From c8184bdb4c3e9f800c8ffa6dd4f37145893cae4a Mon Sep 17 00:00:00 2001
From: witchcraze <67056980+witchcraze@users.noreply.github.com>
Date: Mon, 5 Jan 2026 23:51:41 +0900
Subject: [PATCH] add grafana classifier (#4516)

Signed-off-by: witchcraze <witchcraze@gmail.com>
---
 syft/pkg/cataloger/binary/capabilities.yaml   |  20 ++++
 .../binary/classifier_cataloger_test.go       |  88 ++++++++++++++++++
 syft/pkg/cataloger/binary/classifiers.go      |  30 ++++++
 .../grafana/10.4.19/linux-amd64/grafana       | Bin 0 -> 352 bytes
 .../grafana/11.0.0/linux-amd64/grafana        | Bin 0 -> 352 bytes
 .../grafana/12.0.0/linux-amd64/grafana        | Bin 0 -> 352 bytes
 .../grafana/12.3.1/linux-amd64/grafana        | Bin 0 -> 352 bytes
 .../grafana/6.7.6/linux-amd64/grafana-server  | Bin 0 -> 389 bytes
 .../grafana/7.5.17/linux-amd64/grafana-server | Bin 0 -> 359 bytes
 .../grafana/9.0.0/linux-amd64/grafana-server  | Bin 0 -> 359 bytes
 .../grafana/9.5.21/linux-amd64/grafana        | Bin 0 -> 352 bytes
 .../binary/test-fixtures/config.yaml          |  71 ++++++++++++++
 12 files changed, 209 insertions(+)
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.4.19/linux-amd64/grafana
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/11.0.0/linux-amd64/grafana
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.0.0/linux-amd64/grafana
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.1/linux-amd64/grafana
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.7.6/linux-amd64/grafana-server
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/7.5.17/linux-amd64/grafana-server
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.0.0/linux-amd64/grafana-server
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.5.21/linux-amd64/grafana

diff --git a/syft/pkg/cataloger/binary/capabilities.yaml b/syft/pkg/cataloger/binary/capabilities.yaml
index 39871208f..a0ed0c35d 100644
--- a/syft/pkg/cataloger/binary/capabilities.yaml
+++ b/syft/pkg/cataloger/binary/capabilities.yaml
@@ -603,6 +603,26 @@ catalogers:
             cpes:
               - cpe:2.3:a:elixir-lang:elixir:*:*:*:*:*:*:*:*
             type: BinaryPkg
+      - method: glob
+        criteria:
+          - '**/grafana'
+        packages:
+          - class: grafana-binary
+            name: grafana
+            purl: pkg:generic/grafana
+            cpes:
+              - cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
+            type: BinaryPkg
+      - method: glob
+        criteria:
+          - '**/grafana-server'
+        packages:
+          - class: grafana-binary
+            name: grafana
+            purl: pkg:generic/grafana
+            cpes:
+              - cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
+            type: BinaryPkg
       - method: glob
         criteria:
           - '**/java'
diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go
index abac67912..d56878f7b 100644
--- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go
+++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go
@@ -1430,6 +1430,94 @@ func Test_Cataloger_PositiveCases(t *testing.T) {
 				},
 			},
 		},
+		{
+			logicalFixture: "grafana/12.3.1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "grafana",
+				Version:   "12.3.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/grafana@12.3.1",
+				Locations: locations("grafana"),
+				Metadata:  metadata("grafana-binary"),
+			},
+		},
+		{
+			logicalFixture: "grafana/12.0.0/linux-amd64",
+			expected: pkg.Package{
+				Name:      "grafana",
+				Version:   "12.0.0",
+				Type:      "binary",
+				PURL:      "pkg:generic/grafana@12.0.0",
+				Locations: locations("grafana"),
+				Metadata:  metadata("grafana-binary"),
+			},
+		},
+		{
+			logicalFixture: "grafana/11.0.0/linux-amd64",
+			expected: pkg.Package{
+				Name:      "grafana",
+				Version:   "11.0.0",
+				Type:      "binary",
+				PURL:      "pkg:generic/grafana@11.0.0",
+				Locations: locations("grafana"),
+				Metadata:  metadata("grafana-binary"),
+			},
+		},
+		{
+			logicalFixture: "grafana/10.4.19/linux-amd64",
+			expected: pkg.Package{
+				Name:      "grafana",
+				Version:   "10.4.19",
+				Type:      "binary",
+				PURL:      "pkg:generic/grafana@10.4.19",
+				Locations: locations("grafana"),
+				Metadata:  metadata("grafana-binary"),
+			},
+		},
+		{
+			logicalFixture: "grafana/9.5.21/linux-amd64",
+			expected: pkg.Package{
+				Name:      "grafana",
+				Version:   "9.5.21",
+				Type:      "binary",
+				PURL:      "pkg:generic/grafana@9.5.21",
+				Locations: locations("grafana"),
+				Metadata:  metadata("grafana-binary"),
+			},
+		},
+		{
+			logicalFixture: "grafana/9.0.0/linux-amd64",
+			expected: pkg.Package{
+				Name:      "grafana",
+				Version:   "9.0.0",
+				Type:      "binary",
+				PURL:      "pkg:generic/grafana@9.0.0",
+				Locations: locations("grafana-server"),
+				Metadata:  metadata("grafana-binary"),
+			},
+		},
+		{
+			logicalFixture: "grafana/7.5.17/linux-amd64",
+			expected: pkg.Package{
+				Name:      "grafana",
+				Version:   "7.5.17",
+				Type:      "binary",
+				PURL:      "pkg:generic/grafana@7.5.17",
+				Locations: locations("grafana-server"),
+				Metadata:  metadata("grafana-binary"),
+			},
+		},
+		{
+			logicalFixture: "grafana/6.7.6/linux-amd64",
+			expected: pkg.Package{
+				Name:      "grafana",
+				Version:   "6.7.6",
+				Type:      "binary",
+				PURL:      "pkg:generic/grafana@6.7.6",
+				Locations: locations("grafana-server"),
+				Metadata:  metadata("grafana-binary"),
+			},
+		},
 	}
 
