>>> trivy: Building testing/trivy 0.25.4-r1 (using abuild 3.9.0-r0) started Wed, 13 Apr 2022 22:17:44 +0000 >>> trivy: Checking sanity of /home/buildozer/aports/testing/trivy/APKBUILD... >>> trivy: Analyzing dependencies... >>> trivy: Installing for build: build-base btrfs-progs-dev go linux-headers lvm2-dev (1/17) Installing linux-headers (5.16.7-r1) (2/17) Installing btrfs-progs-libs (5.16.2-r0) (3/17) Installing btrfs-progs-dev (5.16.2-r0) (4/17) Installing binutils-gold (2.38-r1) (5/17) Installing go (1.18.1-r0) (6/17) Installing device-mapper-libs (2.02.187-r2) (7/17) Installing device-mapper-event-libs (2.02.187-r2) (8/17) Installing libaio (0.3.112-r2) (9/17) Installing libblkid (2.38-r0) (10/17) Installing lvm2-libs (2.02.187-r2) (11/17) Installing libuuid (2.38-r0) (12/17) Installing libfdisk (2.38-r0) (13/17) Installing libmount (2.38-r0) (14/17) Installing libsmartcols (2.38-r0) (15/17) Installing util-linux-dev (2.38-r0) (16/17) Installing lvm2-dev (2.02.187-r2) (17/17) Installing .makedepends-trivy (20220413.221746) Executing busybox-1.35.0-r8.trigger OK: 764 MiB in 113 packages >>> trivy: Cleaning up srcdir >>> trivy: Cleaning up pkgdir >>> trivy: Fetching https://distfiles.alpinelinux.org/distfiles/edge/trivy-0.25.4.tar.gz >>> trivy: Fetching https://distfiles.alpinelinux.org/distfiles/edge/trivy-0.25.4.tar.gz >>> trivy: Checking sha512sums... trivy-0.25.4.tar.gz: OK >>> trivy: Unpacking /var/cache/distfiles/edge/trivy-0.25.4.tar.gz... go build -ldflags "-s -w -X=main.version=0.25.4" ./cmd/trivy go: downloading github.com/aquasecurity/trivy-db v0.0.0-20220327074450-74195d9604b2 go: downloading github.com/urfave/cli/v2 v2.4.0 go: downloading go.uber.org/zap v1.21.0 go: downloading github.com/aquasecurity/fanal v0.0.0-20220406084015-9cc93a8482b8 go: downloading github.com/google/wire v0.5.0 go: downloading github.com/caarlos0/env/v6 v6.9.1 go: downloading golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 go: downloading golang.org/x/exp v0.0.0-20220321124402-2d6d886f8a82 go: downloading github.com/hashicorp/go-getter v1.5.11 go: downloading gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b go: downloading github.com/open-policy-agent/opa v0.39.0 go: downloading github.com/stretchr/testify v1.7.1 go: downloading k8s.io/utils v0.0.0-20201110183641-67b214c5f920 go: downloading google.golang.org/protobuf v1.28.0 go: downloading github.com/fatih/color v1.13.0 go: downloading github.com/olekukonko/tablewriter v0.0.5 go: downloading github.com/golang/protobuf v1.5.2 go: downloading github.com/aquasecurity/go-dep-parser v0.0.0-20220406074731-71021a481237 go: downloading github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46 go: downloading github.com/google/uuid v1.3.0 go: downloading github.com/cheggaaa/pb/v3 v3.0.8 go: downloading github.com/Masterminds/sprig/v3 v3.2.2 go: downloading github.com/CycloneDX/cyclonedx-go v0.5.0 go: downloading github.com/owenrumney/go-sarif/v2 v2.1.1 go: downloading github.com/twitchtv/twirp v8.1.1+incompatible go: downloading github.com/cenkalti/backoff v2.2.1+incompatible go: downloading github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936 go: downloading github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f go: downloading github.com/package-url/packageurl-go v0.1.1-0.20220203205134-d70459300c8a go: downloading github.com/google/go-containerregistry v0.7.1-0.20211214010025-a65b7844a475 go: downloading github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492 go: downloading github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08 go: downloading github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d go: downloading github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 go: downloading github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce go: downloading github.com/go-redis/redis/v8 v8.11.5 go: downloading github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 go: downloading github.com/mattn/go-runewidth v0.0.12 go: downloading github.com/mattn/go-isatty v0.0.14 go: downloading github.com/mattn/go-colorable v0.1.12 go: downloading github.com/hashicorp/go-multierror v1.1.1 go: downloading github.com/rivo/uniseg v0.2.0 go: downloading github.com/VividCortex/ewma v1.1.1 go: downloading golang.org/x/crypto v0.0.0-20220208233918-bba287dce954 go: downloading github.com/mitchellh/copystructure v1.0.0 go: downloading github.com/huandu/xstrings v1.3.1 go: downloading github.com/spf13/cast v1.4.1 go: downloading github.com/imdario/mergo v0.3.12 go: downloading github.com/Masterminds/semver/v3 v3.1.1 go: downloading github.com/shopspring/decimal v1.2.0 go: downloading github.com/Masterminds/goutils v1.1.1 go: downloading github.com/pmezard/go-difflib v1.0.0 go: downloading github.com/stretchr/objx v0.3.0 go: downloading github.com/davecgh/go-spew v1.1.1 go: downloading golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a go: downloading github.com/cespare/xxhash/v2 v2.1.2 go: downloading github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f go: downloading github.com/aws/aws-sdk-go v1.43.31 go: downloading cloud.google.com/go/storage v1.14.0 go: downloading github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d go: downloading github.com/hashicorp/go-cleanhttp v0.5.2 go: downloading github.com/hashicorp/go-safetemp v1.0.0 go: downloading github.com/hashicorp/go-version v1.4.0 go: downloading github.com/klauspost/compress v1.14.2 go: downloading github.com/mitchellh/go-homedir v1.1.0 go: downloading github.com/mitchellh/go-testing-interface v1.0.0 go: downloading github.com/ulikunitz/xz v0.5.8 go: downloading golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 go: downloading google.golang.org/api v0.62.0 go: downloading github.com/Masterminds/semver v1.5.0 go: downloading go.uber.org/atomic v1.7.0 go: downloading go.uber.org/multierr v1.6.0 go: downloading github.com/hashicorp/errwrap v1.1.0 go: downloading github.com/mitchellh/reflectwalk v1.0.0 go: downloading github.com/cpuguy83/go-md2man/v2 v2.0.1 go: downloading golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd go: downloading cloud.google.com/go v0.99.0 go: downloading github.com/russross/blackfriday/v2 v2.1.0 go: downloading golang.org/x/sync v0.0.0-20210220032951-036812b2e83c go: downloading github.com/docker/cli v20.10.11+incompatible go: downloading github.com/opencontainers/image-spec v1.0.2 go: downloading github.com/docker/distribution v2.7.1+incompatible go: downloading github.com/opencontainers/go-digest v1.0.0 go: downloading google.golang.org/genproto v0.0.0-20220204002441-d6cc3cc0770e go: downloading github.com/googleapis/gax-go/v2 v2.1.1 go: downloading go.opencensus.io v0.23.0 go: downloading google.golang.org/grpc v1.45.0 go: downloading go.etcd.io/bbolt v1.3.6 go: downloading gopkg.in/cheggaaa/pb.v1 v1.0.28 go: downloading github.com/briandowns/spinner v1.12.0 go: downloading github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da go: downloading github.com/pkg/errors v0.9.1 go: downloading github.com/sirupsen/logrus v1.8.1 go: downloading github.com/docker/docker v20.10.14+incompatible go: downloading github.com/docker/docker-credential-helpers v0.6.4 go: downloading golang.org/x/text v0.3.7 go: downloading github.com/ghodss/yaml v1.0.0 go: downloading github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 go: downloading gopkg.in/yaml.v2 v2.4.0 go: downloading github.com/OneOfOne/xxhash v1.2.8 go: downloading github.com/gobwas/glob v0.2.3 go: downloading github.com/yashtewari/glob-intersection v0.1.0 go: downloading github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 go: downloading github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb go: downloading github.com/knqyf263/nested v0.0.1 go: downloading golang.org/x/mod v0.6.0-dev.0.20211013180041-c96bc1413d57 go: downloading github.com/go-git/go-git/v5 v5.4.2 go: downloading github.com/saracen/walker v0.0.0-20191201085201-324a081bae7e go: downloading github.com/moby/buildkit v0.9.3 go: downloading github.com/aquasecurity/defsec v0.28.4 go: downloading github.com/mitchellh/mapstructure v1.4.3 go: downloading github.com/aquasecurity/tfsec v1.8.0 go: downloading github.com/knqyf263/go-rpmdb v0.0.0-20220209103220-0f7a6d951a6d go: downloading sigs.k8s.io/yaml v1.3.0 go: downloading github.com/hashicorp/go-retryablehttp v0.7.0 go: downloading github.com/BurntSushi/toml v1.1.0 go: downloading github.com/hashicorp/hcl v1.0.0 go: downloading github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible go: downloading github.com/tmccombs/hcl2json v0.3.4 go: downloading github.com/Azure/go-autorest/autorest v0.11.25 go: downloading github.com/Azure/azure-sdk-for-go v63.0.0+incompatible go: downloading