Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: support RPM archives #7628

Merged
merged 11 commits into from
Oct 2, 2024
Merged
Show file tree
Hide file tree
Changes from 7 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -39,3 +39,6 @@ dist
# Signing
gpg.key
cmd/trivy/trivy

# RPM
*.rpm
7 changes: 5 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ require (
github.com/package-url/packageurl-go v0.1.3
github.com/quasilyte/go-ruleguard/dsl v0.3.22
github.com/samber/lo v1.47.0
github.com/sassoftware/go-rpmutils v0.4.0
github.com/secure-systems-lab/go-securesystemslib v0.8.0
github.com/sigstore/rekor v1.3.6
github.com/sirupsen/logrus v1.9.3
Expand Down Expand Up @@ -152,6 +153,7 @@ require (
github.com/Azure/go-autorest/logger v0.2.1 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
github.com/DataDog/zstd v1.5.5 // indirect
github.com/Intevation/gval v1.3.0 // indirect
github.com/Intevation/jsonpath v0.2.1 // indirect
github.com/MakeNowJust/heredoc v1.0.0 // indirect
Expand Down Expand Up @@ -187,7 +189,7 @@ require (
github.com/briandowns/spinner v1.23.0 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/chai2010/gettext-go v1.0.2 // indirect
github.com/cloudflare/circl v1.3.7 // indirect
github.com/cloudflare/circl v1.3.8 // indirect
github.com/containerd/cgroups/v3 v3.0.2 // indirect
github.com/containerd/containerd/api v1.7.19 // indirect
github.com/containerd/continuity v0.4.3 // indirect
Expand Down Expand Up @@ -359,14 +361,15 @@ require (
github.com/tklauser/numcpus v0.7.0 // indirect
github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 // indirect
github.com/transparency-dev/merkle v0.0.2 // indirect
github.com/ulikunitz/xz v0.5.11 // indirect
github.com/ulikunitz/xz v0.5.12 // indirect
github.com/vbatts/tar-split v0.11.5 // indirect
github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect
github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
github.com/x448/float16 v0.8.4 // indirect
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
github.com/yashtewari/glob-intersection v0.2.0 // indirect
github.com/yuin/gopher-lua v1.1.1 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
Expand Down
14 changes: 10 additions & 4 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -245,6 +245,8 @@ github.com/CycloneDX/cyclonedx-go v0.9.1 h1:yffaWOZsv77oTJa/SdVZYdgAgFioCeycBUKk
github.com/CycloneDX/cyclonedx-go v0.9.1/go.mod h1:NE/EWvzELOFlG6+ljX/QeMlVt9VKcTwu8u0ccsACEsw=
github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU=
github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU=
github.com/DataDog/zstd v1.5.5 h1:oWf5W7GtOLgp6bciQYDmhHHjdhYkALu6S/5Ni9ZgSvQ=
github.com/DataDog/zstd v1.5.5/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw=
github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible h1:juIaKLLVhqzP55d8x4cSVgwyQv76Z55/fRv/UBr2KkQ=
github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs=
github.com/Intevation/gval v1.3.0 h1:+Ze5sft5MmGbZrHj06NVUbcxCb67l9RaPTLMNr37mjw=
Expand Down Expand Up @@ -461,8 +463,8 @@ github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMn
github.com/clbanning/mxj/v2 v2.7.0 h1:WA/La7UGCanFe5NpHF0Q3DNtnCsVoxbPKuyBNHWRyME=
github.com/clbanning/mxj/v2 v2.7.0/go.mod h1:hNiWqW14h+kc+MdF9C6/YoRfjEJoR3ou6tn/Qo+ve2s=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU=
github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA=
github.com/cloudflare/circl v1.3.8 h1:j+V8jJt09PoeMFIu2uh5JUyEaIHTXVOHslFoLNAKqwI=
github.com/cloudflare/circl v1.3.8/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
Expand Down Expand Up @@ -1219,6 +1221,8 @@ github.com/samber/lo v1.47.0 h1:z7RynLwP5nbyRscyvcD043DWYoOcYRv3mV8lBeqOCLc=
github.com/samber/lo v1.47.0/go.mod h1:RmDH9Ct32Qy3gduHQuKJ3gW1fMHAnE/fAzQuf6He5cU=
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 h1:lZUw3E0/J3roVtGQ+SCrUrg3ON6NgVqpn3+iol9aGu4=
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1/go.mod h1:uToXkOrWAZ6/Oc07xWQrPOhJotwFIyu2bBVN41fcDUY=
github.com/sassoftware/go-rpmutils v0.4.0 h1:ojND82NYBxgwrV+mX1CWsd5QJvvEZTKddtCdFLPWhpg=
github.com/sassoftware/go-rpmutils v0.4.0/go.mod h1:3goNWi7PGAT3/dlql2lv3+MSN5jNYPjT5mVcQcIsYzI=
github.com/sassoftware/relic v7.2.1+incompatible h1:Pwyh1F3I0r4clFJXkSI8bOyJINGqpgjJU3DYAZeI05A=
github.com/sassoftware/relic v7.2.1+incompatible/go.mod h1:CWfAxv73/iLZ17rbyhIEq3K9hs5w6FpNMdUT//qR+zk=
github.com/sassoftware/relic/v7 v7.6.2 h1:rS44Lbv9G9eXsukknS4mSjIAuuX+lMq/FnStgmZlUv4=
Expand Down Expand Up @@ -1344,8 +1348,8 @@ github.com/twitchtv/twirp v8.1.3+incompatible h1:+F4TdErPgSUbMZMwp13Q/KgDVuI7HJX
github.com/twitchtv/twirp v8.1.3+incompatible/go.mod h1:RRJoFSAmTEh2weEqWtpPE3vFK5YBhA6bqp2l1kfCC5A=
github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8=
github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
github.com/ulikunitz/xz v0.5.11 h1:kpFauv27b6ynzBNT/Xy+1k+fK4WswhN/6PN5WhFAGw8=
github.com/ulikunitz/xz v0.5.11/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinCts=
github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk=
Expand All @@ -1368,6 +1372,8 @@ github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHo
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74=
github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo=
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos=
github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ=
github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0=
github.com/yashtewari/glob-intersection v0.2.0 h1:8iuHdN88yYuCzCdjt0gDe+6bAhUwBeEWqThExu54RFg=
Expand Down
4 changes: 3 additions & 1 deletion magefiles/magefile.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ import (
"github.com/magefile/mage/sh"
"github.com/magefile/mage/target"

