github.com/noqcks/syft@v0.0.0-20230920222752-a9e2c4e288e5/syft/pkg/cataloger/rust/parse_cargo_lock.go

github.com/noqcks/syft@v0.0.0-20230920222752-a9e2c4e288e5/syft/pkg/cataloger/rust/parse_cargo_lock.go (about)

     1  package rust
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"github.com/pelletier/go-toml"
     7  
     8  	"github.com/anchore/syft/syft/artifact"
     9  	"github.com/anchore/syft/syft/file"
    10  	"github.com/anchore/syft/syft/pkg"
    11  	"github.com/anchore/syft/syft/pkg/cataloger/generic"
    12  )
    13  
    14  var _ generic.Parser = parseCargoLock
    15  
    16  type cargoLockFile struct {
    17  	Packages []pkg.CargoPackageMetadata `toml:"package"`
    18  }
    19  
    20  // parseCargoLock is a parser function for Cargo.lock contents, returning all rust cargo crates discovered.
    21  func parseCargoLock(_ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
    22  	tree, err := toml.LoadReader(reader)
    23  	if err != nil {
    24  		return nil, nil, fmt.Errorf("unable to load Cargo.lock for parsing: %w", err)
    25  	}
    26  
    27  	m := cargoLockFile{}
    28  	err = tree.Unmarshal(&m)
    29  	if err != nil {
    30  		return nil, nil, fmt.Errorf("unable to parse Cargo.lock: %w", err)
    31  	}
    32  
    33  	var pkgs []pkg.Package
    34  
    35  	for _, p := range m.Packages {
    36  		if p.Dependencies == nil {
    37  			p.Dependencies = make([]string, 0)
    38  		}
    39  		pkgs = append(
    40  			pkgs,
    41  			newPackageFromCargoMetadata(
    42  				p,
    43  				reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
    44  			),
    45  		)
    46  	}
    47  
    48  	return pkgs, nil, nil
    49  }