github.com/nextlinux/gosbom@v0.81.1-0.20230627115839-1ff50c281391/test/integration/catalog_packages_cases_test.go (about) 1 package integration 2 3 import "github.com/nextlinux/gosbom/gosbom/pkg" 4 5 type testCase struct { 6 name string 7 pkgType pkg.Type 8 pkgLanguage pkg.Language 9 duplicates int 10 pkgInfo map[string]string 11 } 12 13 var imageOnlyTestCases = []testCase{ 14 { 15 name: "find gemspec packages", 16 pkgType: pkg.GemPkg, 17 pkgLanguage: pkg.Ruby, 18 pkgInfo: map[string]string{ 19 // specifications in the root specification directory 20 "bundler": "2.1.4", 21 // specifications in named directories 22 "unbundler": "3.1.4", 23 }, 24 }, 25 { 26 name: "find npm package", 27 pkgType: pkg.NpmPkg, 28 pkgLanguage: pkg.JavaScript, 29 pkgInfo: map[string]string{ 30 "npm": "6.14.6", 31 }, 32 }, 33 { 34 name: "find python egg & wheel packages", 35 pkgType: pkg.PythonPkg, 36 pkgLanguage: pkg.Python, 37 pkgInfo: map[string]string{ 38 "Pygments": "2.6.1", 39 "requests": "2.22.0", 40 "somerequests": "3.22.0", 41 "someotherpkg": "3.19.0", 42 }, 43 }, 44 { 45 name: "find PHP composer installed.json packages", 46 pkgType: pkg.PhpComposerPkg, 47 pkgLanguage: pkg.PHP, 48 pkgInfo: map[string]string{ 49 "nikic/fast-route": "v1.3.0", 50 "psr/container": "2.0.2", 51 "psr/http-factory": "1.0.1", 52 }, 53 }, 54 { 55 // When the image is build lib overwrites pkgs/lib causing there to only be two packages 56 name: "find apkdb packages", 57 pkgType: pkg.ApkPkg, 58 pkgInfo: map[string]string{ 59 "musl-utils": "1.1.24-r2", 60 "libc-utils": "0.7.2-r0", 61 }, 62 }, 63 { 64 name: "find java packages excluding pom.xml", // image scans can not include packages that have yet to be installed 65 pkgType: pkg.JavaPkg, 66 pkgLanguage: pkg.Java, 67 pkgInfo: map[string]string{ 68 "example-java-app-maven": "0.1.0", 69 "joda-time": "2.9.2", 70 }, 71 }, 72 { 73 name: "find R packages", 74 pkgType: pkg.Rpkg, 75 pkgLanguage: pkg.R, 76 pkgInfo: map[string]string{ 77 "base": "4.3.0", 78 }, 79 }, 80 } 81 82 var dirOnlyTestCases = []testCase{ 83 { 84 name: "find gemfile packages", 85 pkgType: pkg.GemPkg, 86 pkgLanguage: pkg.Ruby, 87 pkgInfo: map[string]string{ 88 "actionmailer": "4.1.1", 89 "actionpack": "4.1.1", 90 "actionview": "4.1.1", 91 "activemodel": "4.1.1", 92 "activerecord": "4.1.1", 93 "activesupport": "4.1.1", 94 "arel": "5.0.1.20140414130214", 95 "bootstrap-sass": "3.1.1.1", 96 "builder": "3.2.2", 97 "coffee-rails": "4.0.1", 98 "coffee-script": "2.2.0", 99 "coffee-script-source": "1.7.0", 100 "erubis": "2.7.0", 101 "execjs": "2.0.2", 102 "google-cloud-errors": "1.3.0", 103 "hike": "1.2.3", 104 "i18n": "0.6.9", 105 "jbuilder": "2.0.7", 106 "jquery-rails": "3.1.0", 107 "json": "1.8.1", 108 "kgio": "2.9.2", 109 "libv8": "3.16.14.3", 110 "mail": "2.5.4", 111 "mime-types": "1.25.1", 112 "minitest": "5.3.4", 113 "multi_json": "1.10.1", 114 "mysql2": "0.3.16", 115 "polyglot": "0.3.4", 116 "rack": "1.5.2", 117 "rack-test": "0.6.2", 118 "rails": "4.1.1", 119 "railties": "4.1.1", 120 "raindrops": "0.13.0", 121 "rake": "10.3.2", 122 "rdoc": "4.1.1", 123 "ref": "1.0.5", 124 "sass": "3.2.19", 125 "sass-rails": "4.0.3", 126 "sdoc": "0.4.0", 127 "spring": "1.1.3", 128 "sprockets": "2.11.0", 129 "sprockets-rails": "2.1.3", 130 "sqlite3": "1.3.9", 131 "therubyracer": "0.12.1", 132 "thor": "0.19.1", 133 "thread_safe": "0.3.3", 134 "tilt": "1.4.1", 135 "treetop": "1.4.15", 136 "turbolinks": "3.0.0", 137 "tzinfo": "1.2.0", 138 "uglifier": "2.5.0", 139 "unicorn": "4.8.3", 140 }, 141 }, 142 { 