//mage:import rpm
rpm "github.com/aquasecurity/trivy/pkg/fanal/analyzer/pkg/rpm/testdata"
// Trivy packages should not be imported in Mage (see https://github.com/aquasecurity/trivy/pull/4242),
// but this package doesn't have so many dependencies, and Mage is still fast.
"github.com/aquasecurity/trivy/pkg/log"
Expand Down Expand Up @@ -268,7 +270,7 @@ func compileWasmModules(pattern string) error {

// Unit runs unit tests
func (t Test) Unit() error {
mg.Deps(t.GenerateModules)
mg.Deps(t.GenerateModules, rpm.Fixtures)
return sh.RunWithV(ENV, "go", "test", "-v", "-short", "-coverprofile=coverage.txt", "-covermode=atomic", "./...")
}

Expand Down
7 changes: 7 additions & 0 deletions pkg/commands/artifact/run.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"errors"
"fmt"
"os"
"slices"

"github.com/hashicorp/go-multierror"
Expand Down Expand Up @@ -457,6 +458,12 @@ func disabledAnalyzers(opts flag.Options) []analyzer.Type {
analyzers = append(analyzers, analyzer.TypeExecutable)
}

// Disable RPM archive analyzer unless the environment variable is set
// TODO: add '--enable-analyzers' and delete this environment variable
if os.Getenv("TRIVY_EXPERIMENTAL_RPM_ARCHIVE") == "" {
analyzers = append(analyzers, analyzer.TypeRpmArchive)
}

return analyzers
}

Expand Down
1 change: 1 addition & 0 deletions pkg/fanal/analyzer/const.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ const (
TypeDpkg Type = "dpkg"
TypeDpkgLicense Type = "dpkg-license" // For analyzing licenses
TypeRpm Type = "rpm"
TypeRpmArchive Type = "rpm-archive"
TypeRpmqa Type = "rpmqa"

// OS Package Repository
Expand Down
149 changes: 149 additions & 0 deletions pkg/fanal/analyzer/pkg/rpm/archive.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,149 @@
package rpm

import (
"context"
"errors"
"os"
"path/filepath"
"strconv"
"strings"

"github.com/package-url/packageurl-go"
"github.com/sassoftware/go-rpmutils"
"golang.org/x/xerrors"

"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
"github.com/aquasecurity/trivy/pkg/fanal/types"
"github.com/aquasecurity/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/scanner/utils"
)

const archiveVersion = 1

func init() {
analyzer.RegisterAnalyzer(newRPMArchiveAnalyzer())
}

type rpmArchiveAnalyzer struct {
logger *log.Logger
}

func newRPMArchiveAnalyzer() *rpmArchiveAnalyzer {
return &rpmArchiveAnalyzer{
logger: log.WithPrefix("rpm-archive"),
}
}

func (a *rpmArchiveAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisInput) (*analyzer.AnalysisResult, error) {
rpm, err := rpmutils.ReadRpm(input.Content)
if err != nil {
return nil, xerrors.Errorf("failed to read rpm (%s): %w", input.FilePath, err)
}
pkg, err := a.parseHeader(rpm.Header)
if err != nil {
return nil, xerrors.Errorf("failed to parse rpm header: %w", err)
}
pkg.FilePath = input.FilePath
pkg.Identifier.PURL = a.generatePURL(&pkg)

return &analyzer.AnalysisResult{
PackageInfos: []types.PackageInfo{
{
FilePath: input.FilePath,
Packages: types.Packages{pkg},
},
},
}, nil
}

func (a *rpmArchiveAnalyzer) parseHeader(h *rpmutils.RpmHeader) (types.Package, error) {
if h == nil {
return types.Package{}, errors.New("rpm header is nil")
}
// Getting metadata
nevra, err := h.GetNEVRA()
if a.unexpectedError(err) != nil {
return types.Package{}, xerrors.Errorf("failed to get NEVRA: %w", err)
}
epoch, err := strconv.Atoi(nevra.Epoch)
if a.unexpectedError(err) != nil {
return types.Package{}, xerrors.Errorf("failed to convert epoch to int (%s): %w", nevra.Name, err)
}
licenses, err := h.GetStrings(rpmutils.LICENSE)
if a.unexpectedError(err) != nil {
return types.Package{}, xerrors.Errorf("failed to get licenses: %w", err)
}
sourceRpm, err := h.GetString(rpmutils.SOURCERPM)
if a.unexpectedError(err) != nil {
return types.Package{}, xerrors.Errorf("failed to get source rpm: %w", err)
}
srcName, srcVer, srcRel, err := splitFileName(sourceRpm)
if err != nil {
a.logger.Debug("Invalid Source RPM Found", log.String("sourcerpm", sourceRpm))
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we skip splitFileName If SOURCERPM is not found?
(to avoid splitFileName error)
as for rpm:

if pkg.SourceRpm != "(none)" && pkg.SourceRpm != "" {
// source epoch is not included in SOURCERPM
srcName, srcVer, srcRel, err = splitFileName(pkg.SourceRpm)
if err != nil {
log.DebugContext(ctx, "Invalid Source RPM Found", log.String("sourcerpm", pkg.SourceRpm))
}
}

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in c1fa209

vendor, err := h.GetString(rpmutils.VENDOR)
if a.unexpectedError(err) != nil {
return types.Package{}, xerrors.Errorf("failed to get vendor: %w", err)
}

// TODO: add the const to go-rpmutils
// cf. https://github.com/rpm-software-management/rpm/blob/rpm-4.16.0-release/lib/rpmtag.h#L375
modularityLabel, err := h.GetString(5096)
if a.unexpectedError(err) != nil {
return types.Package{}, xerrors.Errorf("failed to get modularitylabel: %w", err)
}

return types.Package{
Name: nevra.Name,
Version: nevra.Version,
Release: nevra.Release,
Epoch: epoch,
Arch: nevra.Arch,
SrcName: srcName,
SrcVersion: srcVer,
SrcRelease: srcRel,
SrcEpoch: epoch,
Licenses: licenses,
Maintainer: vendor,
Modularitylabel: modularityLabel,
}, nil
}

func (a *rpmArchiveAnalyzer) generatePURL(pkg *types.Package) *packageurl.PackageURL {
vendor := strings.ToLower(pkg.Maintainer)

// TODO: Handle more vendors
var ns string
switch {
case strings.Contains(vendor, "red hat"):
ns = "redhat"
case strings.Contains(vendor, "fedora"):
ns = "fedora"
case strings.Contains(vendor, "opensuse"):
ns = "opensuse"
case strings.Contains(vendor, "suse"):
ns = "suse"
}
return packageurl.NewPackageURL(packageurl.TypeRPM, ns, pkg.Name, utils.FormatVersion(*pkg), nil, "")
}
Comment on lines +124 to +140
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIUC we will overwrite this purl if OS is detected:

if mergedLayer.OS.Family != "" {
mergedLayer.Packages[i].Identifier.PURL = newPURL(mergedLayer.OS.Family, types.Metadata{OS: &mergedLayer.OS}, pkg)
}

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to generate PURL here as OS is not detected when scanning RPM files.

