osvsByModule runs a govulncheck database query.
(ctx context.Context, db, moduleVersion string)
| 333 | |
| 334 | // osvsByModule runs a govulncheck database query. |
| 335 | func osvsByModule(ctx context.Context, db, moduleVersion string) ([]*osv.Entry, error) { |
| 336 | var args []string |
| 337 | args = append(args, "-mode=query", "-json") |
| 338 | if db != "" { |
| 339 | args = append(args, "-db="+db) |
| 340 | } |
| 341 | args = append(args, moduleVersion) |
| 342 | |
| 343 | ir, iw := io.Pipe() |
| 344 | handler := &osvReader{} |
| 345 | |
| 346 | var g errgroup.Group |
| 347 | g.Go(func() error { |
| 348 | defer iw.Close() // scan API doesn't close cmd.Stderr/cmd.Stdout. |
| 349 | cmd := scan.Command(ctx, args...) |
| 350 | cmd.Stdout = iw |
| 351 | // TODO(hakim): Do we need to set cmd.Env = getEnvSlices(), |
| 352 | // or is the process environment good enough? |
| 353 | if err := cmd.Start(); err != nil { |
| 354 | return err |
| 355 | } |
| 356 | return cmd.Wait() |
| 357 | }) |
| 358 | g.Go(func() error { |
| 359 | return govulncheck.HandleJSON(ir, handler) |
| 360 | }) |
| 361 | |
| 362 | if err := g.Wait(); err != nil { |
| 363 | return nil, err |
| 364 | } |
| 365 | return handler.entry, nil |
| 366 | } |
| 367 | |
| 368 | // osvReader implements govulncheck.Handler. |
| 369 | type osvReader struct { |
no test coverage detected
searching dependent graphs…