github.com/noqcks/syft@v0.0.0-20230920222752-a9e2c4e288e5/test/integration/java_purl_test.go (about)

     1  package integration
     2  
     3  import (
     4  	"fmt"
     5  	"testing"
     6  
     7  	"github.com/stretchr/testify/assert"
     8  
     9  	"github.com/anchore/syft/syft/pkg"
    10  	"github.com/anchore/syft/syft/source"
    11  )
    12  
    13  func TestJavaPURLs(t *testing.T) {
    14  	sbom, _ := catalogFixtureImage(t, "image-test-java-purls", source.SquashedScope, nil)
    15  	found := make(map[string]string)
    16  	for _, p := range sbom.Artifacts.Packages.Sorted() {
    17  		if p.Type != pkg.JavaPkg && p.Type != pkg.JenkinsPluginPkg {
    18  			continue
    19  		}
    20  		key := fmt.Sprintf("%s@%s", p.Name, p.Version)
    21  		found[key] = p.PURL
    22  	}
    23  	for key, expectedPURL := range expectedPURLs {
    24  		purl := found[key]
    25  		assert.Equal(t, expectedPURL, purl, fmt.Sprintf("found wrong or missing PURL for %s want %s, got %s", key, expectedPURL, purl))
    26  	}
    27  	for key, foundPURL := range found {
    28  		expectedPURL := expectedPURLs[key]
    29  		assert.Equal(t, expectedPURL, foundPURL, fmt.Sprintf("found extra purl for %s want %s, got %s", key, expectedPURL, foundPURL))
    30  	}
    31  }
    32  
    33  // Constructed by:
    34  // syft anchore/test_images:java-56d52bc -o template -t /tmp/test.templ | grep 'pkg:maven' | sort | uniq >> test/integration/java_purl_test.go
    35  // where the template is:
    36  /*
    37  {{ range .Artifacts}}"{{.Name}}@{{.Version}}":"{{.PURL}}",
    38  {{ end }}
    39  */
    40  // The map was then hand-edited for correctness by comparing to Maven Central.
    41  var expectedPURLs = map[string]string{
    42  	"TwilioNotifier@0.2.1":                            "pkg:maven/com.twilio.jenkins/TwilioNotifier@0.2.1",
    43  	"access-modifier-annotation@1.0":                  "pkg:maven/org.kohsuke/access-modifier-annotation@1.0",
    44  	"acegi-security@1.0.5":                            "pkg:maven/org.acegisecurity/acegi-security@1.0.5",
    45  	"activation@1.1.1-hudson-1":                       "pkg:maven/org.jvnet.hudson/activation@1.1.1-hudson-1",
    46  	"akuma@1.2":                                       "pkg:maven/com.sun.akuma/akuma@1.2",
    47  	"animal-sniffer-annotation@1.0":                   "pkg:maven/org.jvnet/animal-sniffer-annotation@1.0",
    48  	"annotation-indexer@1.2":                          "pkg:maven/org.jvnet.hudson/annotation-indexer@1.2",
    49  	"annotations@13.0":                                "pkg:maven/org.jetbrains/annotations@13.0",
    50  	"ant-launcher@1.8.0":                              "pkg:maven/org.apache.ant/ant-launcher@1.8.0",
    51  	"ant@1.8.0":                                       "pkg:maven/org.apache.ant/ant@1.8.0",
    52  	"antlr@2.7.6":                                     "pkg:maven/antlr/antlr@2.7.6",
    53  	"aopalliance@1.0":                                 "pkg:maven/aopalliance/aopalliance@1.0",
    54  	"args4j@2.0.16":                                   "pkg:maven/args4j/args4j@2.0.16",
    55  	"asm-commons@2.2.3":                               "pkg:maven/asm-commons/asm-commons@2.2.3",
    56  	"asm-tree@2.2.3":                                  "pkg:maven/asm-tree/asm-tree@2.2.3",
    57  	"asm@2.2.3":                                       "pkg:maven/asm/asm@2.2.3",
    58  	"avalon-framework@4.1.3":                          "pkg:maven/avalon-framework/avalon-framework@4.1.3",
    59  	"bridge-method-annotation@1.2":                    "pkg:maven/com.infradna.tool/bridge-method-annotation@1.2",
    60  	"classworlds@1.1":                                 "pkg:maven/org.codehaus.classworlds/classworlds@1.1",
    61  	"cli@1.390":                                       "pkg:maven/org.jvnet.hudson.main/cli@1.390",
    62  	"commons-beanutils@1.8.0":                         "pkg:maven/commons-beanutils/commons-beanutils@1.8.0",
    63  	"commons-codec@1.2":                               "pkg:maven/commons-codec/commons-codec@1.2",
    64  	"commons-codec@1.4":                               "pkg:maven/commons-codec/commons-codec@1.4",
    65  	"commons-collections@3.2":                         "pkg:maven/commons-collections/commons-collections@3.2",
    66  	"commons-digester@1.7":                            "pkg:maven/commons-digester/commons-digester@1.7",
    67  	"commons-discovery@0.4":                           "pkg:maven/commons-discovery/commons-discovery@0.4",
    68  	"commons-fileupload@1.2.1":                        "pkg:maven/commons-fileupload/commons-fileupload@1.2.1",
    69  	"commons-httpclient@3.1":                          "pkg:maven/org.apache/commons-httpclient@3.1",
