Merge branch 'main' into chore-precommit-config

intel · Oct 3, 2023 · 67f5e76 · 67f5e76
2 parents 965bc10 + 4233f47
commit 67f5e76
Show file tree

Hide file tree

Showing 19 changed files with 53 additions and 29 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -47,7 +47,7 @@ jobs:
         egress-policy: audit
 
     - name: Checkout repository
-      uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
@@ -18,7 +18,7 @@ jobs:
       with:
         egress-policy: audit
 
-    - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
     - uses: vapier/coverity-scan-action@cae3c096a2eb21c431961a49375ac17aea2670ce # v1.7.0
       with:
         email: ${{ secrets.COVERITY_SCAN_EMAIL }}

diff --git a/.github/workflows/cve_scan.yml b/.github/workflows/cve_scan.yml
@@ -19,7 +19,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.x'

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -22,6 +22,6 @@ jobs:
           egress-policy: audit
 
       - name: 'Checkout Repository'
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@6c5ccdad469c9f8a2996bfecaec55a631a347034 # v3.1.0
diff --git a/.github/workflows/export_data.yml b/.github/workflows/export_data.yml
@@ -30,7 +30,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
 
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:

diff --git a/.github/workflows/formatting.yml b/.github/workflows/formatting.yml
@@ -23,7 +23,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.x'

diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
@@ -24,7 +24,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.x'

diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
@@ -25,7 +25,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: ${{ matrix.python }}

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -27,7 +27,7 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
         with:
           persist-credentials: false
 

diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml
@@ -18,7 +18,7 @@ jobs:
       with:
         egress-policy: audit
 
-    - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
     - uses: check-spelling/check-spelling@d7cd2973c513e84354f9d6cf50a6417a628a78ce # v0.0.21
       with:
         post_comment: '0'
diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml
@@ -30,7 +30,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.x'
@@ -60,7 +60,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: ${{ matrix.python }}
@@ -130,7 +130,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.10'
@@ -227,7 +227,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.10'
@@ -321,7 +321,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.10'
@@ -391,7 +391,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.9'

diff --git a/.github/workflows/update-cache.yml b/.github/workflows/update-cache.yml
@@ -26,7 +26,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:
           python-version: '3.10'

diff --git a/.github/workflows/update-js-dependencies.yml b/.github/workflows/update-js-dependencies.yml
@@ -26,7 +26,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
 
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:

diff --git a/.github/workflows/update-pre-commit.yml b/.github/workflows/update-pre-commit.yml
@@ -26,7 +26,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
 
       - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
         with:

diff --git a/.github/workflows/update-spdx-header.yml b/.github/workflows/update-spdx-header.yml
@@ -27,7 +27,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
       - name: Update spdx header
         run: |
           sed -i "s/[0-9]\{4\}/$(date +%Y)/" spdx_header.txt

diff --git a/cve_bin_tool/checkers/bind.py b/cve_bin_tool/checkers/bind.py
@@ -19,9 +19,25 @@ class BindChecker(Checker):
         # see https://github.com/intel/cve-bin-tool/tree/main/cve_bin_tool/checkers#helper-script for more details
         # r"/bind9.xsl",
     ]
-    FILENAME_PATTERNS = [r"named"]
+    FILENAME_PATTERNS = [
+        r"named",
+        r"liblwres\.so",
+        r"libdns([-_]?(\d+\.)+\d.*)?\.so",
+        r"libirs([-_]?(\d+\.)+\d.*)?\.so",
+        r"libisc([-_]?(\d+\.)+\d.*)?\.so",
+        r"libisccc([-_]?(\d+\.)+\d.*)?\.so",
+        r"libisccfg([-_]?(\d+\.)+\d.*)?\.so",
+        r"libns([-_]?(\d+\.)+\d.*)?\.so",
+    ]
     VERSION_PATTERNS = [
         r"version: BIND ([0-9]+\.[0-9]+\.[0-9]+)",  # for .rpm, .tgz, etc.
         r"(?:lib|/)bind[0-9]*-([0-9]+\.[0-9]+\.[0-9]+)",  # for .deb
+        r"/bind9-([0-9]+\.[0-9]+\.[0-9]+)"  # using buildpath if included
+        # If you trust the filenames to contain the right version number enable the following regular expressions:
+        # r"libisc-([0-9]+\.[0-9]+\.[0-9]+)", # for libisc
+        # r"libisccfg-([0-9]+\.[0-9]+\.[0-9]+)", # for libisccfg
+        # r"libisccc-([0-9]+\.[0-9]+\.[0-9]+)", #for libisccc
+        # r"libns-([0-9]+\.[0-9]+\.[0-9]+)", #for libns
+        # r"libdns-([0-9]+\.[0-9]+\.[0-9]+)" #for libdns
     ]
     VENDOR_PRODUCT = [("isc", "bind")]
diff --git a/test/language_data/pom.xml b/test/language_data/pom.xml
@@ -28,9 +28,9 @@
   <dependencyManagement>
     <dependencies>
       <dependency>
-        <groupId>commons-io</groupId>
-        <artifactId>commons-io</artifactId>
-        <version>2.11.0</version>
+        <groupId>jmeter</groupId>
+        <artifactId>jmeter</artifactId>
+        <version>5.1</version>
       </dependency>
       <dependency>
         <groupId>org.apache.maven</groupId>
@@ -62,9 +62,9 @@
       <scope>test</scope>
     </dependency>
     <dependency>
-        <groupId>commons-io</groupId>
-        <artifactId>commons-io</artifactId>
-        <version>2.11.0</version>
+        <groupId>jmeter</groupId>
+        <artifactId>jmeter</artifactId>
+        <version>5.1</version>
     </dependency>
     <dependency>
       <groupId>org.hamcrest</groupId>
@@ -505,4 +505,5 @@
     </profile>
   </profiles>
 
-</project>
+</project>
+
diff --git a/test/test_checkers.py b/test/test_checkers.py
@@ -125,6 +125,13 @@ def setup_class(cls):
             ("xerces", "libxerces-c.so", ["xerces"]),
             ("xml2", "libxml2.so.0", ["xml2"]),
             ("zlib", "libz.so.0", ["zlib"]),
+            ("bind", "libbind9-9.16.37-Debian.so", ["bind"]),
+            ("bind", "libdns-9.16.37-Debian.so", ["bind"]),
+            ("bind", "libirs-9.16.37-Debian.so", ["bind"]),
+            ("bind", "libisc-9.16.37-Debian.so", ["bind"]),
+            ("bind", "libisccc-9.16.37-Debian.so", ["bind"]),
+            ("bind", "libisccfg-9.16.37-Debian.so", ["bind"]),
+            ("bind", "libns-9.16.37-Debian.so", ["bind"]),
         ],
     )
     def test_filename_is(self, checker_name, file_name, expected_results):

diff --git a/test/test_language_scanner.py b/test/test_language_scanner.py
@@ -165,7 +165,7 @@ def setup_class(cls):
 
     @pytest.mark.parametrize(
         "filename, product_list",
-        (((str(TEST_FILE_PATH / "pom.xml")), ["commons-io", "hamcrest"]),),
+        (((str(TEST_FILE_PATH / "pom.xml")), ["jmeter", "hamcrest"]),),
     )
     def test_java_package(self, filename: str, product_list: set[str]) -> None:
         scanner = VersionScanner()