github.com/Azure/go-autorest/autorest/adal v0.9.18 go: downloading github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 go: downloading github.com/docker/go-connections v0.4.0 go: downloading github.com/docker/go-units v0.4.0 go: downloading github.com/containerd/stargz-snapshotter/estargz v0.10.1 go: downloading github.com/gogo/protobuf v1.3.2 go: downloading github.com/containerd/containerd v1.5.9 go: downloading github.com/vbatts/tar-split v0.11.2 go: downloading github.com/Azure/go-autorest v14.2.0+incompatible go: downloading github.com/sergi/go-diff v1.1.0 go: downloading github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 go: downloading github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 go: downloading github.com/go-git/go-billy/v5 v5.3.1 go: downloading github.com/go-git/gcfg v1.5.0 go: downloading github.com/xanzy/ssh-agent v0.3.0 go: downloading github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 go: downloading github.com/hashicorp/hcl/v2 v2.11.1 go: downloading github.com/zclconf/go-cty v1.10.0 go: downloading github.com/emirpasic/gods v1.12.0 go: downloading github.com/jmespath/go-jmespath v0.4.0 go: downloading github.com/dimchansky/utfbom v1.1.1 go: downloading github.com/Azure/go-autorest/logger v0.2.1 go: downloading github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 go: downloading github.com/Azure/go-autorest/autorest/date v0.3.0 go: downloading github.com/golang-jwt/jwt/v4 v4.2.0 go: downloading github.com/Azure/go-autorest/tracing v0.6.0 go: downloading gopkg.in/warnings.v0 v0.1.2 go: downloading github.com/containerd/typeurl v1.0.2 go: downloading github.com/agext/levenshtein v1.2.3 go: downloading github.com/apparentlymart/go-textseg/v13 v13.0.0 go: downloading github.com/mitchellh/go-wordwrap v1.0.1 go: downloading github.com/owenrumney/squealer v0.3.2 go: downloading github.com/apparentlymart/go-cidr v1.1.0 go: downloading github.com/liamg/jfather v0.0.7 go: downloading github.com/liamg/iamgo v0.0.6 go: downloading github.com/zclconf/go-cty-yaml v1.0.2 go: downloading github.com/hashicorp/go-uuid v1.0.2 go: downloading github.com/bmatcuk/doublestar v1.3.4 go: downloading modernc.org/sqlite v1.14.5 go: downloading modernc.org/libc v1.14.1 go: downloading modernc.org/memory v1.0.5 go: downloading modernc.org/mathutil v1.4.1 go: downloading github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 go test -v -short -coverprofile=coverage.txt -covermode=atomic ./... go: downloading github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 go: downloading github.com/goccy/go-yaml v1.8.2 ? github.com/aquasecurity/trivy/cmd/trivy [no test files] ? github.com/aquasecurity/trivy/misc/eol [no test files] === RUN TestRemoteCache_PutArtifact === RUN TestRemoteCache_PutArtifact/happy_path === RUN TestRemoteCache_PutArtifact/sad_path === RUN TestRemoteCache_PutArtifact/sad_path:_invalid_token --- PASS: TestRemoteCache_PutArtifact (0.03s) --- PASS: TestRemoteCache_PutArtifact/happy_path (0.02s) --- PASS: TestRemoteCache_PutArtifact/sad_path (0.01s) --- PASS: TestRemoteCache_PutArtifact/sad_path:_invalid_token (0.00s) === RUN TestRemoteCache_PutBlob === RUN TestRemoteCache_PutBlob/happy_path === RUN TestRemoteCache_PutBlob/sad_path === RUN TestRemoteCache_PutBlob/sad_path:_invalid_token --- PASS: TestRemoteCache_PutBlob (0.00s) --- PASS: TestRemoteCache_PutBlob/happy_path (0.00s) --- PASS: TestRemoteCache_PutBlob/sad_path (0.00s) --- PASS: TestRemoteCache_PutBlob/sad_path:_invalid_token (0.00s) === RUN TestRemoteCache_MissingBlobs === RUN TestRemoteCache_MissingBlobs/happy_path === RUN TestRemoteCache_MissingBlobs/sad_path === RUN TestRemoteCache_MissingBlobs/sad_path_with_invalid_token --- PASS: TestRemoteCache_MissingBlobs (0.02s) --- PASS: TestRemoteCache_MissingBlobs/happy_path (0.01s) --- PASS: TestRemoteCache_MissingBlobs/sad_path (0.01s) --- PASS: TestRemoteCache_MissingBlobs/sad_path_with_invalid_token (0.00s) === RUN TestRemoteCache_PutArtifactInsecure === RUN TestRemoteCache_PutArtifactInsecure/happy_path === RUN TestRemoteCache_PutArtifactInsecure/sad_path 2022/04/13 22:18:45 http: TLS handshake error from 127.0.0.1:58992: remote error: tls: bad certificate --- PASS: TestRemoteCache_PutArtifactInsecure (0.11s) --- PASS: TestRemoteCache_PutArtifactInsecure/happy_path (0.03s) --- PASS: TestRemoteCache_PutArtifactInsecure/sad_path (0.07s) PASS coverage: 72.7% of statements ok github.com/aquasecurity/trivy/pkg/cache 0.447s coverage: 72.7% of statements === RUN Test_showVersion === RUN Test_showVersion/happy_path,_table_output === RUN Test_showVersion/sad_path,_bogus_cache_dir --- PASS: Test_showVersion (0.00s) --- PASS: Test_showVersion/happy_path,_table_output (0.00s) --- PASS: Test_showVersion/sad_path,_bogus_cache_dir (0.00s) === RUN TestPrintVersion === RUN TestPrintVersion/happy_path._'-v'_flag_is_used === RUN TestPrintVersion/happy_path._'-version'_flag_is_used === RUN TestPrintVersion/happy_path._'version'_command_is_used === RUN TestPrintVersion/happy_path._'version',_'--format_json'_flags_are_used === RUN TestPrintVersion/sad_path._'-v',_'--format_json'_flags_are_used === RUN TestPrintVersion/sad_path._'-version',_'--format_json'_flags_are_used --- PASS: TestPrintVersion (0.00s) --- PASS: TestPrintVersion/happy_path._'-v'_flag_is_used (0.00s) --- PASS: TestPrintVersion/happy_path._'-version'_flag_is_used (0.00s) --- PASS: TestPrintVersion/happy_path._'version'_command_is_used (0.00s) --- PASS: TestPrintVersion/happy_path._'version',_'--format_json'_flags_are_used (0.00s) --- PASS: TestPrintVersion/sad_path._'-v',_'--format_json'_flags_are_used (0.00s) --- PASS: TestPrintVersion/sad_path._'-version',_'--format_json'_flags_are_used (0.00s) === RUN TestNewCommands --- PASS: TestNewCommands (0.00s) PASS coverage: 84.4% of statements ok github.com/aquasecurity/trivy/pkg/commands 0.908s coverage: 84.4% of statements === RUN TestOption_Init === RUN TestOption_Init/happy_path === RUN TestOption_Init/config_scanning === RUN TestOption_Init/happy_path_with_token_and_token_header === RUN TestOption_Init/invalid_option_combination:_token_and_token_header_without_server === RUN TestOption_Init/happy_path_with_good_custom_headers === RUN TestOption_Init/happy_path_with_bad_custom_headers === RUN TestOption_Init/happy_path:_reset === RUN TestOption_Init/happy_path_with_an_unknown_severity === RUN TestOption_Init/invalid_option_combination:_--template_enabled_without_--format === RUN TestOption_Init/invalid_option_combination:_--template_and_--format_json === RUN TestOption_Init/invalid_option_combination:_--format_template_without_--template === RUN TestOption_Init/sad:_skip_and_download_db === RUN TestOption_Init/sad:_multiple_image_names --- PASS: TestOption_Init (0.00s) --- PASS: TestOption_Init/happy_path (0.00s) --- PASS: TestOption_Init/config_scanning (0.00s) --- PASS: TestOption_Init/happy_path_with_token_and_token_header (0.00s) --- PASS: TestOption_Init/invalid_option_combination:_token_and_token_header_without_server (0.00s) --- PASS: TestOption_Init/happy_path_with_good_custom_headers (0.00s) --- PASS: TestOption_Init/happy_path_with_bad_custom_headers (0.00s) --- PASS: TestOption_Init/happy_path:_reset (0.00s) --- PASS: TestOption_Init/happy_path_with_an_unknown_severity (0.00s) --- PASS: TestOption_Init/invalid_option_combination:_--template_enabled_without_--format (0.00s) --- PASS: TestOption_Init/invalid_option_combination:_--template_and_--format_json (0.00s) --- PASS: TestOption_Init/invalid_option_combination:_--format_template_without_--template (0.00s) --- PASS: TestOption_Init/sad:_skip_and_download_db (0.00s) --- PASS: TestOption_Init/sad:_multiple_image_names (0.00s) PASS coverage: 6.9% of statements ok github.com/aquasecurity/trivy/pkg/commands/artifact 0.894s coverage: 6.9% of statements ? github.com/aquasecurity/trivy/pkg/commands/operation [no test files] === RUN Test_splitCustomHeaders === RUN Test_splitCustomHeaders/happy_path --- PASS: Test_splitCustomHeaders (0.00s) --- PASS: Test_splitCustomHeaders/happy_path (0.00s) === RUN TestReportReportConfig_Init === RUN TestReportReportConfig_Init/happy_path === RUN TestReportReportConfig_Init/happy_path_with_an_unknown_severity === RUN TestReportReportConfig_Init/happy_path_with_an_cyclonedx === RUN TestReportReportConfig_Init/happy_path_with_an_cyclonedx_option_list-all-pkgs_is_false === RUN TestReportReportConfig_Init/invalid_option_combination:_--template_enabled_without_--format === RUN TestReportReportConfig_Init/invalid_option_combination:_--template_and_--format_json === RUN TestReportReportConfig_Init/invalid_option_combination:_--format_template_without_--template === RUN TestReportReportConfig_Init/invalid_option_combination:_--list-all-pkgs_with_--format_table --- PASS: TestReportReportConfig_Init (0.00s) --- PASS: TestReportReportConfig_Init/happy_path (0.00s) --- PASS: TestReportReportConfig_Init/happy_path_with_an_unknown_severity (0.00s) --- PASS: TestReportReportConfig_Init/happy_path_with_an_cyclonedx (0.00s) --- PASS: TestReportReportConfig_Init/happy_path_with_an_cyclonedx_option_list-all-pkgs_is_false (0.00s) --- PASS: TestReportReportConfig_Init/invalid_option_combination:_--template_enabled_without_--format (0.00s) --- PASS: TestReportReportConfig_Init/invalid_option_combination:_--template_and_--format_json (0.00s) --- PASS: TestReportReportConfig_Init/invalid_option_combination:_--format_template_without_--template (0.00s) --- PASS: TestReportReportConfig_Init/invalid_option_combination:_--list-all-pkgs_with_--format_table (0.00s) === RUN TestArtifactOption_Init === RUN TestArtifactOption_Init/happy_path === RUN TestArtifactOption_Init/sad:_multiple_image_names --- PASS: TestArtifactOption_Init (0.00s) --- PASS: TestArtifactOption_Init/happy_path (0.00s) --- PASS: TestArtifactOption_Init/sad:_multiple_image_names (0.00s) === RUN TestNewCacheOption === RUN TestNewCacheOption/happy_path === RUN TestNewCacheOption/default --- PASS: TestNewCacheOption (0.00s) --- PASS: TestNewCacheOption/happy_path (0.00s) --- PASS: TestNewCacheOption/default (0.00s) === RUN TestCacheOption_Init === RUN TestCacheOption_Init/fs === RUN TestCacheOption_Init/redis === RUN TestCacheOption_Init/sad_path --- PASS: TestCacheOption_Init (0.00s) --- PASS: TestCacheOption_Init/fs (0.00s) --- PASS: TestCacheOption_Init/redis (0.00s) --- PASS: TestCacheOption_Init/sad_path (0.00s) === RUN TestNewDBOption === RUN TestNewDBOption/happy_path --- PASS: TestNewDBOption (0.00s) --- PASS: TestNewDBOption/happy_path (0.00s) === RUN TestDBOption_Init === RUN TestDBOption_Init/happy_path 2022-04-13T22:18:44.111Z WARN '--light' option is deprecated and will be removed. See also: https://github.com/aquasecurity/trivy/discussions/1649 === RUN TestDBOption_Init/sad_path --- PASS: TestDBOption_Init (0.00s) --- PASS: TestDBOption_Init/happy_path (0.00s) --- PASS: TestDBOption_Init/sad_path (0.00s) === RUN TestNewGlobalConfig === RUN TestNewGlobalConfig/happy_path --- PASS: TestNewGlobalConfig (0.00s) --- PASS: TestNewGlobalConfig/happy_path (0.00s) PASS coverage: 62.1% of statements ok github.com/aquasecurity/trivy/pkg/commands/option 0.173s coverage: 62.1% of statements ? github.com/aquasecurity/trivy/pkg/commands/plugin [no test files] === RUN TestNew === RUN TestNew/happy_path --- PASS: TestNew (0.00s) --- PASS: TestNew/happy_path (0.00s) === RUN TestConfig_Init === RUN TestConfig_Init/happy_path === RUN TestConfig_Init/happy_path:_reset === RUN TestConfig_Init/sad:_skip_and_download_db --- PASS: TestConfig_Init (0.00s) --- PASS: TestConfig_Init/happy_path (0.00s) --- PASS: TestConfig_Init/happy_path:_reset (0.00s) --- PASS: TestConfig_Init/sad:_skip_and_download_db (0.00s) PASS coverage: 21.4% of statements ok github.com/aquasecurity/trivy/pkg/commands/server 0.995s coverage: 21.4% of statements === RUN TestClient_NeedsUpdate === RUN TestClient_NeedsUpdate/happy_path === RUN TestClient_NeedsUpdate/happy_path_for_first_run === RUN TestClient_NeedsUpdate/happy_path_with_old_schema_version === RUN TestClient_NeedsUpdate/happy_path_with_--skip-update === RUN TestClient_NeedsUpdate/skip_downloading_DB === RUN TestClient_NeedsUpdate/newer_schema_version 2022-04-13T22:18:45.902Z ERROR Trivy version (test) is old. Update to the latest version. === RUN TestClient_NeedsUpdate/--skip-update_on_the_first_run 2022-04-13T22:18:45.985Z ERROR The first run cannot skip downloading DB === RUN TestClient_NeedsUpdate/--skip-update_with_different_schema_version 2022-04-13T22:18:46.018Z ERROR The local DB has an old schema version which is not supported by the current version of Trivy CLI. DB needs to be updated. === RUN TestClient_NeedsUpdate/happy_with_old_DownloadedAt === RUN TestClient_NeedsUpdate/skip_downloading_DB_with_recent_DownloadedAt --- PASS: TestClient_NeedsUpdate (0.60s) --- PASS: TestClient_NeedsUpdate/happy_path (0.02s) --- PASS: TestClient_NeedsUpdate/happy_path_for_first_run (0.01s) --- PASS: TestClient_NeedsUpdate/happy_path_with_old_schema_version (0.07s) --- PASS: TestClient_NeedsUpdate/happy_path_with_--skip-update (0.07s) --- PASS: TestClient_NeedsUpdate/skip_downloading_DB (0.12s) --- PASS: TestClient_NeedsUpdate/newer_schema_version (0.10s) --- PASS: TestClient_NeedsUpdate/--skip-update_on_the_first_run (0.02s) --- PASS: TestClient_NeedsUpdate/--skip-update_with_different_schema_version (0.04s) --- PASS: TestClient_NeedsUpdate/happy_with_old_DownloadedAt (0.14s) --- PASS: TestClient_NeedsUpdate/skip_downloading_DB_with_recent_DownloadedAt (0.02s) === RUN TestClient_Download === RUN TestClient_Download/happy_path === RUN TestClient_Download/invalid_gzip --- PASS: TestClient_Download (0.28s) --- PASS: TestClient_Download/happy_path (0.20s) --- PASS: TestClient_Download/invalid_gzip (0.08s) PASS coverage: 53.5% of statements ok github.com/aquasecurity/trivy/pkg/db 1.509s coverage: 53.5% of statements ? github.com/aquasecurity/trivy/pkg/dbtest [no test files] === RUN TestDriver_Detect === RUN TestDriver_Detect/happy_path === RUN TestDriver_Detect/non-prefixed_buckets === RUN TestDriver_Detect/no_patched_versions_in_the_advisory === RUN TestDriver_Detect/no_vulnerable_versions_in_the_advisory === RUN TestDriver_Detect/no_vulnerability === RUN TestDriver_Detect/malformed_JSON --- PASS: TestDriver_Detect (1.08s) --- PASS: TestDriver_Detect/happy_path (0.06s) --- PASS: TestDriver_Detect/non-prefixed_buckets (0.07s) --- PASS: TestDriver_Detect/no_patched_versions_in_the_advisory (0.27s) --- PASS: TestDriver_Detect/no_vulnerable_versions_in_the_advisory (0.29s) --- PASS: TestDriver_Detect/no_vulnerability (0.23s) --- PASS: TestDriver_Detect/malformed_JSON (0.16s) PASS coverage: 48.3% of statements ok github.com/aquasecurity/trivy/pkg/detector/library 1.341s coverage: 48.3% of statements === RUN TestGenericComparer_IsVulnerable === RUN TestGenericComparer_IsVulnerable/happy_path === RUN TestGenericComparer_IsVulnerable/no_patch === RUN TestGenericComparer_IsVulnerable/pre-release === RUN TestGenericComparer_IsVulnerable/multiple_constraints === RUN TestGenericComparer_IsVulnerable/invalid_version 2022-04-13T22:18:43.230Z WARN version error (1.2..4): malformed version: 1.2..4 === RUN TestGenericComparer_IsVulnerable/improper_constraint 2022-04-13T22:18:43.230Z WARN constraint error (1.2.3): improper constraint: * === RUN TestGenericComparer_IsVulnerable/empty_patched_version === RUN TestGenericComparer_IsVulnerable/empty_vulnerable_&_patched_version --- PASS: TestGenericComparer_IsVulnerable (0.00s) --- PASS: TestGenericComparer_IsVulnerable/happy_path (0.00s) --- PASS: TestGenericComparer_IsVulnerable/no_patch (0.00s) --- PASS: TestGenericComparer_IsVulnerable/pre-release (0.00s) --- PASS: TestGenericComparer_IsVulnerable/multiple_constraints (0.00s) --- PASS: TestGenericComparer_IsVulnerable/invalid_version (0.00s) --- PASS: TestGenericComparer_IsVulnerable/improper_constraint (0.00s) --- PASS: TestGenericComparer_IsVulnerable/empty_patched_version (0.00s) --- PASS: TestGenericComparer_IsVulnerable/empty_vulnerable_&_patched_version (0.00s) PASS coverage: 89.3% of statements ok github.com/aquasecurity/trivy/pkg/detector/library/compare 0.162s coverage: 89.3% of statements === RUN TestComparer_IsVulnerable === RUN TestComparer_IsVulnerable/happy_path === RUN TestComparer_IsVulnerable/final_release === RUN TestComparer_IsVulnerable/pre-release === RUN TestComparer_IsVulnerable/multiple_constraints === RUN TestComparer_IsVulnerable/version_requirements === RUN TestComparer_IsVulnerable/version_soft_requirements_happy === RUN TestComparer_IsVulnerable/version_soft_requirements === RUN TestComparer_IsVulnerable/invalid_constraint 2022-04-13T22:18:43.501Z WARN maven constraint error (<1.0\.0): failed to new comparer: 2 errors occurred: * improper constraint: <1.0\.0 * improper requirements: [] --- PASS: TestComparer_IsVulnerable (0.00s) --- PASS: TestComparer_IsVulnerable/happy_path (0.00s) --- PASS: TestComparer_IsVulnerable/final_release (0.00s) --- PASS: TestComparer_IsVulnerable/pre-release (0.00s) --- PASS: TestComparer_IsVulnerable/multiple_constraints (0.00s) --- PASS: TestComparer_IsVulnerable/version_requirements (0.00s) --- PASS: TestComparer_IsVulnerable/version_soft_requirements_happy (0.00s) --- PASS: TestComparer_IsVulnerable/version_soft_requirements (0.00s) --- PASS: TestComparer_IsVulnerable/invalid_constraint (0.00s) PASS coverage: 87.5% of statements ok github.com/aquasecurity/trivy/pkg/detector/library/compare/maven 0.202s coverage: 87.5% of statements === RUN TestNpmComparer_IsVulnerable === RUN TestNpmComparer_IsVulnerable/happy_path === RUN TestNpmComparer_IsVulnerable/no_patch === RUN TestNpmComparer_IsVulnerable/no_patch_with_wildcard === RUN TestNpmComparer_IsVulnerable/pre-release === RUN TestNpmComparer_IsVulnerable/multiple_constraints === RUN TestNpmComparer_IsVulnerable/x === RUN TestNpmComparer_IsVulnerable/exact_versions === RUN TestNpmComparer_IsVulnerable/caret === RUN TestNpmComparer_IsVulnerable/invalid_version 2022-04-13T22:18:43.223Z WARN npm version error (1.2..4): invalid semantic version === RUN TestNpmComparer_IsVulnerable/invalid_constraint 2022-04-13T22:18:43.224Z WARN npm constraint error (!1.0.0): improper constraint: !1.0.0 --- PASS: TestNpmComparer_IsVulnerable (0.00s) --- PASS: TestNpmComparer_IsVulnerable/happy_path (0.00s) --- PASS: TestNpmComparer_IsVulnerable/no_patch (0.00s) --- PASS: TestNpmComparer_IsVulnerable/no_patch_with_wildcard (0.00s) --- PASS: TestNpmComparer_IsVulnerable/pre-release (0.00s) --- PASS: TestNpmComparer_IsVulnerable/multiple_constraints (0.00s) --- PASS: TestNpmComparer_IsVulnerable/x (0.00s) --- PASS: TestNpmComparer_IsVulnerable/exact_versions (0.00s) --- PASS: TestNpmComparer_IsVulnerable/caret (0.00s) --- PASS: TestNpmComparer_IsVulnerable/invalid_version (0.00s) --- PASS: TestNpmComparer_IsVulnerable/invalid_constraint (0.00s) PASS coverage: 100.0% of statements ok github.com/aquasecurity/trivy/pkg/detector/library/compare/npm 0.159s coverage: 100.0% of statements === RUN TestPep440Comparer_IsVulnerable === RUN TestPep440Comparer_IsVulnerable/happy_path === RUN TestPep440Comparer_IsVulnerable/no_patch === RUN TestPep440Comparer_IsVulnerable/no_patch_with_wildcard === RUN TestPep440Comparer_IsVulnerable/pre-release === RUN TestPep440Comparer_IsVulnerable/multiple_constraints === RUN TestPep440Comparer_IsVulnerable/exact_versions === RUN TestPep440Comparer_IsVulnerable/invalid_version 2022-04-13T22:18:43.127Z WARN python version error (1.2..4): malformed version: 1.2..4 === RUN TestPep440Comparer_IsVulnerable/invalid_constraint 2022-04-13T22:18:43.127Z WARN python constraint error (!1.0.0): improper constraint: !1.0.0 --- PASS: TestPep440Comparer_IsVulnerable (0.00s) --- PASS: TestPep440Comparer_IsVulnerable/happy_path (0.00s) --- PASS: TestPep440Comparer_IsVulnerable/no_patch (0.00s) --- PASS: TestPep440Comparer_IsVulnerable/no_patch_with_wildcard (0.00s) --- PASS: TestPep440Comparer_IsVulnerable/pre-release (0.00s) --- PASS: TestPep440Comparer_IsVulnerable/multiple_constraints (0.00s) --- PASS: TestPep440Comparer_IsVulnerable/exact_versions (0.00s) --- PASS: TestPep440Comparer_IsVulnerable/invalid_version (0.00s) --- PASS: TestPep440Comparer_IsVulnerable/invalid_constraint (0.00s) PASS coverage: 100.0% of statements ok github.com/aquasecurity/trivy/pkg/detector/library/compare/pep440 0.097s coverage: 100.0% of statements === RUN TestRubyGemsComparer_IsVulnerable === RUN TestRubyGemsComparer_IsVulnerable/happy_path === RUN TestRubyGemsComparer_IsVulnerable/pre-release === RUN TestRubyGemsComparer_IsVulnerable/pre-release_without_dot === RUN TestRubyGemsComparer_IsVulnerable/hyphen === RUN TestRubyGemsComparer_IsVulnerable/pessimistic === RUN TestRubyGemsComparer_IsVulnerable/invalid_version 2022-04-13T22:18:43.471Z WARN RubyGems version error (1.2..4): invalid gem version === RUN TestRubyGemsComparer_IsVulnerable/invalid_constraint 2022-04-13T22:18:43.471Z WARN RubyGems constraint error (!1.2.0): improper constraint: !1.2.0 --- PASS: TestRubyGemsComparer_IsVulnerable (0.00s) --- PASS: TestRubyGemsComparer_IsVulnerable/happy_path (0.00s) --- PASS: TestRubyGemsComparer_IsVulnerable/pre-release (0.00s) --- PASS: TestRubyGemsComparer_IsVulnerable/pre-release_without_dot (0.00s) --- PASS: TestRubyGemsComparer_IsVulnerable/hyphen (0.00s) --- PASS: TestRubyGemsComparer_IsVulnerable/pessimistic (0.00s) --- PASS: TestRubyGemsComparer_IsVulnerable/invalid_version (0.00s) --- PASS: TestRubyGemsComparer_IsVulnerable/invalid_constraint (0.00s) PASS coverage: 100.0% of statements ok github.com/aquasecurity/trivy/pkg/detector/library/compare/rubygems 0.179s coverage: 100.0% of statements ? github.com/aquasecurity/trivy/pkg/detector/ospkg [no test files] === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path 2022-04-13T22:18:45.544Z INFO Detecting AlmaLinux vulnerabilities... === RUN TestScanner_Detect/skip_modular_package 2022-04-13T22:18:45.618Z INFO Detecting AlmaLinux vulnerabilities... 2022-04-13T22:18:45.618Z INFO Skipped detection of these packages: ["nginx"] because modular packages cannot be detected correctly due to a bug in AlmaLinux. See also: https://bugs.almalinux.org/view.php?id=173 === RUN TestScanner_Detect/Get_returns_an_error 2022-04-13T22:18:45.744Z INFO Detecting AlmaLinux vulnerabilities... --- PASS: TestScanner_Detect (0.42s) --- PASS: TestScanner_Detect/happy_path (0.07s) --- PASS: TestScanner_Detect/skip_modular_package (0.07s) --- PASS: TestScanner_Detect/Get_returns_an_error (0.27s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/alma_8.4 === RUN TestScanner_IsSupportedVersion/alma_8.4_with_EOL === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:45.894Z WARN This OS version is not on the EOL list: alma unknown --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/alma_8.4 (0.00s) --- PASS: TestScanner_IsSupportedVersion/alma_8.4_with_EOL (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) PASS coverage: 91.1% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/alma 0.664s coverage: 91.1% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path 2022-04-13T22:18:45.544Z INFO Detecting Alpine vulnerabilities... === RUN TestScanner_Detect/contain_rc 2022-04-13T22:18:45.619Z INFO Detecting Alpine vulnerabilities... === RUN TestScanner_Detect/contain_pre 2022-04-13T22:18:45.848Z INFO Detecting Alpine vulnerabilities... === RUN TestScanner_Detect/Get_returns_an_error 2022-04-13T22:18:46.086Z INFO Detecting Alpine vulnerabilities... --- PASS: TestScanner_Detect (0.65s) --- PASS: TestScanner_Detect/happy_path (0.07s) --- PASS: TestScanner_Detect/contain_rc (0.08s) --- PASS: TestScanner_Detect/contain_pre (0.31s) --- PASS: TestScanner_Detect/Get_returns_an_error (0.18s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/alpine_3.6 === RUN TestScanner_IsSupportedVersion/alpine_3.6_with_EOL === RUN TestScanner_IsSupportedVersion/alpine_3.9 === RUN TestScanner_IsSupportedVersion/alpine_3.10 === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:46.128Z WARN This OS version is not on the EOL list: alpine unknown --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/alpine_3.6 (0.00s) --- PASS: TestScanner_IsSupportedVersion/alpine_3.6_with_EOL (0.00s) --- PASS: TestScanner_IsSupportedVersion/alpine_3.9 (0.00s) --- PASS: TestScanner_IsSupportedVersion/alpine_3.10 (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) PASS coverage: 95.7% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/alpine 0.950s coverage: 95.7% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/amazon_linux_1 2022-04-13T22:18:45.541Z INFO Detecting Amazon Linux vulnerabilities... === RUN TestScanner_Detect/amazon_linux_2 2022-04-13T22:18:45.660Z INFO Detecting Amazon Linux vulnerabilities... === RUN TestScanner_Detect/empty_version 2022-04-13T22:18:46.011Z INFO Detecting Amazon Linux vulnerabilities... === RUN TestScanner_Detect/Get_returns_an_error 2022-04-13T22:18:46.186Z INFO Detecting Amazon Linux vulnerabilities... --- PASS: TestScanner_Detect (0.76s) --- PASS: TestScanner_Detect/amazon_linux_1 (0.13s) --- PASS: TestScanner_Detect/amazon_linux_2 (0.23s) --- PASS: TestScanner_Detect/empty_version (0.24s) --- PASS: TestScanner_Detect/Get_returns_an_error (0.16s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/amazon_linux_1 === RUN TestScanner_IsSupportedVersion/amazon_linux_1_EOL === RUN TestScanner_IsSupportedVersion/amazon_linux_2 --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/amazon_linux_1 (0.00s) --- PASS: TestScanner_IsSupportedVersion/amazon_linux_1_EOL (0.00s) --- PASS: TestScanner_IsSupportedVersion/amazon_linux_2 (0.00s) PASS coverage: 85.4% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/amazon 0.992s coverage: 85.4% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path 2022-04-13T22:18:45.552Z INFO Detecting Debian vulnerabilities... === RUN TestScanner_Detect/invalid_bucket 2022-04-13T22:18:45.767Z INFO Detecting Debian vulnerabilities... --- PASS: TestScanner_Detect (0.44s) --- PASS: TestScanner_Detect/happy_path (0.17s) --- PASS: TestScanner_Detect/invalid_bucket (0.27s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/debian_7 === RUN TestScanner_IsSupportedVersion/debian_8_EOL === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:45.889Z