(path string)
| 33 | } |
| 34 | |
| 35 | func PackageKnownVulnerabilities(path string) []string { |
| 36 | cmd := Command("eval", path+".meta.knownVulnerabilities") |
| 37 | out, err := cmd.Output(context.TODO()) |
| 38 | if err != nil { |
| 39 | // We can't know for sure, but probably not. |
| 40 | return nil |
| 41 | } |
| 42 | var vulnerabilities []string |
| 43 | if err := json.Unmarshal(out, &vulnerabilities); err != nil { |
| 44 | // We can't know for sure, but probably not. |
| 45 | return nil |
| 46 | } |
| 47 | return vulnerabilities |
| 48 | } |
| 49 | |
| 50 | // Eval is raw nix eval. Needs to be parsed. Useful for stuff like |
| 51 | // nix eval --raw nixpkgs/9ef09e06806e79e32e30d17aee6879d69c011037#fuse3 |
no test coverage detected