From 504988e573b8bc3a2b71e2273c2d15ad86c3566e Mon Sep 17 00:00:00 2001 From: attiasas Date: Tue, 12 Mar 2024 14:45:22 +0200 Subject: [PATCH 1/6] Always run Applicability Scan if CVE discovered --- .../audit/jas/applicability/applicabilitymanager.go | 8 -------- .../jas/applicability/applicabilitymanager_test.go | 12 ------------ go.mod | 4 ++-- go.sum | 8 ++++---- 4 files changed, 6 insertions(+), 26 deletions(-) diff --git a/commands/audit/jas/applicability/applicabilitymanager.go b/commands/audit/jas/applicability/applicabilitymanager.go index a727f1fd..a2ca308a 100644 --- a/commands/audit/jas/applicability/applicabilitymanager.go +++ b/commands/audit/jas/applicability/applicabilitymanager.go @@ -43,10 +43,6 @@ type ApplicabilityScanManager struct { func RunApplicabilityScan(xrayResults []services.ScanResponse, directDependencies []string, scannedTechnologies []coreutils.Technology, scanner *jas.JasScanner, thirdPartyContextualAnalysis bool) (results []*sarif.Run, err error) { applicabilityScanManager := newApplicabilityScanManager(xrayResults, directDependencies, scanner, thirdPartyContextualAnalysis) - if !applicabilityScanManager.shouldRunApplicabilityScan(scannedTechnologies) { - log.Debug("The technologies that have been scanned are currently not supported for contextual analysis scanning, or we couldn't find any vulnerable dependencies. Skipping....") - return - } if err = applicabilityScanManager.scanner.Run(applicabilityScanManager); err != nil { err = utils.ParseAnalyzerManagerError(utils.Applicability, err) return @@ -132,10 +128,6 @@ func (asm *ApplicabilityScanManager) Run(module jfrogappsconfig.Module) (err err return } -func (asm *ApplicabilityScanManager) shouldRunApplicabilityScan(technologies []coreutils.Technology) bool { - return asm.cvesExists() && coreutils.ContainsApplicabilityScannableTech(technologies) -} - func (asm *ApplicabilityScanManager) cvesExists() bool { return len(asm.indirectDependenciesCves) > 0 || len(asm.directDependenciesCves) > 0 } diff --git a/commands/audit/jas/applicability/applicabilitymanager_test.go b/commands/audit/jas/applicability/applicabilitymanager_test.go index 672f8623..464281bc 100644 --- a/commands/audit/jas/applicability/applicabilitymanager_test.go +++ b/commands/audit/jas/applicability/applicabilitymanager_test.go @@ -164,18 +164,6 @@ func TestApplicabilityScanManager_ShouldRun_TechnologiesNotEligibleForScan(t *te assert.NoError(t, err) } -func TestApplicabilityScanManager_ShouldRun_ScanResultsAreEmpty(t *testing.T) { - // Arrange - scanner, cleanUp := jas.InitJasTest(t) - defer cleanUp() - - applicabilityManager := newApplicabilityScanManager(nil, mockDirectDependencies, scanner, false) - - // Assert - eligible := applicabilityManager.shouldRunApplicabilityScan([]coreutils.Technology{coreutils.Nuget}) - assert.False(t, eligible) -} - func TestExtractXrayDirectViolations(t *testing.T) { var xrayResponseForDirectViolationsTest = []services.ScanResponse{ { diff --git a/go.mod b/go.mod index cf3a24f8..99ce99d1 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.21 require ( github.com/gookit/color v1.5.4 github.com/jfrog/build-info-go v1.9.23 - github.com/jfrog/gofrog v1.6.0 + github.com/jfrog/gofrog v1.6.3 github.com/jfrog/jfrog-apps-config v1.0.1 github.com/jfrog/jfrog-cli-core/v2 v2.48.1 github.com/jfrog/jfrog-client-go v1.37.1 @@ -98,7 +98,7 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240303093859-ebce750e0f45 +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240312124144-242e12416341 replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240222155638-e55c7d7acbee diff --git a/go.sum b/go.sum index 08c895dd..cede1cc0 100644 --- a/go.sum +++ b/go.sum @@ -20,6 +20,8 @@ github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuW github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240312124144-242e12416341 h1:ScAJxa0TdgwZu+jtoQSnkCJ+N2k7D6WwDn+mYE71VKE= +github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240312124144-242e12416341/go.mod h1:fTnA9KjwuMEWnqAFPPoLc6IzvYxD8SorqawESk74fP8= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= @@ -98,12 +100,10 @@ github.com/jfrog/archiver/v3 v3.6.0 h1:OVZ50vudkIQmKMgA8mmFF9S0gA47lcag22N13iV3F github.com/jfrog/archiver/v3 v3.6.0/go.mod h1:fCAof46C3rAXgZurS8kNRNdSVMKBbZs+bNNhPYxLldI= github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c h1:M1QiuCYGCYN1IiGyxogrLzfetYGkkhE2pgDh5K4Wo9A= github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c/go.mod h1:QHcKuesY4MrBVBuEwwBz4uIsX6mwYuMEDV09ng4AvAU= -github.com/jfrog/gofrog v1.6.0 h1:jOwb37nHY2PnxePNFJ6e6279Pgkr3di05SbQQw47Mq8= -github.com/jfrog/gofrog v1.6.0/go.mod h1:SZ1EPJUruxrVGndOzHd+LTiwWYKMlHqhKD+eu+v5Hqg= +github.com/jfrog/gofrog v1.6.3 h1:F7He0+75HcgCe6SGTSHLFCBDxiE2Ja0tekvvcktW6wc= +github.com/jfrog/gofrog v1.6.3/go.mod h1:SZ1EPJUruxrVGndOzHd+LTiwWYKMlHqhKD+eu+v5Hqg= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240303093859-ebce750e0f45 h1:KeP2+7KcZHWZ24FPdW3yLfzXI/O6U9KdUzgvGi58PGo= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240303093859-ebce750e0f45/go.mod h1:aE5kYuqiZxu6hHkAQm34BvtGjLR8rk0/PUWpl4u5g0Q= github.com/jfrog/jfrog-client-go v1.28.1-0.20240222155638-e55c7d7acbee h1:IrM+wE8WmsSm95vpYSEYle2mPAOVn1FrRTeScSNxgrw= github.com/jfrog/jfrog-client-go v1.28.1-0.20240222155638-e55c7d7acbee/go.mod h1:jcZYTyo9H4GtZ6eAYIfKm1ulxeTbshcBBA+YUbWlHNc= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= From 541aaef7cd299d8b6fc95ead87c5d4060c44b355 Mon Sep 17 00:00:00 2001 From: attiasas Date: Tue, 12 Mar 2024 15:00:20 +0200 Subject: [PATCH 2/6] fix static --- commands/audit/jas/applicability/applicabilitymanager.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/commands/audit/jas/applicability/applicabilitymanager.go b/commands/audit/jas/applicability/applicabilitymanager.go index a2ca308a..15f0f2fe 100644 --- a/commands/audit/jas/applicability/applicabilitymanager.go +++ b/commands/audit/jas/applicability/applicabilitymanager.go @@ -43,6 +43,10 @@ type ApplicabilityScanManager struct { func RunApplicabilityScan(xrayResults []services.ScanResponse, directDependencies []string, scannedTechnologies []coreutils.Technology, scanner *jas.JasScanner, thirdPartyContextualAnalysis bool) (results []*sarif.Run, err error) { applicabilityScanManager := newApplicabilityScanManager(xrayResults, directDependencies, scanner, thirdPartyContextualAnalysis) + if !applicabilityScanManager.cvesExists() { + log.Debug("We couldn't find any vulnerable dependencies. Skipping....") + return + } if err = applicabilityScanManager.scanner.Run(applicabilityScanManager); err != nil { err = utils.ParseAnalyzerManagerError(utils.Applicability, err) return From ebc6bff7b1dc951efdbb80db3544529cf2059b70 Mon Sep 17 00:00:00 2001 From: attiasas Date: Tue, 12 Mar 2024 15:29:11 +0200 Subject: [PATCH 3/6] remove not relevant tests --- .../jas/applicability/applicabilitymanager_test.go | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/commands/audit/jas/applicability/applicabilitymanager_test.go b/commands/audit/jas/applicability/applicabilitymanager_test.go index 464281bc..a7537b0f 100644 --- a/commands/audit/jas/applicability/applicabilitymanager_test.go +++ b/commands/audit/jas/applicability/applicabilitymanager_test.go @@ -153,17 +153,6 @@ func TestNewApplicabilityScanManager_VulnerabilitiesDontExist(t *testing.T) { } } -func