From bcc7e90fcc678f9e90a03a78139cedc2e3d15a64 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Wed, 6 Dec 2023 18:04:43 +0000 Subject: [PATCH] fix(java): improve identification for com.graphql-java artifacts (#2397) Signed-off-by: Weston Steimel --- .../cataloger/common/cpe/java_groupid_map.go | 21 +++++++++++++++++++ test/integration/java_purl_test.go | 19 ++++++++--------- 2 files changed, 30 insertions(+), 10 deletions(-) diff --git a/syft/pkg/cataloger/common/cpe/java_groupid_map.go b/syft/pkg/cataloger/common/cpe/java_groupid_map.go index 5fc69926b..31b4b0512 100644 --- a/syft/pkg/cataloger/common/cpe/java_groupid_map.go +++ b/syft/pkg/cataloger/common/cpe/java_groupid_map.go @@ -1754,4 +1754,25 @@ var DefaultArtifactIDToGroupID = map[string]string{ "ratpack-test": "io.ratpack", "ratpack-thymeleaf": "io.ratpack", "ratpack-thymeleaf3": "io.ratpack", + "graphiql-spring-boot-autoconfigure": "com.graphql-java", + "graphiql-spring-boot-starter": "com.graphql-java", + "graphql-java": "com.graphql-java", + "graphql-java-annotations": "com.graphql-java", + "graphql-java-extended-scalars": "com.graphql-java", + "graphql-java-extended-validation": "com.graphql-java", + "graphql-java-servlet": "com.graphql-java", + "graphql-java-spring-boot-starter-webflux": "com.graphql-java", + "graphql-java-spring-boot-starter-webmvc": "com.graphql-java", + "graphql-java-spring-webflux": "com.graphql-java", + "graphql-java-spring-webmvc": "com.graphql-java", + "graphql-java-tools": "com.graphql-java", + "graphql-rxjava": "com.graphql-java", + "graphql-spring-boot-autoconfigure": "com.graphql-java", + "graphql-spring-boot-starter": "com.graphql-java", + "graphql-spring-boot-starter-test": "com.graphql-java", + "graphql-spring-boot-test": "com.graphql-java", + "graphql-spring-boot-test-autoconfigure": "com.graphql-java", + "java-dataloader": "com.graphql-java", + "voyager-spring-boot-autoconfigure": "com.graphql-java", + "voyager-spring-boot-starter": "com.graphql-java", } diff --git a/test/integration/java_purl_test.go b/test/integration/java_purl_test.go index 3813e32c2..d19358dba 100644 --- a/test/integration/java_purl_test.go +++ b/test/integration/java_purl_test.go @@ -62,7 +62,6 @@ var noAssertion = map[string]string{ "/packages/hudson.war:WEB-INF/lib/commons-jelly-tags-xml-1.1.jar": "pkg:maven/commons-jelly/commons-jelly-tags-xml@1.1", "/packages/hudson.war:WEB-INF/slave.jar": "pkg:maven/org.jvnet.hudson.main/remoting@1.390", "/packages/minio-8.3.8.jar": "pkg:maven/io.minio/minio@8.3.8", - "/packages/graphql-java-20.0.jar": "pkg:maven/com.graphql-java/graphql-java@20.0", "/packages/hudson.war:WEB-INF/lib/xpp3_min-1.1.4c.jar": "pkg:maven/xpp3_min/xpp3_min@1.1.4c", "/packages/hudson.war:WEB-INF/lib/xpp3-1.1.4c.jar": "pkg:maven/xpp3/xpp3@1.1.4c", "/packages/hudson.war:WEB-INF/lib/groovy-all-1.6.0.jar": "pkg:maven/org.codehaus.groovy/groovy-all@1.6.0", @@ -190,15 +189,15 @@ var expectedPURLs = map[string]string{ // "/packages/dubbo-3.1.4.jar:org.apache.dubbo:dubbo-xds": "pkg:maven/org.apache.dubbo/dubbo-xds@3.1.4", // "/packages/dubbo-3.1.4.jar:org.apache.dubbo:dubbo": "pkg:maven/org.apache.dubbo/dubbo@3.1.4", // "/packages/dubbo-3.1.4.jar": "pkg:maven/org.apache.dubbo/dubbo@3.1.4", - "/packages/elasticsearch-8.10.2.jar": "pkg:maven/org.elasticsearch/elasticsearch@8.10.2", - "/packages/elasticsearch-rest-client-sniffer-7.17.11.jar": "pkg:maven/org.elasticsearch.client/elasticsearch-rest-client-sniffer@7.17.11", - "/packages/example-java-app-gradle-0.1.0.ear": "pkg:maven/example-java-app-gradle/example-java-app-gradle@0.1.0", - "/packages/geode-core-1.14.3.jar": "pkg:maven/org.apache.geode/geode-core@1.14.3", - "/packages/github-api-1.118.jar": "pkg:maven/org.kohsuke/github-api@1.118", - "/packages/google-oauth-client-1.25.0.jar": "pkg:maven/com.google.oauth-client/google-oauth-client@1.25.0", - "/packages/graphql-java-20.0.jar:com.google.guava:guava": "pkg:maven/com.google.guava/guava@31.0.1-jre", - "/packages/graphql-java-20.0.jar:org.antlr:antlr4-runtime": "pkg:maven/org.antlr/antlr4-runtime@4.9.3", - // "/packages/graphql-java-20.0.jar": "pkg:maven/com.graphql-java/graphql-java@20.0", + "/packages/elasticsearch-8.10.2.jar": "pkg:maven/org.elasticsearch/elasticsearch@8.10.2", + "/packages/elasticsearch-rest-client-sniffer-7.17.11.jar": "pkg:maven/org.elasticsearch.client/elasticsearch-rest-client-sniffer@7.17.11", + "/packages/example-java-app-gradle-0.1.0.ear": "pkg:maven/example-java-app-gradle/example-java-app-gradle@0.1.0", + "/packages/geode-core-1.14.3.jar": "pkg:maven/org.apache.geode/geode-core@1.14.3", + "/packages/github-api-1.118.jar": "pkg:maven/org.kohsuke/github-api@1.118", + "/packages/google-oauth-client-1.25.0.jar": "pkg:maven/com.google.oauth-client/google-oauth-client@1.25.0", + "/packages/graphql-java-20.0.jar:com.google.guava:guava": "pkg:maven/com.google.guava/guava@31.0.1-jre", + "/packages/graphql-java-20.0.jar:org.antlr:antlr4-runtime": "pkg:maven/org.antlr/antlr4-runtime@4.9.3", + "/packages/graphql-java-20.0.jar": "pkg:maven/com.graphql-java/graphql-java@20.0", "/packages/guava-29.0-jre.jar": "pkg:maven/com.google.guava/guava@29.0-jre", "/packages/hadoop-common-3.3.2.jar": "pkg:maven/org.apache.hadoop/hadoop-common@3.3.2", "/packages/hazelcast-5.2.4.jar:com.fasterxml.jackson.core:jackson-core": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.15.2",