add remaining binary cataloger patterns and snippets

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

.github/workflows/validations.yaml

@@ -57,7 +57,7 @@ jobs:
       - name: Restore binary cataloger test-fixture cache
         uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 #v3.3.2
         with:
-          path: syft/pkg/cataloger/binary/test-fixtures/classifiers/dynamic
+          path: syft/pkg/cataloger/binary/test-fixtures/classifiers/bin
           key: ${{ runner.os }}-unit-binary-cataloger-cache-${{ hashFiles( 'syft/pkg/cataloger/binary/test-fixtures/cache.fingerprint' ) }}
 
       - name: Restore Kernel test-fixture cache

syft/pkg/cataloger/binary/cataloger_test.go

@@ -4,7 +4,6 @@ import (
 	"errors"
 	"flag"
 	"fmt"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/testutil"
 	"io"
 	"strings"
 	"testing"
@@ -17,12 +16,13 @@ import (
 	"github.com/anchore/stereoscope/pkg/imagetest"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/testutil"
 	"github.com/anchore/syft/syft/source"
 )
 
 var mustUseOriginalBinaries = flag.Bool("must-use-original-binaries", false, "force the use of binaries for testing (instead of snippets)")
 
-func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
+func Test_Cataloger_PositiveCases(t *testing.T) {
 	tests := []struct {
 		name           string
 		logicalFixture string
@@ -61,18 +61,19 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("postgresql-binary"),
 			},
 		},
-		// TODO: missing original binary
-		//{
-		//	logicalFixture: "postgres/9.5alpha1/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "postgresql",
-		//		Version:   "9.5alpha1",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/postgresql@9.5alpha1",
-		//		Locations: locations("postgres"),
-		//		Metadata:  metadata("postgresql-binary"),
-		//	},
-		//},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "postgres/9.5alpha1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "postgresql",
+				Version:   "9.5alpha1",
+				Type:      "binary",
+				PURL:      "pkg:generic/postgresql@9.5alpha1",
+				Locations: locations("postgres"),
+				Metadata:  metadata("postgresql-binary"),
+			},
+		},
 		{
 			logicalFixture: "mysql/8.0.34/linux-amd64",
 			expected: pkg.Package{
@@ -106,29 +107,28 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("mariadb-binary"),
 			},
 		},
-		// TODO: need to add original binary
-		//{
-		//	logicalFixture: "traefik/2.9.6/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "traefik",
-		//		Version:   "2.9.6",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/traefik@2.9.6",
-		//		Locations: locations("traefik"),
-		//		Metadata:  metadata("traefik-binary"),
-		//	},
-		//},
-		//{
-		//	logicalFixture: "test-fixtures/classifiers/positive/traefik-1.7.34/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "traefik",
-		//		Version:   "1.7.34",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/traefik@1.7.34",
-		//		Locations: locations("traefik"),
-		//		Metadata:  metadata("traefik-binary"),
-		//	},
-		//},
+		{
+			logicalFixture: "traefik/1.7.34/linux-amd64",
+			expected: pkg.Package{
+				Name:      "traefik",
+				Version:   "1.7.34",
+				Type:      "binary",
+				PURL:      "pkg:generic/traefik@1.7.34",
+				Locations: locations("traefik"),
+				Metadata:  metadata("traefik-binary"),
+			},
+		},
+		{
+			logicalFixture: "traefik/2.9.6/linux-amd64",
+			expected: pkg.Package{
+				Name:      "traefik",
+				Version:   "2.9.6",
+				Type:      "binary",
+				PURL:      "pkg:generic/traefik@2.9.6",
+				Locations: locations("traefik"),
+				Metadata:  metadata("traefik-binary"),
+			},
+		},
 		{
 			logicalFixture: "memcached/1.6.18/linux-amd64",
 			expected: pkg.Package{
@@ -151,78 +151,84 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("httpd-binary"),
 			},
 		},
-
-		// TODO: missing original binaries
-		//{
-		//	logicalFixture: "test-fixtures/classifiers/positive/php-cli-8.2.1/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "php-cli",
-		//		Version:   "8.2.1",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/php-cli@8.2.1",
-		//		Locations: locations("php"),
-		//		Metadata:  metadata("php-cli-binary"),
-		//	},
-		//},
-		//{
-		//	logicalFixture: "test-fixtures/classifiers/positive/php-fpm-8.2.1/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "php-fpm",
-		//		Version:   "8.2.1",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/php-fpm@8.2.1",
-		//		Locations: locations("php-fpm"),
-		//		Metadata:  metadata("php-fpm-binary"),
-		//	},
-		//},
-		//{
-		//	logicalFixture: "test-fixtures/classifiers/positive/php-apache-8.2.1/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "libphp",
-		//		Version:   "8.2.1",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/php@8.2.1",
-		//		Locations: locations("libphp.so"),
-		//		Metadata:  metadata("php-apache-binary"),
-		//	},
-		//},
-
-		// TODO: original binary is different than test fixture
-		//{
-		//	logicalFixture: "perl/5.12.5/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "perl",
-		//		Version:   "5.12.5",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/perl@5.12.5",
-		//		Locations: locations("perl"),
-		//		Metadata:  metadata("perl-binary"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-perl-5.20.0",
-		//	logicalFixture: "test-fixtures/classifiers/positive/perl-5.20.0/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "perl",
-		//		Version:   "5.20.0",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/perl@5.20.0",
-		//		Locations: locations("perl"),
-		//		Metadata:  metadata("perl-binary"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-perl-5.37.8",
-		//	logicalFixture: "test-fixtures/classifiers/positive/perl-5.37.8/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "perl",
-		//		Version:   "5.37.8",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/perl@5.37.8",
-		//		Locations: locations("perl"),
-		//		Metadata:  metadata("perl-binary"),
-		//	},
-		//},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "php-cli/8.2.1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "php-cli",
+				Version:   "8.2.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/php-cli@8.2.1",
+				Locations: locations("php"),
+				Metadata:  metadata("php-cli-binary"),
+			},
+		},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "php-fpm/8.2.1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "php-fpm",
+				Version:   "8.2.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/php-fpm@8.2.1",
+				Locations: locations("php-fpm"),
+				Metadata:  metadata("php-fpm-binary"),
+			},
+		},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "php-apache/8.2.1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "libphp",
+				Version:   "8.2.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/php@8.2.1",
+				Locations: locations("libphp.so"),
+				Metadata:  metadata("php-apache-binary"),
+			},
+		},
+		{
+			// TODO: original binary is different than whats in config.yaml
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "perl/5.12.5/linux-amd64",
+			expected: pkg.Package{
+				Name:      "perl",
+				Version:   "5.12.5",
+				Type:      "binary",
+				PURL:      "pkg:generic/perl@5.12.5",
+				Locations: locations("perl"),
+				Metadata:  metadata("perl-binary"),
+			},
+		},
+		{
+			// TODO: original binary is different than whats in config.yaml
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "perl/5.20.0/linux-amd64",
+			expected: pkg.Package{
+				Name:      "perl",
+				Version:   "5.20.0",
+				Type:      "binary",
+				PURL:      "pkg:generic/perl@5.20.0",
+				Locations: locations("perl"),
+				Metadata:  metadata("perl-binary"),
+			},
+		},
+		{
+			// TODO: original binary is different than whats in config.yaml
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "perl/5.37.8/linux-amd64",
+			expected: pkg.Package{
+				Name:      "perl",
+				Version:   "5.37.8",
+				Type:      "binary",
+				PURL:      "pkg:generic/perl@5.37.8",
+				Locations: locations("perl"),
+				Metadata:  metadata("perl-binary"),
+			},
+		},
 		{
 			logicalFixture: "haproxy/1.5.14/linux-amd64",
 			expected: pkg.Package{
@@ -280,116 +286,112 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 			},
 		},
 
