From 153f2321ce6c076d4cfa843ac944402ee9169c38 Mon Sep 17 00:00:00 2001 From: Alex Goodman Date: Fri, 14 Nov 2025 15:41:23 -0500 Subject: [PATCH] Fix test-fixture publish (#4369) * pin python dependencies Signed-off-by: Alex Goodman * pin rust dependencies Signed-off-by: Alex Goodman * pin php deps Signed-off-by: Alex Goodman * update and pin http and curl fixtures Signed-off-by: Alex Goodman --------- Signed-off-by: Alex Goodman --- .../integration/package_deduplication_test.go | 14 +- .../image-vertical-package-dups/Dockerfile | 8 +- .../php/interpreter_cataloger_test.go | 192 +++++++++--------- .../test-fixtures/image-extensions/Dockerfile | 2 +- .../image-multi-site-package/Dockerfile | 4 +- .../rust/test-fixtures/image-audit/Dockerfile | 2 +- 6 files changed, 111 insertions(+), 111 deletions(-) diff --git a/cmd/syft/internal/test/integration/package_deduplication_test.go b/cmd/syft/internal/test/integration/package_deduplication_test.go index 86eb9fc91..f2586a911 100644 --- a/cmd/syft/internal/test/integration/package_deduplication_test.go +++ b/cmd/syft/internal/test/integration/package_deduplication_test.go @@ -30,10 +30,10 @@ func TestPackageDeduplication(t *testing.T) { locationCount: map[string]int{ "basesystem-11-13.el9": 5, // in all layers "curl-minimal-7.76.1-26.el9_3.2.0.1": 2, // base + wget layer - "curl-minimal-7.76.1-31.el9": 3, // curl upgrade layer + all above layers + "curl-minimal-7.76.1-31.el9_6.1": 3, // curl upgrade layer + all above layers "wget-1.21.1-8.el9_4": 4, // wget + all above layers "vsftpd-3.0.5-6.el9": 2, // vsftpd + all above layers - "httpd-2.4.62-4.el9": 1, // last layer + "httpd-2.4.62-4.el9_6.4": 1, // last layer }, }, { @@ -47,11 +47,11 @@ func TestPackageDeduplication(t *testing.T) { "httpd": 1, // rpm, binary is now excluded by overlap }, locationCount: map[string]int{ - "basesystem-11-13.el9": 1, - "curl-minimal-7.76.1-31.el9": 1, // upgrade - "wget-1.21.1-8.el9_4": 1, - "vsftpd-3.0.5-6.el9": 1, - "httpd-2.4.62-4.el9": 1, + "basesystem-11-13.el9": 1, + "curl-minimal-7.76.1-31.el9_6.1": 1, // upgrade + "wget-1.21.1-8.el9_4": 1, + "vsftpd-3.0.5-6.el9": 1, + "httpd-2.4.62-4.el9_6.4": 1, }, }, } diff --git a/cmd/syft/internal/test/integration/test-fixtures/image-vertical-package-dups/Dockerfile b/cmd/syft/internal/test/integration/test-fixtures/image-vertical-package-dups/Dockerfile index 28f95ba59..6fb68e98e 100644 --- a/cmd/syft/internal/test/integration/test-fixtures/image-vertical-package-dups/Dockerfile +++ b/cmd/syft/internal/test/integration/test-fixtures/image-vertical-package-dups/Dockerfile @@ -7,16 +7,16 @@ FROM --platform=linux/amd64 rockylinux:9.3.20231119@sha256:d644d203142cd5b54ad2a # copying the RPM DB from each stage to a final stage in separate layers. This will result in a much smaller image. FROM base AS stage1 -RUN dnf install -y wget +RUN dnf install -y wget-1.21.1-8.el9_4 FROM stage1 AS stage2 -RUN dnf update -y curl-minimal +RUN dnf update -y curl-minimal-7.76.1-31.el9_6.1 FROM stage2 AS stage3 -RUN dnf install -y vsftpd +RUN dnf install -y vsftpd-3.0.5-6.el9 FROM stage3 AS stage4 -RUN dnf install -y httpd +RUN dnf install -y httpd-2.4.62-4.el9_6.4 FROM scratch diff --git a/syft/pkg/cataloger/php/interpreter_cataloger_test.go b/syft/pkg/cataloger/php/interpreter_cataloger_test.go index 2a285f8e0..ffcfda508 100644 --- a/syft/pkg/cataloger/php/interpreter_cataloger_test.go +++ b/syft/pkg/cataloger/php/interpreter_cataloger_test.go @@ -18,54 +18,54 @@ func Test_InterpreterCataloger(t *testing.T) { fixture: "image-extensions", expectedPkgs: []string{ // interpreters - "php-cli @ 8.3.22 (/usr/local/bin/php)", - "php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", + "php-cli @ 8.3.27 (/usr/local/bin/php)", + "php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", // extensions - "bcmath @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/bcmath.so)", - "exif @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/exif.so)", - "ftp @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ftp.so)", - "gd @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gd.so)", - "gmp @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gmp.so)", - "intl @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/intl.so)", - "ldap @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ldap.so)", - "opcache @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/opcache.so)", - "pcntl @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pcntl.so)", - "pdo_mysql @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_mysql.so)", - "pdo_pgsql @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_pgsql.so)", - "sodium @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sodium.so)", - "sysvsem @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sysvsem.so)", + "bcmath @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/bcmath.so)", + "exif @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/exif.so)", + "ftp @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ftp.so)", + "gd @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gd.so)", + "gmp @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gmp.so)", + "intl @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/intl.so)", + "ldap @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ldap.so)", + "opcache @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/opcache.so)", + "pcntl @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pcntl.so)", + "pdo_mysql @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_mysql.so)", + "pdo_pgsql @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_pgsql.so)", + "sodium @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sodium.so)", + "sysvsem @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sysvsem.so)", "zip @ 1.22.3 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/zip.so)", }, expectedRels: []string{ - "bcmath @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/bcmath.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "bcmath @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/bcmath.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "exif @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/exif.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "exif @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/exif.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "ftp @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ftp.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "ftp @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ftp.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "gd @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gd.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "gd @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gd.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "gmp @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gmp.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "gmp @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gmp.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "intl @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/intl.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "intl @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/intl.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "ldap @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ldap.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "ldap @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ldap.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "opcache @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/opcache.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "opcache @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/opcache.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "pcntl @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pcntl.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "pcntl @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pcntl.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "pdo_mysql @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_mysql.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "pdo_mysql @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_mysql.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "pdo_pgsql @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_pgsql.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "pdo_pgsql @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_pgsql.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "sodium @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sodium.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "sodium @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sodium.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "sysvsem @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sysvsem.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "sysvsem @ 8.3.22 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sysvsem.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", - "zip @ 1.22.3 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/zip.so) [dependency-of] php-cli @ 8.3.22 (/usr/local/bin/php)", - "zip @ 1.22.3 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/zip.so) [dependency-of] php-fpm @ 8.3.22 (/usr/local/sbin/php-fpm)", + "bcmath @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/bcmath.