diff --git a/cve-vulner-manager/controllers/file.go b/cve-vulner-manager/controllers/file.go index e05da7f3616e74edb4aed587bd34bcb2aaeb0ee3..72dd9a09a32a3687a668d7c3a1cfd23213ed524c 100644 --- a/cve-vulner-manager/controllers/file.go +++ b/cve-vulner-manager/controllers/file.go @@ -14,6 +14,7 @@ import ( "time" "cvevulner/common" + "cvevulner/cve-ddd/adapter" "cvevulner/models" "cvevulner/taskhandler" "cvevulner/util" @@ -203,6 +204,8 @@ func (f *FileController) TriggerCveData() { // Return the result first, continue processing the data UpdateLimitTriggerSa(nameStr, 1) GenUpdateInfoXmlFile(updateInfoSlice, dir, cves) + // process hot patch + adapter.NewHotPatchAdapter().Process() } // Generate updateinfo xml file diff --git a/cve-vulner-manager/cve-ddd/adapter/hotpatch.go b/cve-vulner-manager/cve-ddd/adapter/hotpatch.go new file mode 100644 index 0000000000000000000000000000000000000000..8766c32de1baf8bfb76b004b4403f357b9e37e20 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/adapter/hotpatch.go @@ -0,0 +1,165 @@ +package adapter + +import ( + "encoding/json" + "errors" + "fmt" + "net/http" + "regexp" + "strings" + "time" + + "github.com/astaxie/beego" + "github.com/opensourceways/server-common-lib/utils" + "github.com/sirupsen/logrus" + + "cvevulner/cve-ddd/app" + "cvevulner/cve-ddd/infrastructure/bulletinimpl" + "cvevulner/cve-ddd/infrastructure/obsimpl" + "cvevulner/cve-ddd/infrastructure/repositoryimpl" + "cvevulner/cve-ddd/infrastructure/updateinfoimpl" + "cvevulner/util" +) + +const hotPatchIssue = "https://gitee.com/api/v5/repos/openeuler/hotpatch_meta/issues?" + + "access_token=%s&state=closed&labels=%s&sort=created&direction=desc&page=%d&per_page=20&created_at=%s" + +var ( + RegexpCve = regexp.MustCompile(`(?s:(.*?))`) + RegexpRPM = regexp.MustCompile(`热补丁路径[::](?s:(.*?))热补丁信息[::]`) + RegexpMeta = regexp.MustCompile(`热补丁元数据[::](?s:(.*?))热补丁路径[::]`) + RegexpType = regexp.MustCompile(`问题类别[::](?s:(.*?))热补丁元数据[::]`) + RegexpInfo = regexp.MustCompile(`热补丁信息[::](?s:(.*?))$`) +) + +func NewHotPatchAdapter() *hotPatch { + return &hotPatch{ + service: app.NewHotPatchService( + repositoryimpl.NewRepositoryImpl(), + bulletinimpl.NewBulletinImpl(), + obsimpl.Instance(), + updateinfoimpl.NewUpdateInfoImpl(), + ), + } +} + +type hotPatch struct { + service app.HotPatchService +} + +type patchIssue = app.CmdToGenerateBulletins + +type Issue struct { + Number string `json:"number"` + Body string `json:"body"` +} + +func (h *hotPatch) Process() { + issues, err := h.getIssues() + if err != nil { + logrus.Errorf("get hot patch issue error: %s", err.Error()) + + return + } + + var patches []patchIssue + for _, v := range issues { + pat, err := h.toPatchIssue(v.Body) + if err != nil { + logrus.Errorf("issue number %s toPatchIssue error: %s", v.Number, err.Error()) + continue + } + pat.HotIssueNum = v.Number + + patches = append(patches, pat) + } + + if err := h.service.GenerateBulletins(patches); err != nil { + logrus.Errorf("generate bulletins error %s", err.Error()) + } + +} + +func (h *hotPatch) getIssues() ([]Issue, error) { + var page = 1 + var issues []Issue + token := beego.AppConfig.String("gitee::git_token") + cli := utils.NewHttpClient(3) + // query the data of the last 15 days + filterCreatedTime := time.Now().AddDate(0, 0, -15).Format("20060102T1504015-") + + for { + url := fmt.Sprintf(hotPatchIssue, token, "hotpatch", page, filterCreatedTime) + req, err := http.NewRequest( + http.MethodGet, url, nil, + ) + if err != nil { + return nil, err + } + + res, _, err := cli.Download(req) + if err != nil { + return nil, err + } + + var t []Issue + if err := json.Unmarshal(res, &t); err != nil { + return nil, err + } + + if len(t) == 0 { + break + } + + issues = append(issues, t...) + + page++ + } + + return issues, nil +} + +func (h *hotPatch) toPatchIssue(body string) (v patchIssue, err error) { + t := RegexpType.FindAllStringSubmatch(body, -1) + if len(t) == 0 { + return v, errors.New("parse type failed") + } + v.Type = strings.TrimSpace(t[0][1]) + + meta := RegexpMeta.FindAllStringSubmatch(body, -1) + if len(meta) == 0 { + return v, errors.New("parse metadata failed") + } + split := strings.Split(meta[0][1], "/") + v.Branch = split[len(split)-4] + v.Component = split[len(split)-3] + + p := RegexpRPM.FindAllStringSubmatch(body, -1) + if len(p) == 0 { + return v, errors.New("parse rpm failed") + } + v.PatchUrl = strings.Split(strings.TrimSpace(p[0][1]), "\n") + + info := RegexpInfo.FindAllStringSubmatch(body, -1) + if len(info) == 0 { + return v, errors.New("parse info failed") + } + var bys []byte + for _, s := range strings.Split(strings.TrimSpace(info[0][1]), "\n") { + bys, err = util.HTTPGetCom(strings.TrimSpace(s)) + if err != nil { + continue + } + + if cve := RegexpCve.FindAllStringSubmatch(string(bys), -1); len(cve) > 0 { + v.CveNum = strings.Split(cve[0][1], ",") + break + } + } + + if len(v.CveNum) == 0 { + return v, errors.New("parse cve num failed") + } + + return +} diff --git a/cve-vulner-manager/cve-ddd/app/hotpatch.go b/cve-vulner-manager/cve-ddd/app/hotpatch.go new file mode 100644 index 0000000000000000000000000000000000000000..3a1750ec06f0525c1fd41af67c803b66d4a603ba --- /dev/null +++ b/cve-vulner-manager/cve-ddd/app/hotpatch.go @@ -0,0 +1,153 @@ +package app + +import ( + "fmt" + "strconv" + "strings" + + "github.com/sirupsen/logrus" + + "cvevulner/cve-ddd/domain" + "cvevulner/cve-ddd/domain/bulletin" + "cvevulner/cve-ddd/domain/obs" + "cvevulner/cve-ddd/domain/repository" + "cvevulner/cve-ddd/domain/updateinfo" + "cvevulner/util" +) + +type HotPatchService interface { + GenerateBulletins([]CmdToGenerateBulletins) error +} + +func NewHotPatchService(r repository.CveRepository, b bulletin.Bulletin, o obs.OBS, u updateinfo.UpdateInfo, +) *hotPatchService { + return &hotPatchService{ + repository: r, + bulletin: b, + obs: o, + updateInfo: u, + } +} + +type hotPatchService struct { + repository repository.CveRepository + bulletin bulletin.Bulletin + obs obs.OBS + updateInfo updateinfo.UpdateInfo +} + +func (h *hotPatchService) GenerateBulletins(cmds []CmdToGenerateBulletins) error { + var cvesForUpdateInfo domain.Cves + + for _, cmd := range cmds { + if exist := h.repository.IssueNumExist(cmd.HotIssueNum); exist { + continue + } + + cves, err := h.repository.FindCves( + repository.Option{ + CveNum: cmd.CveNum, + Component: cmd.Component, + AffectedVersion: cmd.Branch, + }) + if err != nil { + logrus.Errorf("find cve %s, error %s", cmd.CveNum, err.Error()) + return err + } + if len(cves) == 0 { + logrus.Errorf("find cve %s nil", cmd.CveNum) + continue + } + // all cves have the same hot issue number + for k := range cves { + cves[k].HotIssueNum = cmd.HotIssueNum + } + + bulletins := cves.GenerateBulletins() + for _, b := range bulletins { + b.PatchUrl = cmd.PatchUrl + + id, err := h.generateBulletinId() + if err != nil { + return err + } + b.Identification = id + + xmlData, err := h.bulletin.Generate(&b) + if err != nil { + logrus.Errorf("component: %s, to xml error: %s", b.Component, err.Error()) + + continue + } + + fileName := fmt.Sprintf("cvrf-%s.xml", b.Identification) + if err := h.obs.UploadBulletin(fileName, xmlData); err != nil { + logrus.Errorf("component: %s, upload to obs error: %s", b.Component, err.Error()) + + continue + } + + cvesForUpdateInfo = append(cvesForUpdateInfo, b.Cves...) + + if err := h.repository.SetMaxBulletinID(b.Identification); err != nil { + logrus.Errorf("set max bulletin id %s error %s", b.Identification, err.Error()) + } + } + + if err := h.repository.SaveIssueNum(cmd.HotIssueNum); err != nil { + logrus.Errorf("save issue num %s error %s", cmd.HotIssueNum, err.Error()) + } + } + + if len(cvesForUpdateInfo) == 0 { + return nil + } + + return h.uploadUpdateInfo(cvesForUpdateInfo) +} + +func (h *hotPatchService) generateBulletinId() (string, error) { + bulletinNumFormat := "openEuler-HotPatchSA-%d-%d" + + maxID, err := h.repository.MaxBulletinID() + if err != nil { + return "", err + } + + thisYear := util.Year() + + if maxID == "" { + return fmt.Sprintf(bulletinNumFormat, thisYear, 1001), nil + } + + split := strings.Split(maxID, "-") + if split[2] != strconv.Itoa(thisYear) { + return fmt.Sprintf(bulletinNumFormat, thisYear, 1001), nil + } + + num, err := strconv.Atoi(split[3]) + if err != nil { + return "", err + } + + return fmt.Sprintf(bulletinNumFormat, thisYear, num+1), nil +} + +func (h *hotPatchService) uploadUpdateInfo(cves domain.Cves) error { + for version, v := range cves.GroupByVersion() { + bytes, err := h.updateInfo.Generate(v) + if err != nil { + logrus.Errorf("generate updateinfo of %s error %s", version, err.Error()) + continue + } + + fileName := fmt.Sprintf("%s_updateinfo.xlsx", version) + if err := h.obs.UploadUpdateInfo(fileName, bytes); err != nil { + logrus.Errorf("version: %s, upload to obs error: %s", version, err.Error()) + + continue + } + } + + return nil +} diff --git a/cve-vulner-manager/cve-ddd/app/hotpatch_dto.go b/cve-vulner-manager/cve-ddd/app/hotpatch_dto.go new file mode 100644 index 0000000000000000000000000000000000000000..209c1d22628608a32b651705cb6475590de2131f --- /dev/null +++ b/cve-vulner-manager/cve-ddd/app/hotpatch_dto.go @@ -0,0 +1,10 @@ +package app + +type CmdToGenerateBulletins struct { + Type string + Branch string + Component string + CveNum []string + PatchUrl []string + HotIssueNum string +} diff --git a/cve-vulner-manager/cve-ddd/domain/bulletin/bulletin.go b/cve-vulner-manager/cve-ddd/domain/bulletin/bulletin.go new file mode 100644 index 0000000000000000000000000000000000000000..18bdddf00c377e493507727a8897777076921bd6 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/domain/bulletin/bulletin.go @@ -0,0 +1,7 @@ +package bulletin + +import "cvevulner/cve-ddd/domain" + +type Bulletin interface { + Generate(*domain.SecurityBulletin) ([]byte, error) +} diff --git a/cve-vulner-manager/cve-ddd/domain/bulletins.go b/cve-vulner-manager/cve-ddd/domain/bulletins.go new file mode 100644 index 0000000000000000000000000000000000000000..7adbb1ac68efd7bf2e673fb92bd763d28ee75d46 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/domain/bulletins.go @@ -0,0 +1,10 @@ +package domain + +type SecurityBulletin struct { + AffectedVersion []string + Identification string + Date string + Component string + PatchUrl []string + Cves Cves +} diff --git a/cve-vulner-manager/cve-ddd/domain/cve.go b/cve-vulner-manager/cve-ddd/domain/cve.go new file mode 100644 index 0000000000000000000000000000000000000000..2ff5f28b907e521a6228885c73e27568c8f8f3e5 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/domain/cve.go @@ -0,0 +1,142 @@ +package domain + +import ( + "cvevulner/cve-ddd/domain/dp" + "cvevulner/util" +) + +type Cves []Cve + +//CvesByComponent is group of cves by component +type CvesByComponent []Cve + +//CvesByVersion is group of CvesByComponent by version +type CvesByVersion []Cve + +type Cve struct { + Component string + Description string + SeverityLevel string + AffectedVersion []string + AffectedProduct string + OpeneulerScore float64 + Theme string + CveNum string + CveBrief string + OpeneulerVector string + CveVersion string + HotIssueNum string + AbiVersion string + ColdIssue Issue +} + +type Issue struct { + Number string + Repo string +} + +func (d Cve) isAffectVersion(version string) bool { + for _, v := range d.AffectedVersion { + if v == version { + return true + } + } + + return false +} + +func (ds Cves) GroupByVersion() map[string]CvesByVersion { + group := make(map[string]CvesByVersion) + for _, cve := range ds { + group[cve.AffectedVersion[0]] = append(group[cve.AffectedVersion[0]], cve) + } + + return group +} + +//GroupByComponent group cves by component +func (ds Cves) groupByComponent() map[string]CvesByComponent { + group := make(map[string]CvesByComponent) + for _, d := range ds { + group[d.Component] = append(group[d.Component], d) + } + + return group +} + +//GenerateBulletins CvesByComponent is a component-differentiated set of cves, +//Bulletins are consolidated into one when all issues of a component affect all versions currently maintained, +//otherwise they are split into multiple bulletins by version +func (ds Cves) GenerateBulletins() []SecurityBulletin { + var securityBulletins []SecurityBulletin + + for _, dsc := range ds.groupByComponent() { + if dsc.isCombined() { + securityBulletins = append(securityBulletins, dsc.combinedBulletin()) + } else { + securityBulletins = append(securityBulletins, dsc.separatedBulletins()...) + } + } + + return securityBulletins +} + +//IsCombined determine whether multiple cves under the same component +//need to be combined into a single bulletin +func (dsc CvesByComponent) isCombined() bool { + for _, d := range dsc { + if len(d.AffectedVersion) != len(dp.MaintainVersion) { + return false + } + + for _, version := range d.AffectedVersion { + if !dp.MaintainVersion[version] { + return false + } + } + } + + return true +} + +//CombinedBulletin put all cves in one bulletin +func (dsc CvesByComponent) combinedBulletin() SecurityBulletin { + return SecurityBulletin{ + AffectedVersion: dsc[0].AffectedVersion, + Date: util.Date(), + Component: dsc[0].Component, + Cves: Cves(dsc), + } +} + +// SeparatedBulletins split into multiple bulletins by version +func (dsc CvesByComponent) separatedBulletins() []SecurityBulletin { + var sbs []SecurityBulletin + for version, ds := range dsc.separateByVersion() { + sbs = append(sbs, ds.bulletinByVersion(version)) + } + + return sbs +} + +func (dsc CvesByComponent) separateByVersion() map[string]CvesByVersion { + classifyByVersion := make(map[string]CvesByVersion) + for version := range dp.MaintainVersion { + for _, d := range dsc { + if d.isAffectVersion(version) { + classifyByVersion[version] = append(classifyByVersion[version], d) + } + } + } + + return classifyByVersion +} + +func (dsv CvesByVersion) bulletinByVersion(version string) SecurityBulletin { + return SecurityBulletin{ + AffectedVersion: []string{version}, + Date: util.Date(), + Component: dsv[0].Component, + Cves: Cves(dsv), + } +} diff --git a/cve-vulner-manager/cve-ddd/domain/dp/severity_level.go b/cve-vulner-manager/cve-ddd/domain/dp/severity_level.go new file mode 100644 index 0000000000000000000000000000000000000000..1acff404fb9d30d4eeb85a988af519a711cba388 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/domain/dp/severity_level.go @@ -0,0 +1,37 @@ +package dp + +import "errors" + +const ( + critical = "Critical" + high = "High" + moderate = "Medium" + low = "Low" +) + +var validateSeverityLevel = map[string]bool{ + critical: true, + high: true, + moderate: true, + low: true, +} + +var SequenceSeverityLevel = []string{low, moderate, high, critical} + +type severityLevel string + +func NewSeverityLevel(s string) (SeverityLevel, error) { + if !validateSeverityLevel[s] { + return nil, errors.New("invalid severity level") + } + + return severityLevel(s), nil +} + +type SeverityLevel interface { + String() string +} + +func (s severityLevel) String() string { + return string(s) +} diff --git a/cve-vulner-manager/cve-ddd/domain/dp/system_version.go b/cve-vulner-manager/cve-ddd/domain/dp/system_version.go new file mode 100644 index 0000000000000000000000000000000000000000..7225fb50a178ec1131a825727510ed51344d2910 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/domain/dp/system_version.go @@ -0,0 +1,41 @@ +package dp + +import ( + "errors" +) + +const ( + openeuler2003SP1 = "openEuler-20.03-LTS-SP1" + openeuler2003SP3 = "openEuler-20.03-LTS-SP3" + openeuler2203 = "openEuler-22.03-LTS" + openeuler2203SP1 = "openEuler-22.03-LTS-SP1" + openeuler2203sp2 = "openEuler-22.03-LTS-SP2" +) + +var MaintainVersion = map[string]bool{ + openeuler2003SP1: true, + openeuler2003SP3: true, + openeuler2203: true, + openeuler2203SP1: true, + openeuler2203sp2: true, +} + +type systemVersion string + +type SystemVersion interface { + String() string +} + +func NewSystemVersion(s string) (SystemVersion, error) { + // MaintainVersion is not used for validation because + // there is an error reading old data from the database when maintainVersion changes + if s == "" { + return nil, errors.New("invalid system version") + } + + return systemVersion(s), nil +} + +func (s systemVersion) String() string { + return string(s) +} diff --git a/cve-vulner-manager/cve-ddd/domain/obs/obs.go b/cve-vulner-manager/cve-ddd/domain/obs/obs.go new file mode 100644 index 0000000000000000000000000000000000000000..6aa040561f07d8df46479caad8b8695628d1de38 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/domain/obs/obs.go @@ -0,0 +1,6 @@ +package obs + +type OBS interface { + UploadBulletin(fileName string, data []byte) error + UploadUpdateInfo(fileName string, data []byte) error +} diff --git a/cve-vulner-manager/cve-ddd/domain/repository/cve.go b/cve-vulner-manager/cve-ddd/domain/repository/cve.go new file mode 100644 index 0000000000000000000000000000000000000000..b84d3f59c5d476dc1acd3a87b75c28df632b1688 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/domain/repository/cve.go @@ -0,0 +1,17 @@ +package repository + +import "cvevulner/cve-ddd/domain" + +type Option struct { + CveNum []string + Component string + AffectedVersion string +} + +type CveRepository interface { + FindCves(option Option) (domain.Cves, error) + MaxBulletinID() (string, error) + SetMaxBulletinID(string) error + IssueNumExist(num string) bool + SaveIssueNum(num string) error +} diff --git a/cve-vulner-manager/cve-ddd/domain/updateinfo/updateinfo.go b/cve-vulner-manager/cve-ddd/domain/updateinfo/updateinfo.go new file mode 100644 index 0000000000000000000000000000000000000000..ddfefa27c126166e7d8a3c1454b36c74c64563df --- /dev/null +++ b/cve-vulner-manager/cve-ddd/domain/updateinfo/updateinfo.go @@ -0,0 +1,7 @@ +package updateinfo + +import "cvevulner/cve-ddd/domain" + +type UpdateInfo interface { + Generate(cves domain.CvesByVersion) ([]byte, error) +} diff --git a/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/config.go b/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/config.go new file mode 100644 index 0000000000000000000000000000000000000000..55b68f29ba3208e2a61a9293b8cd72600d55d15f --- /dev/null +++ b/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/config.go @@ -0,0 +1 @@ +package bulletinimpl diff --git a/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/impl.go new file mode 100644 index 0000000000000000000000000000000000000000..d2c96c396ebea2799102c90c0cca6d3c72cd42e8 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/impl.go @@ -0,0 +1,338 @@ +package bulletinimpl + +import ( + "encoding/xml" + "fmt" + "strconv" + "strings" + + "github.com/sirupsen/logrus" + + "cvevulner/cve-ddd/domain" + "cvevulner/cve-ddd/domain/dp" + "cvevulner/taskhandler" +) + +const ( + aarch64 = "aarch64" + aarch64Suffix = ".aarch64." + noarch = "noarch" + noarchSuffix = ".noarch." + x8664 = "x86_64" + x8664suffix = ".x86_64." + src = "src" + srcSuffix = ".src." + productName = "Product Name" + packageArch = "Package Arch" +) + +var archs = map[string]bool{ + aarch64: true, + noarch: true, + x8664: true, + src: true, +} + +func NewBulletinImpl() bulletinImpl { + return bulletinImpl{} +} + +type bulletinImpl struct { +} + +func (impl bulletinImpl) Generate(sb *domain.SecurityBulletin) ([]byte, error) { + data := Cvrf{ + Xmlns: "http://www.icasi.org/CVRF/schema/cvrf/1.1", + XmlnsCvrf: "http://www.icasi.org/CVRF/schema/cvrf/1.1", + DocumentTitle: impl.documentTitle(sb), + DocumentType: "Security Advisory", + DocumentPublisher: impl.documentPublisher(), + DocumentTracking: impl.documentTracking(sb), + DocumentNotes: impl.documentNotes(sb), + DocumentReferences: impl.documentReferences(sb), + HotPatchTree: impl.HotPatchTree(sb), + Vulnerability: impl.vulnerability(sb), + } + + bData, err := xml.MarshalIndent(data, "", "\t") + if err != nil { + return nil, err + } + + return append([]byte(xml.Header), bData...), nil +} + +func (impl bulletinImpl) joinVersion(sb *domain.SecurityBulletin) string { + return strings.Trim(strings.Join(sb.AffectedVersion, ","), ",") +} + +func (impl bulletinImpl) documentTitle(sb *domain.SecurityBulletin) DocumentTitle { + title := fmt.Sprintf("An update for %s is now available for %s", sb.Component, impl.joinVersion(sb)) + + return DocumentTitle{ + XmlLang: "en", + DocumentTitle: title, + } +} + +func (impl bulletinImpl) documentPublisher() DocumentPublisher { + return DocumentPublisher{ + Type: "Vendor", + ContactDetails: "openeuler-security@openeuler.org", + IssuingAuthority: "openEuler security committee", + } +} + +func (impl bulletinImpl) documentTracking(sb *domain.SecurityBulletin) DocumentTracking { + return DocumentTracking{ + Identification: Identification{ + Id: sb.Identification, + }, + Status: "Final", + Version: "1.0", + RevisionHistory: RevisionHistory{ + Revision: []Revision{{ + Number: "1.0", + Date: sb.Date, + Description: "Initial", + }}, + }, + InitialReleaseDate: sb.Date, + CurrentReleaseDate: sb.Date, + Generator: Generator{ + Engine: "openEuler HotPatchSA Tool V1.0", + Date: sb.Date, + }, + } +} + +func (impl bulletinImpl) documentNotes(sb *domain.SecurityBulletin) DocumentNotes { + var description, topic string + var highestLevelIndex int + var maxScore float64 + + for _, cve := range sb.Cves { + subDescription := strings.ReplaceAll(cve.Description, "\n\n", "\r\n\r\n") + subDescription = taskhandler.XmlSpecCharHand(subDescription) + dSplit := strings.Split(subDescription, "Security Fix(es):") + if len(dSplit) > 1 { + if !strings.Contains(description, dSplit[0]) { + description = dSplit[0] + "Security