143 name: "find javascript npm packages (yarn.lock & package-lock.json)", 144 pkgType: pkg.NpmPkg, 145 pkgLanguage: pkg.JavaScript, 146 pkgInfo: map[string]string{ 147 "@babel/code-frame": "7.10.4", 148 "get-stdin": "8.0.0", 149 }, 150 }, 151 { 152 name: "find python requirements.txt & setup.py package references", 153 pkgType: pkg.PythonPkg, 154 pkgLanguage: pkg.Python, 155 pkgInfo: map[string]string{ 156 // dir specific test cases 157 "flask": "4.0.0", 158 "python-dateutil": "2.8.1", 159 "python-swiftclient": "3.8.1", 160 "pytz": "2019.3", 161 "jsonschema": "2.6.0", 162 "passlib": "1.7.2", 163 "mypy": "v0.770", 164 // common to image and directory 165 "Pygments": "2.6.1", 166 "requests": "2.22.0", 167 "somerequests": "3.22.0", 168 "someotherpkg": "3.19.0", 169 }, 170 }, 171 { 172 name: "find golang modules", 173 pkgType: pkg.GoModulePkg, 174 pkgLanguage: pkg.Go, 175 pkgInfo: map[string]string{ 176 "github.com/bmatcuk/doublestar": "v1.3.1", 177 }, 178 }, 179 { 180 name: "find conan packages", 181 pkgType: pkg.ConanPkg, 182 pkgLanguage: pkg.CPP, 183 pkgInfo: map[string]string{ 184 "catch2": "2.13.8", 185 "docopt.cpp": "0.6.3", 186 "fmt": "8.1.1", 187 "spdlog": "1.9.2", 188 "sdl": "2.0.20", 189 "fltk": "1.3.8", 190 }, 191 }, 192 { 193 name: "find rust crates", 194 pkgType: pkg.RustPkg, 195 pkgLanguage: pkg.Rust, 196 pkgInfo: map[string]string{ 197 "memchr": "2.3.3", 198 "nom": "4.2.3", 199 "version_check": "0.1.5", 200 }, 201 }, 202 { 203 name: "find apkdb packages", 204 pkgType: pkg.ApkPkg, 205 duplicates: 2, // when the directory is cataloged we have duplicates between lib/ and pkgs/lib 206 pkgInfo: map[string]string{ 207 "musl-utils": "1.1.24-r2", 208 "libc-utils": "0.7.2-r0", 209 }, 210 }, 211 { 212 name: "find php composer package", 213 pkgType: pkg.PhpComposerPkg, 214 pkgLanguage: pkg.PHP, 215 pkgInfo: map[string]string{ 216 "adoy/fastcgi-client": "1.0.2", 217 "alcaeus/mongo-php-adapter": "1.1.11", 218 }, 219 }, 220 { 221 name: "find pubspec lock packages", 222 pkgType: pkg.DartPubPkg, 223 pkgLanguage: pkg.Dart, 224 pkgInfo: map[string]string{ 225 "ansicolor": "1.1.1", 226 "archive": "2.0.13", 227 "args": "1.6.0", 228 "key_binder": "1.11.20", 229 "ale": "3.3.0", 230 "analyzer": "0.40.7", 231 }, 232 }, 233 { 234 name: "find dotnet packages", 235 pkgType: pkg.DotnetPkg, 236 pkgLanguage: pkg.Dotnet, 237 pkgInfo: map[string]string{ 238 "AWSSDK.Core": "3.7.10.6", 239 "Microsoft.Extensions.DependencyInjection": "6.0.0", 240 "Microsoft.Extensions.DependencyInjection.Abstractions": "6.0.0", 241 "Microsoft.Extensions.Logging": "6.0.0", 242 "Microsoft.Extensions.Logging.Abstractions": "6.0.0", 243 "Microsoft.Extensions.Options": "6.0.0", 244 "Microsoft.Extensions.Primitives": "6.0.0", 245 "Newtonsoft.Json": "13.0.1", 246 "Serilog": "2.10.0", 247 "Serilog.Sinks.Console": "4.0.1", 248 "System.Diagnostics.DiagnosticSource": "6.0.0", 249 "System.Runtime.CompilerServices.Unsafe": "6.0.0", 250 }, 251 }, 252 { 253 name: "find java packages including pom.xml", // directory scans can include packages that have yet to be installed 254 pkgType: pkg.JavaPkg, 255 pkgLanguage: pkg.Java, 256 duplicates: 1, // joda-time is included in both pom.xml AND the .jar collection 257 pkgInfo: map[string]string{ 258 "example-java-app-maven": "0.1.0", 259 "joda-time": "2.9.2", 260 "junit": "4.12", 261 }, 262 }, 263 { 264 name: "find cocoapods packages", 265 pkgType: pkg.CocoapodsPkg, 266 pkgLanguage: pkg.Swift, 267 pkgInfo: map[string]string{ 268 "GlossButtonNode": "3.1.2", 269 "PINCache": "3.0.3", 270 "PINCache/Arc-exception-safe": "3.0.3", 271 "PINCache/Core": "3.0.3", 272 "PINOperation": "1.2.1", 273 "PINRemoteImage/Core": "3.0.3", 274 "PINRemoteImage/iOS": "3.0.3", 275 "PINRemoteImage/PINCache": "3.0.3", 276 "Reveal-SDK": "33", 277 "SwiftGen": "6.5.1", 278 "Texture": "3.1.0", 279 "Texture/AssetsLibrary": "3.1.0", 280 "Texture/Core": "3.1.0", 281 "Texture/MapKit": "3.1.0", 282 "Texture/Photos": "3.1.0", 283 "Texture/PINRemoteImage": "3.1.0", 284 "Texture/Video": "3.1.0", 285 "TextureSwiftSupport": "3.13.0", 286 "TextureSwiftSupport/Components": "3.13.0", 287 "TextureSwiftSupport/Experiments": "3.13.0", 288 "TextureSwiftSupport/Extensions": "3.13.0", 289 "TextureSwiftSupport/LayoutSpecBuilders": "3.13.0", 290 "TinyConstraints": "4.0.2", 291 }, 292 }, 293 { 294 name: "find hackage packages", 295 pkgType: pkg.HackagePkg, 296 pkgLanguage: pkg.Haskell, 297 pkgInfo: map[string]string{ 298 "Cabal": "3.2.1.0", 299 "Diff": "0.4.1", 300 "HTTP": "4000.3.16", 301 "HUnit": "1.6.2.0", 302 "OneTuple": "0.3.1", 303 "Only": "0.1", 304 "PyF": "0.10.2.0", 305 "QuickCheck": "2.14.2", 306 "RSA": "2.4.1", 307 "SHA": "1.6.4.4", 308 "Spock": "0.14.0.0", 309 "ShellCheck": "0.8.0", 310 "colourista": "0.1.0.1", 311 "language-docker": "11.0.0", 312 "spdx": "1.0.0.2", 313 "hspec": "2.9.4", 314 "hspec-core": "2.9.4", 315 "hspec-discover": "2.9.4", 316 "stm": "2.5.0.2", 317 "configurator-pg": "0.2.6", 318 "hasql-dynamic-statements": "0.3.1.1", 319 "hasql-implicits": "0.1.0.4", 320 "hasql-pool": "0.5.2.2", 321 "lens-aeson": "1.1.3", 322 "optparse-applicative": "0.16.1.0", 323 "protolude": "0.3.2", 324 "ptr": "0.16.8.2", 325 }, 326 }, 327 { 328 name: "find hex packages", 329 pkgType: pkg.HexPkg, 330 pkgLanguage: pkg.Elixir + "," + pkg.Erlang, 331 pkgInfo: map[string]string{ 332 // elixir 333 "castore": "0.1.17", 334 "connection": "1.1.0", 335 "cowboy": "2.9.0", 336 "cowboy_telemetry": "0.4.0", 337 "cowlib": "2.11.0", 338 "db_connection": "2.4.2", 339 "decimal": "2.0.0", 340 "earmark_parser": "1.4.25", 341 "ecto": "3.8.1", 342 "ecto_sql": "3.8.1", 343 "esbuild": "0.5.0", 344 "ex_doc": "0.28.4", 345 "gettext": "0.19.1", 346 "hpax": "0.1.1", 347 "jason": "1.3.0", 348 349 // erlang 350 "certifi": "2.9.0", 351 "idna": "6.1.1", 352 "metrics": "1.0.1", 353 "mimerl": "1.2.0", 354 "parse_trans": "3.3.1", 355 "ssl_verify_fun": "1.1.6", 356 "unicode_util_compat": "0.7.0", 357 }, 358 }, 359 } 360 361 var commonTestCases = []testCase{ 362 { 363 name: "find alpm packages", 364 pkgType: pkg.AlpmPkg, 365 pkgInfo: map[string]string{ 366 "pacman": "6.0.1-5", 367 }, 368 }, 369 { 370 name: "find rpmdb packages", 371 pkgType: pkg.RpmPkg, 372 pkgInfo: map[string]string{ 373 "dive": "0.9.2-1", 374 }, 375 }, 376 { 377 name: "find dpkg packages", 378 pkgType: pkg.DebPkg, 379 pkgInfo: map[string]string{ 380 "apt": "1.8.2", 381 "dash": "0.5.8-2.4", 382 "netbase": "5.4", 383 }, 384 }, 385 { 386 name: "find portage packages", 387 pkgType: pkg.PortagePkg, 388 pkgInfo: map[string]string{ 389 "app-containers/skopeo": "1.5.1", 390 }, 391 }, 392 393 { 394 name: "find jenkins plugins", 395 pkgType: pkg.JenkinsPluginPkg, 396 pkgLanguage: pkg.Java, 397 duplicates: 1, // there is a "example-jenkins-plugin" HPI, and nested within that a JAR of the same name 398 pkgInfo: map[string]string{ 399 "example-jenkins-plugin": "1.0-SNAPSHOT", 400 }, 401 }, 402 { 403 name: "find nix store packages", 404 pkgType: pkg.NixPkg, 405 pkgInfo: map[string]string{ 406 "glibc": "2.34-210", 407 }, 408 }, 409 }