Changed all the sql querys containing scanner ID to use LIKE instead of =

patrick.rissmann@l3montree.com · patrick.rissmann@l3montree.com · commit ff11d8318a76 · 2025-04-08T11:10:11.000+02:00
diff --git a/internal/database/repositories/component_repository.go b/internal/database/repositories/component_repository.go
@@ -63,7 +63,7 @@ func (c *componentRepository) LoadComponents(tx core.DB, assetVersionName string
 	query := c.GetDB(tx).Preload("Component").Preload("Dependency").Where("asset_version_name = ? AND asset_id = ?", assetVersionName, assetID)
 
 	if scannerID != "" {
-		query = query.Where("scanner_id = ?", scannerID)
+		query = query.Where("scanner_id LIKE %?%", scannerID)
 	}
 
 	err = query.Find(&components).Error
@@ -85,12 +85,12 @@ func (c *componentRepository) LoadPathToComponent(tx core.DB, assetVersionName s
 	query := c.GetDB(tx).Raw(`WITH RECURSIVE components_cte AS (
 			SELECT component_purl,dependency_purl,asset_id,scanner_id,depth,semver_start,semver_end
 			FROM component_dependencies
-			WHERE dependency_purl like ? AND asset_id = ? AND asset_version_name = ? AND scanner_id = ?
+			WHERE dependency_purl like ? AND asset_id = ? AND asset_version_name = ? AND scanner_id LIKE %?%
 			UNION ALL
 			SELECT co.component_purl,co.dependency_purl,co.asset_id,co.scanner_id,co.depth,co.semver_start,co.semver_end
 			FROM component_dependencies AS co
 			INNER JOIN components_cte AS cte ON co.dependency_purl = cte.component_purl 
- 			WHERE co.asset_id = ? AND co.asset_version_name = ? AND co.scanner_id = ?
+ 			WHERE co.asset_id = ? AND co.asset_version_name = ? AND co.scanner_id LIKE %?%
 		)
 		SELECT DISTINCT * FROM components_cte`, pURL, assetID, assetVersionName, scannerID, assetID, assetVersionName, scannerID)
 
@@ -114,7 +114,7 @@ func (c *componentRepository) GetLicenseDistribution(tx core.DB, assetVersionNam
 	query := c.GetDB(tx).Table("components").Select("components.license as license, COUNT(components.license) as count").Joins("RIGHT JOIN component_dependencies ON components.purl = component_dependencies.dependency_purl").Where("asset_version_name = ? AND asset_id = ?", assetVersionName, assetID).Group("components.license")
 
 	if scanner != "" {
-		query = query.Where("scanner_id = ?", scanner)
+		query = query.Where("scanner_id LIKE %?%", scanner)
 	}
 
 	err = query.Scan(&licenses).Error
@@ -146,7 +146,7 @@ func (c *componentRepository) LoadComponentsWithProject(tx core.DB, assetVersion
 	query := c.GetDB(tx).Model(&models.ComponentDependency{}).Joins("Dependency").Joins("Dependency.ComponentProject").Where("asset_version_name = ? AND asset_id = ?", assetVersionName, assetID)
 
 	if scanner != "" {
-		query = query.Where("scanner_id = ?", scanner)
+		query = query.Where("scanner_id LIKE %?%", scanner)
 	}
 
 	for _, f := range filter {
@@ -182,7 +182,7 @@ func (c *componentRepository) LoadComponentsWithProject(tx core.DB, assetVersion
 
 func (c *componentRepository) LoadAllLatestComponentFromAssetVersion(tx core.DB, assetVersion models.AssetVersion, scannerID string) ([]models.ComponentDependency, error) {
 	var component []models.ComponentDependency
-	err := c.GetDB(tx).Preload("Component").Preload("Dependency").Where("asset_version_name = ? AND asset_id AND scanner_id = ?", assetVersion.Name, assetVersion.AssetID).Find(&component).Error
+	err := c.GetDB(tx).Preload("Component").Preload("Dependency").Where("asset_version_name = ? AND asset_id AND scanner_id LIKE %?%", assetVersion.Name, assetVersion.AssetID).Find(&component).Error
 	return component, err
 }
 
