refactor: unify Library and Package structs (#6633)

Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
aquasecurity · May 20, 2024 · c2b46d3 · c2b46d3
1 parent 4368f11
commit c2b46d3
Show file tree

Hide file tree

Showing 156 changed files with 3,895 additions and 3,669 deletions.
diff --git a/integration/testdata/conan.json.golden b/integration/testdata/conan.json.golden
@@ -21,6 +21,30 @@
       "Class": "lang-pkgs",
       "Type": "conan",
       "Packages": [
+        {
+          "ID": "poco/1.9.4",
+          "Name": "poco",
+          "Identifier": {
+            "PURL": "pkg:conan/poco@1.9.4",
+            "UID": "312753cebe80c0eb"
+          },
+          "Version": "1.9.4",
+          "Relationship": "direct",
+          "DependsOn": [
+            "pcre/8.43",
+            "zlib/1.2.12",
+            "expat/2.4.8",
+            "sqlite3/3.39.2",
+            "openssl/1.1.1q"
+          ],
+          "Layer": {},
+          "Locations": [
+            {
+              "StartLine": 12,
+              "EndLine": 25
+            }
+          ]
+        },
         {
           "ID": "bzip2/1.0.8",
           "Name": "bzip2",
@@ -97,30 +121,6 @@
             }
           ]
         },
-        {
-          "ID": "poco/1.9.4",
-          "Name": "poco",
-          "Identifier": {
-            "PURL": "pkg:conan/poco@1.9.4",
-            "UID": "312753cebe80c0eb"
-          },
-          "Version": "1.9.4",
-          "Relationship": "direct",
-          "DependsOn": [
-            "pcre/8.43",
-            "zlib/1.2.12",
-            "expat/2.4.8",
-            "sqlite3/3.39.2",
-            "openssl/1.1.1q"
-          ],
-          "Layer": {},
-          "Locations": [
-            {
-              "StartLine": 12,
-              "EndLine": 25
-            }
-          ]
-        },
         {
           "ID": "sqlite3/3.39.2",
           "Name": "sqlite3",

diff --git a/integration/testdata/poetry.json.golden b/integration/testdata/poetry.json.golden
@@ -35,6 +35,17 @@
           ],
           "Layer": {}
         },
+        {
+          "ID": "werkzeug@0.14",
+          "Name": "werkzeug",
+          "Identifier": {
+            "PURL": "pkg:pypi/werkzeug@0.14",
+            "UID": "4176be111ad01070"
+          },
+          "Version": "0.14",
+          "Relationship": "direct",
+          "Layer": {}
+        },
         {
           "ID": "colorama@0.4.6",
           "Name": "colorama",
@@ -46,17 +57,6 @@
           "Indirect": true,
           "Relationship": "indirect",
           "Layer": {}
-        },
-        {
-          "ID": "werkzeug@0.14",
-          "Name": "werkzeug",
-          "Identifier": {
-            "PURL": "pkg:pypi/werkzeug@0.14",
-            "UID": "4176be111ad01070"
-          },
-          "Version": "0.14",
-          "Relationship": "direct",
-          "Layer": {}
         }
       ],
       "Vulnerabilities": [

diff --git a/pkg/dependency/parser/c/conan/parse.go b/pkg/dependency/parser/c/conan/parse.go
@@ -10,7 +10,6 @@ import (
 	"golang.org/x/xerrors"
 
 	"github.com/aquasecurity/trivy/pkg/dependency"
-	"github.com/aquasecurity/trivy/pkg/dependency/types"
 	ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
 	"github.com/aquasecurity/trivy/pkg/log"
 	xio "github.com/aquasecurity/trivy/pkg/x/io"
@@ -44,42 +43,42 @@ type Parser struct {
 	logger *log.Logger
 }
 
-func NewParser() types.Parser {
+func NewParser() *Parser {
 	return &Parser{
 		logger: log.WithPrefix("conan"),
 	}
 }
 
