/report_test.go b/report/report_test.go index 80c499fb2a..57323f3c10 100644 --- a/report/report_test.go +++ b/report/report_test.go @@ -1 +1,51 @@ package report + +import ( + "testing" + + "github.com/future-architect/vuls/config" + + "github.com/future-architect/vuls/models" +) + +const defaultUUID = "11111111-1111-1111-1111-111111111111" + +func TestGetOrCreateServerUUID(t *testing.T) { + + cases := map[string]struct { + scanResult models.ScanResult + server config.ServerInfo + isDefault bool + }{ + "baseServer": { + scanResult: models.ScanResult{ + ServerName: "hoge", + }, + server: config.ServerInfo{ + UUIDs: map[string]string{ + "hoge": defaultUUID, + }, + }, + isDefault: false, + }, + "onlyContainers": { + scanResult: models.ScanResult{ + ServerName: "hoge", + }, + server: config.ServerInfo{ + UUIDs: map[string]string{ + "fuga": defaultUUID, + }, + }, + isDefault: false, + }, + } + + for testcase, v := range cases { + uuid := getOrCreateServerUUID(v.scanResult, v.server) + if (uuid == defaultUUID) != v.isDefault { + t.Errorf("%s : expected isDefault %t got %s", testcase, v.isDefault, uuid) + } + } + +} diff --git a/report/tui.go b/report/tui.go index 4cda1ccd71..e21892d146 100644 --- a/report/tui.go +++ b/report/tui.go @@ -750,18 +750,35 @@ func setChangelogLayout(g *gocui.Gui) error { } r := currentScanResult - for _, wp := range vinfo.WpPackageFixStats { - if p, ok := r.WordPressPackages.Find(wp.Name); ok { - if p.Type == models.WPCore { - lines = append(lines, fmt.Sprintf("* %s-%s, FixedIn: %s", - wp.Name, p.Version, wp.FixedIn)) + // check wordpress fixedin + if r.WordPressPackages != nil { + for _, wp := range vinfo.WpPackageFixStats { + if p, ok := r.WordPressPackages.Find(wp.Name); ok { + if p.Type == models.WPCore { + lines = append(lines, fmt.Sprintf("* %s-%s, FixedIn: %s", + wp.Name, p.Version, wp.FixedIn)) + } else { + lines = append(lines, + fmt.Sprintf("* %s-%s, Update: %s, FixedIn: %s, %s", + wp.Name, p.Version, p.Update, wp.FixedIn, p.Status)) + } } else { - lines = append(lines, - fmt.Sprintf("* %s-%s, Update: %s, FixedIn: %s, %s", - wp.Name, p.Version, p.Update, wp.FixedIn, p.Status)) + lines = append(lines, fmt.Sprintf("* %s", wp.Name)) + } + } + } + + // check library fixedin + for _, scanner := range r.LibraryScanners { + key := scanner.GetLibraryKey() + for _, fixedin := range vinfo.LibraryFixedIns { + for _, lib := range scanner.Libs { + if fixedin.Key == key && lib.Name == fixedin.Name { + lines = append(lines, fmt.Sprintf("* %s-%s, FixedIn: %s", + lib.Name, lib.Version, fixedin.FixedIn)) + continue + } } - } else { - lines = append(lines, fmt.Sprintf("* %s", wp.Name)) } } diff --git a/scan/base.go b/scan/base.go index 2b1b8c9722..baca5038b4 100644 --- a/scan/base.go +++ b/scan/base.go @@ -26,10 +26,23 @@ import ( "strings" "time" + "github.com/knqyf263/fanal/analyzer" + + "github.com/knqyf263/fanal/extractor" + "github.com/future-architect/vuls/config" "github.com/future-architect/vuls/models" "github.com/sirupsen/logrus" "golang.org/x/xerrors" + + // Import library scanner + _ "github.com/knqyf263/fanal/analyzer/library/bundler" + _ "github.com/knqyf263/fanal/analyzer/library/cargo" + _ "github.com/knqyf263/fanal/analyzer/library/composer" + _ "github.com/knqyf263/fanal/analyzer/library/npm" + _ "github.com/knqyf263/fanal/analyzer/library/pipenv" + _ "github.com/knqyf263/fanal/analyzer/library/poetry" + _ "github.com/knqyf263/fanal/analyzer/library/yarn" ) type