 	for _, test := range tests {
diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go
index 4d2189639..4e7c13ff7 100644
--- a/syft/pkg/cataloger/binary/classifiers.go
+++ b/syft/pkg/cataloger/binary/classifiers.go
@@ -697,6 +697,36 @@ func DefaultClassifiers() []binutils.Classifier {
 			PURL:    mustPURL("pkg:generic/elixir@version"),
 			CPEs:    singleCPE("cpe:2.3:a:elixir-lang:elixir:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
 		},
+		{
+			Class:    "grafana-binary",
+			FileGlob: "**/grafana",
+			EvidenceMatcher: binutils.MatchAny(
+				// [NUL][NUL][NUL][NUL]release-12.3.1[NUL][NUL][NUL][NUL]
+				m.FileContentsVersionMatcher(`\x00+release-(?P<version>[0-9]{2}\.[0-9]+\.[0-9]+)\x00+`),
+				// HEAD[NUL][NUL][NUL][NUL]12.0.0[NUL][NUL]$a
+				// 11.0.0[NUL][NUL]$a
+				m.FileContentsVersionMatcher(`(?P<version>[0-9]{2}\.[0-9]+\.[0-9]+)\x00+\$a`),
+				// [NUL]0xDC0xBF10.4.19[NUL]
+				m.FileContentsVersionMatcher(`\x00.(?P<version>10\.[0-9]+\.[0-9]+)\x00`),
+				// 9.5.21[NUL][NUL]v9.5.x[NUL][NUL][NUL][NUL][NUL][NUL]$a
+				m.FileContentsVersionMatcher(`(?P<version>9\.[0-9]+\.[0-9]+)\x00\x00v`),
+			),
+			Package: "grafana",
+			PURL:    mustPURL("pkg:generic/grafana@version"),
+			CPEs:    singleCPE("cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
+		{
+			Class:    "grafana-binary",
+			FileGlob: "**/grafana-server",
+			EvidenceMatcher: m.FileContentsVersionMatcher(
+				// HEAD[NUL][NUL][NUL][NUL]9.0.0[NUL]:[NUL]
+				// HEAD[NUL][NUL][NUL][NUL]:[NUL][NUL][NUL][NUL][NUL][NUL][NUL]7.5.17[NUL][NUL][NUL][NUL]
+				// HEAD[NUL][NUL][NUL][NUL]m[NUL]...[NUL][NUL]6.7.6[NUL][NUL][NUL].[NUL][NUL][NUL][NUL][NUL][NUL][NUL]:
+				`HEAD\x00+.*\x00+(?P<version>[0-9]\.[0-9]+\.[0-9]+)\x00+`),
+			Package: "grafana",
+			PURL:    mustPURL("pkg:generic/grafana@version"),
+			CPEs:    singleCPE("cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
 	}
 
