github.com/lineaje-labs/syft@v0.98.1-0.20231227153149-9e393f60ff1b/test/integration/catalog_packages_cases_test.go (about) 1 package integration 2 3 import "github.com/anchore/syft/syft/pkg" 4 5 type testCase struct { 6 name string 7 pkgType pkg.Type 8 pkgLanguage pkg.Language 9 duplicates int 10 pkgInfo map[string]string 11 } 12 13 var imageOnlyTestCases = []testCase{ 14 { 15 name: "find gemspec packages", 16 pkgType: pkg.GemPkg, 17 pkgLanguage: pkg.Ruby, 18 pkgInfo: map[string]string{ 19 // specifications in the root specification directory 20 "bundler": "2.1.4", 21 // specifications in named directories 22 "unbundler": "3.1.4", 23 }, 24 }, 25 { 26 name: "find npm package", 27 pkgType: pkg.NpmPkg, 28 pkgLanguage: pkg.JavaScript, 29 pkgInfo: map[string]string{ 30 "npm": "6.14.6", 31 }, 32 }, 33 { 34 name: "find python egg & wheel packages", 35 pkgType: pkg.PythonPkg, 36 pkgLanguage: pkg.Python, 37 pkgInfo: map[string]string{ 38 "Pygments": "2.6.1", 39 "requests": "2.22.0", 40 "somerequests": "3.22.0", 41 "someotherpkg": "3.19.0", 42 }, 43 }, 44 { 45 name: "find PHP composer installed.json packages", 46 pkgType: pkg.PhpComposerPkg, 47 pkgLanguage: pkg.PHP, 48 pkgInfo: map[string]string{ 49 "nikic/fast-route": "v1.3.0", 50 "psr/container": "2.0.2", 51 "psr/http-factory": "1.0.1", 52 }, 53 }, 54 { 55 // When the image is build lib overwrites pkgs/lib causing there to only be two packages 56 name: "find apkdb packages", 57 pkgType: pkg.ApkPkg, 58 pkgInfo: map[string]string{ 59 "musl-utils": "1.1.24-r2", 60 "libc-utils": "0.7.2-r0", 61 }, 62 }, 63 { 64 name: "find java packages excluding pom.xml", // image scans can not include packages that have yet to be installed 65 pkgType: pkg.JavaPkg, 66 pkgLanguage: pkg.Java, 67 pkgInfo: map[string]string{ 68 "example-java-app-maven": "0.1.0", 69 "joda-time": "2.9.2", 70 }, 71 }, 72 { 73 name: "find R packages", 74 pkgType: pkg.Rpkg, 75 pkgLanguage: pkg.R, 76 pkgInfo: map[string]string{ 77 "base": "4.3.0", 78 }, 79 }, 80 { 81 name: "find dot net executable", 82 pkgType: pkg.DotnetPkg, 83 pkgLanguage: pkg.Dotnet, 84 pkgInfo: map[string]string{ 85 "DocuSign.eSign": "6.8.0.0", 86 }, 87 }, 88 } 89 90 var dirOnlyTestCases = []testCase{ 91 { 92 name: "find gemfile packages", 93 pkgType: pkg.GemPkg, 94 pkgLanguage: pkg.Ruby, 95 pkgInfo: map[string]string{ 96 "actionmailer": "4.1.1", 97 "actionpack": "4.1.1", 98 "actionview": "4.1.1", 99 "activemodel": "4.1.1", 100 "activerecord": "4.1.1", 101 "activesupport": "4.1.1", 102 "arel": "5.0.1.20140414130214", 103 "bootstrap-sass": "3.1.1.1", 104 "builder": "3.2.2", 105 "bundler": "2.1.4", 106 "coffee-rails": "4.0.1", 107 "coffee-script": "2.2.0", 108 "coffee-script-source": "1.7.0", 109 "erubis": "2.7.0", 110 "execjs": "2.0.2", 111 "google-cloud-errors": "1.3.0", 112 "hike": "1.2.3", 113 "i18n": "0.6.9", 114 "jbuilder": "2.0.7", 115 "jquery-rails": "3.1.0", 116 "json": "1.8.1", 