github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/pkg/cataloger/rust/parse_cargo_lock.go

github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/pkg/cataloger/rust/parse_cargo_lock.go (about)

     1  package rust
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  
     7  	"github.com/pelletier/go-toml"
     8  
     9  	"github.com/anchore/syft/syft/artifact"
    10  	"github.com/anchore/syft/syft/file"
    11  	"github.com/anchore/syft/syft/pkg"
    12  	"github.com/anchore/syft/syft/pkg/cataloger/generic"
    13  )
    14  
    15  var _ generic.Parser = parseCargoLock
    16  
    17  type cargoLockFile struct {
    18  	Packages []pkg.RustCargoLockEntry `toml:"package"`
    19  }
    20  
    21  // parseCargoLock is a parser function for Cargo.lock contents, returning all rust cargo crates discovered.
    22  func parseCargoLock(_ context.Context, _ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
    23  	tree, err := toml.LoadReader(reader)
    24  	if err != nil {
    25  		return nil, nil, fmt.Errorf("unable to load Cargo.lock for parsing: %w", err)
    26  	}
    27  
    28  	m := cargoLockFile{}
    29  	err = tree.Unmarshal(&m)
    30  	if err != nil {
    31  		return nil, nil, fmt.Errorf("unable to parse Cargo.lock: %w", err)
    32  	}
    33  
    34  	var pkgs []pkg.Package
    35  
    36  	for _, p := range m.Packages {
    37  		if p.Dependencies == nil {
    38  			p.Dependencies = make([]string, 0)
    39  		}
    40  		pkgs = append(
    41  			pkgs,
    42  			newPackageFromCargoMetadata(
    43  				p,
    44  				reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
    45  			),
    46  		)
    47  	}
    48  
    49  	return pkgs, nil, nil
    50  }