Merge branch 'main' into gsa

Signed-off-by: DJ Schleen <[email protected]>
devops-kung-fu · Sep 21, 2024 · c6e58c7 · c6e58c7
2 parents 17e1744 + f6fbbaf
commit c6e58c7
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 15 deletions.
diff --git a/enrichers/epss/epss.go b/enrichers/epss/epss.go
@@ -25,8 +25,10 @@ type Enricher struct{}
 var client *resty.Client
 
 func init() {
-	client = resty.New().
-		SetTransport(&http.Transport{TLSHandshakeTimeout: 60 * time.Second})
+	// Cloning the transport ensures a proper working http client that respects the proxy settings
+	transport := http.DefaultTransport.(*http.Transport).Clone()
+	transport.TLSHandshakeTimeout = 60 * time.Second
+	client = resty.New().SetTransport(transport)
 }
 
 // TODO: this needs to be refactored so we can batch the scanning and de-duplicate. Each component has it's own list of []models.Vulnerability and this function is called multiple times. At least the implementation here reduces the calls by batching per component.

diff --git a/go.mod b/go.mod
@@ -32,15 +32,7 @@ require (
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mattn/go-runewidth v0.0.16 // indirect
+	github.com/mattn/go-runewdth v0.0.16 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/sashabaranov/go-openai v1.29.2
-	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
-	golang.org/x/net v0.29.0 // indirect
-	golang.org/x/sys v0.25.0 // indirect
-	golang.org/x/term v0.24.0 // indirect
-	golang.org/x/text v0.18.0 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
-)
diff --git a/providers/ossindex/OSSIndex.go b/providers/ossindex/OSSIndex.go
@@ -21,8 +21,10 @@ const ossindexURL = "https://ossindex.sonatype.org/api/v3/authorized/component-r
 var client *resty.Client
 
 func init() {
-	client = resty.New().
-		SetTransport(&http.Transport{TLSHandshakeTimeout: 60 * time.Second})
+	// Cloning the transport ensures a proper working http client that respects the proxy settings
+	transport := http.DefaultTransport.(*http.Transport).Clone()
+	transport.TLSHandshakeTimeout = 60 * time.Second
+	client = resty.New().SetTransport(transport)
 }
 
 // Provider represents the OSSIndex provider

diff --git a/providers/osv/osv.go b/providers/osv/osv.go
@@ -94,8 +94,10 @@ const (
 var client *resty.Client
 
 func init() {
-	client = resty.New().
-		SetTransport(&http.Transport{TLSHandshakeTimeout: 60 * time.Second})
+	// Cloning the transport ensures a proper working http client that respects the proxy settings
+	transport := http.DefaultTransport.(*http.Transport).Clone()
+	transport.TLSHandshakeTimeout = 60 * time.Second
+	client = resty.New().SetTransport(transport)
 }
 
 // Provider represents the OSSIndex provider