Use go-deb-version for version validation (fanal#17)

Author: XapiMa

analyzer/pkg/apk/apk.go

@@ -7,11 +7,10 @@ import (
 
 	"github.com/pkg/errors"
 
-	"github.com/coreos/clair/ext/versionfmt"
-	clairDpkg "github.com/coreos/clair/ext/versionfmt/dpkg"
-
 	"github.com/knqyf263/fanal/analyzer"
 	"github.com/knqyf263/fanal/extractor"
+
+	debVersion "github.com/knqyf263/go-deb-version"
 )
 
 func init() {
@@ -59,7 +58,7 @@ func (a alpinePkgAnalyzer) parseApkInfo(scanner *bufio.Scanner) (pkgs []analyzer
 			pkg.Name = line[2:]
 		case "V:":
 			version = string(line[2:])
-			if err = versionfmt.Valid(clairDpkg.ParserName, version); err != nil {
+			if !debVersion.Valid(version) {
 				log.Printf("Invalid Version Found : OS %s, Package %s, Version %s", "alpine", pkg.Name, version)
 				continue
 			}

analyzer/pkg/dpkg/dpkg.go

@@ -10,11 +10,10 @@ import (
 	mapset "github.com/deckarep/golang-set"
 	"golang.org/x/xerrors"
 
-	"github.com/coreos/clair/ext/versionfmt"
-	"github.com/coreos/clair/ext/versionfmt/dpkg"
-	clairDpkg "github.com/coreos/clair/ext/versionfmt/dpkg"
 	"github.com/knqyf263/fanal/analyzer"
 	"github.com/knqyf263/fanal/extractor"
+
+	debVersion "github.com/knqyf263/go-deb-version"
 )
 
 var (
@@ -115,7 +114,7 @@ func (a debianPkgAnalyzer) parseDpkgPkg(scanner *bufio.Scanner) (pkg *analyzer.P
 
 	if name == "" || version == "" {
 		return nil
-	} else if err := versionfmt.Valid(clairDpkg.ParserName, version); err != nil {
+	} else if !debVersion.Valid(version) {
 		log.Printf("Invalid Version Found : OS %s, Package %s, Version %s", "debian", name, version)
 		return nil
 	}
@@ -135,7 +134,7 @@ func (a debianPkgAnalyzer) parseDpkgPkg(scanner *bufio.Scanner) (pkg *analyzer.P
 		sourceVersion = version
 	}
 
-	if err := versionfmt.Valid(dpkg.ParserName, sourceVersion); err != nil {
+	if !debVersion.Valid(sourceVersion) {
 		log.Printf("Invalid Version Found : OS %s, Package %s, Version %s", "debian", sourceName, sourceVersion)
 		return pkg
 	}

go.mod

@@ -4,12 +4,12 @@ require (
 	cloud.google.com/go v0.37.4 // indirect
 	github.com/GoogleCloudPlatform/docker-credential-gcr v1.5.0
 	github.com/aws/aws-sdk-go v1.19.11
-	github.com/coreos/clair v0.0.0-20180919182544-44ae4bc9590a
 	github.com/deckarep/golang-set v1.7.1
 	github.com/docker/distribution v0.0.0-20180920194744-16128bbac47f
 	github.com/docker/docker v0.0.0-20180924202107-a9c061deec0f
 	github.com/docker/go-connections v0.4.0 // indirect
 	github.com/genuinetools/reg v0.16.0
+	github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d
 	github.com/knqyf263/go-dep-parser v0.0.0-20190515172517-b8305876c9c2
 	github.com/knqyf263/go-rpmdb v0.0.0-20190501070121-10a1c42a10dc
 	github.com/knqyf263/nested v0.0.1

go.sum

@@ -93,6 +93,8 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/knqyf263/berkeleydb v0.0.0-20190501065933-fafe01fb9662 h1:UGS0RbPHwXJkq8tcba8OD0nvVUWLf2h7uUJznuHPPB0=
 github.com/knqyf263/berkeleydb v0.0.0-20190501065933-fafe01fb9662/go.mod h1:bu1CcN4tUtoRcI/B/RFHhxMNKFHVq/c3SV+UTyduoXg=
+github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d h1:X4cedH4Kn3JPupAwwWuo4AzYp16P0OyLO9d7OnMZc/c=
+github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d/go.mod h1:o8sgWoz3JADecfc/cTYD92/Et1yMqMy0utV1z+VaZao=
 github.com/knqyf263/go-dep-parser v0.0.0-20190515172517-b8305876c9c2 h1:bQGj8WH6X4czC2FlkgUKKFq2xPnJovzf61T4Yl9sVZs=
 github.com/knqyf263/go-dep-parser v0.0.0-20190515172517-b8305876c9c2/go.mod h1:gSiqSkOFPstUZu/qZ4wnNJS69PtQQnPl397vxKHJ5mQ=
 github.com/knqyf263/go-rpmdb v0.0.0-20190501070121-10a1c42a10dc h1:pumO9pqmRAjvic6oove22RGh9wDZQnj96XQjJSbSEPs=