mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 16:33:21 +01:00
chore: update latest cyclonedx library (#1390)
This commit is contained in:
Christopher Angelo Phillips
GitHub
parent
997fbdfcf3
commit
730d3e3187
2
go.mod
2
go.mod
@ -3,7 +3,7 @@ module github.com/anchore/syft
|
|||||||
go 1.18
|
go 1.18
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/CycloneDX/cyclonedx-go v0.5.2
|
github.com/CycloneDX/cyclonedx-go v0.7.0
|
||||||
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d
|
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d
|
||||||
github.com/acobaugh/osrelease v0.1.0
|
github.com/acobaugh/osrelease v0.1.0
|
||||||
github.com/adrg/xdg v0.3.3
|
github.com/adrg/xdg v0.3.3
|
||||||
|
|||||||
7
go.sum
7
go.sum
@ -153,8 +153,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
|
|||||||
github.com/BurntSushi/toml v0.4.1 h1:GaI7EiDXDRfa8VshkTj7Fym7ha+y8/XxIgD2okUIjLw=
|
github.com/BurntSushi/toml v0.4.1 h1:GaI7EiDXDRfa8VshkTj7Fym7ha+y8/XxIgD2okUIjLw=
|
||||||
github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
|
github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
|
||||||
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||||
github.com/CycloneDX/cyclonedx-go v0.5.2 h1:CkdGw2R/tZWmEbSypJVZG+3+2SAsDjJirfIrG/RbIVg=
|
github.com/CycloneDX/cyclonedx-go v0.7.0 h1:jNxp8hL7UpcvPDFXjY+Y1ibFtsW+e5zyF9QoSmhK/zg=
|
||||||
github.com/CycloneDX/cyclonedx-go v0.5.2/go.mod h1:nQCiF4Tvrg5Ieu8qPhYMvzPGMu5I7fANZkrSsJjl5mg=
|
github.com/CycloneDX/cyclonedx-go v0.7.0/go.mod h1:W5Z9w8pTTL+t+yG3PCiFRGlr8PUlE0pGWzKSJbsyXkg=
|
||||||
github.com/DataDog/zstd v1.4.5 h1:EndNeuB0l9syBZhut0wns3gV1hL8zX8LIu6ZiVHWLIQ=
|
github.com/DataDog/zstd v1.4.5 h1:EndNeuB0l9syBZhut0wns3gV1hL8zX8LIu6ZiVHWLIQ=
|
||||||
github.com/DataDog/zstd v1.4.5/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo=
|
github.com/DataDog/zstd v1.4.5/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo=
|
||||||
github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24/go.mod h1:4UJr5HIiMZrwgkSPdsjy2uOQExX/WEILpIrO9UPGuXs=
|
github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24/go.mod h1:4UJr5HIiMZrwgkSPdsjy2uOQExX/WEILpIrO9UPGuXs=
|
||||||
@ -401,8 +401,7 @@ github.com/bmatcuk/doublestar/v4 v4.0.2/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTS
|
|||||||
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
|
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
|
||||||
github.com/bombsimon/wsl/v3 v3.3.0/go.mod h1:st10JtZYLE4D5sC7b8xV4zTKZwAQjCH/Hy2Pm1FNZIc=
|
github.com/bombsimon/wsl/v3 v3.3.0/go.mod h1:st10JtZYLE4D5sC7b8xV4zTKZwAQjCH/Hy2Pm1FNZIc=
|
||||||
github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA=
|
github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA=
|
||||||
github.com/bradleyjkemp/cupaloy/v2 v2.7.0 h1:AT0vOjO68RcLyenLCHOGZzSNiuto7ziqzq6Q1/3xzMQ=
|
github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M=
|
||||||
github.com/bradleyjkemp/cupaloy/v2 v2.7.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0=
|
|
||||||
github.com/breml/bidichk v0.1.1/go.mod h1:zbfeitpevDUGI7V91Uzzuwrn4Vls8MoBMrwtt78jmso=
|
github.com/breml/bidichk v0.1.1/go.mod h1:zbfeitpevDUGI7V91Uzzuwrn4Vls8MoBMrwtt78jmso=
|
||||||
github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk=
|
github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk=
|
||||||
github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
|
github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
|
||||||
|
|||||||
@ -216,7 +216,7 @@ func collectRelationships(bom *cyclonedx.BOM, s *sbom.SBOM, idMap map[string]int
|
|||||||
}
|
}
|
||||||
|
|
||||||
for _, t := range *d.Dependencies {
|
for _, t := range *d.Dependencies {
|
||||||
to, toExists := idMap[t.Ref].(artifact.Identifiable)
|
to, toExists := idMap[t].(artifact.Identifiable)
|
||||||
if !toExists {
|
if !toExists {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|||||||
@ -173,12 +173,8 @@ func Test_decode(t *testing.T) {
|
|||||||
},
|
},
|
||||||
Dependencies: &[]cyclonedx.Dependency{
|
Dependencies: &[]cyclonedx.Dependency{
|
||||||
{
|
{
|
||||||
Ref: "p1",
|
Ref: "p1",
|
||||||
Dependencies: &[]cyclonedx.Dependency{
|
Dependencies: &[]string{"p2"},
|
||||||
{
|
|
||||||
Ref: "p2",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
@ -263,8 +259,9 @@ func Test_decode(t *testing.T) {
|
|||||||
|
|
||||||
func Test_missingDataDecode(t *testing.T) {
|
func Test_missingDataDecode(t *testing.T) {
|
||||||
bom := &cyclonedx.BOM{
|
bom := &cyclonedx.BOM{
|
||||||
Metadata: nil,
|
Metadata: nil,
|
||||||
Components: &[]cyclonedx.Component{},
|
Components: &[]cyclonedx.Component{},
|
||||||
|
SpecVersion: cyclonedx.SpecVersion1_4,
|
||||||
}
|
}
|
||||||
|
|
||||||
_, err := ToSyftModel(bom)
|
_, err := ToSyftModel(bom)
|
||||||
@ -287,7 +284,9 @@ func Test_missingDataDecode(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func Test_missingComponentsDecode(t *testing.T) {
|
func Test_missingComponentsDecode(t *testing.T) {
|
||||||
bom := &cyclonedx.BOM{}
|
bom := &cyclonedx.BOM{
|
||||||
|
SpecVersion: cyclonedx.SpecVersion1_4,
|
||||||
|
}
|
||||||
bomBytes, _ := json.Marshal(&bom)
|
bomBytes, _ := json.Marshal(&bom)
|
||||||
decode := GetDecoder(cyclonedx.BOMFileFormatJSON)
|
decode := GetDecoder(cyclonedx.BOMFileFormatJSON)
|
||||||
|
|
||||||
|
|||||||
@ -157,8 +157,10 @@ func toDependencies(relationships []artifact.Relationship) []cyclonedx.Dependenc
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
innerDeps := []cyclonedx.Dependency{}
|
// ind dep
|
||||||
innerDeps = append(innerDeps, cyclonedx.Dependency{Ref: deriveBomRef(*fromPkg)})
|
|
||||||
|
innerDeps := []string{}
|
||||||
|
innerDeps = append(innerDeps, deriveBomRef(*fromPkg))
|
||||||
result = append(result, cyclonedx.Dependency{
|
result = append(result, cyclonedx.Dependency{
|
||||||
Ref: deriveBomRef(*toPkg),
|
Ref: deriveBomRef(*toPkg),
|
||||||
Dependencies: &innerDeps,
|
Dependencies: &innerDeps,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user