github.com/google/osv-scalibr@v0.4.1/extractor/filesystem/language/r/renvlock/renvlock.go

github.com/google/osv-scalibr@v0.4.1/extractor/filesystem/language/r/renvlock/renvlock.go (about)

     1  // Copyright 2025 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Package renvlock extracts renv.lock files.
    16  package renvlock
    17  
    18  import (
    19  	"context"
    20  	"encoding/json"
    21  	"fmt"
    22  	"path/filepath"
    23  
    24  	"github.com/google/osv-scalibr/extractor"
    25  	"github.com/google/osv-scalibr/extractor/filesystem"
    26  	"github.com/google/osv-scalibr/inventory"
    27  	"github.com/google/osv-scalibr/plugin"
    28  	"github.com/google/osv-scalibr/purl"
    29  )
    30  
    31  const (
    32  	// Name is the unique name of this extractor.
    33  	Name = "r/renvlock"
    34  )
    35  
    36  type renvPackage struct {
    37  	Package    string `json:"Package"`
    38  	Version    string `json:"Version"`
    39  	Repository string `json:"Repository"`
    40  }
    41  
    42  type renvLockfile struct {
    43  	Packages map[string]renvPackage `json:"Packages"`
    44  }
    45  
    46  // Extractor extracts CRAN packages from renv.lock files.
    47  type Extractor struct{}
    48  
    49  // New returns a new instance of the extractor.
    50  func New() filesystem.Extractor { return &Extractor{} }
    51  
    52  // Name of the extractor
    53  func (e Extractor) Name() string { return Name }
    54  
    55  // Version of the extractor
    56  func (e Extractor) Version() int { return 0 }
    57  
    58  // Requirements of the extractor
    59  func (e Extractor) Requirements() *plugin.Capabilities {
    60  	return &plugin.Capabilities{}
    61  }
    62  
    63  // FileRequired returns true if the specified file matches renv lockfile patterns.
    64  func (e Extractor) FileRequired(api filesystem.FileAPI) bool {
    65  	return filepath.Base(api.Path()) == "renv.lock"
    66  }
    67  
    68  // Extract extracts packages from renv.lock files passed through the scan input.
    69  func (e Extractor) Extract(ctx context.Context, input *filesystem.ScanInput) (inventory.Inventory, error) {
    70  	var parsedLockfile *renvLockfile
    71  
    72  	err := json.NewDecoder(input.Reader).Decode(&parsedLockfile)
    73  
    74  	if err != nil {
    75  		return inventory.Inventory{}, fmt.Errorf("could not extract: %w", err)
    76  	}
    77  
    78  	packages := make([]*extractor.Package, 0, len(parsedLockfile.Packages))
    79  
    80  	for _, pkg := range parsedLockfile.Packages {
    81  		// currently we only support CRAN
    82  		if pkg.Repository != "CRAN" {
    83  			continue
    84  		}
    85  
    86  		packages = append(packages, &extractor.Package{
    87  			Name:      pkg.Package,
    88  			Version:   pkg.Version,
    89  			PURLType:  purl.TypeCran,
    90  			Locations: []string{input.Path},
    91  		})
    92  	}
    93  
    94  	return inventory.Inventory{Packages: packages}, nil
    95  }
    96  
    97  var _ filesystem.Extractor = Extractor{}