-func (p *Parser) parseV1(lock LockFile) ([]types.Library, []types.Dependency, error) {
-	var libs []types.Library
-	var deps []types.Dependency
+func (p *Parser) parseV1(lock LockFile) ([]ftypes.Package, []ftypes.Dependency, error) {
+	var pkgs []ftypes.Package
+	var deps []ftypes.Dependency
 	var directDeps []string
 	if root, ok := lock.GraphLock.Nodes["0"]; ok {
 		directDeps = root.Requires
 	}
 
 	// Parse packages
-	parsed := make(map[string]types.Library)
+	parsed := make(map[string]ftypes.Package)
 	for i, node := range lock.GraphLock.Nodes {
 		if node.Ref == "" {
 			continue
 		}
-		lib, err := toLibrary(node.Ref, node.StartLine, node.EndLine)
+		pkg, err := toPackage(node.Ref, node.StartLine, node.EndLine)
 		if err != nil {
 			p.logger.Debug("Parse ref error", log.Err(err))
 			continue
 		}
 
 		// Determine if the package is a direct dependency or not
 		direct := slices.Contains(directDeps, i)
-		lib.Relationship = lo.Ternary(direct, types.RelationshipDirect, types.RelationshipIndirect)
+		pkg.Relationship = lo.Ternary(direct, ftypes.RelationshipDirect, ftypes.RelationshipIndirect)
 
-		parsed[i] = lib
+		parsed[i] = pkg
 	}
 
 	// Parse dependency graph
 	for i, node := range lock.GraphLock.Nodes {
-		lib, ok := parsed[i]
+		pkg, ok := parsed[i]
 		if !ok {
 			continue
 		}
@@ -91,33 +90,33 @@ func (p *Parser) parseV1(lock LockFile) ([]types.Library, []types.Dependency, er
 			}
 		}
 		if len(childDeps) != 0 {
-			deps = append(deps, types.Dependency{
-				ID:        lib.ID,
+			deps = append(deps, ftypes.Dependency{
+				ID:        pkg.ID,
 				DependsOn: childDeps,
 			})
 		}
 
-		libs = append(libs, lib)
+		pkgs = append(pkgs, pkg)
 	}
-	return libs, deps, nil
+	return pkgs, deps, nil
 }
 
-func (p *Parser) parseV2(lock LockFile) ([]types.Library, []types.Dependency, error) {
-	var libs []types.Library
+func (p *Parser) parseV2(lock LockFile) ([]ftypes.Package, []ftypes.Dependency, error) {
+	var pkgs []ftypes.Package
 
 	for _, req := range lock.Requires {
-		lib, err := toLibrary(req.Dependency, req.StartLine, req.EndLine)
+		pkg, err := toPackage(req.Dependency, req.StartLine, req.EndLine)
 		if err != nil {
-			p.logger.Debug("Creating library entry from requirement failed", err)
+			p.logger.Debug("Creating package entry from requirement failed", err)
 			continue
 		}
 
-		libs = append(libs, lib)
+		pkgs = append(pkgs, pkg)
 	}
-	return libs, []types.Dependency{}, nil
+	return pkgs, []ftypes.Dependency{}, nil
 }
 
-func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, error) {
+func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependency, error) {
 	var lock LockFile
 
 	input, err := io.ReadAll(r)
@@ -153,16 +152,16 @@ func parsePackage(text string) (string, string, error) {
 	return ss[0], ss[1], nil
 }
 
-func toLibrary(pkg string, startLine, endLine int) (types.Library, error) {
+func toPackage(pkg string, startLine, endLine int) (ftypes.Package, error) {
 	name, version, err := parsePackage(pkg)
 	if err != nil {
-		return types.Library{}, err
+		return ftypes.Package{}, err
 	}
-	return types.Library{
+	return ftypes.Package{
 		ID:      dependency.ID(ftypes.Conan, name, version),
 		Name:    name,
 		Version: version,
-		Locations: []types.Location{
+		Locations: []ftypes.Location{
 			{
 				StartLine: startLine,
 				EndLine:   endLine,