Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor: unify Library and Package structs #6633

Merged
merged 35 commits into from
May 7, 2024
Merged

refactor: unify Library and Package structs #6633

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
9bb9014
refactor: unifty Library and Package
knqyf263 May 6, 2024
9abf7ac
refactor: replace Library with Package
knqyf263 May 6, 2024
8704363
test(integration): fix golden
knqyf263 May 6, 2024
a19dbe8
refactor: replace Libraries with Packages in Application
knqyf263 May 6, 2024
93c9c5a
refactor(rpc): replace Libraries with Packages
knqyf263 May 6, 2024
725e4fd
test: sort packages
knqyf263 May 6, 2024
ff481eb
refactor: replace lib with pkg
knqyf263 May 7, 2024
398aeaf
refactor: replace lib with pkg
knqyf263 May 7, 2024
48cbd27
refactor: replace lib with pkg
knqyf263 May 7, 2024
3718e95
refactor: replace lib with pkg
knqyf263 May 7, 2024
020e3b5
refactor(gradle): use sort.Sort
knqyf263 May 7, 2024
4e33bc7
refactor: replace lib with pkg
knqyf263 May 7, 2024
2468e08
refactor: replace lib with pkg
knqyf263 May 7, 2024
84cf0be
refactor: replace lib with pkg
knqyf263 May 7, 2024
05aa799
refactor: replace lib with pkg
knqyf263 May 7, 2024
793c85d
refactor: replace lib with pkg
knqyf263 May 7, 2024
964e98f
refactor: replace lib with pkg
knqyf263 May 7, 2024
8598e4f
refactor: replace lib with pkg
knqyf263 May 7, 2024
129fff0
refactor: replace lib with pkg
knqyf263 May 7, 2024
9dcccd5
refactor: replace lib with pkg
knqyf263 May 7, 2024
52cb6d1
refactor: replace lib with pkg
knqyf263 May 7, 2024
bff98d2
refactor: replace lib with pkg
knqyf263 May 7, 2024
d416271
refactor: replace lib with pkg
knqyf263 May 7, 2024
4c3ddab
refactor: replace lib with pkg
knqyf263 May 7, 2024
ce70874
refactor: replace lib with pkg
knqyf263 May 7, 2024
82f95d3
refactor: replace lib with pkg
knqyf263 May 7, 2024
b02d21f
refactor: replace lib with pkg
knqyf263 May 7, 2024
e854249
refactor: replace lib with pkg
knqyf263 May 7, 2024
07da4e2
refactor(hex): use sort.Sort
knqyf263 May 7, 2024
5f43652
refactor(pnpm): use sort.Sort
knqyf263 May 7, 2024
d284d01
refactor(npm): replace lib with pkg
knqyf263 May 7, 2024
fee8c55
refactor(yarn): use sort.Sort
knqyf263 May 7, 2024
f83ca44
refactor: renaming
knqyf263 May 7, 2024
2c73669
refactor: rename lib to pkg
DmitriyLewen May 7, 2024
b2d35b1
refactor: use sort.Sort instead of sort.Slice
DmitriyLewen May 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 24 additions & 24 deletions integration/testdata/conan.json.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,30 @@
"Class": "lang-pkgs",
"Type": "conan",
"Packages": [
{
"ID": "poco/1.9.4",
"Name": "poco",
"Identifier": {
"PURL": "pkg:conan/[email protected]",
"UID": "312753cebe80c0eb"
},
"Version": "1.9.4",
"Relationship": "direct",
"DependsOn": [
"pcre/8.43",
"zlib/1.2.12",
"expat/2.4.8",
"sqlite3/3.39.2",
"openssl/1.1.1q"
],
"Layer": {},
"Locations": [
{
"StartLine": 12,
"EndLine": 25
}
]
},
{
"ID": "bzip2/1.0.8",
"Name": "bzip2",
Expand Down Expand Up @@ -97,30 +121,6 @@
}
]
},
{
"ID": "poco/1.9.4",
"Name": "poco",
"Identifier": {
"PURL": "pkg:conan/[email protected]",
"UID": "312753cebe80c0eb"
},
"Version": "1.9.4",
"Relationship": "direct",
"DependsOn": [
"pcre/8.43",
"zlib/1.2.12",
"expat/2.4.8",
"sqlite3/3.39.2",
"openssl/1.1.1q"
],
"Layer": {},
"Locations": [
{
"StartLine": 12,
"EndLine": 25
}
]
},
{
"ID": "sqlite3/3.39.2",
"Name": "sqlite3",
Expand Down
22 changes: 11 additions & 11 deletions integration/testdata/poetry.json.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,17 @@
],
"Layer": {}
},
{
"ID": "[email protected]",
"Name": "werkzeug",
"Identifier": {
"PURL": "pkg:pypi/[email protected]",
"UID": "4176be111ad01070"
},
"Version": "0.14",
"Relationship": "direct",
"Layer": {}
},
{
"ID": "[email protected]",
"Name": "colorama",
Expand All @@ -46,17 +57,6 @@
"Indirect": true,
"Relationship": "indirect",
"Layer": {}
},
{
"ID": "[email protected]",
"Name": "werkzeug",
"Identifier": {
"PURL": "pkg:pypi/[email protected]",
"UID": "4176be111ad01070"
},
"Version": "0.14",
"Relationship": "direct",
"Layer": {}
}
],
"Vulnerabilities": [
Expand Down
49 changes: 24 additions & 25 deletions pkg/dependency/parser/c/conan/parse.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import (
"golang.org/x/xerrors"