-		// TODO: missing original binaries
-		//{
-		//	logicalFixture: "test-fixtures/classifiers/positive/redis-server-2.8.23/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "redis",
-		//		Version:   "2.8.23",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/redis@2.8.23",
-		//		Locations: locations("redis-server"),
-		//		Metadata:  metadata("redis-binary"),
-		//	},
-		//},
-
-		//{
-		//	name:           "positive-redis-4.0.11",
-		//	logicalFixture: "test-fixtures/classifiers/positive/redis-server-4.0.11/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "redis",
-		//		Version:   "4.0.11",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/redis@4.0.11",
-		//		Locations: locations("redis-server"),
-		//		Metadata:  metadata("redis-binary"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-redis-5.0.0",
-		//	logicalFixture: "test-fixtures/classifiers/positive/redis-server-5.0.0/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "redis",
-		//		Version:   "5.0.0",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/redis@5.0.0",
-		//		Locations: locations("redis-server"),
-		//		Metadata:  metadata("redis-binary"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-redis-6.0.16",
-		//	logicalFixture: "test-fixtures/classifiers/positive/redis-server-6.0.16",
-		//	expected: pkg.Package{
-		//		Name:      "redis",
-		//		Version:   "6.0.16",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/redis@6.0.16",
-		//		Locations: locations("redis-server"),
-		//		Metadata:  metadata("redis-binary"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-redis-7.0.0",
-		//	logicalFixture: "test-fixtures/classifiers/positive/redis-server-7.0.0",
-		//	expected: pkg.Package{
-		//		Name:      "redis",
-		//		Version:   "7.0.0",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/redis@7.0.0",
-		//		Locations: locations("redis-server"),
-		//		Metadata:  metadata("redis-binary"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-redis-7.0.14",
-		//	logicalFixture: "test-fixtures/classifiers/positive/redis-server-7.0.14",
-		//	expected: pkg.Package{
-		//		Name:      "redis",
-		//		Version:   "7.0.14",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/redis@7.0.14",
-		//		Locations: locations("redis-server"),
-		//		Metadata:  metadata("redis-binary"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-redis-7.2.3-amd64",
-		//	logicalFixture: "test-fixtures/classifiers/positive/redis-server-7.2.3-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "redis",
-		//		Version:   "7.2.3",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/redis@7.2.3",
-		//		Locations: locations("redis-server"),
-		//		Metadata:  metadata("redis-binary"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-redis-7.2.3-arm64",
-		//	logicalFixture: "test-fixtures/classifiers/positive/redis-server-7.2.3-arm64",
-		//	expected: pkg.Package{
-		//		Name:      "redis",
-		//		Version:   "7.2.3",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/redis@7.2.3",
-		//		Locations: locations("redis-server"),
-		//		Metadata:  metadata("redis-binary"),
-		//	},
-		//},
-
-		// TODO: missing original binaries
-		//{
-		//	name:           "positive-libpython3.7.so",
-		//	logicalFixture: "test-fixtures/classifiers/positive/python-binary-lib-3.7",
-		//	expected: pkg.Package{
-		//		Name:      "python",
-		//		Version:   "3.7.4",
-		//		PURL:      "pkg:generic/python@3.7.4",
-		//		Locations: locations("libpython3.7.so"),
-		//		Metadata:  metadata("python-binary-lib"),
-		//	},
-		//},
+		{
+			// note: dynamic (non-snippet) test case
+			logicalFixture: "redis-server/2.8.23/linux-amd64",
+			expected: pkg.Package{
+				Name:      "redis",
+				Version:   "2.8.23",
+				Type:      "binary",
+				PURL:      "pkg:generic/redis@2.8.23",
+				Locations: locations("redis-server"),
+				Metadata:  metadata("redis-binary"),
+			},
+		},
+		{
+			// note: dynamic (non-snippet) test case
+			logicalFixture: "redis-server/4.0.11/linux-amd64",
+			expected: pkg.Package{
+				Name:      "redis",
+				Version:   "4.0.11",
+				Type:      "binary",
+				PURL:      "pkg:generic/redis@4.0.11",
+				Locations: locations("redis-server"),
+				Metadata:  metadata("redis-binary"),
+			},
+		},
+		{
+			// note: dynamic (non-snippet) test case
+			logicalFixture: "redis-server/5.0.0/linux-amd64",
+			expected: pkg.Package{
+				Name:      "redis",
+				Version:   "5.0.0",
+				Type:      "binary",
+				PURL:      "pkg:generic/redis@5.0.0",
+				Locations: locations("redis-server"),
+				Metadata:  metadata("redis-binary"),
+			},
+		},
+		{
+			// note: dynamic (non-snippet) test case
+			logicalFixture: "redis-server/6.0.16/linux-amd64",
+			expected: pkg.Package{
+				Name:      "redis",
+				Version:   "6.0.16",
+				Type:      "binary",
+				PURL:      "pkg:generic/redis@6.0.16",
+				Locations: locations("redis-server"),
+				Metadata:  metadata("redis-binary"),
+			},
+		},
+		{
+			// note: dynamic (non-snippet) test case
+			logicalFixture: "redis-server/7.0.0/linux-amd64",
+			expected: pkg.Package{
+				Name:      "redis",
+				Version:   "7.0.0",
+				Type:      "binary",
+				PURL:      "pkg:generic/redis@7.0.0",
+				Locations: locations("redis-server"),
+				Metadata:  metadata("redis-binary"),
+			},
+		},
+		{
+			// note: dynamic (non-snippet) test case
+			logicalFixture: "redis-server/7.0.14/linux-amd64",
+			expected: pkg.Package{
+				Name:      "redis",
+				Version:   "7.0.14",
+				Type:      "binary",
+				PURL:      "pkg:generic/redis@7.0.14",
+				Locations: locations("redis-server"),
+				Metadata:  metadata("redis-binary"),
+			},
+		},
+		{
+			// note: dynamic (non-snippet) test case
+			logicalFixture: "redis-server/7.2.3/linux-amd64",
+			expected: pkg.Package{
+				Name:      "redis",
+				Version:   "7.2.3",
+				Type:      "binary",
+				PURL:      "pkg:generic/redis@7.2.3",
+				Locations: locations("redis-server"),
+				Metadata:  metadata("redis-binary"),
+			},
+		},
+		{
+			// note: dynamic (non-snippet) test case
+			logicalFixture: "redis-server/7.2.3/linux-arm64",
+			expected: pkg.Package{
+				Name:      "redis",
+				Version:   "7.2.3",
+				Type:      "binary",
+				PURL:      "pkg:generic/redis@7.2.3",
+				Locations: locations("redis-server"),
+				Metadata:  metadata("redis-binary"),
+			},
+		},
+		{
+			logicalFixture: "python-shared-lib/3.7.4/linux-amd64",
+			expected: pkg.Package{
+				Name:      "python",
+				Version:   "3.7.4",
+				PURL:      "pkg:generic/python@3.7.4",
+				Locations: locations("libpython3.7m.so.1.0"),
+				Metadata:  metadata("python-binary-lib"),
+			},
+		},
 