WARN This OS version is not on the EOL list: debian unknown --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/debian_7 (0.00s) --- PASS: TestScanner_IsSupportedVersion/debian_8_EOL (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) PASS coverage: 90.9% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/debian 0.676s coverage: 90.9% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path_1.0_SrcName_and_Name_are_different 2022-04-13T22:18:45.659Z INFO Detecting CBL-Mariner vulnerabilities... === RUN TestScanner_Detect/happy_path_2.0 2022-04-13T22:18:46.017Z INFO Detecting CBL-Mariner vulnerabilities... === RUN TestScanner_Detect/broken_advisory 2022-04-13T22:18:46.199Z INFO Detecting CBL-Mariner vulnerabilities... --- PASS: TestScanner_Detect (0.66s) --- PASS: TestScanner_Detect/happy_path_1.0_SrcName_and_Name_are_different (0.22s) --- PASS: TestScanner_Detect/happy_path_2.0 (0.22s) --- PASS: TestScanner_Detect/broken_advisory (0.23s) PASS coverage: 91.7% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/mariner 0.849s coverage: 91.7% of statements === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/oracle6 === RUN TestScanner_IsSupportedVersion/oracle7.6 === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:45.617Z WARN This OS version is not on the EOL list: oracle unknown === RUN TestScanner_IsSupportedVersion/oracle8 === RUN TestScanner_IsSupportedVersion/oracle8-same-time === RUN TestScanner_IsSupportedVersion/oracle3 === RUN TestScanner_IsSupportedVersion/oracle4 === RUN TestScanner_IsSupportedVersion/oracle5 === RUN TestScanner_IsSupportedVersion/oracle7 --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/oracle6 (0.00s) --- PASS: TestScanner_IsSupportedVersion/oracle7.6 (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) --- PASS: TestScanner_IsSupportedVersion/oracle8 (0.00s) --- PASS: TestScanner_IsSupportedVersion/oracle8-same-time (0.00s) --- PASS: TestScanner_IsSupportedVersion/oracle3 (0.00s) --- PASS: TestScanner_IsSupportedVersion/oracle4 (0.00s) --- PASS: TestScanner_IsSupportedVersion/oracle5 (0.00s) --- PASS: TestScanner_IsSupportedVersion/oracle7 (0.00s) === RUN TestScanner_Detect === RUN TestScanner_Detect/detected 2022-04-13T22:18:45.776Z INFO Detecting Oracle Linux vulnerabilities... === RUN TestScanner_Detect/without_ksplice 2022-04-13T22:18:46.086Z INFO Detecting Oracle Linux vulnerabilities... === RUN TestScanner_Detect/the_installed_version_has_ksplice2 2022-04-13T22:18:46.247Z INFO Detecting Oracle Linux vulnerabilities... === RUN TestScanner_Detect/with_ksplice 2022-04-13T22:18:46.489Z INFO Detecting Oracle Linux vulnerabilities... === RUN TestScanner_Detect/malformed 2022-04-13T22:18:46.562Z INFO Detecting Oracle Linux vulnerabilities... --- PASS: TestScanner_Detect (0.94s) --- PASS: TestScanner_Detect/detected (0.32s) --- PASS: TestScanner_Detect/without_ksplice (0.18s) --- PASS: TestScanner_Detect/the_installed_version_has_ksplice2 (0.16s) --- PASS: TestScanner_Detect/with_ksplice (0.20s) --- PASS: TestScanner_Detect/malformed (0.07s) PASS coverage: 97.1% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/oracle 1.133s coverage: 97.1% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path 2022-04-13T22:18:45.699Z INFO Detecting Photon Linux vulnerabilities... === RUN TestScanner_Detect/invalid_bucket 2022-04-13T22:18:45.944Z INFO Detecting Photon Linux vulnerabilities... --- PASS: TestScanner_Detect (0.43s) --- PASS: TestScanner_Detect/happy_path (0.18s) --- PASS: TestScanner_Detect/invalid_bucket (0.25s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/photon_1.0 === RUN TestScanner_IsSupportedVersion/photon_1.0_EOL === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:46.017Z WARN This OS version is not on the EOL list: photon unknown --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/photon_1.0 (0.00s) --- PASS: TestScanner_IsSupportedVersion/photon_1.0_EOL (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) PASS coverage: 100.0% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/photon 0.597s coverage: 100.0% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path 2022-04-13T22:18:45.545Z INFO Detecting RHEL/CentOS vulnerabilities... === RUN TestScanner_Detect/happy_path:_multiple_RHSA-IDs 2022-04-13T22:18:45.658Z INFO Detecting RHEL/CentOS vulnerabilities... === RUN TestScanner_Detect/no_build_info 2022-04-13T22:18:46.003Z INFO Detecting RHEL/CentOS vulnerabilities... === RUN TestScanner_Detect/modular_packages 2022-04-13T22:18:46.188Z INFO Detecting RHEL/CentOS vulnerabilities... === RUN TestScanner_Detect/packages_from_remi_repository_are_skipped 2022-04-13T22:18:46.287Z INFO Detecting RHEL/CentOS vulnerabilities... === RUN TestScanner_Detect/broken_value 2022-04-13T22:18:46.560Z INFO Detecting RHEL/CentOS vulnerabilities... --- PASS: TestScanner_Detect (1.09s) --- PASS: TestScanner_Detect/happy_path (0.10s) --- PASS: TestScanner_Detect/happy_path:_multiple_RHSA-IDs (0.13s) --- PASS: TestScanner_Detect/no_build_info (0.32s) --- PASS: TestScanner_Detect/modular_packages (0.18s) --- PASS: TestScanner_Detect/packages_from_remi_repository_are_skipped (0.09s) --- PASS: TestScanner_Detect/broken_value (0.27s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/centos_6 === RUN TestScanner_IsSupportedVersion/centos_6_EOL === RUN TestScanner_IsSupportedVersion/two_dots === RUN TestScanner_IsSupportedVersion/rhel_8 === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:46.560Z WARN This OS version is not on the EOL list: unknown 8 --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/centos_6 (0.00s) --- PASS: TestScanner_IsSupportedVersion/centos_6_EOL (0.00s) --- PASS: TestScanner_IsSupportedVersion/two_dots (0.00s) --- PASS: TestScanner_IsSupportedVersion/rhel_8 (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) PASS coverage: 98.7% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/redhat 1.339s coverage: 98.7% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path 2022-04-13T22:18:45.890Z INFO Detecting Rocky Linux vulnerabilities... === RUN TestScanner_Detect/skip_modular_package 2022-04-13T22:18:46.044Z INFO Detecting Rocky Linux vulnerabilities... 2022-04-13T22:18:46.044Z INFO Skipped detection of these packages: ["nginx"] because modular packages cannot be detected correctly due to a bug in Rocky Linux Errata. See also: https://forums.rockylinux.org/t/some-errata-missing-in-comparison-with-rhel-and-almalinux/3843 === RUN TestScanner_Detect/Get_returns_an_error 2022-04-13T22:18:46.330Z INFO Detecting Rocky Linux vulnerabilities... --- PASS: TestScanner_Detect (0.75s) --- PASS: TestScanner_Detect/happy_path (0.29s) --- PASS: TestScanner_Detect/skip_modular_package (0.24s) --- PASS: TestScanner_Detect/Get_returns_an_error (0.22s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/rocky_8.5 === RUN TestScanner_IsSupportedVersion/rocky_8.5_with_EOL === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:46.401Z WARN This OS version is not on the EOL list: rocky unknown --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/rocky_8.5 (0.00s) --- PASS: TestScanner_IsSupportedVersion/rocky_8.5_with_EOL (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) PASS coverage: 91.1% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/rocky 0.897s coverage: 91.1% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path 2022-04-13T22:18:45.367Z INFO Detecting SUSE vulnerabilities... === RUN TestScanner_Detect/broken_bucket 2022-04-13T22:18:45.382Z INFO Detecting SUSE vulnerabilities... --- PASS: TestScanner_Detect (0.09s) --- PASS: TestScanner_Detect/happy_path (0.08s) --- PASS: TestScanner_Detect/broken_bucket (0.01s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/opensuse.leap42.3 === RUN TestScanner_IsSupportedVersion/sles12.3 === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:45.383Z WARN This OS version is not on the EOL list: unknown unknown --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/opensuse.leap42.3 (0.00s) --- PASS: TestScanner_IsSupportedVersion/sles12.3 (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) PASS coverage: 97.2% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/suse 0.268s coverage: 97.2% of statements === RUN TestScanner_Detect === RUN TestScanner_Detect/happy_path 2022-04-13T22:18:45.544Z INFO Detecting Ubuntu vulnerabilities... === RUN TestScanner_Detect/broken_bucket 2022-04-13T22:18:45.621Z INFO Detecting Ubuntu vulnerabilities... --- PASS: TestScanner_Detect (0.21s) --- PASS: TestScanner_Detect/happy_path (0.12s) --- PASS: TestScanner_Detect/broken_bucket (0.09s) === RUN TestScanner_IsSupportedVersion === RUN TestScanner_IsSupportedVersion/ubuntu_12.04_eol_ends === RUN TestScanner_IsSupportedVersion/ubuntu12.04 === RUN TestScanner_IsSupportedVersion/unknown 2022-04-13T22:18:45.659Z WARN This OS version is not on the EOL list: ubuntu unknown --- PASS: TestScanner_IsSupportedVersion (0.00s) --- PASS: TestScanner_IsSupportedVersion/ubuntu_12.04_eol_ends (0.00s) --- PASS: TestScanner_IsSupportedVersion/ubuntu12.04 (0.00s) --- PASS: TestScanner_IsSupportedVersion/unknown (0.00s) PASS coverage: 88.9% of statements ok github.com/aquasecurity/trivy/pkg/detector/ospkg/ubuntu 0.445s coverage: 88.9% of statements ? github.com/aquasecurity/trivy/pkg/downloader [no test files] ? github.com/aquasecurity/trivy/pkg/log [no test files] === RUN TestNewArtifact === RUN TestNewArtifact/happy_path === RUN TestNewArtifact/sad:_two_layers === RUN TestNewArtifact/sad:_Layers_returns_an_error === RUN TestNewArtifact/sad:_media_type_doesn't_match --- PASS: TestNewArtifact (0.24s) --- PASS: TestNewArtifact/happy_path (0.02s) --- PASS: TestNewArtifact/sad:_two_layers (0.01s) --- PASS: TestNewArtifact/sad:_Layers_returns_an_error (0.07s) --- PASS: TestNewArtifact/sad:_media_type_doesn't_match (0.15s) === RUN TestArtifact_Download === RUN TestArtifact_Download/happy_path === RUN TestArtifact_Download/invalid_gzip --- PASS: TestArtifact_Download (0.34s) --- PASS: TestArtifact_Download/happy_path (0.20s) --- PASS: TestArtifact_Download/invalid_gzip (0.14s) PASS coverage: 70.6% of statements ok github.com/aquasecurity/trivy/pkg/oci 1.237s coverage: 70.6% of statements === RUN TestPlugin_Run === RUN TestPlugin_Run/happy_path foo === RUN TestPlugin_Run/no_selector foo === RUN TestPlugin_Run/no_matched_platform === RUN TestPlugin_Run/no_execution_file === RUN TestPlugin_Run/plugin_exec_error --- PASS: TestPlugin_Run (0.02s) --- PASS: TestPlugin_Run/happy_path (0.00s) --- PASS: TestPlugin_Run/no_selector (0.00s) --- PASS: TestPlugin_Run/no_matched_platform (0.00s) --- PASS: TestPlugin_Run/no_execution_file (0.00s) --- PASS: TestPlugin_Run/plugin_exec_error (0.02s) === RUN TestInstall === RUN TestInstall/happy_path === RUN TestInstall/plugin_not_found === RUN TestInstall/no_plugin.yaml --- PASS: TestInstall (0.01s) --- PASS: TestInstall/happy_path (0.01s) --- PASS: TestInstall/plugin_not_found (0.00s) --- PASS: TestInstall/no_plugin.yaml (0.00s) === RUN TestUninstall --- PASS: TestUninstall (0.00s) === RUN TestInformation --- PASS: TestInformation (0.00s) === RUN TestLoadAll1 === RUN TestLoadAll1/happy_path === RUN TestLoadAll1/sad_path --- PASS: TestLoadAll1 (0.00s) --- PASS: TestLoadAll1/happy_path (0.00s) --- PASS: TestLoadAll1/sad_path (0.00s) === RUN TestUpdate --- PASS: TestUpdate (0.00s) PASS coverage: 74.0% of statements ok github.com/aquasecurity/trivy/pkg/plugin 0.486s coverage: 74.0% of statements === RUN TestClient_LoadBuiltinPolicies === RUN TestClient_LoadBuiltinPolicies/happy_path === RUN TestClient_LoadBuiltinPolicies/empty_roots === RUN TestClient_LoadBuiltinPolicies/broken_manifest === RUN TestClient_LoadBuiltinPolicies/no_such_file --- PASS: TestClient_LoadBuiltinPolicies (0.01s) --- PASS: TestClient_LoadBuiltinPolicies/happy_path (0.00s) --- PASS: TestClient_LoadBuiltinPolicies/empty_roots (0.00s) --- PASS: TestClient_LoadBuiltinPolicies/broken_manifest (0.00s) --- PASS: TestClient_LoadBuiltinPolicies/no_such_file (0.00s) === RUN TestClient_NeedsUpdate === RUN TestClient_NeedsUpdate/recent_download === RUN TestClient_NeedsUpdate/same_digest === RUN TestClient_NeedsUpdate/different_digest === RUN TestClient_NeedsUpdate/sad:_Digest_returns__an_error === RUN TestClient_NeedsUpdate/sad:_non-existent_metadata === RUN TestClient_NeedsUpdate/sad:_broken_metadata 2022-04-13T22:18:46.205Z WARN Policy metadata decode error: json: cannot unmarshal string into Go value of type policy.Metadata --- PASS: TestClient_NeedsUpdate (0.64s) --- PASS: TestClient_NeedsUpdate/recent_download (0.20s) --- PASS: TestClient_NeedsUpdate/same_digest (0.10s) --- PASS: TestClient_NeedsUpdate/different_digest (0.06s) --- PASS: TestClient_NeedsUpdate/sad:_Digest_returns__an_error (0.08s) --- PASS: TestClient_NeedsUpdate/sad:_non-existent_metadata (0.04s) --- PASS: TestClient_NeedsUpdate/sad:_broken_metadata (0.16s) === RUN TestClient_DownloadBuiltinPolicies === RUN TestClient_DownloadBuiltinPolicies/happy_path === RUN TestClient_DownloadBuiltinPolicies/sad:_broken_layer === RUN TestClient_DownloadBuiltinPolicies/sad:_Digest_returns_an_error --- PASS: TestClient_DownloadBuiltinPolicies (0.27s) --- PASS: TestClient_DownloadBuiltinPolicies/happy_path (0.20s) --- PASS: TestClient_DownloadBuiltinPolicies/sad:_broken_layer (0.07s) --- PASS: TestClient_DownloadBuiltinPolicies/sad:_Digest_returns_an_error (0.00s) PASS coverage: 84.3% of statements ok github.com/aquasecurity/trivy/pkg/policy 1.587s coverage: 84.3% of statements === RUN TestNewPackageURL === RUN TestNewPackageURL/maven_package === RUN TestNewPackageURL/yarn_package === RUN TestNewPackageURL/yarn_package_with_non-namespace === RUN TestNewPackageURL/pypi_package === RUN TestNewPackageURL/composer_package === RUN TestNewPackageURL/golang_package === RUN TestNewPackageURL/os_package === RUN TestNewPackageURL/container === RUN TestNewPackageURL/container_local === RUN TestNewPackageURL/container_with_implicit_registry === RUN TestNewPackageURL/sad_path --- PASS: TestNewPackageURL (0.00s) --- PASS: TestNewPackageURL/maven_package (0.00s) --- PASS: TestNewPackageURL/yarn_package (0.00s) --- PASS: TestNewPackageURL/yarn_package_with_non-namespace (0.00s) --- PASS: TestNewPackageURL/pypi_package (0.00s) --- PASS: TestNewPackageURL/composer_package (0.00s) --- PASS: TestNewPackageURL/golang_package (0.00s) --- PASS: TestNewPackageURL/os_package (0.00s) --- PASS: TestNewPackageURL/container (0.00s) --- PASS: TestNewPackageURL/container_local (0.00s) --- PASS: TestNewPackageURL/container_with_implicit_registry (0.00s) --- PASS: TestNewPackageURL/sad_path (0.00s) PASS coverage: 81.0% of statements ok github.com/aquasecurity/trivy/pkg/purl 0.107s coverage: 81.0% of statements === RUN TestReportWriter_toSarifErrorLevel === RUN TestReportWriter_toSarifErrorLevel/CRITICAL === RUN TestReportWriter_toSarifErrorLevel/HIGH === RUN TestReportWriter_toSarifErrorLevel/MEDIUM === RUN TestReportWriter_toSarifErrorLevel/LOW === RUN TestReportWriter_toSarifErrorLevel/UNKNOWN === RUN TestReportWriter_toSarifErrorLevel/OTHER --- PASS: TestReportWriter_toSarifErrorLevel (0.00s) --- PASS: TestReportWriter_toSarifErrorLevel/CRITICAL (0.00s) --- PASS: TestReportWriter_toSarifErrorLevel/HIGH (0.00s) --- PASS: TestReportWriter_toSarifErrorLevel/MEDIUM (0.00s) --- PASS: TestReportWriter_toSarifErrorLevel/LOW (0.00s) --- PASS: TestReportWriter_toSarifErrorLevel/UNKNOWN (0.00s) --- PASS: TestReportWriter_toSarifErrorLevel/OTHER (0.00s) === RUN TestReportWriter_JSON === RUN TestReportWriter_JSON/happy_path --- PASS: TestReportWriter_JSON (0.00s) --- PASS: TestReportWriter_JSON/happy_path (0.00s) === RUN TestReportWriter_Sarif === RUN TestReportWriter_Sarif/report_with_vulnerabilities === RUN TestReportWriter_Sarif/report_with_misconfigurations === RUN TestReportWriter_Sarif/no_vulns --- PASS: TestReportWriter_Sarif (0.00s) --- PASS: TestReportWriter_Sarif/report_with_vulnerabilities (0.00s) --- PASS: TestReportWriter_Sarif/report_with_misconfigurations (0.00s) --- PASS: TestReportWriter_Sarif/no_vulns (0.00s) === RUN TestReportWriter_Table === RUN TestReportWriter_Table/happy_path_full test () ======= Total: 0 () === RUN TestReportWriter_Table/happy_path_with_filePath_in_result 2022-04-13T22:18:44.177Z INFO Table result includes only package filenames. Use '--format json' option to get the full path to the package file. test () ======= Total: 0 () === RUN TestReportWriter_Table/no_title_for_vuln_and_missing_primary_link test () ======= Total: 0 () === RUN TestReportWriter_Table/long_title_for_vuln test () ======= Total: 0 () === RUN TestReportWriter_Table/happy_path_misconfigurations test () ======= Total: 0 () === RUN TestReportWriter_Table/happy_path_misconfigurations_with_successes test () ======= Total: 0 () === RUN TestReportWriter_Table/no_vulns --- PASS: TestReportWriter_Table (0.00s) --- PASS: TestReportWriter_Table/happy_path_full (0.00s) --- PASS: TestReportWriter_Table/happy_path_with_filePath_in_result (0.00s) --- PASS: TestReportWriter_Table/no_title_for_vuln_and_missing_primary_link (0.00s) --- PASS: TestReportWriter_Table/long_title_for_vuln (0.00s) --- PASS: TestReportWriter_Table/happy_path_misconfigurations (0.00s) --- PASS: TestReportWriter_Table/happy_path_misconfigurations_with_successes (0.00s) --- PASS: TestReportWriter_Table/no_vulns (0.00s) === RUN TestReportWriter_Template === RUN TestReportWriter_Template/happy_path === RUN TestReportWriter_Template/happy_path#01 === RUN