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "bcmath @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/bcmath.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "exif @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/exif.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "exif @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/exif.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "ftp @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ftp.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "ftp @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ftp.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "gd @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gd.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "gd @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gd.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "gmp @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gmp.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "gmp @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/gmp.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "intl @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/intl.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "intl @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/intl.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "ldap @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ldap.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "ldap @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/ldap.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "opcache @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/opcache.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "opcache @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/opcache.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "pcntl @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pcntl.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "pcntl @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pcntl.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "pdo_mysql @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_mysql.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "pdo_mysql @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_mysql.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "pdo_pgsql @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_pgsql.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "pdo_pgsql @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/pdo_pgsql.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "sodium @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sodium.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "sodium @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sodium.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "sysvsem @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sysvsem.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "sysvsem @ 8.3.27 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/sysvsem.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", + "zip @ 1.22.3 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/zip.so) [dependency-of] php-cli @ 8.3.27 (/usr/local/bin/php)", + "zip @ 1.22.3 (/usr/local/lib/php/extensions/no-debug-non-zts-20230831/zip.so) [dependency-of] php-fpm @ 8.3.27 (/usr/local/sbin/php-fpm)", }, }, { @@ -73,63 +73,63 @@ func Test_InterpreterCataloger(t *testing.T) { fixture: "image-apache", expectedPkgs: []string{ // interpreters - "libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", + "libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", // extensions - "calendar @ 8.2.28 (/usr/lib/php/20220829/calendar.so)", - "ctype @ 8.2.28 (/usr/lib/php/20220829/ctype.so)", - "exif @ 8.2.28 (/usr/lib/php/20220829/exif.so)", - "ffi @ 8.2.28 (/usr/lib/php/20220829/ffi.so)", - "fileinfo @ 8.2.28 (/usr/lib/php/20220829/fileinfo.so)", - "ftp @ 8.2.28 (/usr/lib/php/20220829/ftp.so)", - "gettext @ 8.2.28 (/usr/lib/php/20220829/gettext.so)", - "iconv @ 8.2.28 (/usr/lib/php/20220829/iconv.so)", - "mysqli @ 8.2.28 (/usr/lib/php/20220829/mysqli.so)", - "opcache @ 8.2.28 (/usr/lib/php/20220829/opcache.so)", - "pdo @ 8.2.28 (/usr/lib/php/20220829/pdo.so)", - "pdo_mysql @ 8.2.28 (/usr/lib/php/20220829/pdo_mysql.so)", - "phar @ 8.2.28 (/usr/lib/php/20220829/phar.so)", - "posix @ 8.2.28 (/usr/lib/php/20220829/posix.so)", - "readline @ 8.2.28 (/usr/lib/php/20220829/readline.so)", - "shmop @ 8.2.28 (/usr/lib/php/20220829/shmop.so)", - "simplexml @ 8.2.28 (/usr/lib/php/20220829/simplexml.so)", - "sockets @ 8.2.28 (/usr/lib/php/20220829/sockets.so)", - "sysvmsg @ 8.2.28 (/usr/lib/php/20220829/sysvmsg.so)", - "sysvsem @ 8.2.28 (/usr/lib/php/20220829/sysvsem.so)", - "sysvshm @ 8.2.28 (/usr/lib/php/20220829/sysvshm.so)", - "tokenizer @ 8.2.28 (/usr/lib/php/20220829/tokenizer.so)", - "xml @ 8.2.28 (/usr/lib/php/20220829/xml.so)", - "xmlreader @ 8.2.28 (/usr/lib/php/20220829/xmlreader.so)", - "xmlwriter @ 8.2.28 (/usr/lib/php/20220829/xmlwriter.so)", - "xsl @ 8.2.28 (/usr/lib/php/20220829/xsl.so)", + "calendar @ 8.2.29 (/usr/lib/php/20220829/calendar.so)", + "ctype @ 8.2.29 (/usr/lib/php/20220829/ctype.so)", + "exif @ 8.2.29 (/usr/lib/php/20220829/exif.so)", + "ffi @ 8.2.29 (/usr/lib/php/20220829/ffi.so)", + "fileinfo @ 8.2.29 (/usr/lib/php/20220829/fileinfo.so)", + "ftp @ 8.2.29 (/usr/lib/php/20220829/ftp.so)", + "gettext @ 8.2.29 (/usr/lib/php/20220829/gettext.so)", + "iconv @ 8.2.29 (/usr/lib/php/20220829/iconv.so)", + "mysqli @ 8.2.29 (/usr/lib/php/20220829/mysqli.so)", + "opcache @ 8.2.29 (/usr/lib/php/20220829/opcache.so)", + "pdo @ 8.2.29 (/usr/lib/php/20220829/pdo.so)", + "pdo_mysql @ 8.2.29 (/usr/lib/php/20220829/pdo_mysql.so)", + "phar @ 8.2.29 (/usr/lib/php/20220829/phar.so)", + "posix @ 8.2.29 (/usr/lib/php/20220829/posix.so)", + "readline @ 8.2.29 (/usr/lib/php/20220829/readline.so)", + "shmop @ 8.2.29 (/usr/lib/php/20220829/shmop.so)", + "simplexml @ 8.2.29 (/usr/lib/php/20220829/simplexml.so)", + "sockets @ 8.2.29 (/usr/lib/php/20220829/sockets.so)", + "sysvmsg @ 8.2.29 (/usr/lib/php/20220829/sysvmsg.so)", + "sysvsem @ 8.2.29 (/usr/lib/php/20220829/sysvsem.so)", + "sysvshm @ 8.2.29 (/usr/lib/php/20220829/sysvshm.so)", + "tokenizer @ 8.2.29 (/usr/lib/php/20220829/tokenizer.so)", + "xml @ 8.2.29 (/usr/lib/php/20220829/xml.so)", + "xmlreader @ 8.2.29 (/usr/lib/php/20220829/xmlreader.so)", + "xmlwriter @ 8.2.29 (/usr/lib/php/20220829/xmlwriter.so)", + "xsl @ 8.2.29 (/usr/lib/php/20220829/xsl.so)", }, expectedRels: []string{ - "calendar @ 8.2.28 (/usr/lib/php/20220829/calendar.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "ctype @ 8.2.28 (/usr/lib/php/20220829/ctype.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "exif @ 8.2.28 (/usr/lib/php/20220829/exif.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "ffi @ 8.2.28 (/usr/lib/php/20220829/ffi.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "fileinfo @ 8.2.28 (/usr/lib/php/20220829/fileinfo.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "ftp @ 8.2.28 (/usr/lib/php/20220829/ftp.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "gettext @ 8.2.28 (/usr/lib/php/20220829/gettext.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "iconv @ 8.2.28 (/usr/lib/php/20220829/iconv.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "mysqli @ 8.2.28 (/usr/lib/php/20220829/mysqli.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "opcache @ 8.2.28 (/usr/lib/php/20220829/opcache.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "pdo @ 8.2.28 (/usr/lib/php/20220829/pdo.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "pdo_mysql @ 8.2.28 (/usr/lib/php/20220829/pdo_mysql.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "phar @ 8.2.28 (/usr/lib/php/20220829/phar.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "posix @ 8.2.28 (/usr/lib/php/20220829/posix.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "readline @ 8.2.28 (/usr/lib/php/20220829/readline.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "shmop @ 8.2.28 (/usr/lib/php/20220829/shmop.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "simplexml @ 8.2.28 (/usr/lib/php/20220829/simplexml.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "sockets @ 8.2.28 (/usr/lib/php/20220829/sockets.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "sysvmsg @ 8.2.28 (/usr/lib/php/20220829/sysvmsg.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "sysvsem @ 8.2.28 (/usr/lib/php/20220829/sysvsem.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "sysvshm @ 8.2.28 (/usr/lib/php/20220829/sysvshm.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "tokenizer @ 8.2.28 (/usr/lib/php/20220829/tokenizer.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "xml @ 8.2.28 (/usr/lib/php/20220829/xml.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "xmlreader @ 8.2.28 (/usr/lib/php/20220829/xmlreader.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "xmlwriter @ 8.2.28 (/usr/lib/php/20220829/xmlwriter.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", - "xsl @ 8.2.28 (/usr/lib/php/20220829/xsl.so) [dependency-of] libphp @ 8.2.28 (/usr/lib/apache2/modules/libphp8.2.so)", + "calendar @ 8.2.29 (/usr/lib/php/20220829/calendar.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "ctype @ 8.2.29 (/usr/lib/php/20220829/ctype.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "exif @ 8.2.29 (/usr/lib/php/20220829/exif.