chore: remove test-binary

Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
fix: raise model version on package
2025-11-17 08:23:15 +01:00 · 2025-11-13 00:46:38 -05:00 · 2025-11-13 00:44:19 -05:00 · 2025-11-13 00:32:08 -05:00
10 changed files with 67 additions and 100 deletions
--- a/schema/json/schema-16.0.43.json
+++ b/schema/json/schema-16.0.43.json
@ -1443,10 +1443,6 @@
          "type": "string",
          "description": "ModelName is the name of the model (from general.name or filename)"
        },
        "modelVersion": {
          "type": "string",
          "description": "ModelVersion is the version of the model (if available in header, else \"unknown\")"
        },
        "fileSize": {
          "type": "integer",
          "description": "FileSize is the size of the GGUF file in bytes (best-effort if available from resolver)"
--- a/schema/json/schema-latest.json
+++ b/schema/json/schema-latest.json
@ -1443,10 +1443,6 @@
          "type": "string",
          "description": "ModelName is the name of the model (from general.name or filename)"
        },
        "modelVersion": {
          "type": "string",
          "description": "ModelVersion is the version of the model (if available in header, else \"unknown\")"
        },
        "fileSize": {
          "type": "integer",
          "description": "FileSize is the size of the GGUF file in bytes (best-effort if available from resolver)"
--- a/BIN
+++ b/BIN
--- a/syft/pkg/cataloger/ai/cataloger_test.go
+++ b/syft/pkg/cataloger/ai/cataloger_test.go
@ -6,7 +6,6 @@ import (
 	"testing"
 	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/stretchr/testify/assert"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/pkg"
@ -14,6 +13,28 @@ import (
 )
 func TestGGUFCataloger_Globs(t *testing.T) {
 	tests := []struct {
 		name     string
 		fixture  string
 		expected []string
 	}{
 		{
 			name:    "obtain gguf files",
 			fixture: "test-fixtures/glob-paths",
 			expected: []string{
 				"models/model.gguf",
 			},
 		},
 	}
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
 			pkgtest.NewCatalogTester().
 				FromDirectory(t, test.fixture).
 				ExpectsResolverContentQueries(test.expected).
 				TestCataloger(t, NewGGUFCataloger())
 		})
 	}
 }
 func TestGGUFCataloger_Integration(t *testing.T) {
@ -50,15 +71,14 @@ func TestGGUFCataloger_Integration(t *testing.T) {
 						pkg.NewLicenseFromFields("Apache-2.0", "", nil),
 					),
 					Metadata: pkg.GGUFFileHeader{
-						ModelName:       "llama3-8b",
+						ModelName:    "llama3-8b",
-						ModelVersion:    "3.0",
+						License:      "Apache-2.0",
-						License:         "Apache-2.0",
+						Architecture: "llama",
-						Architecture:    "llama",
+						Quantization: "Unknown",
-						Quantization:    "Unknown",
+						Parameters:   0,
-						Parameters:      0,
+						GGUFVersion:  3,
-						GGUFVersion: 3,
+						TensorCount:  0,
-						TensorCount: 0,
+						Header:       map[string]interface{}{},
 						Header:      map[string]interface{}{},
 					},
 				},
 			},
@ -77,16 +97,11 @@ func TestGGUFCataloger_Integration(t *testing.T) {
 				IgnoreLocationLayer().
