Use crate_scope in advisory query (#153)

This commit is contained in:
Paolo Barbolini 2022-04-26 23:46:44 +02:00 committed by GitHub
parent aa2e01f96b
commit 041640692d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -40,15 +40,11 @@ impl DependencyAnalyzer {
let name: cargo_lock::Name = name.as_ref().parse().unwrap(); let name: cargo_lock::Name = name.as_ref().parse().unwrap();
let version: cargo_lock::Version = ver.to_string().parse().unwrap(); let version: cargo_lock::Version = ver.to_string().parse().unwrap();
let query = database::Query::new().package_version(name, version); let query = database::Query::crate_scope().package_version(name, version);
if let Some(db) = advisory_db { if let Some(db) = advisory_db {
let vulnerabilities: Vec<_> = db let vulnerabilities: Vec<_> =
.query(&query) db.query(&query).into_iter().map(|v| v.to_owned()).collect();
.into_iter()
.filter(|vuln| !vuln.withdrawn())
.map(|v| v.to_owned())
.collect();
if !vulnerabilities.is_empty() { if !vulnerabilities.is_empty() {
dep.vulnerabilities = vulnerabilities; dep.vulnerabilities = vulnerabilities;
} }