From 07075696d1e60b79b7d19b7224e26ddd187729c7 Mon Sep 17 00:00:00 2001 From: Teppei Fukuda Date: Mon, 24 Jul 2023 10:09:14 +0300 Subject: [PATCH] refactor: replace with sortable packages (#4858) --- pkg/fanal/analyzer/analyzer.go | 7 +- pkg/fanal/analyzer/analyzer_test.go | 26 +- pkg/fanal/analyzer/language/analyze_test.go | 9 +- .../analyzer/language/c/conan/conan_test.go | 6 +- .../analyzer/language/conda/meta/meta_test.go | 2 +- .../language/dart/pub/pubspec_test.go | 6 +- .../language/dotnet/deps/deps_test.go | 13 +- .../language/dotnet/nuget/nuget_test.go | 34 +- .../analyzer/language/elixir/mix/mix_test.go | 15 +- .../language/golang/binary/binary_test.go | 2 +- .../analyzer/language/golang/mod/mod_test.go | 23 +- .../language/java/gradle/lockfile_test.go | 2 +- .../analyzer/language/java/jar/jar_test.go | 6 +- .../analyzer/language/java/pom/pom_test.go | 6 +- .../analyzer/language/nodejs/npm/npm_test.go | 26 +- .../analyzer/language/nodejs/pkg/pkg_test.go | 4 +- .../language/nodejs/pnpm/pnpm_test.go | 2 +- .../language/nodejs/yarn/yarn_test.go | 8 +- .../language/php/composer/composer.go | 2 +- .../language/php/composer/composer_test.go | 6 +- .../python/packaging/packaging_test.go | 10 +- .../analyzer/language/python/pip/pip_test.go | 5 +- .../language/python/poetry/poetry_test.go | 6 +- .../language/ruby/gemspec/gemspec_test.go | 4 +- .../language/rust/binary/binary_test.go | 2 +- .../analyzer/language/rust/cargo/cargo.go | 2 +- .../language/rust/cargo/cargo_test.go | 376 ++++++++++++------ .../swift/cocoapods/cocoapods_test.go | 6 +- pkg/fanal/analyzer/sbom/sbom_test.go | 4 +- pkg/fanal/applier/applier_test.go | 40 +- pkg/fanal/applier/docker_test.go | 59 ++- pkg/fanal/artifact/image/image_test.go | 234 +++++++---- pkg/fanal/artifact/image/remote_sbom_test.go | 4 +- pkg/fanal/artifact/local/fs_test.go | 8 +- pkg/fanal/artifact/sbom/sbom_test.go | 43 +- pkg/fanal/cache/fs_test.go | 6 +- pkg/fanal/handler/sysfile/filter_test.go | 26 +- .../handler/unpackaged/unpackaged_test.go | 2 +- pkg/fanal/test/integration/library_test.go | 4 +- pkg/fanal/types/artifact.go | 2 +- pkg/rpc/server/server_test.go | 18 +- pkg/sbom/cyclonedx/unmarshal_test.go | 50 ++- pkg/sbom/spdx/unmarshal_test.go | 20 +- 43 files changed, 681 insertions(+), 455 deletions(-) diff --git a/pkg/fanal/analyzer/analyzer.go b/pkg/fanal/analyzer/analyzer.go index 5356385d6a5c..1a781c5eabb5 100644 --- a/pkg/fanal/analyzer/analyzer.go +++ b/pkg/fanal/analyzer/analyzer.go @@ -198,12 +198,7 @@ func (r *AnalysisResult) Sort() { }) for _, app := range r.Applications { - sort.Slice(app.Libraries, func(i, j int) bool { - if app.Libraries[i].Name != app.Libraries[j].Name { - return app.Libraries[i].Name < app.Libraries[j].Name - } - return app.Libraries[i].Version < app.Libraries[j].Version - }) + sort.Sort(app.Libraries) } // Custom resources diff --git a/pkg/fanal/analyzer/analyzer_test.go b/pkg/fanal/analyzer/analyzer_test.go index d527374d8c2b..292b2e6090c5 100644 --- a/pkg/fanal/analyzer/analyzer_test.go +++ b/pkg/fanal/analyzer/analyzer_test.go @@ -58,7 +58,7 @@ func TestAnalysisResult_Merge(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/libc", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "libc", Version: "1.2.3", @@ -70,7 +70,7 @@ func TestAnalysisResult_Merge(t *testing.T) { { Type: "bundler", FilePath: "app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "rails", Version: "5.0.0", @@ -84,7 +84,7 @@ func TestAnalysisResult_Merge(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/openssl", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.1.1", @@ -96,7 +96,7 @@ func TestAnalysisResult_Merge(t *testing.T) { { Type: "bundler", FilePath: "app2/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "nokogiri", Version: "1.0.0", @@ -114,7 +114,7 @@ func TestAnalysisResult_Merge(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/libc", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "libc", Version: "1.2.3", @@ -123,7 +123,7 @@ func TestAnalysisResult_Merge(t *testing.T) { }, { FilePath: "var/lib/dpkg/status.d/openssl", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.1.1", @@ -135,7 +135,7 @@ func TestAnalysisResult_Merge(t *testing.T) { { Type: "bundler", FilePath: "app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "rails", Version: "5.0.0", @@ -145,7 +145,7 @@ func TestAnalysisResult_Merge(t *testing.T) { { Type: "bundler", FilePath: "app2/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "nokogiri", Version: "1.0.0", @@ -335,7 +335,7 @@ func TestAnalyzerGroup_AnalyzeFile(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "/lib/apk/db/installed", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "musl@1.1.24-r2", Name: "musl", @@ -375,7 +375,7 @@ func TestAnalyzerGroup_AnalyzeFile(t *testing.T) { { Type: "bundler", FilePath: "/app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "actioncable@5.2.3", Name: "actioncable", @@ -436,7 +436,7 @@ func TestAnalyzerGroup_AnalyzeFile(t *testing.T) { { Type: "bundler", FilePath: "/app/Gemfile-dev.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "actioncable@5.2.3", Name: "actioncable", @@ -569,7 +569,7 @@ func TestAnalyzerGroup_PostAnalyze(t *testing.T) { { Type: string(analyzer.TypeJar), FilePath: "testdata/post-apps/jar/jackson-annotations-2.15.0-rc2.jar", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "com.fasterxml.jackson.core:jackson-annotations", Version: "2.15.0-rc2", @@ -589,7 +589,7 @@ func TestAnalyzerGroup_PostAnalyze(t *testing.T) { { Type: string(analyzer.TypePoetry), FilePath: "testdata/post-apps/poetry/happy/poetry.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "certifi@2022.12.7", Name: "certifi", diff --git a/pkg/fanal/analyzer/language/analyze_test.go b/pkg/fanal/analyzer/language/analyze_test.go index 2f6c8e574c1c..a0016aa8fd80 100644 --- a/pkg/fanal/analyzer/language/analyze_test.go +++ b/pkg/fanal/analyzer/language/analyze_test.go @@ -26,7 +26,12 @@ func (p *mockParser) Parse(r dio.ReadSeekerAt) ([]godeptypes.Library, []godeptyp switch string(b) { case "happy": - return []godeptypes.Library{{Name: "test", Version: "1.2.3"}}, nil, nil + return []godeptypes.Library{ + { + Name: "test", + Version: "1.2.3", + }, + }, nil, nil case "sad": return nil, nil, xerrors.New("unexpected error") } @@ -58,7 +63,7 @@ func TestAnalyze(t *testing.T) { { Type: types.GoBinary, FilePath: "app/myweb", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "test", Version: "1.2.3", diff --git a/pkg/fanal/analyzer/language/c/conan/conan_test.go b/pkg/fanal/analyzer/language/c/conan/conan_test.go index 2ea5ae6697b2..c2bf42890162 100644 --- a/pkg/fanal/analyzer/language/c/conan/conan_test.go +++ b/pkg/fanal/analyzer/language/c/conan/conan_test.go @@ -27,7 +27,7 @@ func Test_conanLockAnalyzer_Analyze(t *testing.T) { { Type: types.Conan, FilePath: "testdata/happy.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "openssl/3.0.5", Name: "openssl", @@ -67,9 +67,7 @@ func Test_conanLockAnalyzer_Analyze(t *testing.T) { if got != nil { for _, app := range got.Applications { - sort.Slice(app.Libraries, func(i, j int) bool { - return app.Libraries[i].ID < app.Libraries[j].ID - }) + sort.Sort(app.Libraries) } } diff --git a/pkg/fanal/analyzer/language/conda/meta/meta_test.go b/pkg/fanal/analyzer/language/conda/meta/meta_test.go index e96a259252ae..0b7a988e9ade 100644 --- a/pkg/fanal/analyzer/language/conda/meta/meta_test.go +++ b/pkg/fanal/analyzer/language/conda/meta/meta_test.go @@ -27,7 +27,7 @@ func Test_packagingAnalyzer_Analyze(t *testing.T) { { Type: types.CondaPkg, FilePath: "testdata/pip-22.2.2-py38h06a4308_0.json", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "pip", Version: "22.2.2", diff --git a/pkg/fanal/analyzer/language/dart/pub/pubspec_test.go b/pkg/fanal/analyzer/language/dart/pub/pubspec_test.go index 03599dfd9643..73a8b8cc55b1 100644 --- a/pkg/fanal/analyzer/language/dart/pub/pubspec_test.go +++ b/pkg/fanal/analyzer/language/dart/pub/pubspec_test.go @@ -25,7 +25,7 @@ func Test_pubSpecLockAnalyzer_Analyze(t *testing.T) { { Type: types.Pub, FilePath: "testdata/happy.