 		{
 			// note: dynamic (non-snippet) test case
@@ -457,51 +459,49 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				},
 			},
 		},
-		// TODO: missing original binary
-		//{
-		//	name:           "positive-python-3.5-with-incorrect-match",
-		//	logicalFixture: "test-fixtures/classifiers/positive/python-3.5-with-incorrect-match",
-		//	expected: pkg.Package{
-		//		Name:      "python",
-		//		Version:   "3.5.3",
-		//		PURL:      "pkg:generic/python@3.5.3",
-		//		Locations: locations("python3.5"),
-		//		Metadata:  metadata("python-binary"),
-		//	},
-		//},
-
-		// TODO: can't seem to get this lined up with the new binary pulled down... the original snippet also has content I can't account for
-		//{
-		//	logicalFixture: "python/3.6/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "python",
-		//		Version:   "3.6.3",
-		//		PURL:      "pkg:generic/python@3.6.3",
-		//		Locations: locations("python3.6"),
-		//		Metadata:  metadata("python-binary"),
-		//	},
-		//},
-
-		// TODO: missing original binary
-		//{
-		//	name:           "positive-python-duplicates",
-		//	logicalFixture: "test-fixtures/classifiers/positive/python-duplicates",
-		//	expected: pkg.Package{
-		//		Name:      "python",
-		//		Version:   "3.8.16",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/python@3.8.16",
-		//		Locations: locations("dir/python3.8", "python3.8", "libpython3.8.so"),
-		//		Metadata: pkg.BinarySignature{
-		//			Matches: []pkg.ClassifierMatch{
-		//				match("python-binary", "dir/python3.8"),
-		//				match("python-binary", "python3.8"),
-		//				match("python-binary-lib", "libpython3.8.so"),
-		//			},
-		//		},
-		//	},
-		//},
-
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "python-with-incorrect-match/3.5.3/linux-amd64",
+			expected: pkg.Package{
+				Name:      "python",
+				Version:   "3.5.3",
+				PURL:      "pkg:generic/python@3.5.3",
+				Locations: locations("python3.5"),
+				Metadata:  metadata("python-binary"),
+			},
+		},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "python/3.6.3/linux-amd64",
+			expected: pkg.Package{
+				Name:      "python",
+				Version:   "3.6.3",
+				PURL:      "pkg:generic/python@3.6.3",
+				Locations: locations("python3.6"),
+				Metadata:  metadata("python-binary"),
+			},
+		},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "python-duplicates/3.8.16/linux-amd64",
+			expected: pkg.Package{
+				Name:      "python",
+				Version:   "3.8.16",
+				Type:      "binary",
+				PURL:      "pkg:generic/python@3.8.16",
+				Locations: locations("dir/python3.8", "python3.8", "libpython3.8.so"),
+				Metadata: pkg.BinarySignature{
+					Matches: []pkg.ClassifierMatch{
+						match("python-binary", "dir/python3.8"),
+						match("python-binary", "python3.8"),
+						match("python-binary-lib", "libpython3.8.so"),
+					},
+				},
+			},
+		},
 		{
 			logicalFixture: "go/1.21.3/linux-amd64",
 			expected: pkg.Package{
@@ -522,18 +522,18 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("nodejs-binary"),
 			},
 		},
-		// TODO: captured outside of the original binary
-		//{
-		//	name:           "positive-go-hint",
-		//	logicalFixture: "test-fixtures/classifiers/positive/go-hint-1.15",
-		//	expected: pkg.Package{
-		//		Name:      "go",
-		//		Version:   "1.15",
-		//		PURL:      "pkg:generic/go@1.15",
-		//		Locations: locations("VERSION"),
-		//		Metadata:  metadata("go-binary-hint"),
-		//	},
-		//},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "go-version-hint/1.15/any",
+			expected: pkg.Package{
+				Name:      "go",
+				Version:   "1.15",
+				PURL:      "pkg:generic/go@1.15",
+				Locations: locations("VERSION"),
+				Metadata:  metadata("go-binary-hint"),
+			},
+		},
 		{
 			// note: this is testing BUSYBOX which is typically through a link to "[" (in this case a symlink but in
 			// practice this is often a hard link).
@@ -545,56 +545,55 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("busybox-binary", "[", "busybox"),
 			},
 		},
-		// TODO: need to get the original binaries
-		//{
-		//	logicalFixture: "openjdk/1.8.0",
-		//	expected: pkg.Package{
-		//		Name:      "java",
-		//		Version:   "1.8.0_352-b08",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/java@1.8.0_352-b08",
-		//		Locations: locations("java"),
-		//		Metadata:  metadata("java-binary-openjdk", "java"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-java-openjdk-lts",
-		//	logicalFixture: "test-fixtures/classifiers/positive/openjdk-lts-11.0.17",
-		//	expected: pkg.Package{
-		//		Name:      "java",
-		//		Version:   "11.0.17+8-LTS",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/java@11.0.17+8-LTS",
-		//		Locations: locations("java"),
-		//		Metadata:  metadata("java-binary-openjdk", "java"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-java-oracle",
-		//	logicalFixture: "test-fixtures/classifiers/positive/oracle-java-19.0.1",
-		//	expected: pkg.Package{
-		//		Name:      "java",
-		//		Version:   "19.0.1+10-21",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/java@19.0.1+10-21",
-		//		Locations: locations("java"),
-		//		Metadata:  metadata("java-binary-oracle", "java"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-java-oracle-macos",
-		//	logicalFixture: "test-fixtures/classifiers/positive/oracle-macos-java-19.0.1",
-		//	expected: pkg.Package{
-		//		Name:      "java",
-		//		Version:   "19.0.1+10-21",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/java@19.0.1+10-21",
-		//		Locations: locations("java"),
-		//		Metadata:  metadata("java-binary-oracle", "java"),
-		//	},
-		//},
 		{
-			name:           "positive-java-ibm",
+			logicalFixture: "java-jre-openjdk/1.8.0_352-b08/linux-amd64",
+			expected: pkg.Package{
+				Name:      "java",
+				Version:   "1.8.0_352-b08",
+				Type:      "binary",
+				PURL:      "pkg:generic/java@1.8.0_352-b08",
+				Locations: locations("java"),
+				Metadata:  metadata("java-binary-openjdk", "java"),
+			},
+		},
+		{
+			logicalFixture: "java-jre-openjdk/11.0.17/linux-amd64",
+			expected: pkg.Package{
+				Name:      "java",
+				Version:   "11.0.17+8-LTS",
+				Type:      "binary",
+				PURL:      "pkg:generic/java@11.0.17+8-LTS",
+				Locations: locations("java"),
+				Metadata:  metadata("java-binary-openjdk", "java"),
+			},
+		},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "java-jre-oracle/19.0.1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "java",
+				Version:   "19.0.1+10-21",
+				Type:      "binary",
+				PURL:      "pkg:generic/java@19.0.1+10-21",
+				Locations: locations("java"),
+				Metadata:  metadata("java-binary-oracle", "java"),
+			},
+		},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "java-jre-oracle/19.0.1/darwin",
+			expected: pkg.Package{
+				Name:      "java",
+				Version:   "19.0.1+10-21",
+				Type:      "binary",
+				PURL:      "pkg:generic/java@19.0.1+10-21",
+				Locations: locations("java"),
+				Metadata:  metadata("java-binary-oracle", "java"),
+			},
+		},
+		{
 			logicalFixture: "java-jre-ibm/1.8.0_391/linux-amd64",
 			expected: pkg.Package{
 				Name:      "java",
@@ -605,43 +604,65 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				Metadata:  metadata("java-binary-ibm", "java"),
 			},
 		},
-		// TODO: need to get the original binaries
-		//{
-		//	name:           "positive-rust-1.50.0-macos",
-		//	logicalFixture: "test-fixtures/classifiers/positive/rust-1.50.0",
-		//	expected: pkg.Package{
-		//		Name:      "rust",
-		//		Version:   "1.50.0",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/rust@1.50.0",
-		//		Locations: locations("lib/rustlib/aarch64-apple-darwin/lib/libstd-f6f9eec1635e636a.dylib"),
-		//		Metadata:  metadata("rust-standard-library-macos"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-rust-1.67.1-macos",
-		//	logicalFixture: "test-fixtures/classifiers/positive/rust-1.67.1/toolchains/stable-aarch64-apple-darwin",
-		//	expected: pkg.Package{
-		//		Name:      "rust",
-		//		Version:   "1.67.1",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/rust@1.67.1",
-		//		Locations: locations("lib/libstd-16f2b65e77054c42.dylib"),
-		//		Metadata:  metadata("rust-standard-library-macos"),
-		//	},
-		//},
-		//{
-		//	name:           "positive-rust-1.67.1-linux",
-		//	logicalFixture: "test-fixtures/classifiers/positive/rust-1.67.1/toolchains/stable-x86_64-unknown-linux-musl",
-		//	expected: pkg.Package{
-		//		Name:      "rust",
-		//		Version:   "1.67.1",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/rust@1.67.1",
-		//		Locations: locations("lib/libstd-86aefecbddda356d.so"),
-		//		Metadata:  metadata("rust-standard-library-linux"),
-		//	},
-		//},
+		{
+			logicalFixture: "rust-libstd/1.50.0/linux-amd64",
+			expected: pkg.Package{
+				Name:      "rust",
+				Version:   "1.50.0",
+				Type:      "binary",
+				PURL:      "pkg:generic/rust@1.50.0",
+				Locations: locations("libstd-6f77337c1826707d.so"),
+				Metadata:  metadata("rust-standard-library-linux"),
+			},
+		},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "rust-libstd/1.50.0/darwin",
+			expected: pkg.Package{
+				Name:      "rust",
+				Version:   "1.50.0",
+				Type:      "binary",
+				PURL:      "pkg:generic/rust@1.50.0",
+				Locations: locations("libstd-f6f9eec1635e636a.dylib"),
+				Metadata:  metadata("rust-standard-library-macos"),
+			},
+		},
+		{
+			// TODO: find original binary...
+			// note: cannot find the original binary, using a custom snippet based on the original snippet in the repo
+			logicalFixture: "rust-libstd/1.67.1/darwin",
+			expected: pkg.Package{
+				Name:      "rust",
+				Version:   "1.67.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/rust@1.67.1",
+				Locations: locations("libstd-16f2b65e77054c42.dylib"),
+				Metadata:  metadata("rust-standard-library-macos"),
+			},
+		},
+		{
+			logicalFixture: "rust-libstd-musl/1.67.1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "rust",
+				Version:   "1.67.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/rust@1.67.1",
+				Locations: locations("libstd-86aefecbddda356d.so"),
+				Metadata:  metadata("rust-standard-library-linux"),
+			},
+		},
+		{
+			logicalFixture: "rust-libstd/1.67.1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "rust",
+				Version:   "1.67.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/rust@1.67.1",
+				Locations: locations("libstd-c6192dd4c4d410ac.so"),
+				Metadata:  metadata("rust-standard-library-linux"),
+			},
+		},
 		{
 			// note: dynamic (non-snippet) test case
 