TestApplicabilityScanManager_ShouldRun_TechnologiesNotEligibleForScan(t *testing.T) { - scanner, cleanUp := jas.InitJasTest(t) - defer cleanUp() - - results, err := RunApplicabilityScan(jas.FakeBasicXrayResults, mockDirectDependencies, []coreutils.Technology{coreutils.Nuget, coreutils.Go}, scanner, false) - - // Assert - assert.Nil(t, results) - assert.NoError(t, err) -} - func TestExtractXrayDirectViolations(t *testing.T) { var xrayResponseForDirectViolationsTest = []services.ScanResponse{ { From 94eaa4265e1afd7e0736213d04408404b3325c0d Mon Sep 17 00:00:00 2001 From: attiasas Date: Tue, 2 Apr 2024 13:58:26 +0300 Subject: [PATCH 4/6] update dep --- go.mod | 2 +- go.sum | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 0e1e93e8..bdca8a12 100644 --- a/go.mod +++ b/go.mod @@ -98,7 +98,7 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240312124144-242e12416341 +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240402105514-8eb1fef38b0f // replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev diff --git a/go.sum b/go.sum index 6c396043..bbf502b1 100644 --- a/go.sum +++ b/go.sum @@ -20,8 +20,8 @@ github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuW github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240312124144-242e12416341 h1:ScAJxa0TdgwZu+jtoQSnkCJ+N2k7D6WwDn+mYE71VKE= -github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240312124144-242e12416341/go.mod h1:fTnA9KjwuMEWnqAFPPoLc6IzvYxD8SorqawESk74fP8= +github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240402105514-8eb1fef38b0f h1:sv1X2TbIDG9j32s9/utuGBZdXgqIVze2+hfs1aM2VnA= +github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240402105514-8eb1fef38b0f/go.mod h1:95AsjwlMLNWU0v71/3dS715e1RAQfvPO47RRHz2xKh8= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= @@ -104,8 +104,6 @@ github.com/jfrog/gofrog v1.6.3 h1:F7He0+75HcgCe6SGTSHLFCBDxiE2Ja0tekvvcktW6wc= github.com/jfrog/gofrog v1.6.3/go.mod h1:SZ1EPJUruxrVGndOzHd+LTiwWYKMlHqhKD+eu+v5Hqg= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.50.0 h1:QmjSIktMKAbNH7OGY+eVZKx9husqgMANSI5kB8MlvlA= -github.com/jfrog/jfrog-cli-core/v2 v2.50.0/go.mod h1:95AsjwlMLNWU0v71/3dS715e1RAQfvPO47RRHz2xKh8= github.com/jfrog/jfrog-client-go v1.39.0 h1:GZ1qbpUDzYz8ZEycYicDkbVMN2H0VSCuz8mUNTyf7tc= github.com/jfrog/jfrog-client-go v1.39.0/go.mod h1:tUyEmxznphh0nwAGo6xz9Sps7RRW/TBMxIJZteo+j2k= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= From ed41936482e6f04b126d846f67af5604cfbee4da Mon Sep 17 00:00:00 2001 From: attiasas Date: Mon, 15 Apr 2024 14:36:19 +0300 Subject: [PATCH 5/6] remove dep --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index bdca8a12..b8f2b676 100644 --- a/go.mod +++ b/go.mod @@ -98,7 +98,7 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240402105514-8eb1fef38b0f +// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 dev // replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev diff --git a/go.sum b/go.sum index bbf502b1..a5be4576 100644 --- a/go.sum +++ b/go.sum @@ -20,8 +20,6 @@ github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuW github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240402105514-8eb1fef38b0f h1:sv1X2TbIDG9j32s9/utuGBZdXgqIVze2+hfs1aM2VnA= -github.com/attiasas/jfrog-cli-core/v2 v2.0.0-20240402105514-8eb1fef38b0f/go.mod h1:95AsjwlMLNWU0v71/3dS715e1RAQfvPO47RRHz2xKh8= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= @@ -104,6 +102,8 @@ github.com/jfrog/gofrog v1.6.3 h1:F7He0+75HcgCe6SGTSHLFCBDxiE2Ja0tekvvcktW6wc= github.com/jfrog/gofrog v1.6.3/go.mod h1:SZ1EPJUruxrVGndOzHd+LTiwWYKMlHqhKD+eu+v5Hqg= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= +github.com/jfrog/jfrog-cli-core/v2 v2.50.0 