Fix(es):" + description + } + if !strings.Contains(description, dSplit[1]) { + description += dSplit[1] + } + } + + if cve.OpeneulerScore >= maxScore { + maxScore = cve.OpeneulerScore + if cve.Theme != "" && cve.AffectedProduct != "" { + theme := strings.ReplaceAll(cve.Theme, "\n\n", "\r\n\r\n") + theme = taskhandler.XmlSpecCharHand(theme) + topic = strings.ReplaceAll(theme, cve.AffectedProduct, sb.AffectedVersion[0]) + } + } + + // Choose the highest security level in cves, as security level in bulletin + for k, v := range dp.SequenceSeverityLevel { + if v == cve.SeverityLevel && k > highestLevelIndex { + highestLevelIndex = k + } + } + } + + return DocumentNotes{ + Note: []Note{ + { + Title: "Synopsis", + Type: "General", + Ordinal: "1", + XmlLang: "en", + Note: fmt.Sprintf("%s security update", sb.Component), + }, + { + Title: "Summary", + Type: "General", + Ordinal: "2", + XmlLang: "en", + Note: fmt.Sprintf("An update for %s is now available for %s", sb.Component, impl.joinVersion(sb)), + }, + { + Title: "Description", + Type: "General", + Ordinal: "3", + XmlLang: "en", + Note: strings.Trim(description, "\r\n\r\n"), + }, + { + Title: "Topic", + Type: "General", + Ordinal: "4", + XmlLang: "en", + Note: topic, + }, + { + Title: "Severity", + Type: "General", + Ordinal: "5", + XmlLang: "en", + Note: dp.SequenceSeverityLevel[highestLevelIndex], + }, + { + Title: "Affected Component", + Type: "General", + Ordinal: "6", + XmlLang: "en", + Note: sb.Component, + }, + }, + } +} + +func (impl bulletinImpl) documentReferences(sb *domain.SecurityBulletin) DocumentReferences { + selfUrl := []CveUrl{ + { + Url: "https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=" + sb.Identification, + }, + } + + var cveUrl, other []CveUrl + for _, cve := range sb.Cves { + url := "https://www.openeuler.org/en/security/cve/detail.html?id=" + cve.CveNum + cveUrl = append(cveUrl, CveUrl{Url: url}) + + otherUrl := "https://nvd.nist.gov/vuln/detail/" + cve.CveNum + other = append(other, CveUrl{Url: otherUrl}) + } + + return DocumentReferences{ + CveReference: []CveReference{ + { + Type: "Self", + CveUrl: selfUrl, + }, + { + Type: "openEuler CVE", + CveUrl: cveUrl, + }, + { + Type: "Other", + CveUrl: other, + }, + }, + } +} + +func (impl bulletinImpl) HotPatchTree(sb *domain.SecurityBulletin) HotPatchTree { + affectBranchListx := strings.Split(sb.AffectedVersion[0], "-") + cpe := fmt.Sprintf("cpe:/a:%s:%s:%s", + affectBranchListx[0], affectBranchListx[0], strings.Join(affectBranchListx[1:], "-")) + + branch := []OpenEulerBranch{{ + Type: "Product Name", + Name: "openEuler", + FullProductName: []FullProductName{ + { + ProductId: sb.AffectedVersion[0], + Cpe: cpe, + FullProductName: sb.AffectedVersion[0], + }, + }, + }} + + for _, v := range sb.PatchUrl { + // v: http://121.36.84.172/hotpatch/openEuler-20.03-LTS/aarch64/Packages/patch-openssl-1.1.1m-15.oe2203sp1-HP1-1-1.aarch64.rpm + split := strings.Split(v, "/") + rpm := split[len(split)-1] + + // rmp: patch-openssl-1.1.1m-15.oe2203sp1-HP1-1-1.aarch64.rpm + t := strings.Split(rpm, ".") + // arch: aarch64 + arch := t[len(t)-2] + // productId: patch-openssl-1.1.1m-15.oe2203sp1-HP1-1-1 + var productId string + if len(t) > 3 { + productId = strings.Join(t[:len(t)-2], ".") + } else { + productId = t[0] + } + + if _, ok := archs[arch]; !ok { + logrus.Errorf("arch %s is unlegal", arch) + + continue + } + + b := OpenEulerBranch{ + Type: "Package Arch", + Name: arch, + FullProductName: []FullProductName{ + { + ProductId: productId, + Cpe: cpe, + FullProductName: rpm, + }, + }, + } + + branch = append(branch, b) + } + + return HotPatchTree{ + Xmlns: "http://www.icasi.org/CVRF/schema/prod/1.1", + Branch: branch, + } +} + +func (impl bulletinImpl) vulnerability(sb *domain.SecurityBulletin) []Vulnerability { + var vs []Vulnerability + + for k, cve := range sb.Cves { + vul := Vulnerability{ + Ordinal: strconv.Itoa(k + 1), + Xmlns: "http://www.icasi.org/CVRF/schema/vuln/1.1", + CveNotes: CveNotes{ + CveNote: CveNote{ + Title: "Vulnerability Description", + Type: "General", + Ordinal: "1", + XmlLang: "en", + Note: taskhandler.XmlSpecCharHand(cve.CveBrief), + }, + }, + ReleaseDate: sb.Date, + CVE: cve.CveNum, + ProductStatuses: ProductStatuses{ + Status: Status{ + Type: "Fixed", + ProductId: []ProductId{{ProductId: sb.AffectedVersion[0]}}, + }, + }, + Threats: Threats{ + Threat: Threat{ + Type: "Impact", + Description: cve.SeverityLevel, + }, + }, + CVSSScoreSets: CVSSScoreSets{ + ScoreSet: ScoreSet{ + BaseScore: fmt.Sprintf("%.1f", cve.OpeneulerScore), + Vector: cve.OpeneulerVector, + }, + }, + + Remediations: Remediations{ + Remediation: Remediation{ + Type: "Vendor Fix", + Description: fmt.Sprintf("%s security update", sb.Component), + Date: sb.Date, + Url: "https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=" + sb.Identification, + }, + }, + } + + vs = append(vs, vul) + } + + return vs +} diff --git a/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/xml.go b/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/xml.go new file mode 100644 index 0000000000000000000000000000000000000000..a2d2f38c94f53135b1327d8ced924bf248fa524d --- /dev/null +++ b/cve-vulner-manager/cve-ddd/infrastructure/bulletinimpl/xml.go @@ -0,0 +1,198 @@ +package bulletinimpl + +import "encoding/xml" + +type Cvrf struct { + XMLName xml.Name `xml:"cvrfdoc,omitempty"` + Xmlns string `xml:"xmlns,attr"` + XmlnsCvrf string `xml:"xmlns:cvrf,attr"` + DocumentTitle DocumentTitle `xml:"DocumentTitle,omitempty"` + DocumentType string `xml:"DocumentType"` + DocumentPublisher DocumentPublisher `xml:"DocumentPublisher,omitempty"` + DocumentTracking DocumentTracking `xml:"DocumentTracking,omitempty"` + DocumentNotes DocumentNotes `xml:"DocumentNotes,omitempty"` + DocumentReferences DocumentReferences `xml:"DocumentReferences,omitempty"` + HotPatchTree HotPatchTree `xml:"HotPatchTree"` + Vulnerability []Vulnerability `xml:"Vulnerability,omitempty"` +} + +type DocumentTitle struct { + XMLName xml.Name `xml:"DocumentTitle,omitempty"` + XmlLang string `xml:"xml:lang,attr"` + DocumentTitle string `xml:",innerxml"` +} + +type DocumentPublisher struct { + XMLName xml.Name `xml:"DocumentPublisher,omitempty"` + Type string `xml:"Type,attr"` + ContactDetails string `xml:"ContactDetails"` + IssuingAuthority string `xml:"IssuingAuthority"` +} + +type DocumentTracking struct { + XMLName xml.Name `xml:"DocumentTracking,omitempty"` + Identification Identification `xml:"Identification,omitempty"` + Status string `xml:"Status"` + Version string `xml:"Version"` + RevisionHistory RevisionHistory `xml:"RevisionHistory,omitempty"` + InitialReleaseDate string `xml:"InitialReleaseDate"` + CurrentReleaseDate string `xml:"CurrentReleaseDate"` + Generator Generator `xml:"Generator,omitempty"` +} + +type Identification struct { + XMLName xml.Name `xml:"Identification,omitempty"` + Id string `xml:"ID"` +} + +type RevisionHistory struct { + XMLName xml.Name `xml:"RevisionHistory,omitempty"` + Revision []Revision `xml:"Revision,omitempty"` +} + +type Revision struct { + XMLName xml.Name `xml:"Revision,omitempty"` + Number string `xml:"Number"` + Date string `xml:"Date"` + Description string `xml:"Description"` +} + +type Generator struct { + XMLName xml.Name `xml:"Generator,omitempty"` + Engine string `xml:"Engine"` + Date string `xml:"Date"` +} + +type DocumentNotes struct { + XMLName xml.Name `xml:"DocumentNotes,omitempty"` + Note []Note `xml:"Note,omitempty"` +} + +type Note struct { + XMLName xml.Name `xml:"Note,omitempty"` + Title string `xml:"Title,attr"` + Type string `xml:"Type,attr"` + Ordinal string `xml:"Ordinal,attr"` + XmlLang string `xml:"xml:lang,attr"` + Note string `xml:",innerxml"` +} + +type DocumentReferences struct { + XMLName xml.Name `xml:"DocumentReferences,omitempty"` + CveReference []CveReference `xml:"Reference,omitempty"` +} + +type CveReference struct { + XMLName xml.Name `xml:"Reference,omitempty"` + Type string `xml:"Type,attr"` + CveUrl []CveUrl `xml:"URL,omitempty"` +} + +type CveUrl struct { + XMLName xml.Name `xml:"URL,omitempty"` + Url string `xml:",innerxml"` +} + +type ProductTree struct { + XMLName xml.Name `xml:"ProductTree,omitempty"` + Xmlns string `xml:"xmlns,attr"` + OpenEulerBranch []OpenEulerBranch `xml:"Branch,omitempty"` +} + +type OpenEulerBranch struct { + XMLName xml.Name `xml:"Branch,omitempty"` + Type string `xml:"Type,attr"` + Name string `xml:"Name,attr"` + FullProductName []FullProductName `xml:"FullProductName,omitempty"` +} + +type FullProductName struct { + XMLName xml.Name `xml:"FullProductName,omitempty"` + ProductId string `xml:"ProductID,attr"` + Cpe string `xml:"CPE,attr"` + FullProductName string `xml:",innerxml"` +} + +type HotPatchTree struct { + XMLName xml.Name `xml:"HotPatchTree,omitempty"` + Xmlns string `xml:"xmlns,attr"` + Branch []OpenEulerBranch `xml:"Branch,omitempty"` +} + +type Vulnerability struct { + XMLName xml.Name `xml:"Vulnerability,omitempty"` + Ordinal string `xml:"Ordinal,attr"` + Xmlns string `xml:"xmlns,attr"` + CveNotes CveNotes `xml:"Notes,omitempty"` + ReleaseDate string `xml:"ReleaseDate"` + CVE string `xml:"CVE"` + ProductStatuses ProductStatuses `xml:"ProductStatuses,omitempty"` + Threats Threats `xml:"Threats,omitempty"` + CVSSScoreSets CVSSScoreSets `xml:"CVSSScoreSets,omitempty"` + Remediations Remediations `xml:"Remediations,omitempty"` +} + +type CveNotes struct { + XMLName xml.Name `xml:"Notes,omitempty"` + CveNote CveNote `xml:"Note,omitempty"` +} + +type CveNote struct { + XMLName xml.Name `xml:"Note,omitempty"` + Title string `xml:"Title,attr"` + Type string `xml:"Type,attr"` + Ordinal string `xml:"Ordinal,attr"` + XmlLang string `xml:"xml:lang,attr"` + Note string `xml:",innerxml"` +} + +type ProductStatuses struct { + XMLName xml.Name `xml:"ProductStatuses,omitempty"` + Status Status `xml:"Status,omitempty"` +} + +type Status struct { + XMLName xml.Name `xml:"Status,omitempty"` + Type string `xml:"Type,attr"` + ProductId []ProductId `xml:"ProductID,omitempty"` +} + +type ProductId struct { + XMLName xml.Name `xml:"ProductID,omitempty"` + ProductId string `xml:",innerxml"` +} + +type Threats struct { + XMLName xml.Name `xml:"Threats,omitempty"` + Threat Threat `xml:"Threat,omitempty"` +} + +type Threat struct { + XMLName xml.Name `xml:"Threat,omitempty"` + Type string `xml:"Type,attr"` + Description string `xml:"Description"` +} + +type CVSSScoreSets struct { + XMLName xml.Name `xml:"CVSSScoreSets,omitempty"` + ScoreSet ScoreSet `xml:"ScoreSet,omitempty"` +} + +type ScoreSet struct { + XMLName xml.Name `xml:"ScoreSet,omitempty"` + BaseScore string `xml:"BaseScore"` + Vector string `xml:"Vector"` +} + +type Remediations struct { + XMLName xml.Name `xml:"Remediations,omitempty"` + Remediation Remediation `xml:"Remediation,omitempty"` +} + +type Remediation struct { + XMLName xml.Name `xml:"Remediation,omitempty"` + Type string `xml:"Type,attr"` + Description string `xml:"Description"` + Date string `xml:"DATE"` + Url string `xml:"URL"` +} diff --git a/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/config.go b/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/config.go new file mode 100644 index 0000000000000000000000000000000000000000..8e0210e70697e72130554ab824a09f563b921bfb --- /dev/null +++ b/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/config.go @@ -0,0 +1,10 @@ +package obsimpl + +type Config struct { + AccessKey string `json:"access_key" required:"true"` + SecretKey string `json:"secret_key" required:"true"` + Endpoint string `json:"endpoint" required:"true"` + Bucket string `json:"bucket" required:"true"` + Directory string `json:"directory" required:"true"` + UpdateInfoDir string `json:"update_info_dir" required:"true"` +} diff --git a/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go new file mode 100644 index 0000000000000000000000000000000000000000..73c80e54833cc19d4ac78cb71b8fce7750080387 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go @@ -0,0 +1,68 @@ +package obsimpl + +import ( + "bytes" + "fmt" + "time" + + "github.com/astaxie/beego" + "github.com/huaweicloud/huaweicloud-sdk-go-obs/obs" +) + +var instance *obsImpl + +func Init() error { + cfg := Config{ + AccessKey: beego.AppConfig.String("obs::access_key_id"), + SecretKey: beego.AppConfig.String("obs::secret_access_key"), + Endpoint: beego.AppConfig.String("obs::endpoint"), + Bucket: beego.AppConfig.String("obs::bucket"), + Directory: beego.AppConfig.String("obs::upload_cvrf_dir"), + UpdateInfoDir: beego.AppConfig.String("obs::upload_updateinfo_dir"), + } + + cli, err := obs.New(cfg.AccessKey, cfg.SecretKey, cfg.Endpoint) + if err != nil { + return err + } + + instance = &obsImpl{ + cfg: &cfg, + cli: cli, + } + + return nil +} + +func Instance() *obsImpl { + return instance +} + +type obsImpl struct { + cfg *Config + cli *obs.ObsClient +} + +func (impl obsImpl) UploadBulletin(fileName string, data []byte) error { + input := &obs.PutObjectInput{} + input.Bucket = impl.cfg.Bucket + nowStr := time.Now().Format("2006-01-02") + input.Key = fmt.Sprintf("%s%s-%s/%s", impl.cfg.Directory, nowStr, "hotpatch", fileName) + input.Body = bytes.NewReader(data) + + _, err := impl.cli.PutObject(input) + + return err +} + +func (impl obsImpl) UploadUpdateInfo(fileName string, data []byte) error { + input := &obs.PutObjectInput{} + input.Bucket = impl.cfg.Bucket + nowStr := time.Now().Format("2006-01-02") + input.Key = fmt.Sprintf("%s%s-%s/%s", impl.cfg.UpdateInfoDir, nowStr, "hotpatch", fileName) + input.Body = bytes.NewReader(data) + + _, err := impl.cli.PutObject(input) + + return err +} diff --git a/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/dto.go b/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/dto.go new file mode 100644 index 0000000000000000000000000000000000000000..200e707a53da96de7e3c35a29a818719cdb2ff24 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/dto.go @@ -0,0 +1,21 @@ +package repositoryimpl + +type CveInfo struct { + CveNum string `json:"cve_num"` + IssueNum string `json:"issue_num"` + Repo string `json:"repo"` + OwnedComponent string `json:"owned_component"` + CveBrief string `json:"cve_brief"` + CveLevel string `json:"cve_level"` + AffectedVersion string `json:"affected_version"` + Introduction string `json:"introduction"` + Summary string `json:"summary"` + Description string `json:"description"` + AffectProduct