feat(PackageURL):add package URL for library scan result (#1862)

* add: package url in model.Library * feat(trivy-to-vuls): add purl for library scan result * feat(scanner/library): add purl for lockfile scan result * fix: model.Library test * fix: trivy-to-vuls test data * fix: panic case to generate purl * fix: add blank line * fix: trivy-to-vuls for using Trivy version 0.49.0 or earlier * fix: remove comment * fix: remove print * fix: testcase for Package.Identifier does not exist version * fix: add blank line * fix: expected libs * fix: PackageURL -> PURL * fix: blank line
2024-03-06 23:21:15 -08:00
parent bf14b5f61f
commit be7b9114cc
5 changed files with 67 additions and 4 deletions
--- a/contrib/trivy/pkg/converter.go
+++ b/contrib/trivy/pkg/converter.go
@@ -149,6 +149,7 @@ func Convert(results types.Results) (result *models.ScanResult, err error) {
 				libScanner.Libs = append(libScanner.Libs, models.Library{
 					Name:     p.Name,
 					Version:  p.Version,
+					PURL:     getPURL(p),
 					FilePath: p.FilePath,
 				})
 			}
@@ -214,3 +215,10 @@ func isTrivySupportedOS(family ftypes.TargetType) bool {
 	_, ok := supportedFamilies[family]
 	return ok
 }
+
+func getPURL(p ftypes.Package) string {
+	if p.Identifier.PURL == nil {
+		return ""
+	}
+	return p.Identifier.PURL.String()
+}