diff --git a/internal/task/package_tasks.go b/internal/task/package_tasks.go index b150ff97f..99cc9cdc6 100644 --- a/internal/task/package_tasks.go +++ b/internal/task/package_tasks.go @@ -3,6 +3,7 @@ package task import ( "github.com/anchore/syft/syft/cataloging/pkgcataloging" "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/pkg/cataloger/aiartifact" "github.com/anchore/syft/syft/pkg/cataloger/alpine" "github.com/anchore/syft/syft/pkg/cataloger/arch" "github.com/anchore/syft/syft/pkg/cataloger/binary" @@ -37,7 +38,6 @@ import ( "github.com/anchore/syft/syft/pkg/cataloger/swipl" "github.com/anchore/syft/syft/pkg/cataloger/terraform" "github.com/anchore/syft/syft/pkg/cataloger/wordpress" - "github.com/anchore/syft/syft/pkg/cataloger/aiartifact" ) const ( diff --git a/syft/format/internal/cyclonedxutil/helpers/component.go b/syft/format/internal/cyclonedxutil/helpers/component.go index f255d3a27..4a681db3e 100644 --- a/syft/format/internal/cyclonedxutil/helpers/component.go +++ b/syft/format/internal/cyclonedxutil/helpers/component.go @@ -40,9 +40,10 @@ func EncodeComponent(p pkg.Package, supplier string, locationSorter func(a, b fi } componentType := cyclonedx.ComponentTypeLibrary - if p.Type == pkg.BinaryPkg { + switch p.Type { + case pkg.BinaryPkg: componentType = cyclonedx.ComponentTypeApplication - } else if p.Type == pkg.ModelPkg { + case pkg.ModelPkg: componentType = cyclonedx.ComponentTypeMachineLearningModel } diff --git a/syft/pkg/cataloger/aiartifact/parse_gguf.go b/syft/pkg/cataloger/aiartifact/parse_gguf.go index 81673eb44..c58f1a55f 100644 --- a/syft/pkg/cataloger/aiartifact/parse_gguf.go +++ b/syft/pkg/cataloger/aiartifact/parse_gguf.go @@ -41,7 +41,9 @@ const ( ggufTypeArray = 12 ) -// parseGGUFHeader parses the header of a GGUF file from raw bytes and extracts metadata +const unkownGGUFData = "unknown" + +//nolint:funlen func parseGGUFHeader(data []byte, location string) (*pkg.GGUFFileMetadata, error) { reader := bytes.NewReader(data) // Read magic number @@ -83,7 +85,7 @@ func parseGGUFHeader(data []byte, location string) (*pkg.GGUFFileMetadata, error } // Parse metadata key-value pairs - kvMap := make(map[string]interface{}) + kvMap := make(map[string]any) truncated := false for i := uint64(0); i < kvCount; i++ { @@ -133,7 +135,7 @@ func parseGGUFHeader(data []byte, location string) (*pkg.GGUFFileMetadata, error metadata.ModelVersion = version delete(kvMap, "general.version") } else { - metadata.ModelVersion = "unknown" + metadata.ModelVersion = unkownGGUFData } // Extract parameters count if present @@ -151,7 +153,7 @@ func parseGGUFHeader(data []byte, location string) (*pkg.GGUFFileMetadata, error metadata.Quantization = inferQuantizationFromFilename(location) // Note: we keep general.quantized_by in Header since it's not directly mapped to a field } else { - metadata.Quantization = "unknown" + metadata.Quantization = unkownGGUFData } // Compute hash of metadata for stable identifier @@ -194,8 +196,8 @@ func readKVPair(reader io.Reader) (string, interface{}, error) { return key, value, nil } -// readValue reads a value based on its type -func readValue(reader io.Reader, valueType uint32) (interface{}, error) { +//nolint:funlen +func readValue(reader io.Reader, valueType uint32) (any, error) { switch valueType { case ggufTypeUint8: var v uint8 @@ -308,7 +310,7 @@ func inferQuantizationFromFilename(filename string) string { if match := quantPattern.FindString(filename); match != "" { return match } - return "unknown" + return unkownGGUFData } // computeMetadataHash computes a stable hash of the metadata for use as a global identifier @@ -341,4 +343,3 @@ func computeMetadataHash(metadata *pkg.GGUFFileMetadata) string { hash := sha256.Sum256(jsonBytes) return fmt.Sprintf("%x", hash[:8]) // Use first 8 bytes (16 hex chars) } - diff --git a/syft/pkg/cataloger/aiartifact/parse_gguf_model.go b/syft/pkg/cataloger/aiartifact/parse_gguf_model.go index 78c0c15f4..fd0047ca8 100644 --- a/syft/pkg/cataloger/aiartifact/parse_gguf_model.go +++ b/syft/pkg/cataloger/aiartifact/parse_gguf_model.go @@ -16,7 +16,7 @@ import ( // parseGGUFModel parses a GGUF model file and returns the discovered package. func parseGGUFModel(_ context.Context, _ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) { - defer internal.CloseAndLogError(reader, reader.Location.Path()) + defer internal.CloseAndLogError(reader, reader.Path()) // Read header (we'll read a reasonable amount to parse the header without reading entire file) // GGUF headers are typically < 1MB, but we'll use a 10MB limit to be safe @@ -39,7 +39,7 @@ func parseGGUFModel(_ context.Context, _ file.Resolver, _ *generic.Environment, } // Stop if we've read enough for a reasonable header if len(headerData) > maxHeaderSize { - log.Warnf("GGUF header at %s exceeds max size, truncating", reader.Location.Path()) + log.Warnf("GGUF header at %s exceeds max size, truncating", reader.Path()) break } } @@ -50,7 +50,7 @@ func parseGGUFModel(_ context.Context, _ file.Resolver, _ *generic.Environment, } // Parse the GGUF header - metadata, err := parseGGUFHeader(headerData, reader.Location.Path()) + metadata, err := parseGGUFHeader(headerData, reader.Path()) if err != nil { return nil, nil, fmt.Errorf("failed to parse GGUF file: %w", err) } @@ -58,7 +58,7 @@ func parseGGUFModel(_ context.Context, _ file.Resolver, _ *generic.Environment, // Create package from metadata p := newGGUFPackage( metadata, - reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation), + reader.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation), ) return []pkg.Package{p}, nil, unknown.IfEmptyf([]pkg.Package{p}, "unable to parse GGUF file")