Skip to content

Commit 901ee4f

Browse files
hectorj2fhectorj2f
committed
scan: add a warning when age is older than 48h for now
Signed-off-by: Hector Fernandez <[email protected]>
1 parent a45da79 commit 901ee4f

File tree

2 files changed

+12
-1
lines changed

2 files changed

+12
-1
lines changed

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,7 @@ require (
6868
require (
6969
github.com/anchore/go-logger v0.0.0-20250318195838-07ae343dd722
7070
github.com/chainguard-dev/advisory-schema v0.37.12
71+
github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b
7172
github.com/spf13/afero v1.14.0
7273
)
7374

@@ -206,7 +207,6 @@ require (
206207
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
207208
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.1-0.20210315223345-82c243799c99 // indirect
208209
github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect
209-
github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b // indirect
210210
github.com/hashicorp/errwrap v1.1.0 // indirect
211211
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
212212
github.com/hashicorp/go-getter v1.7.8 // indirect

pkg/scan/apk.go

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ import (
1515
"time"
1616

1717
"github.com/adrg/xdg"
18+
"github.com/hako/durafmt"
1819
"github.com/anchore/grype/grype"
1920
v6 "github.com/anchore/grype/grype/db/v6"
2021
"github.com/anchore/grype/grype/db/v6/distribution"
@@ -44,6 +45,8 @@ import (
4445

4546
const (
4647
mavenSearchBaseURL = "https://search.maven.org/solrsearch/select"
48+
49+
maxRecommendedBuildAge = 48 * time.Hour
4750
)
4851

4952
var DefaultGrypeDBDir = path.Join(xdg.CacheHome, "wolfictl", "grype", "db")
@@ -243,6 +246,14 @@ func NewScanner(opts Options) (*Scanner, error) {
243246
return nil, fmt.Errorf("failed to load vulnerability database: %w", err)
244247
}
245248

249+
// built time is defined in UTC,
250+
// we should compare it against UTC
251+
now := time.Now().UTC()
252+
age := now.Sub(dbStatus.Built)
253+
if age > maxRecommendedBuildAge {
254+
fmt.Fprintf(os.Stdout, "WARNING: the vulnerability database was built %s ago (max allowed age is %s but the recommended value is %s)\n", durafmt.ParseShort(age), durafmt.ParseShort(maxAllowedBuildAge), durafmt.ParseShort(maxRecommendedBuildAge))
255+
}
256+
246257
if checksum == "" {
247258
metadata, err := v6.ReadImportMetadata(afero.NewOsFs(), filepath.Dir(dbStatus.Path))
248259
if err != nil {

0 commit comments

Comments
 (0)