From 28463fbaf81e2957b7afb6f889b1690cc93f5d99 Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Wed, 19 Jun 2024 11:38:50 +0400 Subject: [PATCH 1/4] ci: add depguard Signed-off-by: knqyf263 --- .golangci.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.golangci.yaml b/.golangci.yaml index 83dae8d06e61..9a334f867710 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -1,4 +1,16 @@ linters-settings: + depguard: + rules: + main: + list-mode: lax + deny: + - pkg: "io/ioutil" + desc: "Replaced by 'io' and 'os' packages since Go 1.16: https://tip.golang.org/doc/go1.16#ioutil" + # Cannot use gomodguard, which examines go.mod, as "golang.org/x/exp/slices" is not a module and doesn't appear in go.mod. + - pkg: "golang.org/x/exp/slices" + desc: "Use 'slices' instead" + - pkg: "golang.org/x/exp/maps" + desc: "Use 'maps' instead" dupl: threshold: 100 errcheck: @@ -81,6 +93,7 @@ linters: disable-all: true enable: - bodyclose + - depguard - gci - goconst - gocritic From cbfa0c325f06c8f4da1e26762c47d4d5806a9416 Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Wed, 19 Jun 2024 13:49:25 +0400 Subject: [PATCH 2/4] refactor: replace packages Signed-off-by: knqyf263 --- .golangci.yaml | 4 +--- pkg/cloud/aws/commands/run.go | 2 +- pkg/commands/artifact/run.go | 2 +- pkg/compliance/spec/compliance.go | 4 ++-- pkg/compliance/spec/mapper.go | 2 +- pkg/dependency/parser/c/conan/parse.go | 2 +- pkg/dependency/parser/golang/mod/parse.go | 3 +-- pkg/dependency/parser/java/pom/artifact.go | 2 +- pkg/dependency/parser/julia/manifest/parse.go | 4 ++-- pkg/dependency/parser/nodejs/npm/parse.go | 4 ++-- pkg/dependency/parser/nodejs/pnpm/parse.go | 3 +-- pkg/dependency/parser/php/composer/parse.go | 4 ++-- pkg/dependency/parser/ruby/bundler/parse.go | 4 ++-- .../parser/swift/cocoapods/parse.go | 4 ++-- pkg/dependency/parser/utils/utils.go | 5 ++-- pkg/detector/ospkg/redhat/redhat.go | 6 ++--- pkg/downloader/download.go | 2 +- pkg/fanal/analyzer/analyzer.go | 2 +- pkg/fanal/analyzer/config_analyzer.go | 2 +- pkg/fanal/analyzer/imgconf/apk/apk.go | 4 ++-- .../analyzer/language/dart/pub/pubspec.go | 3 +-- .../analyzer/language/dotnet/nuget/nuget.go | 2 +- pkg/fanal/analyzer/language/golang/mod/mod.go | 5 ++-- pkg/fanal/analyzer/language/julia/pkg/pkg.go | 5 ++-- .../analyzer/language/nodejs/yarn/yarn.go | 3 +-- .../language/php/composer/composer.go | 2 +- .../analyzer/language/rust/cargo/cargo.go | 6 ++--- pkg/fanal/analyzer/licensing/license.go | 2 +- pkg/fanal/analyzer/os/alpine/alpine.go | 2 +- pkg/fanal/analyzer/os/release/release.go | 3 +-- pkg/fanal/analyzer/os/ubuntu/esm.go | 2 +- pkg/fanal/analyzer/os/ubuntu/ubuntu.go | 2 +- pkg/fanal/analyzer/pkg/apk/apk.go | 2 +- pkg/fanal/analyzer/pkg/dpkg/copyright.go | 2 +- pkg/fanal/analyzer/pkg/dpkg/dpkg.go | 2 +- pkg/fanal/analyzer/pkg/rpm/rpm.go | 2 +- pkg/fanal/analyzer/pkg/rpm/rpmqa.go | 2 +- pkg/fanal/analyzer/repo/apk/apk.go | 2 +- pkg/fanal/analyzer/secret/secret.go | 24 +++++++++++++++---- pkg/fanal/artifact/image/image.go | 2 +- pkg/fanal/artifact/image/remote_sbom.go | 2 +- pkg/fanal/handler/handler.go | 2 +- pkg/fanal/handler/sysfile/filter.go | 3 +-- pkg/fanal/handler/unpackaged/unpackaged.go | 2 +- pkg/fanal/secret/scanner.go | 2 +- pkg/fanal/walker/fs_test.go | 2 +- pkg/fanal/walker/vm.go | 2 +- pkg/flag/options.go | 2 +- pkg/flag/report_flags.go | 2 +- .../cloudformation/aws/ec2/security_group.go | 4 ++-- .../adapters/terraform/google/iam/adapt.go | 8 +++---- pkg/iac/scanners/azure/value.go | 11 ++++++--- .../scanners/terraform/parser/evaluator.go | 15 +++++++++--- .../scanners/terraform/parser/modules_test.go | 13 ++++++---- pkg/k8s/report/report.go | 6 ++--- pkg/k8s/report/summary.go | 2 +- pkg/k8s/scanner/scanner_test.go | 4 ++-- pkg/licensing/expression/types.go | 3 +-- pkg/licensing/scanner.go | 2 +- pkg/mapfs/fs.go | 2 +- pkg/module/module.go | 2 +- pkg/rekor/client.go | 2 +- pkg/report/table/table.go | 2 +- pkg/report/table/vulnerability.go | 7 +++--- pkg/result/filter.go | 5 ++-- pkg/sbom/io/decode.go | 4 ++-- pkg/sbom/spdx/marshal.go | 2 +- pkg/scanner/local/scan.go | 2 +- pkg/types/target.go | 2 +- pkg/utils/fsutils/fs.go | 2 +- pkg/x/path/path.go | 3 +-- 71 files changed, 142 insertions(+), 120 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 9a334f867710..17efa8050e11 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -4,13 +4,11 @@ linters-settings: main: list-mode: lax deny: - - pkg: "io/ioutil" - desc: "Replaced by 'io' and 'os' packages since Go 1.16: https://tip.golang.org/doc/go1.16#ioutil" # Cannot use gomodguard, which examines go.mod, as "golang.org/x/exp/slices" is not a module and doesn't appear in go.mod. - pkg: "golang.org/x/exp/slices" desc: "Use 'slices' instead" - pkg: "golang.org/x/exp/maps" - desc: "Use 'maps' instead" + desc: "Use 'maps' or 'github.com/samber/lo' instead" dupl: threshold: 100 errcheck: diff --git a/pkg/cloud/aws/commands/run.go b/pkg/cloud/aws/commands/run.go index 708d9314f94f..b9a1bbb2bfce 100644 --- a/pkg/cloud/aws/commands/run.go +++ b/pkg/cloud/aws/commands/run.go @@ -3,11 +3,11 @@ package commands import ( "context" "errors" + "slices" "sort" "strings" "github.com/aws/aws-sdk-go-v2/service/sts" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy-aws/pkg/errs" diff --git a/pkg/commands/artifact/run.go b/pkg/commands/artifact/run.go index afdbf2ee6966..30058ff6c4cb 100644 --- a/pkg/commands/artifact/run.go +++ b/pkg/commands/artifact/run.go @@ -4,11 +4,11 @@ import ( "context" "errors" "fmt" + "slices" "github.com/hashicorp/go-multierror" "github.com/samber/lo" "github.com/spf13/viper" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/go-version/pkg/semver" diff --git a/pkg/compliance/spec/compliance.go b/pkg/compliance/spec/compliance.go index bc91b7f664fe..7b0b4f6cffdd 100644 --- a/pkg/compliance/spec/compliance.go +++ b/pkg/compliance/spec/compliance.go @@ -5,7 +5,7 @@ import ( "os" "strings" - "golang.org/x/exp/maps" + "github.com/samber/lo" "golang.org/x/xerrors" "gopkg.in/yaml.v3" @@ -39,7 +39,7 @@ func (cs *ComplianceSpec) Scanners() (types.Scanners, error) { scannerTypes[scannerType] = struct{}{} } } - return maps.Keys(scannerTypes), nil + return lo.Keys(scannerTypes), nil } // CheckIDs return list of compliance check IDs diff --git a/pkg/compliance/spec/mapper.go b/pkg/compliance/spec/mapper.go index 2efa488bff54..6fa5d2bbd45a 100644 --- a/pkg/compliance/spec/mapper.go +++ b/pkg/compliance/spec/mapper.go @@ -1,7 +1,7 @@ package spec import ( - "golang.org/x/exp/slices" + "slices" "github.com/aquasecurity/trivy/pkg/types" ) diff --git a/pkg/dependency/parser/c/conan/parse.go b/pkg/dependency/parser/c/conan/parse.go index 7661131ec8b9..14da9358fb8a 100644 --- a/pkg/dependency/parser/c/conan/parse.go +++ b/pkg/dependency/parser/c/conan/parse.go @@ -2,11 +2,11 @@ package conan import ( "io" + "slices" "strings" "github.com/liamg/jfather" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency" diff --git a/pkg/dependency/parser/golang/mod/parse.go b/pkg/dependency/parser/golang/mod/parse.go index fa5116f19bfa..508da6911521 100644 --- a/pkg/dependency/parser/golang/mod/parse.go +++ b/pkg/dependency/parser/golang/mod/parse.go @@ -7,7 +7,6 @@ import ( "strings" "github.com/samber/lo" - "golang.org/x/exp/maps" "golang.org/x/mod/modfile" "golang.org/x/xerrors" @@ -148,7 +147,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependenc } } - return maps.Values(pkgs), nil, nil + return lo.Values(pkgs), nil, nil } // Check if the Go version is less than 1.17 diff --git a/pkg/dependency/parser/java/pom/artifact.go b/pkg/dependency/parser/java/pom/artifact.go index a99ff8569357..b2e97efb229b 100644 --- a/pkg/dependency/parser/java/pom/artifact.go +++ b/pkg/dependency/parser/java/pom/artifact.go @@ -4,10 +4,10 @@ import ( "fmt" "os" "regexp" + "slices" "strings" "github.com/samber/lo" - "golang.org/x/exp/slices" ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" "github.com/aquasecurity/trivy/pkg/log" diff --git a/pkg/dependency/parser/julia/manifest/parse.go b/pkg/dependency/parser/julia/manifest/parse.go index 13d1cb208bcb..aa0112a17e67 100644 --- a/pkg/dependency/parser/julia/manifest/parse.go +++ b/pkg/dependency/parser/julia/manifest/parse.go @@ -5,7 +5,7 @@ import ( "sort" "github.com/BurntSushi/toml" - "golang.org/x/exp/maps" + "github.com/samber/lo" "golang.org/x/xerrors" ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" @@ -156,7 +156,7 @@ func decodeDependency(man *primitiveManifest, dep primitiveDependency, metadata var possibleDepsMap map[string]string err = metadata.PrimitiveDecode(dep.Dependencies, &possibleDepsMap) if err == nil { - possibleUuids := maps.Values(possibleDepsMap) + possibleUuids := lo.Values(possibleDepsMap) sort.Strings(possibleUuids) dep.DependsOn = possibleUuids return dep, nil diff --git a/pkg/dependency/parser/nodejs/npm/parse.go b/pkg/dependency/parser/nodejs/npm/parse.go index 6e99cdd1bfcb..05ce6301ff09 100644 --- a/pkg/dependency/parser/nodejs/npm/parse.go +++ b/pkg/dependency/parser/nodejs/npm/parse.go @@ -3,6 +3,7 @@ package npm import ( "fmt" "io" + "maps" "path" "slices" "sort" @@ -10,7 +11,6 @@ import ( "github.com/liamg/jfather" "github.com/samber/lo" - "golang.org/x/exp/maps" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency" @@ -186,7 +186,7 @@ func (p *Parser) parseV2(packages map[string]Package) ([]ftypes.Package, []ftype } - return maps.Values(pkgs), deps + return lo.Values(pkgs), deps } // for local package npm uses links. e.g.: diff --git a/pkg/dependency/parser/nodejs/pnpm/parse.go b/pkg/dependency/parser/nodejs/pnpm/parse.go index bbe6c5a57aab..8ccf9de0ae9a 100644 --- a/pkg/dependency/parser/nodejs/pnpm/parse.go +++ b/pkg/dependency/parser/nodejs/pnpm/parse.go @@ -7,7 +7,6 @@ import ( "strings" "github.com/samber/lo" - "golang.org/x/exp/maps" "golang.org/x/xerrors" "gopkg.in/yaml.v3" @@ -216,7 +215,7 @@ func (p *Parser) parseV9(lockFile LockFile) ([]ftypes.Package, []ftypes.Dependen } } - return maps.Values(resolvedPkgs), maps.Values(resolvedDeps) + return lo.Values(resolvedPkgs), lo.Values(resolvedDeps) } // markRootPkgs sets `Dev` to false for non dev dependency. diff --git a/pkg/dependency/parser/php/composer/parse.go b/pkg/dependency/parser/php/composer/parse.go index c95901686ba0..af99ceaf8be2 100644 --- a/pkg/dependency/parser/php/composer/parse.go +++ b/pkg/dependency/parser/php/composer/parse.go @@ -6,7 +6,7 @@ import ( "strings" "github.com/liamg/jfather" - "golang.org/x/exp/maps" + "github.com/samber/lo" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency" @@ -98,7 +98,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependenc }) } - pkgSlice := maps.Values(pkgs) + pkgSlice := lo.Values(pkgs) sort.Sort(ftypes.Packages(pkgSlice)) sort.Sort(deps) diff --git a/pkg/dependency/parser/ruby/bundler/parse.go b/pkg/dependency/parser/ruby/bundler/parse.go index 89f3a9ab4ab8..12dff78bc7c0 