"github.com/aquasecurity/trivy/pkg/dependency"
"github.com/aquasecurity/trivy/pkg/dependency/types"
ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
"github.com/aquasecurity/trivy/pkg/log"
xio "github.com/aquasecurity/trivy/pkg/x/io"
Expand Down Expand Up @@ -44,42 +43,42 @@ type Parser struct {
logger *log.Logger
}

func NewParser() types.Parser {
func NewParser() *Parser {
return &Parser{
logger: log.WithPrefix("conan"),
}
}

func (p *Parser) parseV1(lock LockFile) ([]types.Library, []types.Dependency, error) {
var libs []types.Library
var deps []types.Dependency
func (p *Parser) parseV1(lock LockFile) ([]ftypes.Package, []ftypes.Dependency, error) {
var pkgs []ftypes.Package
var deps []ftypes.Dependency
var directDeps []string
if root, ok := lock.GraphLock.Nodes["0"]; ok {
directDeps = root.Requires
}

// Parse packages
parsed := make(map[string]types.Library)
parsed := make(map[string]ftypes.Package)
for i, node := range lock.GraphLock.Nodes {
if node.Ref == "" {
continue
}
lib, err := toLibrary(node.Ref, node.StartLine, node.EndLine)
pkg, err := toPackage(node.Ref, node.StartLine, node.EndLine)
if err != nil {
p.logger.Debug("Parse ref error", log.Err(err))
continue
}

// Determine if the package is a direct dependency or not
direct := slices.Contains(directDeps, i)
lib.Relationship = lo.Ternary(direct, types.RelationshipDirect, types.RelationshipIndirect)
pkg.Relationship = lo.Ternary(direct, ftypes.RelationshipDirect, ftypes.RelationshipIndirect)

parsed[i] = lib
parsed[i] = pkg
}

// Parse dependency graph
for i, node := range lock.GraphLock.Nodes {
lib, ok := parsed[i]
pkg, ok := parsed[i]
if !ok {
continue
}
Expand All @@ -91,33 +90,33 @@ func (p *Parser) parseV1(lock LockFile) ([]types.Library, []types.Dependency, er
}
}
if len(childDeps) != 0 {
deps = append(deps, types.Dependency{
ID: lib.ID,
deps = append(deps, ftypes.Dependency{
ID: pkg.ID,
DependsOn: childDeps,
})
}

libs = append(libs, lib)
pkgs = append(pkgs, pkg)
}
return libs, deps, nil
return pkgs, deps, nil
}

func (p *Parser) parseV2(lock LockFile) ([]types.Library, []types.Dependency, error) {
var libs []types.Library
func (p *Parser) parseV2(lock LockFile) ([]ftypes.Package, []ftypes.Dependency, error) {
var pkgs []ftypes.Package

for _, req := range lock.Requires {
lib, err := toLibrary(req.Dependency, req.StartLine, req.EndLine)
pkg, err := toPackage(req.Dependency, req.StartLine, req.EndLine)
if err != nil {
p.logger.Debug("Creating library entry from requirement failed", err)
p.logger.Debug("Creating package entry from requirement failed", err)
continue
}

libs = append(libs, lib)
pkgs = append(pkgs, pkg)
}
return libs, []types.Dependency{}, nil
return pkgs, []ftypes.Dependency{}, nil
}

func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, error) {
func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependency, error) {
var lock LockFile

input, err := io.ReadAll(r)
Expand Down Expand Up @@ -153,16 +152,16 @@ func parsePackage(text string) (string, string, error) {
return ss[0], ss[1], nil
}

func toLibrary(pkg string, startLine, endLine int) (types.Library, error) {
func toPackage(pkg string, startLine, endLine int) (ftypes.Package, error) {
name, version, err := parsePackage(pkg)
if err != nil {
return types.Library{}, err
return ftypes.Package{}, err
}
return types.Library{
return ftypes.Package{
ID: dependency.ID(ftypes.Conan, name, version),
Name: name,
Version: version,
Locations: []types.Location{
Locations: []ftypes.Location{
{
StartLine: startLine,
EndLine: endLine,
Expand Down
Loading