From 671ff39933315e341f1273a3fbc9c496fe9e7690 Mon Sep 17 00:00:00 2001 From: Chao Li Date: Mon, 23 Oct 2023 20:49:57 +0800 Subject: [PATCH] Add ruby.NewGemSpecCataloger to DirectoryCatalogers. (#1971) * Add ruby.NewGemSpecCataloger to DirectoryCatalogers. Signed-off-by: Evan * fixed tests Signed-off-by: Evan * Addressed review comment Signed-off-by: Evan * Remove NewInstalledGemSpecCataloger from default dir catalogers Because the files that the installed gemspec cataloger work off of are a subset of the files that the more general gemspec cataloger will work off of, we shouldn't have both of them on by default, since this could result in finding the same package twice. Signed-off-by: Will Murphy --------- Signed-off-by: Evan Signed-off-by: Will Murphy Co-authored-by: Will Murphy --- syft/pkg/cataloger/cataloger.go | 4 +++- syft/pkg/cataloger/ruby/catalogers.go | 10 ++++++++-- test/integration/catalog_packages_cases_test.go | 2 ++ 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/syft/pkg/cataloger/cataloger.go b/syft/pkg/cataloger/cataloger.go index c02c7e233..3b836ee88 100644 --- a/syft/pkg/cataloger/cataloger.go +++ b/syft/pkg/cataloger/cataloger.go @@ -57,7 +57,7 @@ func ImageCatalogers(cfg Config) []pkg.Cataloger { python.NewPythonPackageCataloger(), r.NewPackageCataloger(), rpm.NewRpmDBCataloger(), - ruby.NewGemSpecCataloger(), + ruby.NewInstalledGemSpecCataloger(), sbom.NewSBOMCataloger(), }, cfg.Catalogers) } @@ -93,6 +93,7 @@ func DirectoryCatalogers(cfg Config) []pkg.Cataloger { rpm.NewFileCataloger(), rpm.NewRpmDBCataloger(), ruby.NewGemFileLockCataloger(), + ruby.NewGemSpecCataloger(), rust.NewCargoLockCataloger(), sbom.NewSBOMCataloger(), swift.NewCocoapodsCataloger(), @@ -136,6 +137,7 @@ func AllCatalogers(cfg Config) []pkg.Cataloger { rpm.NewRpmDBCataloger(), ruby.NewGemFileLockCataloger(), ruby.NewGemSpecCataloger(), + ruby.NewInstalledGemSpecCataloger(), rust.NewAuditBinaryCataloger(), rust.NewCargoLockCataloger(), sbom.NewSBOMCataloger(), diff --git a/syft/pkg/cataloger/ruby/catalogers.go b/syft/pkg/cataloger/ruby/catalogers.go index e3e173a21..aa6344847 100644 --- a/syft/pkg/cataloger/ruby/catalogers.go +++ b/syft/pkg/cataloger/ruby/catalogers.go @@ -13,8 +13,14 @@ func NewGemFileLockCataloger() *generic.Cataloger { WithParserByGlobs(parseGemFileLockEntries, "**/Gemfile.lock") } -// NewGemSpecCataloger returns a new Bundler cataloger object tailored for detecting installations of gems (e.g. Gemspec). -func NewGemSpecCataloger() *generic.Cataloger { +// NewInstalledGemSpecCataloger returns a new Bundler cataloger object tailored for detecting installations of gems (e.g. Gemspec). +func NewInstalledGemSpecCataloger() *generic.Cataloger { return generic.NewCataloger("ruby-gemspec-cataloger"). WithParserByGlobs(parseGemSpecEntries, "**/specifications/**/*.gemspec") } + +// NewGemSpecCataloger looks for gems with a broader scope. +func NewGemSpecCataloger() *generic.Cataloger { + return generic.NewCataloger("ruby-gemspec-cataloger"). + WithParserByGlobs(parseGemSpecEntries, "**/*.gemspec") +} diff --git a/test/integration/catalog_packages_cases_test.go b/test/integration/catalog_packages_cases_test.go index 52bd6f287..3ff8d307d 100644 --- a/test/integration/catalog_packages_cases_test.go +++ b/test/integration/catalog_packages_cases_test.go @@ -94,6 +94,7 @@ var dirOnlyTestCases = []testCase{ "arel": "5.0.1.20140414130214", "bootstrap-sass": "3.1.1.1", "builder": "3.2.2", + "bundler": "2.1.4", "coffee-rails": "4.0.1", "coffee-script": "2.2.0", "coffee-script-source": "1.7.0", @@ -136,6 +137,7 @@ var dirOnlyTestCases = []testCase{ "turbolinks": "3.0.0", "tzinfo": "1.2.0", "uglifier": "2.5.0", + "unbundler": "3.1.4", "unicorn": "4.8.3", }, },