 				IgnorePackageFields("FoundBy", "Locations"). // These are set by the cataloger
 				WithCompareOptions(
-					// Ignore Hash as it's computed dynamically
+					// Ignore MetadataHash as it's computed dynamically
-					cmpopts.IgnoreFields(pkg.GGUFFileHeader{}, "Hash"),
+					cmpopts.IgnoreFields(pkg.GGUFFileHeader{}, "MetadataHash"),
 				)
 			tester.TestCataloger(t, NewGGUFCataloger())
 		})
 	}
 }
 func TestGGUFCataloger_Name(t *testing.T) {
 	cataloger := NewGGUFCataloger()
 	assert.Equal(t, "gguf-cataloger", cataloger.Name())
 }
--- a/syft/pkg/cataloger/ai/package.go
+++ b/syft/pkg/cataloger/ai/package.go
@ -1,25 +1,14 @@
 package ai
 import (
 	"encoding/json"
 	"fmt"
 	"github.com/cespare/xxhash/v2"
 	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
 )
-func newGGUFPackage(metadata *pkg.GGUFFileHeader, locations ...file.Location) pkg.Package {
+func newGGUFPackage(metadata *pkg.GGUFFileHeader, version string, locations ...file.Location) pkg.Package {
 	// Compute hash if not already set
 	if metadata.Hash == "" {
 		metadata.Hash = computeMetadataHash(metadata)
 	}
 	p := pkg.Package{
 		Name:      metadata.ModelName,
-		Version:   metadata.ModelVersion,
+		Version:   version,
 		Locations: file.NewLocationSet(locations...),
 		Type:      pkg.ModelPkg,
 		Licenses:  pkg.NewLicenseSet(),
@ -37,33 +26,3 @@ func newGGUFPackage(metadata *pkg.GGUFFileHeader, locations ...file.Location) pk
 	return p
 }
 // computeMetadataHash computes a stable hash of the metadata for use as a global identifier
 func computeMetadataHash(metadata *pkg.GGUFFileHeader) string {
 	// Create a stable representation of the metadata
 	hashData := struct {
 		Format       string
 		Name         string
 		Version      string
 		Architecture string
 		GGUFVersion  uint32
 		TensorCount  uint64
 	}{
 		Name:         metadata.ModelName,
 		Version:      metadata.ModelVersion,
 		Architecture: metadata.Architecture,
 		GGUFVersion:  metadata.GGUFVersion,
 		TensorCount:  metadata.TensorCount,
 	}
 	// Marshal to JSON for stable hashing
 	jsonBytes, err := json.Marshal(hashData)
 	if err != nil {
 		log.Debugf("failed to marshal metadata for hashing: %v", err)
 		return ""
 	}
 	// Compute xxhash
 	hash := xxhash.Sum64(jsonBytes)
 	return fmt.Sprintf("%016x", hash) // 16 hex chars (64 bits)
 }
--- a/syft/pkg/cataloger/ai/package_test.go
+++ b/syft/pkg/cataloger/ai/package_test.go
@ -15,21 +15,22 @@ func TestNewGGUFPackage(t *testing.T) {
 	tests := []struct {
 		name      string
 		metadata  *pkg.GGUFFileHeader
 		version   string
 		locations []file.Location
 		checkFunc func(t *testing.T, p pkg.Package)
 	}{
 		{
-			name: "complete GGUF package with all fields",
+			name:    "complete GGUF package with all fields",
 			version: "3.0",
 			metadata: &pkg.GGUFFileHeader{
-				ModelName:       "llama3-8b-instruct",
+				ModelName:    "llama3-8b-instruct",
-				ModelVersion:    "3.0",
+				License:      "Apache-2.0",
-				License:         "Apache-2.0",
+				Architecture: "llama",
-				Architecture:    "llama",
+				Quantization: "Q4_K_M",
-				Quantization:    "Q4_K_M",
+				Parameters:   8030000000,
-				Parameters:      8030000000,
+				GGUFVersion:  3,
-				GGUFVersion: 3,
+				TensorCount:  291,
-				TensorCount: 291,
+				Header:       map[string]any{},
 				Header:      map[string]any{},
 			},
 			locations: []file.Location{file.NewLocation("/models/llama3-8b.gguf")},
 			checkFunc: func(t *testing.T, p pkg.Package) {
@ -51,10 +52,10 @@ func TestNewGGUFPackage(t *testing.T) {
 			},
 		},
 		{
-			name: "minimal GGUF package",
+			name:    "minimal GGUF package",
 			version: "1.0",
 			metadata: &pkg.GGUFFileHeader{
 				ModelName:    "simple-model",
 				ModelVersion: "1.0",
 				Architecture: "gpt2",
 				GGUFVersion:  3,
 				TensorCount:  50,
@ -75,10 +76,10 @@ func TestNewGGUFPackage(t *testing.T) {
 			},
 		},
 		{
-			name: "GGUF package with multiple locations",
+			name:    "GGUF package with multiple locations",
 			version: "1.5",
 			metadata: &pkg.GGUFFileHeader{
 				ModelName:    "multi-location-model",
 				ModelVersion: "1.5",
 				Architecture: "llama",
 				GGUFVersion:  3,
 				TensorCount:  150,
@ -95,12 +96,12 @@ func TestNewGGUFPackage(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			p := newGGUFPackage(tt.metadata, tt.locations...)