diff --git a/internal/database/repositories/dependency_vuln_repository.go b/internal/database/repositories/dependency_vuln_repository.go
@@ -67,7 +67,7 @@ func (r *dependencyVulnRepository) GetDependencyVulnsByAssetVersion(tx *gorm.DB,
 
 func (r *dependencyVulnRepository) ListByScanner(assetVersionName string, assetID uuid.UUID, scannerID string) ([]models.DependencyVuln, error) {
 	var dependencyVulns []models.DependencyVuln = []models.DependencyVuln{}
-	if err := r.Repository.GetDB(r.db).Preload("CVE").Where("asset_version_name = ? AND asset_id = ? AND scanner_id = ?", assetVersionName, assetID, scannerID).Find(&dependencyVulns).Error; err != nil {
+	if err := r.Repository.GetDB(r.db).Preload("CVE").Where("asset_version_name = ? AND asset_id = ? AND LIKE %?%", assetVersionName, assetID, scannerID).Find(&dependencyVulns).Error; err != nil {
 		return nil, err
 	}
 	return dependencyVulns, nil
diff --git a/internal/database/repositories/first_party_vuln_repository.go b/internal/database/repositories/first_party_vuln_repository.go
@@ -23,7 +23,7 @@ func NewFirstPartyVulnerabilityRepository(db core.DB) *firstPartyVulnerabilityRe
 
 func (r *firstPartyVulnerabilityRepository) ListByScanner(assetVersionName string, assetID uuid.UUID, scannerID string) ([]models.FirstPartyVulnerability, error) {
 	var vulns []models.FirstPartyVulnerability = []models.FirstPartyVulnerability{}
-	if err := r.Repository.GetDB(r.db).Where("asset_version_name = ? AND asset_id = ? AND scanner_id = ?", assetVersionName, assetID, scannerID).Find(&vulns).Error; err != nil {
+	if err := r.Repository.GetDB(r.db).Where("asset_version_name = ? AND asset_id = ? AND scanner_id LIKE %?%", assetVersionName, assetID, scannerID).Find(&vulns).Error; err != nil {
 		return nil, err
 	}
 	return vulns, nil

Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,7 @@ func (r dependencyVulnRepository) GetDependencyVulnsByAssetVersion(tx gorm.DB,`
`67`	`67`
`68`	`68`	`func (r *dependencyVulnRepository) ListByScanner(assetVersionName string, assetID uuid.UUID, scannerID string) ([]models.DependencyVuln, error) {`
`69`	`69`	`var dependencyVulns []models.DependencyVuln = []models.DependencyVuln{}`
`70`		`- if err := r.Repository.GetDB(r.db).Preload("CVE").Where("asset_version_name = ? AND asset_id = ? AND scanner_id = ?", assetVersionName, assetID, scannerID).Find(&dependencyVulns).Error; err != nil {`
	`70`	`+ if err := r.Repository.GetDB(r.db).Preload("CVE").Where("asset_version_name = ? AND asset_id = ? AND LIKE %?%", assetVersionName, assetID, scannerID).Find(&dependencyVulns).Error; err != nil {`
`71`	`71`	`return nil, err`
`72`	`72`	`}`
`73`	`73`	`return dependencyVulns, nil`
Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,7 @@ func NewFirstPartyVulnerabilityRepository(db core.DB) *firstPartyVulnerabilityRe`
`23`	`23`
`24`	`24`	`func (r *firstPartyVulnerabilityRepository) ListByScanner(assetVersionName string, assetID uuid.UUID, scannerID string) ([]models.FirstPartyVulnerability, error) {`
`25`	`25`	`var vulns []models.FirstPartyVulnerability = []models.FirstPartyVulnerability{}`
`26`		`- if err := r.Repository.GetDB(r.db).Where("asset_version_name = ? AND asset_id = ? AND scanner_id = ?", assetVersionName, assetID, scannerID).Find(&vulns).Error; err != nil {`
	`26`	`+ if err := r.Repository.GetDB(r.db).Where("asset_version_name = ? AND asset_id = ? AND scanner_id LIKE %?%", assetVersionName, assetID, scannerID).Find(&vulns).Error; err != nil {`
`27`	`27`	`return nil, err`
`28`	`28`	`}`
`29`	`29`	`return vulns, nil`