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "crypto@3.0.2", Name: "crypto", @@ -74,9 +74,7 @@ func Test_pubSpecLockAnalyzer_Analyze(t *testing.T) { if got != nil { for _, app := range got.Applications { - sort.Slice(app.Libraries, func(i, j int) bool { - return app.Libraries[i].ID < app.Libraries[j].ID - }) + sort.Sort(app.Libraries) } } diff --git a/pkg/fanal/analyzer/language/dotnet/deps/deps_test.go b/pkg/fanal/analyzer/language/dotnet/deps/deps_test.go index 3682ec987540..37f23d2774f2 100644 --- a/pkg/fanal/analyzer/language/dotnet/deps/deps_test.go +++ b/pkg/fanal/analyzer/language/dotnet/deps/deps_test.go @@ -27,11 +27,16 @@ func Test_depsLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.DotNetCore, FilePath: "testdata/datacollector.deps.json", - Libraries: []types.Package{ + Libraries: types.Packages{ { - Name: "Newtonsoft.Json", - Version: "9.0.1", - Locations: []types.Location{{StartLine: 8, EndLine: 14}}, + Name: "Newtonsoft.Json", + Version: "9.0.1", + Locations: []types.Location{ + { + StartLine: 8, + EndLine: 14, + }, + }, }, }, }, diff --git a/pkg/fanal/analyzer/language/dotnet/nuget/nuget_test.go b/pkg/fanal/analyzer/language/dotnet/nuget/nuget_test.go index 4304507be884..72ea517c96fa 100644 --- a/pkg/fanal/analyzer/language/dotnet/nuget/nuget_test.go +++ b/pkg/fanal/analyzer/language/dotnet/nuget/nuget_test.go @@ -28,7 +28,7 @@ func Test_nugetibraryAnalyzer_Analyze(t *testing.T) { { Type: types.NuGet, FilePath: "testdata/packages.config", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "Microsoft.AspNet.WebApi", Version: "5.2.2", @@ -50,18 +50,28 @@ func Test_nugetibraryAnalyzer_Analyze(t *testing.T) { { Type: types.NuGet, FilePath: "testdata/packages.lock.json", - Libraries: []types.Package{ + Libraries: types.Packages{ { - ID: "Newtonsoft.Json@12.0.3", - Name: "Newtonsoft.Json", - Version: "12.0.3", - Locations: []types.Location{{StartLine: 5, EndLine: 10}}, + ID: "Newtonsoft.Json@12.0.3", + Name: "Newtonsoft.Json", + Version: "12.0.3", + Locations: []types.Location{ + { + StartLine: 5, + EndLine: 10, + }, + }, }, { - ID: "NuGet.Frameworks@5.7.0", - Name: "NuGet.Frameworks", - Version: "5.7.0", - Locations: []types.Location{{StartLine: 11, EndLine: 19}}, + ID: "NuGet.Frameworks@5.7.0", + Name: "NuGet.Frameworks", + Version: "5.7.0", + Locations: []types.Location{ + { + StartLine: 11, + EndLine: 19, + }, + }, DependsOn: []string{"Newtonsoft.Json@12.0.3"}, }, }, @@ -96,9 +106,7 @@ func Test_nugetibraryAnalyzer_Analyze(t *testing.T) { // Sort libraries for consistency for _, app := range got.Applications { - sort.Slice(app.Libraries, func(i, j int) bool { - return app.Libraries[i].Name < app.Libraries[j].Name - }) + sort.Sort(app.Libraries) } assert.NoError(t, err) diff --git a/pkg/fanal/analyzer/language/elixir/mix/mix_test.go b/pkg/fanal/analyzer/language/elixir/mix/mix_test.go index 000e7418b5cc..9064b8fc0673 100644 --- a/pkg/fanal/analyzer/language/elixir/mix/mix_test.go +++ b/pkg/fanal/analyzer/language/elixir/mix/mix_test.go @@ -23,12 +23,17 @@ func Test_mixLockAnalyzer_Analyze(t *testing.T) { { Type: types.Hex, FilePath: "testdata/happy.mix.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { - ID: "bunt@0.2.0", - Name: "bunt", - Version: "0.2.0", - Locations: []types.Location{{StartLine: 2, EndLine: 2}}, + ID: "bunt@0.2.0", + Name: "bunt", + Version: "0.2.0", + Locations: []types.Location{ + { + StartLine: 2, + EndLine: 2, + }, + }, }, }, }, diff --git a/pkg/fanal/analyzer/language/golang/binary/binary_test.go b/pkg/fanal/analyzer/language/golang/binary/binary_test.go index 3051c590e59b..ca8434298cbb 100644 --- a/pkg/fanal/analyzer/language/golang/binary/binary_test.go +++ b/pkg/fanal/analyzer/language/golang/binary/binary_test.go @@ -28,7 +28,7 @@ func Test_gobinaryLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.GoBinary, FilePath: "testdata/executable_gobinary", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "github.com/aquasecurity/go-pep440-version", Version: "v0.0.0-20210121094942-22b2f8951d46", diff --git a/pkg/fanal/analyzer/language/golang/mod/mod_test.go b/pkg/fanal/analyzer/language/golang/mod/mod_test.go index fd1b004ffbc2..ffae4a44d871 100644 --- a/pkg/fanal/analyzer/language/golang/mod/mod_test.go +++ b/pkg/fanal/analyzer/language/golang/mod/mod_test.go @@ -3,15 +3,14 @@ package mod import ( "context" "path/filepath" + "sort" "testing" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "golang.org/x/exp/slices" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" "github.com/aquasecurity/trivy/pkg/fanal/types" "github.com/aquasecurity/trivy/pkg/mapfs" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" ) func Test_gomodAnalyzer_Analyze(t *testing.T) { @@ -31,7 +30,7 @@ func Test_gomodAnalyzer_Analyze(t *testing.T) { { Type: types.GoModule, FilePath: "go.mod", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "github.com/aquasecurity/go-dep-parser@v0.0.0-20220406074731-71021a481237", Name: "github.com/aquasecurity/go-dep-parser", @@ -64,7 +63,7 @@ func Test_gomodAnalyzer_Analyze(t *testing.T) { { Type: types.GoModule, FilePath: "go.mod", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "github.com/sad/sad@v0.0.1", Name: "github.com/sad/sad", @@ -86,7 +85,7 @@ func Test_gomodAnalyzer_Analyze(t *testing.T) { { Type: types.GoModule, FilePath: "go.mod", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "github.com/aquasecurity/go-dep-parser@v0.0.0-20230219131432-590b1dfb6edd", Name: "github.com/aquasecurity/go-dep-parser", @@ -119,7 +118,7 @@ func Test_gomodAnalyzer_Analyze(t *testing.T) { { Type: types.GoModule, FilePath: "go.mod", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "github.com/aquasecurity/go-dep-parser@v0.0.0-20230219131432-590b1dfb6edd", Name: "github.com/aquasecurity/go-dep-parser", @@ -162,12 +161,8 @@ func Test_gomodAnalyzer_Analyze(t *testing.T) { assert.NoError(t, err) if len(got.Applications) > 0 { - slices.SortFunc(got.Applications[0].Libraries, func(a, b types.Package) bool { - return a.Name < b.Name - }) - slices.SortFunc(tt.want.Applications[0].Libraries, func(a, b types.Package) bool { - return a.Name < b.Name - }) + sort.Sort(got.Applications[0].Libraries) + sort.Sort(tt.want.Applications[0].Libraries) } assert.NoError(t, err) assert.Equal(t, tt.want, got) diff --git a/pkg/fanal/analyzer/language/java/gradle/lockfile_test.go b/pkg/fanal/analyzer/language/java/gradle/lockfile_test.go index 2de2721cd4d7..01ef6a6c99f5 100644 --- a/pkg/fanal/analyzer/language/java/gradle/lockfile_test.go +++ b/pkg/fanal/analyzer/language/java/gradle/lockfile_test.go @@ -25,7 +25,7 @@ func Test_gradleLockAnalyzer_Analyze(t *testing.T) { { Type: types.Gradle, FilePath: "testdata/happy.lockfile", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "com.example:example", Version: "0.0.1", diff --git a/pkg/fanal/analyzer/language/java/jar/jar_test.go b/pkg/fanal/analyzer/language/java/jar/jar_test.go index 185cfbc6133f..f477f86e848b 100644 --- a/pkg/fanal/analyzer/language/java/jar/jar_test.go +++ b/pkg/fanal/analyzer/language/java/jar/jar_test.go @@ -34,7 +34,7 @@ func Test_javaLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Jar, FilePath: "testdata/test.war", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "org.glassfish:javax.el", FilePath: "testdata/test.war/WEB-INF/lib/javax.el-3.0.0.jar", @@ -89,7 +89,7 @@ func Test_javaLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Jar, FilePath: "testdata/test.par", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "com.fasterxml.jackson.core:jackson-core", FilePath: "testdata/test.par/lib/jackson-core-2.9.10.jar", @@ -109,7 +109,7 @@ func Test_javaLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Jar, FilePath: "testdata/test.jar", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "org.apache.tomcat.embed:tomcat-embed-websocket", FilePath: "testdata/test.jar", diff --git a/pkg/fanal/analyzer/language/java/pom/pom_test.go b/pkg/fanal/analyzer/language/java/pom/pom_test.go index e9d728bff387..a31059dd7091 100644 --- a/pkg/fanal/analyzer/language/java/pom/pom_test.go +++ b/pkg/fanal/analyzer/language/java/pom/pom_test.go @@ -29,7 +29,7 @@ func Test_pomAnalyzer_Analyze(t *testing.T) { { Type: types.Pom, FilePath: "testdata/happy/pom.xml", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "com.example:example", Version: "1.0.0", @@ -49,7 +49,7 @@ func Test_pomAnalyzer_Analyze(t *testing.T) { { Type: types.Pom, FilePath: "pom.xml", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "com.example:example", Version: "1.0.0", @@ -68,7 +68,7 @@ func Test_pomAnalyzer_Analyze(t *testing.T) { { Type: types.Pom, FilePath: "testdata/requirements/pom.xml", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "com.example:example", Version: "2.0.0", diff --git a/pkg/fanal/analyzer/language/nodejs/npm/npm_test.go b/pkg/fanal/analyzer/language/nodejs/npm/npm_test.go index f2b5194aa364..4f871d0a382a 100644 --- a/pkg/fanal/analyzer/language/nodejs/npm/npm_test.go +++ b/pkg/fanal/analyzer/language/nodejs/npm/npm_test.go @@ -4,7 +4,6 @@ import ( "context" "os" "sort" - "strings" "testing" "github.com/stretchr/testify/assert" @@ -34,7 +33,7 @@ func Test_npmLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Npm, FilePath: "package-lock.json", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "ansi-colors@3.2.3", Name: "ansi-colors", @@ -149,7 +148,7 @@ func Test_npmLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Npm, FilePath: "package-lock.json", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "ms@2.1.1", Name: "ms", @@ -184,32 +183,13 @@ func Test_npmLibraryAnalyzer_Analyze(t *testing.T) { assert.NoError(t, err) if len(got.Applications) > 0 { - sortPkgs(got.Applications[0].Libraries) + sort.Sort(got.Applications[0].Libraries) } assert.Equal(t, tt.want, got) }) } } -func sortPkgs(libs []types.Package) { - sort.Slice(libs, func(i, j int) bool { - ret := strings.Compare(libs[i].Name, libs[j].Name) - if ret == 0 { - return libs[i].Version < libs[j].Version - } - return ret < 0 - }) - for _, lib := range libs { - sortLocations(lib.Locations) - } -} - -func sortLocations(locs []types.Location) { - sort.Slice(locs, func(i, j int) bool { - return locs[i].StartLine < locs[j].StartLine - }) -} - func Test_nodePkgLibraryAnalyzer_Required(t *testing.T) { tests := []struct { name