+			p := newGGUFPackage(tt.metadata, tt.version, tt.locations...)
 			if d := cmp.Diff(tt.metadata.ModelName, p.Name); d != "" {
 				t.Errorf("Name mismatch (-want +got):\n%s", d)
 			}
-			if d := cmp.Diff(tt.metadata.ModelVersion, p.Version); d != "" {
+			if d := cmp.Diff(tt.version, p.Version); d != "" {
 				t.Errorf("Version mismatch (-want +got):\n%s", d)
 			}
 			if d := cmp.Diff(pkg.ModelPkg, p.Type); d != "" {
--- a/syft/pkg/cataloger/ai/parse_gguf_model.go
+++ b/syft/pkg/cataloger/ai/parse_gguf_model.go
@ -62,15 +62,17 @@ func parseGGUFModel(_ context.Context, _ file.Resolver, _ *generic.Environment,
 	// Extract metadata
 	metadata := ggufFile.Metadata()
 	// Extract version separately (will be set on Package.Version)
 	modelVersion := extractVersion(ggufFile.Header.MetadataKV)
 	// Convert to syft metadata structure
 	syftMetadata := &pkg.GGUFFileHeader{
-		ModelName:       metadata.Name,
+		ModelName:    metadata.Name,
-		ModelVersion:    extractVersion(ggufFile.Header.MetadataKV),
+		License:      metadata.License,
-		License:         metadata.License,
+		Architecture: metadata.Architecture,
-		Architecture:    metadata.Architecture,
+		Quantization: metadata.FileTypeDescriptor,
-		Quantization:    metadata.FileTypeDescriptor,
+		Parameters:   uint64(metadata.Parameters),
-		Parameters:      uint64(metadata.Parameters),
+		GGUFVersion:  uint32(ggufFile.Header.Version),
 		GGUFVersion:     uint32(ggufFile.Header.Version),
 		TensorCount:  ggufFile.Header.TensorCount,
 		Header:       convertGGUFMetadataKVs(ggufFile.Header.MetadataKV),
 		MetadataHash: computeKVMetadataHash(ggufFile.Header.MetadataKV),
@ -84,6 +86,7 @@ func parseGGUFModel(_ context.Context, _ file.Resolver, _ *generic.Environment,
 	// Create package from metadata
 	p := newGGUFPackage(
 		syftMetadata,
 		modelVersion,
 		reader.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
 	)
--- a/syft/pkg/cataloger/ai/test-fixtures/glob-paths/models/model.gguf
+++ b/syft/pkg/cataloger/ai/test-fixtures/glob-paths/models/model.gguf
--- a/syft/pkg/cataloger/ai/test_builder_test.go
+++ b/syft/pkg/cataloger/ai/test_builder_test.go
@ -3,7 +3,7 @@ package ai
 import (
 	"fmt"
 	"os"
-	
+
 	gguf_parser "github.com/gpustack/gguf-parser-go"
 )
@ -14,21 +14,21 @@ func main() {
 		withStringKV("general.architecture", "llama").
 		withStringKV("general.name", "test-model").
 		build()
-	
+
 	// Write to temp file
 	tempFile, err := os.CreateTemp("", "test-*.gguf")
 	if err != nil {
 		panic(err)
 	}
 	defer os.Remove(tempFile.Name())
-	
+
 	if _, err := tempFile.Write(data); err != nil {
 		panic(err)
 	}
 	tempFile.Close()
-	
+
 	fmt.Printf("Wrote %d bytes to %s\n", len(data), tempFile.Name())
-	
+
 	// Try to parse it
 	fmt.Println("Attempting to parse...")
 	gf, err := gguf_parser.ParseGGUFFile(tempFile.Name(), gguf_parser.SkipLargeMetadata())
@ -36,6 +36,6 @@ func main() {
 		fmt.Printf("Parse error: %v\n", err)
 		return
 	}
-	
+
 	fmt.Printf("Success! Model: %s\n", gf.Metadata().Name)
 }
--- a/syft/pkg/gguf.go
+++ b/syft/pkg/gguf.go
@ -10,9 +10,6 @@ type GGUFFileHeader struct {
 	// ModelName is the name of the model (from general.name or filename)
 	ModelName string `json:"modelName" cyclonedx:"modelName"`
 	// ModelVersion is the version of the model (if available in header, else "unknown")
 	ModelVersion string `json:"modelVersion,omitempty" cyclonedx:"modelVersion"`
 	// FileSize is the size of the GGUF file in bytes (best-effort if available from resolver)
 	FileSize int64 `json:"fileSize,omitempty" cyclonedx:"fileSize"`
Author	SHA1	Message	Date
Christopher Phillips	9609ce2b36	chore: remove test-binary Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>	2025-11-13 00:46:38 -05:00
Christopher Phillips	56761cee6f	fix: raise model version on package Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>	2025-11-13 00:44:19 -05:00
Christopher Phillips	b80592f735	chore: pr comments Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>	2025-11-13 00:32:08 -05:00