@@ -695,18 +716,17 @@ func Test_Cataloger_DefaultClassifiers_PositiveCases(t *testing.T) {
 				},
 			},
 		},
-		//{
-		//	name:           "positive-ruby-1.9.3p551",
-		//	logicalFixture: "test-fixtures/classifiers/positive/ruby-1.9.3p551/linux-amd64",
-		//	expected: pkg.Package{
-		//		Name:      "ruby",
-		//		Version:   "1.9.3p551",
-		//		Type:      "binary",
-		//		PURL:      "pkg:generic/ruby@1.9.3p551",
-		//		Locations: locations("ruby"),
-		//		Metadata:  metadata("ruby-binary"),
-		//	},
-		//},
+		{
+			logicalFixture: "ruby/1.9.3p551/linux-amd64",
+			expected: pkg.Package{
+				Name:      "ruby",
+				Version:   "1.9.3p551",
+				Type:      "binary",
+				PURL:      "pkg:generic/ruby@1.9.3p551",
+				Locations: locations("ruby"),
+				Metadata:  metadata("ruby-binary"),
+			},
+		},
 		{
 			logicalFixture: "consul/1.15.2/linux-amd64",
 			expected: pkg.Package{

syft/pkg/cataloger/binary/test-fixtures/.gitignore

@@ -1,2 +1,3 @@
 classifiers/dynamic
-classifiers/bin
+classifiers/bin
+cache.fingerprint

syft/pkg/cataloger/binary/test-fixtures/Makefile

@@ -1,4 +1,4 @@
-.PHONY: default list download download-all fingerprint
+.PHONY: default list download download-all cache.fingerprint
 
 .DEFAULT_GOAL := default
 
@@ -13,9 +13,11 @@ download: ## download only binaries that are not covered by a snippet
 download-all: ## download all managed binaries
 	go run ./manager download
 
-fingerprint: ## prints the sha256sum of the any input to the download command (to determine if there is a cache miss)
-	@cat ./config.yaml | sha256sum | awk '{print $$1}'
+cache.fingerprint: ## prints the sha256sum of the any input to the download command (to determine if there is a cache miss)
+	@cat ./config.yaml | sha256sum | awk '{print $$1}' | tee cache.fingerprint
 
+clean: ## clean up all downloaded binaries
+	rm -rf ./classifiers/bin
 
 ## Halp! #################################
 

syft/pkg/cataloger/binary/test-fixtures/capture-snippet.sh

@@ -2,7 +2,7 @@
 
 # Default values for length and prefix length
 LENGTH=100
-PREFIX_LENGTH=10
+PREFIX_LENGTH=20
 SEARCH_FOR=''
 GROUP_NAME=''
 

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/.gitignore

@@ -1,2 +0,0 @@
-!*.so
-!VERSION

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/busybox-3.33.3/[

@@ -1,3 +0,0 @@
-# note: this SHOULD match as busybox 3.33.3
-
-noise!BusyBox v3.33.3!noise

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/busybox-3.33.3/busybox

@@ -1 +0,0 @@
-./[

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/go-hint-1.15/VERSION

@@ -1 +0,0 @@
-go1.15-beta2

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mariadb-10.6.15/README.md

@@ -1,31 +0,0 @@
-The binary snippet was gathered with:
-
-```bash
-$ cat ./original-mariadb | strings | grep '-MariaDB'
-# assert you can see the value
-
-
-$ xxd ./original-mariadb | grep '\-MariaDB'
-# get the address...
-
-
-$ xxd -s 0x003dd5c0 -l 40 ./original-mariadb
-
-003dd5c0: 2900 4c69 6e75 7800 3130 2e36 2e31 352d  ).Linux.10.6.15-
-003dd5d0: 4d61 7269 6144 4200 7265 6164 6c69 6e65  MariaDB.readline
-003dd5e0: 0078 3836 5f36 3400                      .x86_64.
-
-
-$ dd if=./original-mariadb of=mariadb bs=1 skip=$((0x003dd5c0)) count=40
-
-40+0 records in
-40+0 records out
-40 bytes transferred in 0.000264 secs (151515 bytes/sec)
-
-
-$ xxd mariadb
-
-00000000: 2900 4c69 6e75 7800 3130 2e36 2e31 352d  ).Linux.10.6.15-
-00000010: 4d61 7269 6144 4200 7265 6164 6c69 6e65  MariaDB.readline
-00000020: 0078 3836 5f36 3400                      .x86_64.
-```

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/memcached-1.6.18/memcached-1.6.18-176467412e0722ae1b2c1159555d33574653ebfa87e8591d88c1e6e416ab3019-19-100/memcached

@@ -1,18 +0,0 @@
-### generated by script get-fixture-snippet.sh at Tue Dec 19 11:36:59 EST 2023 ###
-# filename:       memcached
-# sha256:         176467412e0722ae1b2c1159555d33574653ebfa87e8591d88c1e6e416ab3019
-# file info:      ASCII text, with CRLF, LF line terminators
-# base64(search): MS42LjE4
-# start offset:   19
-# length:         100
-### start of binary snippet ###
-
-listen
-memcached 1.6.18
-udp-port
-memcached 1.6.18
-Failed to allocate memory
-%s,%s
---
-bget
-f

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-5.6.51/README.md

@@ -1,39 +0,0 @@
-The binary snippet was gathered with:
-
-```bash
-$ cat ./original-mysql | strings | grep '5.6.51'
-# assert you can see the value
-
-
-$ xxd ./original-mysql | grep '5.6.51'
-# get the address...
-
-
-$ xxd -s 0x008f13d0 -l 100 original-mysql
-
-008f13d0: 2d62 6163 6b75 702d 7265 7374 6f72 6572  -backup-restorer
-008f13e0: 2d6d 7973 716c 2d35 2e36 2f6d 7973 716c  -mysql-5.6/mysql
-008f13f0: 2d35 2e36 2e35 312f 636c 6965 6e74 2f63  -5.6.51/client/c
-008f1400: 6f6d 706c 6574 696f 6e5f 6861 7368 2e63  ompletion_hash.c
-008f1410: 6300 2f76 6172 2f76 6361 702f 6461 7461  c./var/vcap/data
-008f1420: 2f63 6f6d 7069 6c65 2f64 6174 6162 6173  /compile/databas
-008f1430: 652d 6261                                e-ba
-
-
-$ dd if=./original-mysql of=mysql bs=1 skip=$((0x008f13d0)) count=100
-
-100+0 records in
-100+0 records out
-100 bytes transferred in 0.000642 secs (155763 bytes/sec)
-
-
-$ xxd mysql
-                   
-00000000: 2d62 6163 6b75 702d 7265 7374 6f72 6572  -backup-restorer
-00000010: 2d6d 7973 716c 2d35 2e36 2f6d 7973 716c  -mysql-5.6/mysql
-00000020: 2d35 2e36 2e35 312f 636c 6965 6e74 2f63  -5.6.51/client/c
-00000030: 6f6d 706c 6574 696f 6e5f 6861 7368 2e63  ompletion_hash.c
-00000040: 6300 2f76 6172 2f76 6361 702f 6461 7461  c./var/vcap/data
-00000050: 2f63 6f6d 7069 6c65 2f64 6174 6162 6173  /compile/databas
-00000060: 652d 6261                                e-ba
-```