string diff --git a/pkg/fanal/analyzer/language/nodejs/pkg/pkg_test.go b/pkg/fanal/analyzer/language/nodejs/pkg/pkg_test.go index 15ec58a3f964..91a6bb6d708d 100644 --- a/pkg/fanal/analyzer/language/nodejs/pkg/pkg_test.go +++ b/pkg/fanal/analyzer/language/nodejs/pkg/pkg_test.go @@ -28,7 +28,7 @@ func Test_nodePkgLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.NodePkg, FilePath: "testdata/package.json", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "lodash@5.0.0", Name: "lodash", @@ -50,7 +50,7 @@ func Test_nodePkgLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.NodePkg, FilePath: "testdata/package.json", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "lodash@5.0.0", Name: "lodash", diff --git a/pkg/fanal/analyzer/language/nodejs/pnpm/pnpm_test.go b/pkg/fanal/analyzer/language/nodejs/pnpm/pnpm_test.go index 412261865a6b..3351de538b3b 100644 --- a/pkg/fanal/analyzer/language/nodejs/pnpm/pnpm_test.go +++ b/pkg/fanal/analyzer/language/nodejs/pnpm/pnpm_test.go @@ -27,7 +27,7 @@ func Test_pnpmPkgLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Pnpm, FilePath: "testdata/pnpm-lock.yaml", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "lodash@4.17.21", Name: "lodash", diff --git a/pkg/fanal/analyzer/language/nodejs/yarn/yarn_test.go b/pkg/fanal/analyzer/language/nodejs/yarn/yarn_test.go index 78789b0d7ffb..08dd08b57b88 100644 --- a/pkg/fanal/analyzer/language/nodejs/yarn/yarn_test.go +++ b/pkg/fanal/analyzer/language/nodejs/yarn/yarn_test.go @@ -26,7 +26,7 @@ func Test_yarnLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Yarn, FilePath: "yarn.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "js-tokens@2.0.0", Name: "js-tokens", @@ -135,7 +135,7 @@ func Test_yarnLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Yarn, FilePath: "yarn.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "js-tokens@2.0.0", Name: "js-tokens", @@ -238,7 +238,7 @@ func Test_yarnLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Yarn, FilePath: "yarn.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "js-tokens@2.0.0", Name: "js-tokens", @@ -268,7 +268,7 @@ func Test_yarnLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Yarn, FilePath: "yarn.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "is-number@6.0.0", Name: "is-number", diff --git a/pkg/fanal/analyzer/language/php/composer/composer.go b/pkg/fanal/analyzer/language/php/composer/composer.go index e3f34e2b4871..01afd9ada547 100644 --- a/pkg/fanal/analyzer/language/php/composer/composer.go +++ b/pkg/fanal/analyzer/language/php/composer/composer.go @@ -64,7 +64,7 @@ func (a composerAnalyzer) PostAnalyze(_ context.Context, input analyzer.PostAnal if err = a.mergeComposerJson(input.FS, filepath.Dir(path), app); err != nil { log.Logger.Warnf("Unable to parse %q to identify direct dependencies: %s", filepath.Join(filepath.Dir(path), types.ComposerJson), err) } - sort.Sort(types.Packages(app.Libraries)) + sort.Sort(app.Libraries) apps = append(apps, *app) return nil diff --git a/pkg/fanal/analyzer/language/php/composer/composer_test.go b/pkg/fanal/analyzer/language/php/composer/composer_test.go index d2d4bb36f033..ee493cce2c86 100644 --- a/pkg/fanal/analyzer/language/php/composer/composer_test.go +++ b/pkg/fanal/analyzer/language/php/composer/composer_test.go @@ -24,7 +24,7 @@ func Test_composerAnalyzer_PostAnalyze(t *testing.T) { { Type: types.Composer, FilePath: "composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "pear/log@1.13.3", Name: "pear/log", @@ -65,7 +65,7 @@ func Test_composerAnalyzer_PostAnalyze(t *testing.T) { { Type: types.Composer, FilePath: "composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "pear/log@1.13.3", Name: "pear/log", @@ -106,7 +106,7 @@ func Test_composerAnalyzer_PostAnalyze(t *testing.T) { { Type: types.Composer, FilePath: "composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "pear/log@1.13.3", Name: "pear/log", diff --git a/pkg/fanal/analyzer/language/python/packaging/packaging_test.go b/pkg/fanal/analyzer/language/python/packaging/packaging_test.go index 7557f0081a59..198c0bec273c 100644 --- a/pkg/fanal/analyzer/language/python/packaging/packaging_test.go +++ b/pkg/fanal/analyzer/language/python/packaging/packaging_test.go @@ -28,7 +28,7 @@ func Test_packagingAnalyzer_Analyze(t *testing.T) { { Type: types.PythonPkg, FilePath: "testdata/kitchen-1.2.6-py2.7.egg", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "kitchen", Version: "1.2.6", @@ -49,7 +49,7 @@ func Test_packagingAnalyzer_Analyze(t *testing.T) { { Type: types.PythonPkg, FilePath: "testdata/happy.egg-info/PKG-INFO", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "distlib", Version: "0.3.1", @@ -70,7 +70,7 @@ func Test_packagingAnalyzer_Analyze(t *testing.T) { { Type: types.PythonPkg, FilePath: "testdata/classifier-license.egg-info/PKG-INFO", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "setuptools", Version: "51.3.3", @@ -90,7 +90,7 @@ func Test_packagingAnalyzer_Analyze(t *testing.T) { { Type: types.PythonPkg, FilePath: "testdata/classifier-license.dist-info/METADATA", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "setuptools", Version: "51.3.3", @@ -110,7 +110,7 @@ func Test_packagingAnalyzer_Analyze(t *testing.T) { { Type: types.PythonPkg, FilePath: "testdata/happy.dist-info/METADATA", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "distlib", Version: "0.3.1", diff --git a/pkg/fanal/analyzer/language/python/pip/pip_test.go b/pkg/fanal/analyzer/language/python/pip/pip_test.go index 692220e8b99c..b023648ae5d0 100644 --- a/pkg/fanal/analyzer/language/python/pip/pip_test.go +++ b/pkg/fanal/analyzer/language/python/pip/pip_test.go @@ -27,7 +27,7 @@ func Test_pipAnalyzer_Analyze(t *testing.T) { { Type: types.Pip, FilePath: "testdata/requirements.txt", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "click", Version: "8.0.0", @@ -44,7 +44,8 @@ func Test_pipAnalyzer_Analyze(t *testing.T) { }, }, }, - }, { + }, + { name: "happy path with not related filename", inputFile: "testdata/not-related.txt", want: nil, diff --git a/pkg/fanal/analyzer/language/python/poetry/poetry_test.go b/pkg/fanal/analyzer/language/python/poetry/poetry_test.go index 5dfefa6423c2..f4becb554cec 100644 --- a/pkg/fanal/analyzer/language/python/poetry/poetry_test.go +++ b/pkg/fanal/analyzer/language/python/poetry/poetry_test.go @@ -26,7 +26,7 @@ func Test_poetryLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Poetry, FilePath: "poetry.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "certifi@2022.12.7", Name: "certifi", @@ -119,7 +119,7 @@ func Test_poetryLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Poetry, FilePath: "poetry.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "click@8.1.3", Name: "click", @@ -146,7 +146,7 @@ func Test_poetryLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.Poetry, FilePath: "poetry.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "click@8.1.3", Name: "click", diff --git a/pkg/fanal/analyzer/language/ruby/gemspec/gemspec_test.go b/pkg/fanal/analyzer/language/ruby/gemspec/gemspec_test.go index ffb6ecef700a..4bd48d379f8b 100644 --- a/pkg/fanal/analyzer/language/ruby/gemspec/gemspec_test.go +++ b/pkg/fanal/analyzer/language/ruby/gemspec/gemspec_test.go @@ -28,7 +28,7 @@ func Test_gemspecLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.GemSpec, FilePath: "testdata/multiple_licenses.gemspec", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "test-unit", Version: "3.3.7", @@ -53,7 +53,7 @@ func Test_gemspecLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.GemSpec, FilePath: "testdata/multiple_licenses.gemspec", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "test-unit", Version: "3.3.7", diff --git a/pkg/fanal/analyzer/language/rust/binary/binary_test.go b/pkg/fanal/analyzer/language/rust/binary/binary_test.go index c4b06743cee0..19b339670559 100644 --- a/pkg/fanal/analyzer/language/rust/binary/binary_test.go +++ b/pkg/fanal/analyzer/language/rust/binary/binary_test.go @@ -28,7 +28,7 @@ func Test_rustBinaryLibraryAnalyzer_Analyze(t *testing.T) { { Type: types.RustBinary, FilePath: "testdata/executable_rust", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "crate_with_features@0.1.0", Name: "crate_with_features", diff --git a/pkg/fanal/analyzer/language/rust/cargo/cargo.go b/pkg/fanal/analyzer/language/rust/cargo/cargo.go index 885fbaa31363..84ddc5b74962 100644 --- a/pkg/fanal/analyzer/language/rust/cargo/cargo.go +++ b/pkg/fanal/analyzer/language/rust/cargo/cargo.go @@ -72,7 +72,7 @@ func (a cargoAnalyzer) PostAnalyze(_ context.Context, input analyzer.PostAnalysi if err = a.removeDevDependencies(input.FS, filepath.Dir(path), app); err != nil { log.Logger.Warnf("Unable to parse %q to identify direct dependencies: %s", filepath.Join(filepath.Dir(path), types.CargoToml), err) } - sort.Sort(types.Packages(app.Libraries)) + sort.Sort(app.Libraries) apps = append(apps, *app) return nil diff --git a/pkg/fanal/analyzer/language/rust/cargo/cargo_test.go b/pkg/fanal/analyzer/language/rust/cargo/cargo_test.go index 7b49da976dd0..3e6bf0992e2d 100644 --- a/pkg/fanal/analyzer/language/rust/cargo/cargo_test.go +++ b/pkg/fanal/analyzer/language/rust/cargo/cargo_test.go @@ -25,66 +25,110 @@ func Test_cargoAnalyzer_Analyze(t *testing.T) { { Type: types.Cargo, FilePath: "Cargo.