oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 08:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

3122 valid license url characters (#3449)

Browse Source 
* chore: strip unwanted characters from license URL
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
This commit is contained in:
Christopher Angelo Phillips 2024-11-19 10:34:58 -05:00 committed by GitHub
parent e7b65c2c58
commit f4cad63da1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 60 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
syft/pkg/license.go
View File

@ -2,7 +2,9 @@ package pkg
import ( import (
"fmt" "fmt"
"net/url"
"sort" "sort"
"strings"
"github.com/scylladb/go-set/strset" "github.com/scylladb/go-set/strset"
@ -112,7 +114,12 @@ func NewLicenseFromURLs(value string, urls ...string) License {
s := strset.New() s := strset.New()
for _, url := range urls { for _, url := range urls {
if url != "" { if url != "" {
s.Add(url) sanitizedURL, err := stripUnwantedCharacters(url)
if err != nil {
log.Tracef("unable to sanitize url=%q: %s", url, err)
continue
}
s.Add(sanitizedURL)
} }
} }
@ -122,13 +129,28 @@ func NewLicenseFromURLs(value string, urls ...string) License {
return l return l
} }
func stripUnwantedCharacters(rawURL string) (string, error) {
cleanedURL := strings.TrimSpace(rawURL)
_, err := url.ParseRequestURI(cleanedURL)
if err != nil {
return "", fmt.Errorf("invalid URL: %w", err)
}
return cleanedURL, nil
}
func NewLicenseFromFields(value, url string, location *file.Location) License { func NewLicenseFromFields(value, url string, location *file.Location) License {
l := NewLicense(value) l := NewLicense(value)
if location != nil { if location != nil {
l.Locations.Add(*location) l.Locations.Add(*location)
} }
if url != "" { if url != "" {
l.URLs = append(l.URLs, url) sanitizedURL, err := stripUnwantedCharacters(url)
if err != nil {
log.Tracef("unable to sanitize url=%q: %s", url, err)
} else {
l.URLs = append(l.URLs, sanitizedURL)
}
} }
return l return l

36
syft/pkg/license_test.go
View File

@ -226,3 +226,39 @@ func TestLicense_Merge(t *testing.T) {
}) })
} }
} }
func TestLicenseConstructors(t *testing.T) {
type input struct {
value string
urls []string
}
tests := []struct {
name string
input input
expected License
}{
{
name: "License URLs are stripped of newlines and tabs",
input: input{
value: "New BSD License",
urls: []string{
`
http://user-agent-utils.googlecode.com/svn/trunk/UserAgentUtils/LICENSE.txt
`},
},
expected: License{
Value: "New BSD License",
Type: license.Declared,
URLs: []string{"http://user-agent-utils.googlecode.com/svn/trunk/UserAgentUtils/LICENSE.txt"},
},
},
}
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
got := NewLicenseFromURLs(test.input.value, test.input.urls...)
assert.Equal(t, test.expected, got)
})
}
}