github.com/anchore/syft@v1.38.2/syft/pkg/conda.go

github.com/anchore/syft@v1.38.2/syft/pkg/conda.go (about)

     1  package pkg
     2  
     3  import (
     4  	"sort"
     5  
     6  	"github.com/scylladb/go-set/strset"
     7  )
     8  
     9  // CondaPathData represents metadata for a single file within a Conda package from the paths.json file.
    10  type CondaPathData struct {
    11  	// Path is the file path relative to the Conda environment root.
    12  	Path string `json:"_path"`
    13  
    14  	// PathType indicates the link type for the file (e.g., "hardlink", "softlink", "directory").
    15  	PathType string `json:"path_type"`
    16  
    17  	// SHA256 is the SHA-256 hash of the file contents.
    18  	SHA256 string `json:"sha256"`
    19  
    20  	// SHA256InPrefix is the SHA-256 hash of the file after prefix replacement during installation.
    21  	SHA256InPrefix string `json:"sha256_in_prefix"`
    22  
    23  	// SizeInBytes is the file size in bytes.
    24  	SizeInBytes int64 `json:"size_in_bytes"`
    25  }
    26  
    27  // CondaPathsData represents the paths.json file structure from a Conda package containing file metadata.
    28  type CondaPathsData struct {
    29  	// PathsVersion is the schema version of the paths data format.
    30  	PathsVersion int `json:"paths_version"`
    31  
    32  	// Paths is the list of file metadata entries for all files in the package.
    33  	Paths []CondaPathData `json:"paths"`
    34  }
    35  
    36  // CondaLink represents link metadata from a Conda package's link.json file describing package installation source.
    37  type CondaLink struct {
    38  	// Source is the original path where the package was extracted from cache.
    39  	Source string `json:"source"`
    40  
    41  	// Type indicates the link type (1 for hard link, 2 for soft link, 3 for copy).
    42  	Type int `json:"type"`
    43  }
    44  
    45  // CondaMetaPackage represents metadata for a Conda package extracted from the conda-meta/*.json files.
    46  type CondaMetaPackage struct {
    47  	// Arch is the target CPU architecture for the package (e.g., "arm64", "x86_64").
    48  	Arch string `json:"arch,omitempty"`
    49  
    50  	// Name is the package name as found in the conda-meta JSON file.
    51  	Name string `json:"name"`
    52  
    53  	// Version is the package version as found in the conda-meta JSON file.
    54  	Version string `json:"version"`
    55  
    56  	// Build is the build string identifier (e.g., "h90dfc92_1014").
    57  	Build string `json:"build"`
    58  
    59  	// BuildNumber is the sequential build number for this version.
    60  	BuildNumber int `json:"build_number"`
    61  
    62  	// Channel is the Conda channel URL where the package was retrieved from.
    63  	Channel string `json:"channel,omitempty"`
    64  
    65  	// Subdir is the subdirectory within the channel (e.g., "osx-arm64", "linux-64").
    66  	Subdir string `json:"subdir,omitempty"`
    67  
    68  	// Noarch indicates if the package is platform-independent (e.g., "python", "generic").
    69  	Noarch string `json:"noarch,omitempty"`
    70  
    71  	// License is the package license identifier.
    72  	License string `json:"license,omitempty"`
    73  
    74  	// LicenseFamily is the general license category (e.g., "MIT", "Apache", "GPL").
    75  	LicenseFamily string `json:"license_family,omitempty"`
    76  
    77  	// MD5 is the MD5 hash of the package archive.
    78  	MD5 string `json:"md5,omitempty"`
    79  
    80  	// SHA256 is the SHA-256 hash of the package archive.
    81  	SHA256 string `json:"sha256,omitempty"`
    82  
    83  	// Size is the package archive size in bytes.
    84  	Size int64 `json:"size,omitempty"`
    85  
    86  	// Timestamp is the Unix timestamp when the package was built.
    87  	Timestamp int64 `json:"timestamp,omitempty"`
    88  
    89  	// Filename is the original package archive filename (e.g., "zlib-1.2.11-h90dfc92_1014.tar.bz2").
    90  	Filename string `json:"fn,omitempty"`
    91  
    92  	// URL is the full download URL for the package archive.
    93  	URL string `json:"url,omitempty"`
    94  
    95  	// ExtractedPackageDir is the local cache directory where the package was extracted.
    96  	ExtractedPackageDir string `json:"extracted_package_dir,omitempty"`
    97  
    98  	// Depends is the list of runtime dependencies with version constraints.
    99  	Depends []string `json:"depends,omitempty"`
   100  
   101  	// Files is the list of files installed by this package.
   102  	Files []string `json:"files,omitempty"`
   103  
   104  	// PathsData contains detailed file metadata from the paths.json file.
   105  	PathsData *CondaPathsData `json:"paths_data,omitempty"`
   106  
   107  	// Link contains installation source metadata from the link.json file.
   108  	Link *CondaLink `json:"link,omitempty"`
   109  }
   110  
   111  func (m CondaMetaPackage) OwnedFiles() (result []string) {
   112  	s := strset.New()
   113  	for _, f := range m.Files {
   114  		if f != "" {
   115  			s.Add(f)
   116  		}
   117  	}
   118  	result = s.List()
   119  	sort.Strings(result)
   120  	return result
   121  }