Fix formatting and clippy warnings across workspace
- Run cargo fmt on all crates - Fix regex patterns using unsupported lookahead in patterns.rs - Replace unwrap() calls with compile_regex() helper - Fix never type fallback in GitHub tracker - Fix redundant field name in findings page - Allow enum_variant_names for Dioxus Route enum - Fix &mut Vec -> &mut [T] clippy lint in sbom.rs - Mark unused-but-intended APIs with #[allow(dead_code)] Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
@@ -3,13 +3,22 @@ use compliance_core::CoreError;
|
||||
|
||||
pub struct CveScanner {
|
||||
http: reqwest::Client,
|
||||
#[allow(dead_code)]
|
||||
searxng_url: Option<String>,
|
||||
nvd_api_key: Option<String>,
|
||||
}
|
||||
|
||||
impl CveScanner {
|
||||
pub fn new(http: reqwest::Client, searxng_url: Option<String>, nvd_api_key: Option<String>) -> Self {
|
||||
Self { http, searxng_url, nvd_api_key }
|
||||
pub fn new(
|
||||
http: reqwest::Client,
|
||||
searxng_url: Option<String>,
|
||||
nvd_api_key: Option<String>,
|
||||
) -> Self {
|
||||
Self {
|
||||
http,
|
||||
searxng_url,
|
||||
nvd_api_key,
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn scan_dependencies(
|
||||
@@ -87,9 +96,10 @@ impl CveScanner {
|
||||
return Ok(Vec::new());
|
||||
}
|
||||
|
||||
let result: OsvBatchResponse = resp.json().await.map_err(|e| {
|
||||
CoreError::Http(format!("Failed to parse OSV.dev response: {e}"))
|
||||
})?;
|
||||
let result: OsvBatchResponse = resp
|
||||
.json()
|
||||
.await
|
||||
.map_err(|e| CoreError::Http(format!("Failed to parse OSV.dev response: {e}")))?;
|
||||
|
||||
let vulns = result
|
||||
.results
|
||||
@@ -101,8 +111,9 @@ impl CveScanner {
|
||||
.map(|v| OsvVuln {
|
||||
id: v.id,
|
||||
summary: v.summary,
|
||||
severity: v.database_specific
|
||||
.and_then(|d| d.get("severity").and_then(|s| s.as_str()).map(String::from)),
|
||||
severity: v.database_specific.and_then(|d| {
|
||||
d.get("severity").and_then(|s| s.as_str()).map(String::from)
|
||||
}),
|
||||
})
|
||||
.collect()
|
||||
})
|
||||
@@ -123,17 +134,19 @@ impl CveScanner {
|
||||
req = req.header("apiKey", key.as_str());
|
||||
}
|
||||
|
||||
let resp = req.send().await.map_err(|e| {
|
||||
CoreError::Http(format!("NVD request failed: {e}"))
|
||||
})?;
|
||||
let resp = req
|
||||
.send()
|
||||
.await
|
||||
.map_err(|e| CoreError::Http(format!("NVD request failed: {e}")))?;
|
||||
|
||||
if !resp.status().is_success() {
|
||||
return Ok(None);
|
||||
}
|
||||
|
||||
let body: serde_json::Value = resp.json().await.map_err(|e| {
|
||||
CoreError::Http(format!("Failed to parse NVD response: {e}"))
|
||||
})?;
|
||||
let body: serde_json::Value = resp
|
||||
.json()
|
||||
.await
|
||||
.map_err(|e| CoreError::Http(format!("Failed to parse NVD response: {e}")))?;
|
||||
|
||||
// Extract CVSS v3.1 base score
|
||||
let score = body["vulnerabilities"]
|
||||
@@ -146,15 +159,22 @@ impl CveScanner {
|
||||
Ok(score)
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub async fn search_context(&self, cve_id: &str) -> Result<Vec<String>, CoreError> {
|
||||
let Some(searxng_url) = &self.searxng_url else {
|
||||
return Ok(Vec::new());
|
||||
};
|
||||
|
||||
let url = format!("{}/search?q={cve_id}&format=json&engines=duckduckgo", searxng_url.trim_end_matches('/'));
|
||||
let resp = self.http.get(&url).send().await.map_err(|e| {
|
||||
CoreError::Http(format!("SearXNG request failed: {e}"))
|
||||
})?;
|
||||
let url = format!(
|
||||
"{}/search?q={cve_id}&format=json&engines=duckduckgo",
|
||||
searxng_url.trim_end_matches('/')
|
||||
);
|
||||
let resp = self
|
||||
.http
|
||||
.get(&url)
|
||||
.send()
|
||||
.await
|
||||
.map_err(|e| CoreError::Http(format!("SearXNG request failed: {e}")))?;
|
||||
|
||||
if !resp.status().is_success() {
|
||||
return Ok(Vec::new());
|
||||
|
||||
Reference in New Issue
Block a user