From 894c1059fba475f0c18276fce9d090ee619b2920 Mon Sep 17 00:00:00 2001 From: Shane Dell Date: Tue, 18 Apr 2023 13:44:54 -0400 Subject: [PATCH] Add sections of interest for Gemfile.lock cataloger - Updated tests to reflect the new sections being added to show they function properly. Closes #1660 Signed-off-by: Shane Dell --- syft/pkg/cataloger/ruby/parse_gemfile_lock.go | 2 +- .../cataloger/ruby/parse_gemfile_lock_test.go | 3 ++- .../cataloger/ruby/test-fixtures/Gemfile.lock | 17 ++++++++++++++--- test/integration/catalog_packages_cases_test.go | 3 ++- .../image-pkg-coverage/pkgs/ruby/Gemfile.lock | 17 ++++++++++++++--- 5 files changed, 33 insertions(+), 9 deletions(-) diff --git a/syft/pkg/cataloger/ruby/parse_gemfile_lock.go b/syft/pkg/cataloger/ruby/parse_gemfile_lock.go index 8667102f27a..884f1ea144b 100644 --- a/syft/pkg/cataloger/ruby/parse_gemfile_lock.go +++ b/syft/pkg/cataloger/ruby/parse_gemfile_lock.go @@ -13,7 +13,7 @@ import ( var _ generic.Parser = parseGemFileLockEntries -var sectionsOfInterest = internal.NewStringSet("GEM") +var sectionsOfInterest = internal.NewStringSet("GEM", "GIT", "PATH", "PLUGIN SOURCE") // parseGemFileLockEntries is a parser function for Gemfile.lock contents, returning all Gems discovered. func parseGemFileLockEntries(_ source.FileResolver, _ *generic.Environment, reader source.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) { diff --git a/syft/pkg/cataloger/ruby/parse_gemfile_lock_test.go b/syft/pkg/cataloger/ruby/parse_gemfile_lock_test.go index f78c3bc1381..ef2a0378429 100644 --- a/syft/pkg/cataloger/ruby/parse_gemfile_lock_test.go +++ b/syft/pkg/cataloger/ruby/parse_gemfile_lock_test.go @@ -26,6 +26,7 @@ func TestParseGemfileLockEntries(t *testing.T) { {Name: "coffee-script-source", Version: "1.7.0", PURL: "pkg:gem/coffee-script-source@1.7.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "erubis", Version: "2.7.0", PURL: "pkg:gem/erubis@2.7.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "execjs", Version: "2.0.2", PURL: "pkg:gem/execjs@2.0.2", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, + {Name: "google-cloud-errors", Version: "1.3.0", PURL: "pkg:gem/google-cloud-errors@1.3.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "hike", Version: "1.2.3", PURL: "pkg:gem/hike@1.2.3", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "i18n", Version: "0.6.9", PURL: "pkg:gem/i18n@0.6.9", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "jbuilder", Version: "2.0.7", PURL: "pkg:gem/jbuilder@2.0.7", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, @@ -59,7 +60,7 @@ func TestParseGemfileLockEntries(t *testing.T) { {Name: "thread_safe", Version: "0.3.3", PURL: "pkg:gem/thread_safe@0.3.3", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "tilt", Version: "1.4.1", PURL: "pkg:gem/tilt@1.4.1", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "treetop", Version: "1.4.15", PURL: "pkg:gem/treetop@1.4.15", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, - {Name: "turbolinks", Version: "2.2.2", PURL: "pkg:gem/turbolinks@2.2.2", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, + {Name: "turbolinks", Version: "3.0.0", PURL: "pkg:gem/turbolinks@3.0.