chore: tidy

Author: snyk-will

lib/snyk/enrich_cyclonedx.go

@@ -91,7 +91,7 @@ func enrichCycloneDX(cfg *Config, bom *cdx.BOM, logger *zerolog.Logger) *cdx.BOM
 	logger.Debug().Str("org_id", orgID.String()).Msg("Inferred Snyk organization ID")
 
 	var mutex = &sync.Mutex{}
-	vulnerabilities := make(map[cdx.Component][]issues.CommonIssueModelVThree)
+	vulnerabilities := make(map[*cdx.Component][]issues.CommonIssueModelVThree)
 	wg := sizedwaitgroup.New(20)
 
 	comps := utils.DiscoverCDXComponents(bom)
@@ -125,7 +125,6 @@ func enrichCycloneDX(cfg *Config, bom *cdx.BOM, logger *zerolog.Logger) *cdx.BOM
 
 	// Fetch vulnerabilities for each unique PURL
 	for _, group := range purlGroups {
-		group := group
 		wg.Add()
 		go func() {
 			defer wg.Done()
@@ -153,7 +152,7 @@ func enrichCycloneDX(cfg *Config, bom *cdx.BOM, logger *zerolog.Logger) *cdx.BOM
 			if packageDoc.Data != nil {
 				mutex.Lock()
 				for _, component := range group.components {
-					vulnerabilities[*component] = *packageDoc.Data
+					vulnerabilities[component] = *packageDoc.Data
 				}
 				mutex.Unlock()
 			}
@@ -162,10 +161,10 @@ func enrichCycloneDX(cfg *Config, bom *cdx.BOM, logger *zerolog.Logger) *cdx.BOM
 	wg.Wait()
 
 	var vulns []cdx.Vulnerability
-	for k, v := range vulnerabilities {
+	for comp, v := range vulnerabilities {
 		for _, issue := range v {
 			vuln := cdx.Vulnerability{
-				BOMRef: k.BOMRef,
+				BOMRef: comp.BOMRef,
 			}
 			if issue.Id != nil {
 				vuln.ID = *issue.Id

lib/snyk/enrich_spdx.go

@@ -128,7 +128,6 @@ func enrichSPDX(cfg *Config, bom *spdx.Document, logger *zerolog.Logger) *spdx.D
 
 	// Fetch vulnerabilities for each unique PURL
 	for _, group := range purlGroups {
-		group := group
 		wg.Add()
 		go func() {
 			defer wg.Done()