117 "kgio": "2.9.2", 118 "libv8": "3.16.14.3", 119 "mail": "2.5.4", 120 "mime-types": "1.25.1", 121 "minitest": "5.3.4", 122 "multi_json": "1.10.1", 123 "mysql2": "0.3.16", 124 "polyglot": "0.3.4", 125 "rack": "1.5.2", 126 "rack-test": "0.6.2", 127 "rails": "4.1.1", 128 "railties": "4.1.1", 129 "raindrops": "0.13.0", 130 "rake": "10.3.2", 131 "rdoc": "4.1.1", 132 "ref": "1.0.5", 133 "sass": "3.2.19", 134 "sass-rails": "4.0.3", 135 "sdoc": "0.4.0", 136 "spring": "1.1.3", 137 "sprockets": "2.11.0", 138 "sprockets-rails": "2.1.3", 139 "sqlite3": "1.3.9", 140 "therubyracer": "0.12.1", 141 "thor": "0.19.1", 142 "thread_safe": "0.3.3", 143 "tilt": "1.4.1", 144 "treetop": "1.4.15", 145 "turbolinks": "3.0.0", 146 "tzinfo": "1.2.0", 147 "uglifier": "2.5.0", 148 "unbundler": "3.1.4", 149 "unicorn": "4.8.3", 150 }, 151 }, 152 { 153 name: "find javascript npm packages (yarn.lock & package-lock.json)", 154 pkgType: pkg.NpmPkg, 155 pkgLanguage: pkg.JavaScript, 156 pkgInfo: map[string]string{ 157 "@babel/code-frame": "7.10.4", 158 "get-stdin": "8.0.0", 159 }, 160 }, 161 { 162 name: "find python requirements.txt & setup.py package references", 163 pkgType: pkg.PythonPkg, 164 pkgLanguage: pkg.Python, 165 pkgInfo: map[string]string{ 166 // dir specific test cases 167 "flask": "4.0.0", 168 "python-dateutil": "2.8.1", 169 "python-swiftclient": "3.8.1", 170 "pytz": "2019.3", 171 "jsonschema": "2.6.0", 172 "passlib": "1.7.2", 173 "mypy": "v0.770", 174 // common to image and directory 175 "Pygments": "2.6.1", 176 "requests": "2.22.0", 177 "somerequests": "3.22.0", 178 "someotherpkg": "3.19.0", 179 }, 180 }, 181 { 182 name: "find golang modules", 183 pkgType: pkg.GoModulePkg, 184 pkgLanguage: pkg.Go, 185 pkgInfo: map[string]string{ 186 "github.com/bmatcuk/doublestar": "v1.3.1", 187 }, 188 }, 189 { 190 name: "find conan packages", 191 pkgType: pkg.ConanPkg, 192 pkgLanguage: pkg.CPP, 193 pkgInfo: map[string]string{ 194 "catch2": "2.13.8", 195 "docopt.cpp": "0.6.3", 196 "fmt": "8.1.1", 197 "spdlog": "1.9.2", 198 "sdl": "2.0.20", 199 "fltk": "1.3.8", 200 }, 201 }, 202 { 203 name: "find rust crates", 204 pkgType: pkg.RustPkg, 205 pkgLanguage: pkg.Rust, 206 pkgInfo: map[string]string{ 207 "memchr": "2.3.3", 208 "nom": "4.2.3", 209 "version_check": "0.1.5", 210 }, 211 }, 212 { 213 name: "find apkdb packages", 214 pkgType: pkg.ApkPkg, 215 duplicates: 2, // when the directory is cataloged we have duplicates between lib/ and pkgs/lib 216 pkgInfo: map[string]string{ 217 "musl-utils": "1.1.24-r2", 218 "libc-utils": "0.7.2-r0", 219 }, 220 }, 221 { 222 name: "find php composer package", 223 pkgType: pkg.PhpComposerPkg, 224 pkgLanguage: pkg.PHP, 225 pkgInfo: map[string]string{ 226 "adoy/fastcgi-client": "1.0.2", 227 "alcaeus/mongo-php-adapter": "1.1.11", 228 }, 229 }, 230 { 231 name: "find pubspec lock packages", 232 pkgType: pkg.DartPubPkg, 233 pkgLanguage: pkg.Dart, 234 pkgInfo: map[string]string{ 