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/mysql-8.0.34/README.md

@@ -1,40 +0,0 @@
-The binary snippet was gathered with:
-
-```bash
-$ cat ./original-mysql | strings | grep '8.0.34'
-# assert you can see the value
-
-
-$ xxd ./original-mysql | grep '8.0.34'
-# get the address...
-
-
-$ xxd -s 0x0014cd20 -l 100 original-mysql
-
-0014cd20: 2069 7320 616c 7265 6164 7920 6c6f 6164   is already load
-0014cd30: 6564 0000 0000 0000 2e2e 2f2e 2e2f 6d79  ed......../../my
-0014cd40: 7371 6c2d 382e 302e 3334 2f73 716c 2d63  sql-8.0.34/sql-c
-0014cd50: 6f6d 6d6f 6e2f 636c 6965 6e74 5f70 6c75  ommon/client_plu
-0014cd60: 6769 6e2e 6363 002f 7573 722f 6c6f 6361  gin.cc./usr/loca
-0014cd70: 6c2f 6d79 7371 6c2f 6c69 622f 706c 7567  l/mysql/lib/plug
-0014cd80: 696e 0049                                in.I
-
-
-
-$ dd if=./original-mysql of=mysql bs=1 skip=$((0x0014cd20)) count=100
-
-100+0 records in
-100+0 records out
-100 bytes transferred in 0.000519 secs (192678 bytes/sec)
-
-
-$  xxd mysql            
-                  
-00000000: 2069 7320 616c 7265 6164 7920 6c6f 6164   is already load
-00000010: 6564 0000 0000 0000 2e2e 2f2e 2e2f 6d79  ed......../../my
-00000020: 7371 6c2d 382e 302e 3334 2f73 716c 2d63  sql-8.0.34/sql-c
-00000030: 6f6d 6d6f 6e2f 636c 6965 6e74 5f70 6c75  ommon/client_plu
-00000040: 6769 6e2e 6363 002f 7573 722f 6c6f 6361  gin.cc./usr/loca
-00000050: 6c2f 6d79 7371 6c2f 6c69 622f 706c 7567  l/mysql/lib/plug
-00000060: 696e 0049                                in.I
-```

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/node-19.2.1/node

@@ -1,2 +0,0 @@
-# this should match node 19.2.1
-node.js/v19.2.1

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/php-apache-8.2.1/libphp.so

@@ -1,5 +0,0 @@
-[null]  Script:  '%s'
-%s,%s
-X-Powered-By: PHP/8.2.1
-index pointer
-PHP_VERSION

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/php-cli-8.2.1/php

@@ -1,5 +0,0 @@
-[null]  Script:  '%s'
-%s,%s
-X-Powered-By: PHP/8.2.1
-index pointer
-PHP_VERSION

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/php-fpm-8.2.1/php-fpm

@@ -1,5 +0,0 @@
-[null]  Script:  '%s'
-%s,%s
-X-Powered-By: PHP/8.2.1
-index pointer
-PHP_VERSION

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/postgresql-9.5alpha1/postgres

@@ -1,5 +0,0 @@
-byteaout
-byteain
-?PostgreSQL 9.5alpha1 on x86_64-unknown-linux-gnu, compiled by gcc (Debian 4.9.2-10) 4.9.2, 64-bit
-/tmp/buildd/postgresql-9.5-9.5~alpha1/build/../src/backend/utils/adt/windowfuncs.c
-argument of ntile must be greater than zero

syft/pkg/cataloger/binary/test-fixtures/classifiers/positive/ruby-1.9.3p551/ruby

@@ -1,9 +0,0 @@
-super from singleton method that is defined to multiple classes is not supported; this will be fixed in 1.9.3 or later
-/usr/local/lib/ruby/site_ruby/1.9.1
-/usr/local/lib/ruby/site_ruby/1.9.1/x86_64-linux
-/usr/local/lib/ruby/vendor_ruby/1.9.1
-/usr/local/lib/ruby/vendor_ruby/1.9.1/x86_64-linux
-/usr/local/lib/ruby/1.9.1
-/usr/local/lib/ruby/1.9.1/x86_64-linux
-ruby 1.9.3p551 (2014-11-13 revision 48407) [x86_64-linux]
-1.9.3

syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/php-cli/8.2.1/linux-amd64/php

@@ -0,0 +1,12 @@
+name: php
+offset: unknown
+length: unknown
+snippetSha256: d39ac8dadf5ba868455c487f1d0bb4c8bec64006fd7e5d76e3e27a26e47e637f
+fileSha256: unknown
+
+### byte snippet to follow ###
+%s'
+%s,%s
+X-Powered-By: PHP/8.2.1
+index pointer
+PHP_VERSION

syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/php-fpm/8.2.1/linux-amd64/php-fpm

@@ -0,0 +1,12 @@
+name: php-fpm
+offset: unknown
+length: unknown
+snippetSha256: d39ac8dadf5ba868455c487f1d0bb4c8bec64006fd7e5d76e3e27a26e47e637f
+fileSha256: unknown
+
+### byte snippet to follow ###
+%s'
+%s,%s
+X-Powered-By: PHP/8.2.1
+index pointer
+PHP_VERSION

syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/postgres/9.5alpha1/linux-amd64/postgres

@@ -0,0 +1,10 @@
+name: postgres
+offset: unknown
+length: unknown
+snippetSha256: 8f8323161ded8fd737ba7157b36b794c55354e8a9b8b6c5aa07dab9c3468886c
+fileSha256: unknown
+
+### byte snippet to follow ###
+t
+byteain
+?PostgreSQL 9.5alpha1 on x86_64-unknown-linux-gnu, compiled by gcc (Debian 4.9.2-10) 4.9.2

syft/pkg/cataloger/binary/test-fixtures/config.yaml

@@ -151,86 +151,47 @@ from-images:
     paths:
       - /usr/local/bin/node
 
-
-  # todo (from existing snippets)...
-
-#
-#  - name: openjdk
-#    version: 1.8.0
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - name: openjdk
-#    version: 11.0.17
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - name: oracle-java
-#    version: 19.0.1
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - name: oracle-java  #macos
-#    version: 19.0.1
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-
-  - version: 5.12.5
+  - name: java-jre-openjdk
+    version: 1.8.0_352-b08
     images:
-      - ref: perl:5.12.5@sha256:68169b63f0dc2fd481563ef02d4173979d981e43e5d36bb39af56a5959961c5e
+      # note: "openjdk" dockerhub repo is deprecated
+      - ref: amazoncorretto:8u352@sha256:392eb90b5f1455578f513e127c599aa4410af0c05b12b81dc7856ee316ecd5d9
         platform: linux/amd64
     paths:
-      - /usr/bin/perl
+      - /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java
 
-  - version: 5.20.0
+  - name: java-jre-openjdk
+    version: 11.0.17
     images:
-      - ref: perl:5.20.0@sha256:f1b8d36e0be0fd426c40e478fc84ea7603d712158001d72d1b3f929f4e1543f3
+      # note: "openjdk" dockerhub repo is deprecated
+      - ref: amazoncorretto:11.0.17@sha256:792e94e61407ef28d981a0b9a9aeb309690375a61a61f17808499ff16864d0a3
         platform: linux/amd64
     paths:
-      - /usr/bin/perl
+      - /usr/lib/jvm/java-11-amazon-corretto/bin/java
 