base struct { @@ -37,10 +50,10 @@ type base struct { Distro config.Distro Platform models.Platform osPackages - WordPress *models.WordPressPackages - - log *logrus.Entry - errs []error + LibraryScanners []models.LibraryScanner + WordPress *models.WordPressPackages + log *logrus.Entry + errs []error } func (l *base) exec(cmd string, sudo bool) execResult { @@ -385,6 +398,11 @@ func (l *base) convertToModel() models.ScanResult { Type: ctype, } + image := models.Image{ + Name: l.ServerInfo.Image.Name, + Tag: l.ServerInfo.Image.Tag, + } + errs := []string{} for _, e := range l.errs { errs = append(errs, fmt.Sprintf("%s", e)) @@ -405,6 +423,7 @@ func (l *base) convertToModel() models.ScanResult { Family: l.Distro.Family, Release: l.Distro.Release, Container: container, + Image: image, Platform: l.Platform, IPv4Addrs: l.ServerInfo.IPv4Addrs, IPv6Addrs: l.ServerInfo.IPv6Addrs, @@ -414,6 +433,7 @@ func (l *base) convertToModel() models.ScanResult { Packages: l.Packages, SrcPackages: l.SrcPackages, WordPressPackages: l.WordPress, + LibraryScanners: l.LibraryScanners, Optional: l.ServerInfo.Optional, Errors: errs, } @@ -486,6 +506,65 @@ func (l *base) parseSystemctlStatus(stdout string) string { return ss[1] } +func (l *base) scanLibraries() (err error) { + // image already detected libraries + if len(l.LibraryScanners) != 0 { + return nil + } + + // library scan for servers need lockfiles + if len(l.ServerInfo.Lockfiles) == 0 && !l.ServerInfo.FindLock { + return nil + } + + libFilemap := extractor.FileMap{} + + detectFiles := l.ServerInfo.Lockfiles + + // auto detect lockfile + if l.ServerInfo.FindLock { + findopt := "" + for filename := range models.LibraryMap { + findopt += fmt.Sprintf("-name %q -o ", "*"+filename) + } + + // delete last "-o " + // find / -name "*package-lock.json" -o -name "*yarn.lock" ... 2>&1 | grep -v "Permission denied" + cmd := fmt.Sprintf(`find / ` + findopt[:len(findopt)-3] + ` 2>&1 | grep -v "Permission denied"`) + r := exec(l.ServerInfo, cmd, noSudo) + if !r.isSuccess() { + return xerrors.Errorf("Failed to find lock files") + } + detectFiles = append(detectFiles, strings.Split(r.Stdout, "\n")...) + } + + for _, path := range detectFiles { + if path == "" { + continue + } + // skip already exist + if _, ok := libFilemap[path]; ok { + continue + } + cmd := fmt.Sprintf("cat %s", path) + r := exec(l.ServerInfo, cmd, noSudo) + if !r.isSuccess() { + return xerrors.Errorf("Failed to get target file: %s, filepath: %s", r, path) + } + libFilemap[path] = []byte(r.Stdout) + } + + results, err := analyzer.GetLibraries(libFilemap) + if err != nil { + return xerrors.Errorf("Failed to get libs: %w", err) + } + l.LibraryScanners, err = convertLibWithScanner(results) + if err != nil { + return xerrors.Errorf("Failed to scan libraries: %w", err) + } + return nil +} + func (l *base) scanWordPress() (err error) { wpOpts := []string{l.ServerInfo.WordPress.OSUser, l.ServerInfo.WordPress.DocRoot, diff --git a/scan/container.go b/scan/container.go new file mode 100644 index 0000000000..59462c9476 --- /dev/null +++ b/scan/container.go @@ -0,0 +1,222 @@ +/* Vuls - Vulnerability Scanner +Copyright (C) 2016 Future Corporation , Japan. + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see . +*/ + +package scan + +import ( + "context" + "fmt" + "time" + + "github.com/knqyf263/fanal/analyzer" + "golang.org/x/xerrors" + + "github.com/future-architect/vuls/config" + "github.com/future-architect/vuls/models" + "github.com/future-architect/vuls/util" + fanalos "github.com/knqyf263/fanal/analyzer/os" + godeptypes "github.com/knqyf263/go-dep-parser/pkg/types" + + // Register library analyzers + _ "github.com/knqyf263/fanal/analyzer/library/bundler" + _ "github.com/knqyf263/fanal/analyzer/library/cargo" + _ "github.com/knqyf263/fanal/analyzer/library/composer" + _ "github.com/knqyf263/fanal/analyzer/library/npm" + _ "github.com/knqyf263/fanal/analyzer/library/pipenv" + _ "github.com/knqyf263/fanal/analyzer/library/poetry" + _ "github.com/knqyf263/fanal/analyzer/library/yarn" + + // Register os analyzers + _ "github.com/knqyf263/fanal/analyzer/os/alpine" + _ "github.com/knqyf263/fanal/analyzer/os/amazonlinux" + _ "github.com/knqyf263/fanal/analyzer/os/debianbase" + _ "github.com/knqyf263/fanal/analyzer/os/opensuse" + _ "github.com/knqyf263/fanal/analyzer/os/redhatbase" + + // Register package analyzers + _ "github.com/knqyf263/fanal/analyzer/pkg/apk" + _ "github.com/knqyf263/fanal/analyzer/pkg/dpkg" + _ "github.com/knqyf263/fanal/analyzer/pkg/rpmcmd" +) + +// inherit OsTypeInterface +type image struct { + base +} + +// newDummyOS is constructor +func newDummyOS(c config.ServerInfo) *image { + d := &image{ + base: base{ + osPackages: osPackages{ + Packages: models.Packages{}, + VulnInfos: models.VulnInfos{}, + }, + }, + } + d.log = util.NewCustomLogger(c) + d.setServerInfo(c) + return d +} + +func detectContainerImage(c config.ServerInfo) (itsMe bool, containerImage osTypeInterface, err error) { + if err = config.IsValidImage(c.Image); err != nil { + return false, nil, nil + } + + os, pkgs, libs, err := scanImage(c) + if err != nil { + // use Alpine for setErrs + return false, newDummyOS(c), err + } + switch os.Family { + case fanalos.OpenSUSELeap, fanalos.OpenSUSETumbleweed, fanalos.OpenSUSE: + return false, newDummyOS(c), xerrors.Errorf("Unsupported OS : %s", os.Family) + } + + libScanners, err := convertLibWithScanner(libs) + if err != nil { + return false, newDummyOS(c), err + } + + p := newContainerImage(c, pkgs, libScanners) + p.setDistro(os.Family, os.Name) + return true, p, nil +} + +func convertLibWithScanner(libs map[analyzer.FilePath][]godeptypes.Library) ([]models.LibraryScanner, error) { + scanners := []models.LibraryScanner{} + for path, pkgs := range libs { + scanners = append(scanners, models.LibraryScanner{Path: string(path), Libs: pkgs}) + } + return scanners, nil +} + +// scanImage returns os, packages on image layers +func scanImage(c config.ServerInfo) (os *analyzer.OS, pkgs []analyzer.Package, libs map[analyzer.FilePath][]godeptypes.Library, err error) { + + ctx := context.Background() + domain := c.Image.Name + ":" + c.Image.Tag + util.Log.Info("Start fetch container... ", domain) + + // Configure dockerOption + dockerOption := c.Image.DockerOption + if dockerOption.Timeout == 0 { + dockerOption.Timeout = 60 * time.Second + } + files, err := analyzer.Analyze(ctx, domain, dockerOption) + + if err != nil { + return nil, nil, nil, xerrors.Errorf("Failed scan files %q, %w", domain, err) + } + + containerOs, err := analyzer.GetOS(files) + if err != nil { + return nil, nil, nil, xerrors.Errorf("Failed scan os %q, %w", domain, err) + } + + pkgs, err = analyzer.GetPackages(files) + if err != nil { + return nil, nil, nil, xerrors.Errorf("Failed scan pkgs %q, %w", domain, err) + } + libs, err = analyzer.GetLibraries(files) + if err != nil { + return nil, nil, nil, xerrors.Errorf("Failed