diff --git a/pkg/dependency/parser/c/conan/parse.go b/pkg/dependency/parser/c/conan/parse.go index 851e3a79da6f..4528da67b778 100644 --- a/pkg/dependency/parser/c/conan/parse.go +++ b/pkg/dependency/parser/c/conan/parse.go @@ -78,7 +78,7 @@ func (p *Parser) parseV1(lock LockFile) ([]ftypes.Package, []ftypes.Dependency, // Parse dependency graph for i, node := range lock.GraphLock.Nodes { - lib, ok := parsed[i] + pkg, ok := parsed[i] if !ok { continue } @@ -91,12 +91,12 @@ func (p *Parser) parseV1(lock LockFile) ([]ftypes.Package, []ftypes.Dependency, } if len(childDeps) != 0 { deps = append(deps, ftypes.Dependency{ - ID: lib.ID, + ID: pkg.ID, DependsOn: childDeps, }) } - pkgs = append(pkgs, lib) + pkgs = append(pkgs, pkg) } return pkgs, deps, nil } @@ -107,7 +107,7 @@ func (p *Parser) parseV2(lock LockFile) ([]ftypes.Package, []ftypes.Dependency, for _, req := range lock.Requires { pkg, err := toPackage(req.Dependency, req.StartLine, req.EndLine) if err != nil { - p.logger.Debug("Creating library entry from requirement failed", err) + p.logger.Debug("Creating package entry from requirement failed", err) continue } diff --git a/pkg/dependency/parser/c/conan/parse_test.go b/pkg/dependency/parser/c/conan/parse_test.go index 895e73dd43c9..85c0a4a09e80 100644 --- a/pkg/dependency/parser/c/conan/parse_test.go +++ b/pkg/dependency/parser/c/conan/parse_test.go @@ -17,13 +17,13 @@ func TestParse(t *testing.T) { tests := []struct { name string inputFile string // Test input file - wantLibs []ftypes.Package + wantPkgs []ftypes.Package wantDeps []ftypes.Dependency }{ { name: "happy path", inputFile: "testdata/happy_v1_case1.lock", - wantLibs: []ftypes.Package{ + wantPkgs: []ftypes.Package{ { ID: "pkga/0.0.1", Name: "pkga", @@ -73,7 +73,7 @@ func TestParse(t *testing.T) { { name: "happy path. lock file with revisions support", inputFile: "testdata/happy_v1_case2.lock", - wantLibs: []ftypes.Package{ + wantPkgs: []ftypes.Package{ { ID: "openssl/3.0.3", Name: "openssl", @@ -111,7 +111,7 @@ func TestParse(t *testing.T) { { name: "happy path conan v2", inputFile: "testdata/happy_v2.lock", - wantLibs: []ftypes.Package{ + wantPkgs: []ftypes.Package{ { ID: "matrix/1.3", Name: "matrix", @@ -153,18 +153,18 @@ func TestParse(t *testing.T) { require.NoError(t, err) defer f.Close() - gotLibs, gotDeps, err := conan.NewParser().Parse(f) + gotPkgs, gotDeps, err := conan.NewParser().Parse(f) require.NoError(t, err) - sort.Slice(gotLibs, func(i, j int) bool { - ret := strings.Compare(gotLibs[i].Name, gotLibs[j].Name) + sort.Slice(gotPkgs, func(i, j int) bool { + ret := strings.Compare(gotPkgs[i].Name, gotPkgs[j].Name) if ret != 0 { return ret < 0 } - return gotLibs[i].Version < gotLibs[j].Version + return gotPkgs[i].Version < gotPkgs[j].Version }) - assert.Equal(t, tt.wantLibs, gotLibs) + assert.Equal(t, tt.wantPkgs, gotPkgs) assert.Equal(t, tt.wantDeps, gotDeps) }) } diff --git a/pkg/dependency/parser/conda/environment/parse.go b/pkg/dependency/parser/conda/environment/parse.go index e14995b6eb58..f8bdcfb49a92 100644 --- a/pkg/dependency/parser/conda/environment/parse.go +++ b/pkg/dependency/parser/conda/environment/parse.go @@ -44,7 +44,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependenc var pkgs ftypes.Packages for _, dep := range env.Dependencies { pkg := p.toPackage(dep) - // Skip empty libs + // Skip empty pkgs if pkg.Name == "" { continue } diff --git a/pkg/dependency/parser/dart/pub/parse_test.go b/pkg/dependency/parser/dart/pub/parse_test.go index f54b8c046fd8..be698a7933c5 100644 --- a/pkg/dependency/parser/dart/pub/parse_test.go +++ b/pkg/dependency/parser/dart/pub/parse_test.go @@ -63,13 +63,13 @@ func TestParser_Parse(t *testing.T) { require.NoError(t, err) defer f.Close() - gotLibs, _, err := pub.NewParser().Parse(f) + gotPkgs, _, err := pub.NewParser().Parse(f) if !tt.wantErr(t, err, fmt.Sprintf("Parse(%v)", tt.inputFile)) { return } - sort.Sort(ftypes.Packages(gotLibs)) - assert.Equal(t, tt.want, gotLibs) + sort.Sort(ftypes.Packages(gotPkgs)) + assert.Equal(t, tt.want, gotPkgs) }) } } diff --git a/pkg/dependency/parser/golang/binary/parse_test.go b/pkg/dependency/parser/golang/binary/parse_test.go index 43c05971eca3..e3144064ffe3 100644 --- a/pkg/dependency/parser/golang/binary/parse_test.go +++ b/pkg/dependency/parser/golang/binary/parse_test.go @@ -12,7 +12,7 @@ import ( ) func TestParse(t *testing.T) { - wantLibs := []ftypes.Package{ + wantPkgs := []ftypes.Package{ { Name: "github.com/aquasecurity/test", Version: "", @@ -46,17 +46,17 @@ func TestParse(t *testing.T) { { name: "ELF", inputFile: "testdata/test.elf", - want: wantLibs, + want: wantPkgs, }, { name: "PE", inputFile: "testdata/test.exe", - want: wantLibs, + want: wantPkgs, }, { name: "Mach-O", inputFile: "testdata/test.macho", - want: wantLibs, + want: wantPkgs, }, { name: "with replace directive", diff --git a/pkg/dependency/parser/java/pom/parse_test.go b/pkg/dependency/parser/java/pom/parse_test.go index 2463253dac60..3627a5c2eb90 100644 --- a/pkg/dependency/parser/java/pom/parse_test.go +++ b/pkg/dependency/parser/java/pom/parse_test.go @@ -541,7 +541,7 @@ func TestPom_Parse(t *testing.T) { // [INFO] com.example:soft:jar:1.0.0 // [INFO] +- org.example:example-api:jar:1.7.30:compile // [INFO] \- org.example:example-dependency:jar:1.2.3:compile - // Save DependsOn for each library - https://github.com/aquasecurity/go-dep-parser/pull/243#discussion_r1303904548 + // Save DependsOn for each package - https://github.com/aquasecurity/go-dep-parser/pull/243#discussion_r1303904548 name: "soft requirement", inputFile: filepath.Join("testdata", "soft-requirement", "pom.xml"), local: true, @@ -601,7 +601,7 @@ func TestPom_Parse(t *testing.T) { // [INFO] +- org.example:example-dependency:jar:1.2.3:compile // [INFO] | \- org.example:example-api:jar:2.0.0:compile // [INFO] \- org.example:example-dependency2:jar:2.3.4:compile - // Save DependsOn for each library - https://github.com/aquasecurity/go-dep-parser/pull/243#discussion_r1303904548 + // Save DependsOn for each package - https://github.com/aquasecurity/go-dep-parser/pull/243#discussion_r1303904548 name: "soft requirement with transitive dependencies", inputFile: filepath.Join("testdata", "soft-requirement-with-transitive-dependencies", "pom.xml"), local: true, @@ -672,7 +672,7 @@ func TestPom_Parse(t *testing.T) { //[INFO] +- org.example:example-nested:jar:3.3.4:compile //[INFO] \- org.example:example-dependency:jar:1.2.3:compile //[INFO] \- org.example:example-api:jar:2.0.0:compile - // Save DependsOn for each library - https://github.com/aquasecurity/go-dep-parser/pull/243#discussion_r1303904548 + // Save DependsOn for each package - https://github.com/aquasecurity/go-dep-parser/pull/243#discussion_r1303904548 name: "hard requirement for the specified version", inputFile: filepath.Join("testdata", "hard-requirement", "pom.xml"), local: true, @@ -1406,7 +1406,7 @@ func TestPom_Parse(t *testing.T) { p := pom.NewParser(tt.inputFile, pom.WithReleaseRemoteRepos(remoteRepos), pom.WithOffline(tt.offline)) - gotLibs, gotDeps, err := p.Parse(f) + gotPkgs, gotDeps, err := p.Parse(f) if tt.wantErr != "" { require.NotNil(t, err) assert.Contains(t, err.Error(), tt.wantErr) @@ -1414,7 +1414,7 @@ func TestPom_Parse(t *testing.T) { } require.NoError(t, err) - assert.Equal(t, tt.want, gotLibs) + assert.Equal(t, tt.want, gotPkgs) assert.Equal(t, tt.wantDeps, gotDeps) }) } diff --git a/pkg/dependency/parser/julia/manifest/parse_test.go b/pkg/dependency/parser/julia/manifest/parse_test.go index fc005b74456c..229499c6cb71 100644 --- a/pkg/dependency/parser/julia/manifest/parse_test.go +++ b/pkg/dependency/parser/julia/manifest/parse_test.go @@ -21,13 +21,13 @@ func TestParse(t *testing.T) { { name: "Manifest v1.6", file: "testdata/primary/Manifest_v1.6.toml", - want: juliaV1_6Libs, + want: juliaV1_6Pkgs, wantDeps: juliaV1_6Deps, }, { name: "Manifest v1.8", file: "testdata/primary/Manifest_v1.8.toml", - want: juliaV1_8Libs, + want: juliaV1_8Pkgs, wantDeps: juliaV1_8Deps, }, { @@ -45,13 +45,13 @@ func TestParse(t *testing.T) { { name: "dep extensions v1.9", file: "testdata/dep_ext_v1.9/Manifest.toml", - want: juliaV1_9DepExtLibs, + want: juliaV1_9DepExtPkgs, wantDeps: nil, }, { name: "shadowed dep v1.9", file: "testdata/shadowed_dep_v1.9/Manifest.toml", - want: juliaV1_9ShadowedDepLibs, + want: juliaV1_9ShadowedDepPkgs, wantDeps: juliaV1_9ShadowedDepDeps, }, } diff --git a/pkg/dependency/parser/julia/manifest/parse_testcase.go b/pkg/dependency/parser/julia/manifest/parse_testcase.go index 4ccc1994493c..75602f7311f8 100644 --- a/pkg/dependency/parser/julia/manifest/parse_testcase.go +++ b/pkg/dependency/parser/julia/manifest/parse_testcase.go @@ -3,7 +3,7 @@ package julia import ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" var ( - juliaV1_6Libs = []ftypes.Package{ + juliaV1_6Pkgs = []ftypes.Package{ {ID: "ade2ca70-3891-5945-98fb-dc099432e06a", Name: "Dates", Version: "unknown", Locations: []ftypes.Location{{StartLine: 3, EndLine: 5}}}, {ID: "682c06a0-de6a-54ab-a142-c8b1cf79cde6", Name: "JSON", Version: "0.21.4", Locations: []ftypes.Location{{StartLine: 7, EndLine: 11}}}, {ID: "a63ad114-7e13-5084-954f-fe012c677804", Name: "Mmap", Version: "unknown", Locations: []ftypes.Location{{StartLine: 13, EndLine: 14}}}, @@ -24,7 +24,7 @@ var ( {ID: "de0858da-6303-5e67-8744-51eddeeeb8d7", DependsOn: []string{"4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5"}}, } - juliaV1_8Libs = []ftypes.Package{ + juliaV1_8Pkgs = []ftypes.Package{ {ID: "ade2ca70-3891-5945-98fb-dc099432e06a", Name: "Dates", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 7, EndLine: 9}}}, {ID: "682c06a0-de6a-54ab-a142-c8b1cf79cde6", Name: "JSON", Version: "0.21.4", Locations: []ftypes.Location{{StartLine: 11, EndLine: 15}}}, {ID: "a63ad114-7e13-5084-954f-fe012c677804", Name: "Mmap", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 17, EndLine: 18}}}, @@ -61,11 +61,11 @@ var ( {ID: "cf7118a7-6976-5b1a-9a39-7adc72f591a4", DependsOn: []string{"9a3f8284-a2c9-5f02-9a11-845980a1fd5c", "ea8e919c-243c-51af-8825-aaa63cd721ce"}}, } - juliaV1_9DepExtLibs = []ftypes.Package{ + juliaV1_9DepExtPkgs = []ftypes.Package{ {ID: "621f4979-c628-5d54-868e-fcf4e3e8185c", Name: "AbstractFFTs", Version: "1.3.1", Locations: []ftypes.Location{{StartLine: 7, EndLine: 10}}}, } - juliaV1_9ShadowedDepLibs = []ftypes.Package{ + juliaV1_9ShadowedDepPkgs = []ftypes.Package{ {ID: "ead4f63c-334e-11e9-00e6-e7f0a5f21b60", Name: "A", Version: "1.9.0", Locations: []ftypes.Location{{StartLine: 7, EndLine: 8}}}, {ID: "f41f7b98-334e-11e9-1257-49272045fb24", Name: "B", Version: "1.9.0", Locations: []ftypes.Location{{StartLine: 13, EndLine: 14}}}, {ID: "edca9bc6-334e-11e9-3554-9595dbb4349c", Name: "B", Version: "1.9.0", Locations: []ftypes.Location{{StartLine: 15, EndLine: 16}}}, diff --git a/pkg/dependency/parser/nodejs/npm/parse.go b/pkg/dependency/parser/nodejs/npm/parse.go index 54e0ea727896..ec5d654e7469 100644 --- a/pkg/dependency/parser/nodejs/npm/parse.go +++ b/pkg/dependency/parser/nodejs/npm/parse.go @@ -128,9 +128,9 @@ func (p *Parser) parseV2(packages map[string]Package) ([]ftypes.Package, []ftype } } - pkgIndirect := isIndirectLib(pkgPath, directDeps) + pkgIndirect := isIndirectPkg(pkgPath, directDeps) - // There are cases when similar libraries use same dependencies + // There are cases when similar packages use same dependencies // we need to add location for each these dependencies if savedPkg, ok := pkgs[pkgID]; ok { savedPkg.Dev = savedPkg.Dev && pkg.Dev @@ -150,7 +150,7 @@ func (p *Parser) parseV2(packages map[string]Package) ([]ftypes.Package, []ftype continue } - lib := ftypes.Package{ + newPkg := ftypes.Package{ ID: pkgID, Name: pkgName, Version: pkg.Version, @@ -159,7 +159,7 @@ func (p *Parser) parseV2(packages map[string]Package) ([]ftypes.Package, []ftype ExternalReferences: lo.Ternary(ref.URL != "", []ftypes.ExternalRef{ref}, nil), Locations: []ftypes.Location{location}, } - pkgs[pkgID] = lib + pkgs[pkgID] = newPkg // npm builds graph using optional deps. e.g.: // └─┬ watchpack@1.7.5 @@ -179,7 +179,7 @@ func (p *Parser) parseV2(packages map[string]Package) ([]ftypes.Package, []ftype if len(dependsOn) > 0 { deps = append(deps, ftypes.Dependency{ - ID: lib.ID, + ID: newPkg.ID, DependsOn: dependsOn, }) } @@ -302,23 +302,23 @@ func (p *Parser) parseV1(dependencies map[string]Dependency, versions map[string pkgs = append(pkgs, pkg) dependsOn := make([]string, 0, len(dep.Requires)) - for libName, requiredVer := range dep.Requires { + for pName, requiredVer := range dep.Requires { // Try to resolve the version with nested dependencies first - if resolvedDep, ok := dep.Dependencies[libName]; ok { - libID := packageID(libName, resolvedDep.Version) - dependsOn = append(dependsOn, libID) + if resolvedDep, ok := dep.Dependencies[pName]; ok { + pkgID := packageID(pName, resolvedDep.Version) + dependsOn = append(dependsOn, pkgID) continue } // Try to resolve the version with the higher level dependencies - if ver, ok := versions[libName]; ok { - dependsOn = append(dependsOn, packageID(libName, ver)) + if ver, ok := versions[pName]; ok { + dependsOn = append(dependsOn, packageID(pName, ver)) continue } // It should not reach here. p.logger.Warn("Unable to resolve the version", - log.String("name", libName), log.String("version", requiredVer)) + log.String("name", pName), log.String("version", requiredVer)) } if len(dependsOn) > 0 { @@ -370,10 +370,10 @@ func uniqueDeps(deps []ftypes.Dependency) []ftypes.Dependency { return uniqDeps } -func isIndirectLib(pkgPath string, directDeps map[string]struct{}) bool { +func isIndirectPkg(pkgPath string, directDeps map[string]struct{}) bool { // A project can contain 2 different versions of the same dependency. // e.g. `node_modules/string-width/node_modules/strip-ansi` and `node_modules/string-ansi` - // direct dependencies always have root path (`node_modules/`) + // direct dependencies always have root path (`node_modules/`) if _, ok := directDeps[pkgPath]; ok { return false } diff --git a/pkg/dependency/parser/nodejs/npm/parse_testcase.go b/pkg/dependency/parser/nodejs/npm/parse_testcase.go index c5fbd2c82036..01dcac6711f9 100644 --- a/pkg/dependency/parser/nodejs/npm/parse_testcase.go +++ b/pkg/dependency/parser/nodejs/npm/parse_testcase.go @@ -10,7 +10,7 @@ var ( // npm install --save-dev debug@2.5.2 // npm install --save-optional promise // npm i --lockfile-version 1 - // libraries are filled manually + // packages are filled manually npmV1Pkgs = []ftypes.Package{ { @@ -694,7 +694,7 @@ var ( // ... and // npm i --lockfile-version 2 - // same as npmV1Pkgs but change `Indirect` field to false for `body-parser@1.18.3`, `finalhandler@1.1.1`, `@babel/helper-string-parser@7.19.4`, `promise@8.3.0` and `ms@1.0.0` libraries. + // same as npmV1Pkgs but change `Indirect` field to false for `body-parser@1.18.3`, `finalhandler@1.1.1`, `@babel/helper-string-parser@7.19.4`, `promise@8.3.0` and `ms@1.0.0` packages. // also need to get locations from `packages` struct // --- lockfile version 3 --- // npm i --lockfile-version 3 @@ -1312,7 +1312,7 @@ var ( // grep -v "functions/func1" ./package.json > tmpfile && mv tmpfile ./package.json // sed -i 's/functions\/nested_func/functions\/*/g' package.json // npm update - // libraries are filled manually + // packages are filled manually npmV3WithWorkspacePkgs = []ftypes.Package{ { ID: "debug@2.5.2", @@ -1448,7 +1448,7 @@ var ( // npm init --force // npm init -w ./functions/func1 --force // npm install --save debug@2.6.9 -w func1 - // libraries are filled manually + // packages are filled manually npmV3WithoutRootDepsField = []ftypes.Package{ { ID: "func1@1.0.0", diff --git a/pkg/dependency/parser/nodejs/pnpm/parse.go b/pkg/dependency/parser/nodejs/pnpm/parse.go index 54504ecf7ac5..92fdc6131744 100644 --- a/pkg/dependency/parser/nodejs/pnpm/parse.go +++ b/pkg/dependency/parser/nodejs/pnpm/parse.go @@ -57,9 +57,9 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependenc return nil, nil, nil } - libs, deps := p.parse(lockVer, lockFile) + pkgs, deps := p.parse(lockVer, lockFile) - return libs, deps, nil + return pkgs, deps, nil } func (p *Parser) parse(lockVer float64, lockFile LockFile) ([]ftypes.Package, []ftypes.Dependency) { diff --git a/pkg/dependency/parser/php/composer/parse_test.go b/pkg/dependency/parser/php/composer/parse_test.go index eb41ed0fae02..726ac4676b37 100644 --- a/pkg/dependency/parser/php/composer/parse_test.go +++ b/pkg/dependency/parser/php/composer/parse_test.go @@ -161,10 +161,10 @@ func TestParse(t *testing.T) { require.NoError(t, err) defer f.Close() - gotLibs, gotDeps, err := NewParser().Parse(f) + gotPkgs, gotDeps, err := NewParser().Parse(f) require.NoError(t, err) - assert.Equal(t, tt.wantPkgs, gotLibs) + assert.Equal(t, tt.wantPkgs, gotPkgs) assert.Equal(t, tt.wantDeps, gotDeps) }) } diff --git a/pkg/dependency/parser/python/poetry/parse_test.go b/pkg/dependency/parser/python/poetry/parse_test.go index b4401f402847..5ce44ddcea8f 100644 --- a/pkg/dependency/parser/python/poetry/parse_test.go +++ b/pkg/dependency/parser/python/poetry/parse_test.go @@ -47,11 +47,11 @@ func TestParser_Parse(t *testing.T) { defer f.Close() p := NewParser() - gotLibs, gotDeps, err := p.Parse(f) + gotPkgs, gotDeps, err := p.Parse(f) if !tt.wantErr(t, err, fmt.Sprintf("Parse(%v)", tt.file)) { return } - assert.Equalf(t, tt.wantPkgs, gotLibs, "Parse(%v)", tt.file) + assert.Equalf(t, tt.wantPkgs, gotPkgs, "Parse(%v)", tt.file) assert.Equalf(t, tt.wantDeps, gotDeps, "Parse(%v)", tt.file) }) } @@ -62,7 +62,7 @@ func TestParseDependency(t *testing.T) { name string packageName string versionRange interface{} - libsVersions map[string][]string + pkgsVersions map[string][]string want string wantErr string }{ @@ -70,7 +70,7 @@ func TestParseDependency(t *testing.T) { name: "handle