github.com/nextlinux/gosbom@v0.81.1-0.20230627115839-1ff50c281391/gosbom/pkg/cataloger/rust/parse_cargo_lock.go

github.com/nextlinux/gosbom@v0.81.1-0.20230627115839-1ff50c281391/gosbom/pkg/cataloger/rust/parse_cargo_lock.go (about)

     1  package rust
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"github.com/nextlinux/gosbom/gosbom/artifact"
     7  	"github.com/nextlinux/gosbom/gosbom/file"
     8  	"github.com/nextlinux/gosbom/gosbom/pkg"
     9  	"github.com/nextlinux/gosbom/gosbom/pkg/cataloger/generic"
    10  	"github.com/pelletier/go-toml"
    11  )
    12  
    13  var _ generic.Parser = parseCargoLock
    14  
    15  type cargoLockFile struct {
    16  	Packages []pkg.CargoPackageMetadata `toml:"package"`
    17  }
    18  
    19  // parseCargoLock is a parser function for Cargo.lock contents, returning all rust cargo crates discovered.
    20  func parseCargoLock(_ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
    21  	tree, err := toml.LoadReader(reader)
    22  	if err != nil {
    23  		return nil, nil, fmt.Errorf("unable to load Cargo.lock for parsing: %w", err)
    24  	}
    25  
    26  	m := cargoLockFile{}
    27  	err = tree.Unmarshal(&m)
    28  	if err != nil {
    29  		return nil, nil, fmt.Errorf("unable to parse Cargo.lock: %w", err)
    30  	}
    31  
    32  	var pkgs []pkg.Package
    33  
    34  	for _, p := range m.Packages {
    35  		if p.Dependencies == nil {
    36  			p.Dependencies = make([]string, 0)
    37  		}
    38  		pkgs = append(
    39  			pkgs,
    40  			newPackageFromCargoMetadata(
    41  				p,
    42  				reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
    43  			),
    44  		)
    45  	}
    46  
    47  	return pkgs, nil, nil
    48  }