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "tzinfo", Version: "1.2.0", PURL: "pkg:gem/tzinfo@1.2.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "uglifier", Version: "2.5.0", PURL: "pkg:gem/uglifier@2.5.0", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, {Name: "unicorn", Version: "4.8.3", PURL: "pkg:gem/unicorn@4.8.3", Locations: locations, Language: pkg.Ruby, Type: pkg.GemPkg}, diff --git a/syft/pkg/cataloger/ruby/test-fixtures/Gemfile.lock b/syft/pkg/cataloger/ruby/test-fixtures/Gemfile.lock index b5aa45cbc10..b7d23ad3cff 100644 --- a/syft/pkg/cataloger/ruby/test-fixtures/Gemfile.lock +++ b/syft/pkg/cataloger/ruby/test-fixtures/Gemfile.lock @@ -1,3 +1,15 @@ +PATH + remote: ../google-cloud-errors + specs: + google-cloud-errors (1.3.0) + +GIT + remote: https://github.com/rails/turbolinks.git + revision: 80216ce9d89920bf073709405e3fce6d0a3ccd9a + specs: + turbolinks (3.0.0) + coffee-rails + GEM remote: https://rubygems.org/ specs: @@ -111,8 +123,6 @@ GEM treetop (1.4.15) polyglot polyglot (>= 0.3.1) - turbolinks (2.2.2) - coffee-rails tzinfo (1.2.0) thread_safe (~> 0.1) uglifier (2.5.0) @@ -135,6 +145,7 @@ PLATFORMS DEPENDENCIES bootstrap-sass coffee-rails (~> 4.0.0) + google-cloud-errors! jbuilder (~> 2.0) jquery-rails mysql2 (~> 0.3.16) @@ -144,6 +155,6 @@ DEPENDENCIES spring sqlite3 therubyracer - turbolinks + turbolinks! uglifier (>= 1.3.0) unicorn \ No newline at end of file diff --git a/test/integration/catalog_packages_cases_test.go b/test/integration/catalog_packages_cases_test.go index a311cd248e3..a7cbaf02dc8 100644 --- a/test/integration/catalog_packages_cases_test.go +++ b/test/integration/catalog_packages_cases_test.go @@ -105,6 +105,7 @@ var dirOnlyTestCases = []testCase{ "coffee-script-source": "1.7.0", "erubis": "2.7.0", "execjs": "2.0.2", + "google-cloud-errors": "1.3.0", "hike": "1.2.3", "i18n": "0.6.9", "jbuilder": "2.0.7", @@ -138,7 +139,7 @@ var dirOnlyTestCases = []testCase{ "thread_safe": "0.3.3", "tilt": "1.4.1", "treetop": "1.4.15", - "turbolinks": "2.2.2", + "turbolinks": "3.0.0", "tzinfo": "1.2.0", "uglifier": "2.5.0", "unicorn": "4.8.3", diff --git a/test/integration/test-fixtures/image-pkg-coverage/pkgs/ruby/Gemfile.lock b/test/integration/test-fixtures/image-pkg-coverage/pkgs/ruby/Gemfile.lock index b5aa45cbc10..b7d23ad3cff 100644 --- a/test/integration/test-fixtures/image-pkg-coverage/pkgs/ruby/Gemfile.lock +++ b/test/integration/test-fixtures/image-pkg-coverage/pkgs/ruby/Gemfile.lock @@ -1,3 +1,15 @@ +PATH + remote: ../google-cloud-errors + specs: + google-cloud-errors (1.3.0) + +GIT + remote: https://github.com/rails/turbolinks.git + revision: 80216ce9d89920bf073709405e3fce6d0a3ccd9a + specs: + turbolinks (3.0.0) + coffee-rails + GEM remote: https://rubygems.org/ specs: @@ -111,8 +123,6 @@ GEM treetop (1.4.15) polyglot polyglot (>= 0.3.1) - turbolinks (2.2.2) - coffee-rails tzinfo (1.2.0) thread_safe (~> 0.1) uglifier (2.5.0) @@ -135,6 +145,7 @@ PLATFORMS DEPENDENCIES bootstrap-sass coffee-rails (~> 4.0.0) + google-cloud-errors! jbuilder (~> 2.0) jquery-rails mysql2 (~> 0.3.16) @@ -144,6 +155,6 @@ DEPENDENCIES spring sqlite3 therubyracer - turbolinks + turbolinks! uglifier (>= 1.3.0) unicorn \ No newline at end of file