oholiab/manifest_parser.patch

## manifest_parser.patch
diff --git a/cvescan/constants.py b/cvescan/constants.py
index 0be4fcf..15b5fff 100644
--- a/cvescan/constants.py
+++ b/cvescan/constants.py
@@ -107,3 +107,12 @@ UCT_URL = "https://people.canonical.com/~ubuntu-security/cve/%s"
 UCT_DATA_URL = (
     "https://people.canonical.com/~ubuntu-security/cvescan/ubuntu-vuln-db-%s.json.bz2"
 )
+
+SUPPORTED_RELEASES = [
+    "trusty",
+    "xenial",
+    "bionic",
+    "eoan",
+    "focal",
+    "groovy",
+]
diff --git a/cvescan/manifest_parser.py b/cvescan/manifest_parser.py
index 9ebf147..9312f9f 100644
--- a/cvescan/manifest_parser.py
+++ b/cvescan/manifest_parser.py
@@ -1,12 +1,18 @@
 import re

 import cvescan.dpkg_parser as dpkg_parser
-
+from cvescan.constants import SUPPORTED_RELEASES

 def parse_manifest_file(manifest_file_path):
+    codename = None
     try:
         with open(manifest_file_path) as mfp:
+            first_line = mfp.readline().strip()
             manifest = mfp.read()
+            if first_line in SUPPORTED_RELEASES:
+                codename = first_line
+            else:
+                manifest = "\n".join(first_line, manifest)

         installed_pkgs = dpkg_parser.get_installed_pkgs_from_manifest(manifest)
     except Exception as e:
@@ -14,14 +20,17 @@ def parse_manifest_file(manifest_file_path):
             "Failed to parse installed files from manifest the provided file: %s" % e
         )

-    return (installed_pkgs, _get_codename(installed_pkgs))
+    if not codename:
+        codename = _get_codename_from_package_versions(installed_pkgs)
+
+    return (installed_pkgs, codename)


 # This function uses a hack to guess the ubuntu release codename based on the
 # versions of certain packages. A better solution would be to include the
 # codename in the manifest file and fall back on this version checking approach
 # if the codename is missing.
-def _get_codename(installed_pkgs):
+def _get_codename_from_package_versions(installed_pkgs):
     try:
         trusty_regex = re.compile(r"1:0.196(.\d+)+")
         xenial_regex = re.compile(r"1:16.04(.\d+)+")
	diff --git a/cvescan/constants.py b/cvescan/constants.py
	index 0be4fcf..15b5fff 100644
	--- a/cvescan/constants.py
	+++ b/cvescan/constants.py
	@@ -107,3 +107,12 @@ UCT_URL = "https://people.canonical.com/~ubuntu-security/cve/%s"
	UCT_DATA_URL = (
	"https://people.canonical.com/~ubuntu-security/cvescan/ubuntu-vuln-db-%s.json.bz2"
	)
	+
	+SUPPORTED_RELEASES = [
	+ "trusty",
	+ "xenial",
	+ "bionic",
	+ "eoan",
	+ "focal",
	+ "groovy",
	+]
	diff --git a/cvescan/manifest_parser.py b/cvescan/manifest_parser.py
	index 9ebf147..9312f9f 100644
	--- a/cvescan/manifest_parser.py
	+++ b/cvescan/manifest_parser.py
	@@ -1,12 +1,18 @@
	import re

	import cvescan.dpkg_parser as dpkg_parser
	-
	+from cvescan.constants import SUPPORTED_RELEASES

	def parse_manifest_file(manifest_file_path):
	+ codename = None
	try:
	with open(manifest_file_path) as mfp:
	+ first_line = mfp.readline().strip()
	manifest = mfp.read()
	+ if first_line in SUPPORTED_RELEASES:
	+ codename = first_line
	+ else:
	+ manifest = "\n".join(first_line, manifest)

	installed_pkgs = dpkg_parser.get_installed_pkgs_from_manifest(manifest)
	except Exception as e:
	@@ -14,14 +20,17 @@ def parse_manifest_file(manifest_file_path):
	"Failed to parse installed files from manifest the provided file: %s" % e
	)

	- return (installed_pkgs, _get_codename(installed_pkgs))
	+ if not codename:
	+ codename = _get_codename_from_package_versions(installed_pkgs)
	+
	+ return (installed_pkgs, codename)


	# This function uses a hack to guess the ubuntu release codename based on the
	# versions of certain packages. A better solution would be to include the
	# codename in the manifest file and fall back on this version checking approach
	# if the codename is missing.
	-def _get_codename(installed_pkgs):
	+def _get_codename_from_package_versions(installed_pkgs):
	try:
	trusty_regex = re.compile(r"1:0.196(.\d+)+")
	xenial_regex = re.compile(r"1:16.04(.\d+)+")