string `json:"affect_product"` + ReferenceLink string `json:"reference_link"` + OpeneulerScore float64 `json:"openeuler_score"` + Theme string `json:"theme"` + OpeneulerVector string `json:"openeuler_vector"` + CveVersion string `json:"cve_version"` + AbiVersion string `json:"abi_version"` +} diff --git a/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/impl.go new file mode 100644 index 0000000000000000000000000000000000000000..b3072f28d2af2a77f3355801c4cae2059e1937bc --- /dev/null +++ b/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/impl.go @@ -0,0 +1,138 @@ +package repositoryimpl + +import ( + "errors" + "fmt" + "strings" + "time" + + "github.com/astaxie/beego/orm" + + "cvevulner/cve-ddd/domain" + "cvevulner/cve-ddd/domain/repository" + "cvevulner/models" +) + +func NewRepositoryImpl() repositoryImpl { + return repositoryImpl{} +} + +type repositoryImpl struct { +} + +func (impl repositoryImpl) FindCves(opt repository.Option) (cves domain.Cves, err error) { + var data []CveInfo + + sql := `select a.cve_num,a.cve_version,b.openeuler_score,b.openeuler_vector,b.issue_num, + b.repo,b.abi_version,b.owned_component, b.cve_brief, b.cve_level, b.affected_version, + c.introduction, c.summary, c.description, c.affect_product, c.reference_link,c.theme +from cve_vuln_center a +join cve_issue_template b on a.cve_id=b.cve_id +join cve_security_notice c on a.cve_id=c.cve_id +where a.cve_num in (%s) and a.organizate_id = 1 and a.pack_name = "%s" +` + o := orm.NewOrm() + cveStr := "\"" + strings.Join(opt.CveNum, "\",\"") + "\"" + if _, err = o.Raw(fmt.Sprintf(sql, cveStr, opt.Component)).QueryRows(&data); err != nil { + return + } + + for _, v := range data { + cve := domain.Cve{ + Component: opt.Component, + Description: v.Description, + SeverityLevel: v.CveLevel, + AffectedVersion: []string{opt.AffectedVersion}, + AffectedProduct: v.AffectProduct, + OpeneulerScore: v.OpeneulerScore, + Theme: v.Theme, + CveNum: v.CveNum, + CveBrief: v.CveBrief, + OpeneulerVector: v.OpeneulerVector, + CveVersion: v.CveVersion, + AbiVersion: v.AbiVersion, + ColdIssue: domain.Issue{ + Number: v.IssueNum, + Repo: v.Repo, + }, + } + + cves = append(cves, cve) + } + + return +} + +func (impl repositoryImpl) MaxBulletinID() (string, error) { + var hotPatch models.HotPatch + + o := orm.NewOrm() + err := o.QueryTable(&hotPatch).Filter("type", 2).One(&hotPatch) + if errors.Is(err, orm.ErrNoRows) { + return "", nil + } + + if err != nil { + return "", err + } + + return hotPatch.MaxID, nil +} + +func (impl repositoryImpl) SetMaxBulletinID(id string) error { + hotPatch := models.HotPatch{ + Type: 2, + } + now := time.Now().Format(time.RFC3339) + + o := orm.NewOrm() + err := o.Read(&hotPatch, "type") + if errors.Is(err, orm.ErrNoRows) { + hotPatch.MaxID = id + hotPatch.CreateTime = now + hotPatch.UpdateTime = now + + _, err := o.Insert(&hotPatch) + + return err + + } else if err == nil { + hotPatch.MaxID = id + hotPatch.UpdateTime = now + _, err := o.Update(&hotPatch) + + return err + } + + return err +} + +func (impl repositoryImpl) IssueNumExist(num string) bool { + hotPatch := models.HotPatch{ + Type: 1, + IssueNum: num, + } + + o := orm.NewOrm() + if err := o.Read(&hotPatch, "type", "issue_num"); err != nil { + return false + } + + return true +} + +func (impl repositoryImpl) SaveIssueNum(num string) error { + now := time.Now().Format(time.RFC3339) + + hotPatch := models.HotPatch{ + Type: 1, + IssueNum: num, + CreateTime: now, + UpdateTime: now, + } + + o := orm.NewOrm() + _, err := o.Insert(&hotPatch) + + return err +} diff --git a/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/impl.go new file mode 100644 index 0000000000000000000000000000000000000000..c446a7d4271bc11385d0e2e6a6235962cf25cd30 --- /dev/null +++ b/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/impl.go @@ -0,0 +1,114 @@ +package updateinfoimpl + +import ( + "fmt" + "strings" + + "github.com/xuri/excelize/v2" + + "cvevulner/cve-ddd/domain" +) + +func NewUpdateInfoImpl() *updateInfoImpl { + return &updateInfoImpl{} +} + +type updateInfoImpl struct { +} + +func (impl updateInfoImpl) Generate(cves domain.CvesByVersion) (data []byte, err error) { + excel, err := impl.initExcel() + if err != nil { + return + } + + for index, cve := range cves { + if err = excel.SetCellValue("cve_list", fmt.Sprintf("A%d", index+2), cve.CveNum); err != nil { + return + } + + if err = excel.SetCellValue("cve_list", fmt.Sprintf("B%d", index+2), cve.ColdIssue.Number); err != nil { + return + } + + if err = excel.SetCellValue("cve_list", fmt.Sprintf("C%d", index+2), cve.ColdIssue.Repo); err != nil { + return + } + + if err = excel.SetCellValue("cve_list", fmt.Sprintf("D%d", index+2), cve.HotIssueNum); err != nil { + return + } + + if err = excel.SetCellValue("cve_list", fmt.Sprintf("E%d", index+2), cve.OpeneulerScore); err != nil { + return + } + + if err = excel.SetCellValue("cve_list", fmt.Sprintf("F%d", index+2), cve.CveVersion); err != nil { + return + } + + if err = excel.SetCellValue("cve_list", fmt.Sprintf("G%d", index+2), impl.generateAbi(cve)); err != nil { + return + } + } + + buff, err := excel.WriteToBuffer() + if err != nil { + return + } + + return buff.Bytes(), nil +} + +func (impl updateInfoImpl) initExcel() (f *excelize.File, err error) { + f = excelize.NewFile() + index, _ := f.NewSheet("cve_list") + f.SetActiveSheet(index) + + if err = f.SetCellValue("cve_list", "A1", "cve编号"); err != nil { + return + } + if err = f.SetCellValue("cve_list", "B1", "issue编号"); err != nil { + return + } + if err = f.SetCellValue("cve_list", "C1", "issue所属仓库"); err != nil { + return + } + if err = f.SetCellValue("cve_list", "D1", "热补丁issue编号"); err != nil { + return + } + if err = f.SetCellValue("cve_list", "E1", "score"); err != nil { + return + } + if err = f.SetCellValue("cve_list", "F1", "version"); err != nil { + return + } + if err = f.SetCellValue("cve_list", "G1", "abi是否变化"); err != nil { + return + } + + return +} + +func (impl updateInfoImpl) generateAbi(cve domain.Cve) string { + ret := "无" + if cve.AbiVersion == "" { + return ret + } + + split := strings.Split(cve.AbiVersion, ",") + if len(split) == 0 { + return ret + } + + for _, v := range split { + split2 := strings.Split(v, ":") + if len(split2) != 2 || split2[0] != cve.AffectedVersion[0] || split2[1] == "" { + continue + } + + return split2[1] + } + + return ret +} diff --git a/cve-vulner-manager/go.mod b/cve-vulner-manager/go.mod index 16aab381a79633f695a59935852d43cc4333e4a9..8e96c55fd0b229d4b491a1dec0b7db50ff9d2c44 100644 --- a/cve-vulner-manager/go.mod +++ b/cve-vulner-manager/go.mod @@ -9,14 +9,17 @@ require ( github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/go-sql-driver/mysql v1.5.0 github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e // indirect + github.com/huaweicloud/huaweicloud-sdk-go-obs v3.23.4+incompatible github.com/lib/pq v1.8.0 // indirect + github.com/opensourceways/server-common-lib v0.0.0-20230208064916-61fc43dfb8db github.com/pkg/errors v0.9.1 github.com/robfig/cron/v3 v3.0.1 + github.com/sirupsen/logrus v1.9.0 github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304 // indirect github.com/smartystreets/goconvey v1.6.4 - github.com/xuri/excelize/v2 v2.5.0 - golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 + github.com/xuri/excelize/v2 v2.7.1 + golang.org/x/net v0.9.0 gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df - gopkg.in/yaml.v2 v2.3.0 + gopkg.in/yaml.v2 v2.4.0 ) diff --git a/cve-vulner-manager/go.sum b/cve-vulner-manager/go.sum index dbebff1ac9100797abbf49fcaa41a95b6682ea6d..8b7e1276cb952036c0b0bfbc5413492a38bb9dcb 100644 --- a/cve-vulner-manager/go.sum +++ b/cve-vulner-manager/go.sum @@ -1,7 +1,11 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/360EntSecGroup-Skylar/excelize/v2 v2.3.0 h1:tDWYNCJrpNnlNg8mVdlzAzPjlPaRbsA/kS8H9LczleQ= github.com/360EntSecGroup-Skylar/excelize/v2 v2.3.0/go.mod h1:Uwb0d1GgxJieUWZG5WylTrgQ2SrldfjagAxheU8W6MQ= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/Knetic/govaluate v3.0.0+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= @@ -12,6 +16,8 @@ github.com/antchfx/htmlquery v1.2.4 h1:qLteofCMe/KGovBI6SQgmou2QNyedFUW+pE+BpeZ4 github.com/antchfx/htmlquery v1.2.4/go.mod h1:2xO6iu3EVWs7R2JYqBbp8YzG50gj/ofqs5/0VZoDZLc= github.com/antchfx/xpath v1.2.0 h1:mbwv7co+x0RwgeGAOHdrKy89GvHaGvxxBtPK0uF9Zr8= github.com/antchfx/xpath v1.2.0/go.mod h1:i54GszH55fYfBmoZXapTHN8T8tkcHfRgLyVwwqzXNcs= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/astaxie/beego v1.12.3 h1:SAQkdD2ePye+v8Gn1r4X6IKZM1wd28EyUOVQ3PDSOOQ= github.com/astaxie/beego v1.12.3/go.mod h1:p3qIm0Ryx7zeBHLljmd7omloyca1s4yu1a8kM1FkpIA= github.com/beego/goyaml2 v0.0.0-20130207012346-5545475820dd/go.mod h1:1b+Y/CofkYwXMUU0OhQqGvsY2Bvgr4j6jfT699wyZKQ= @@ -22,8 +28,13 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bradfitz/gomemcache v0.0.0-20180710155616-bc664df96737/go.mod h1:PmM6Mmwb0LSuEubjR8N7PtNe1KxZLtOUHtbeikc5h60= github.com/casbin/casbin v1.7.0/go.mod h1:c67qKN6Oum3UF5Q1+BByfFxkwKvhwW57ITjqwtzR1KE= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cloudflare/golz4 v0.0.0-20150217214814-ef862a3cdc58/go.mod h1:EOBUe0h4xcZ5GoxqC5SDxFQ8gwyZPKQoEzownBlhI80= github.com/couchbase/go-couchbase v0.0.0-20200519150804-63f3cdb75e0d/go.mod h1:TWI8EKQMs5u5jLKW/tsb9VwauIrMIxQG1r5fMsswK5U= github.com/couchbase/gomemcached v0.0.0-20200526233749-ec430f949808/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c= @@ -35,23 +46,42 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/edsrzf/mmap-go v0.0.0-20170320065105-0bce6a688712/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M= github.com/elastic/go-elasticsearch/v6 v6.8.5/go.mod h1:UwaDJsD3rWLM5rKNFzv9hgox93HoX8utj1kxD9aFUcI= github.com/elazarl/go-bindata-assetfs v1.0.0 h1:G/bYguwHIzWq9ZoyUQqrjTmJbbYn3j3CKKpKinvZLFk= github.com/elazarl/go-bindata-assetfs v1.0.0/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/glendc/gopher-json v0.0.0-20170414221815-dc4743023d0c/go.mod h1:Gja1A+xZ9BoviGJNA2E9vFkPjjsl+CoJxSXiQM1UXtw= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-redis/redis v6.14.2+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA= github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gGcHOs= github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -60,30 +90,52 @@ github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:x github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4= +github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e h1:JKmoR8x90Iww1ks85zJ1lfDGgIiMDuIptTOhJq+zKyg= github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/huaweicloud/huaweicloud-sdk-go-obs v3.23.4+incompatible h1:XRAk4HBDLCYEdPLWtKf5iZhOi7lfx17aY0oSO9+mcg8= +github.com/huaweicloud/huaweicloud-sdk-go-obs v3.23.4+incompatible/go.mod h1:l7VUhRbTKCzdOacdT4oWCwATKyvZqUOlOqr0Ous3k4s= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -92,26 +144,48 @@ github.com/ledisdb/ledisdb v0.0.0-20200510135210-d35789ec47e6/go.mod h1:n931TsDu github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.8.0 h1:9xohqzkUwzR4Ga4ivdTcawVS89YSDVxXMa3xJX3cGzg= github.com/lib/pq v1.8.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mattn/go-sqlite3 v2.0.3+incompatible h1:gXHsfypPkaMZrKbD5209QV9jbUTJKjyR5WD3HYQSd+U= github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= +github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= +github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= +github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= +github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= +github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= +github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= +github.com/onsi/ginkgo/v2 v2.4.0/go.mod h1:iHkDK1fKGcBoEHT5W7YBq4RFWaQulw+caOMkAt4OrFo= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= +github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= +github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= +github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= +github.com/onsi/gomega v1.21.1/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc= +github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM= +github.com/onsi/gomega v1.23.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= +github.com/opensourceways/server-common-lib v0.0.0-20230208064916-61fc43dfb8db h1:syzeracFtgfmSWpKvhhvx46RcjsZSjdubbVWO83eDA8= +github.com/opensourceways/server-common-lib v0.0.0-20230208064916-61fc43dfb8db/go.mod h1:dQQwRnyuxQIF+E2471Qx6OpMiuTMRO9NGhV4Azduwc8= github.com/pelletier/go-toml v1.0.1/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/peterh/liner v1.0.1-0.20171122030339-3681c2a91233 h1:jmJndGFBPjNWW+MAYarU/Nl8QrQVzbw4B/AYE0LzETo= github.com/peterh/liner v1.0.1-0.20171122030339-3681c2a91233/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -125,6 +199,7 @@ github.com/prometheus/client_golang v1.7.0 h1:wCi7urQOGBsYcQROHqpUUX4ct84xp40t9R github.com/prometheus/client_golang v1.7.0/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= @@ -134,12 +209,15 @@ github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.1.3 h1:F0+tqvhOksq22sc6iCHF5WGlWjdwj92p0udFh1VFBS8= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/richardlehane/mscfb v1.0.3 h1:rD8TBkYWkObWO0oLDFCbwMeZ4KoalxQy+QgniCj3nKI= -github.com/richardlehane/mscfb v1.0.3/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk= -github.com/richardlehane/msoleps v1.0.1 h1:RfrALnSNXzmXLbGct/P2b4xkFz4e8Gmj/0Vj9M9xC1o= +github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM= +github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk= github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg= +github.com/richardlehane/msoleps v1.0.3 h1:aznSZzrwYRl3rLKRT3gUk9am7T/mLNSnJINvN0AQoVM= +github.com/richardlehane/msoleps v1.0.3/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= +github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= +github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/shiena/ansicolor v0.0.0-20151119151921-a422bbe96644 h1:X+yvsM2yrEktyI+b2qND5gpH8YhURn0k8OCaeRnkINo= github.com/shiena/ansicolor v0.0.0-20151119151921-a422bbe96644/go.mod h1:nkxAfR/5quYxwPZhyDxgasBMnRtBZd0FCEpawpjMUFg= github.com/siddontang/go v0.0.0-20170517070808-cb568a3e5cc0/go.mod h1:3yhqj7WBBfRhbBlzyOC3gUxftwsU0u8gqevxwIHQpMw= @@ -147,102 +225,205 @@ github.com/siddontang/goredis v0.0.0-20150324035039-760763f78400/go.mod h1:DDcKz