scan libs %q, %w", domain, err) + } + return &containerOs, pkgs, libs, nil +} + +func convertFanalToVulsPkg(pkgs []analyzer.Package) (map[string]models.Package, map[string]models.SrcPackage) { + modelPkgs := map[string]models.Package{} + modelSrcPkgs := map[string]models.SrcPackage{} + for _, pkg := range pkgs { + version := pkg.Version + if pkg.Epoch != 0 { + version = fmt.Sprintf("%d:%s", pkg.Epoch, pkg.Version) + } + modelPkgs[pkg.Name] = models.Package{ + Name: pkg.Name, + Release: pkg.Release, + Version: version, + Arch: pkg.Arch, + } + + // add SrcPacks + if pkg.Name != pkg.SrcName { + if pack, ok := modelSrcPkgs[pkg.SrcName]; ok { + pack.AddBinaryName(pkg.Name) + modelSrcPkgs[pkg.SrcName] = pack + } else { + modelSrcPkgs[pkg.SrcName] = models.SrcPackage{ + Name: pkg.SrcName, + Version: pkg.SrcVersion, + BinaryNames: []string{pkg.Name}, + } + } + } + } + return modelPkgs, modelSrcPkgs +} + +func newContainerImage(c config.ServerInfo, pkgs []analyzer.Package, libs []models.LibraryScanner) *image { + modelPkgs, modelSrcPkgs := convertFanalToVulsPkg(pkgs) + d := &image{ + base: base{ + osPackages: osPackages{ + Packages: modelPkgs, + SrcPackages: modelSrcPkgs, + VulnInfos: models.VulnInfos{}, + }, + LibraryScanners: libs, + }, + } + d.log = util.NewCustomLogger(c) + d.setServerInfo(c) + return d +} + +func (o *image) checkScanMode() error { + return nil +} + +func (o *image) checkIfSudoNoPasswd() error { + return nil +} + +func (o *image) checkDeps() error { + return nil +} + +func (o *image) preCure() error { + return nil +} + +func (o *image) postScan() error { + return nil +} + +func (o *image) scanPackages() error { + return nil +} + +func (o *image) parseInstalledPackages(string) (models.Packages, models.SrcPackages, error) { + return nil, nil, nil +} + +func (o *image) detectPlatform() { + o.setPlatform(models.Platform{Name: "image"}) +} diff --git a/scan/serverapi.go b/scan/serverapi.go index d863a97567..fe111fda9b 100644 --- a/scan/serverapi.go +++ b/scan/serverapi.go @@ -63,6 +63,7 @@ type osTypeInterface interface { preCure() error postScan() error scanWordPress() error + scanLibraries() error scanPackages() error convertToModel() models.ScanResult @@ -124,6 +125,18 @@ func detectOS(c config.ServerInfo) (osType osTypeInterface) { return } + itsMe, osType, fatalErr = detectContainerImage(c) + if fatalErr != nil { + osType.setErrs( + []error{xerrors.Errorf("Failed to detect OS: %w", fatalErr)}, + ) + return + } + if itsMe { + util.Log.Debugf("Container") + return + } + itsMe, osType, fatalErr = detectDebianWithRetry(c) if fatalErr != nil { osType.setErrs([]error{ @@ -182,20 +195,56 @@ func PrintSSHableServerNames() bool { return true } +func needScans() (needBaseServer, scanContainer, scanImage bool) { + scanContainer = true + scanImage = true + if !config.Conf.ContainersOnly && !config.Conf.ImagesOnly { + needBaseServer = true + } + + if config.Conf.ImagesOnly && !config.Conf.ContainersOnly { + scanContainer = false + } + + if config.Conf.ContainersOnly && !config.Conf.ImagesOnly { + scanImage = false + } + return needBaseServer, scanContainer, scanImage +} + // InitServers detect the kind of OS distribution of target servers func InitServers(timeoutSec int) error { + needBaseServers, scanContainer, scanImage := needScans() + + // use global servers, errServers when scan containers and images servers, errServers = detectServerOSes(timeoutSec) if len(servers) == 