github.com/anchore/syft@v1.38.2/syft/format/internal/spdxutil/helpers/source_info_test.go (about) 1 package helpers 2 3 import ( 4 "testing" 5 6 "github.com/stretchr/testify/assert" 7 8 "github.com/anchore/syft/syft/file" 9 "github.com/anchore/syft/syft/pkg" 10 ) 11 12 func Test_SourceInfo(t *testing.T) { 13 tests := []struct { 14 name string 15 input pkg.Package 16 expected []string 17 }{ 18 { 19 name: "locations are captured", 20 input: pkg.Package{ 21 // note: no type given 22 Locations: file.NewLocationSet( 23 file.NewVirtualLocation("/a-place", "/b-place"), 24 file.NewVirtualLocation("/c-place", "/d-place"), 25 ), 26 }, 27 expected: []string{ 28 "from the following paths", 29 "/a-place", 30 "/c-place", 31 }, 32 }, 33 { 34 // note: no specific support for this 35 input: pkg.Package{ 36 Type: pkg.KbPkg, 37 }, 38 expected: []string{ 39 "from the following paths", 40 }, 41 }, 42 { 43 input: pkg.Package{ 44 Type: pkg.RpmPkg, 45 }, 46 expected: []string{ 47 "from RPM DB", 48 }, 49 }, 50 { 51 input: pkg.Package{ 52 Type: pkg.ApkPkg, 53 }, 54 expected: []string{ 55 "from APK DB", 56 }, 57 }, 58 { 59 input: pkg.Package{ 60 Type: pkg.DebPkg, 61 }, 62 expected: []string{ 63 "from DPKG DB", 64 }, 65 }, 66 { 67 input: pkg.Package{ 68 Type: pkg.NpmPkg, 69 }, 70 expected: []string{ 71 "from installed node module manifest file", 72 }, 73 }, 74 { 75 input: pkg.Package{ 76 Type: pkg.PythonPkg, 77 }, 78 expected: []string{ 79 "from installed python package manifest file", 80 }, 81 }, 82 { 83 input: pkg.Package{ 84 Type: pkg.JavaPkg, 85 }, 86 expected: []string{ 87 "from installed java archive", 88 }, 89 }, 90 { 91 input: pkg.Package{ 92 Type: pkg.JenkinsPluginPkg, 93 }, 94 expected: []string{ 95 "from installed java archive", 96 }, 97 }, 98 { 99 input: pkg.Package{ 100 Type: pkg.GemPkg, 101 }, 102 expected: []string{ 103 "from installed gem metadata file", 104 }, 105 }, 106 { 107 input: pkg.Package{ 108 Type: pkg.GoModulePkg, 109 }, 110 expected: []string{ 111 "from go module information", 112 }, 113 }, 114 { 115 input: pkg.Package{ 116 Type: pkg.GraalVMNativeImagePkg, 117 }, 118 expected: []string{ 119 "from GraalVM native image", 120 }, 121 }, 122 { 123 input: pkg.Package{ 124 Type: pkg.RustPkg, 125 }, 126 expected: []string{ 127 "from rust cargo manifest", 128 }, 129 }, 130 { 131 input: pkg.Package{ 132 Type: pkg.PhpComposerPkg, 133 }, 134 expected: []string{ 135 "from PHP composer manifest", 136 }, 137 }, 138 { 139 input: pkg.Package{ 140 Type: pkg.PhpPeclPkg, 141 }, 142 expected: []string{ 143 "from PHP Pecl manifest", 144 }, 145 }, 146 { 147 input: pkg.Package{ 148 Type: pkg.PhpPearPkg, 149 }, 150 expected: []string{ 151 "from PHP Pear manifest", 152 }, 153 }, 154 { 155 input: pkg.Package{ 156 Type: pkg.DartPubPkg, 157 }, 158 expected: []string{ 159 "from pubspec manifest", 160 }, 161 }, 162 { 163 input: pkg.Package{ 164 Type: pkg.DotnetPkg, 165 }, 166 expected: []string{ 167 "from dotnet project assets file", 168 }, 169 }, 170 { 171 input: pkg.Package{ 172 Type: pkg.AlpmPkg, 173 }, 174 expected: []string{ 175 "from ALPM DB", 176 }, 177 }, 178 { 179 input: pkg.Package{ 180 Type: pkg.CocoapodsPkg, 181 }, 182 expected: []string{ 183 "installed cocoapods manifest file", 184 }, 185 }, 186 { 187 input: pkg.Package{ 188 Type: pkg.ConanPkg, 189 }, 190 expected: []string{ 191 "from conan manifest", 192 }, 193 }, 194 { 195 input: pkg.Package{ 196 Type: pkg.CondaPkg, 197 }, 198 expected: []string{ 199 "from conda metadata", 200 }, 201 }, 202 { 203 input: