Add sections of interest for Gemfile.lock cataloger (anchore#1749)

- Updated tests to reflect the new sections being added to show they function properly. Closes anchore#1660 Signed-off-by: Shane Dell <shanedell100@gmail.com>
GijsCalis · Apr 19, 2023 · 8d7cb11 · 8d7cb11
1 parent 179ca9b
commit 8d7cb11
Show file tree

Hide file tree

Showing 5 changed files with 33 additions and 9 deletions.
diff --git a/syft/pkg/cataloger/ruby/parse_gemfile_lock.go b/syft/pkg/cataloger/ruby/parse_gemfile_lock.go
@@ -13,7 +13,7 @@ import (
 
 var _ generic.Parser = parseGemFileLockEntries
 
-var sectionsOfInterest = internal.NewStringSet("GEM")
+var sectionsOfInterest = internal.NewStringSet("GEM", "GIT", "PATH", "PLUGIN SOURCE")
 
 // parseGemFileLockEntries is a parser function for Gemfile.lock contents, returning all Gems discovered.
 func parseGemFileLockEntries(_ source.FileResolver, _ *generic.Environment, reader source.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {

diff --git a/syft/pkg/cataloger/ruby/parse_gemfile_lock_test.go b/syft/pkg/cataloger/ruby/parse_gemfile_lock_test.go
@@ -26,6 +26,7 @@ func TestParseGemfileLockEntries(t *testing.T) {
 		{Name: "coffee-script-source", Version: "1.7.0", PURL: "pkg:gem/coffee-script-source@1.7.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "erubis", Version: "2.7.0", PURL: "pkg:gem/erubis@2.7.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "execjs", Version: "2.0.2", PURL: "pkg:gem/execjs@2.0.2", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
+		{Name: "google-cloud-errors", Version: "1.3.0", PURL: "pkg:gem/google-cloud-errors@1.3.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "hike", Version: "1.2.3", PURL: "pkg:gem/hike@1.2.3", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "i18n", Version: "0.6.9", PURL: "pkg:gem/i18n@0.6.9", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "jbuilder", Version: "2.0.7", PURL: "pkg:gem/jbuilder@2.0.7", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
@@ -59,7 +60,7 @@ func TestParseGemfileLockEntries(t *testing.T) {
 		{Name: "thread_safe", Version: "0.3.3", PURL: "pkg:gem/thread_safe@0.3.3", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "tilt", Version: "1.4.1", PURL: "pkg:gem/tilt@1.4.1", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "treetop", Version: "1.4.15", PURL: "pkg:gem/treetop@1.4.15", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
-		{Name: "turbolinks", Version: "2.2.2", PURL: "pkg:gem/turbolinks@2.2.2", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
+		{Name: "turbolinks", Version: "3.0.0", PURL: "pkg:gem/turbolinks@3.0.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "tzinfo", Version: "1.2.0", PURL: "pkg:gem/tzinfo@1.2.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "uglifier", Version: "2.5.0", PURL: "pkg:gem/uglifier@2.5.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},
 		{Name: "unicorn", Version: "4.8.3", PURL: "pkg:gem/unicorn@4.8.3", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg},

diff --git a/syft/pkg/cataloger/ruby/test-fixtures/Gemfile.lock b/syft/pkg/cataloger/ruby/test-fixtures/Gemfile.lock
@@ -1,3 +1,15 @@
+PATH
+  remote: ../google-cloud-errors
+  specs:
+    google-cloud-errors (1.3.0)
+
+GIT
+  remote: https://github.com/rails/turbolinks.git
+  revision: 80216ce9d89920bf073709405e3fce6d0a3ccd9a
+  specs:
+    turbolinks (3.0.0)
+      coffee-rails
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -111,8 +123,6 @@ GEM
     treetop (1.4.15)
       polyglot
       polyglot (>= 0.3.1)
-    turbolinks (2.2.2)
-      coffee-rails
     tzinfo (1.2.0)
       thread_safe (~> 0.1)
     uglifier (2.5.0)
@@ -135,6 +145,7 @@ PLATFORMS
 DEPENDENCIES
   bootstrap-sass
   coffee-rails (~> 4.0.0)
+  google-cloud-errors!
   jbuilder (~> 2.0)
   jquery-rails
   mysql2 (~> 0.3.16)
@@ -144,6 +155,6 @@ DEPENDENCIES
   spring
   sqlite3
   therubyracer
-  turbolinks
+  turbolinks!
   uglifier (>= 1.3.0)
   unicorn
diff --git a/test/integration/catalog_packages_cases_test.go b/test/integration/catalog_packages_cases_test.go
@@ -105,6 +105,7 @@ var dirOnlyTestCases = []testCase{
 			"coffee-script-source": "1.7.0",
 			"erubis":               "2.7.0",
 			"execjs":               "2.0.2",
+			"google-cloud-errors":  "1.3.0",
 			"hike":                 "1.2.3",
 			"i18n":                 "0.6.9",
 			"jbuilder":             "2.0.7",
@@ -138,7 +139,7 @@ var dirOnlyTestCases = []testCase{
 			"thread_safe":          "0.3.3",
 			"tilt":                 "1.4.1",
 			"treetop":              "1.4.15",
-			"turbolinks":           "2.2.2",
+			"turbolinks":           "3.0.0",
 			"tzinfo":               "1.2.0",
 			"uglifier":             "2.5.0",
 			"unicorn":              "4.8.3",

diff --git a/test/integration/test-fixtures/image-pkg-coverage/pkgs/ruby/Gemfile.lock b/test/integration/test-fixtures/image-pkg-coverage/pkgs/ruby/Gemfile.lock
@@ -1,3 +1,15 @@
+PATH
+  remote: ../google-cloud-errors
+  specs:
+    google-cloud-errors (1.3.0)
+
+GIT
+  remote: https://github.com/rails/turbolinks.git
+  revision: 80216ce9d89920bf073709405e3fce6d0a3ccd9a
+  specs:
+    turbolinks (3.0.0)
+      coffee-rails
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -111,8 +123,6 @@ GEM
     treetop (1.4.15)
       polyglot
       polyglot (>= 0.3.1)
-    turbolinks (2.2.2)
-      coffee-rails
     tzinfo (1.2.0)
       thread_safe (~> 0.1)
     uglifier (2.5.0)
@@ -135,6 +145,7 @@ PLATFORMS
 DEPENDENCIES
   bootstrap-sass
   coffee-rails (~> 4.0.0)
+  google-cloud-errors!
   jbuilder (~> 2.0)
   jquery-rails
   mysql2 (~> 0.3.16)
@@ -144,6 +155,6 @@ DEPENDENCIES
   spring
   sqlite3
   therubyracer
-  turbolinks
+  turbolinks!
   uglifier (>= 1.3.0)
   unicorn