github.com/anchore/syft@v1.38.2/syft/format/internal/backfill_test.go (about) 1 package internal 2 3 import ( 4 "testing" 5 6 "github.com/stretchr/testify/require" 7 8 "github.com/anchore/packageurl-go" 9 "github.com/anchore/syft/syft/cpe" 10 "github.com/anchore/syft/syft/pkg" 11 ) 12 13 func Test_Backfill(t *testing.T) { 14 tests := []struct { 15 name string 16 in pkg.Package 17 expected pkg.Package 18 }{ 19 { 20 name: "npm type", 21 in: pkg.Package{ 22 PURL: "pkg:npm/test@3.0.0", 23 }, 24 expected: pkg.Package{ 25 PURL: "pkg:npm/test@3.0.0", 26 Type: pkg.NpmPkg, 27 Language: pkg.JavaScript, 28 Name: "test", 29 Version: "3.0.0", 30 }, 31 }, 32 { 33 name: "rpm no epoch", 34 in: pkg.Package{ 35 PURL: "pkg:rpm/redhat/dbus-common@1.12.8-26.el8?arch=noarch&distro=rhel-8.10&upstream=dbus-1.12.8-26.el8.src.rpm", 36 }, 37 expected: pkg.Package{ 38 PURL: "pkg:rpm/redhat/dbus-common@1.12.8-26.el8?arch=noarch&distro=rhel-8.10&upstream=dbus-1.12.8-26.el8.src.rpm", 39 Type: pkg.RpmPkg, 40 Name: "dbus-common", 41 Version: "1.12.8-26.el8", 42 }, 43 }, 44 { 45 name: "rpm epoch", 46 in: pkg.Package{ 47 PURL: "pkg:rpm/redhat/dbus-common@1.12.8-26.el8?arch=noarch&distro=rhel-8.10&epoch=1&upstream=dbus-1.12.8-26.el8.src.rpm", 48 }, 49 expected: pkg.Package{ 50 PURL: "pkg:rpm/redhat/dbus-common@1.12.8-26.el8?arch=noarch&distro=rhel-8.10&epoch=1&upstream=dbus-1.12.8-26.el8.src.rpm", 51 Type: pkg.RpmPkg, 52 Name: "dbus-common", 53 Version: "1:1.12.8-26.el8", 54 }, 55 }, 56 { 57 name: "rpm with rpmmod", 58 in: pkg.Package{ 59 PURL: "pkg:rpm/redhat/httpd@2.4.37-51?arch=x86_64&distro=rhel-8.7&rpmmod=httpd:2.4", 60 }, 61 expected: pkg.Package{ 62 PURL: "pkg:rpm/redhat/httpd@2.4.37-51?arch=x86_64&distro=rhel-8.7&rpmmod=httpd:2.4", 63 Type: pkg.RpmPkg, 64 Name: "httpd", 65 Version: "2.4.37-51", 66 Metadata: pkg.RpmDBEntry{ 67 ModularityLabel: strRef("httpd:2.4"), 68 }, 69 }, 70 }, 71 { 72 name: "bad cpe", 73 in: pkg.Package{ 74 PURL: "pkg:npm/testp@3.0.0?cpes=cpe:2.3a:testv:testp:3.0.0:*:*:*:*:*:*:*", 75 }, 76 expected: pkg.Package{ 77 PURL: "pkg:npm/testp@3.0.0?cpes=cpe:2.3a:testv:testp:3.0.0:*:*:*:*:*:*:*", 78 Type: pkg.NpmPkg, 79 Language: pkg.JavaScript, 80 Name: "testp", 81 Version: "3.0.0", 82 }, 83 }, 84 { 85 name: "good cpe", 86 in: pkg.Package{ 87 PURL: "pkg:npm/testp@3.0.0?cpes=cpe:2.3:a:testv:testp:3.0.0:*:*:*:*:*:*:*", 88 }, 89 expected: pkg.Package{ 90 PURL: "pkg:npm/testp@3.0.0?cpes=cpe:2.3:a:testv:testp:3.0.0:*:*:*:*:*:*:*", 91 Type: pkg.NpmPkg, 92 Language: pkg.JavaScript, 93 Name: "testp", 94 Version: "3.0.0", 95 CPEs: []cpe.CPE{ 96 { 97 Attributes: cpe.Attributes{ 98 Part: "a", 99 Vendor: "testv", 100 Product: "testp", 101 Version: "3.0.0", 102 }, 103 Source: cpe.DeclaredSource, 104 }, 105 }, 106 }, 107 }, 108 { 109 name: "java type", 110 in: pkg.Package{ 111 PURL: "pkg:maven/org.apache/some-thing@1.2.3", 112 }, 113 expected: pkg.Package{ 114 PURL: "pkg:maven/org.apache/some-thing@1.2.3", 115 Type: pkg.JavaPkg, 116 Language: pkg.Java, 117 Name: "some-thing", 118 Version: "1.2.3", 119 // we intentionally don't claim we found a pom properties file with a groupID from the purl. 120 // but we do claim that we found java data with an empty type. 121 Metadata: pkg.JavaArchive{}, 122 }, 123 }, 124 { 125 name: "target-sw from CPE", 126 in: pkg.Package{ 127 CPEs: []cpe.CPE{ 128 cpe.Must("cpe:2.3:a:amazon:opensearch:*:*:*:*:*:ruby:*:*", ""), 129 }, 130 }, 131 expected: pkg.Package{ 132 CPEs: []cpe.CPE{ 133 cpe.Must("cpe:2.3:a:amazon:opensearch:*:*:*:*:*:ruby:*:*", ""), 134 }, 135 Type: pkg.GemPkg, 136 }, 137 }, 138 } 139 for _, tt := range tests { 140 t.Run(tt.name, func(t *testing.T) { 141 Backfill(&tt.in) 142 tt.in.OverrideID("") 143 require.Equal(t, tt.expected, tt.in) 144 }) 145 } 146 } 147 148 func Test_nameFromPurl(t *testing.T) { 149 tests := []struct { 150 in string 151 expected string 152 }{ 153 { 154 in: "pkg:npm/some-name@3.0.0", 155 expected: "some-name", 156 }, 157 { 158 in: "pkg:maven/org.apache/some-name@1.2.3", 159 expected: "some-name", 160 }, 161 { 162 in: "pkg:deb/debian/some-name@3.0.0", 163 expected: "some-name", 164 }, 165 { 166 in: "pkg:rpm/redhat/some-name@3.0.0", 167 expected: "some-name", 168 }, 169 { 170 in: "pkg:gem/some-name@3.0.0", 171 expected: "some-name", 172 }, 173 { 174 in: "pkg:apk/alpine/some-name@3.0.0", 175 expected: "some-name", 176 }, 177 { 178 in: "pkg:docker/some-org/some-name@3.0.0", 179 expected: "some-org/some-name", 180 }, 181 { 182 in: "pkg:npm/some-name@3.0.0", 183 expected: "some-name", 184 }, 185 { 186 in: "pkg:npm/some-org/some-name@3.0.0", 187 expected: "some-org/some-name", 188 }, 189 { 190 in: "pkg:oci/library/mysql@8.1.0", 191 expected: "library/mysql", 192 }, 193 } 194 for _, tt := range tests { 195 t.Run(tt.in, func(t *testing.T) { 196 p, err := packageurl.FromString(tt.in) 197 require.NoError(t, err) 198 got := nameFromPurl(p) 199 require.Equal(t, tt.expected, got) 200 }) 201 } 202 } 203 204 func strRef(s string) *string { 205 return &s 206 }