github.com/google/osv-scalibr@v0.4.1/extractor/filesystem/os/homebrew/homebrew.go

github.com/google/osv-scalibr@v0.4.1/extractor/filesystem/os/homebrew/homebrew.go (about)

     1  // Copyright 2025 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Package homebrew extracts package information from OSX homebrew INSTALL_RECEIPT.json files.
    16  package homebrew
    17  
    18  import (
    19  	"context"
    20  	"strings"
    21  
    22  	"github.com/google/osv-scalibr/extractor"
    23  	"github.com/google/osv-scalibr/extractor/filesystem"
    24  	"github.com/google/osv-scalibr/inventory"
    25  	"github.com/google/osv-scalibr/plugin"
    26  	"github.com/google/osv-scalibr/purl"
    27  )
    28  
    29  const (
    30  	// Name is the unique name of this extractor.
    31  	Name = "os/homebrew"
    32  
    33  	caskPath       = "caskroom"
    34  	cellarPath     = "cellar"
    35  	cellarFileName = "install_receipt.json"
    36  	caskFileName1  = ".wrapper.sh"
    37  	caskFileName2  = "source.properties"
    38  	caskFileName3  = ".app"
    39  )
    40  
    41  // BrewPath struct holds homebrew package information from homebrew package path.
    42  // ../${appClass}/${appName}/${version}/${appFile}
    43  // e.g. ../Caskroom/firefox/1.1/firefox.wrapper.sh or ../Cellar/tree/1.1/INSTALL_RECEIPT.json
    44  type BrewPath struct {
    45  	AppName    string
    46  	AppVersion string
    47  	AppFile    string
    48  	AppExt     string
    49  }
    50  
    51  // Extractor extracts software details from a OSX Homebrew package path.
    52  type Extractor struct{}
    53  
    54  // New returns a new instance of the extractor.
    55  func New() filesystem.Extractor { return &Extractor{} }
    56  
    57  // Name of the extractor.
    58  func (e Extractor) Name() string { return Name }
    59  
    60  // Version of the extractor.
    61  func (e Extractor) Version() int { return 0 }
    62  
    63  // Requirements of the extractor.
    64  func (e Extractor) Requirements() *plugin.Capabilities { return &plugin.Capabilities{OS: plugin.OSMac} }
    65  
    66  // FileRequired returns true if the specified file path matches the homebrew path.
    67  func (e Extractor) FileRequired(api filesystem.FileAPI) bool {
    68  	filePath := strings.ToLower(api.Path())
    69  	// Homebrew installs are in the following paths:
    70  	// ../Cellar/${appName}/${version}/... or ../Caskroom/${appName}/${version}/...
    71  	// Example of paths:
    72  	// /usr/local/Cellar/... ; /opt/homebrew/Caskroom/... ; /usr/local/Caskroom/...;
    73  	// /Users/emat/homebrew/Caskroom/... etc.
    74  	// Ensure correct Homebrew path and file-name relationships are met for both Cellar and Caskroom.
    75  	return isCellar(filePath) || isCaskroom(filePath)
    76  }
    77  
    78  // isCellar verifies Path to filename relationship.
    79  func isCellar(filePath string) bool {
    80  	// ../Cellar/${appName}/${version}/INSTALL_RECEIPT.json
    81  	return strings.HasSuffix(filePath, cellarFileName) && strings.Contains(filePath, cellarPath)
    82  }
    83  
    84  // isCaskroom verifiesPath to filename relationships.
    85  func isCaskroom(filePath string) bool {
    86  	// ../Caskroom/${appName}/${version}/${appName}.wrapper.sh
    87  	// or ../Caskroom/${appName}/${version}/${folder/source.properties|source.properties}
    88  	// or ../Caskroom/${appName}/${version}/${appName}.app
    89  	if !(strings.HasSuffix(filePath, caskFileName1) || strings.HasSuffix(filePath, caskFileName2) || strings.HasSuffix(filePath, caskFileName3)) {
    90  		return false
    91  	}
    92  
    93  	return strings.Contains(filePath, caskPath)
    94  }
    95  
    96  // Extract parses the recognised Homebrew file path and returns information about the installed package.
    97  func (e Extractor) Extract(ctx context.Context, input *filesystem.ScanInput) (inventory.Inventory, error) {
    98  	p := SplitPath(input.Path)
    99  	if p == nil {
   100  		return inventory.Inventory{}, nil
   101  	}
   102  	return inventory.Inventory{Packages: []*extractor.Package{
   103  		{
   104  			Name:      p.AppName,
   105  			Version:   p.AppVersion,
   106  			PURLType:  purl.TypeBrew,
   107  			Locations: []string{input.Path},
   108  			Metadata:  &Metadata{},
   109  		},
   110  	}}, nil
   111  }
   112  
   113  // SplitPath takes the package path and splits it into its recognised struct components
   114  func SplitPath(path string) *BrewPath {
   115  	path = strings.ToLower(path)
   116  	pathParts := strings.Split(path, "/")
   117  	for i, pathPart := range pathParts {
   118  		// Check if the path is a homebrew path and if the path is of a valid length.
   119  		if (pathPart == cellarPath || pathPart == caskPath) && len(pathParts) > (i+3) {
   120  			return &BrewPath{
   121  				AppName:    pathParts[i+1],
   122  				AppVersion: pathParts[i+2],
   123  				AppFile:    pathParts[i+3],
   124  				AppExt:     pathParts[len(pathParts)-1],
   125  			}
   126  		}
   127  	}
   128  	return nil
   129  }