From 0fb8762f416d1fc184999ed257cc9a430feaaf2e Mon Sep 17 00:00:00 2001 From: witchcraze <67056980+witchcraze@users.noreply.github.com> Date: Tue, 26 May 2026 00:58:10 +0900 Subject: [PATCH] fix: improve deno classifier (#4939) Signed-off-by: witchcraze --- .../binary/classifier_cataloger_test.go | 44 +++++++++++++++++++ syft/pkg/cataloger/binary/classifiers.go | 24 ++++++++-- .../snippets/deno/1.10.3/linux-amd64/deno | 9 ++++ .../snippets/deno/1.16.4/linux-amd64/deno | 9 ++++ .../snippets/deno/1.28.3/linux-amd64/deno | 9 ++++ .../snippets/deno/1.29.4/linux-amd64/deno | 9 ++++ .../pkg/cataloger/binary/testdata/config.yaml | 32 ++++++++++++++ 7 files changed, 132 insertions(+), 4 deletions(-) create mode 100644 syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.10.3/linux-amd64/deno create mode 100644 syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.16.4/linux-amd64/deno create mode 100644 syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.28.3/linux-amd64/deno create mode 100644 syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.29.4/linux-amd64/deno diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go index 28b48cac1..a622d8172 100644 --- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go +++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go @@ -1408,6 +1408,50 @@ func Test_Cataloger_PositiveCases(t *testing.T) { Metadata: metadata("dart-binary"), }, }, + { + logicalFixture: "deno/1.10.3/linux-amd64", + expected: pkg.Package{ + Name: "deno", + Version: "1.10.3", + Type: "binary", + PURL: "pkg:generic/deno@1.10.3", + Locations: locations("deno"), + Metadata: metadata("deno-binary"), + }, + }, + { + logicalFixture: "deno/1.16.4/linux-amd64", + expected: pkg.Package{ + Name: "deno", + Version: "1.16.4", + Type: "binary", + PURL: "pkg:generic/deno@1.16.4", + Locations: locations("deno"), + Metadata: metadata("deno-binary"), + }, + }, + { + logicalFixture: "deno/1.28.3/linux-amd64", + expected: pkg.Package{ + Name: "deno", + Version: "1.28.3", + Type: "binary", + PURL: "pkg:generic/deno@1.28.3", + Locations: locations("deno"), + Metadata: metadata("deno-binary"), + }, + }, + { + logicalFixture: "deno/1.29.4/linux-amd64", + expected: pkg.Package{ + Name: "deno", + Version: "1.29.4", + Type: "binary", + PURL: "pkg:generic/deno@1.29.4", + Locations: locations("deno"), + Metadata: metadata("deno-binary"), + }, + }, { logicalFixture: "deno/1.41.0/linux-amd64", expected: pkg.Package{ diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go index c14f5e8f2..aa9b00d2a 100644 --- a/syft/pkg/cataloger/binary/classifiers.go +++ b/syft/pkg/cataloger/binary/classifiers.go @@ -523,10 +523,26 @@ func DefaultClassifiers() []binutils.Classifier { { Class: "deno-binary", FileGlob: "**/deno", - EvidenceMatcher: m.FileContentsVersionMatcher( - // Deno/2.6.3 - // Deno/1.41.0 - `Deno/(?P[0-9]+\.[0-9]+\.[0-9]+)`), + EvidenceMatcher: binutils.MatchAny( + m.FileContentsVersionMatcher( + // Deno/2.6.3 + // Deno/1.41.0 + `Deno/(?P[0-9]+\.[0-9]+\.[0-9]+)`, + ), + m.FileContentsVersionMatcher( + // deno::tools::standalonedeno-65db94feba9d4d51a09b74629f566dbc90484fbarelease/v1.29.4windows + // cli/tools/standalone.rsdeno-74064c9d8c222b33b2a552ea0af1054f57002a96release/v1.28.3windows + `deno-[0-9a-z]{40}release/v(?P[0-9]+\.[0-9]+\.[0-9]+)`, + ), + m.FileContentsVersionMatcher( + // cli/tools/standalone.rsdeno-ab286750a8c87215a9651efb11fcc620f29140051.16.4release/vdlwindows + `deno-[0-9a-z]{40}(?P[0-9]+\.[0-9]+\.[0-9]+)`, + ), + m.FileContentsVersionMatcher( + // 1.10.31567c1013cc8ff12cf039137792da66a1d0015b5DENO_UNSTABLE_COVERAGE_DIRNo current directorycli/main + `(?P[0-9]+\.[0-9]+\.