github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/pkg/python.go

github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/syft/pkg/python.go (about)

     1  package pkg
     2  
     3  import (
     4  	"sort"
     5  
     6  	"github.com/scylladb/go-set/strset"
     7  )
     8  
     9  var _ FileOwner = (*PythonPackage)(nil)
    10  
    11  // PythonPackage represents all captured data for a python egg or wheel package (specifically as outlined in
    12  // the PyPA core metadata specification https://packaging.python.org/en/latest/specifications/core-metadata/).
    13  // Historically these were defined in PEPs 345, 314, and 241, but have been superseded by PEP 566. This means that this
    14  // struct can (partially) express at least versions 1.0, 1.1, 1.2, 2.1, 2.2, and 2.3 of the metadata format.
    15  type PythonPackage struct {
    16  	Name                 string                     `json:"name" mapstruct:"Name"`
    17  	Version              string                     `json:"version" mapstruct:"Version"`
    18  	Author               string                     `json:"author" mapstruct:"Author"`
    19  	AuthorEmail          string                     `json:"authorEmail" mapstruct:"Authoremail"`
    20  	Platform             string                     `json:"platform" mapstruct:"Platform"`
    21  	Files                []PythonFileRecord         `json:"files,omitempty"`
    22  	SitePackagesRootPath string                     `json:"sitePackagesRootPath"`
    23  	TopLevelPackages     []string                   `json:"topLevelPackages,omitempty"`
    24  	DirectURLOrigin      *PythonDirectURLOriginInfo `json:"directUrlOrigin,omitempty"`
    25  }
    26  
    27  // PythonFileDigest represents the file metadata for a single file attributed to a python package.
    28  type PythonFileDigest struct {
    29  	Algorithm string `json:"algorithm"`
    30  	Value     string `json:"value"`
    31  }
    32  
    33  // PythonFileRecord represents a single entry within a RECORD file for a python wheel or egg package
    34  type PythonFileRecord struct {
    35  	Path   string            `json:"path"`
    36  	Digest *PythonFileDigest `json:"digest,omitempty"`
    37  	Size   string            `json:"size,omitempty"`
    38  }
    39  
    40  type PythonDirectURLOriginInfo struct {
    41  	URL      string `json:"url"`
    42  	CommitID string `json:"commitId,omitempty"`
    43  	VCS      string `json:"vcs,omitempty"`
    44  }
    45  
    46  func (m PythonPackage) OwnedFiles() (result []string) {
    47  	s := strset.New()
    48  	for _, f := range m.Files {
    49  		if f.Path != "" {
    50  			s.Add(f.Path)
    51  		}
    52  	}
    53  	result = s.List()
    54  	sort.Strings(result)
    55  	return result
    56  }
    57  
    58  // PythonPipfileLockEntry represents a single package entry within a Pipfile.lock file.
    59  type PythonPipfileLockEntry struct {
    60  	Hashes []string `mapstructure:"hashes" json:"hashes"`
    61  	Index  string   `mapstructure:"index" json:"index"`
    62  }
    63  
    64  // PythonPoetryLockEntry represents a single package entry within a Pipfile.lock file.
    65  type PythonPoetryLockEntry struct {
    66  	Index string `mapstructure:"index" json:"index"`
    67  }
    68  
    69  // PythonRequirementsEntry represents a single entry within a [*-]requirements.txt file.
    70  type PythonRequirementsEntry struct {
    71  	Name              string   `json:"name" mapstruct:"Name"`
    72  	Extras            []string `json:"extras,omitempty" mapstruct:"Extras"`
    73  	VersionConstraint string   `json:"versionConstraint" mapstruct:"VersionConstraint"`
    74  	URL               string   `json:"url,omitempty" mapstruct:"URL"`
    75  	Markers           string   `json:"markers,omitempty" mapstruct:"Markers"`
    76  }