235 "ansicolor": "1.1.1", 236 "archive": "2.0.13", 237 "args": "1.6.0", 238 "key_binder": "1.11.20", 239 "ale": "3.3.0", 240 "analyzer": "0.40.7", 241 }, 242 }, 243 { 244 name: "find dotnet packages", 245 pkgType: pkg.DotnetPkg, 246 pkgLanguage: pkg.Dotnet, 247 pkgInfo: map[string]string{ 248 "AWSSDK.Core": "3.7.10.6", 249 "Microsoft.Extensions.DependencyInjection": "6.0.0", 250 "Microsoft.Extensions.DependencyInjection.Abstractions": "6.0.0", 251 "Microsoft.Extensions.Logging": "6.0.0", 252 "Microsoft.Extensions.Logging.Abstractions": "6.0.0", 253 "Microsoft.Extensions.Options": "6.0.0", 254 "Microsoft.Extensions.Primitives": "6.0.0", 255 "Newtonsoft.Json": "13.0.1", 256 "Serilog": "2.10.0", 257 "Serilog.Sinks.Console": "4.0.1", 258 "System.Diagnostics.DiagnosticSource": "6.0.0", 259 "System.Runtime.CompilerServices.Unsafe": "6.0.0", 260 "TestCommon": "1.0.0", 261 "TestLibrary": "1.0.0", 262 }, 263 }, 264 { 265 name: "find java packages including pom.xml", // directory scans can include packages that have yet to be installed 266 pkgType: pkg.JavaPkg, 267 pkgLanguage: pkg.Java, 268 duplicates: 1, // joda-time is included in both pom.xml AND the .jar collection 269 pkgInfo: map[string]string{ 270 "example-java-app-maven": "0.1.0", 271 "joda-time": "2.9.2", 272 "junit": "4.12", 273 }, 274 }, 275 { 276 name: "find cocoapods packages", 277 pkgType: pkg.CocoapodsPkg, 278 pkgLanguage: pkg.Swift, 279 pkgInfo: map[string]string{ 280 "GlossButtonNode": "3.1.2", 281 "PINCache": "3.0.3", 282 "PINCache/Arc-exception-safe": "3.0.3", 283 "PINCache/Core": "3.0.3", 284 "PINOperation": "1.2.1", 285 "PINRemoteImage/Core": "3.0.3", 286 "PINRemoteImage/iOS": "3.0.3", 287 "PINRemoteImage/PINCache": "3.0.3", 288 "Reveal-SDK": "33", 289 "SwiftGen": "6.5.1", 290 "Texture": "3.1.0", 291 "Texture/AssetsLibrary": "3.1.0", 292 "Texture/Core": "3.1.0", 293 "Texture/MapKit": "3.1.0", 294 "Texture/Photos": "3.1.0", 295 "Texture/PINRemoteImage": "3.1.0", 296 "Texture/Video": "3.1.0", 297 "TextureSwiftSupport": "3.13.0", 298 "TextureSwiftSupport/Components": "3.13.0", 299 "TextureSwiftSupport/Experiments": "3.13.0", 300 "TextureSwiftSupport/Extensions": "3.13.0", 301 "TextureSwiftSupport/LayoutSpecBuilders": "3.13.0", 302 "TinyConstraints": "4.0.2", 303 }, 304 }, 305 { 306 name: "find hackage packages", 307 pkgType: pkg.HackagePkg, 308 pkgLanguage: pkg.Haskell, 309 pkgInfo: map[string]string{ 310 "Cabal": "3.2.1.0", 311 "Diff": "0.4.1", 312 "HTTP": "4000.3.16", 313 "HUnit": "1.6.2.0", 314 "OneTuple": "0.3.1", 315 "Only": "0.1", 316 "PyF": "0.10.2.0", 317 "QuickCheck": "2.14.2", 318 "RSA": "2.4.1", 319 "SHA": "1.6.4.4", 320 "Spock": "0.14.0.0", 321 "ShellCheck": "0.8.0", 322 "colourista": "0.1.0.1", 323 "language-docker": "11.0.0", 324 "spdx": "1.0.0.2", 325 "hspec": "2.9.4", 326 "hspec-core": "2.9.4", 327 "hspec-discover": "2.9.4", 328 "stm": "2.5.0.2", 329 "configurator-pg": "0.2.6", 