From c1445e9b0c99761580e52372a7ce29751adbdc7e Mon Sep 17 00:00:00 2001
From: Alex Goodman <alex.goodman@anchore.com>
Date: Tue, 28 Sep 2021 16:30:42 -0400
Subject: [PATCH] pull in grype-db default language namespace namer + fix
 imbalanced version v prefixes

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
---
 go.mod                                 |  2 +-
 go.sum                                 |  4 ++--
 grype/version/fuzzy_constraint.go      |  6 ++++++
 grype/version/fuzzy_constraint_test.go | 24 ++++++++++++++++++++++++
 grype/version/version_test.go          |  7 -------
 5 files changed, 33 insertions(+), 10 deletions(-)
 delete mode 100644 grype/version/version_test.go

diff --git a/go.mod b/go.mod
index 6168a026a5c..1a8ade3ed38 100644
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/adrg/xdg v0.2.1
 	github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04
 	github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4
-	github.com/anchore/grype-db v0.0.0-20210913215030-fe28197b36f1
+	github.com/anchore/grype-db v0.0.0-20210928194208-f146397d6cd0
 	github.com/anchore/stereoscope v0.0.0-20210817160504-0f4abc2a5a5a
 	github.com/anchore/syft v0.24.0
 	github.com/docker/docker v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
diff --git a/go.sum b/go.sum
index 338f63b3820..b2e024e6350 100644
--- a/go.sum
+++ b/go.sum
@@ -126,8 +126,8 @@ github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4 h1:rmZG77uXgE
 github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E=
 github.com/anchore/grype v0.14.1-0.20210702143224-05ade7bbbf70/go.mod h1:yPh9WHflzInB/INwPrDs2wLKmRsa8owAuojmv4K8H6I=
 github.com/anchore/grype-db v0.0.0-20210527140125-6f881b00e927/go.mod h1:XSlPf1awNrMpah+rHbWrzgUvnmWLgn/KkdicxERVClg=
-github.com/anchore/grype-db v0.0.0-20210913215030-fe28197b36f1 h1:Jr7IuHtpd2mIktOzhcr014boySty6AzVwp+pJF6Iet0=
-github.com/anchore/grype-db v0.0.0-20210913215030-fe28197b36f1/go.mod h1:GniMuMokZ2iAX67Qrd5fJW7BstX8a+4U48LyypGC2g0=
+github.com/anchore/grype-db v0.0.0-20210928194208-f146397d6cd0 h1:Ci/9i16zOJF+vpuOuOJB/B/A1lY/2IlN+H/e7Ha7UFQ=
+github.com/anchore/grype-db v0.0.0-20210928194208-f146397d6cd0/go.mod h1:GniMuMokZ2iAX67Qrd5fJW7BstX8a+4U48LyypGC2g0=
 github.com/anchore/packageurl-go v0.0.0-20210922164639-b3fa992ebd29 h1:K9LfnxwhqvihqU0+MF325FNy7fsKV9EGaUxdfR4gnWk=
 github.com/anchore/packageurl-go v0.0.0-20210922164639-b3fa992ebd29/go.mod h1:Oc1UkGaJwY6ND6vtAqPSlYrptKRJngHwkwB6W7l1uP0=
 github.com/anchore/stereoscope v0.0.0-20210524175238-3b7662f3a66f/go.mod h1:vhh1M99rfWx5ejMvz1lkQiFZUrC5wu32V12R4JXH+ZI=
diff --git a/grype/version/fuzzy_constraint.go b/grype/version/fuzzy_constraint.go
index 01f1e889b23..abda758d501 100644
--- a/grype/version/fuzzy_constraint.go
+++ b/grype/version/fuzzy_constraint.go
@@ -111,6 +111,8 @@ func (f *fuzzyConstraint) String() string {
 // but not for "2000" vs "11.7".
 // Returns -1 if v1 < v2, 1 if v1 > v2 and 0 if v1 == v2.
 func fuzzyVersionComparison(v1, v2 string) int {
+	v1 = stripLeadingV(v1)
+	v2 = stripLeadingV(v2)
 	for s1, s2 := v1, v2; len(s1) > 0 && len(s2) > 0; {
 		num1, cmpTo1, skip1 := parseVersionParts(s1)
 		num2, cmpTo2, skip2 := parseVersionParts(s2)
@@ -181,3 +183,7 @@ func leftPad(s string, n int) string {
 	sb.WriteString(s)
 	return sb.String()
 }
+
+func stripLeadingV(ver string) string {
+	return strings.TrimPrefix(ver, "v")
+}
diff --git a/grype/version/fuzzy_constraint_test.go b/grype/version/fuzzy_constraint_test.go
index e7b1e498e24..249b6efdc0e 100644
--- a/grype/version/fuzzy_constraint_test.go
+++ b/grype/version/fuzzy_constraint_test.go
@@ -237,6 +237,30 @@ func TestFuzzyConstraintSatisfaction(t *testing.T) {
 			constraint: "\"4.5.1\" || \"4.5.2\"",
 			expected:   true,
 		},
+		{
+			name:       "strip unbalanced v from left side <",
+			version:    "v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible",
+			constraint: "< 1.5",
+			expected:   false,
+		},
+		{
+			name:       "strip unbalanced v from left side >",
+			version:    "v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible",
+			constraint: "> 1.5",
+			expected:   true,
+		},
+		{
+			name:       "strip unbalanced v from right side <",
+			version:    "17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible",
+			constraint: "< v1.5",
+			expected:   false,
+		},
+		{
+			name:       "strip unbalanced v from right side >",
+			version:    "17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible",
+			constraint: "> v1.5",
+			expected:   true,
+		},
 	}
 
 	for _, test := range tests {
diff --git a/grype/version/version_test.go b/grype/version/version_test.go
deleted file mode 100644
index 08777d5bfe8..00000000000
--- a/grype/version/version_test.go
+++ /dev/null
@@ -1,7 +0,0 @@
-package version
-
-// func TestNewVersionFromPkg(t *testing.T) {
-// 	tests := []struct{
-
-// 	}
-// }