0 { - return xerrors.New("No scannable servers") + return xerrors.New("No scannable base servers") } - actives, inactives := detectContainerOSes(timeoutSec) - if config.Conf.ContainersOnly { - servers = actives - errServers = inactives - } else { + // scan additional servers + var actives, inactives []osTypeInterface + if scanImage { + oks, errs := detectImageOSes(timeoutSec) + actives = append(actives, oks...) + inactives = append(inactives, errs...) + } + if scanContainer { + oks, errs := detectContainerOSes(timeoutSec) + actives = append(actives, oks...) + inactives = append(inactives, errs...) + } + + if needBaseServers { servers = append(servers, actives...) errServers = append(errServers, inactives...) + } else { + servers = actives + errServers = inactives + } + + if len(servers) == 0 { + return xerrors.New("No scannable servers") } return nil } @@ -401,6 +450,81 @@ func detectContainerOSesOnServer(containerHost osTypeInterface) (oses []osTypeIn return oses } +func detectImageOSes(timeoutSec int) (actives, inactives []osTypeInterface) { + util.Log.Info("Detecting OS of static containers... ") + osTypesChan := make(chan []osTypeInterface, len(servers)) + defer close(osTypesChan) + for _, s := range servers { + go func(s osTypeInterface) { + defer func() { + if p := recover(); p != nil { + util.Log.Debugf("Panic: %s on %s", + p, s.getServerInfo().GetServerName()) + } + }() + osTypesChan <- detectImageOSesOnServer(s) + }(s) + } + + timeout := time.After(time.Duration(timeoutSec) * time.Second) + for i := 0; i < len(servers); i++ { + select { + case res := <-osTypesChan: + for _, osi := range res { + sinfo := osi.getServerInfo() + if 0 < len(osi.getErrs()) { + inactives = append(inactives, osi) + util.Log.Errorf("Failed: %s err: %+v", sinfo.ServerName, osi.getErrs()) + continue + } + actives = append(actives, osi) + util.Log.Infof("Detected: %s@%s: %s", + sinfo.Image.Name, sinfo.ServerName, osi.getDistro()) + } + case <-timeout: + msg := "Timed out while detecting static containers" + util.Log.Error(msg) + for servername, sInfo := range config.Conf.Servers { + found := false + for _, o := range append(actives, inactives...) { + if servername == o.getServerInfo().ServerName { + found = true + break + } + } + if !found { + u := &unknown{} + u.setServerInfo(sInfo) + u.setErrs([]error{ + xerrors.New("Timed out"), + }) + inactives = append(inactives) + util.Log.Errorf("Timed out: %s", servername) + } + } + } + } + return +} + +func detectImageOSesOnServer(containerHost osTypeInterface) (oses []osTypeInterface) { + containerHostInfo := containerHost.getServerInfo() + if len(containerHostInfo.Images) == 0 { + return + } + + for idx, containerConf := range containerHostInfo.Images { + copied := containerHostInfo + // change servername for original + copied.ServerName = fmt.Sprintf("%s:%s@%s", idx, containerConf.Tag, containerHostInfo.ServerName) + copied.Image = containerConf + copied.Type = "" + os := detectOS(copied) + oses = append(oses, os) + } + return oses +} + // CheckScanModes checks scan mode func CheckScanModes() error { for _, s := range servers { @@ -600,6 +724,9 @@ func scanVulns(jsonDir string, scannedAt time.Time, timeoutSec int) error { if err = o.scanWordPress(); err != nil { return xerrors.Errorf("Failed to scan WordPress: %w", err) } + if err = o.scanLibraries(); err != nil { + return xerrors.Errorf("Failed to scan Library: %w", err) + } return o.postScan() }, timeoutSec)