jq: error : Cannot iterate over null (null)
jq: error : Cannot iterate over null (null)
在下面的 Json 文件中,我试图提取 "Name":"abcd"、"Version":“1.0.2”和 "Severity": "Medium"。
"status": "scanned",
"data": {
"Layer": {
"IndexedByVersion": 3,
"NamespaceName": "debian:9",
"ParentName": "e762",
"Name": ".4530bfac-5e99-4138-b071-4286c06669a3",
"Features": [
{
"Name": "openssl1.0",
"VersionFormat": "dpkg",
"NamespaceName": "debian:9",
"AddedBy": "85aa73fb8281cc252ed7e151f10386f36588ec6c967d45136103a4e1e705a81c.01bc7eff-9a5d-43f5-ab14-2e3e470cba77",
"Version": "1.0.2q-1~deb9u1",
"Vulnerabilities": [
{
"Severity": "Medium",
"NamespaceName": "debian:9",
"Link": "xxxx",
"FixedBy": "1.0.2r-1~deb9u1",
"Description": " n must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).",
"Name": "CVE-2019-1559",
"Metadata": {
"NVD": {
"CVSSv2": {
"Score": 4.3,
"Vectors": "AV:N/AC:M/Au:N/C:P/I:N"
}
}
}
}
]
},
{
"VersionFormat": "dpkg",
"NamespaceName": "debian:9",
"Version": "0.16-1+deb9u1",
"Name": "libidn2-0",
"AddedBy": "85aa73fb8281cc252ed7e151f10386f36588ec6c967d45136103a4e1e705a81c.01bc7eff-9a5d-43f5-ab14-2e3e470cba77"
},
{
"VersionFormat": "dpkg",
"NamespaceName": "debian:9",
"Version": "0.29-4",
"Name": "pkg-config",
"AddedBy": "4d2169f1dc7652ffd2a4f32d2c0ae2
},
{
"Name": "nettle",
"VersionFormat": "dpkg",
"NamespaceName": "debian:9",
"AddedBy": "7494d6c991278b43e8388f7cec2f138075
"Version": "3.3-1",
"Vulnerabilities": [
{
"Severity": "Low",
"NamespaceName": "debian:9",
"Link": "xxxx",
"Description": "er.",
"Name": "CVE-2018-16869",
"Metadata": {
"NVD": {
"CVSSv2": {
"Score": 3.3,
"Vectors": ":P"
}
到目前为止,我可以使用下面的 jq 命令提取名称和版本的值。
jq -r '.data.Layer| .Features[] | "\(.Name) \(.Version)"' status.json
但是当我尝试使用以下命令提取 "Severity" 字段的值时
`jq -r '.data.Layer| .Features[] | "\(.Name) \(.Version)"| .Vulnerabilities[].Severity' status.json`
我收到标题中的错误信息。
Required output: abcd 12.0 medium
非常感谢任何帮助。
稍微更改输出格式:
jq -r '.data.Layer| .Features[] | .Name ,.Version, .Vulnerabilities[].Severity' input
但这也有效:
jq -r '.data.Layer| .Features[] | "\(.Name) \(.Version) \(.Vulnerabilities[].Severity)"' input
如果可以接受替代解决方案,让我为您提供一个基于 walk-path unix 工具的解决方案 JSON:jtc(适应你对威廉的评论):
这样,您将收集 Name、Version 和 Severity 只有谓词 Severity 记录出现在 Vulnerabilities 中(而且,显然,如果 Vulnerabilities 记录存在):
bash $ <status.json jtc -x'<Features>l[:][Vulnerabilities]<Severity>l[^4]' -y'[Name]' -y'[Version]' -y'<Severity>l'
"openssl1.0"
"1.0.2q-1~deb9u1"
"Medium"
"nettle"
"3.3-1"
"Low"
bash $
而且,如果您想在每一行上对它们进行分组,请将其通过管道传输到 xargs,或 paste:
bash $ <status.json jtc -x'<Features>l[:][Vulnerabilities]<Severity>l[^4]' -y'[Name]' -y'[Version]' -y'<Severity>l' | xargs -L3
openssl1.0 1.0.2q-1~deb9u1 Medium
