forked from aquasecurity/go-dep-parser
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(gradle): add *gradle.lockfile parser (aquasecurity#127)
* feat: add *gradle.lockfile parser * refactor
- Loading branch information
1 parent
ba86e95
commit f6e65e5
Showing
4 changed files
with
103 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
package lockfile | ||
|
||
import ( | ||
"bufio" | ||
"strings" | ||
|
||
dio "github.com/aquasecurity/go-dep-parser/pkg/io" | ||
"github.com/aquasecurity/go-dep-parser/pkg/types" | ||
"github.com/aquasecurity/go-dep-parser/pkg/utils" | ||
) | ||
|
||
type Parser struct{} | ||
|
||
func NewParser() types.Parser { | ||
return &Parser{} | ||
} | ||
|
||
func (Parser) Parse(r dio.ReadSeekerAt) ([]types.Library, []types.Dependency, error) { | ||
var libs []types.Library | ||
scanner := bufio.NewScanner(r) | ||
for scanner.Scan() { | ||
line := strings.TrimSpace(scanner.Text()) | ||
if strings.HasPrefix(line, "#") { // skip comments | ||
continue | ||
} | ||
|
||
// dependency format: group:artifact:version=classPaths | ||
dep := strings.Split(line, ":") | ||
if len(dep) != 3 { // skip the last line with lists of empty configurations | ||
continue | ||
} | ||
libs = append(libs, types.Library{ | ||
Name: strings.Join(dep[:2], ":"), | ||
Version: strings.Split(dep[2], "=")[0], // remove classPaths | ||
}) | ||
|
||
} | ||
return utils.UniqueLibraries(libs), nil, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
package lockfile | ||
|
||
import ( | ||
"os" | ||
"testing" | ||
|
||
"github.com/aquasecurity/go-dep-parser/pkg/types" | ||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func TestParser_Parse(t *testing.T) { | ||
tests := []struct { | ||
name string | ||
inputFile string | ||
want []types.Library | ||
}{ | ||
{ | ||
name: "happy path", | ||
inputFile: "testdata/happy.lockfile", | ||
want: []types.Library{ | ||
{ | ||
Name: "cglib:cglib-nodep", | ||
Version: "2.1.2", | ||
}, | ||
{ | ||
Name: "org.springframework:spring-asm", | ||
Version: "3.1.3.RELEASE", | ||
}, | ||
{ | ||
Name: "org.springframework:spring-beans", | ||
Version: "5.0.5.RELEASE", | ||
}, | ||
}, | ||
}, | ||
{ | ||
name: "empty", | ||
inputFile: "testdata/empty.lockfile", | ||
want: nil, | ||
}, | ||
} | ||
|
||
for _, tt := range tests { | ||
t.Run(tt.name, func(t *testing.T) { | ||
parser := NewParser() | ||
f, err := os.Open(tt.inputFile) | ||
assert.NoError(t, err) | ||
|
||
libs, _, _ := parser.Parse(f) | ||
assert.Equal(t, tt.want, libs) | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# This is a Gradle generated file for dependency locking. | ||
# Manual edits can break the build and are not advised. | ||
# This file is expected to be part of source control. | ||
empty=incomingCatalog |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
# This is a Gradle generated file for dependency locking. | ||
# Manual edits can break the build and are not advised. | ||
# This file is expected to be part of source control. | ||
cglib:cglib-nodep:2.1.2=testRuntimeClasspath,classpath | ||
org.springframework:spring-asm:3.1.3.RELEASE=classpath | ||
org.springframework:spring-beans:5.0.5.RELEASE=compileClasspath, runtimeClasspath | ||
# io.grpc:grpc-api:1.21.1=classpath | ||
empty= |