feat(scan): WordPress Vulnerability Scan (core, plugin, theme) (#769)

https://github.com/future-architect/vuls/pull/769

gost/debian.go

@@ -147,7 +147,7 @@ func (deb Debian) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, e
 			}
 
 			for _, name := range names {
-				v.AffectedPackages = v.AffectedPackages.Store(models.PackageStatus{
+				v.AffectedPackages = v.AffectedPackages.Store(models.PackageFixStatus{
 					Name:        name,
 					FixState:    "open",
 					NotFixedYet: true,

gost/gost.go

@@ -26,6 +26,7 @@ import (
 	"github.com/future-architect/vuls/models"
 	"github.com/knqyf263/gost/db"
 	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
 )
 
 // Client is the interface of OVAL client.
@@ -71,8 +72,7 @@ func (b Base) CheckHTTPHealth() error {
 	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
 	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
 	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-		return fmt.Errorf("Failed to connect to gost server. url: %s, errs: %v",
-			url, errs)
+		return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %w", url, errs)
 	}
 	return nil
 }

gost/gost_test.go

@@ -14,7 +14,7 @@ func TestSetPackageStates(t *testing.T) {
 		installed models.Packages
 		release   string
 		in        models.VulnInfo
-		out       models.PackageStatuses
+		out       models.PackageFixStatuses
 	}{
 
 		//0 one
@@ -31,7 +31,7 @@ func TestSetPackageStates(t *testing.T) {
 			},
 			release: "7",
 			in:      models.VulnInfo{},
-			out: []models.PackageStatus{
+			out: []models.PackageFixStatus{
 				{
 					Name:        "bouncycastle",
 					FixState:    "Will not fix",
@@ -66,7 +66,7 @@ func TestSetPackageStates(t *testing.T) {
 			},
 			release: "7",
 			in:      models.VulnInfo{},
-			out: []models.PackageStatus{
+			out: []models.PackageFixStatus{
 				{
 					Name:        "bouncycastle",
 					FixState:    "Will not fix",
@@ -94,9 +94,9 @@ func TestSetPackageStates(t *testing.T) {
 			},
 			release: "7",
 			in: models.VulnInfo{
-				AffectedPackages: models.PackageStatuses{},
+				AffectedPackages: models.PackageFixStatuses{},
 			},
-			out: models.PackageStatuses{},
+			out: models.PackageFixStatuses{},
 		},
 
 		//3 look only the same os release.
@@ -113,9 +113,9 @@ func TestSetPackageStates(t *testing.T) {
 			},
 			release: "7",
 			in: models.VulnInfo{
-				AffectedPackages: models.PackageStatuses{},
+				AffectedPackages: models.PackageFixStatuses{},
 			},
-			out: models.PackageStatuses{},
+			out: models.PackageFixStatuses{},
 		},
 	}
 

gost/redhat.go

@@ -191,7 +191,7 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, er
 	return nCVEs, nil
 }
 
-func (red RedHat) mergePackageStates(v models.VulnInfo, ps []gostmodels.RedhatPackageState, installed models.Packages, release string) (pkgStats models.PackageStatuses) {
+func (red RedHat) mergePackageStates(v models.VulnInfo, ps []gostmodels.RedhatPackageState, installed models.Packages, release string) (pkgStats models.PackageFixStatuses) {
 	pkgStats = v.AffectedPackages
 	for _, pstate := range ps {
 		if pstate.Cpe !=
@@ -214,7 +214,7 @@ func (red RedHat) mergePackageStates(v models.VulnInfo, ps []gostmodels.RedhatPa
 			notFixedYet = true
 		}
 
-		pkgStats = pkgStats.Store(models.PackageStatus{
+		pkgStats = pkgStats.Store(models.PackageFixStatus{
 			Name:        pstate.PackageName,
 			FixState:    pstate.FixState,
 			NotFixedYet: notFixedYet,

gost/util.go

@@ -18,7 +18,6 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package gost
 
 import (
-	"fmt"
 	"net/http"
 	"time"
 
@@ -26,6 +25,7 @@ import (
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
 	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
 )
 
 type response struct {
@@ -80,11 +80,11 @@ func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
 		case err := <-errChan:
 			errs = append(errs, err)
 		case <-timeout:
-			return nil, fmt.Errorf("Timeout Fetching OVAL")
+			return nil, xerrors.New("Timeout Fetching OVAL")
 		}
 	}
 	if len(errs) != 0 {
-		return nil, fmt.Errorf("Failed to fetch OVAL. err: %v", errs)
+		return nil, xerrors.Errorf("Failed to fetch OVAL. err: %w", errs)
 	}
 	return
 }
@@ -154,11 +154,11 @@ func getAllUnfixedCvesViaHTTP(r *models.ScanResult, urlPrefix string) (
 		case err := <-errChan:
 			errs = append(errs, err)
 		case <-timeout:
-			return nil, fmt.Errorf("Timeout Fetching OVAL")
+			return nil, xerrors.New("Timeout Fetching OVAL")
 		}
 	}
 	if len(errs) != 0 {
-		return nil, fmt.Errorf("Failed to fetch OVAL. err: %v", errs)
+		return nil, xerrors.Errorf("Failed to fetch OVAL. err: %w", errs)
 	}
 	return
 }
@@ -176,8 +176,7 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er
 			if count == retryMax {
 				return nil
 			}
-			return fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v",
-				errs, url, resp)
+			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
 		}
 		return nil
 	}
@@ -186,11 +185,11 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er
 	}
 	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
 	if err != nil {
-		errChan <- fmt.Errorf("HTTP Error %s", err)
+		errChan <- xerrors.Errorf("HTTP Error %w", err)
 		return
 	}
 	if count == retryMax {
-		errChan <- fmt.Errorf("HRetry count exceeded")
+		errChan <- xerrors.New("Retry count exceeded")
 		return
 	}