github.com/anchore/syft@v1.38.2/syft/pkg/cataloger/redhat/cataloger.go (about) 1 /* 2 Package redhat provides a concrete DBCataloger implementation relating to packages within the RedHat linux distribution. 3 */ 4 package redhat 5 6 import ( 7 "database/sql" 8 "fmt" 9 10 "github.com/anchore/syft/syft/artifact" 11 "github.com/anchore/syft/syft/pkg" 12 "github.com/anchore/syft/syft/pkg/cataloger/generic" 13 "github.com/anchore/syft/syft/pkg/cataloger/internal/dependency" 14 ) 15 16 // NewDBCataloger returns a new RPM DB cataloger object. 17 func NewDBCataloger() pkg.Cataloger { 18 return generic.NewCataloger("rpm-db-cataloger"). 19 WithParserByGlobs(parseRpmDB, pkg.RpmDBGlob). 20 WithParserByGlobs(parseRpmManifest, pkg.RpmManifestGlob). 21 WithProcessors(dependency.Processor(dbEntryDependencySpecifier), denySelfReferences). 22 WithChecks(ensureSqliteDriverAvailable) 23 } 24 25 func denySelfReferences(pkgs []pkg.Package, rels []artifact.Relationship, err error) ([]pkg.Package, []artifact.Relationship, error) { 26 // it can be common for dependency evidence to be self-referential (e.g. bash depends on bash), which is not useful 27 // for the dependency graph, thus we remove these cases 28 for i := 0; i < len(rels); i++ { 29 if rels[i].Type != artifact.DependencyOfRelationship { 30 continue 31 } 32 if rels[i].From.ID() == rels[i].To.ID() { 33 rels = append(rels[:i], rels[i+1:]...) 34 i-- 35 } 36 } 37 return pkgs, rels, err 38 } 39 40 // NewArchiveCataloger returns a new RPM file cataloger object. 41 func NewArchiveCataloger() pkg.Cataloger { 42 return generic.NewCataloger("rpm-archive-cataloger"). 43 WithParserByGlobs(parseRpmArchive, "**/*.rpm") 44 } 45 46 func ensureSqliteDriverAvailable() error { 47 db, err := sql.Open("sqlite", ":memory:") 48 if err != nil { 49 return fmt.Errorf("sqlite driver is required for cataloging newer RPM databases, none registered: %v", err) 50 } 51 _ = db.Close() 52 return nil 53 }