github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/pkg/cataloger/binary/classifier_package.go

github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/pkg/cataloger/binary/classifier_package.go (about)

     1  package binary
     2  
     3  import (
     4  	"reflect"
     5  
     6  	"github.com/anchore/packageurl-go"
     7  	"github.com/anchore/syft/syft/cpe"
     8  	"github.com/anchore/syft/syft/file"
     9  	"github.com/anchore/syft/syft/pkg"
    10  )
    11  
    12  var emptyPURL = packageurl.PackageURL{}
    13  
    14  func newClassifierPackage(classifier Classifier, location file.Location, matchMetadata map[string]string) *pkg.Package {
    15  	version, ok := matchMetadata["version"]
    16  	if !ok {
    17  		return nil
    18  	}
    19  
    20  	update := matchMetadata["update"]
    21  
    22  	var cpes []cpe.CPE
    23  	for _, c := range classifier.CPEs {
    24  		c.Attributes.Version = version
    25  		c.Attributes.Update = update
    26  		cpes = append(cpes, c)
    27  	}
    28  
    29  	p := pkg.Package{
    30  		Name:    classifier.Package,
    31  		Version: version,
    32  		Locations: file.NewLocationSet(
    33  			location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
    34  		),
    35  		Type:    pkg.BinaryPkg,
    36  		CPEs:    cpes,
    37  		FoundBy: catalogerName,
    38  		Metadata: pkg.BinarySignature{
    39  			Matches: []pkg.ClassifierMatch{
    40  				{
    41  					Classifier: classifier.Class,
    42  					Location:   location,
    43  				},
    44  			},
    45  		},
    46  	}
    47  
    48  	if !reflect.DeepEqual(classifier.PURL, emptyPURL) {
    49  		purl := classifier.PURL
    50  		purl.Version = version
    51  		p.PURL = purl.ToString()
    52  	}
    53  
    54  	p.SetID()
    55  
    56  	return &p
    57  }