github.com/google/osv-scalibr@v0.4.1/extractor/filesystem/language/lua/luarocks/luarocks.go (about) 1 // Copyright 2025 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 // Package luarocks extracts .rockspec files from Lua modules. 16 package luarocks 17 18 import ( 19 "context" 20 "path/filepath" 21 "strings" 22 23 "github.com/google/osv-scalibr/extractor" 24 "github.com/google/osv-scalibr/extractor/filesystem" 25 "github.com/google/osv-scalibr/inventory" 26 "github.com/google/osv-scalibr/log" 27 "github.com/google/osv-scalibr/plugin" 28 "github.com/google/osv-scalibr/purl" 29 ) 30 31 const ( 32 // Name is the unique name of this extractor. 33 Name = "lua/luarocks" 34 ) 35 36 // Extractor extracts Lua module info from .rockspec files. 37 type Extractor struct{} 38 39 // New returns a lua luarocks extractor. 40 func New() filesystem.Extractor { return &Extractor{} } 41 42 // Name of the extractor 43 func (e Extractor) Name() string { return Name } 44 45 // Version of the extractor 46 func (e Extractor) Version() int { return 0 } 47 48 // Requirements of the extractor. 49 func (e Extractor) Requirements() *plugin.Capabilities { return &plugin.Capabilities{} } 50 51 // FileRequired return true if the specified file matched the .rockspec file pattern. 52 func (e Extractor) FileRequired(api filesystem.FileAPI) bool { 53 path := api.Path() 54 55 if !strings.HasSuffix(path, ".rockspec") { 56 return false 57 } 58 59 parts := strings.Split(filepath.Clean(path), string(filepath.Separator)) 60 61 // Check if there are enough parts because a regular path should contain at least /rocks-5.x/../../x.rockspec 62 if len(parts) < 4 { 63 // Path is too short to have a 4rd parent 64 return false 65 } 66 // 3rd parent from the file 67 rocksParent := parts[len(parts)-4] 68 69 // check parents folder for the following path convention: ../rocks-5.x/../../x.rockspec 70 if !strings.HasPrefix(rocksParent, "rocks-") { 71 return false 72 } 73 return true 74 } 75 76 // Extract extracts Package info from .rockspec file passed through the scan input. 77 func (e Extractor) Extract(ctx context.Context, input *filesystem.ScanInput) (inventory.Inventory, error) { 78 pkgs := e.extractFromPath(input.Path) 79 return inventory.Inventory{Packages: pkgs}, nil 80 } 81 82 func (e Extractor) extractFromPath(path string) []*extractor.Package { 83 // Split path into components 84 parts := strings.Split(filepath.Clean(path), string(filepath.Separator)) 85 86 if len(parts) >= 4 && strings.HasPrefix(parts[len(parts)-4], "rocks-") { 87 // 2nd parent = module name, 1st parent = version 88 module := parts[len(parts)-3] 89 version := parts[len(parts)-2] 90 pkg := &extractor.Package{ 91 Name: module, 92 Version: version, 93 PURLType: purl.TypeLua, 94 Locations: []string{path}, 95 } 96 return []*extractor.Package{pkg} 97 } 98 99 log.Errorf("failed to extract package version from the following path : %s", path) 100 return nil 101 }