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { - ID: "aho-corasick@0.7.20", - Name: "aho-corasick", - Version: "0.7.20", - Indirect: true, - Locations: []types.Location{{StartLine: 4, EndLine: 11}}, + ID: "aho-corasick@0.7.20", + Name: "aho-corasick", + Version: "0.7.20", + Indirect: true, + Locations: []types.Location{ + { + StartLine: 4, + EndLine: 11, + }, + }, DependsOn: []string{"memchr@2.5.0"}, }, { - ID: "libc@0.2.140", - Name: "libc", - Version: "0.2.140", - Indirect: true, - Locations: []types.Location{{StartLine: 22, EndLine: 26}}, + ID: "libc@0.2.140", + Name: "libc", + Version: "0.2.140", + Indirect: true, + Locations: []types.Location{ + { + StartLine: 22, + EndLine: 26, + }, + }, }, { - ID: "memchr@1.0.2", - Name: "memchr", - Version: "1.0.2", - Indirect: false, - Locations: []types.Location{{StartLine: 28, EndLine: 35}}, + ID: "memchr@1.0.2", + Name: "memchr", + Version: "1.0.2", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 28, + EndLine: 35, + }, + }, DependsOn: []string{"libc@0.2.140"}, }, { - ID: "memchr@2.5.0", - Name: "memchr", - Version: "2.5.0", - Indirect: true, - Locations: []types.Location{{StartLine: 37, EndLine: 41}}, + ID: "memchr@2.5.0", + Name: "memchr", + Version: "2.5.0", + Indirect: true, + Locations: []types.Location{ + { + StartLine: 37, + EndLine: 41, + }, + }, }, { - ID: "regex@1.7.3", - Name: "regex", - Version: "1.7.3", - Indirect: false, - Locations: []types.Location{{StartLine: 43, EndLine: 52}}, - DependsOn: []string{"aho-corasick@0.7.20", "memchr@2.5.0", "regex-syntax@0.6.29"}, + ID: "regex@1.7.3", + Name: "regex", + Version: "1.7.3", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 43, + EndLine: 52, + }, + }, + DependsOn: []string{ + "aho-corasick@0.7.20", + "memchr@2.5.0", + "regex-syntax@0.6.29", + }, }, { - ID: "regex-syntax@0.5.6", - Name: "regex-syntax", - Version: "0.5.6", - Indirect: false, - Locations: []types.Location{{StartLine: 54, EndLine: 61}}, + ID: "regex-syntax@0.5.6", + Name: "regex-syntax", + Version: "0.5.6", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 54, + EndLine: 61, + }, + }, DependsOn: []string{"ucd-util@0.1.10"}, }, { - ID: "regex-syntax@0.6.29", - Name: "regex-syntax", - Version: "0.6.29", - Indirect: true, - Locations: []types.Location{{StartLine: 63, EndLine: 67}}, + ID: "regex-syntax@0.6.29", + Name: "regex-syntax", + Version: "0.6.29", + Indirect: true, + Locations: []types.Location{ + { + StartLine: 63, + EndLine: 67, + }, + }, }, { - ID: "ucd-util@0.1.10", - Name: "ucd-util", - Version: "0.1.10", - Indirect: true, - Locations: []types.Location{{StartLine: 69, EndLine: 73}}, + ID: "ucd-util@0.1.10", + Name: "ucd-util", + Version: "0.1.10", + Indirect: true, + Locations: []types.Location{ + { + StartLine: 69, + EndLine: 73, + }, + }, }, }, }, @@ -99,13 +143,18 @@ func Test_cargoAnalyzer_Analyze(t *testing.T) { { Type: types.Cargo, FilePath: "Cargo.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { - ID: "memchr@2.5.0", - Name: "memchr", - Version: "2.5.0", - Indirect: false, - Locations: []types.Location{{StartLine: 11, EndLine: 15}}, + ID: "memchr@2.5.0", + Name: "memchr", + Version: "2.5.0", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 11, + EndLine: 15, + }, + }, }, }, }, @@ -120,96 +169,167 @@ func Test_cargoAnalyzer_Analyze(t *testing.T) { { Type: types.Cargo, FilePath: "Cargo.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { - ID: "aho-corasick@0.7.20", - Name: "aho-corasick", - Version: "0.7.20", - Indirect: false, - Locations: []types.Location{{StartLine: 4, EndLine: 11}}, + ID: "aho-corasick@0.7.20", + Name: "aho-corasick", + Version: "0.7.20", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 4, + EndLine: 11, + }, + }, DependsOn: []string{"memchr@2.5.0"}, }, { - ID: "app@0.1.0", - Name: "app", - Version: "0.1.0", - Indirect: false, - Locations: []types.Location{{StartLine: 13, EndLine: 20}}, - DependsOn: []string{"memchr@1.0.2", "regex-syntax@0.5.6", "regex@1.7.3"}, + ID: "app@0.1.0", + Name: "app", + Version: "0.1.0", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 13, + EndLine: 20, + }, + }, + DependsOn: []string{ + "memchr@1.0.2", + "regex-syntax@0.5.6", + "regex@1.7.3", + }, }, { - ID: "libc@0.2.140", - Name: "libc", - Version: "0.2.140", - Indirect: false, - Locations: []types.Location{{StartLine: 22, EndLine: 26}}, + ID: "libc@0.2.140", + Name: "libc", + Version: "0.2.140", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 22, + EndLine: 26, + }, + }, }, { - ID: "memchr@1.0.2", - Name: "memchr", - Version: "1.0.2", - Indirect: false, - Locations: []types.Location{{StartLine: 28, EndLine: 35}}, + ID: "memchr@1.0.2", + Name: "memchr", + Version: "1.0.2", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 28, + EndLine: 35, + }, + }, DependsOn: []string{"libc@0.2.140"}, }, { - ID: "memchr@2.5.0", - Name: "memchr", - Version: "2.5.0", - Indirect: false, - Locations: []types.Location{{StartLine: 37, EndLine: 41}}, + ID: "memchr@2.5.0", + Name: "memchr", + Version: "2.5.0", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 37, + EndLine: 41, + }, + }, }, { - ID: "regex@1.7.3", - Name: "regex", - Version: "1.7.3", - Indirect: false, - Locations: []types.Location{{StartLine: 43, EndLine: 52}}, - DependsOn: []string{"aho-corasick@0.7.20", "memchr@2.5.0", "regex-syntax@0.6.29"}, + ID: "regex@1.7.3", + Name: "regex", + Version: "1.7.3", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 43, + EndLine: 52, + }, + }, + DependsOn: []string{ + "aho-corasick@0.7.20", + "memchr@2.5.0", + "regex-syntax@0.6.29", + }, }, { - ID: "regex-syntax@0.5.6", - Name: "regex-syntax", - Version: "0.5.6", - Indirect: false, - Locations: []types.Location{{StartLine: 54, EndLine: 61}}, + ID: "regex-syntax@0.5.6", + Name: "regex-syntax", + Version: "0.5.6", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 54, + EndLine: 61, + }, + }, DependsOn: []string{"ucd-util@0.1.10"}, }, { - ID: "regex-syntax@0.6.29", - Name: "regex-syntax", - Version: "0.6.29", - Indirect: false, - Locations: []types.Location{{StartLine: 63, EndLine: 67}}, + ID: "regex-syntax@0.6.29", + Name: "regex-syntax", + Version: "0.6.29", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 63, + EndLine: 67, + }, + }, }, { - ID: "ucd-util@0.1.10", - Name: "ucd-util", - Version: "0.1.10", - Indirect: false, - Locations: []types.Location{{StartLine: 69, EndLine: 73}}, + ID: "ucd-util@0.1.10", + Name: "ucd-util", + Version: "0.1.10", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 69, + EndLine: 73, + }, + }, }, { - ID: "winapi@0.3.9", - Name: "winapi", - Version: "0.3.9", - Indirect: false, - Locations: []types.Location{{StartLine: 75, EndLine: 83}}, - DependsOn: []string{"winapi-i686-pc-windows-gnu@0.4.0", "winapi-x86_64-pc-windows-gnu@0.4.0"}, + ID: "winapi@0.3.9", + Name: "winapi", + Version: "0.3.9", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 75, + EndLine: 83, + }, + }, + DependsOn: []string{ + "winapi-i686-pc-windows-gnu@0.4.0", + "winapi-x86_64-pc-windows-gnu@0.4.0", + }, }, { - ID: "winapi-i686-pc-windows-gnu@0.4.0", - Name: "winapi-i686-pc-windows-gnu", - Version: "0.4.0", - Indirect: false, - Locations: []types.Location{{StartLine: 85, EndLine: 89}}, + ID: "winapi-i686-pc-windows-gnu@0.4.0", + Name: "winapi-i686-pc-windows-gnu", + Version: "0.4.0", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 85, + EndLine: 89, + }, + }, }, { - ID: "winapi-x86_64-pc-windows-gnu@0.4.0", - Name: "winapi-x86_64-pc-windows-gnu", - Version: "0.4.0", - Indirect: false, - Locations: []types.Location{{StartLine: 91, EndLine: 95}}, + ID: "winapi-x86_64-pc-windows-gnu@0.4.0", + Name: "winapi-x86_64-pc-windows-gnu", + Version: "0.4.0", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 91, + EndLine: 95, + }, + }, }, }, }, @@ -224,21 +344,31 @@ func Test_cargoAnalyzer_Analyze(t *testing.T) { { Type: types.Cargo, FilePath: "Cargo.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { - ID: "app@0.1.0", - Name: "app", - Version: "0.1.0", - Indirect: false, - Locations: []types.Location{{StartLine: 5, EndLine: 10}}, + ID: "app@0.1.0", + Name: "app", + Version: "0.1.0", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 5, + EndLine: 10, + }, + }, DependsOn: []string{"memchr@2.5.0"}, }, { - ID: "memchr@2.5.0", - Name: "memchr", - Version: "2.5.0", - Indirect: false, - Locations: []types.Location{{StartLine: 12, EndLine: 16}}, + ID: "memchr@2.5.0", + Name: "memchr", + Version: "2.5.0", + Indirect: false, + Locations: []types.Location{ + { + StartLine: 12, + EndLine: 16, + }, + }, }, }, }, diff --git a/pkg/fanal/analyzer/language/swift/cocoapods/cocoapods_test.go b/pkg/fanal/analyzer/language/swift/cocoapods/cocoapods_test.go index 98ea2e66831f..0a12f0230eb3 100644 --- a/pkg/fanal/analyzer/language/swift/cocoapods/cocoapods_test.go +++ b/pkg/fanal/analyzer/language/swift/cocoapods/cocoapods_test.go @@ -25,7 +25,7 @@ func Test_cocoaPodsLockAnalyzer_Analyze(t *testing.T) { { Type: types.Cocoapods, FilePath: "testdata/happy.