 	return append(classifiers, defaultJavaClassifiers()...)
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.4.19/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/10.4.19/linux-amd64/grafana
new file mode 100644
index 0000000000000000000000000000000000000000..e2123942acde03fc0aa84b5b645cbf576b3ddb29
GIT binary patch
literal 352
zcmYLDF-`+95WF-L?m?onloILWUHg1?x=8#0KCnKolSs#1AcqhYU!a1H2k;3f5EVrV
zIw<)=TJAznwwRfnon3817d(-(D@xRmXj58oH<21G6rh}_xtVqIi3C())hw1v?#||f
zh3ze>ASD2o0+X{AY$SGNSrL~GijpvZ!l<F5fZB6GUXd~0h3F$#5@}KM|1ncAR+dX0
zdIWC>QK2rP^CkvlWJnOJiqUCG&Zm-%W@lBuL>eIpF&>X)xb0Z(-jrP{Q(M>VjqFDv
z%U<uYZLN3w{Q@dCIr!}UE%fs&o3)Um$@O1ukE6ZZs?U?t^TB&K{COXE{djym@Kg5u
QF$AUumtR9aJsNF(0TW19IRF3v

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/11.0.0/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/11.0.0/linux-amd64/grafana
new file mode 100644
index 0000000000000000000000000000000000000000..37d9b83d257580ff74ae73bf3c04dc81c0d0d9b4
GIT binary patch
literal 352
zcmXwzJx&BM426TBN)L6UrC#Mfndzx0C^&(WIJ+y&&aBvx5Dh!$;S3yr0tzm|6$XQ5
zEj@phpJls;J+@-=1QmMVL#;;~TVbr1Mmf(r>^I}K6-rBf?01I)j*nZ=&bK0&ra_sU
z%hDSkBq{)<b97#%YOzT*8s`EH#9V5q;2oOMK#EWlRL$$I!}GF?$|q-o3V_xIU33W%
zR6?0E`W$^zs`hkP>KYntY_gytWQ?Uiz{2@zwG!!NM6tXn#zEAf>xO4R7H4d_Bi)l;
z=lOIZ%}TB1S~7MEU-^PDHd7GTxqf(OKW`u3pVXSjI{kSR(|@KUmf~jN)xyh#*Ti2&
C{b6eW

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.0.0/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.0.0/linux-amd64/grafana
new file mode 100644
index 0000000000000000000000000000000000000000..39bc1111e23a9f1c48882a81232dc5250f48ae1b
GIT binary patch
literal 352
zcmY+8ze)r#5Qk%%-fIo)6;?+k|FfN-AXxeWPLj#p!Mb~R3u2>N_)NZq&vdT377h&G
z$NYw2dVHi-Y@e`Vk9?^0NMkFki6Izict`zq+_eIf<i~!0IM8^%LuFknvWz7sup#N9
zy^mxd7Fmo`&J!B1eZ*t|GpT4i6<f3;n;-=8h&l7R@96JX$r{n7<TaKUD(C`GjYAKF
z33Jji8HC^?ILgKQWSmr~7Ia=$QowoBG$Or>B$hYDIEXrQ-S8~th%+|b&Hc&*W4AX~
w*K96O8@Z8;t?@ITeGle^)9Li~t87}xE*E)Nz5m$sG5q7jlCKtuh37NB0E+BW3jhEB