nettle 3.3-1 Low
bash $
披露:我是 jtc 工具的创造者
在下面的 Json 文件中,我试图提取 "Name":"abcd"、"Version":“1.0.2”和 "Severity": "Medium"。
"status": "scanned",
"data": {
"Layer": {
"IndexedByVersion": 3,
"NamespaceName": "debian:9",
"ParentName": "e762",
"Name": ".4530bfac-5e99-4138-b071-4286c06669a3",
"Features": [
{
"Name": "openssl1.0",
"VersionFormat": "dpkg",
"NamespaceName": "debian:9",
"AddedBy": "85aa73fb8281cc252ed7e151f10386f36588ec6c967d45136103a4e1e705a81c.01bc7eff-9a5d-43f5-ab14-2e3e470cba77",
"Version": "1.0.2q-1~deb9u1",
"Vulnerabilities": [
{
"Severity": "Medium",
"NamespaceName": "debian:9",
"Link": "xxxx",
"FixedBy": "1.0.2r-1~deb9u1",
"Description": " n must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).",
"Name": "CVE-2019-1559",
"Metadata": {
"NVD": {
"CVSSv2": {
"Score": 4.3,
"Vectors": "AV:N/AC:M/Au:N/C:P/I:N"
}
}
}
}
]
},
{
"VersionFormat": "dpkg",
"NamespaceName": "debian:9",
"Version": "0.16-1+deb9u1",
"Name": "libidn2-0",
"AddedBy": "85aa73fb8281cc252ed7e151f10386f36588ec6c967d45136103a4e1e705a81c.01bc7eff-9a5d-43f5-ab14-2e3e470cba77"
},
{
"VersionFormat": "dpkg",
"NamespaceName": "debian:9",
"Version": "0.29-4",
"Name": "pkg-config",
"AddedBy": "4d2169f1dc7652ffd2a4f32d2c0ae2
},
{
"Name": "nettle",
"VersionFormat": "dpkg",
"NamespaceName": "debian:9",
"AddedBy": "7494d6c991278b43e8388f7cec2f138075
"Version": "3.3-1",
"Vulnerabilities": [
{
"Severity": "Low",
"NamespaceName": "debian:9",
"Link": "xxxx",
"Description": "er.",
"Name": "CVE-2018-16869",
"Metadata": {
"NVD": {
"CVSSv2": {
"Score": 3.3,
"Vectors": ":P"
}
到目前为止,我可以使用下面的 jq 命令提取名称和版本的值。
jq -r '.data.Layer| .Features[] | "\(.Name) \(.Version)"' status.json
但是当我尝试使用以下命令提取 "Severity" 字段的值时
`jq -r '.data.Layer| .Features[] | "\(.Name) \(.Version)"| .Vulnerabilities[].Severity' status.json`
我收到标题中的错误信息。
Required output: abcd 12.0 medium
非常感谢任何帮助。
稍微更改输出格式:
jq -r '.data.Layer| .Features[] | .Name ,.Version, .Vulnerabilities[].Severity' input
但这也有效:
jq -r '.data.Layer| .Features[] | "\(.Name) \(.Version) \(.Vulnerabilities[].Severity)"' input
如果可以接受替代解决方案,让我为您提供一个基于 walk-path unix 工具的解决方案 JSON:jtc(适应你对威廉的评论):
这样,您将收集 Name、Version 和 Severity 只有谓词 Severity 记录出现在 Vulnerabilities 中(而且,显然,如果 Vulnerabilities 记录存在):
bash $ <status.json jtc -x'<Features>l[:][Vulnerabilities]<Severity>l[^4]' -y'[Name]' -y'[Version]' -y'<Severity>l'
"openssl1.0"
"1.0.2q-1~deb9u1"
"Medium"
"nettle"
"3.3-1"
"Low"
bash $
而且,如果您想在每一行上对它们进行分组,请将其通过管道传输到 xargs,或 paste:
bash $ <status.json jtc -x'<Features>l[:][Vulnerabilities]<Severity>l[^4]' -y'[Name]' -y'[Version]' -y'<Severity>l' | xargs -L3
openssl1.0 1.0.2q-1~deb9u1 Medium
nettle 3.3-1 Low
bash $
披露:我是 jtc 工具的创造者