package name", packageName: "Test_project.Name", versionRange: "*", - libsVersions: map[string][]string{ + pkgsVersions: map[string][]string{ "test-project-name": {"1.0.0"}, }, want: "test-project-name@1.0.0", @@ -79,7 +79,7 @@ func TestParseDependency(t *testing.T) { name: "version range as string", packageName: "test", versionRange: ">=1.0.0", - libsVersions: map[string][]string{ + pkgsVersions: map[string][]string{ "test": {"2.0.0"}, }, want: "test@2.0.0", @@ -88,7 +88,7 @@ func TestParseDependency(t *testing.T) { name: "version range == *", packageName: "test", versionRange: "*", - libsVersions: map[string][]string{ + pkgsVersions: map[string][]string{ "test": {"3.0.0"}, }, want: "test@3.0.0", @@ -100,23 +100,23 @@ func TestParseDependency(t *testing.T) { "version": ">=4.8.3", "markers": "python_version < \"3.8\"", }, - libsVersions: map[string][]string{ + pkgsVersions: map[string][]string{ "test": {"5.0.0"}, }, want: "test@5.0.0", }, { - name: "libsVersions doesn't contain required version", + name: "pkgsVersions doesn't contain required version", packageName: "test", versionRange: ">=1.0.0", - libsVersions: map[string][]string{}, + pkgsVersions: map[string][]string{}, wantErr: "no version found", }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got, err := NewParser().parseDependency(tt.packageName, tt.versionRange, tt.libsVersions) + got, err := NewParser().parseDependency(tt.packageName, tt.versionRange, tt.pkgsVersions) if tt.wantErr != "" { assert.ErrorContains(t, err, tt.wantErr) return diff --git a/pkg/dependency/parser/ruby/bundler/parse_test.go b/pkg/dependency/parser/ruby/bundler/parse_test.go index 2e0341275c74..0668bbd5bfbc 100644 --- a/pkg/dependency/parser/ruby/bundler/parse_test.go +++ b/pkg/dependency/parser/ruby/bundler/parse_test.go @@ -269,11 +269,11 @@ func TestParser_Parse(t *testing.T) { defer f.Close() p := &bundler.Parser{} - gotLibs, gotDeps, err := p.Parse(f) + gotPkgs, gotDeps, err := p.Parse(f) if !tt.wantErr(t, err, fmt.Sprintf("Parse(%v)", tt.file)) { return } - assert.Equalf(t, tt.wantPkgs, gotLibs, "Parse(%v)", tt.file) + assert.Equalf(t, tt.wantPkgs, gotPkgs, "Parse(%v)", tt.file) assert.Equalf(t, tt.wantDeps, gotDeps, "Parse(%v)", tt.file) }) } diff --git a/pkg/dependency/parser/swift/cocoapods/parse_test.go b/pkg/dependency/parser/swift/cocoapods/parse_test.go index aea6c0f436a6..f81b81929654 100644 --- a/pkg/dependency/parser/swift/cocoapods/parse_test.go +++ b/pkg/dependency/parser/swift/cocoapods/parse_test.go @@ -85,10 +85,10 @@ func TestParse(t *testing.T) { require.NoError(t, err) defer f.Close() - gotLibs, gotDeps, err := cocoapods.NewParser().Parse(f) + gotPkgs, gotDeps, err := cocoapods.NewParser().Parse(f) require.NoError(t, err) - assert.Equal(t, tt.wantPkgs, gotLibs) + assert.Equal(t, tt.wantPkgs, gotPkgs) assert.Equal(t, tt.wantDeps, gotDeps) }) } diff --git a/pkg/dependency/parser/swift/swift/parse_test.go b/pkg/dependency/parser/swift/swift/parse_test.go index 66044e7f0027..cd90d26fc6e4 100644 --- a/pkg/dependency/parser/swift/swift/parse_test.go +++ b/pkg/dependency/parser/swift/swift/parse_test.go @@ -92,9 +92,9 @@ func TestParser_Parse(t *testing.T) { f, err := os.Open(tt.inputFile) assert.NoError(t, err) - libs, _, err := parser.Parse(f) + gotPkgs, _, err := parser.Parse(f) assert.NoError(t, err) - assert.Equal(t, tt.want, libs) + assert.Equal(t, tt.want, gotPkgs) }) } } diff --git a/pkg/dependency/parser/utils/utils_test.go b/pkg/dependency/parser/utils/utils_test.go index 7f388a449629..ed5d84135c19 100644 --- a/pkg/dependency/parser/utils/utils_test.go +++ b/pkg/dependency/parser/utils/utils_test.go @@ -110,8 +110,8 @@ func TestUniqueLibraries(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gotLibs := UniquePackages(tt.pkgs) - require.Equal(t, tt.wantPkgs, gotLibs) + gotPkgs := UniquePackages(tt.pkgs) + require.Equal(t, tt.wantPkgs, gotPkgs) }) } } diff --git a/pkg/fanal/analyzer/language/analyze.go b/pkg/fanal/analyzer/language/analyze.go index 59181ce38908..6ecbaba65752 100644 --- a/pkg/fanal/analyzer/language/analyze.go +++ b/pkg/fanal/analyzer/language/analyze.go @@ -52,19 +52,19 @@ func Parse(fileType types.LangType, filePath string, r io.Reader, parser Parser) if err != nil { return nil, xerrors.Errorf("reader error: %w", err) } - parsedLibs, parsedDependencies, err := parser.Parse(rr) + parsedPkgs, parsedDependencies, err := parser.Parse(rr) if err != nil { return nil, xerrors.Errorf("failed to parse %s: %w", filePath, err) } // The file path of each library should be empty in case of dependency list such as lock file // since they all will be the same path. - return toApplication(fileType, filePath, "", nil, parsedLibs, parsedDependencies), nil + return toApplication(fileType, filePath, "", nil, parsedPkgs, parsedDependencies), nil } // ParsePackage returns a parsed result of the package file func ParsePackage(fileType types.LangType, filePath string, r xio.ReadSeekerAt, parser Parser, checksum bool) (*types.Application, error) { - parsedLibs, parsedDependencies, err := parser.Parse(r) + parsedPkgs, parsedDependencies, err := parser.Parse(r) if err != nil { return nil, xerrors.Errorf("failed to parse %s: %w", filePath, err) } @@ -76,7 +76,7 @@ func ParsePackage(fileType types.LangType, filePath string, r xio.ReadSeekerAt, // The file path of each library should be empty in case of dependency list such as lock file // since they all will be the same path. - return toApplication(fileType, filePath, filePath, r, parsedLibs, parsedDependencies), nil + return toApplication(fileType, filePath, filePath, r, parsedPkgs, parsedDependencies), nil } func toApplication(fileType types.LangType, filePath, libFilePath string, r xio.ReadSeekerAt, pkgs []types.Package, depGraph []types.Dependency) *types.Application { diff --git a/pkg/fanal/analyzer/language/dart/pub/pubspec.go b/pkg/fanal/analyzer/language/dart/pub/pubspec.go index f3e7e20f1614..ad8a5396e255 100644 --- a/pkg/fanal/analyzer/language/dart/pub/pubspec.go +++ b/pkg/fanal/analyzer/language/dart/pub/pubspec.go @@ -71,14 +71,14 @@ func (a pubSpecLockAnalyzer) PostAnalyze(_ context.Context, input analyzer.PostA if allDependsOn != nil { // Required to search for library versions for DependsOn. - libs := lo.SliceToMap(app.Packages, func(lib types.Package) (string, string) { + pkgs := lo.SliceToMap(app.Packages, func(lib types.Package) (string, string) { return lib.Name, lib.ID }) for i, lib := range app.Packages { var dependsOn []string for _, depName := range allDependsOn[lib.ID] { - if depID, ok := libs[depName]; ok { + if depID, ok := pkgs[depName]; ok { dependsOn = append(dependsOn, depID) } } diff --git a/pkg/fanal/analyzer/language/golang/mod/mod.go b/pkg/fanal/analyzer/language/golang/mod/mod.go index e976f9d143ce..f97d9bed5add 100644 --- a/pkg/fanal/analyzer/language/golang/mod/mod.go +++ b/pkg/fanal/analyzer/language/golang/mod/mod.go @@ -138,7 +138,7 @@ func (a *gomodAnalyzer) fillAdditionalData(apps []types.Application) error { licenses := make(map[string][]string) for i, app := range apps { // Actually used dependencies - usedLibs := lo.SliceToMap(app.Packages, func(pkg