github.com/siddontang/rdb v0.0.0-20150307021120-fc89ed2e418d/go.mod h1:AMEsy7v5z92TR1JKMkLLoaOQk++LVnOKL3ScbJ8GNGA= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= +github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304 h1:Jpy1PXuP99tXNrhbq2BaPz9B+jNAvH1JPQQpG/9GCXY= github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/ssdb/gossdb v0.0.0-20180723034631-88f6b59b84ec/go.mod h1:QBvMkMya+gXctz3kmljlUCu/yB3GZ6oee+dUozsezQE= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/syndtr/goleveldb v0.0.0-20160425020131-cfa635847112/go.mod h1:Z4AUp2Km+PwemOoO/VB5AOx9XSsIItzFjoJlOSiYmn0= github.com/syndtr/goleveldb v0.0.0-20181127023241-353a9fca669c/go.mod h1:Z4AUp2Km+PwemOoO/VB5AOx9XSsIItzFjoJlOSiYmn0= github.com/ugorji/go v0.0.0-20171122102828-84cb69a8af83/go.mod h1:hnLbHMwcvSihnDhEfx2/BzKp2xb0Y+ErdfYcrs9tkJQ= github.com/wendal/errors v0.0.0-20130201093226-f66c77a7882b/go.mod h1:Q12BUT7DqIlHRmgv3RskH+UCM/4eqVMgI0EMmlSpAXc= -github.com/xuri/efp v0.0.0-20191019043341-b7dc4fe9aa91 h1:gp02YctZuIPTk0t7qI+wvg3VQwTPyNmSGG6ZqOsjSL8= github.com/xuri/efp v0.0.0-20191019043341-b7dc4fe9aa91/go.mod h1:uBiSUepVYMhGTfDeBKKasV4GpgBlzJ46gXUBAqV8qLk= -github.com/xuri/efp v0.0.0-20210322160811-ab561f5b45e3 h1:EpI0bqf/eX9SdZDwlMmahKM+CDBgNbsXMhsN28XrM8o= -github.com/xuri/efp v0.0.0-20210322160811-ab561f5b45e3/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI= -github.com/xuri/excelize/v2 v2.5.0 h1:nDDVfX0qaDuGjAvb+5zTd0Bxxoqa1Ffv9B4kiE23PTM= -github.com/xuri/excelize/v2 v2.5.0/go.mod h1:rSu0C3papjzxQA3sdK8cU544TebhrPUoTOaGPIh0Q1A= +github.com/xuri/efp v0.0.0-20220603152613-6918739fd470 h1:6932x8ltq1w4utjmfMPVj09jdMlkY0aiA6+Skbtl3/c= +github.com/xuri/efp v0.0.0-20220603152613-6918739fd470/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI= +github.com/xuri/excelize/v2 v2.7.1 h1:gm8q0UCAyaTt3MEF5wWMjVdmthm2EHAWesGSKS9tdVI= +github.com/xuri/excelize/v2 v2.7.1/go.mod h1:qc0+2j4TvAUrBw36ATtcTeC1VCM0fFdAXZOmcF4nTpY= +github.com/xuri/nfp v0.0.0-20220409054826-5e722a1d9e22 h1:OAmKAfT06//esDdpi/DZ8Qsdt4+M5+ltca05dA5bG2M= +github.com/xuri/nfp v0.0.0-20220409054826-5e722a1d9e22/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yuin/gopher-lua v0.0.0-20171031051903-609c9cd26973/go.mod h1:aEV29XrmTYFr3CiRxZeGHpkvbwq+prZduBqMaascyCU= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 h1:/UOmuWzQfxxo9UtlXMwuQU8CMgg1eZXqTRwkSQJWKOI= -golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/image v0.0.0-20200430140353-33d19683fad8 h1:6WW6V3x1P/jokJBpRQYUJnMHRP6isStQwCozxnU7XQw= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= +golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ= +golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20210220032944-ac19c3e999fb h1:fqpd0EBDzlHRCjiphRR5Zo/RSWWQlWv34418dnEixWk= -golang.org/x/image v0.0.0-20210220032944-ac19c3e999fb/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.5.0 h1:5JMiNunQeQw++mMOz48/ISeNu3Iweh/JaZU8ZLqHRrI= +golang.org/x/image v0.5.0/go.mod h1:FVC7BI/5Ym8R25iw5OLsgshdUBbT1h5jZTpA+mvAdZ4= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859 h1:R/3boaszxrf1GEUWTVDzSKVwLmSJpwZ1yqXm8j0v2QI= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200506145744-7e3656a0809f h1:QBjCr1Fz5kw158VqdE9JfI9cJnl/ymnJWAdMuinqL7Y= golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 h1:4CSI6oo7cOjJKajidEljs9h+uP0rRZBPPPhcCbj5mw8= -golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= +golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= +golang.org/x/net v0.3.1-0.20221206200815-1e63c2f08a10/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= +golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da h1:b3NXsE2LusjYGGjL5bxEVZZORm/YEFFrWFjR8eFrw/c= +golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= +golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyzM= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= +google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk= gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AWRXxgwEyPp2z+p0+hgMuE= gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -250,7 +431,26 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +k8s.io/apimachinery v0.26.1/go.mod h1:tnPmbONNJ7ByJNz9+n9kMjNP8ON+1qoAIIC70lztu74= +k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= +k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= +k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20221107191617-1a15be271d1d/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= +sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= +sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/cve-vulner-manager/main.go b/cve-vulner-manager/main.go index a7bb8a16500793cdd42f1f117d1beab2c6420b3c..64c5458aceb91cbe58f466bf8e785307de5e6dcb 100644 --- a/cve-vulner-manager/main.go +++ b/cve-vulner-manager/main.go @@ -4,6 +4,7 @@ import ( "github.com/astaxie/beego" "cvevulner/common" + "cvevulner/cve-ddd/infrastructure/obsimpl" cve_timed_task "cvevulner/cve-timed-task" "cvevulner/models" _ "cvevulner/models" @@ -25,6 +26,12 @@ func main() { println("error: Database initialization failed") return } + + if err := obsimpl.Init(); err != nil { + println("error: obs initialization failed") + return + } + // Initialize a scheduled task taskOk := task.InitTask() if !taskOk { diff --git a/cve-vulner-manager/models/modeldb.go b/cve-vulner-manager/models/modeldb.go index caeb21288412596ec1cba44ea2820815d3787f3a..48b73db121b32108c8a75727be80da5aa018549f 100644 --- a/cve-vulner-manager/models/modeldb.go +++ b/cve-vulner-manager/models/modeldb.go @@ -1053,6 +1053,15 @@ type IssueDeleteRecord struct { DeleteTime string `orm:"size(32);column(delete_time);null"` } +type HotPatch struct { + Id int64 `orm:"pk;auto;column(id)"` + Type int64 `orm:"column(type)"` + MaxID string `orm:"size(256);column(max_id);"` + IssueNum string `orm:"size(256);column(issue_num);index"` + CreateTime string `orm:"size(32);column(created_at)"` + UpdateTime string `orm:"size(32);column(updated_at);null"` +} + func CreateDb() bool { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil { @@ -1094,7 +1103,7 @@ func CreateDb() bool { new(OpenLookengSecurityReviewer), new(OpenLookengYaml), new(IssueCommunityStatistics), new(CommunityYamlConfig), new(IssueDeleteRecord), new(AuthTokenInfo), new(OriginUpstreamPatch), new(OriginUpstreamPackageUrl), - new(Reviewer), + new(Reviewer), new(HotPatch), ) logs.Info("table create success!") errosyn := orm.RunSyncdb("default", false, true) diff --git a/cve-vulner-manager/util/time.go b/cve-vulner-manager/util/time.go index bf895fcdc9eeafa919828df2bfea3fafef00dc97..c0d0a012bba2cdbad4e82fda8b86b5a72de81e8b 100644 --- a/cve-vulner-manager/util/time.go +++ b/cve-vulner-manager/util/time.go @@ -1,8 +1,9 @@ package util import ( - "github.com/astaxie/beego/logs" "time" + + "github.com/astaxie/beego/logs" ) //TimeStrToInt parse time string to unix nano @@ -20,3 +21,23 @@ func TimeStrToInt(ts, layout string) int64 { } return t.Unix() } + +func Now() int64 { + return time.Now().Unix() +} + +func ToDate(n int64) string { + if n == 0 { + n = Now() + } + + return time.Unix(n, 0).Format("2006-01-02") +} + +func Date() string { + return ToDate(Now()) +} + +func Year() int { + return time.Now().Year() +}