oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: gradle lockfile parser groupId handling (#1995)

Browse Source 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
This commit is contained in:
Keith Zantow 2023-08-04 11:42:26 -04:00 committed by GitHub
parent e774006052
commit 79014ed8c8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
syft/pkg/cataloger/java/parse_gradle_lockfile.go
View File

@ -57,7 +57,16 @@ func parseGradleLockfile(_ file.Resolver, _ *generic.Environment, reader file.Lo
Language: pkg.Java, Language: pkg.Java,
Type: pkg.JavaPkg, Type: pkg.JavaPkg,
MetadataType: pkg.JavaMetadataType, MetadataType: pkg.JavaMetadataType,
Metadata: pkg.JavaMetadata{
PomProject: &pkg.PomProject{
GroupID: dep.Group,
ArtifactID: dep.Name,
Version: dep.Version,
Name: dep.Name,
},
},
} }
mappedPkg.SetID()
pkgs = append(pkgs, mappedPkg) pkgs = append(pkgs, mappedPkg)
} }

19
syft/pkg/cataloger/java/parse_gradle_lockfile_test.go
View File

@ -16,12 +16,25 @@ func Test_parserGradleLockfile(t *testing.T) {
{ {
input: "test-fixtures/gradle/gradle.lockfile", input: "test-fixtures/gradle/gradle.lockfile",
expected: []pkg.Package{ expected: []pkg.Package{
{
Name: "commons-text",
Version: "1.8",
Language: pkg.Java,
Type: pkg.JavaPkg,
MetadataType: pkg.JavaMetadataType,
Metadata: pkg.JavaMetadata{
PomProject: &pkg.PomProject{GroupID: "org.apache.commons", ArtifactID: "commons-text", Version: "1.8", Name: "commons-text"},
},
},
{ {
Name: "hamcrest-core", Name: "hamcrest-core",
Version: "1.3", Version: "1.3",
Language: pkg.Java, Language: pkg.Java,
Type: pkg.JavaPkg, Type: pkg.JavaPkg,
MetadataType: pkg.JavaMetadataType, MetadataType: pkg.JavaMetadataType,
Metadata: pkg.JavaMetadata{
PomProject: &pkg.PomProject{GroupID: "org.hamcrest", ArtifactID: "hamcrest-core", Version: "1.3", Name: "hamcrest-core"},
},
}, },
{ {
Name: "joda-time", Name: "joda-time",
@ -29,6 +42,9 @@ func Test_parserGradleLockfile(t *testing.T) {
Language: pkg.Java, Language: pkg.Java,
Type: pkg.JavaPkg, Type: pkg.JavaPkg,
MetadataType: pkg.JavaMetadataType, MetadataType: pkg.JavaMetadataType,
Metadata: pkg.JavaMetadata{
PomProject: &pkg.PomProject{GroupID: "joda-time", ArtifactID: "joda-time", Version: "2.2", Name: "joda-time"},
},
}, },
{ {
Name: "junit", Name: "junit",
@ -36,6 +52,9 @@ func Test_parserGradleLockfile(t *testing.T) {
Language: pkg.Java, Language: pkg.Java,
Type: pkg.JavaPkg, Type: pkg.JavaPkg,
MetadataType: pkg.JavaMetadataType, MetadataType: pkg.JavaMetadataType,
Metadata: pkg.JavaMetadata{
PomProject: &pkg.PomProject{GroupID: "junit", ArtifactID: "junit", Version: "4.12", Name: "junit"},
},
}, },
}, },
}, },

1
syft/pkg/cataloger/java/test-fixtures/gradle/gradle.lockfile
View File

@ -5,3 +5,4 @@ joda-time:joda-time:2.2=compileClasspath,runtimeClasspath,testCompileClasspath,t
junit:junit:4.12=testCompileClasspath,testRuntimeClasspath junit:junit:4.12=testCompileClasspath,testRuntimeClasspath
org.hamcrest:hamcrest-core:1.3=testCompileClasspath,testRuntimeClasspath org.hamcrest:hamcrest-core:1.3=testCompileClasspath,testRuntimeClasspath
empty=annotationProcessor,testAnnotationProcessor empty=annotationProcessor,testAnnotationProcessor
org.apache.commons:commons-text:1.8=compileClasspath