types.Package) (string, types.Package) { + usedPkgs := lo.SliceToMap(app.Packages, func(pkg types.Package) (string, types.Package) { return pkg.Name, pkg }) for j, lib := range app.Packages { @@ -171,7 +171,7 @@ func (a *gomodAnalyzer) fillAdditionalData(apps []types.Application) error { } else { // Filter out unused dependencies and convert module names to module IDs apps[i].Packages[j].DependsOn = lo.FilterMap(dep.DependsOn, func(modName string, _ int) (string, bool) { - if m, ok := usedLibs[modName]; !ok { + if m, ok := usedPkgs[modName]; !ok { return "", false } else { return m.ID, true @@ -197,13 +197,13 @@ func (a *gomodAnalyzer) collectDeps(modDir, pkgID string) (types.Dependency, err defer f.Close() // Parse go.mod under $GOPATH/pkg/mod - libs, _, err := a.leafModParser.Parse(f) + pkgs, _, err := a.leafModParser.Parse(f) if err != nil { return types.Dependency{}, xerrors.Errorf("%s parse error: %w", modPath, err) } // Filter out indirect dependencies - dependsOn := lo.FilterMap(libs, func(lib types.Package, index int) (string, bool) { + dependsOn := lo.FilterMap(pkgs, func(lib types.Package, index int) (string, bool) { return lib.Name, lib.Relationship == types.RelationshipDirect }) diff --git a/pkg/fanal/analyzer/language/java/gradle/lockfile.go b/pkg/fanal/analyzer/language/java/gradle/lockfile.go index 1800cc0176a1..ce7fc2c31e59 100644 --- a/pkg/fanal/analyzer/language/java/gradle/lockfile.go +++ b/pkg/fanal/analyzer/language/java/gradle/lockfile.go @@ -64,7 +64,7 @@ func (a gradleLockAnalyzer) PostAnalyze(_ context.Context, input analyzer.PostAn return nil } - libs := lo.SliceToMap(app.Packages, func(lib types.Package) (string, struct{}) { + pkgs := lo.SliceToMap(app.Packages, func(lib types.Package) (string, struct{}) { return lib.ID, struct{}{} }) @@ -82,7 +82,7 @@ func (a gradleLockAnalyzer) PostAnalyze(_ context.Context, input analyzer.PostAn var deps []string for _, dep := range pom.Dependencies.Dependency { id := packageID(dep.GroupID, dep.ArtifactID, dep.Version) - if _, ok := libs[id]; ok { + if _, ok := pkgs[id]; ok { deps = append(deps, id) } } diff --git a/pkg/fanal/analyzer/language/nodejs/yarn/yarn.go b/pkg/fanal/analyzer/language/nodejs/yarn/yarn.go index dc309f9416b0..086f5fe7f615 100644 --- a/pkg/fanal/analyzer/language/nodejs/yarn/yarn.go +++ b/pkg/fanal/analyzer/language/nodejs/yarn/yarn.go @@ -194,12 +194,12 @@ func (a yarnAnalyzer) analyzeDependencies(fsys fs.FS, dir string, app *types.App return nil } -func (a yarnAnalyzer) walkDependencies(libs []types.Package, pkgIDs map[string]types.Package, +func (a yarnAnalyzer) walkDependencies(pkgs []types.Package, pkgIDs map[string]types.Package, directDeps map[string]string, dev bool) (map[string]types.Package, error) { // Identify direct dependencies - pkgs := make(map[string]types.Package) - for _, pkg := range libs { + directPkgs := make(map[string]types.Package) + for _, pkg := range pkgs { constraint, ok := directDeps[pkg.Name] if !ok { continue @@ -223,16 +223,16 @@ func (a yarnAnalyzer) walkDependencies(libs []types.Package, pkgIDs map[string]t pkg.Indirect = false pkg.Relationship = types.RelationshipDirect pkg.Dev = dev - pkgs[pkg.ID] = pkg + directPkgs[pkg.ID] = pkg } // Walk indirect dependencies - for _, pkg := range pkgs { - a.walkIndirectDependencies(pkg, pkgIDs, pkgs) + for _, pkg := range directPkgs { + a.walkIndirectDependencies(pkg, pkgIDs, directPkgs) } - return pkgs, nil + return directPkgs, nil } func (a yarnAnalyzer) walkIndirectDependencies(pkg types.Package, pkgIDs, deps map[string]types.Package) {