-  - version: 5.37.8
-    images:
-      - ref: perl:5.37.8@sha256:6a432250d7bf0b736c58772a6a50e2bf9d1485cd70ac3af10eff6cfccde3957b
-        platform: linux/amd64
-    paths:
-      - /usr/bin/perl
-
-#  - name: php-apache
-#    version: 8.2.1
+# TODO: this is not the original binary used in the test fixture
+#  - version: 5.12.5
 #    images:
-#      - ref:
+#      - ref: perl:5.12.5@sha256:68169b63f0dc2fd481563ef02d4173979d981e43e5d36bb39af56a5959961c5e
 #        platform: linux/amd64
 #    paths:
-#      -
+#      - /usr/bin/perl
 #
-#  - name: php-cli
-#    version: 8.2.1
+  # TODO: this is not the original binary used in the test fixture
+#  - version: 5.20.0
 #    images:
-#      - ref:
+#      - ref: perl:5.20.0@sha256:f1b8d36e0be0fd426c40e478fc84ea7603d712158001d72d1b3f929f4e1543f3
 #        platform: linux/amd64
 #    paths:
-#      -
+#      - /usr/bin/perl
 #
-#  - name: php-fpm
-#    version: 8.2.1
+  # TODO: this is not the original binary used in the test fixture
+#  - version: 5.37.8
 #    images:
-#      - ref:
+#      - ref: perl:5.37.8@sha256:6a432250d7bf0b736c58772a6a50e2bf9d1485cd70ac3af10eff6cfccde3957b
 #        platform: linux/amd64
 #    paths:
-#      -
+#      - /usr/bin/perl
 
   - version: 15.1
     images:
@@ -246,13 +207,6 @@ from-images:
     paths:
       - /usr/lib/postgresql/15/bin/postgres
 
-#  - version: 9.5alpha1   # postgresql
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-
   - version: 9.6.24
     images:
       - ref: postgres:9.6.24@sha256:15055f7b681334cbf0212b58e510148b1b23973639e3904260fb41fa0761a103
@@ -260,128 +214,110 @@ from-images:
     paths:
       - /usr/lib/postgresql/9.6/bin/postgres
 
-#  - name: python-with-incorrect-match
-#    version: 3.5
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-
-  - name: python
-    version: 3.6
+  - name: python-shared-lib
+    version: 3.7.4
     images:
-      - ref: python:3.6.3@sha256:cdef88d8625cf50ca705b7abfe99e8eb33b889652a9389b017eb46a6d2f1aaf3
+      - ref: python:3.7.4@sha256:5be0532f833568d838b7b2d8726b66d0b8abe26f50a15b566aea4611d5951eac
         platform: linux/amd64
     paths:
-      - /usr/local/bin/python3.6
+      - /usr/local/lib/libpython3.7m.so.1.0
 
-#  - name: python-lib
-#    version: 3.7
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: python-duplicates
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 2.8.23  # redis-server
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 4.0.11  # redis-server
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 5.0.0  # redis-server
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 6.0.16  # redis-server
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 7.0.0  # redis-server
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 7.0.14  # redis-server
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 7.2.3-amd64  # redis-server
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 7.2.3-arm64  # redis-server
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 1.9.3p551 # ruby
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 1.50.0 # ruby
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 1.67.1 # ruby
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 1.7.34  # traefik
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
-#
-#  - version: 2.9.6  # traefik
-#    images:
-#      - ref:
-#        platform: linux/amd64
-#    paths:
-#      -
+  - version: 2.8.23
+    images:
+      - ref: redis:2.8.23@sha256:e507029ca6a11b85f8628ff16d7ff73ae54582f16fd757e64431f5ca6d27a13c
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/redis-server
 
+  - version: 4.0.11
+    images:
+      - ref: redis:4.0.11@sha256:ee891094f0bb1a76d11cdca6e33c4fdce5cba1f13234c5896d341f6d741034b1
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/redis-server
+
+  - version: 5.0.0
+    images:
+      - ref: redis:5.0.0@sha256:481678b4b5ea1cb4e8d38ed6677b2da9b9e057cf7e1b6c988ba96651c6f6eff3
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/redis-server
+
+  - version: 6.0.16
+    images:
+      - ref: redis:6.0.16@sha256:4a32539b1cc25f98d8667d9854840d7bdd27596268ca1ec1e10b5391534c004b
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/redis-server
+
+  - version: 7.0.0
+    images:
+      - ref: redis:7.0.0@sha256:803ec2b3b74c0f95758bf680d7caa370fa8d3b6058b4d57d6485d06d8027a588
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/redis-server
+
+  - version: 7.0.14
+    images:
+      - ref: redis:7.0.14@sha256:f5b0eadaa031b40ca70ab2c6517995da56f763c3929264d7f69b72a94a1b48c1
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/redis-server
+
+  - version: 7.2.3
+    images:
+      - ref: redis:7.2.3@sha256:d4c84914b872521e215f77d8845914c2268a96b0e35bacd5691e1f5e1f88b500
+        platform: linux/amd64
+      - ref: redis:7.2.3@sha256:a0a0c38b31011b813cddf78d997f8ccba13019c27efd386984b0cfc1e4b618ff
+        platform: linux/arm64
+    paths:
+      - /usr/local/bin/redis-server
+
+  - version: 1.9.3p551
+    images:
+      - ref: ruby:1.9.3-p551@sha256:56b4a74e4fc2492b3b857bc94454dfa910f61e823a4bfab275d279bfa218eb05
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/ruby
+
+  - name: rust-libstd
+    version: 1.50.0
+    images:
+      - ref: rust:1.50.0@sha256:a37b2a5ba365b9ad5a1b12ff924adb0c0cc27d994e076bbc488a91befb69bf0b
+        platform: linux/amd64
+    paths:
+      - /usr/local/rustup/toolchains/1.50.0-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-unknown-linux-gnu/lib/libstd-6f77337c1826707d.so
+
+  - name: rust-libstd
+    version: 1.67.1
+    images:
+      - ref: rust:1.67.1@sha256:80b9716cb59872769d49f5185a346e5f859081b02338e4aaaa04a8cc7fb884ae
+        platform: linux/amd64
+    paths:
+      - /usr/local/rustup/toolchains/1.67.1-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-unknown-linux-gnu/lib/libstd-c6192dd4c4d410ac.so
+
+  - name: rust-libstd-musl
+    version: 1.67.1
+    images:
+      - ref: rust:1.67.1-alpine@sha256:555332e59c7513233b0f9b52e4fad2924e36128edcb0f80aa97fb34efee3da0e
+        platform: linux/amd64
+    paths:
+      - /usr/local/rustup/toolchains/1.67.1-x86_64-unknown-linux-musl/lib/rustlib/x86_64-unknown-linux-musl/lib/libstd-86aefecbddda356d.so
+
+
+  - version: 1.7.34
+    images:
+      - ref: traefik:1.7.34@sha256:d7bacaf9ca8d59b0e7c304920629d98bb98a545127ca4b10e16c8b252b9351b9
+        platform: linux/amd64
+    paths:
+      - /traefik
+
+  - version: 2.9.6
+    images:
+      - ref: traefik:v2.9.6@sha256:9e76f2ec1bc470ae73a7306acce18e6ca1dbb582e7366b31cbf439f631cda12c
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/traefik
 
 
   # from the original dynamic fixtures...

syft/pkg/cataloger/binary/test-fixtures/manager/internal/cli/cli.go

@@ -1,9 +1,10 @@
 package cli
 
 import (
+	"github.com/spf13/cobra"
+
 	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/cli/commands"
 	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
-	"github.com/spf13/cobra"
 )
 
 // list all managed binaries (in ./bin, organized by 'name-version/platform/binary')

syft/pkg/cataloger/binary/test-fixtures/manager/internal/cli/commands/add_snippet.go

@@ -2,14 +2,16 @@ package commands
 
 import (
 	"fmt"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/ui"
-	"github.com/anmitsu/go-shlex"
-	"github.com/spf13/cobra"
 	"os"
 	"os/exec"
 	"strings"
+
+	"github.com/anmitsu/go-shlex"
+	"github.com/spf13/cobra"
+
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/ui"
 )
 
 func AddSnippet(appConfig config.Application) *cobra.Command {
@@ -21,7 +23,6 @@ func AddSnippet(appConfig config.Application) *cobra.Command {
 		Short: "capture snippets from binaries",
 		Args:  cobra.NoArgs,
 		PreRunE: func(cmd *cobra.Command, args []string) error {
-
 			candidates, err := internal.ListAllBinaries(appConfig)
 			if err != nil {
 				return fmt.Errorf("unable to list binaries: %w", err)
@@ -59,7 +60,7 @@ func AddSnippet(appConfig config.Application) *cobra.Command {
 
 	cmd.Flags().StringVar(&searchPattern, "search-for", "", "the pattern to search for in the binary (defaults to the version)")
 	cmd.Flags().IntVar(&length, "length", 100, "the length of the snippet to capture")
-	cmd.Flags().IntVar(&prefixLength, "prefix-length", 10, "number of bytes before the search hit to capture")
+	cmd.Flags().IntVar(&prefixLength, "prefix-length", 20, "number of bytes before the search hit to capture")
 
 	return cmd
 }

syft/pkg/cataloger/binary/test-fixtures/manager/internal/cli/commands/download.go