pkg.Package{ 204 Type: pkg.PortagePkg, 205 }, 206 expected: []string{ 207 "from portage DB", 208 }, 209 }, 210 { 211 input: pkg.Package{ 212 Type: pkg.HackagePkg, 213 }, 214 expected: []string{ 215 "from cabal or stack manifest files", 216 }, 217 }, 218 { 219 input: pkg.Package{ 220 Type: pkg.BinaryPkg, 221 }, 222 expected: []string{ 223 "acquired package info from the following paths", 224 }, 225 }, 226 { 227 input: pkg.Package{ 228 Type: pkg.BitnamiPkg, 229 }, 230 expected: []string{ 231 "acquired package info from a Bitnami SBOM", 232 }, 233 }, 234 { 235 input: pkg.Package{ 236 Type: pkg.HexPkg, 237 }, 238 expected: []string{ 239 "from rebar3 or mix manifest file", 240 }, 241 }, 242 { 243 input: pkg.Package{ 244 Type: pkg.ErlangOTPPkg, 245 }, 246 expected: []string{ 247 "from ErLang application resource file", 248 }, 249 }, 250 { 251 input: pkg.Package{ 252 Type: pkg.LinuxKernelPkg, 253 }, 254 expected: []string{ 255 "from linux kernel archive", 256 }, 257 }, 258 { 259 input: pkg.Package{ 260 Type: pkg.LinuxKernelModulePkg, 261 }, 262 expected: []string{ 263 "from linux kernel module files", 264 }, 265 }, 266 { 267 input: pkg.Package{ 268 Type: pkg.NixPkg, 269 }, 270 expected: []string{ 271 "from nix store path", 272 }, 273 }, 274 { 275 input: pkg.Package{ 276 Type: pkg.Rpkg, 277 }, 278 expected: []string{ 279 "acquired package info from R-package DESCRIPTION file", 280 }, 281 }, 282 { 283 input: pkg.Package{ 284 Type: pkg.LuaRocksPkg, 285 }, 286 expected: []string{ 287 "acquired package info from Rockspec package file", 288 }, 289 }, 290 { 291 input: pkg.Package{ 292 Type: pkg.SwiftPkg, 293 }, 294 expected: []string{ 295 "from resolved Swift package manifest", 296 }, 297 }, 298 { 299 input: pkg.Package{ 300 Type: pkg.SwiplPackPkg, 301 }, 302 expected: []string{ 303 "acquired package info from SWI Prolo pack package file", 304 }, 305 }, 306 { 307 input: pkg.Package{ 308 Type: pkg.OpamPkg, 309 }, 310 expected: []string{ 311 "acquired package info from OCaml opam package file", 312 }, 313 }, 314 { 315 input: pkg.Package{ 316 Type: pkg.GithubActionPkg, 317 }, 318 expected: []string{ 319 "from GitHub Actions workflow file or composite action file", 320 }, 321 }, 322 { 323 input: pkg.Package{ 324 Type: pkg.GithubActionWorkflowPkg, 325 }, 326 expected: []string{ 327 "from GitHub Actions workflow file or composite action file", 328 }, 329 }, 330 { 331 input: pkg.Package{ 332 Type: pkg.WordpressPluginPkg, 333 }, 334 expected: []string{ 335 "acquired package info from found wordpress plugin PHP source files", 336 }, 337 }, 338 { 339 input: pkg.Package{ 340 Type: pkg.HomebrewPkg, 341 }, 342 expected: []string{ 343 "acquired package info from Homebrew formula", 344 }, 345 }, 346 { 347 input: pkg.Package{ 348 Type: pkg.TerraformPkg, 349 }, 350 expected: []string{ 351 "acquired package info from Terraform dependency lock file", 352 }, 353 }, 354 { 355 input: pkg.Package{ 356 Type: pkg.ModelPkg, 357 }, 358 expected: []string{ 359 "", 360 }, 361 }, 362 } 363 var pkgTypes []pkg.Type 364 for _, test := range tests { 365 t.Run(test.name+" "+string(test.input.Type), func(t *testing.T) { 366 if test.input.Type != "" { 367 pkgTypes = append(pkgTypes, test.input.Type) 368 } 369 actual := SourceInfo(test.input) 370 for _, expected := range test.expected { 371 assert.Contains(t, actual, expected) 372 } 373 }) 374 } 375 assert.ElementsMatch(t, pkg.AllPkgs, pkgTypes, "missing one or more package types to test against (maybe a package type was added?)") 376 }