Copy link
Contributor

@DmitriyLewen DmitriyLewen Oct 2, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree that we need to generate PURL here.
I am worried about case when we scan image that containing *.rpm file, and OS and vendor of this file are not equal.
In this case we will use namespace from OS.
(example): fedora image contains socat-1.7.3.2-2.el7.x86_64.rpm file (for RedHat).
in analyzer we use redhat namespace.
But in applier we will overwrite purl and use fedora namespace.

I meant that perhaps we need to add purl == nil check in applier.

UPD:

➜ cat Dockerfile 
FROM centos

COPY socat-1.7.3.2-2.el7.x86_64.rpm socat-1.7.3.2-2.el7.x86_64.rpm

➜  TRIVY_EXPERIMENTAL_RPM_ARCHIVE=true ./trivy -q image -f json --list-all-pkgs rpm-archives | grep socat@1.7.3.2                                                         
            "PURL": "pkg:rpm/centos/socat@1.7.3.2-2.el7?arch=x86_64\u0026distro=centos-8.4.2105",

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It makes sense. Added 9c26be0


func (a *rpmArchiveAnalyzer) unexpectedError(err error) error {
var rerr rpmutils.NoSuchTagError
if errors.As(err, &rerr) {
a.logger.Debug("RPM tag not found", log.Err(rerr))
return nil
}
return err
}

func (a *rpmArchiveAnalyzer) Required(filePath string, _ os.FileInfo) bool {
return filepath.Ext(filePath) == ".rpm"
}

func (a *rpmArchiveAnalyzer) Type() analyzer.Type {
return analyzer.TypeRpmArchive
}

func (a *rpmArchiveAnalyzer) Version() int {
return archiveVersion
}
81 changes: 81 additions & 0 deletions pkg/fanal/analyzer/pkg/rpm/archive_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
package rpm

import (
"context"
"os"
"strings"
"testing"

"github.com/package-url/packageurl-go"
"github.com/samber/lo"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"

"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
"github.com/aquasecurity/trivy/pkg/fanal/types"
)

func Test_rpmArchiveAnalyzer_Analyze(t *testing.T) {
tests := []struct {
name string
input analyzer.AnalysisInput
want *analyzer.AnalysisResult
wantErr require.ErrorAssertionFunc
}{
{
name: "valid",
input: analyzer.AnalysisInput{
FilePath: "testdata/valid.rpm",
Content: lo.Must(os.Open("testdata/socat-1.7.3.2-2.el7.x86_64.rpm")), // Must run 'mage rpm:fixtures' before this test
},
want: &analyzer.AnalysisResult{
PackageInfos: []types.PackageInfo{
{
FilePath: "testdata/valid.rpm",
Packages: types.Packages{
{
Name: "socat",
Version: "1.7.3.2",
Release: "2.el7",
Arch: "x86_64",
SrcName: "socat",
SrcVersion: "1.7.3.2",
SrcRelease: "2.el7",
FilePath: "testdata/valid.rpm",
Licenses: []string{
"GPLv2",
},
Maintainer: "Red Hat, Inc.",
Identifier: types.PkgIdentifier{
PURL: &packageurl.PackageURL{
Type: packageurl.TypeRPM,
Namespace: "redhat",
Name: "socat",
Version: "1.7.3.2-2.el7",
},
},
},
},
},
},
},
wantErr: require.NoError,
},
{
name: "broken",
input: analyzer.AnalysisInput{
FilePath: "testdata/broken.rpm",
Content: strings.NewReader(`broken`),
},
wantErr: require.Error,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
a := newRPMArchiveAnalyzer()
got, err := a.Analyze(context.Background(), tt.input)
tt.wantErr(t, err)
assert.Equal(t, tt.want, got)
})
}
}
Loading