100644 --- a/pkg/dependency/parser/ruby/bundler/parse.go +++ b/pkg/dependency/parser/ruby/bundler/parse.go @@ -5,7 +5,7 @@ import ( "sort" "strings" - "golang.org/x/exp/maps" + "github.com/samber/lo" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency" @@ -103,7 +103,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependenc return nil, nil, xerrors.Errorf("scan error: %w", err) } - pkgSlice := maps.Values(pkgs) + pkgSlice := lo.Values(pkgs) sort.Sort(ftypes.Packages(pkgSlice)) return pkgSlice, deps, nil } diff --git a/pkg/dependency/parser/swift/cocoapods/parse.go b/pkg/dependency/parser/swift/cocoapods/parse.go index 27438c86e17f..2d946d417447 100644 --- a/pkg/dependency/parser/swift/cocoapods/parse.go +++ b/pkg/dependency/parser/swift/cocoapods/parse.go @@ -4,7 +4,7 @@ import ( "sort" "strings" - "golang.org/x/exp/maps" + "github.com/samber/lo" "golang.org/x/xerrors" "gopkg.in/yaml.v3" @@ -86,7 +86,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependenc } sort.Sort(deps) - return utils.UniquePackages(maps.Values(parsedDeps)), deps, nil + return utils.UniquePackages(lo.Values(parsedDeps)), deps, nil } func parseDep(dep string) (ftypes.Package, error) { diff --git a/pkg/dependency/parser/utils/utils.go b/pkg/dependency/parser/utils/utils.go index f22e994a7cb0..ce2aff36976b 100644 --- a/pkg/dependency/parser/utils/utils.go +++ b/pkg/dependency/parser/utils/utils.go @@ -2,9 +2,10 @@ package utils import ( "fmt" + "maps" "sort" - "golang.org/x/exp/maps" + "github.com/samber/lo" ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" ) @@ -48,7 +49,7 @@ func UniquePackages(pkgs []ftypes.Package) []ftypes.Package { } } } - pkgSlice := maps.Values(unique) + pkgSlice := lo.Values(unique) sort.Sort(ftypes.Packages(pkgSlice)) return pkgSlice diff --git a/pkg/detector/ospkg/redhat/redhat.go b/pkg/detector/ospkg/redhat/redhat.go index 277fa6203424..d8d9e0052920 100644 --- a/pkg/detector/ospkg/redhat/redhat.go +++ b/pkg/detector/ospkg/redhat/redhat.go @@ -3,13 +3,13 @@ package redhat import ( "context" "fmt" + "slices" "sort" "strings" "time" version "github.com/knqyf263/go-rpm-version" - "golang.org/x/exp/maps" - "golang.org/x/exp/slices" + "github.com/samber/lo" "golang.org/x/xerrors" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" @@ -176,7 +176,7 @@ func (s *Scanner) detect(osVer string, pkg ftypes.Package) ([]types.DetectedVuln } } - vulns := maps.Values(uniqVulns) + vulns := lo.Values(uniqVulns) sort.Slice(vulns, func(i, j int) bool { return vulns[i].VulnerabilityID < vulns[j].VulnerabilityID }) diff --git a/pkg/downloader/download.go b/pkg/downloader/download.go index 0c9388248a6d..9b554b6a4eb8 100644 --- a/pkg/downloader/download.go +++ b/pkg/downloader/download.go @@ -2,10 +2,10 @@ package downloader import ( "context" + "maps" "os" getter "github.com/hashicorp/go-getter" - "golang.org/x/exp/maps" "golang.org/x/xerrors" ) diff --git a/pkg/fanal/analyzer/analyzer.go b/pkg/fanal/analyzer/analyzer.go index 56bb518f1b73..d6defb45aae5 100644 --- a/pkg/fanal/analyzer/analyzer.go +++ b/pkg/fanal/analyzer/analyzer.go @@ -6,12 +6,12 @@ import ( "io/fs" "os" "regexp" + "slices" "sort" "strings" "sync" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/sync/semaphore" "golang.org/x/xerrors" diff --git a/pkg/fanal/analyzer/config_analyzer.go b/pkg/fanal/analyzer/config_analyzer.go index c5682694a5c3..cddff6412e6a 100644 --- a/pkg/fanal/analyzer/config_analyzer.go +++ b/pkg/fanal/analyzer/config_analyzer.go @@ -2,9 +2,9 @@ package analyzer import ( "context" + "slices" v1 "github.com/google/go-containerregistry/pkg/v1" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/types" diff --git a/pkg/fanal/analyzer/imgconf/apk/apk.go b/pkg/fanal/analyzer/imgconf/apk/apk.go index 430dc766d161..794eb9797e5d 100644 --- a/pkg/fanal/analyzer/imgconf/apk/apk.go +++ b/pkg/fanal/analyzer/imgconf/apk/apk.go @@ -13,7 +13,7 @@ import ( "time" v1 "github.com/google/go-containerregistry/pkg/v1" - "golang.org/x/exp/maps" + "github.com/samber/lo" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" @@ -138,7 +138,7 @@ func (a alpineCmdAnalyzer) parseConfig(apkIndexArchive *apkIndex, config *v1.Con } } - return maps.Values(uniqPkgs) + return lo.Values(uniqPkgs) } func (a alpineCmdAnalyzer) parseCommand(command string, envs map[string]string) (pkgs []string) { diff --git a/pkg/fanal/analyzer/language/dart/pub/pubspec.go b/pkg/fanal/analyzer/language/dart/pub/pubspec.go index 9f7fc02b26d7..fc1ebc9bc586 100644 --- a/pkg/fanal/analyzer/language/dart/pub/pubspec.go +++ b/pkg/fanal/analyzer/language/dart/pub/pubspec.go @@ -10,7 +10,6 @@ import ( "sort" "github.com/samber/lo" - "golang.org/x/exp/maps" "golang.org/x/xerrors" "gopkg.in/yaml.v3" @@ -166,7 +165,7 @@ func parsePubSpecYaml(r io.Reader) (string, []string, error) { // pubspec.yaml uses version ranges // save only dependencies names - dependsOn := maps.Keys(spec.Dependencies) + dependsOn := lo.Keys(spec.Dependencies) return dependency.ID(types.Pub, spec.Name, spec.Version), dependsOn, nil } diff --git a/pkg/fanal/analyzer/language/dotnet/nuget/nuget.go b/pkg/fanal/analyzer/language/dotnet/nuget/nuget.go index 2e24610719e4..fa0cc486def1 100644 --- a/pkg/fanal/analyzer/language/dotnet/nuget/nuget.go +++ b/pkg/fanal/analyzer/language/dotnet/nuget/nuget.go @@ -7,9 +7,9 @@ import ( "io/fs" "os" "path/filepath" + "slices" "sort" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency/parser/nuget/config" diff --git a/pkg/fanal/analyzer/language/golang/mod/mod.go b/pkg/fanal/analyzer/language/golang/mod/mod.go index f97d9bed5add..96d40ba1c954 100644 --- a/pkg/fanal/analyzer/language/golang/mod/mod.go +++ b/pkg/fanal/analyzer/language/golang/mod/mod.go @@ -10,11 +10,10 @@ import ( "os" "path/filepath" "regexp" + "slices" "unicode" "github.com/samber/lo" - "golang.org/x/exp/maps" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency/parser/golang/mod" @@ -262,7 +261,7 @@ func mergeGoSum(gomod, gosum *types.Application) { uniq[lib.Name] = lib } - gomod.Packages = maps.Values(uniq) + gomod.Packages = lo.Values(uniq) } func findLicense(dir string, classifierConfidenceLevel float64) ([]string, error) { diff --git a/pkg/fanal/analyzer/language/julia/pkg/pkg.go b/pkg/fanal/analyzer/language/julia/pkg/pkg.go index c2b9fda035e3..4e69cb43c326 100644 --- a/pkg/fanal/analyzer/language/julia/pkg/pkg.go +++ b/pkg/fanal/analyzer/language/julia/pkg/pkg.go @@ -7,12 +7,11 @@ import ( "io/fs" "os" "path/filepath" + "slices" "sort" "github.com/BurntSushi/toml" "github.com/samber/lo" - "golang.org/x/exp/maps" - "golang.org/x/exp/slices" "golang.org/x/xerrors" julia "github.com/aquasecurity/trivy/pkg/dependency/parser/julia/manifest" @@ -167,7 +166,7 @@ func walkDependencies(directDeps map[string]string, allPackages types.Packages, walkIndirectDependencies(pkg, pkgsByID, visited) } - return maps.Values(visited) + return lo.Values(visited) } // Marks all indirect dependencies as indirect. Starts from `rootPkg`. Visited deps are added to `visited`. diff --git a/pkg/fanal/analyzer/language/nodejs/yarn/yarn.go b/pkg/fanal/analyzer/language/nodejs/yarn/yarn.go index 086f5fe7f615..70d0d1ee8951 100644 --- a/pkg/fanal/analyzer/language/nodejs/yarn/yarn.go +++ b/pkg/fanal/analyzer/language/nodejs/yarn/yarn.go @@ -15,7 +15,6 @@ import ( "github.com/hashicorp/go-multierror" "github.com/samber/lo" - "golang.org/x/exp/maps" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency/parser/nodejs/packagejson" @@ -186,7 +185,7 @@ func (a yarnAnalyzer) analyzeDependencies(fsys fs.FS, dir string, app *types.App // If the same package is found in both prod and dev dependencies, use the one in prod. pkgs = lo.Assign(devPkgs, pkgs) - pkgSlice := maps.Values(pkgs) + pkgSlice := lo.Values(pkgs) sort.Sort(types.Packages(pkgSlice)) // Save packages diff --git a/pkg/fanal/analyzer/language/php/composer/composer.go b/pkg/fanal/analyzer/language/php/composer/composer.go index 5e726168a5ae..1c0e14a1881a 100644 --- a/pkg/fanal/analyzer/language/php/composer/composer.go +++ b/pkg/fanal/analyzer/language/php/composer/composer.go @@ -8,10 +8,10 @@ import ( "io/fs" "os" "path/filepath" + "slices" "sort" "strings" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency/parser/php/composer" diff --git a/pkg/fanal/analyzer/language/rust/cargo/cargo.go b/pkg/fanal/analyzer/language/rust/cargo/cargo.go index 88c8a005595e..bd54273552c6 100644 --- a/pkg/fanal/analyzer/language/rust/cargo/cargo.go +++ b/pkg/fanal/analyzer/language/rust/cargo/cargo.go @@ -6,15 +6,15 @@ import ( "fmt" "io" "io/fs" + "maps" "os" "path" "path/filepath" + "slices" "sort" "github.com/BurntSushi/toml" "github.com/samber/lo" - "golang.org/x/exp/maps" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/go-version/pkg/semver" @@ -148,7 +148,7 @@ func (a cargoAnalyzer) removeDevDependencies(fsys fs.FS, dir string, app *types. a.walkIndirectDependencies(pkg, pkgIDs, pkgs) } - pkgSlice := maps.Values(pkgs) + pkgSlice := lo.Values(pkgs) sort.Sort(types.Packages(pkgSlice)) // Save only prod packages diff --git a/pkg/fanal/analyzer/licensing/license.go b/pkg/fanal/analyzer/licensing/license.go index 42872b1c8474..ceef1d90cecc 100644 --- a/pkg/fanal/analyzer/licensing/license.go +++ b/pkg/fanal/analyzer/licensing/license.go @@ -6,9 +6,9 @@ import ( "math" "os" "path/filepath" + "slices" "strings" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/analyzer/os/alpine/alpine.go b/pkg/fanal/analyzer/os/alpine/alpine.go index 0caa5189b8f5..da3d2da00d89 100644 --- a/pkg/fanal/analyzer/os/alpine/alpine.go +++ b/pkg/fanal/analyzer/os/alpine/alpine.go @@ -4,8 +4,8 @@ import ( "bufio" "context" "os" + "slices" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/analyzer/os/release/release.go b/pkg/fanal/analyzer/os/release/release.go index d4b959c3a9b3..229c13c932aa 100644 --- a/pkg/fanal/analyzer/os/release/release.go +++ b/pkg/fanal/analyzer/os/release/release.go @@ -4,10 +4,9 @@ import ( "bufio" "context" "os" + "slices" "strings" - "golang.org/x/exp/slices" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" "github.com/aquasecurity/trivy/pkg/fanal/types" ) diff --git a/pkg/fanal/analyzer/os/ubuntu/esm.go b/pkg/fanal/analyzer/os/ubuntu/esm.go index 9f1dd08f9c6d..d6fa38d30c16 100644 --- a/pkg/fanal/analyzer/os/ubuntu/esm.go +++ b/pkg/fanal/analyzer/os/ubuntu/esm.go @@ -4,8 +4,8 @@ import ( "context" "encoding/json" "os" + "slices" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/analyzer/os/ubuntu/ubuntu.go b/pkg/fanal/analyzer/os/ubuntu/ubuntu.go index 2fff3ac8339f..75a24756365d 100644 --- a/pkg/fanal/analyzer/os/ubuntu/ubuntu.go +++ b/pkg/fanal/analyzer/os/ubuntu/ubuntu.go @@ -4,9 +4,9 @@ import ( "bufio" "context" "os" + "slices" "strings" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/analyzer/pkg/apk/apk.go b/pkg/fanal/analyzer/pkg/apk/apk.go index bb2007470b1b..9ce13e4b013d 100644 --- a/pkg/fanal/analyzer/pkg/apk/apk.go +++ b/pkg/fanal/analyzer/pkg/apk/apk.go @@ -8,12 +8,12 @@ import ( "fmt" "os" "path" + "slices" "sort" "strings" apkVersion "github.com/knqyf263/go-apk-version" "github.com/samber/lo" - "golang.org/x/exp/slices" "github.com/aquasecurity/trivy/pkg/digest" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/analyzer/pkg/dpkg/copyright.go b/pkg/fanal/analyzer/pkg/dpkg/copyright.go index 1f50088f86b7..ac98c2e404c3 100644 --- a/pkg/fanal/analyzer/pkg/dpkg/copyright.go +++ b/pkg/fanal/analyzer/pkg/dpkg/copyright.go @@ -7,10 +7,10 @@ import ( "os" "path" "regexp" + "slices" "strings" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/analyzer/pkg/dpkg/dpkg.go b/pkg/fanal/analyzer/pkg/dpkg/dpkg.go index a83592e82523..1d8435ecb686 100644 --- a/pkg/fanal/analyzer/pkg/dpkg/dpkg.go +++ b/pkg/fanal/analyzer/pkg/dpkg/dpkg.go @@ -11,12 +11,12 @@ import ( "os" "path/filepath" "regexp" + "slices" "sort" "strings" debVersion "github.com/knqyf263/go-deb-version" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/digest" diff --git a/pkg/fanal/analyzer/pkg/rpm/rpm.go b/pkg/fanal/analyzer/pkg/rpm/rpm.go index 70d5b9dcd26a..70d4de217418 100644 --- a/pkg/fanal/analyzer/pkg/rpm/rpm.go +++ b/pkg/fanal/analyzer/pkg/rpm/rpm.go @@ -6,12 +6,12 @@ import ( "io" "os" "path/filepath" + "slices" "sort" "strings" rpmdb "github.com/knqyf263/go-rpmdb/pkg" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/digest" diff --git a/pkg/fanal/analyzer/pkg/rpm/rpmqa.go b/pkg/fanal/analyzer/pkg/rpm/rpmqa.go index 83b06f16823b..55f4feaa9232 100644 --- a/pkg/fanal/analyzer/pkg/rpm/rpmqa.go +++ b/pkg/fanal/analyzer/pkg/rpm/rpmqa.go @@ -4,9 +4,9 @@ import ( "bufio" "context" "os" + "slices" "strings" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/analyzer/repo/apk/apk.go b/pkg/fanal/analyzer/repo/apk/apk.go index 454710d6841b..cdbc23d5e076 100644 --- a/pkg/fanal/analyzer/repo/apk/apk.go +++ b/pkg/fanal/analyzer/repo/apk/apk.go @@ -5,8 +5,8 @@ import ( "context" "os" "regexp" + "slices" - "golang.org/x/exp/slices" "golang.org/x/xerrors" ver "github.com/aquasecurity/go-version/pkg/version" diff --git a/pkg/fanal/analyzer/secret/secret.go b/pkg/fanal/analyzer/secret/secret.go index bbce32af326e..cad32e00ad8f 100644 --- a/pkg/fanal/analyzer/secret/secret.go +++ b/pkg/fanal/analyzer/secret/secret.go @@ -7,10 +7,10 @@ import ( "io" "os" "path/filepath" + "slices" "strings" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" @@ -34,10 +34,26 @@ var ( "Pipfile.lock", "Gemfile.lock", } - skipDirs = []string{".git", "node_modules"} + skipDirs = []string{ + ".git", + "node_modules", + } skipExts = []string{ - ".jpg", ".png", ".gif", ".doc", ".pdf", ".bin", ".svg", ".socket", ".deb", ".rpm", - ".zip", ".gz", ".gzip", ".tar", ".pyc", + ".jpg", + ".png", + ".gif", + ".doc", + ".pdf", + ".bin", + ".svg", + ".socket", + ".deb", + ".rpm", + ".zip", + ".gz", + ".gzip", + ".tar", + ".pyc", } ) diff --git a/pkg/fanal/artifact/image/image.go b/pkg/fanal/artifact/image/image.go index 08b61de1b228..c4491eaa90ab 100644 --- a/pkg/fanal/artifact/image/image.go +++ b/pkg/fanal/artifact/image/image.go @@ -6,12 +6,12 @@ import ( "io" "os" "reflect" + "slices" "strings" "sync" v1 "github.com/google/go-containerregistry/pkg/v1" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/artifact/image/remote_sbom.go b/pkg/fanal/artifact/image/remote_sbom.go index 8a386546c07a..37303a9f7b05 100644 --- a/pkg/fanal/artifact/image/remote_sbom.go +++ b/pkg/fanal/artifact/image/remote_sbom.go @@ -6,11 +6,11 @@ import ( "fmt" "os" "path/filepath" + "slices" "github.com/google/go-containerregistry/pkg/name" v1 "github.com/google/go-containerregistry/pkg/v1" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" sbomatt "github.com/aquasecurity/trivy/pkg/attestation/sbom" diff --git a/pkg/fanal/handler/handler.go b/pkg/fanal/handler/handler.go index 10ce085b3547..84629b66e242 100644 --- a/pkg/fanal/handler/handler.go +++ b/pkg/fanal/handler/handler.go @@ -2,9 +2,9 @@ package handler import ( "context" + "slices" "sort" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/fanal/handler/sysfile/filter.go b/pkg/fanal/handler/sysfile/filter.go index 5222049c0d16..cbe1e84f18d4 100644 --- a/pkg/fanal/handler/sysfile/filter.go +++ b/pkg/fanal/handler/sysfile/filter.go @@ -2,10 +2,9 @@ package nodejs import ( "context" + "slices" "strings" - "golang.org/x/exp/slices" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" "github.com/aquasecurity/trivy/pkg/fanal/artifact" "github.com/aquasecurity/trivy/pkg/fanal/handler" diff --git a/pkg/fanal/handler/unpackaged/unpackaged.go b/pkg/fanal/handler/unpackaged/unpackaged.go index 119cae3e7dad..ed380de49cb0 100644 --- a/pkg/fanal/handler/unpackaged/unpackaged.go +++ b/pkg/fanal/handler/unpackaged/unpackaged.go @@ -4,8 +4,8 @@ import ( "bytes" "context" "errors" + "slices" - "golang.org/x/exp/slices" "golang.org/x/xerrors" sbomatt "github.com/aquasecurity/trivy/pkg/attestation/sbom" diff --git a/pkg/fanal/secret/scanner.go b/pkg/fanal/secret/scanner.go index 51ac0db707a8..cc022bb82db4 100644 --- a/pkg/fanal/secret/scanner.go +++ b/pkg/fanal/secret/scanner.go @@ -5,12 +5,12 @@ import ( "errors" "os" "regexp" + "slices" "sort" "strings" "sync" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "gopkg.in/yaml.v3" diff --git a/pkg/fanal/walker/fs_test.go b/pkg/fanal/walker/fs_test.go index 2b7b2117afb1..6eec99571073 100644 --- a/pkg/fanal/walker/fs_test.go +++ b/pkg/fanal/walker/fs_test.go @@ -6,12 +6,12 @@ import ( "os" "path/filepath" "runtime" + "slices" "strings" "testing" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "golang.org/x/exp/slices" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" "github.com/aquasecurity/trivy/pkg/fanal/walker" diff --git a/pkg/fanal/walker/vm.go b/pkg/fanal/walker/vm.go index 6ff32564cc0d..5d7336f1623c 100644 --- a/pkg/fanal/walker/vm.go +++ b/pkg/fanal/walker/vm.go @@ -5,13 +5,13 @@ import ( "io" "io/fs" "path/filepath" + "slices" "strings" "github.com/masahiro331/go-disk" "github.com/masahiro331/go-disk/gpt" "github.com/masahiro331/go-disk/mbr" "github.com/masahiro331/go-disk/types" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/vm/filesystem" diff --git a/pkg/flag/options.go b/pkg/flag/options.go index 69b3585226cc..3777bed507fb 100644 --- a/pkg/flag/options.go +++ b/pkg/flag/options.go @@ -5,6 +5,7 @@ import ( "fmt" "io" "os" + "slices" "strings" "sync" "time" @@ -14,7 +15,6 @@ import ( "github.com/spf13/cobra" "github.com/spf13/pflag" "github.com/spf13/viper" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/flag/report_flags.go b/pkg/flag/report_flags.go index d359f1f1b5b6..ce833cc1b13e 100644 --- a/pkg/flag/report_flags.go +++ b/pkg/flag/report_flags.go @@ -1,11 +1,11 @@ package flag import ( + "slices" "strings" "github.com/mattn/go-shellwords" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" diff --git a/pkg/iac/adapters/cloudformation/aws/ec2/security_group.go b/pkg/iac/adapters/cloudformation/aws/ec2/security_group.go index 6de47f302682..6770062affb2 100644 --- a/pkg/iac/adapters/cloudformation/aws/ec2/security_group.go +++ b/pkg/iac/adapters/cloudformation/aws/ec2/security_group.go @@ -1,7 +1,7 @@ package ec2 import ( - "golang.org/x/exp/maps" + "github.com/samber/lo" "github.com/aquasecurity/trivy/pkg/iac/providers/aws/ec2" "github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser" @@ -43,7 +43,7 @@ func getSecurityGroups(ctx parser.FileContext) []ec2.SecurityGroup { } if len(mGroups) > 0 { - return maps.Values(mGroups) + return lo.Values(mGroups) } return nil } diff --git a/pkg/iac/adapters/terraform/google/iam/adapt.go b/pkg/iac/adapters/terraform/google/iam/adapt.go index e63f9f272d7d..1dcc8a4cec68 100644 --- a/pkg/iac/adapters/terraform/google/iam/adapt.go +++ b/pkg/iac/adapters/terraform/google/iam/adapt.go @@ -1,7 +1,7 @@ package iam import ( - "golang.org/x/exp/maps" + "github.com/samber/lo" "github.com/aquasecurity/trivy/pkg/iac/providers/google/iam" "github.com/aquasecurity/trivy/pkg/iac/terraform" @@ -36,9 +36,9 @@ func (a *adapter) Adapt() iam.IAM { func (a *adapter) buildIAMOutput() iam.IAM { return iam.IAM{ - Organizations: fromPtrSlice(maps.Values(a.orgs)), - Folders: fromPtrSlice(maps.Values(a.folders)), - Projects: fromPtrSlice(maps.Values(a.projects)), + Organizations: fromPtrSlice(lo.Values(a.orgs)), + Folders: fromPtrSlice(lo.Values(a.folders)), + Projects: fromPtrSlice(lo.Values(a.projects)), WorkloadIdentityPoolProviders: a.workloadIdentityPoolProviders, } } diff --git a/pkg/iac/scanners/azure/value.go b/pkg/iac/scanners/azure/value.go index c511517b0a57..0adc02b84268 100644 --- a/pkg/iac/scanners/azure/value.go +++ b/pkg/iac/scanners/azure/value.go @@ -1,11 +1,10 @@ package azure import ( + "slices" "strings" "time" - "golang.org/x/exp/slices" - armjson2 "github.com/aquasecurity/trivy/pkg/iac/scanners/azure/arm/parser/armjson" "github.com/aquasecurity/trivy/pkg/iac/types" ) @@ -249,7 +248,13 @@ func (v Value) AsBoolValue(defaultValue bool, metadata types.Metadata) types.Boo v.Resolve() if v.Kind == KindString { possibleValue := strings.ToLower(v.rLit.(string)) - if slices.Contains([]string{"true", "1", "yes", "on", "enabled"}, possibleValue) { + if slices.Contains([]string{ + "true", + "1", + "yes", + "on", + "enabled", + }, possibleValue) { return types.Bool(true, metadata) } } diff --git a/pkg/iac/scanners/terraform/parser/evaluator.go b/pkg/iac/scanners/terraform/parser/evaluator.go index b93104f442cc..bf3e4f4ffc13 100644 --- a/pkg/iac/scanners/terraform/parser/evaluator.go +++ b/pkg/iac/scanners/terraform/parser/evaluator.go @@ -5,13 +5,13 @@ import ( "errors" "io/fs" "reflect" + "slices" "github.com/hashicorp/hcl/v2" "github.com/hashicorp/hcl/v2/ext/typeexpr" "github.com/samber/lo" "github.com/zclconf/go-cty/cty" "github.com/zclconf/go-cty/cty/convert" - "golang.org/x/exp/slices" "github.com/aquasecurity/trivy/pkg/iac/debug" "github.com/aquasecurity/trivy/pkg/iac/ignore" @@ -273,7 +273,12 @@ func (e *evaluator) expandDynamicBlock(b *terraform.Block) { } func isBlockSupportsForEachMetaArgument(block *terraform.Block) bool { - return slices.Contains([]string{"module", "resource", "data", "dynamic"}, block.Type()) + return slices.Contains([]string{ + "module", + "resource", + "data", + "dynamic", + }, block.Type()) } func (e *evaluator) expandBlockForEaches(blocks terraform.Blocks, isDynamic bool) terraform.Blocks { @@ -357,7 +362,11 @@ func (e *evaluator) expandBlockForEaches(blocks terraform.Blocks, isDynamic bool } func isBlockSupportsCountMetaArgument(block *terraform.Block) bool { - return slices.Contains([]string{"module", "resource", "data"}, block.Type()) + return slices.Contains([]string{ + "module", + "resource", + "data", + }, block.Type()) } func (e *evaluator) expandBlockCounts(blocks terraform.Blocks) terraform.Blocks { diff --git a/pkg/iac/scanners/terraform/parser/modules_test.go b/pkg/iac/scanners/terraform/parser/modules_test.go index 404a1effcfb1..29dcaa7c39af 100644 --- a/pkg/iac/scanners/terraform/parser/modules_test.go +++ b/pkg/iac/scanners/terraform/parser/modules_test.go @@ -8,7 +8,6 @@ import ( "github.com/samber/lo" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "golang.org/x/exp/maps" "github.com/aquasecurity/trivy/internal/testutil" ) @@ -43,7 +42,10 @@ module "this" { source = "../modules/s3" }`, }, - expected: []string{"code", "code/example"}, + expected: []string{ + "code", + "code/example", + }, }, { name: "without module block", @@ -51,7 +53,10 @@ module "this" { "code/infra1/main.tf": `resource "test" "this" {}`, "code/infra2/main.tf": `resource "test" "this" {}`, }, - expected: []string{"code/infra1", "code/infra2"}, + expected: []string{ + "code/infra1", + "code/infra2", + }, }, } @@ -60,7 +65,7 @@ module "this" { fsys := testutil.CreateFS(t, tt.files) parser := New(fsys, "", OptionStopOnHCLError(true)) - modules := lo.Map(maps.Keys(tt.files), func(p string, _ int) string { + modules := lo.Map(lo.Keys(tt.files), func(p string, _ int) string { return path.Dir(p) }) diff --git a/pkg/k8s/report/report.go b/pkg/k8s/report/report.go index 1db95394514e..e71c218bf864 100644 --- a/pkg/k8s/report/report.go +++ b/pkg/k8s/report/report.go @@ -4,10 +4,10 @@ import ( "errors" "fmt" "io" + "slices" "strings" - "golang.org/x/exp/maps" - "golang.org/x/exp/slices" + "github.com/samber/lo" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "github.com/aquasecurity/trivy-kubernetes/pkg/artifacts" @@ -114,7 +114,7 @@ func (r Report) consolidate() ConsolidatedReport { index[key] = v } - consolidated.Findings = maps.Values(index) + consolidated.Findings = lo.Values(index) return consolidated } diff --git a/pkg/k8s/report/summary.go b/pkg/k8s/report/summary.go index a637a55cbd0d..9a3d6ee39371 100644 --- a/pkg/k8s/report/summary.go +++ b/pkg/k8s/report/summary.go @@ -3,11 +3,11 @@ package report import ( "fmt" "io" + "slices" "sort" "strconv" "strings" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/table" diff --git a/pkg/k8s/scanner/scanner_test.go b/pkg/k8s/scanner/scanner_test.go index c17b0e622ca2..3de4f0429ef5 100644 --- a/pkg/k8s/scanner/scanner_test.go +++ b/pkg/k8s/scanner/scanner_test.go @@ -6,9 +6,9 @@ import ( "testing" "github.com/package-url/packageurl-go" + "github.com/samber/lo" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "golang.org/x/exp/maps" "github.com/aquasecurity/trivy-kubernetes/pkg/artifacts" cmd "github.com/aquasecurity/trivy/pkg/commands/artifact" @@ -284,7 +284,7 @@ func TestScanner_Scan(t *testing.T) { got, err := scanner.Scan(ctx, tt.artifacts) require.NoError(t, err) - gotComponents := maps.Values(got.BOM.Components()) + gotComponents := lo.Values(got.BOM.Components()) require.Equal(t, len(tt.wantComponents), len(gotComponents)) sort.Slice(gotComponents, func(i, j int) bool { diff --git a/pkg/licensing/expression/types.go b/pkg/licensing/expression/types.go index f5315f4ffb0f..f344c610ab4d 100644 --- a/pkg/licensing/expression/types.go +++ b/pkg/licensing/expression/types.go @@ -2,8 +2,7 @@ package expression import ( "fmt" - - "golang.org/x/exp/slices" + "slices" "github.com/aquasecurity/trivy/pkg/licensing" ) diff --git a/pkg/licensing/scanner.go b/pkg/licensing/scanner.go index b246a05b3a01..100358a5af6c 100644 --- a/pkg/licensing/scanner.go +++ b/pkg/licensing/scanner.go @@ -1,7 +1,7 @@ package licensing import ( - "golang.org/x/exp/slices" + "slices" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "github.com/aquasecurity/trivy/pkg/fanal/types" diff --git a/pkg/mapfs/fs.go b/pkg/mapfs/fs.go index c809f394b6fd..4cba59263c37 100644 --- a/pkg/mapfs/fs.go +++ b/pkg/mapfs/fs.go @@ -6,10 +6,10 @@ import ( "io/fs" "os" "path/filepath" + "slices" "strings" "time" - "golang.org/x/exp/slices" "golang.org/x/xerrors" xsync "github.com/aquasecurity/trivy/pkg/x/sync" diff --git a/pkg/module/module.go b/pkg/module/module.go index a37790941f79..69eb35df2c0b 100644 --- a/pkg/module/module.go +++ b/pkg/module/module.go @@ -8,13 +8,13 @@ import ( "os" "path/filepath" "regexp" + "slices" "sync" "github.com/samber/lo" "github.com/tetratelabs/wazero" "github.com/tetratelabs/wazero/api" wasi "github.com/tetratelabs/wazero/imports/wasi_snapshot_preview1" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" diff --git a/pkg/rekor/client.go b/pkg/rekor/client.go index d7b0a35dd781..d748166d6d7f 100644 --- a/pkg/rekor/client.go +++ b/pkg/rekor/client.go @@ -3,6 +3,7 @@ package rekor import ( "context" "net/url" + "slices" httptransport "github.com/go-openapi/runtime/client" "github.com/go-openapi/strfmt" @@ -10,7 +11,6 @@ import ( eclient "github.com/sigstore/rekor/pkg/generated/client/entries" "github.com/sigstore/rekor/pkg/generated/client/index" "github.com/sigstore/rekor/pkg/generated/models" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/log" diff --git a/pkg/report/table/table.go b/pkg/report/table/table.go index 51ee946e3814..8bfa75922013 100644 --- a/pkg/report/table/table.go +++ b/pkg/report/table/table.go @@ -6,10 +6,10 @@ import ( "io" "os" "runtime" + "slices" "strings" "github.com/fatih/color" - "golang.org/x/exp/slices" "github.com/aquasecurity/table" "github.com/aquasecurity/tml" diff --git a/pkg/report/table/vulnerability.go b/pkg/report/table/vulnerability.go index 562f667c8498..03435fd92b96 100644 --- a/pkg/report/table/vulnerability.go +++ b/pkg/report/table/vulnerability.go @@ -4,14 +4,13 @@ import ( "bytes" "fmt" "path/filepath" + "slices" "sort" "strings" "sync" "github.com/samber/lo" "github.com/xlab/treeprint" - "golang.org/x/exp/maps" - "golang.org/x/exp/slices" "github.com/aquasecurity/table" "github.com/aquasecurity/tml" @@ -288,7 +287,7 @@ func addParents(topItem treeprint.Tree, pkg ftypes.Package, parentMap map[string } // Omitted - rootIDs := lo.Filter(maps.Keys(roots), func(pkgID string, _ int) bool { + rootIDs := lo.Filter(lo.Keys(roots), func(pkgID string, _ int) bool { _, ok := seen[pkgID] return !ok }) @@ -338,7 +337,7 @@ func findAncestor(pkgID string, parentMap map[string]ftypes.Packages, seen map[s } } } - return maps.Keys(ancestors) + return lo.Keys(ancestors) } var jarExtensions = []string{ diff --git a/pkg/result/filter.go b/pkg/result/filter.go index 936ad8272b12..7d4ead524ccc 100644 --- a/pkg/result/filter.go +++ b/pkg/result/filter.go @@ -5,12 +5,11 @@ import ( "fmt" "os" "path/filepath" + "slices" "sort" "github.com/open-policy-agent/opa/rego" "github.com/samber/lo" - "golang.org/x/exp/maps" - "golang.org/x/exp/slices" "golang.org/x/xerrors" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" @@ -135,7 +134,7 @@ func filterVulnerabilities(result *types.Result, severities []string, ignoreStat } // Override the detected vulnerabilities - result.Vulnerabilities = maps.Values(uniqVulns) + result.Vulnerabilities = lo.Values(uniqVulns) if len(result.Vulnerabilities) == 0 { result.Vulnerabilities = nil } diff --git a/pkg/sbom/io/decode.go b/pkg/sbom/io/decode.go index 917684962d20..707ed9a4c8dc 100644 --- a/pkg/sbom/io/decode.go +++ b/pkg/sbom/io/decode.go @@ -10,7 +10,7 @@ import ( debver "github.com/knqyf263/go-deb-version" rpmver "github.com/knqyf263/go-rpm-version" "github.com/package-url/packageurl-go" - "golang.org/x/exp/maps" + "github.com/samber/lo" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/dependency" @@ -363,7 +363,7 @@ func (m *Decoder) addOrphanPkgs(sbom *types.SBOM) error { } if len(osPkgMap) > 1 { - return xerrors.Errorf("multiple types of OS packages in SBOM are not supported (%q)", maps.Keys(osPkgMap)) + return xerrors.Errorf("multiple types of OS packages in SBOM are not supported (%q)", lo.Keys(osPkgMap)) } // Add OS packages only when OS is detected. diff --git a/pkg/sbom/spdx/marshal.go b/pkg/sbom/spdx/marshal.go index 5923a5b34800..1c4a84d60109 100644 --- a/pkg/sbom/spdx/marshal.go +++ b/pkg/sbom/spdx/marshal.go @@ -3,6 +3,7 @@ package spdx import ( "context" "fmt" + "slices" "sort" "strings" "time" @@ -13,7 +14,6 @@ import ( "github.com/spdx/tools-golang/spdx" "github.com/spdx/tools-golang/spdx/v2/common" spdxutils "github.com/spdx/tools-golang/utils" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/clock" diff --git a/pkg/scanner/local/scan.go b/pkg/scanner/local/scan.go index 9a73ad97dbfa..475fc1540086 100644 --- a/pkg/scanner/local/scan.go +++ b/pkg/scanner/local/scan.go @@ -4,13 +4,13 @@ import ( "context" "errors" "fmt" + "slices" "sort" "strings" "sync" "github.com/google/wire" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/xerrors" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" diff --git a/pkg/types/target.go b/pkg/types/target.go index 26386b9d2429..bb2dce90fc52 100644 --- a/pkg/types/target.go +++ b/pkg/types/target.go @@ -1,7 +1,7 @@ package types import ( - "golang.org/x/exp/slices" + "slices" ) // VulnType represents vulnerability type diff --git a/pkg/utils/fsutils/fs.go b/pkg/utils/fsutils/fs.go index 6d0502d8cc18..c4f9c75cc9fc 100644 --- a/pkg/utils/fsutils/fs.go +++ b/pkg/utils/fsutils/fs.go @@ -7,8 +7,8 @@ import ( "io/fs" "os" "path/filepath" + "slices" - "golang.org/x/exp/slices" "golang.org/x/xerrors" "github.com/aquasecurity/trivy/pkg/log" diff --git a/pkg/x/path/path.go b/pkg/x/path/path.go index 8bf5e335365b..d7c66ecadc8b 100644 --- a/pkg/x/path/path.go +++ b/pkg/x/path/path.go @@ -1,9 +1,8 @@ package path import ( + "slices" "strings" - - "golang.org/x/exp/slices" ) // Contains reports whether the path contains the subpath. From 2e5cc1f9462ff96615fa9494dcd7d4bbac210067 Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Wed, 19 Jun 2024 14:56:20 +0400 Subject: [PATCH 3/4] refactor(pom): replace package Signed-off-by: knqyf263 --- pkg/dependency/parser/java/pom/parse.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/dependency/parser/java/pom/parse.go b/pkg/dependency/parser/java/pom/parse.go index 141ebbee0f7c..e905196b6fff 100644 --- a/pkg/dependency/parser/java/pom/parse.go +++ b/pkg/dependency/parser/java/pom/parse.go @@ -9,12 +9,12 @@ import ( "os" "path" "path/filepath" + "slices" "sort" "strings" multierror "github.com/hashicorp/go-multierror" "github.com/samber/lo" - "golang.org/x/exp/slices" "golang.org/x/net/html/charset" "golang.org/x/xerrors" From 4ea60166af7eabaf0a5e165eb7a6aedc8e2d041a Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Wed, 19 Jun 2024 15:03:39 +0400 Subject: [PATCH 4/4] go mod tidy Signed-off-by: knqyf263 --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 97bc846086a5..1feb4197a695 100644 --- a/go.mod +++ b/go.mod @@ -119,7 +119,7 @@ require ( github.com/zclconf/go-cty-yaml v1.0.3 go.etcd.io/bbolt v1.3.10 golang.org/x/crypto v0.24.0 - golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa + golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect golang.org/x/mod v0.17.0 golang.org/x/net v0.26.0 golang.org/x/sync v0.7.0