mirror of
https://github.com/anchore/syft.git
synced 2025-11-22 02:43:19 +01:00
1aaa644007
* [wip] Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * distinct the package metadata functions Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * remove metadata type from package core model Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * incorporate review feedback for names Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add RPM archive metadata and split parser helpers Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * clarify the python package metadata type Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename the KB metadata type Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * break hackage and composer types by use case Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * linting fix Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix encoding and decoding for syft-json and cyclonedx Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * bump json schema to 11 Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update cyclonedx-json snapshots Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update cyclonedx-xml snapshots Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update spdx-json snapshots Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update spdx-tv snapshots Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update syft-json snapshots Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * correct metadata type in stack yaml parser test Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix bom-ref redactor for cyclonedx-xml Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add tests for legacy package metadata names Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * regenerate json schema v11 Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix legacy HackageMetadataType reflect type value check Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix linting Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * packagemetadata discovery should account for type shadowing Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix linting Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix cli tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * bump json schema version to v12 Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update json schema to incorporate changes from main Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add syft-json legacy config option Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add tests around v11-v12 json decoding Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add docs for SYFT_JSON_LEGACY Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename structs to be compliant with new naming scheme Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
100 lines
2.3 KiB
Go
100 lines
2.3 KiB
Go
package rust
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/anchore/syft/syft/file"
|
|
"github.com/anchore/syft/syft/pkg"
|
|
"github.com/anchore/syft/syft/pkg/cataloger/internal/pkgtest"
|
|
)
|
|
|
|
func TestNewAuditBinaryCataloger(t *testing.T) {
|
|
|
|
expectedPkgs := []pkg.Package{
|
|
{
|
|
Name: "auditable",
|
|
Version: "0.1.0",
|
|
PURL: "pkg:cargo/auditable@0.1.0",
|
|
FoundBy: "cargo-auditable-binary-cataloger",
|
|
Locations: file.NewLocationSet(file.NewVirtualLocation("/hello-auditable", "/hello-auditable")),
|
|
Language: pkg.Rust,
|
|
Type: pkg.RustPkg,
|
|
Metadata: pkg.RustBinaryAuditEntry{
|
|
Name: "auditable",
|
|
Version: "0.1.0",
|
|
Source: "local",
|
|
},
|
|
},
|
|
{
|
|
Name: "hello-auditable",
|
|
Version: "0.1.0",
|
|
PURL: "pkg:cargo/hello-auditable@0.1.0",
|
|
FoundBy: "cargo-auditable-binary-cataloger",
|
|
Locations: file.NewLocationSet(file.NewVirtualLocation("/hello-auditable", "/hello-auditable")),
|
|
Language: pkg.Rust,
|
|
Type: pkg.RustPkg,
|
|
Metadata: pkg.RustBinaryAuditEntry{
|
|
Name: "hello-auditable",
|
|
Version: "0.1.0",
|
|
Source: "local",
|
|
},
|
|
},
|
|
}
|
|
|
|
pkgtest.NewCatalogTester().
|
|
WithImageResolver(t, "image-audit").
|
|
IgnoreLocationLayer(). // this fixture can be rebuilt, thus the layer ID will change
|
|
Expects(expectedPkgs, nil).
|
|
TestCataloger(t, NewAuditBinaryCataloger())
|
|
}
|
|
|
|
func Test_CargoLockCataloger_Globs(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
fixture string
|
|
expected []string
|
|
}{
|
|
{
|
|
name: "obtain Cargo.lock files",
|
|
fixture: "test-fixtures/glob-paths",
|
|
expected: []string{
|
|
"src/Cargo.lock",
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
pkgtest.NewCatalogTester().
|
|
FromDirectory(t, test.fixture).
|
|
ExpectsResolverContentQueries(test.expected).
|
|
TestCataloger(t, NewCargoLockCataloger())
|
|
})
|
|
}
|
|
}
|
|
|
|
func Test_AuditBinaryCataloger_Globs(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
fixture string
|
|
expected []string
|
|
}{
|
|
{
|
|
name: "obtain audit binary files",
|
|
fixture: "test-fixtures/glob-paths",
|
|
expected: []string{
|
|
"partial-binary",
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
pkgtest.NewCatalogTester().
|
|
FromDirectory(t, test.fixture).
|
|
ExpectsResolverContentQueries(test.expected).
|
|
TestCataloger(t, NewAuditBinaryCataloger())
|
|
})
|
|
}
|
|
}
|