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "AppCenter/4.2.0", Name: "AppCenter", @@ -86,9 +86,7 @@ func Test_cocoaPodsLockAnalyzer_Analyze(t *testing.T) { if got != nil { for _, app := range got.Applications { - sort.Slice(app.Libraries, func(i, j int) bool { - return app.Libraries[i].ID < app.Libraries[j].ID - }) + sort.Sort(app.Libraries) } } diff --git a/pkg/fanal/analyzer/sbom/sbom_test.go b/pkg/fanal/analyzer/sbom/sbom_test.go index a2858f0abd3f..21e83b7fb5e8 100644 --- a/pkg/fanal/analyzer/sbom/sbom_test.go +++ b/pkg/fanal/analyzer/sbom/sbom_test.go @@ -25,7 +25,7 @@ func Test_sbomAnalyzer_Analyze(t *testing.T) { { Type: types.Jar, FilePath: "opt/bitnami/bin/elasticsearch", - Libraries: []types.Package{ + Libraries: types.Packages{ { FilePath: "opt/bitnami/modules/apm/elastic-apm-agent-1.36.0.jar", Name: "co.elastic.apm:apm-agent", @@ -52,7 +52,7 @@ func Test_sbomAnalyzer_Analyze(t *testing.T) { { Type: types.Jar, FilePath: "opt/bitnami/bin/elasticsearch", - Libraries: []types.Package{ + Libraries: types.Packages{ { FilePath: "opt/bitnami/modules/apm/elastic-apm-agent-1.36.0.jar", Name: "co.elastic.apm:apm-agent", diff --git a/pkg/fanal/applier/applier_test.go b/pkg/fanal/applier/applier_test.go index 4dce68ba3b49..315a042cb279 100644 --- a/pkg/fanal/applier/applier_test.go +++ b/pkg/fanal/applier/applier_test.go @@ -56,7 +56,7 @@ func TestApplier_ApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/tzdata", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "tzdata", Version: "2019a-0+deb9u1", @@ -81,7 +81,7 @@ func TestApplier_ApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/libc6", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "libc6", Version: "2.24-11+deb9u4", @@ -110,7 +110,7 @@ func TestApplier_ApplyLayers(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "guzzlehttp/guzzle", Version: "6.2.0", @@ -143,7 +143,7 @@ func TestApplier_ApplyLayers(t *testing.T) { Family: "debian", Name: "9.9", }, - Packages: []types.Package{ + Packages: types.Packages{ { Name: "libc6", Version: "2.24-11+deb9u4", @@ -169,7 +169,7 @@ func TestApplier_ApplyLayers(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "guzzlehttp/guzzle", Version: "6.2.0", @@ -216,7 +216,7 @@ func TestApplier_ApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "lib/apk/db/installed", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "musl", Version: "1.1.22-r3", @@ -252,7 +252,7 @@ func TestApplier_ApplyLayers(t *testing.T) { Returns: cache.LocalArtifactCacheGetArtifactReturns{ ArtifactInfo: types.ArtifactInfo{ SchemaVersion: 1, - HistoryPackages: []types.Package{ + HistoryPackages: types.Packages{ { Name: "musl", Version: "1.1.23", @@ -295,7 +295,7 @@ func TestApplier_ApplyLayers(t *testing.T) { Family: "alpine", Name: "3.10.4", }, - Packages: []types.Package{ + Packages: types.Packages{ { Name: "busybox", Version: "1.30.1-r3", @@ -338,7 +338,7 @@ func TestApplier_ApplyLayers(t *testing.T) { }, }, ImageConfig: types.ImageConfigDetail{ - Packages: []types.Package{ + Packages: types.Packages{ { Name: "musl", Version: "1.1.23", @@ -444,7 +444,7 @@ func TestApplier_ApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/tzdata", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "tzdata", Version: "2019a-0+deb9u1", @@ -469,7 +469,7 @@ func TestApplier_ApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/libc6", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "libc6", Version: "2.24-11+deb9u4", @@ -498,7 +498,7 @@ func TestApplier_ApplyLayers(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "guzzlehttp/guzzle", Version: "6.2.0", @@ -515,7 +515,7 @@ func TestApplier_ApplyLayers(t *testing.T) { }, }, want: types.ArtifactDetail{ - Packages: []types.Package{ + Packages: types.Packages{ { Name: "libc6", Version: "2.24-11+deb9u4", @@ -541,7 +541,7 @@ func TestApplier_ApplyLayers(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "guzzlehttp/guzzle", Version: "6.2.0", @@ -642,7 +642,7 @@ func TestApplier_ApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/tzdata", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "tzdata", Version: "2019a-0+deb9u1", @@ -684,7 +684,7 @@ func TestApplier_ApplyLayers(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "guzzlehttp/guzzle", Version: "6.2.0", @@ -717,7 +717,7 @@ func TestApplier_ApplyLayers(t *testing.T) { }, }, want: types.ArtifactDetail{ - Packages: []types.Package{ + Packages: types.Packages{ { Name: "tzdata", Version: "2019a-0+deb9u1", @@ -733,7 +733,7 @@ func TestApplier_ApplyLayers(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "guzzlehttp/guzzle", Version: "6.2.0", @@ -810,9 +810,7 @@ func TestApplier_ApplyLayers(t *testing.T) { sort.Sort(got.Packages) for _, app := range got.Applications { - sort.Slice(app.Libraries, func(i, j int) bool { - return app.Libraries[i].Name < app.Libraries[j].Name - }) + sort.Sort(app.Libraries) } sort.Slice(got.CustomResources, func(i, j int) bool { diff --git a/pkg/fanal/applier/docker_test.go b/pkg/fanal/applier/docker_test.go index 80f6bd073812..0e0ae93c8e01 100644 --- a/pkg/fanal/applier/docker_test.go +++ b/pkg/fanal/applier/docker_test.go @@ -30,7 +30,7 @@ func TestApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "lib/apk/db/installed", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.2.3", @@ -43,7 +43,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.Bundler, FilePath: "app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "gemlibrary1", Version: "1.2.3", @@ -53,7 +53,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.Composer, FilePath: "app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "phplibrary1", Version: "6.6.6", @@ -63,7 +63,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.GemSpec, FilePath: "usr/local/bundle/specifications/gon-6.3.2.gemspec", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "gon", Version: "6.3.2", @@ -80,13 +80,14 @@ func TestApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "lib/apk/db/installed", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.2.3", Release: "4.5.6", }, - { // added + { + // added Name: "musl", Version: "1.2.4", Release: "4.5.7", @@ -103,7 +104,7 @@ func TestApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "lib/apk/db/installed", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.2.3", @@ -121,7 +122,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.GemSpec, FilePath: "var/lib/gems/2.5.0/specifications/activesupport-6.0.2.1.gemspec", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "activesupport", Version: "6.0.2.1", @@ -137,7 +138,7 @@ func TestApplyLayers(t *testing.T) { Family: "alpine", Name: "3.10", }, - Packages: []types.Package{ + Packages: types.Packages{ { Name: "musl", Version: "1.2.4", @@ -160,7 +161,7 @@ func TestApplyLayers(t *testing.T) { Applications: []types.Application{ { Type: types.GemSpec, - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "activesupport", Version: "6.0.2.1", @@ -184,7 +185,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.Bundler, FilePath: "app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "gemlibrary1", Version: "1.2.3", @@ -243,7 +244,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.Bundler, FilePath: "app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "rails", Version: "5.0.0", @@ -257,7 +258,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.Composer, FilePath: "app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "phplibrary1", Version: "6.6.6", @@ -267,7 +268,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.GemSpec, FilePath: "var/lib/gems/2.5.0/specifications/activesupport-6.0.2.1.gemspec", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "activesupport", Version: "6.0.2.1", @@ -285,7 +286,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.Bundler, FilePath: "app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "rails", Version: "6.0.0", @@ -299,7 +300,7 @@ func TestApplyLayers(t *testing.T) { { Type: "composer", FilePath: "app/composer2.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "phplibrary1", Version: "6.6.6", @@ -322,7 +323,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.Bundler, FilePath: "app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "rack", Version: "4.0.0", @@ -344,7 +345,7 @@ func TestApplyLayers(t *testing.T) { { Type: types.Composer, FilePath: "app/composer2.