TestReportWriter_Template/happy_path_with/without_period_description_should_return_with_period === RUN TestReportWriter_Template/Calculate_using_sprig === RUN TestReportWriter_Template/happy_path:_env_var_parsing --- PASS: TestReportWriter_Template (0.01s) --- PASS: TestReportWriter_Template/happy_path (0.00s) --- PASS: TestReportWriter_Template/happy_path#01 (0.01s) --- PASS: TestReportWriter_Template/happy_path_with/without_period_description_should_return_with_period (0.00s) --- PASS: TestReportWriter_Template/Calculate_using_sprig (0.00s) --- PASS: TestReportWriter_Template/happy_path:_env_var_parsing (0.00s) === RUN TestResults_Failed === RUN TestResults_Failed/no_vulnerabilities_and_misconfigurations === RUN TestResults_Failed/vulnerabilities_found === RUN TestResults_Failed/failed_misconfigurations === RUN TestResults_Failed/passed_misconfigurations --- PASS: TestResults_Failed (0.00s) --- PASS: TestResults_Failed/no_vulnerabilities_and_misconfigurations (0.00s) --- PASS: TestResults_Failed/vulnerabilities_found (0.00s) --- PASS: TestResults_Failed/failed_misconfigurations (0.00s) --- PASS: TestResults_Failed/passed_misconfigurations (0.00s) PASS coverage: 72.6% of statements ok github.com/aquasecurity/trivy/pkg/report 0.176s coverage: 72.6% of statements === RUN TestWriter_Write === RUN TestWriter_Write/happy_path_for_container_scan === RUN TestWriter_Write/happy_path_for_local_container_scan === RUN TestWriter_Write/happy_path_for_fs_scan === RUN TestWriter_Write/happy_path_aggregate_results === RUN TestWriter_Write/happy_path_empty --- PASS: TestWriter_Write (0.00s) --- PASS: TestWriter_Write/happy_path_for_container_scan (0.00s) --- PASS: TestWriter_Write/happy_path_for_local_container_scan (0.00s) --- PASS: TestWriter_Write/happy_path_for_fs_scan (0.00s) --- PASS: TestWriter_Write/happy_path_aggregate_results (0.00s) --- PASS: TestWriter_Write/happy_path_empty (0.00s) PASS coverage: 88.3% of statements ok github.com/aquasecurity/trivy/pkg/report/cyclonedx 0.142s coverage: 88.3% of statements === RUN TestClient_FillVulnerabilityInfo === RUN TestClient_FillVulnerabilityInfo/happy_path,_with_only_OS_vulnerability_but_no_vendor_severity,_no_NVD === RUN TestClient_FillVulnerabilityInfo/happy_path,_with_only_OS_vulnerability_but_no_vendor_severity,_yes_NVD === RUN TestClient_FillVulnerabilityInfo/happy_path,_with_only_OS_vulnerability_but_no_severity,_no_vendor_severity,_no_NVD === RUN TestClient_FillVulnerabilityInfo/happy_path,_with_only_OS_vulnerability,_yes_vendor_severity,_with_both_NVD_and_CVSS_info === RUN TestClient_FillVulnerabilityInfo/happy_path,_with_only_library_vulnerability === RUN TestClient_FillVulnerabilityInfo/happy_path,_with_package-specific_severity === RUN TestClient_FillVulnerabilityInfo/GetVulnerability_returns_an_error 2022-04-13T22:18:46.695Z WARN Error while getting vulnerability details: failed to get the vulnerability "CVE-2019-0004": no vulnerability details for CVE-2019-0004 --- PASS: TestClient_FillVulnerabilityInfo (0.75s) --- PASS: TestClient_FillVulnerabilityInfo/happy_path,_with_only_OS_vulnerability_but_no_vendor_severity,_no_NVD (0.24s) --- PASS: TestClient_FillVulnerabilityInfo/happy_path,_with_only_OS_vulnerability_but_no_vendor_severity,_yes_NVD (0.37s) --- PASS: TestClient_FillVulnerabilityInfo/happy_path,_with_only_OS_vulnerability_but_no_severity,_no_vendor_severity,_no_NVD (0.01s) --- PASS: TestClient_FillVulnerabilityInfo/happy_path,_with_only_OS_vulnerability,_yes_vendor_severity,_with_both_NVD_and_CVSS_info (0.06s) --- PASS: TestClient_FillVulnerabilityInfo/happy_path,_with_only_library_vulnerability (0.04s) --- PASS: TestClient_FillVulnerabilityInfo/happy_path,_with_package-specific_severity (0.00s) --- PASS: TestClient_FillVulnerabilityInfo/GetVulnerability_returns_an_error (0.01s) === RUN TestClient_getPrimaryURL === RUN TestClient_getPrimaryURL/CVE-ID === RUN TestClient_getPrimaryURL/RUSTSEC === RUN TestClient_getPrimaryURL/GHSA === RUN TestClient_getPrimaryURL/Debian_temp_vulnerability === RUN TestClient_getPrimaryURL/npm === RUN TestClient_getPrimaryURL/suse --- PASS: TestClient_getPrimaryURL (0.00s) --- PASS: TestClient_getPrimaryURL/CVE-ID (0.00s) --- PASS: TestClient_getPrimaryURL/RUSTSEC (0.00s) --- PASS: TestClient_getPrimaryURL/GHSA (0.00s) --- PASS: TestClient_getPrimaryURL/Debian_temp_vulnerability (0.00s) --- PASS: TestClient_getPrimaryURL/npm (0.00s) --- PASS: TestClient_getPrimaryURL/suse (0.00s) === RUN TestClient_Filter === RUN TestClient_Filter/happy_path === RUN TestClient_Filter/happy_path_with_ignore-unfixed === RUN TestClient_Filter/happy_path_with_ignore-file === RUN TestClient_Filter/happy_path_with_a_policy_file === RUN TestClient_Filter/happy_path_with_duplicates,_one_with_empty_fixed_version --- PASS: TestClient_Filter (0.01s) --- PASS: TestClient_Filter/happy_path (0.00s) --- PASS: TestClient_Filter/happy_path_with_ignore-unfixed (0.00s) --- PASS: TestClient_Filter/happy_path_with_ignore-file (0.00s) --- PASS: TestClient_Filter/happy_path_with_a_policy_file (0.01s) --- PASS: TestClient_Filter/happy_path_with_duplicates,_one_with_empty_fixed_version (0.00s) PASS coverage: 86.0% of statements ok github.com/aquasecurity/trivy/pkg/result 0.935s coverage: 86.0% of statements === RUN TestConvertToRpcPkgs === RUN TestConvertToRpcPkgs/happy_path --- PASS: TestConvertToRpcPkgs (0.00s) --- PASS: TestConvertToRpcPkgs/happy_path (0.00s) === RUN TestConvertFromRpcPkgs === RUN TestConvertFromRpcPkgs/#00 --- PASS: TestConvertFromRpcPkgs (0.00s) --- PASS: TestConvertFromRpcPkgs/#00 (0.00s) === RUN TestConvertToRpcVulns === RUN TestConvertToRpcVulns/happy_path === RUN TestConvertToRpcVulns/invalid_severity 2022-04-13T22:18:43.557Z WARN unknown severity: INVALID --- PASS: TestConvertToRpcVulns (0.00s) --- PASS: TestConvertToRpcVulns/happy_path (0.00s) --- PASS: TestConvertToRpcVulns/invalid_severity (0.00s) === RUN TestConvertFromRPCResults === RUN TestConvertFromRPCResults/happy_path === RUN TestConvertFromRPCResults/happy_path_-_with_nil_dates --- PASS: TestConvertFromRPCResults (0.00s) --- PASS: TestConvertFromRPCResults/happy_path (0.00s) --- PASS: TestConvertFromRPCResults/happy_path_-_with_nil_dates (0.00s) PASS coverage: 42.8% of statements ok github.com/aquasecurity/trivy/pkg/rpc 0.205s coverage: 42.8% of statements === RUN TestScanner_Scan === RUN TestScanner_Scan/happy_path === RUN TestScanner_Scan/sad_path:_Scan_returns_an_error --- PASS: TestScanner_Scan (0.04s) --- PASS: TestScanner_Scan/happy_path (0.03s) --- PASS: TestScanner_Scan/sad_path:_Scan_returns_an_error (0.01s) === RUN TestScanner_ScanServerInsecure === RUN TestScanner_ScanServerInsecure/happy_path === RUN TestScanner_ScanServerInsecure/sad_path 2022/04/13 22:18:43 http: TLS handshake error from 127.0.0.1:38642: remote error: tls: bad certificate --- PASS: TestScanner_ScanServerInsecure (0.04s) --- PASS: TestScanner_ScanServerInsecure/happy_path (0.01s) --- PASS: TestScanner_ScanServerInsecure/sad_path (0.03s) === RUN TestWithCustomHeaders 2022-04-13T22:18:43.815Z WARN twirp error setting headers: provided header cannot set Content-Type --- PASS: TestWithCustomHeaders (0.00s) PASS coverage: 100.0% of statements ok github.com/aquasecurity/trivy/pkg/rpc/client 0.309s coverage: 100.0% of statements === RUN Test_dbWorker_update === RUN Test_dbWorker_update/happy_path 2022-04-13T22:18:50.271Z INFO Updating DB... 2022-04-13T22:18:50.271Z INFO Suspending all requests during DB update 2022-04-13T22:18:50.271Z INFO Waiting for all requests to be processed before DB update... 