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "ffi @ 8.2.29 (/usr/lib/php/20220829/ffi.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "fileinfo @ 8.2.29 (/usr/lib/php/20220829/fileinfo.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "ftp @ 8.2.29 (/usr/lib/php/20220829/ftp.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "gettext @ 8.2.29 (/usr/lib/php/20220829/gettext.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "iconv @ 8.2.29 (/usr/lib/php/20220829/iconv.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "mysqli @ 8.2.29 (/usr/lib/php/20220829/mysqli.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "opcache @ 8.2.29 (/usr/lib/php/20220829/opcache.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "pdo @ 8.2.29 (/usr/lib/php/20220829/pdo.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "pdo_mysql @ 8.2.29 (/usr/lib/php/20220829/pdo_mysql.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "phar @ 8.2.29 (/usr/lib/php/20220829/phar.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "posix @ 8.2.29 (/usr/lib/php/20220829/posix.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "readline @ 8.2.29 (/usr/lib/php/20220829/readline.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "shmop @ 8.2.29 (/usr/lib/php/20220829/shmop.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "simplexml @ 8.2.29 (/usr/lib/php/20220829/simplexml.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "sockets @ 8.2.29 (/usr/lib/php/20220829/sockets.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "sysvmsg @ 8.2.29 (/usr/lib/php/20220829/sysvmsg.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "sysvsem @ 8.2.29 (/usr/lib/php/20220829/sysvsem.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "sysvshm @ 8.2.29 (/usr/lib/php/20220829/sysvshm.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "tokenizer @ 8.2.29 (/usr/lib/php/20220829/tokenizer.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "xml @ 8.2.29 (/usr/lib/php/20220829/xml.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "xmlreader @ 8.2.29 (/usr/lib/php/20220829/xmlreader.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "xmlwriter @ 8.2.29 (/usr/lib/php/20220829/xmlwriter.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", + "xsl @ 8.2.29 (/usr/lib/php/20220829/xsl.so) [dependency-of] libphp @ 8.2.29 (/usr/lib/apache2/modules/libphp8.2.so)", }, }, } diff --git a/syft/pkg/cataloger/php/test-fixtures/image-extensions/Dockerfile b/syft/pkg/cataloger/php/test-fixtures/image-extensions/Dockerfile index 04fc50e81..77a437d7c 100644 --- a/syft/pkg/cataloger/php/test-fixtures/image-extensions/Dockerfile +++ b/syft/pkg/cataloger/php/test-fixtures/image-extensions/Dockerfile @@ -1,5 +1,5 @@ # source https://github.com/nextcloud/docker/blob/master/30/fpm-alpine/Dockerfile#L1 -FROM --platform=linux/amd64 php:8.3-fpm-alpine3.21 AS builder +FROM --platform=linux/amd64 php:8.3.27-fpm-alpine3.21 AS builder # entrypoint.sh and cron.sh dependencies RUN set -ex; \ diff --git a/syft/pkg/cataloger/python/test-fixtures/image-multi-site-package/Dockerfile b/syft/pkg/cataloger/python/test-fixtures/image-multi-site-package/Dockerfile index 404be1d7f..bcb8b6c1b 100644 --- a/syft/pkg/cataloger/python/test-fixtures/image-multi-site-package/Dockerfile +++ b/syft/pkg/cataloger/python/test-fixtures/image-multi-site-package/Dockerfile @@ -5,8 +5,8 @@ FROM ubuntu:20.04@sha256:cc9cc8169c9517ae035cf293b15f06922cb8c6c864d625a72b7b186 RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y python3.8 python3.9 python3-pip python3-venv python3.9-venv python3.8-venv # install pip and virtualenv for both Python versions -RUN python3.8 -m pip install --upgrade pip virtualenv -RUN python3.9 -m pip install --upgrade pip virtualenv +RUN python3.8 -m pip install --upgrade pip virtualenv==20.31.2 distlib==0.3.9 filelock==3.16.1 platformdirs==4.3.6 +RUN python3.9 -m pip install --upgrade pip virtualenv==20.31.2 distlib==0.3.9 filelock==3.18.0 platformdirs==4.3.8 # install global packages for Python 3.8 & 3.9 RUN python3.9 -m pip install click==8.0.3 beautifulsoup4==4.9.3 soupsieve==2.2.1 requests==2.25.1 diff --git a/syft/pkg/cataloger/rust/test-fixtures/image-audit/Dockerfile b/syft/pkg/cataloger/rust/test-fixtures/image-audit/Dockerfile index 5ecc1c660..4de62eb1c 100644 --- a/syft/pkg/cataloger/rust/test-fixtures/image-audit/Dockerfile +++ b/syft/pkg/cataloger/rust/test-fixtures/image-audit/Dockerfile @@ -2,7 +2,7 @@ FROM rust:1.82.0 AS builder WORKDIR /app -RUN cargo install cargo-auditable --locked +RUN cargo install cargo-auditable --version 0.6.4 --locked COPY Cargo.toml Cargo.lock ./ COPY src ./src RUN cargo fetch