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.1/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/12.3.1/linux-amd64/grafana
new file mode 100644
index 0000000000000000000000000000000000000000..d8ca660f47d68c3ab1bfd2c822d0936a873bf7fd
GIT binary patch
literal 352
zcmXwzJ5Iwu5QZHd0hU(-1>H(15z#)p>m7GU+yE}HkC`Nru|r~nxCnHJnuAbLP|(qG
z53oh@OEcf-|3{;#{VkS!vhd_<&l;j7wk0>#NoAa471on>T5_obTh_Dr9NX)uSH_k+
zVxS;E0_6fJD(yhUNJ2-OQouY3py*VT3B1LmTwVlGpzsid(O58=Rk%Ke5fUYIT9ZzQ
zg1~^I0!*Q0%7e9<3IWLmX|>fZMi9a%fE=yLO|p!QMk5{`TjZ-ZdE0Pms;YV5UBr|b
zo2=7oS10|@X@M2`C0<B1)?@kat^04M<D<iaeYUr|Gu+<V+!$nob-3c!`PEJDJ)Qo%
U_xyZ5yYKmuy?yj6m&3d7KPcW-?*IS*

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.7.6/linux-amd64/grafana-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/6.7.6/linux-amd64/grafana-server
new file mode 100644
index 0000000000000000000000000000000000000000..77d3c93137654d2e5e5a18b265b6ae8e4c7b18f0
GIT binary patch
literal 389
zcmXwzO-chn5QQg3CG<*|3p8YH=;{9%5<yUKpA+;?brPA(gk*^35Z)n2aN~7cx)4S2
z1a^{{TGaRI74@jfETO=&wF#y&*Be-GVU6k#HqaE9DlQq(5|vQRnt6dULC~gJtX9xW
z=Y|SdV8L>$oCjqY^&+!5(I#kWi6Vi36p}Hmjf)UE^DbkY3B$QnEGGsCM`2My7sjJY
zc?=NJSda>ov(_3Ble8sVSs$;J<lJSBI_Id@(o-FML%bsaq2X|d?XCgbzKNR}hq^55
zCmdHONgnQR?~+){LyOf*`{`MlB>l8^<oV!Ya5*^b4qcAaNJfrYt7zGw*NG#qx@mk8
e`|-!u^WWq9bg~`q#83V?Ir+aWUvFN%-}e8uHCMd=

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/7.5.17/linux-amd64/grafana-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/7.5.17/linux-amd64/grafana-server
new file mode 100644
index 0000000000000000000000000000000000000000..a734cee01a2eabe441f4072a1d540814872362e4
GIT binary patch
literal 359
zcmXwz!Ab)$5QYoha`F)(3%yyANwdl9Nm0RL!545QJ828+ZfO_An@1m`FDkma@jv|E
z|IffMJ-tYyw@1p<)AdP?uX0pF&L<fg?XX4wtW_udcHA}Ef>Eb_e>lkav?K6!qan3E
zB;yS-wMcCSiYTte7|DY;i_XE?I!Xzgt$`8P#|UJNFbk`^@8tg&gI!Z=qbKhScq`K}
z4(Lpdl2a|5(4pawQ&@wML?$p9n}ney&!SXSRhr*N(dA7&4muBAH@xX-rM|uwi^qrC
t`^BW@*CvIPU)eC{*)L1cg`0~xJQscxp0DQlO*L~<cwUx{fBd{_egMi$PtE`U

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.0.0/linux-amd64/grafana-server b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.0.0/linux-amd64/grafana-server
new file mode 100644
index 0000000000000000000000000000000000000000..86a7d9ed77ec72dd683bbef6a975df67a45d2b28
GIT binary patch
literal 359
zcmYk0!Ait15QYPK%E>2?NY5@wnn{}81O<-^zJSSeW_O{sOIs9g`zXGsXqS!PT)yw0
zABGvy8?|aTB~C-SpJ{rhNsi1jEv*88sCDqNr(w73TV<@4^KdvGX?fWv3%*s256H%K
z7PB!LId+lIra;l>+Sdry)`<gf2ce6>0jy1Jv-3U%Y>ebXPk+Y(*@Tvmz&dUKp<|sP
z<!DF;4IW*c8icj*Sv${xn*gLu4!(AbR?4cXRQ_B@l{eKgDjxfO{7`Epg}4@02=V<R
q#Pid`<EkQV^hS&JtpDbwxGFpqZm%x#T6ikl-j;o#P?!95cjhl115H!_

