github.com/google/osv-scalibr@v0.4.1/guidedremediation/internal/manifest/manifest.go

github.com/google/osv-scalibr@v0.4.1/guidedremediation/internal/manifest/manifest.go (about)

     1  // Copyright 2025 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Package manifest provides methods for parsing and writing manifest files.
    16  package manifest
    17  
    18  import (
    19  	"deps.dev/util/resolve"
    20  	scalibrfs "github.com/google/osv-scalibr/fs"
    21  	"github.com/google/osv-scalibr/guidedremediation/result"
    22  	"github.com/google/osv-scalibr/guidedremediation/strategy"
    23  )
    24  
    25  // Manifest is the interface for the representation of a manifest file needed for dependency resolution.
    26  type Manifest interface {
    27  	FilePath() string                           // Path to the manifest file
    28  	Root() resolve.Version                      // Version representing this package
    29  	System() resolve.System                     // The System of this manifest
    30  	Requirements() []resolve.RequirementVersion // All direct requirements, including dev
    31  	Groups() map[RequirementKey][]string        // Dependency groups that the direct requirements belong to
    32  	LocalManifests() []Manifest                 // Manifests of local packages
    33  	EcosystemSpecific() any                     // Any ecosystem-specific information needed
    34  
    35  	PatchRequirement(req resolve.RequirementVersion) error // Patch the requirements to use new requirement.
    36  
    37  	Clone() Manifest // Clone the manifest
    38  }
    39  
    40  // RequirementKey is a comparable type that uniquely identifies a package dependency in a manifest.
    41  // It does not include the version specification.
    42  type RequirementKey any
    43  
    44  // ReadWriter is the interface for parsing and applying remediation patches to a manifest file.
    45  type ReadWriter interface {
    46  	System() resolve.System
    47  	Read(path string, fsys scalibrfs.FS) (Manifest, error)
    48  	SupportedStrategies() []strategy.Strategy
    49  
    50  	// Write writes the manifest after applying the patches to outputPath.
    51  	//
    52  	// original is the manifest without patches. fsys is the FS that the manifest was read from.
    53  	// outputPath is the path on disk (*not* in fsys) to write the entire patched manifest to (this can overwrite the original manifest).
    54  	Write(original Manifest, fsys scalibrfs.FS, patches []result.Patch, outputPath string) error
    55  }