@@ -2,9 +2,11 @@ package commands
 
 import (
 	"fmt"
+
+	"github.com/spf13/cobra"
+
 	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
 	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
-	"github.com/spf13/cobra"
 )
 
 func Download(appConfig config.Application) *cobra.Command {
@@ -16,7 +18,6 @@ func Download(appConfig config.Application) *cobra.Command {
 		Use:   "download",
 		Short: "download binaries [name@version ...]",
 		PreRunE: func(cmd *cobra.Command, args []string) error {
-
 			if len(args) > 0 {
 				for _, arg := range args {
 					binaryFromImageCfg := appConfig.GetBinaryFromImage(arg, "")

syft/pkg/cataloger/binary/test-fixtures/manager/internal/cli/commands/list.go

@@ -2,15 +2,16 @@ package commands
 
 import (
 	"fmt"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
+	"strings"
+
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/spf13/cobra"
-	"strings"
+
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
 )
 
 func List(appConfig config.Application) *cobra.Command {
-
 	var showPaths bool
 
 	cmd := &cobra.Command{
@@ -18,7 +19,6 @@ func List(appConfig config.Application) *cobra.Command {
 		Short: "list managed binaries and managed/unmanaged snippets",
 		Args:  cobra.NoArgs,
 		RunE: func(cmd *cobra.Command, args []string) error {
-
 			return runList(appConfig, showPaths)
 		},
 	}
@@ -29,7 +29,6 @@ func List(appConfig config.Application) *cobra.Command {
 }
 
 func runList(appConfig config.Application, showPaths bool) error {
-
 	material, err := internal.ListAllEntries(appConfig)
 	if err != nil {
 		return err
@@ -42,6 +41,8 @@ func runList(appConfig config.Application, showPaths bool) error {
 	return nil
 }
 
+const yes = "yes"
+
 func renderCatalogerListTable(material map[internal.LogicalEntryKey]internal.EntryInfo, showPaths bool) string {
 	t := table.NewWriter()
 	t.SetStyle(table.StyleLight)
@@ -54,7 +55,7 @@ func renderCatalogerListTable(material map[internal.LogicalEntryKey]internal.Ent
 
 		isConfigured := ""
 		if info.IsConfigured {
-			isConfigured = "yes"
+			isConfigured = yes
 		}
 
 		bin := ""
@@ -64,11 +65,11 @@ func renderCatalogerListTable(material map[internal.LogicalEntryKey]internal.Ent
 			snippet = info.SnippetPath
 		} else {
 			if info.BinaryPath != "" {
-				bin = "yes"
+				bin = yes
 			}
 
 			if info.SnippetPath != "" {
-				snippet = "yes"
+				snippet = yes
 			}
 		}
 

syft/pkg/cataloger/binary/test-fixtures/manager/internal/cli/commands/root.go

@@ -1,8 +1,9 @@
 package commands
 
 import (
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
 	"github.com/spf13/cobra"
+
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
 )
 
 func Root(_ config.Application) *cobra.Command {

syft/pkg/cataloger/binary/test-fixtures/manager/internal/cli/commands/write_snippet.go

@@ -5,14 +5,16 @@ import (
 	"debug/macho"
 	"debug/pe"
 	"fmt"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
-	"github.com/spf13/cobra"
-	"gopkg.in/yaml.v3"
 	"io"
 	"os"
 	"path/filepath"
 	"strings"
+
+	"github.com/spf13/cobra"
+	"gopkg.in/yaml.v3"
+
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
 )
 
 func WriteSnippet(appConfig config.Application) *cobra.Command {
@@ -102,7 +104,7 @@ func runWriteSnippet(binaryPath string, offset, length int, snippetPath string)
 		return fmt.Errorf("unable to marshal metadata: %w", err)
 	}
 
-	splitter := []byte(fmt.Sprintf("\n### byte snippet to follow ###\n"))
+	splitter := []byte("\n### byte snippet to follow ###\n")
 
 	var finalBuf []byte
 	finalBuf = append(finalBuf, metadataBytes...)
@@ -113,7 +115,7 @@ func runWriteSnippet(binaryPath string, offset, length int, snippetPath string)
 		return fmt.Errorf("unable to create destination directory: %w", err)
 	}
 
-	if err := os.WriteFile(snippetPath, finalBuf, 0644); err != nil {
+	if err := os.WriteFile(snippetPath, finalBuf, 0600); err != nil {
 		return fmt.Errorf("unable to write snippet: %w", err)
 	}
 
@@ -195,6 +197,11 @@ func getPlatform(binaryPath string) (string, error) {
 	return "", fmt.Errorf("unable to determine platform for %q", binaryPath)
 }
 
+const (
+	amd64 = "amd64"
+	arm64 = "arm64"
+)
+
 func getPlatformElf(f *os.File) string {
 	elfFile, err := elf.NewFile(f)
 	if err != nil {
@@ -204,9 +211,9 @@ func getPlatformElf(f *os.File) string {
 	var arch string
 	switch elfFile.Machine {
 	case elf.EM_X86_64:
-		arch = "amd64"
+		arch = amd64
 	case elf.EM_AARCH64:
-		arch = "arm64"
+		arch = arm64
 	// TODO...
 	default:
 		arch = fmt.Sprintf("unknown-%x", elfFile.Machine)
@@ -224,9 +231,9 @@ func getPlatformMac(f *os.File) string {
 	var arch string
 	switch machoFile.Cpu {
 	case macho.CpuAmd64:
-		arch = "amd64"
+		arch = amd64
 	case macho.CpuArm64:
-		arch = "arm64"
+		arch = arm64
 	// TODO...
 	default:
 		arch = fmt.Sprintf("unknown-%x", machoFile.Cpu)
@@ -244,9 +251,9 @@ func getPlatformWindows(f *os.File) string {
 	var arch string
 	switch peFile.Machine {
 	case pe.IMAGE_FILE_MACHINE_AMD64:
-		arch = "amd64"
+		arch = amd64
 	case pe.IMAGE_FILE_MACHINE_ARM64:
-		arch = "arm64"
+		arch = arm64
 	// TODO...
 	default:
 		arch = fmt.Sprintf("unknown-%x", peFile.Machine)

syft/pkg/cataloger/binary/test-fixtures/manager/internal/config/application.go

@@ -2,12 +2,13 @@ package config
 
 import (
 	"fmt"
-	"github.com/hashicorp/go-multierror"
-	"github.com/scylladb/go-set/strset"
-	"gopkg.in/yaml.v3"
 	"os"
 	"path/filepath"
 	"strings"
+
+	"github.com/hashicorp/go-multierror"
+	"github.com/scylladb/go-set/strset"
+	"gopkg.in/yaml.v3"
 )
 
 const Path = "config.yaml"
@@ -96,7 +97,6 @@ func (c Application) Validate() error {
 		if len(entry.PathsInImage) == 0 {
 			err = multierror.Append(err, fmt.Errorf("missing paths for entry %d (%s)", i+1, key))
 		}
-
 	}
 	return err
 }

syft/pkg/cataloger/binary/test-fixtures/manager/internal/config/binary_from_image.go

@@ -3,9 +3,10 @@ package config
 import (
 	"crypto/sha256"
 	"fmt"
-	"gopkg.in/yaml.v3"
 	"path/filepath"
 	"strings"
+
+	"gopkg.in/yaml.v3"
 )
 
 type BinaryFromImage struct {

syft/pkg/cataloger/binary/test-fixtures/manager/internal/download_from_image.go

@@ -1,13 +1,16 @@
 package internal
 
 import (
+	"encoding/json"
 	"fmt"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/ui"
-	"github.com/google/uuid"
 	"os"
 	"os/exec"
 	"path/filepath"
+
+	"github.com/google/uuid"
+
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/ui"
 )
 
 func DownloadFromImage(dest string, config config.BinaryFromImage) error {
@@ -19,9 +22,8 @@ func DownloadFromImage(dest string, config config.BinaryFromImage) error {
 		if !isDownloadStale(config, hostPaths) {
 			t.Skip("already exists")
 			return nil
-		} else {
-			t.Update("stale, updating...")
 		}
+		t.Update("stale, updating...")
 	}
 
 	if err := pullDockerImages(config.Images); err != nil {
@@ -78,24 +80,62 @@ func pullDockerImages(images []config.Image) error {
 	return nil
 }
 