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "phplibrary1", Version: "6.6.6", @@ -536,7 +537,7 @@ func TestApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/openssl", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.2.3", @@ -549,7 +550,7 @@ func TestApplyLayers(t *testing.T) { { Type: "composer", FilePath: "app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "phplibrary1", Version: "6.6.6", @@ -575,7 +576,7 @@ func TestApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/libc", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "libc", Version: "1.2.4", @@ -602,7 +603,7 @@ func TestApplyLayers(t *testing.T) { Family: "debian", Name: "8", }, - Packages: []types.Package{ + Packages: types.Packages{ { Name: "libc", Version: "1.2.4", @@ -637,7 +638,7 @@ func TestApplyLayers(t *testing.T) { { Type: "composer", FilePath: "app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "phplibrary1", Version: "6.6.6", @@ -669,7 +670,7 @@ func TestApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/rpm/Packages", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.2.3", @@ -692,7 +693,7 @@ func TestApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/rpm/Packages", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.2.3", @@ -723,7 +724,7 @@ func TestApplyLayers(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/rpm/Packages", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "openssl", Version: "1.2.3", @@ -749,7 +750,7 @@ func TestApplyLayers(t *testing.T) { Family: "redhat", Name: "8", }, - Packages: []types.Package{ + Packages: types.Packages{ { Name: "bash", Version: "5.6.7", @@ -806,9 +807,7 @@ func TestApplyLayers(t *testing.T) { return got.Applications[i].FilePath < got.Applications[j].FilePath }) for _, app := range got.Applications { - sort.Slice(app.Libraries, func(i, j int) bool { - return app.Libraries[i].Name < app.Libraries[j].Name - }) + sort.Sort(app.Libraries) } assert.Equal(t, tt.want, got, tt.name) }) diff --git a/pkg/fanal/artifact/image/image_test.go b/pkg/fanal/artifact/image/image_test.go index 14d3f0650fa3..adb1995a38f7 100644 --- a/pkg/fanal/artifact/image/image_test.go +++ b/pkg/fanal/artifact/image/image_test.go @@ -33,7 +33,7 @@ import ( ) func TestArtifact_Inspect(t *testing.T) { - alpinePkgs := []types.Package{ + alpinePkgs := types.Packages{ { ID: "alpine-baselayout@3.2.0-r3", Name: "alpine-baselayout", @@ -412,7 +412,7 @@ func TestArtifact_Inspect(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/base", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "base-files@9.9+deb9u9", Name: "base-files", @@ -426,7 +426,7 @@ func TestArtifact_Inspect(t *testing.T) { }, { FilePath: "var/lib/dpkg/status.d/netbase", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "netbase@5.4", Name: "netbase", @@ -440,7 +440,7 @@ func TestArtifact_Inspect(t *testing.T) { }, { FilePath: "var/lib/dpkg/status.d/tzdata", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "tzdata@2019a-0+deb9u1", Name: "tzdata", @@ -496,7 +496,7 @@ func TestArtifact_Inspect(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/dpkg/status.d/libc6", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "libc6@2.24-11+deb9u4", Name: "libc6", @@ -512,7 +512,7 @@ func TestArtifact_Inspect(t *testing.T) { }, { FilePath: "var/lib/dpkg/status.d/libssl1", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "libssl1.1@1.1.0k-1~deb9u1", Name: "libssl1.1", @@ -528,7 +528,7 @@ func TestArtifact_Inspect(t *testing.T) { }, { FilePath: "var/lib/dpkg/status.d/openssl", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "openssl@1.1.0k-1~deb9u1", Name: "openssl", @@ -593,37 +593,68 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { - ID: "guzzlehttp/guzzle@6.2.0", - Name: "guzzlehttp/guzzle", - Version: "6.2.0", - Licenses: []string{"MIT"}, - DependsOn: []string{"guzzlehttp/promises@v1.3.1", "guzzlehttp/psr7@1.5.2"}, - Locations: []types.Location{{StartLine: 9, EndLine: 73}}, + ID: "guzzlehttp/guzzle@6.2.0", + Name: "guzzlehttp/guzzle", + Version: "6.2.0", + Licenses: []string{"MIT"}, + DependsOn: []string{ + "guzzlehttp/promises@v1.3.1", + "guzzlehttp/psr7@1.5.2", + }, + Locations: []types.Location{ + { + StartLine: 9, + EndLine: 73, + }, + }, }, { - ID: "guzzlehttp/promises@v1.3.1", - Name: "guzzlehttp/promises", - Version: "v1.3.1", - Licenses: []string{"MIT"}, - Locations: []types.Location{{StartLine: 74, EndLine: 124}}, + ID: "guzzlehttp/promises@v1.3.1", + Name: "guzzlehttp/promises", + Version: "v1.3.1", + Licenses: []string{"MIT"}, + Locations: []types.Location{ + { + StartLine: 74, + EndLine: 124, + }, + }, }, { - ID: "guzzlehttp/psr7@1.5.2", - Name: "guzzlehttp/psr7", - Version: "1.5.2", - Licenses: []string{"MIT"}, - DependsOn: []string{"psr/http-message@1.0.1", "ralouphie/getallheaders@2.0.5"}, - Locations: []types.Location{{StartLine: 125, EndLine: 191}}, + ID: "guzzlehttp/psr7@1.5.2", + Name: "guzzlehttp/psr7", + Version: "1.5.2", + Licenses: []string{"MIT"}, + DependsOn: []string{ + "psr/http-message@1.0.1", + "ralouphie/getallheaders@2.0.5", + }, + Locations: []types.Location{ + { + StartLine: 125, + EndLine: 191, + }, + }, }, { - ID: "laravel/installer@v2.0.1", - Name: "laravel/installer", - Version: "v2.0.1", - Licenses: []string{"MIT"}, - DependsOn: []string{"guzzlehttp/guzzle@6.2.0", "symfony/console@v4.2.7", "symfony/filesystem@v4.2.7", "symfony/process@v4.2.7"}, - Locations: []types.Location{{StartLine: 192, EndLine: 237}}, + ID: "laravel/installer@v2.0.1", + Name: "laravel/installer", + Version: "v2.0.1", + Licenses: []string{"MIT"}, + DependsOn: []string{ + "guzzlehttp/guzzle@6.2.0", + "symfony/console@v4.2.7", + "symfony/filesystem@v4.2.7", + "symfony/process@v4.2.7", + }, + Locations: []types.Location{ + { + StartLine: 192, + EndLine: 237, + }, + }, }, { ID: "pear/log@1.13.1", @@ -631,43 +662,76 @@ func TestArtifact_Inspect(t *testing.T) { Version: "1.13.1", Licenses: []string{"MIT"}, DependsOn: []string{"pear/pear_exception@v1.0.0"}, - Locations: []types.Location{{StartLine: 238, EndLine: 290}}, + Locations: []types.Location{ + { + StartLine: 238, + EndLine: 290, + }, + }, }, { - ID: "pear/pear_exception@v1.0.0", - Name: "pear/pear_exception", - Version: "v1.0.0", - Licenses: []string{"BSD-2-Clause"}, - Locations: []types.Location{{StartLine: 291, EndLine: 345}}, + ID: "pear/pear_exception@v1.0.0", + Name: "pear/pear_exception", + Version: "v1.0.0", + Licenses: []string{"BSD-2-Clause"}, + Locations: []types.Location{ + { + StartLine: 291, + EndLine: 345, + }, + }, }, { - ID: "psr/http-message@1.0.1", - Name: "psr/http-message", - Version: "1.0.1", - Licenses: []string{"MIT"}, - Locations: []types.Location{{StartLine: 346, EndLine: 395}}, + ID: "psr/http-message@1.0.1", + Name: "psr/http-message", + Version: "1.0.1", + Licenses: []string{"MIT"}, + Locations: []types.Location{ + { + StartLine: 346, + EndLine: 395, + }, + }, }, { - ID: "ralouphie/getallheaders@2.0.5", - Name: "ralouphie/getallheaders", - Version: "2.0.5", - Licenses: []string{"MIT"}, - Locations: []types.Location{{StartLine: 396, EndLine: 435}}, + ID: "ralouphie/getallheaders@2.0.5", + Name: "ralouphie/getallheaders", + Version: "2.0.5", + Licenses: []string{"MIT"}, + Locations: []types.Location{ + { + StartLine: 396, + EndLine: 435, + }, + }, }, { - ID: "symfony/console@v4.2.7", - Name: "symfony/console", - Version: "v4.2.7", - Licenses: []string{"MIT"}, - DependsOn: []string{"symfony/contracts@v1.0.2", "symfony/polyfill-mbstring@v1.11.0"}, - Locations: []types.Location{{StartLine: 436, EndLine: 507}}, + ID: "symfony/console@v4.2.7", + Name: "symfony/console", + Version: "v4.2.7", + Licenses: []string{"MIT"}, + DependsOn: []string{ + "symfony/contracts@v1.0.2", + "symfony/polyfill-mbstring@v1.11.0", + }, + Locations: []types.Location{ + { + StartLine: 436, + EndLine: 507, + }, + }, }, { - ID: "symfony/contracts@v1.0.2", - Name: "symfony/contracts", - Version: "v1.0.2", - Licenses: []string{"MIT"}, - Locations: []types.Location{{StartLine: 508, EndLine: 575}}, + ID: "symfony/contracts@v1.0.2", + Name: "symfony/contracts", + Version: "v1.0.2", + Licenses: []string{"MIT"}, + Locations: []types.Location{ + { + StartLine: 508, + EndLine: 575, + }, + }, }, { ID: "symfony/filesystem@v4.2.7", @@ -675,28 +739,48 @@ func TestArtifact_Inspect(t *testing.T) { Version: "v4.2.7", Licenses: []string{"MIT"}, DependsOn: []string{"symfony/polyfill-ctype@v1.11.0"}, - Locations: []types.Location{{StartLine: 576, EndLine: 625}}, + Locations: []types.Location{ + { + StartLine: 576, + EndLine: 625, + }, + }, }, { - ID: "symfony/polyfill-ctype@v1.11.0", - Name: "symfony/polyfill-ctype", - Version: "v1.11.0", - Licenses: []string{"MIT"}, - Locations: []types.Location{{StartLine: 626, EndLine: 683}}, + ID: "symfony/polyfill-ctype@v1.11.0", + Name: "symfony/polyfill-ctype", + Version: "v1.11.0", + Licenses: []string{"MIT"}, + Locations: []types.Location{ + { + StartLine: 626, + EndLine: 683, + }, + }, }, { - ID: "symfony/polyfill-mbstring@v1.11.0", - Name: "symfony/polyfill-mbstring", - Version: "v1.11.0", - Licenses: []string{"MIT"}, - Locations: []types.Location{{StartLine: 684, EndLine: 742}}, + ID: "symfony/polyfill-mbstring@v1.11.0", + Name: "symfony/polyfill-mbstring", + Version: "v1.11.0", + Licenses: []string{"MIT"}, + Locations: []types.Location{ + { + StartLine: 684, + EndLine: 742, + }, + }, }, { - ID: "symfony/process@v4.2.7", - Name: "symfony/process", - Version: "v4.2.7", - Licenses: []string{"MIT"}, - Locations: []types.Location{{StartLine: 743, EndLine: 791}}, + ID: "symfony/process@v4.2.7", + Name: "symfony/process", + Version: "v4.2.7", + Licenses: []string{"MIT"}, + Locations: []types.Location{ + { + StartLine: 743, + EndLine: 791, + }, + }, }, }, }, @@ -717,7 +801,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "bundler", FilePath: "ruby-app/Gemfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { ID: "actioncable@5.2.3", Name: "actioncable", diff --git a/pkg/fanal/artifact/image/remote_sbom_test.go b/pkg/fanal/artifact/image/remote_sbom_test.go index 1da37439fcb7..07f1a3829e8e 100644 --- a/pkg/fanal/artifact/image/remote_sbom_test.go +++ b/pkg/fanal/artifact/image/remote_sbom_test.go @@ -78,7 +78,7 @@ func TestArtifact_InspectRekorAttestation(t *testing.T) { }, PackageInfos: []types.PackageInfo{ { - Packages: []types.Package{ + Packages: types.Packages{ { Name: "musl", Version: "1.2.3-r0", @@ -214,7 +214,7 @@ func TestArtifact_inspectOCIReferrerSBOM(t *testing.T) { Applications: []types.Application{ { Type: types.GoBinary, - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "github.com/opencontainers/go-digest", Version: "v1.0.0", diff --git a/pkg/fanal/artifact/local/fs_test.go b/pkg/fanal/artifact/local/fs_test.go index bbd1b0776210..d18048f8e97b 100644 --- a/pkg/fanal/artifact/local/fs_test.go +++ b/pkg/fanal/artifact/local/fs_test.go @@ -57,7 +57,7 @@ func TestArtifact_Inspect(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "lib/apk/db/installed", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "musl@1.1.24-r2", Name: "musl", @@ -131,7 +131,7 @@ func TestArtifact_Inspect(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "lib/apk/db/installed", - Packages: []types.Package{ + Packages: types.Packages{ { ID: "musl@1.1.24-r2", Name: "musl", @@ -174,7 +174,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "pip", FilePath: "requirements.txt", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "Flask", Version: "2.0.0", @@ -209,7 +209,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "pip", FilePath: "requirements.txt", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "Flask", Version: "2.0.0", diff --git a/pkg/fanal/artifact/sbom/sbom_test.go b/pkg/fanal/artifact/sbom/sbom_test.go index fc659c74c98a..9817c1a845fc 100644 --- a/pkg/fanal/artifact/sbom/sbom_test.go +++ b/pkg/fanal/artifact/sbom/sbom_test.go @@ -38,11 +38,14 @@ func TestArtifact_Inspect(t *testing.T) { }, PackageInfos: []types.PackageInfo{ { - Packages: []types.Package{ + Packages: types.Packages{ { - Name: "musl", Version: "1.2.3-r0", SrcName: "musl", SrcVersion: "1.2.3-r0", - Licenses: []string{"MIT"}, - Ref: "pkg:apk/alpine/musl@1.2.3-r0?distro=3.16.0", + Name: "musl", + Version: "1.2.3-r0", + SrcName: "musl", + SrcVersion: "1.2.3-r0", + Licenses: []string{"MIT"}, + Ref: "pkg:apk/alpine/musl@1.2.3-r0?distro=3.16.0", Layer: types.Layer{ DiffID: "sha256:dd565ff850e7003356e2b252758f9bdc1ff2803f61e995e24c7844f6297f8fc3", }, @@ -54,7 +57,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "composer", FilePath: "app/composer/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "pear/log", Version: "1.13.1", @@ -77,7 +80,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "gobinary", FilePath: "app/gobinary/gobinary", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "github.com/package-url/packageurl-go", Version: "v0.1.1-0.20220203205134-d70459300c8a", @@ -91,7 +94,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "jar", FilePath: "", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "org.codehaus.mojo:child-project", Ref: "pkg:maven/org.codehaus.mojo/child-project@1.0?file_path=app%2Fmaven%2Ftarget%2Fchild-project-1.0.jar", @@ -106,7 +109,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "node-pkg", FilePath: "", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "bootstrap", Version: "5.0.2", @@ -147,11 +150,14 @@ func TestArtifact_Inspect(t *testing.T) { }, PackageInfos: []types.PackageInfo{ { - Packages: []types.Package{ + Packages: types.Packages{ { - Name: "musl", Version: "1.2.3-r0", SrcName: "musl", SrcVersion: "1.2.3-r0", - Licenses: []string{"MIT"}, - Ref: "pkg:apk/alpine/musl@1.2.3-r0?distro=3.16.0", + Name: "musl", + Version: "1.2.3-r0", + SrcName: "musl", + SrcVersion: "1.2.3-r0", + Licenses: []string{"MIT"}, + Ref: "pkg:apk/alpine/musl@1.2.3-r0?distro=3.16.0", Layer: types.Layer{ DiffID: "sha256:dd565ff850e7003356e2b252758f9bdc1ff2803f61e995e24c7844f6297f8fc3", }, @@ -163,7 +169,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "composer", FilePath: "app/composer/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "pear/log", Version: "1.13.1", @@ -186,7 +192,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "gobinary", FilePath: "app/gobinary/gobinary", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "github.com/package-url/packageurl-go", Version: "v0.1.1-0.20220203205134-d70459300c8a", @@ -200,7 +206,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "jar", FilePath: "", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "org.codehaus.mojo:child-project", Ref: "pkg:maven/org.codehaus.mojo/child-project@1.0?file_path=app%2Fmaven%2Ftarget%2Fchild-project-1.0.jar", @@ -215,7 +221,7 @@ func TestArtifact_Inspect(t *testing.T) { { Type: "node-pkg", FilePath: "", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "bootstrap", Version: "5.0.2", @@ -245,7 +251,10 @@ func TestArtifact_Inspect(t *testing.T) { { name: "sad path with no such directory", filePath: filepath.Join("testdata", "unknown.json"), - wantErr: []string{"no such file or directory", "The system cannot find the file specified"}, + wantErr: []string{ + "no such file or directory", + "The system cannot find the file specified", + }, }, { name: "sad path PutBlob returns an error", diff --git a/pkg/fanal/cache/fs_test.go b/pkg/fanal/cache/fs_test.go index a5f48198d845..fe93adb41f55 100644 --- a/pkg/fanal/cache/fs_test.go +++ b/pkg/fanal/cache/fs_test.go @@ -177,7 +177,7 @@ func TestFSCache_PutBlob(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "lib/apk/db/installed", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "musl", Version: "1.1.22-r3", @@ -189,7 +189,7 @@ func TestFSCache_PutBlob(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "guzzlehttp/guzzle", Version: "6.2.0", @@ -322,7 +322,7 @@ func TestFSCache_PutArtifact(t *testing.T) { Created: time.Date(2020, 1, 2, 3, 4, 5, 0, time.UTC), DockerVersion: "18.06.1-ce", OS: "linux", - HistoryPackages: []types.Package{ + HistoryPackages: types.Packages{ { Name: "musl", Version: "1.2.3", diff --git a/pkg/fanal/handler/sysfile/filter_test.go b/pkg/fanal/handler/sysfile/filter_test.go index 99e34c392f75..60c7553b4a16 100644 --- a/pkg/fanal/handler/sysfile/filter_test.go +++ b/pkg/fanal/handler/sysfile/filter_test.go @@ -46,7 +46,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/rpm/Packages", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "python", Version: "2.7.5", @@ -64,7 +64,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.Pipenv, FilePath: "app/Pipfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "django", Version: "3.1.2", @@ -73,7 +73,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { }, { Type: types.PythonPkg, - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "python", Version: "2.7.5", @@ -89,7 +89,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.PythonPkg, FilePath: "usr/lib64/python2.7/wsgiref.egg-info", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "wsgiref", Version: "0.1.2", @@ -99,7 +99,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.GoBinary, FilePath: "usr/local/bin/goBinariryFile", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "cloud.google.com/go", Version: "v0.81.0", @@ -123,7 +123,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { PackageInfos: []types.PackageInfo{ { FilePath: "var/lib/rpm/Packages", - Packages: []types.Package{ + Packages: types.Packages{ { Name: "python", Version: "2.7.5", @@ -141,7 +141,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.Pipenv, FilePath: "app/Pipfile.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "django", Version: "3.1.2", @@ -150,7 +150,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { }, { Type: types.PythonPkg, - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "pycurl", Version: "7.19.0", @@ -161,7 +161,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.GoBinary, FilePath: "usr/local/bin/goBinariryFile", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "cloud.google.com/go", Version: "v0.81.0", @@ -186,7 +186,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.PythonPkg, FilePath: "usr/lib/python2.7/lib-dynload/Python-2.7.egg-info", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "python", Version: "2.7.14", @@ -210,7 +210,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.GoBinary, FilePath: "usr/local/bin/goreleaser", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "github.com/sassoftware/go-rpmutils", Version: "v0.0.0-20190420191620-a8f1baeba37b", @@ -233,7 +233,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.Cargo, FilePath: "app/Cargo.