From 40f343cd0757802b6980114dba7715d205670905 Mon Sep 17 00:00:00 2001 From: DmitriyLewen Date: Thu, 16 May 2024 12:13:18 +0600 Subject: [PATCH 1/2] fix(gobinary): add dot when checking version suffix from ldflags --- pkg/dependency/parser/golang/binary/parse.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/dependency/parser/golang/binary/parse.go b/pkg/dependency/parser/golang/binary/parse.go index 171d3574800e..9ca6e71378f5 100644 --- a/pkg/dependency/parser/golang/binary/parse.go +++ b/pkg/dependency/parser/golang/binary/parse.go @@ -159,7 +159,7 @@ func (p *Parser) ParseLDFlags(name string, flags []string) string { func isValidXKey(key string) bool { key = strings.ToLower(key) // The check for a 'ver' prefix enables the parser to pick up Trivy's own version value that's set. - return strings.HasSuffix(key, "version") || strings.HasSuffix(key, "ver") + return strings.HasSuffix(key, ".version") || strings.HasSuffix(key, ".ver") } func isValidSemVer(ver string) bool { From 58bc9c847293ca81e55e323365b416687302eb8f Mon Sep 17 00:00:00 2001 From: DmitriyLewen Date: Thu, 16 May 2024 12:13:30 +0600 Subject: [PATCH 2/2] add test --- pkg/dependency/parser/golang/binary/parse_test.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pkg/dependency/parser/golang/binary/parse_test.go b/pkg/dependency/parser/golang/binary/parse_test.go index c93d038c6d8b..e5d0d2e3ae6b 100644 --- a/pkg/dependency/parser/golang/binary/parse_test.go +++ b/pkg/dependency/parser/golang/binary/parse_test.go @@ -227,6 +227,18 @@ func TestParser_ParseLDFlags(t *testing.T) { }, want: "0.50.1", }, + { + name: "with version with extra prefix", + args: args{ + name: "github.com/argoproj/argo-cd/v2", + flags: []string{ + "-s", + "-w", + "-X='github.com/argoproj/argo-cd/v2/common.kubectlVersion=v0.26.11'", + }, + }, + want: "", + }, { name: "with no flags", args: args{