mirror of
https://github.com/anchore/syft.git
synced 2025-11-18 17:03:17 +01:00
Fix package.json parsing for license object
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
This commit is contained in:
Dan Luhring
parent
416afa015e
commit
4d4e242251
@ -2,6 +2,7 @@ package javascript
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"regexp"
|
"regexp"
|
||||||
@ -22,7 +23,7 @@ type PackageJSON struct {
|
|||||||
Version string `json:"version"`
|
Version string `json:"version"`
|
||||||
Latest []string `json:"latest"`
|
Latest []string `json:"latest"`
|
||||||
Author Author `json:"author"`
|
Author Author `json:"author"`
|
||||||
License string `json:"license"`
|
License json.RawMessage `json:"license"`
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
Homepage string `json:"homepage"`
|
Homepage string `json:"homepage"`
|
||||||
Description string `json:"description"`
|
Description string `json:"description"`
|
||||||
@ -107,6 +108,29 @@ func (r *Repository) UnmarshalJSON(b []byte) error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type license struct {
|
||||||
|
Type string `json:"type"`
|
||||||
|
URL string `json:"url"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func licenseFromJSON(b []byte) (string, error) {
|
||||||
|
// first try as string
|
||||||
|
var licenseString string
|
||||||
|
err := json.Unmarshal(b, &licenseString)
|
||||||
|
if err == nil {
|
||||||
|
return licenseString, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// then try as object (this format is deprecated)
|
||||||
|
var licenseObject license
|
||||||
|
err = json.Unmarshal(b, &licenseObject)
|
||||||
|
if err == nil {
|
||||||
|
return licenseObject.Type, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return "", errors.New("unable to unmarshal license field as either string or object")
|
||||||
|
}
|
||||||
|
|
||||||
// parsePackageJson parses a package.json and returns the discovered JavaScript packages.
|
// parsePackageJson parses a package.json and returns the discovered JavaScript packages.
|
||||||
func parsePackageJSON(_ string, reader io.Reader) ([]pkg.Package, error) {
|
func parsePackageJSON(_ string, reader io.Reader) ([]pkg.Package, error) {
|
||||||
packages := make([]pkg.Package, 0)
|
packages := make([]pkg.Package, 0)
|
||||||
@ -120,10 +144,16 @@ func parsePackageJSON(_ string, reader io.Reader) ([]pkg.Package, error) {
|
|||||||
return nil, fmt.Errorf("failed to parse package.json file: %w", err)
|
return nil, fmt.Errorf("failed to parse package.json file: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
singleLicense, err := licenseFromJSON(p.License)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to parse package.json file: %w", err)
|
||||||
|
}
|
||||||
|
licenses := []string{singleLicense}
|
||||||
|
|
||||||
packages = append(packages, pkg.Package{
|
packages = append(packages, pkg.Package{
|
||||||
Name: p.Name,
|
Name: p.Name,
|
||||||
Version: p.Version,
|
Version: p.Version,
|
||||||
Licenses: []string{p.License},
|
Licenses: licenses,
|
||||||
Language: pkg.JavaScript,
|
Language: pkg.JavaScript,
|
||||||
Type: pkg.NpmPkg,
|
Type: pkg.NpmPkg,
|
||||||
MetadataType: pkg.NpmPackageJSONMetadataType,
|
MetadataType: pkg.NpmPackageJSONMetadataType,
|
||||||
@ -131,7 +161,7 @@ func parsePackageJSON(_ string, reader io.Reader) ([]pkg.Package, error) {
|
|||||||
Author: p.Author.AuthorString(),
|
Author: p.Author.AuthorString(),
|
||||||
Homepage: p.Homepage,
|
Homepage: p.Homepage,
|
||||||
URL: p.Repository.URL,
|
URL: p.Repository.URL,
|
||||||
Licenses: []string{p.License},
|
Licenses: licenses,
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user