github.com/lineaje-labs/syft@v0.98.1-0.20231227153149-9e393f60ff1b/syft/pkg/cataloger/swift/parse_podfile_lock.go

github.com/lineaje-labs/syft@v0.98.1-0.20231227153149-9e393f60ff1b/syft/pkg/cataloger/swift/parse_podfile_lock.go (about)

     1  package swift
     2  
     3  import (
     4  	"fmt"
     5  	"io"
     6  	"strings"
     7  
     8  	"gopkg.in/yaml.v3"
     9  
    10  	"github.com/anchore/syft/syft/artifact"
    11  	"github.com/anchore/syft/syft/file"
    12  	"github.com/anchore/syft/syft/pkg"
    13  	"github.com/anchore/syft/syft/pkg/cataloger/generic"
    14  )
    15  
    16  var _ generic.Parser = parsePodfileLock
    17  
    18  type podfileLock struct {
    19  	Pods            []interface{}       `yaml:"PODS"`
    20  	Dependencies    []string            `yaml:"DEPENDENCIES"`
    21  	SpecRepos       map[string][]string `yaml:"SPEC REPOS"`
    22  	SpecChecksums   map[string]string   `yaml:"SPEC CHECKSUMS"`
    23  	PodfileChecksum string              `yaml:"PODFILE CHECKSUM"`
    24  	Cocopods        string              `yaml:"COCOAPODS"`
    25  }
    26  
    27  // parsePodfileLock is a parser function for Podfile.lock contents, returning all cocoapods pods discovered.
    28  func parsePodfileLock(_ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
    29  	bytes, err := io.ReadAll(reader)
    30  	if err != nil {
    31  		return nil, nil, fmt.Errorf("unable to read file: %w", err)
    32  	}
    33  	var podfile podfileLock
    34  	if err = yaml.Unmarshal(bytes, &podfile); err != nil {
    35  		return nil, nil, fmt.Errorf("unable to parse yaml: %w", err)
    36  	}
    37  
    38  	var pkgs []pkg.Package
    39  	for _, podInterface := range podfile.Pods {
    40  		var podBlob string
    41  		switch v := podInterface.(type) {
    42  		case map[string]interface{}:
    43  			for k := range v {
    44  				podBlob = k
    45  			}
    46  		case string:
    47  			podBlob = v
    48  		default:
    49  			return nil, nil, fmt.Errorf("malformed podfile.lock")
    50  		}
    51  		splits := strings.Split(podBlob, " ")
    52  		podName := splits[0]
    53  		podVersion := strings.TrimSuffix(strings.TrimPrefix(splits[1], "("), ")")
    54  		podRootPkg := strings.Split(podName, "/")[0]
    55  
    56  		var pkgHash string
    57  		pkgHash, exists := podfile.SpecChecksums[podRootPkg]
    58  		if !exists {
    59  			return nil, nil, fmt.Errorf("malformed podfile.lock: incomplete checksums")
    60  		}
    61  
    62  		pkgs = append(
    63  			pkgs,
    64  			newCocoaPodsPackage(
    65  				podName,
    66  				podVersion,
    67  				pkgHash,
    68  				reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
    69  			),
    70  		)
    71  	}
    72  
    73  	return pkgs, nil, nil
    74  }