github.com/anchore/syft@v1.38.2/syft/pkg/cataloger/swift/parse_podfile_lock.go

github.com/anchore/syft@v1.38.2/syft/pkg/cataloger/swift/parse_podfile_lock.go (about)

     1  package swift
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	"io"
     7  	"strings"
     8  
     9  	"go.yaml.in/yaml/v3"
    10  
    11  	"github.com/anchore/syft/internal/unknown"
    12  	"github.com/anchore/syft/syft/artifact"
    13  	"github.com/anchore/syft/syft/file"
    14  	"github.com/anchore/syft/syft/pkg"
    15  	"github.com/anchore/syft/syft/pkg/cataloger/generic"
    16  )
    17  
    18  var _ generic.Parser = parsePodfileLock
    19  
    20  type podfileLock struct {
    21  	Pods            []interface{}       `yaml:"PODS"`
    22  	Dependencies    []string            `yaml:"DEPENDENCIES"`
    23  	SpecRepos       map[string][]string `yaml:"SPEC REPOS"`
    24  	SpecChecksums   map[string]string   `yaml:"SPEC CHECKSUMS"`
    25  	PodfileChecksum string              `yaml:"PODFILE CHECKSUM"`
    26  	Cocopods        string              `yaml:"COCOAPODS"`
    27  }
    28  
    29  // parsePodfileLock is a parser function for Podfile.lock contents, returning all cocoapods pods discovered.
    30  func parsePodfileLock(_ context.Context, _ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
    31  	bytes, err := io.ReadAll(reader)
    32  	if err != nil {
    33  		return nil, nil, fmt.Errorf("unable to read file: %w", err)
    34  	}
    35  	var podfile podfileLock
    36  	if err = yaml.Unmarshal(bytes, &podfile); err != nil {
    37  		return nil, nil, fmt.Errorf("unable to parse yaml: %w", err)
    38  	}
    39  
    40  	var pkgs []pkg.Package
    41  	for _, podInterface := range podfile.Pods {
    42  		var podBlob string
    43  		switch v := podInterface.(type) {
    44  		case map[string]interface{}:
    45  			for k := range v {
    46  				podBlob = k
    47  			}
    48  		case string:
    49  			podBlob = v
    50  		default:
    51  			return nil, nil, fmt.Errorf("malformed podfile.lock")
    52  		}
    53  		splits := strings.Split(podBlob, " ")
    54  		podName := splits[0]
    55  		podVersion := strings.TrimSuffix(strings.TrimPrefix(splits[1], "("), ")")
    56  		podRootPkg := strings.Split(podName, "/")[0]
    57  
    58  		var pkgHash string
    59  		pkgHash, exists := podfile.SpecChecksums[podRootPkg]
    60  		if !exists {
    61  			return nil, nil, fmt.Errorf("malformed podfile.lock: incomplete checksums")
    62  		}
    63  
    64  		pkgs = append(
    65  			pkgs,
    66  			newCocoaPodsPackage(
    67  				podName,
    68  				podVersion,
    69  				pkgHash,
    70  				reader.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
    71  			),
    72  		)
    73  	}
    74  
    75  	return pkgs, nil, unknown.IfEmptyf(pkgs, "unable to determine packages")
    76  }