github.com/anchore/syft@v1.38.2/syft/pkg/cataloger/php/package.go (about) 1 package php 2 3 import ( 4 "context" 5 "strings" 6 7 "github.com/anchore/packageurl-go" 8 "github.com/anchore/syft/syft/file" 9 "github.com/anchore/syft/syft/pkg" 10 ) 11 12 func newComposerLockPackage(ctx context.Context, pd parsedLockData, indexLocation file.Location) pkg.Package { 13 p := pkg.Package{ 14 Name: pd.Name, 15 Version: pd.Version, 16 Locations: file.NewLocationSet(indexLocation.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)), 17 Licenses: pkg.NewLicenseSet(pkg.NewLicensesFromLocationWithContext(ctx, indexLocation, pd.License...)...), 18 PURL: packageURLFromComposer(pd.Name, pd.Version), 19 Language: pkg.PHP, 20 Type: pkg.PhpComposerPkg, 21 Metadata: pd.PhpComposerLockEntry, 22 } 23 24 p.SetID() 25 return p 26 } 27 28 func newComposerInstalledPackage(ctx context.Context, pd parsedInstalledData, indexLocation file.Location) pkg.Package { 29 p := pkg.Package{ 30 Name: pd.Name, 31 Version: pd.Version, 32 Locations: file.NewLocationSet(indexLocation.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)), 33 Licenses: pkg.NewLicenseSet(pkg.NewLicensesFromLocationWithContext(ctx, indexLocation, pd.License...)...), 34 PURL: packageURLFromComposer(pd.Name, pd.Version), 35 Language: pkg.PHP, 36 Type: pkg.PhpComposerPkg, 37 Metadata: pd.PhpComposerInstalledEntry, 38 } 39 40 p.SetID() 41 return p 42 } 43 44 func newPearPackage(ctx context.Context, pd peclPearData, indexLocation file.Location) pkg.Package { 45 p := pkg.Package{ 46 Name: pd.Name, 47 Version: pd.Version, 48 Locations: file.NewLocationSet(indexLocation.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)), 49 Licenses: pkg.NewLicenseSet(pkg.NewLicensesFromLocationWithContext(ctx, indexLocation, pd.License...)...), 50 PURL: packageURLFromPear(pd.Name, pd.Channel, pd.Version), 51 Language: pkg.PHP, 52 Type: pkg.PhpPearPkg, 53 Metadata: pd.ToPear(), 54 } 55 56 p.SetID() 57 return p 58 } 59 60 func newPeclPackage(ctx context.Context, pd peclPearData, indexLocation file.Location) pkg.Package { 61 p := pkg.Package{ 62 Name: pd.Name, 63 Version: pd.Version, 64 Locations: file.NewLocationSet(indexLocation.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)), 65 Licenses: pkg.NewLicenseSet(pkg.NewLicensesFromLocationWithContext(ctx, indexLocation, pd.License...)...), 66 PURL: packageURLFromPear(pd.Name, pd.Channel, pd.Version), 67 Language: pkg.PHP, 68 Type: pkg.PhpPeclPkg, 69 Metadata: pd.ToPecl(), 70 } 71 72 p.SetID() 73 return p 74 } 75 76 func packageURLFromComposer(name, version string) string { 77 var pkgName, vendor string 78 fields := strings.Split(name, "/") 79 switch len(fields) { 80 case 0: 81 return "" 82 case 1: 83 pkgName = name 84 case 2: 85 vendor = fields[0] 86 pkgName = fields[1] 87 default: 88 vendor = fields[0] 89 pkgName = strings.Join(fields[1:], "-") 90 } 91 92 pURL := packageurl.NewPackageURL( 93 packageurl.TypeComposer, 94 vendor, 95 pkgName, 96 version, 97 nil, 98 "") 99 return pURL.ToString() 100 } 101 102 func packageURLFromPear(pkgName, channel, version string) string { 103 namespace := channel 104 if namespace == "" { 105 namespace = "pecl.php.net" 106 } 107 108 pURL := packageurl.NewPackageURL( 109 "pear", 110 namespace, 111 pkgName, 112 version, 113 nil, 114 "") 115 return pURL.ToString() 116 }