+type imageInspect struct {
+	OS           string `json:"Os"`
+	Architecture string `json:"Architecture"`
+}
+
+func (i imageInspect) Platform() string {
+	return fmt.Sprintf("%s/%s", i.OS, i.Architecture)
+}
+
 func pullDockerImage(imageReference, platform string) error {
 	a := ui.Action{Msg: fmt.Sprintf("pull image %s (%s)", imageReference, platform)}
 	a.Start()
-	cmd := exec.Command("docker", "image", "inspect", imageReference)
-	if err := cmd.Run(); err == nil {
-		a.Skip(fmt.Sprintf("docker image already exists %q", imageReference))
 
+	matches, _, _ := checkArchitecturesMatch(imageReference, platform)
+	if matches {
+		a.Skip(fmt.Sprintf("docker image already exists %q", imageReference))
 		return nil
 	}
 
-	cmd = exec.Command("docker", "pull", "--platform", platform, imageReference)
+	cmd := exec.Command("docker", "pull", "--platform", platform, imageReference)
 	err := cmd.Run()
+	if err != nil {
+		a.Done(err)
+		return err
+	}
+
+	matches, gotPlatform, err := checkArchitecturesMatch(imageReference, platform)
+	if !matches && err == nil {
+		err = fmt.Errorf("image %q pulled but does not match expected platform %q != %q", imageReference, platform, gotPlatform)
+	}
 
 	a.Done(err)
 
 	return err
 }
 
+func checkArchitecturesMatch(imageReference, platform string) (bool, string, error) {
+	cmd := exec.Command("docker", "image", "inspect", imageReference)
+	out, err := cmd.CombinedOutput()
+	if err != nil {
+		return false, "", err
+	}
+
+	var inspect []imageInspect
+	if err := json.Unmarshal(out, &inspect); err != nil {
+		return false, "", fmt.Errorf("unable to unmarshal image inspect: %w", err)
+	}
+
+	if len(inspect) != 1 {
+		return false, "", fmt.Errorf("expected 1 image inspect, got %d", len(inspect))
+	}
+	gotPlatform := inspect[0].Platform()
+
+	return gotPlatform == platform, gotPlatform, nil
+}
+
 func copyBinariesFromDockerImages(config config.BinaryFromImage, destination string) (err error) {
 	for _, image := range config.Images {
 		if err := copyBinariesFromDockerImage(config, destination, image); err != nil {
@@ -116,7 +156,7 @@ func copyBinariesFromDockerImage(config config.BinaryFromImage, destination stri
 
 	defer func() {
 		cmd := exec.Command("docker", "rm", containerName)
-		cmd.Run()
+		cmd.Run() // nolint:errcheck
 	}()
 
 	for i, destinationPath := range config.AllStorePathsForImage(image, destination) {
@@ -130,7 +170,6 @@ func copyBinariesFromDockerImage(config config.BinaryFromImage, destination stri
 }
 
 func copyBinaryFromContainer(containerName, containerPath, destinationPath, fingerprint string) (err error) {
-
 	a := ui.Action{Msg: fmt.Sprintf("extract %s", containerPath)}
 	a.Start()
 
@@ -142,14 +181,15 @@ func copyBinaryFromContainer(containerName, containerPath, destinationPath, fing
 		return err
 	}
 
-	cmd := exec.Command("docker", "cp", fmt.Sprintf("%s:%s", containerName, containerPath), destinationPath)
+	cmd := exec.Command("docker", "cp", fmt.Sprintf("%s:%s", containerName, containerPath), destinationPath) // nolint:gosec
+	// reason for gosec exception: this is for processing test fixtures only, not used in production
 	if err := cmd.Run(); err != nil {
 		return err
 	}
 
 	// capture fingerprint file
 	fingerprintPath := destinationPath + ".fingerprint"
-	if err := os.WriteFile(fingerprintPath, []byte(fingerprint), 0644); err != nil {
+	if err := os.WriteFile(fingerprintPath, []byte(fingerprint), 0600); err != nil {
 		return fmt.Errorf("unable to write fingerprint file: %w", err)
 	}
 

syft/pkg/cataloger/binary/test-fixtures/manager/internal/list_entries.go

@@ -2,11 +2,12 @@ package internal
 
 import (
 	"fmt"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
 	"os"
 	"path/filepath"
 	"sort"
 	"strings"
+
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
 )
 
 type Entries map[LogicalEntryKey]EntryInfo
@@ -89,7 +90,6 @@ func ListAllBinaries(appConfig config.Application) (Entries, error) {
 }
 
 func ListAllEntries(appConfig config.Application) (Entries, error) {
-
 	snippets, err := allFilePaths(appConfig.SnippetPath)
 	if err != nil {
 		return nil, fmt.Errorf("unable to list snippets: %w", err)
@@ -155,7 +155,7 @@ func getLogicalKey(managedBinaryPath string) (*LogicalEntryKey, error) {
 	// infer the logical key from the path alone: name/version/platform/filename
 
 	items := SplitFilepath(managedBinaryPath)
-	if len(items) != 4 {
+	if len(items) < 4 {
 		return nil, fmt.Errorf("invalid managed binary path: %q", managedBinaryPath)
 	}
 
@@ -163,7 +163,7 @@ func getLogicalKey(managedBinaryPath string) (*LogicalEntryKey, error) {
 		OrgName:  items[0],
 		Version:  items[1],
 		Platform: items[2],
-		Filename: items[3],
+		Filename: filepath.Join(items[3:]...),
 	}, nil
 }
 

syft/pkg/cataloger/binary/test-fixtures/manager/internal/snippet_metadata.go

@@ -2,9 +2,10 @@ package internal
 
 import (
 	"fmt"
-	"gopkg.in/yaml.v3"
 	"os"
 	"strings"
+
+	"gopkg.in/yaml.v3"
 )
 
 type SnippetMetadata struct {

syft/pkg/cataloger/binary/test-fixtures/manager/internal/ui/action.go

@@ -30,7 +30,6 @@ func (a Action) Skip(newMsg ...string) {
 func (a Action) Done(err error) {
 	goToPreviousLineStart()
 	if err != nil {
-
 		fmt.Printf("  %s✗%s  %s%s%s\n", red+bold, reset, red, a.Msg, reset)
 
 		var exitError *exec.ExitError

syft/pkg/cataloger/binary/test-fixtures/manager/internal/ui/binary_list.go

@@ -2,10 +2,11 @@ package ui
 
 import (
 	"fmt"
+	"os"
+
 	"github.com/charmbracelet/bubbles/list"
 	tea "github.com/charmbracelet/bubbletea"
 	"github.com/charmbracelet/lipgloss"
-	"os"
 )
 
 var quitTextStyle = lipgloss.NewStyle().Margin(1, 0, 2, 4)

syft/pkg/cataloger/binary/test-fixtures/manager/main.go

@@ -2,9 +2,10 @@ package main
 
 import (
 	"fmt"
+	"os"
+
 	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/cli"
 	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/ui"
-	"os"
 )
 
 func main() {

syft/pkg/cataloger/binary/test-fixtures/manager/testutil/snippet_or_binary.go

@@ -1,12 +1,14 @@
 package testutil
 
 import (
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
-	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
-	"github.com/stretchr/testify/require"
 	"os"
 	"path/filepath"
 	"testing"
+
+	"github.com/stretchr/testify/require"
+
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal"
+	"github.com/anchore/syft/syft/pkg/cataloger/binary/test-fixtures/manager/internal/config"
 )
 
 // SnippetOrBinary returns the path to either the binary or the snippet for the given logical entry key.
@@ -96,5 +98,4 @@ func validateSnippet(t *testing.T, binaryPath, snippetPath string) {
 	require.NoError(t, err)
 
 	require.Equal(t, expected, metadata.FileSha256, "snippet shadows a binary with a different sha256")
-
 }