[0-9]+)[0-9a-z]{40}DENO`, + ), + ), Package: "deno", PURL: mustPURL("pkg:generic/deno@version"), CPEs: singleCPE("cpe:2.3:a:deno:deno:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource), diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.10.3/linux-amd64/deno b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.10.3/linux-amd64/deno new file mode 100644 index 000000000..ad9924c23 --- /dev/null +++ b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.10.3/linux-amd64/deno @@ -0,0 +1,9 @@ +name: deno +offset: 31454975 +length: 120 +snippetSha256: 30ab01cb89ba17c770cca7d60e12f2c2119fd8db2b389636053bad1146ac83df +fileSha256: 68ec2c702e9c21e47d5557c603080932ffa24627b463b4a5a4e2ed4ff00f7d5d + +### byte snippet to follow ### +s already installed +1.10.31567c1013cc8ff12cf039137792da66a1d0015b5DENO_UNSTABLE_COVERAGE_DIRNo current directorycli/main \ No newline at end of file diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.16.4/linux-amd64/deno b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.16.4/linux-amd64/deno new file mode 100644 index 000000000..cca846a4e --- /dev/null +++ b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.16.4/linux-amd64/deno @@ -0,0 +1,9 @@ +name: deno +offset: 4219127 +length: 120 +snippetSha256: 97e369d4eed74c5b1ff7d578c9de100c71136dfcc54f19455b2938671d1a9640 +fileSha256: f3af5cf3838c0cd01de1acaaa716de804ad08c716927af1848aa9664b96a737c + +### byte snippet to follow ### +g ctrl+d or close() +Error: cli/tools/standalone.rsdeno-ab286750a8c87215a9651efb11fcc620f29140051.16.4release/vdlwindowsh \ No newline at end of file diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.28.3/linux-amd64/deno b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.28.3/linux-amd64/deno new file mode 100644 index 000000000..3a546e340 --- /dev/null +++ b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.28.3/linux-amd64/deno @@ -0,0 +1,9 @@ +name: deno +offset: 5079501 +length: 110 +snippetSha256: aa6181b1204d821493756007090ad81677a26f20de0efe9c53bdf401b54849fd +fileSha256: 3373cbed016860095b01f693a58181c4cf1ac9d6ab7bd5dbca5f684788402919 + +### byte snippet to follow ### +n to exit +cli/tools/standalone.rsdeno-74064c9d8c222b33b2a552ea0af1054f57002a96release/v1.28.3windowshttps://dl \ No newline at end of file diff --git a/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.29.4/linux-amd64/deno b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.29.4/linux-amd64/deno new file mode 100644 index 000000000..65ccf9408 --- /dev/null +++ b/syft/pkg/cataloger/binary/testdata/classifiers/snippets/deno/1.29.4/linux-amd64/deno @@ -0,0 +1,9 @@ +name: deno +offset: 5116362 +length: 220 +snippetSha256: 786a6c5d8be76e3c6e628cd2400c6ed5a7a7cfc75b135e8e7f1375f55dc28787 +fileSha256: d9c8a385c3704e220b1722c642f22e32f8f267013742f9b44d68c67bb5f9232d + +### byte snippet to follow ### +ument. For example: + deno run --allow-read=. main.js./$deno$eval.console.log(cli/tools/standalone.rsCompiledeno::tools::standalonedeno-65db94feba9d4d51a09b74629f566dbc90484fbarelease/v1.29.4windowshttps://dl.deno.land \ No newline at end of file diff --git a/syft/pkg/cataloger/binary/testdata/config.yaml b/syft/pkg/cataloger/binary/testdata/config.yaml index 5ad0c69eb..43ddfec02 100644 --- a/syft/pkg/cataloger/binary/testdata/config.yaml +++ b/syft/pkg/cataloger/binary/testdata/config.yaml @@ -123,6 +123,38 @@ from-images: paths: - /usr/lib/dart/bin/dart + - name: deno + version: 1.10.3 + images: + - ref: denoland/deno:1.10.3@sha256:9687db39d68333fce31f371734a1b982092507606508289a5c7a24cfc5fe6ee2 + platform: linux/amd64 + paths: + - /usr/bin/deno + + - name: deno + version: 1.16.4 + images: + - ref: denoland/deno:1.16.4@sha256:027868eb6f079ef290957bcda05280a6b08ff86baf549bc6eff5c17467a44d41 + platform: linux/amd64 + paths: + - /usr/bin/deno + + - name: deno + version: 1.28.3 + images: + - ref: denoland/deno:1.28.3@sha256:8636e6ac55fbd4687c111eb4b798b1772d43874c53647ca4a2bad6d1962643f0 + platform: linux/amd64 + paths: + - /usr/bin/deno + + - name: deno + version: 1.29.4 + images: + - ref: denoland/deno:1.29.4@sha256:f5b5a4678b18884724b277a4eb5490a978eab2da5a47461766df9fb59ebb08b6 + platform: linux/amd64 + paths: + - /usr/bin/deno + - name: deno version: 1.41.0 images: