From 9ecb5ce1cfa006f7160c1231e79d8667700cb53e Mon Sep 17 00:00:00 2001 From: acmarr Date: Fri, 8 Nov 2024 10:18:46 -0800 Subject: [PATCH] NVSHAS-9620 change go version to 1.22.7 remove overly verbose suse fetcher logging --- go.mod | 7 +++++-- go.sum | 4 ---- updater/fetchers/suse/suse.go | 7 ------- 3 files changed, 5 insertions(+), 13 deletions(-) diff --git a/go.mod b/go.mod index b852756..0515b72 100644 --- a/go.mod +++ b/go.mod @@ -1,11 +1,14 @@ module github.com/vul-dbgen -go 1.14 +go 1.22.7 require ( github.com/k3a/html2text v1.0.8 github.com/sirupsen/logrus v1.8.1 + gopkg.in/yaml.v2 v2.4.0 +) + +require ( github.com/stretchr/testify v1.7.0 // indirect golang.org/x/sys v0.0.0-20211019181941-9d821ace8654 // indirect - gopkg.in/yaml.v2 v2.4.0 ) diff --git a/go.sum b/go.sum index ba6b1d3..853f9d7 100644 --- a/go.sum +++ b/go.sum @@ -15,17 +15,13 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykE github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/streadway/simpleuuid v0.0.0-20130420165545-6617b501e485 h1:tvEO2/Btzw9L4N2VlAHD7AXjk1g1yFTwbGEm8dz7QWY= -github.com/streadway/simpleuuid v0.0.0-20130420165545-6617b501e485/go.mod h1:fMlyZAyOBbIsA9SgKX9V3X8DvF+5ImkZ+Z1HZcmo8Ec= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654 h1:id054HUawV2/6IGm2IV8KZQjqtwAOo2CYlOToYqa0d0= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/updater/fetchers/suse/suse.go b/updater/fetchers/suse/suse.go index 1bb15db..4851274 100644 --- a/updater/fetchers/suse/suse.go +++ b/updater/fetchers/suse/suse.go @@ -237,8 +237,6 @@ func parseOVAL(o *ovalInfo, ovalReader io.Reader) ([]common.Vulnerability, error vulnerability.CVEs = append(vulnerability.CVEs, common.CVE{ Name: cve, }) - } else { - log.WithFields(log.Fields{"definition": definition.Title, "id": r.ID}).Debug("defintion entry missing cve ID") } } if vulnerability.IssuedDate.IsZero() { @@ -254,7 +252,6 @@ func parseOVAL(o *ovalInfo, ovalReader io.Reader) ([]common.Vulnerability, error // } } } - return vulnerabilities, nil } @@ -371,8 +368,6 @@ func parsePackageVersions(o *ovalInfo, cvename string, criteria criteria, testMa } else { fv.Feature.Namespace = fmt.Sprintf("%s%s", o.nsPrefix, ti.version) } - } else { - log.WithFields(log.Fields{"cve": cvename, "test": c.TestRef}).Warn("Failed locate test record") } } else if !strings.HasPrefix(c.Comment, "SUSE") && (strings.Contains(c.Comment, " is installed") || strings.Contains(c.Comment, " is not affected")) { // This is the package line @@ -384,8 +379,6 @@ func parsePackageVersions(o *ovalInfo, cvename string, criteria criteria, testMa fv.Version = ti.version fv.Feature.Name = ti.name - } else { - log.WithFields(log.Fields{"cve": cvename, "test": c.TestRef}).Warn("Failed locate test record") } } }