From 6cc5f0ae851df0ff6887f05af6d10ff88204401b Mon Sep 17 00:00:00 2001 From: Alex Goodman Date: Tue, 26 Nov 2024 14:24:27 -0500 Subject: [PATCH] bump grype dev branch Signed-off-by: Alex Goodman --- go.mod | 4 +- go.sum | 11 ++-- .../v6/transformers/github/transform.go | 3 +- .../v6/transformers/github/transform_test.go | 21 ++---- pkg/process/v6/transformers/nvd/transform.go | 3 +- .../v6/transformers/nvd/transform_test.go | 40 +++++------ pkg/process/v6/transformers/os/transform.go | 6 +- .../v6/transformers/os/transform_test.go | 66 +++++++------------ 8 files changed, 63 insertions(+), 91 deletions(-) diff --git a/go.mod b/go.mod index 35d0dcc3..c0e82ab2 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d github.com/adrg/xdg v0.5.3 github.com/anchore/go-logger v0.0.0-20230725134548-c21dafa1ec5a - github.com/anchore/grype v0.85.1-0.20241121181803-ba4a2b41b64f + github.com/anchore/grype v0.85.1-0.20241126203329-cbcf1740b2da github.com/anchore/syft v1.17.0 github.com/araddon/dateparse v0.0.0-20210429162001-6b43995a97de github.com/dave/jennifer v1.7.1 @@ -33,7 +33,7 @@ require ( github.com/spf13/cobra v1.8.1 github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.19.0 - github.com/stretchr/testify v1.9.0 + github.com/stretchr/testify v1.10.0 github.com/umisama/go-cpe v0.0.0-20190323060751-cdd6c3c28a23 github.com/wagoodman/go-partybus v0.0.0-20230516145632-8ccac152c651 github.com/wagoodman/go-progress v0.0.0-20230925121702-07e42b3cdba0 diff --git a/go.sum b/go.sum index 3990f0ef..2712566f 100644 --- a/go.sum +++ b/go.sum @@ -252,8 +252,8 @@ github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 h1:VzprUTpc0v github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04/go.mod h1:6dK64g27Qi1qGQZ67gFmBFvEHScy0/C8qhQhNe5B5pQ= github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4 h1:rmZG77uXgE+o2gozGEBoUMpX27lsku+xrMwlmBZJtbg= github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= -github.com/anchore/grype v0.85.1-0.20241121181803-ba4a2b41b64f h1:U6dG0KfDU4SECpo4ix74Ci5XugRXbkU7ntp5K07+OQQ= -github.com/anchore/grype v0.85.1-0.20241121181803-ba4a2b41b64f/go.mod h1:8+byyl7POwrm6D/rya93DIZ70+vnWLVe+nSBmQ/wnoc= +github.com/anchore/grype v0.85.1-0.20241126203329-cbcf1740b2da h1:gAIvpDT1mcZtWkGmMS0nB+Hv1MBj87qhNW73M3eWapk= +github.com/anchore/grype v0.85.1-0.20241126203329-cbcf1740b2da/go.mod h1:q3SBzch9Pr2bRko3P2/UaDZqN1Iqorz2H11uuz6RJPI= github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f h1:dAQPIrQ3a5PBqZeZ+B9NGZsGmodk4NO9OjDIsQmQyQM= github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f/go.mod h1:KoYIv7tdP5+CC9VGkeZV4/vGCKsY55VvoG+5dadg4YI= github.com/anchore/stereoscope v0.0.9 h1:rLhYWe/CXhDq/UCUWQ3U5xtpGk4RFnssKaM0bHhs5us= @@ -310,8 +310,8 @@ github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/charmbracelet/bubbles v0.20.0 h1:jSZu6qD8cRQ6k9OMfR1WlM+ruM8fkPWkHvQWD9LIutE= github.com/charmbracelet/bubbles v0.20.0/go.mod h1:39slydyswPy+uVOHZ5x/GjwVAFkCsV8IIVy+4MhzwwU= -github.com/charmbracelet/bubbletea v1.2.3 h1:d9MdMsANIYZB5pE1KkRqaUV6GfsiWm+/9z4fTuGVm9I= -github.com/charmbracelet/bubbletea v1.2.3/go.mod h1:Qr6fVQw+wX7JkWWkVyXYk/ZUQ92a6XNekLXa3rR18MM= +github.com/charmbracelet/bubbletea v1.2.4 h1:KN8aCViA0eps9SCOThb2/XPIlea3ANJLUkv3KnQRNCE= +github.com/charmbracelet/bubbletea v1.2.4/go.mod h1:Qr6fVQw+wX7JkWWkVyXYk/ZUQ92a6XNekLXa3rR18MM= github.com/charmbracelet/lipgloss v1.0.0 h1:O7VkGDvqEdGi93X+DeqsQ7PKHDgtQfF8j8/O2qFMQNg= github.com/charmbracelet/lipgloss v1.0.0/go.mod h1:U5fy9Z+C38obMs+T+tJqst9VGzlOYGj4ri9reL3qUlo= github.com/charmbracelet/x/ansi v0.4.5 h1:LqK4vwBNaXw2AyGIICa5/29Sbdq58GbGdFngSexTdRM= @@ -940,8 +940,9 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= diff --git a/pkg/process/v6/transformers/github/transform.go b/pkg/process/v6/transformers/github/transform.go index 80e21c05..f8c42af7 100644 --- a/pkg/process/v6/transformers/github/transform.go +++ b/pkg/process/v6/transformers/github/transform.go @@ -205,8 +205,7 @@ func getReferences(vulnerability unmarshal.GitHubAdvisory) []grypeDB.Reference { // https://github.com/anchore/vunnel/issues/646 to capture this refs := []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: vulnerability.Advisory.URL, + URL: vulnerability.Advisory.URL, }, } diff --git