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "ghash", Version: "0.4.4", @@ -247,7 +247,7 @@ func Test_systemFileFilterHook_Hook(t *testing.T) { { Type: types.Cargo, FilePath: "app/Cargo.lock", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "ghash", Version: "0.4.4", diff --git a/pkg/fanal/handler/unpackaged/unpackaged_test.go b/pkg/fanal/handler/unpackaged/unpackaged_test.go index b82e252eecee..8813e0eb3558 100644 --- a/pkg/fanal/handler/unpackaged/unpackaged_test.go +++ b/pkg/fanal/handler/unpackaged/unpackaged_test.go @@ -40,7 +40,7 @@ func Test_unpackagedHook_Handle(t *testing.T) { { Type: types.GoModule, FilePath: "go.mod", - Libraries: []types.Package{ + Libraries: types.Packages{ { Name: "github.com/spf13/cobra", Version: "1.5.0", diff --git a/pkg/fanal/test/integration/library_test.go b/pkg/fanal/test/integration/library_test.go index e2cf24d54599..e8be494a57d5 100644 --- a/pkg/fanal/test/integration/library_test.go +++ b/pkg/fanal/test/integration/library_test.go @@ -327,9 +327,7 @@ func checkLangPkgs(detail types.ArtifactDetail, t *testing.T, tc testCase) { }) for _, app := range detail.Applications { - sort.Slice(app.Libraries, func(i, j int) bool { - return app.Libraries[i].FilePath < app.Libraries[j].FilePath - }) + sort.Sort(app.Libraries) for i := range app.Libraries { sort.Strings(app.Libraries[i].DependsOn) } diff --git a/pkg/fanal/types/artifact.go b/pkg/fanal/types/artifact.go index ac0fc4654cfd..f3487eee5316 100644 --- a/pkg/fanal/types/artifact.go +++ b/pkg/fanal/types/artifact.go @@ -172,7 +172,7 @@ type Application struct { FilePath string `json:",omitempty"` // Libraries is a list of lang-specific packages - Libraries []Package + Libraries Packages } type File struct { diff --git a/pkg/rpc/server/server_test.go b/pkg/rpc/server/server_test.go index 6069af31f08d..39ef341bf6da 100644 --- a/pkg/rpc/server/server_test.go +++ b/pkg/rpc/server/server_test.go @@ -395,7 +395,7 @@ func TestCacheServer_PutBlob(t *testing.T) { PackageInfos: []ftypes.PackageInfo{ { FilePath: "lib/apk/db/installed", - Packages: []ftypes.Package{ + Packages: ftypes.Packages{ { Name: "binary", Version: "1.2.3", @@ -445,7 +445,7 @@ func TestCacheServer_PutBlob(t *testing.T) { { Type: "composer", FilePath: "php-app/composer.lock", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "guzzlehttp/guzzle", Version: "6.2.0", @@ -547,10 +547,18 @@ func TestCacheServer_MissingBlobs(t *testing.T) { }, getArtifactCacheMissingBlobsExpectations: []cache.ArtifactCacheMissingBlobsExpectation{ { - Args: cache.ArtifactCacheMissingBlobsArgs{ArtifactID: "sha256:e7d92cdc71feacf90708cb59182d0df1b911f8ae022d29e8e95d75ca6a99776a", - BlobIDs: []string{"sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", "sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5"}}, + Args: cache.ArtifactCacheMissingBlobsArgs{ + ArtifactID: "sha256:e7d92cdc71feacf90708cb59182d0df1b911f8ae022d29e8e95d75ca6a99776a", + BlobIDs: []string{ + "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", + "sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5", + }, + }, Returns: cache.ArtifactCacheMissingBlobsReturns{ - MissingArtifact: false, MissingBlobIDs: []string{"sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5"}, Err: nil}, + MissingArtifact: false, + MissingBlobIDs: []string{"sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5"}, + Err: nil, + }, }, }, want: &rpcCache.MissingBlobsResponse{ diff --git a/pkg/sbom/cyclonedx/unmarshal_test.go b/pkg/sbom/cyclonedx/unmarshal_test.go index 585b522c5e5c..8314d95da814 100644 --- a/pkg/sbom/cyclonedx/unmarshal_test.go +++ b/pkg/sbom/cyclonedx/unmarshal_test.go @@ -30,10 +30,14 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { }, Packages: []ftypes.PackageInfo{ { - Packages: []ftypes.Package{ + Packages: ftypes.Packages{ { - Name: "musl", Version: "1.2.3-r0", SrcName: "musl", SrcVersion: "1.2.3-r0", Licenses: []string{"MIT"}, - Ref: "pkg:apk/alpine/musl@1.2.3-r0?distro=3.16.0", + Name: "musl", + Version: "1.2.3-r0", + SrcName: "musl", + SrcVersion: "1.2.3-r0", + Licenses: []string{"MIT"}, + Ref: "pkg:apk/alpine/musl@1.2.3-r0?distro=3.16.0", Layer: ftypes.Layer{ DiffID: "sha256:dd565ff850e7003356e2b252758f9bdc1ff2803f61e995e24c7844f6297f8fc3", }, @@ -45,7 +49,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "composer", FilePath: "app/composer/composer.lock", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "pear/log", Version: "1.13.1", @@ -68,7 +72,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "gobinary", FilePath: "app/gobinary/gobinary", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "github.com/package-url/packageurl-go", Version: "v0.1.1-0.20220203205134-d70459300c8a", @@ -81,7 +85,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { }, { Type: "gradle", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "com.example:example", Ref: "pkg:gradle/com.example/example@0.0.1", @@ -95,7 +99,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { }, { Type: "jar", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "org.codehaus.mojo:child-project", Ref: "pkg:maven/org.codehaus.mojo/child-project@1.0?file_path=app%2Fmaven%2Ftarget%2Fchild-project-1.0.jar", @@ -110,7 +114,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "node-pkg", FilePath: "", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "bootstrap", Version: "5.0.2", @@ -136,7 +140,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { }, Packages: []ftypes.PackageInfo{ { - Packages: []ftypes.Package{ + Packages: ftypes.Packages{ { ID: "libc6@2.35-0ubuntu3.1", Name: "libc6", @@ -144,8 +148,12 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { SrcName: "glibc", SrcVersion: "2.35", SrcRelease: "0ubuntu3.1", - Licenses: []string{"LGPL-2.1", "GPL-2.0", "GFDL-1.3"}, - Ref: "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?distro=ubuntu-22.04", + Licenses: []string{ + "LGPL-2.1", + "GPL-2.0", + "GFDL-1.3", + }, + Ref: "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?distro=ubuntu-22.04", Layer: ftypes.Layer{ DiffID: "sha256:b93c1bd012ab8fda60f5b4f5906bf244586e0e3292d84571d3abb56472248466", }, @@ -179,10 +187,14 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { }, Packages: []ftypes.PackageInfo{ { - Packages: []ftypes.Package{ + Packages: ftypes.Packages{ { - Name: "musl", Version: "1.2.3-r0", SrcName: "musl", SrcVersion: "1.2.3-r0", Licenses: []string{"MIT"}, - Ref: "pkg:apk/alpine/musl@1.2.3-r0?distro=3.16.0", + Name: "musl", + Version: "1.2.3-r0", + SrcName: "musl", + SrcVersion: "1.2.3-r0", + Licenses: []string{"MIT"}, + Ref: "pkg:apk/alpine/musl@1.2.3-r0?distro=3.16.0", }, }, }, @@ -191,7 +203,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "composer", FilePath: "", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "pear/log", Version: "1.13.1", @@ -216,7 +228,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "composer", FilePath: "", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "pear/log", Version: "1.13.1", @@ -235,7 +247,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "composer", FilePath: "", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "pear/log", Version: "1.13.1", @@ -260,7 +272,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "composer", FilePath: "", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "pear/core", Version: "1.13.1", @@ -289,7 +301,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { Applications: []ftypes.Application{ { Type: "jar", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "org.springframework:spring-web", Version: "5.3.22", diff --git a/pkg/sbom/spdx/unmarshal_test.go b/pkg/sbom/spdx/unmarshal_test.go index 26c526972e9d..5b72fb9e0d05 100644 --- a/pkg/sbom/spdx/unmarshal_test.go +++ b/pkg/sbom/spdx/unmarshal_test.go @@ -31,7 +31,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { }, Packages: []ftypes.PackageInfo{ { - Packages: []ftypes.Package{ + Packages: ftypes.Packages{ { Name: "musl", Version: "1.2.3-r0", @@ -50,7 +50,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "composer", FilePath: "app/composer/composer.lock", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "pear/log", Version: "1.13.1", @@ -73,7 +73,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "gobinary", FilePath: "app/gobinary/gobinary", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "github.com/package-url/packageurl-go", Version: "v0.1.1-0.20220203205134-d70459300c8a", @@ -86,7 +86,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { }, { Type: "jar", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "org.codehaus.mojo:child-project", Ref: "pkg:maven/org.codehaus.mojo/child-project@1.0", @@ -99,7 +99,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { }, { Type: "node-pkg", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "bootstrap", Version: "5.0.2", @@ -121,7 +121,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { Applications: []ftypes.Application{ { Type: "node-pkg", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { ID: "yargs-parser@21.1.1", Name: "yargs-parser", @@ -142,7 +142,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { Applications: []ftypes.Application{ { Type: "node-pkg", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { ID: "yargs-parser@21.1.1", Name: "yargs-parser", @@ -163,7 +163,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { Applications: []ftypes.Application{ { Type: "node-pkg", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { ID: "yargs-parser@21.1.1", Name: "yargs-parser", @@ -185,7 +185,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { { Type: "composer", FilePath: "app/composer/composer.lock", - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { Name: "pear/log", Version: "1.13.1", @@ -209,7 +209,7 @@ func TestUnmarshaler_Unmarshal(t *testing.T) { Applications: []ftypes.Application{ { Type: ftypes.Jar, - Libraries: []ftypes.Package{ + Libraries: ftypes.Packages{ { FilePath: "modules/apm/elastic-apm-agent-1.36.0.jar", Name: "co.elastic.apm:apm-agent",