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.5.21/linux-amd64/grafana b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/grafana/9.5.21/linux-amd64/grafana
new file mode 100644
index 0000000000000000000000000000000000000000..bc51c844e74ac603ec7b686dac8abd2aeeaa6a5d
GIT binary patch
literal 352
zcmXwzJ5B>J5I{}q4hg6&g*x&lcE)=N3Qk~qW|Byo-H5FCG=%eT1|(VvD7Xk$Se$4x
z#k@BkjiyUmYSii>aq5!nnfEj_$~pti2Q6FbR>Qhc#%j6mHoF}S_v>VRXq3*@WCNH2
zESKID%$6{Q1(zH&g9G4NTZ~BBm$--}5KwlExo`<V@}{Npu~Ha|hvd*_NF}>ek7!KB
zQZOFKaCR7h7S39Nh=6$+d`tl~vvyg^*=(lr%Rp*+Qw_c1zHR#_RYy{Yx7Tqz94bGB
y5~BJT=YDRD5RXTB7N@vPKjos@SmW3@``w55d;j|VJ}uRBGl`mbJ@Inl)x>{W<6o)(

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/config.yaml b/syft/pkg/cataloger/binary/test-fixtures/config.yaml
index f2a5638a2..a2c012f1b 100644
--- a/syft/pkg/cataloger/binary/test-fixtures/config.yaml
+++ b/syft/pkg/cataloger/binary/test-fixtures/config.yaml
@@ -846,3 +846,74 @@ from-images:
     paths:
       - /usr/local/lib/python3.11/site-packages/opencv_contrib_python.libs/libavcodec-9aae324f.so.59.37.100
 
+  - name: grafana
+    version: 12.3.1
+    images:
+      - ref: grafana/grafana:12.3.1@sha256:7c064e627d9cb50c3485c9ded5ca0222de89a08e41403322a0c3ca6f1777a8d1
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana
+
+  - name: grafana
+    version: 12.0.0
+    images:
+      - ref: grafana/grafana:12.0.0@sha256:884f0f140669a5b9dccee1baece011a3fa5dd1951f1ba158b03de8ad1d178380
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana
+
+  - name: grafana
+    version: 11.0.0
+    images:
+      - ref: grafana/grafana:11.0.0@sha256:a80bc3848cf5d4b2958ea25dbeb36fa9442ef4be8c73fe4bff11340307c32919
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana
+
+  - name: grafana
+    version: 10.4.19
+    images:
+      - ref: grafana/grafana:10.4.19@sha256:388cb75aa7ab40af6766f7a8db73c90abfbfb646bf8208e86f7198d2c9530793
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana
+
+  - name: grafana
+    version: 9.5.21
+    images:
+      - ref: grafana/grafana:9.5.21@sha256:439f57822d2daa899c0a04420488fd7c638c1d41d5db417563692ed0bbbfbb9c
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana
+
+  - name: grafana
+    version: 9.4.0
+    images:
+      - ref: grafana/grafana:9.4.0-beta1@sha256:d0060bcf84f0a0897e7c6c7e1b8740d89d10bf55b2dd45ba45942d36e40cdcc7
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana-server
+
+  - name: grafana
+    version: 9.0.0
+    images:
+      - ref: grafana/grafana:9.0.0@sha256:1fdfc1f6feb47c0007ab59abdc5310493649367d9de1be27cf0e18ff529ca463
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana-server
+
+  - name: grafana
+    version: 7.5.17
+    images:
+      - ref: grafana/grafana:7.5.17@sha256:6d4ab5ab5031f2725635522c28aa9917c6e614c49513a3f5c864900b868ea79a
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana-server
+
+  - name: grafana
+    version: 6.7.6
+    images:
+      - ref: grafana/grafana:6.7.6@sha256:7ee99c7f0835f1023b3a56c275da8bb37068ab9fcd5e33378c65435928d54dd0
+        platform: linux/amd64
+    paths:
+      - /usr/share/grafana/bin/grafana-server