330 "hasql-dynamic-statements": "0.3.1.1", 331 "hasql-implicits": "0.1.0.4", 332 "hasql-pool": "0.5.2.2", 333 "lens-aeson": "1.1.3", 334 "optparse-applicative": "0.16.1.0", 335 "protolude": "0.3.2", 336 "ptr": "0.16.8.2", 337 }, 338 }, 339 { 340 name: "find hex packages", 341 pkgType: pkg.HexPkg, 342 pkgLanguage: pkg.Elixir + "," + pkg.Erlang, 343 pkgInfo: map[string]string{ 344 // elixir 345 "castore": "0.1.17", 346 "connection": "1.1.0", 347 "cowboy": "2.9.0", 348 "cowboy_telemetry": "0.4.0", 349 "cowlib": "2.11.0", 350 "db_connection": "2.4.2", 351 "decimal": "2.0.0", 352 "earmark_parser": "1.4.25", 353 "ecto": "3.8.1", 354 "ecto_sql": "3.8.1", 355 "esbuild": "0.5.0", 356 "ex_doc": "0.28.4", 357 "gettext": "0.19.1", 358 "hpax": "0.1.1", 359 "jason": "1.3.0", 360 361 // erlang 362 "certifi": "2.9.0", 363 "idna": "6.1.1", 364 "metrics": "1.0.1", 365 "mimerl": "1.2.0", 366 "parse_trans": "3.3.1", 367 "ssl_verify_fun": "1.1.6", 368 "unicode_util_compat": "0.7.0", 369 }, 370 }, 371 { 372 name: "find swift package manager packages", 373 pkgType: pkg.SwiftPkg, 374 pkgLanguage: pkg.Swift, 375 pkgInfo: map[string]string{ 376 "swift-algorithms": "1.0.0", 377 "swift-async-algorithms": "0.1.0", 378 "swift-atomics": "1.1.0", 379 "swift-collections": "1.0.4", 380 "swift-numerics": "1.0.2", 381 }, 382 }, 383 { 384 name: "find github action packages (from usage in workflow files and composite actions)", 385 pkgType: pkg.GithubActionPkg, 386 pkgInfo: map[string]string{ 387 "actions/checkout": "v4", 388 }, 389 }, 390 { 391 name: "find github shared workflow calls (from usage in workflow files)", 392 pkgType: pkg.GithubActionWorkflowPkg, 393 pkgInfo: map[string]string{ 394 "octo-org/this-repo/.github/workflows/workflow-1.yml": "172239021f7ba04fe7327647b213799853a9eb89", 395 }, 396 }, 397 } 398 399 var commonTestCases = []testCase{ 400 { 401 name: "find alpm packages", 402 pkgType: pkg.AlpmPkg, 403 pkgInfo: map[string]string{ 404 "pacman": "6.0.1-5", 405 }, 406 }, 407 { 408 name: "find rpmdb packages", 409 pkgType: pkg.RpmPkg, 410 pkgInfo: map[string]string{ 411 "dive": "0.9.2-1", 412 }, 413 }, 414 { 415 name: "find dpkg packages", 416 pkgType: pkg.DebPkg, 417 pkgInfo: map[string]string{ 418 "apt": "1.8.2", 419 "dash": "0.5.8-2.4", 420 "netbase": "5.4", 421 }, 422 }, 423 { 424 name: "find portage packages", 425 pkgType: pkg.PortagePkg, 426 pkgInfo: map[string]string{ 427 "app-containers/skopeo": "1.5.1", 428 }, 429 }, 430 431 { 432 name: "find jenkins plugins", 433 pkgType: pkg.JenkinsPluginPkg, 434 pkgLanguage: pkg.Java, 435 duplicates: 1, // there is a "example-jenkins-plugin" HPI, and nested within that a JAR of the same name 436 pkgInfo: map[string]string{ 437 "example-jenkins-plugin": "1.0-SNAPSHOT", 438 }, 439 }, 440 { 441 name: "find nix store packages", 442 pkgType: pkg.NixPkg, 443 pkgInfo: map[string]string{ 444 "glibc": "2.34-210", 445 }, 446 }, 447 }