2022-04-13T22:18:50.272Z INFO Reopening DB... listen_test.go:155: PASS: NeedsUpdate(string,bool) listen_test.go:155: PASS: Download(string,string) === RUN Test_dbWorker_update/not_update === RUN Test_dbWorker_update/NeedsUpdate_returns_an_error === RUN Test_dbWorker_update/Download_returns_an_error 2022-04-13T22:18:50.363Z INFO Updating DB... --- PASS: Test_dbWorker_update (0.13s) --- PASS: Test_dbWorker_update/happy_path (0.04s) --- PASS: Test_dbWorker_update/not_update (0.01s) --- PASS: Test_dbWorker_update/NeedsUpdate_returns_an_error (0.04s) --- PASS: Test_dbWorker_update/Download_returns_an_error (0.04s) === RUN Test_newServeMux === RUN Test_newServeMux/health_check === RUN Test_newServeMux/cache_endpoint === RUN Test_newServeMux/with_token === RUN Test_newServeMux/sad_path:_no_handler === RUN Test_newServeMux/sad_path:_invalid_token --- PASS: Test_newServeMux (0.30s) --- PASS: Test_newServeMux/health_check (0.06s) --- PASS: Test_newServeMux/cache_endpoint (0.14s) --- PASS: Test_newServeMux/with_token (0.09s) --- PASS: Test_newServeMux/sad_path:_no_handler (0.00s) --- PASS: Test_newServeMux/sad_path:_invalid_token (0.00s) === RUN TestScanServer_Scan === RUN TestScanServer_Scan/happy_path === RUN TestScanServer_Scan/sad_path:_Scan_returns_an_error --- PASS: TestScanServer_Scan (0.03s) --- PASS: TestScanServer_Scan/happy_path (0.00s) --- PASS: TestScanServer_Scan/sad_path:_Scan_returns_an_error (0.03s) === RUN TestCacheServer_PutArtifact === RUN TestCacheServer_PutArtifact/happy_path === RUN TestCacheServer_PutArtifact/sad_path === RUN TestCacheServer_PutArtifact/sad_path:_empty_image_info --- PASS: TestCacheServer_PutArtifact (0.00s) --- PASS: TestCacheServer_PutArtifact/happy_path (0.00s) --- PASS: TestCacheServer_PutArtifact/sad_path (0.00s) --- PASS: TestCacheServer_PutArtifact/sad_path:_empty_image_info (0.00s) === RUN TestCacheServer_PutBlob === RUN TestCacheServer_PutBlob/happy_path === RUN TestCacheServer_PutBlob/sad_path === RUN TestCacheServer_PutBlob/sad_path:_empty_layer_info --- PASS: TestCacheServer_PutBlob (0.00s) --- PASS: TestCacheServer_PutBlob/happy_path (0.00s) --- PASS: TestCacheServer_PutBlob/sad_path (0.00s) --- PASS: TestCacheServer_PutBlob/sad_path:_empty_layer_info (0.00s) === RUN TestCacheServer_MissingBlobs === RUN TestCacheServer_MissingBlobs/happy_path server_test.go:573: PASS: MissingBlobs(string,[]string) --- PASS: TestCacheServer_MissingBlobs (0.00s) --- PASS: TestCacheServer_MissingBlobs/happy_path (0.00s) PASS coverage: 76.7% of statements ok github.com/aquasecurity/trivy/pkg/rpc/server 1.434s coverage: 76.7% of statements === RUN TestScanner_ScanArtifact === RUN TestScanner_ScanArtifact/happy_path 2022-04-13T22:18:49.898Z WARN This OS version is no longer supported by the distribution: alpine 3.10 2022-04-13T22:18:49.898Z WARN The vulnerability detection may be insufficient because security updates are not provided === RUN TestScanner_ScanArtifact/sad_path:_AnalyzerAnalyze_returns_an_error === RUN TestScanner_ScanArtifact/sad_path:_Scan_returns_an_error --- PASS: TestScanner_ScanArtifact (0.00s) --- PASS: TestScanner_ScanArtifact/happy_path (0.00s) --- PASS: TestScanner_ScanArtifact/sad_path:_AnalyzerAnalyze_returns_an_error (0.00s) --- PASS: TestScanner_ScanArtifact/sad_path:_Scan_returns_an_error (0.00s) PASS coverage: 66.1% of statements ok github.com/aquasecurity/trivy/pkg/scanner 0.847s coverage: 66.1% of statements === RUN TestScanner_Scan === RUN TestScanner_Scan/happy_path 2022-04-13T22:18:49.401Z INFO Detected OS: alpine 2022-04-13T22:18:49.403Z INFO Number of language-specific files: 1 2022-04-13T22:18:49.403Z INFO Detecting bundler vulnerabilities... scan_test.go:939: PASS: ApplyLayers(string,[]string) scan_test.go:940: PASS: Detect(string,string,string,time.Time,[]types.Package) === RUN TestScanner_Scan/happy_path_with_list_all_packages 2022-04-13T22:18:49.444Z INFO Detected OS: alpine 2022-04-13T22:18:49.445Z INFO Number of language-specific files: 1 2022-04-13T22:18:49.445Z INFO Detecting bundler vulnerabilities... scan_test.go:939: PASS: ApplyLayers(string,[]string) scan_test.go:940: PASS: Detect(string,string,string,time.Time,[]types.Package) === RUN TestScanner_Scan/happy_path_with_empty_os 2022-04-13T22:18:49.452Z INFO Detected OS: 2022-04-13T22:18:49.452Z INFO Number of language-specific files: 1 2022-04-13T22:18:49.452Z INFO Detecting bundler vulnerabilities... scan_test.go:939: PASS: ApplyLayers(string,[]string) === RUN TestScanner_Scan/happy_path_with_no_package 2022-04-13T22:18:49.501Z WARN No OS package is detected. Make sure you haven't deleted any files that contain information about the installed packages. 2022-04-13T22:18:49.501Z WARN e.g. files under "/lib/apk/db/", "/var/lib/dpkg/" and "/var/lib/rpm" 2022-04-13T22:18:49.501Z INFO Detected OS: alpine 2022-04-13T22:18:49.502Z INFO Number of language-specific files: 1 2022-04-13T22:18:49.502Z INFO Detecting bundler vulnerabilities... scan_test.go:939: PASS: ApplyLayers(string,[]string) scan_test.go:940: PASS: Detect(string,string,string,time.Time,[]types.Package) === RUN TestScanner_Scan/happy_path_with_unsupported_os 2022-04-13T22:18:49.507Z INFO Detected OS: fedora 2022-04-13T22:18:49.507Z INFO Number of language-specific files: 1 2022-04-13T22:18:49.507Z INFO Detecting bundler vulnerabilities... scan_test.go:939: PASS: ApplyLayers(string,[]string) scan_test.go:940: PASS: Detect(string,string,string,time.Time,[]types.Package) === RUN TestScanner_Scan/happy_path_with_a_scratch_image 2022-04-13T22:18:49.541Z INFO Number of language-specific files: 0 scan_test.go:939: PASS: ApplyLayers(string,[]string) === RUN TestScanner_Scan/happy_path_with_only_library_detection 2022-04-13T22:18:49.545Z INFO Number of language-specific files: 2 2022-04-13T22:18:49.545Z INFO Detecting bundler vulnerabilities... 2022-04-13T22:18:49.545Z INFO Detecting composer vulnerabilities... scan_test.go:939: PASS: ApplyLayers(string,[]string) === RUN TestScanner_Scan/happy_path_with_misconfigurations 2022-04-13T22:18:49.552Z INFO Detected config files: 2 2022-04-13T22:18:49.552Z WARN severity must be [UNKNOWN LOW MEDIUM HIGH CRITICAL], but DUMMY scan_test.go:939: PASS: ApplyLayers(string,[]string) === RUN TestScanner_Scan/sad_path:_ApplyLayers_returns_an_error === RUN TestScanner_Scan/sad_path:_ospkgDetector.Detect_returns_an_error 2022-04-13T22:18:49.559Z INFO Detected OS: alpine === RUN TestScanner_Scan/sad_path:_library.Detect_returns_an_error 2022-04-13T22:18:49.569Z INFO Number of language-specific files: 1 2022-04-13T22:18:49.569Z INFO Detecting bundler vulnerabilities... --- PASS: TestScanner_Scan (0.33s) --- PASS: TestScanner_Scan/happy_path (0.17s) --- PASS: TestScanner_Scan/happy_path_with_list_all_packages (0.04s) --- PASS: TestScanner_Scan/happy_path_with_empty_os (0.01s) --- PASS: TestScanner_Scan/happy_path_with_no_package (0.05s) --- PASS: TestScanner_Scan/happy_path_with_unsupported_os (0.01s) --- PASS: TestScanner_Scan/happy_path_with_a_scratch_image (0.03s) --- PASS: TestScanner_Scan/happy_path_with_only_library_detection (0.00s) --- PASS: TestScanner_Scan/happy_path_with_misconfigurations (0.01s) --- PASS: TestScanner_Scan/sad_path:_ApplyLayers_returns_an_error (0.00s) --- PASS: TestScanner_Scan/sad_path:_ospkgDetector.Detect_returns_an_error (0.00s) --- PASS: TestScanner_Scan/sad_path:_library.Detect_returns_an_error (0.01s) PASS coverage: 84.3% of statements ok github.com/aquasecurity/trivy/pkg/scanner/local 0.680s coverage: 84.3% of statements === RUN TestFormatSrcVersion === RUN TestFormatSrcVersion/happy_path === RUN TestFormatSrcVersion/with_epoch --- PASS: TestFormatSrcVersion (0.00s) --- PASS: TestFormatSrcVersion/happy_path (0.00s) --- PASS: TestFormatSrcVersion/with_epoch (0.00s) === RUN TestFormatVersion === RUN TestFormatVersion/happy_path === RUN TestFormatVersion/with_epoch --- PASS: TestFormatVersion (0.00s) --- PASS: TestFormatVersion/happy_path (0.00s) --- PASS: TestFormatVersion/with_epoch (0.00s) PASS coverage: 100.0% of statements ok github.com/aquasecurity/trivy/pkg/scanner/utils 0.092s coverage: 100.0% of statements ? github.com/aquasecurity/trivy/pkg/types [no test files] === RUN TestCopyFile === RUN TestCopyFile/happy_path --- PASS: TestCopyFile (0.00s) --- PASS: TestCopyFile/happy_path (0.00s) PASS coverage: 36.7% of statements ok github.com/aquasecurity/trivy/pkg/utils 0.101s coverage: 36.7% of statements ? github.com/aquasecurity/trivy/rpc/cache [no test files] ? github.com/aquasecurity/trivy/rpc/common [no test files] ? github.com/aquasecurity/trivy/rpc/scanner [no test files] >>> trivy: Entering fakeroot... >>> trivy*: Running postcheck for trivy >>> trivy*: Preparing package trivy... >>> trivy*: Stripping binaries >>> trivy*: Scanning shared objects >>> trivy*: Tracing dependencies... so:libc.musl-aarch64.so.1 >>> trivy*: Package size: 48.4 MB >>> trivy*: Compressing data... >>> trivy*: Create checksum... >>> trivy*: Create trivy-0.25.4-r1.apk >>> trivy: Build complete at Wed, 13 Apr 2022 22:18:52 +0000 elapsed time 0h 1m 8s >>> trivy: Cleaning up srcdir >>> trivy: Cleaning up pkgdir >>> trivy: Uninstalling dependencies... (1/17) Purging .makedepends-trivy (20220413.221746) (2/17) Purging btrfs-progs-dev (5.16.2-r0) (3/17) Purging btrfs-progs-libs (5.16.2-r0) (4/17) Purging go (1.18.1-r0) (5/17) Purging binutils-gold (2.38-r1) (6/17) Purging lvm2-dev (2.02.187-r2) (7/17) Purging linux-headers (5.16.7-r1) (8/17) Purging lvm2-libs (2.02.187-r2) (9/17) Purging device-mapper-event-libs (2.02.187-r2) (10/17) Purging device-mapper-libs (2.02.187-r2) (11/17) Purging libaio (0.3.112-r2) (12/17) Purging util-linux-dev (2.38-r0) (13/17) Purging libfdisk (2.38-r0) (14/17) Purging libmount (2.38-r0) (15/17) Purging libsmartcols (2.38-r0) (16/17) Purging libuuid (2.38-r0) (17/17) Purging libblkid (2.38-r0) Executing busybox-1.35.0-r8.trigger OK: 366 MiB in 96 packages >>> trivy: Updating the testing/aarch64 repository index... >>> trivy: Signing the index...