a/pkg/process/v6/transformers/github/transform_test.go b/pkg/process/v6/transformers/github/transform_test.go index 8b3121cf..4cd45799 100644 --- a/pkg/process/v6/transformers/github/transform_test.go +++ b/pkg/process/v6/transformers/github/transform_test.go @@ -91,8 +91,7 @@ func TestGetVulnerability(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://github.com/advisories/GHSA-2wgc-48g2-cj5w", + URL: "https://github.com/advisories/GHSA-2wgc-48g2-cj5w", }, }, Aliases: []string{"CVE-2024-21653"}, @@ -129,8 +128,7 @@ func TestGetVulnerability(t *testing.T) { Status: grypeDB.VulnerabilityRejected, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://github.com/advisories/GHSA-3x74-v64j-qc3f", + URL: "https://github.com/advisories/GHSA-3x74-v64j-qc3f", }, }, Aliases: []string{"CVE-2023-30179"}, @@ -167,8 +165,7 @@ func TestGetVulnerability(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://github.com/advisories/GHSA-vc9j-fhvv-8vrf", + URL: "https://github.com/advisories/GHSA-vc9j-fhvv-8vrf", }, }, Aliases: []string{"CVE-2020-14000"}, @@ -202,8 +199,7 @@ func TestGetVulnerability(t *testing.T) { Description: "Low severity vulnerability that affects notebook", References: []grypeDB.Reference{ { - URL: "https://github.com/advisories/GHSA-6cwv-x26c-w2q4", - Tags: []string{"advisory"}, + URL: "https://github.com/advisories/GHSA-6cwv-x26c-w2q4", }, }, @@ -226,8 +222,7 @@ func TestGetVulnerability(t *testing.T) { Description: "Moderate severity vulnerability that affects Plone", References: []grypeDB.Reference{ { - URL: "https://github.com/advisories/GHSA-p5wr-vp8g-q5p4", - Tags: []string{"advisory"}, + URL: "https://github.com/advisories/GHSA-p5wr-vp8g-q5p4", }, }, Aliases: []string{"CVE-2017-5524"}, @@ -256,8 +251,7 @@ func TestGetVulnerability(t *testing.T) { Status: grypeDB.VulnerabilityRejected, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://github.com/advisories/GHSA-6cwv-x26c-w2q4", + URL: "https://github.com/advisories/GHSA-6cwv-x26c-w2q4", }, }, Aliases: []string{"CVE-2018-8768"}, @@ -283,8 +277,7 @@ func TestGetVulnerability(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://github.com/advisories/GHSA-p5wr-vp8g-q5p4", + URL: "https://github.com/advisories/GHSA-p5wr-vp8g-q5p4", }, }, Aliases: []string{"CVE-2017-5524"}, diff --git a/pkg/process/v6/transformers/nvd/transform.go b/pkg/process/v6/transformers/nvd/transform.go index ce1841d8..88011fbf 100644 --- a/pkg/process/v6/transformers/nvd/transform.go +++ b/pkg/process/v6/transformers/nvd/transform.go @@ -284,8 +284,7 @@ func getSeverities(vuln unmarshal.NVDVulnerability) []grypeDB.Severity { func getReferences(vuln unmarshal.NVDVulnerability) []grypeDB.Reference { references := []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/" + vuln.ID, + URL: "https://nvd.nist.gov/vuln/detail/" + vuln.ID, }, } for _, reference := range vuln.References { diff --git a/pkg/process/v6/transformers/nvd/transform_test.go b/pkg/process/v6/transformers/nvd/transform_test.go index 4b3fd98f..b19d67ea 100644 --- a/pkg/process/v6/transformers/nvd/transform_test.go +++ b/pkg/process/v6/transformers/nvd/transform_test.go @@ -68,8 +68,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-5487", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-5487", }, { URL: "https://security.netapp.com/advisory/ntap-20180523-0001/", @@ -144,8 +144,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000222", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000222", }, { URL: "https://github.com/libgd/libgd/issues/447", @@ -232,8 +232,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-10189", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2018-10189", }, { URL: "https://github.com/mautic/mautic/releases/tag/2.13.0", @@ -315,8 +315,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2015-8978", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2015-8978", }, { URL: "http://cpansearch.perl.org/src/PHRED/SOAP-Lite-1.20/Changes", @@ -374,8 +374,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2022-26488", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2022-26488", }, { URL: "https://mail.python.org/archives/list/security-announce@python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/", @@ -481,8 +481,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2022-0543", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2022-0543", }, { URL: "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html", @@ -576,8 +576,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729", }, { URL: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", @@ -667,8 +667,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-38733", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-38733", }, { URL: "https://exchange.xforce.ibmcloud.com/vulnerabilities/262293", @@ -755,8 +755,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-45283", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-45283", }, { URL: "http://www.openwall.com/lists/oss-security/2023/12/05/2", @@ -866,8 +866,8 @@ func TestTransform(t *testing.T) { Status: grypeDB.VulnerabilityActive, References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-45283", + + URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-45283", }, { URL: "http://www.openwall.com/lists/oss-security/2023/12/05/2", diff --git a/pkg/process/v6/transformers/os/transform.go b/pkg/process/v6/transformers/os/transform.go index 012b8a1c..8b815e90 100644 --- a/pkg/process/v6/transformers/os/transform.go +++ b/pkg/process/v6/transformers/os/transform.go @@ -112,8 +112,7 @@ func getFix(fixedInEntry unmarshal.OSFixedIn) *grypeDB.Fix { var refs []grypeDB.Reference for _, l := range linkOrder { refs = append(refs, grypeDB.Reference{ - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: l, + URL: l, }) } @@ -306,8 +305,7 @@ func getReferences(vuln unmarshal.OSVulnerability) []grypeDB.Reference { for _, l := range linkOrder { refs = append(refs, grypeDB.Reference{ - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: l, + URL: l, }, ) } diff --git a/pkg/process/v6/transformers/os/transform_test.go b/pkg/process/v6/transformers/os/transform_test.go index 25cfbb4d..982fe29f 100644 --- a/pkg/process/v6/transformers/os/transform_test.go +++ b/pkg/process/v6/transformers/os/transform_test.go @@ -90,8 +90,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19967", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19967", }, }, Severities: []grypeDB.Severity{ @@ -134,8 +133,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "https://alas.aws.amazon.com/AL2/ALAS-2018-1106.html", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://alas.aws.amazon.com/AL2/ALAS-2018-1106.html", }, }, Aliases: []string{"CVE-2018-14648"}, @@ -247,8 +245,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "https://alas.aws.amazon.com/AL2/ALAS-2021-1704.html", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://alas.aws.amazon.com/AL2/ALAS-2021-1704.html", }, }, Aliases: []string{"CVE-2021-3653", "CVE-2021-3656", "CVE-2021-3732"}, @@ -300,8 +297,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-007.html", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-007.html", }, }, Aliases: []string{"CVE-2021-3753", "CVE-2021-40490"}, @@ -353,8 +349,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-005.html", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-005.html", }, }, Aliases: []string{"CVE-2021-3753", "CVE-2021-40490"}, @@ -413,8 +408,7 @@ func TestTransform(t *testing.T) { Description: "CVE-2023-29403 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available.", References: []grypeDB.Reference{ { - URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-29403", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-29403", }, }, Severities: []grypeDB.Severity{ @@ -457,8 +451,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "https://security-tracker.debian.org/tracker/CVE-2008-7220", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://security-tracker.debian.org/tracker/CVE-2008-7220", }, }, Severities: []grypeDB.Severity{ @@ -537,8 +530,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "https://security-tracker.debian.org/tracker/CVE-2011-4623", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://security-tracker.debian.org/tracker/CVE-2011-4623", }, }, Severities: []grypeDB.Severity{ @@ -575,8 +567,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "https://security-tracker.debian.org/tracker/CVE-2008-5618", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://security-tracker.debian.org/tracker/CVE-2008-5618", }, }, Severities: []grypeDB.Severity{ @@ -620,8 +611,7 @@ func TestTransform(t *testing.T) { Description: "CVE-2021-37621 affecting package exiv2 for versions less than 0.27.5-1. An upgraded version of the package is available that resolves this issue.", References: []grypeDB.Reference{ { - URL: "https://nvd.nist.gov/vuln/detail/CVE-2021-37621", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://nvd.nist.gov/vuln/detail/CVE-2021-37621", }, }, Severities: []grypeDB.Severity{ @@ -666,8 +656,7 @@ func TestTransform(t *testing.T) { Description: "CVE-2023-29404 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available.", References: []grypeDB.Reference{ { - URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-29404", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://nvd.nist.gov/vuln/detail/CVE-2023-29404", }, }, Severities: []grypeDB.Severity{ @@ -712,12 +701,10 @@ func TestTransform(t *testing.T) { Aliases: []string{"CVE-2020-13112"}, References: []grypeDB.Reference{ { - URL: "http://linux.oracle.com/errata/ELSA-2020-2550.html", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "http://linux.oracle.com/errata/ELSA-2020-2550.html", }, { - URL: "http://linux.oracle.com/cve/CVE-2020-13112.html", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "http://linux.oracle.com/cve/CVE-2020-13112.html", }, }, Severities: []grypeDB.Severity{ @@ -788,8 +775,7 @@ func TestTransform(t *testing.T) { Status: "active", References: []grypeDB.Reference{ { - URL: "https://access.redhat.com/security/cve/CVE-2020-14350", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://access.redhat.com/security/cve/CVE-2020-14350", }, }, Severities: []grypeDB.Severity{ @@ -884,8 +870,7 @@ func TestTransform(t *testing.T) { Description: "A flaw was found in Mozilla Firefox. A race condition can occur while running the nsDocShell destructor causing a use-after-free memory issue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", References: []grypeDB.Reference{ { - URL: "https://access.redhat.com/security/cve/CVE-2020-6819", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://access.redhat.com/security/cve/CVE-2020-6819", }, }, Severities: []grypeDB.Severity{ @@ -924,8 +909,7 @@ func TestTransform(t *testing.T) { Detail: &grypeDB.FixDetail{ References: []grypeDB.Reference{ { - URL: "https://access.redhat.com/errata/RHSA-2020:1341", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://access.redhat.com/errata/RHSA-2020:1341", }, }, }, @@ -950,8 +934,7 @@ func TestTransform(t *testing.T) { Detail: &grypeDB.FixDetail{ References: []grypeDB.Reference{ { - URL: "https://access.redhat.com/errata/RHSA-2020:1495", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://access.redhat.com/errata/RHSA-2020:1495", }, }, }, @@ -978,8 +961,7 @@ func TestTransform(t *testing.T) { Description: "A flaw was found in PostgreSQL, where some PostgreSQL extensions did not use the search_path safely in their installation script. This flaw allows an attacker with sufficient privileges to trick an administrator into executing a specially crafted script during the extension's installation or update. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", References: []grypeDB.Reference{ { - URL: "https://access.redhat.com/security/cve/CVE-2020-14350", - Tags: []string{grypeDB.AdvisoryReferenceTag}, + URL: "https://access.redhat.com/security/cve/CVE-2020-14350", }, }, Severities: []grypeDB.Severity{ @@ -1021,8 +1003,8 @@ func TestTransform(t *testing.T) { Detail: &grypeDB.FixDetail{ References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://access.redhat.com/errata/RHSA-2020:3669", + + URL: "https://access.redhat.com/errata/RHSA-2020:3669", }, }, }, @@ -1050,8 +1032,8 @@ func TestTransform(t *testing.T) { Detail: &grypeDB.FixDetail{ References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://access.redhat.com/errata/RHSA-2020:5620", + + URL: "https://access.redhat.com/errata/RHSA-2020:5620", }, }, }, @@ -1079,8 +1061,8 @@ func TestTransform(t *testing.T) { Detail: &grypeDB.FixDetail{ References: []grypeDB.Reference{ { - Tags: []string{grypeDB.AdvisoryReferenceTag}, - URL: "https://access.redhat.com/errata/RHSA-2020:5619", + + URL: "https://access.redhat.com/errata/RHSA-2020:5619", }, }, },