h1:QmjSIktMKAbNH7OGY+eVZKx9husqgMANSI5kB8MlvlA= +github.com/jfrog/jfrog-cli-core/v2 v2.50.0/go.mod h1:95AsjwlMLNWU0v71/3dS715e1RAQfvPO47RRHz2xKh8= github.com/jfrog/jfrog-client-go v1.39.0 h1:GZ1qbpUDzYz8ZEycYicDkbVMN2H0VSCuz8mUNTyf7tc= github.com/jfrog/jfrog-client-go v1.39.0/go.mod h1:tUyEmxznphh0nwAGo6xz9Sps7RRW/TBMxIJZteo+j2k= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= From a495eacb3c5fac864e2768e51891429c0b581278 Mon Sep 17 00:00:00 2001 From: attiasas Date: Mon, 15 Apr 2024 20:27:45 +0300 Subject: [PATCH 6/6] Update dependencies --- go.mod | 12 ++++++------ go.sum | 16 ++++++++-------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/go.mod b/go.mod index 5ef0a482..b8af635c 100644 --- a/go.mod +++ b/go.mod @@ -4,11 +4,11 @@ go 1.21 require ( github.com/gookit/color v1.5.4 - github.com/jfrog/build-info-go v1.9.25 - github.com/jfrog/gofrog v1.6.3 + github.com/jfrog/build-info-go v1.9.26 + github.com/jfrog/gofrog v1.7.1 github.com/jfrog/jfrog-apps-config v1.0.1 - github.com/jfrog/jfrog-cli-core/v2 v2.49.0 - github.com/jfrog/jfrog-client-go v1.39.0 + github.com/jfrog/jfrog-cli-core/v2 v2.51.0 + github.com/jfrog/jfrog-client-go v1.40.1 github.com/magiconair/properties v1.8.7 github.com/owenrumney/go-sarif/v2 v2.3.0 github.com/stretchr/testify v1.9.0 @@ -98,8 +98,8 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240408074156-13680c04f22e +// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 dev -replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240409191434-4e96d77edd64 +// replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go dev diff --git a/go.sum b/go.sum index cf8ee9d7..7edec7cd 100644 --- a/go.sum +++ b/go.sum @@ -96,16 +96,16 @@ github.com/jedib0t/go-pretty/v6 v6.5.6 h1:nKXVLqPfAwY7sWcYXdNZZZ2fjqDpAtj9UeWupg github.com/jedib0t/go-pretty/v6 v6.5.6/go.mod h1:5LQIxa52oJ/DlDSLv0HEkWOFMDGoWkJb9ss5KqPpJBg= github.com/jfrog/archiver/v3 v3.6.0 h1:OVZ50vudkIQmKMgA8mmFF9S0gA47lcag22N13iV3F1w= github.com/jfrog/archiver/v3 v3.6.0/go.mod h1:fCAof46C3rAXgZurS8kNRNdSVMKBbZs+bNNhPYxLldI= -github.com/jfrog/build-info-go v1.9.25 h1:IkjydGQA/HjOWjRaoKq1hOEgCCyBEJwQgXJSo4WVBSA= -github.com/jfrog/build-info-go v1.9.25/go.mod h1:doFB4bFDVHeGulD6GF9LzsrRaIOrSoklV9DgIAEqHgc= -github.com/jfrog/gofrog v1.6.3 h1:F7He0+75HcgCe6SGTSHLFCBDxiE2Ja0tekvvcktW6wc= -github.com/jfrog/gofrog v1.6.3/go.mod h1:SZ1EPJUruxrVGndOzHd+LTiwWYKMlHqhKD+eu+v5Hqg= +github.com/jfrog/build-info-go v1.9.26 h1:1Ddc6+Ecvhc+UMnKhRVG1jGM6fYNwA49207azTBGBc8= +github.com/jfrog/build-info-go v1.9.26/go.mod h1:8T7/ajM9aGshvgpwCtXwIFpyF/R6CEn4W+/FLryNXWw= +github.com/jfrog/gofrog v1.7.1 h1:ME1Meg4hukAT/7X6HUQCVSe4DNjMZACCP8aCY37EW/w= +github.com/jfrog/gofrog v1.7.1/go.mod h1:X7bjfWoQDN0Z4FQGbE91j3gbPP7Urwzm4Z8tkvrlbRI= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240408074156-13680c04f22e h1:PjCzGWHyJqK4j1MP3osPDDAW6KBXMJlBypOxKtp/ZKo= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240408074156-13680c04f22e/go.mod h1:qXAP68g+DlyX2wk5znNbQdK2CcEHfOLOfYXPzdlnkxI= -github.com/jfrog/jfrog-client-go v1.28.1-0.20240409191434-4e96d77edd64 h1:q0GV0IdhYdTqEkNykRwNZP0qNEE8j9dWfY9uKovDPzM= -github.com/jfrog/jfrog-client-go v1.28.1-0.20240409191434-4e96d77edd64/go.mod h1:tUyEmxznphh0nwAGo6xz9Sps7RRW/TBMxIJZteo+j2k= +github.com/jfrog/jfrog-cli-core/v2 v2.51.0 h1:nESbCpSTPZx1av0W9tdmWLxKaPSL1SaZinbZGtYNeFI= +github.com/jfrog/jfrog-cli-core/v2 v2.51.0/go.mod h1:064wSSHVI3ZIVi/a94yJqzs+ACM+9JK/u9tQ1sfTK6A= +github.com/jfrog/jfrog-client-go v1.40.1 h1:ISSSV7/IUS8R+QCPfH2lVKLburbv2Xn07fvNyDc17rI= +github.com/jfrog/jfrog-client-go v1.40.1/go.mod h1:FprEW0Sqhj6ZSFTFk9NCni+ovFAYMA3zCBmNX4hGXgQ= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=