func parse34YAML(r io.Reader) (vulns []database.Vulnerability, err error) { var rBytes []byte rBytes, err = ioutil.ReadAll(r) if err != nil { return } var file secdb34File err = yaml.Unmarshal(rBytes, &file) if err != nil { return } for _, pack := range file.Packages { pkg := pack.Pkg for versionStr, vulnStrs := range pkg.Fixes { version, err := types.NewVersion(versionStr) if err != nil { log.Warningf("could not parse package version '%s': %s. skipping", versionStr, err.Error()) continue } for _, vulnStr := range vulnStrs { var vuln database.Vulnerability vuln.Severity = types.Unknown vuln.Name = vulnStr vuln.Link = nvdURLPrefix + vulnStr vuln.FixedIn = []database.FeatureVersion{ { Feature: database.Feature{ Namespace: database.Namespace{Name: "alpine:" + file.Distro}, Name: pkg.Name, }, Version: version, }, } vulns = append(vulns, vuln) } } } return }