    70  	"commons-httpclient@3.1-rc1":                      "pkg:maven/commons-httpclient/commons-httpclient@3.1-rc1",
    71  	"commons-io@1.4":                                  "pkg:maven/commons-io/commons-io@1.4",
    72  	"commons-jelly-tags-define@1.0.1-hudson-20071021": "pkg:maven/org.jvnet.hudson/commons-jelly-tags-define@1.0.1-hudson-20071021",
    73  	"commons-jelly-tags-fmt@1.0":                      "pkg:maven/commons-jelly-tags-fmt/commons-jelly-tags-fmt@1.0",
    74  	"commons-jelly-tags-xml@1.1":                      "pkg:maven/commons-jelly-tags-xml/commons-jelly-tags-xml@1.1",
    75  	"commons-jelly@1.1-hudson-20100305":               "pkg:maven/org.jvnet.hudson/commons-jelly@1.1-hudson-20100305",
    76  	"commons-jexl@1.1-hudson-20090508":                "pkg:maven/org.jvnet.hudson/commons-jexl@1.1-hudson-20090508",
    77  	"commons-lang@2.4":                                "pkg:maven/commons-lang/commons-lang@2.4",
    78  	"commons-lang@2.5":                                "pkg:maven/commons-lang/commons-lang@2.5",
    79  	"commons-logging@1.0.4":                           "pkg:maven/org.apache.commons.logging/commons-logging@1.0.4",
    80  	"commons-logging@1.1":                             "pkg:maven/org.apache.commons.logging/commons-logging@1.1",
    81  	"commons-logging@1.1.1":                           "pkg:maven/commons-logging/commons-logging@1.1.1",
    82  	"commons-pool@1.3":                                "pkg:maven/commons-pool/commons-pool@1.3",
    83  	"crypto-util@1.0":                                 "pkg:maven/org.jvnet.hudson/crypto-util@1.0",
    84  	"cvs@1.2":                                         "pkg:maven/org.jvnet.hudson.plugins/cvs@1.2",
    85  	"dom4j@1.6.1-hudson-3":                            "pkg:maven/dom4j/dom4j@1.6.1-hudson-3",
    86  	"doxia-sink-api@1.0-alpha-10":                     "pkg:maven/org.apache.maven.doxia/doxia-sink-api@1.0-alpha-10",
    87  	"easymock@2.4":                                    "pkg:maven/org.easymock/easymock@2.4",
    88  	"embedded_su4j@1.1":                               "pkg:maven/com.sun.solaris/embedded_su4j@1.1",
    89  	"example-java-app-gradle@0.1.0":                   "pkg:maven/example-java-app-gradle/example-java-app-gradle@0.1.0",
    90  	"ezmorph@1.0.3":                                   "pkg:maven/net.sf.ezmorph/ezmorph@1.0.3",
    91  	"graph-layouter@1.0":                              "pkg:maven/org.kohsuke/graph-layouter@1.0",
    92  	"groovy-all@1.6.0":                                "pkg:maven/groovy-all/groovy-all@1.6.0",
    93  	"gson@2.8.6":                                      "pkg:maven/com.google.code.gson/gson@2.8.6",
    94  	"guava@r06":                                       "pkg:maven/com.google.guava/guava@r06",
    95  	"httpclient@4.1.1":                                "pkg:maven/org.apache.httpcomponents/httpclient@4.1.1",
    96  	"httpcore@4.1":                                    "pkg:maven/org.apache.httpcomponents/httpcore@4.1",
    97  	"hudson-cli@":                                     "pkg:maven/hudson-cli/hudson-cli",
    98  	"hudson-core@1.390":                               "pkg:maven/org.jvnet.hudson.main/hudson-core@1.390",
    99  	"hudson-war@1.390":                                "pkg:maven/org.jvnet.hudson.main/hudson-war@1.390",
   100  	"j-interop@2.0.5":                                 "pkg:maven/j-interop/j-interop@2.0.5",
   101  	"j-interopdeps@2.0.5":                             "pkg:maven/j-interopdeps/j-interopdeps@2.0.5",
   102  	"jaxen@1.1-beta-11":                               "pkg:maven/org.jaxen/jaxen@1.1-beta-11",
   103  	"jcaptcha-all@1.0-RC6":                            "pkg:maven/jcaptcha-all/jcaptcha-all@1.0-RC6",
   104  	"jcifs@1.3.14-kohsuke-1":                          "pkg:maven/org.samba.jcifs/jcifs@1.3.14-kohsuke-1",
   105  	"jcommon@1.0.12":                                  "pkg:maven/jfree/jcommon@1.0.12",
   106  	"jfreechart@1.0.9":                                "pkg:maven/jfreechart/jfreechart@1.0.9",
   107  	"jinterop-proxy@1.1":                              "pkg:maven/org.kohsuke.jinterop/jinterop-proxy@1.1",
   108  	"jinterop-wmi@1.0":                                "pkg:maven/org.jvnet.hudson/jinterop-wmi@1.0",
   109  	"jline@0.9.94":                                    "pkg:maven/jline/jline@0.9.94",
   110  	"jmdns@3.1.6-hudson-2":                            "pkg:maven/com.strangeberry.jmdns.tools.Main/jmdns@3.1.6-hudson-2",
   111  	"jna-posix@1.0.3":                                 "pkg:maven/org.jruby.ext.posix/jna-posix@1.0.3",
   112  	"jna@3.2.4":                                       "pkg:maven/com.sun.jna/jna@3.2.4",
   113  	"jsch@0.1.27":                                     "pkg:maven/jsch/jsch@0.1.27",
   114  	"json-lib@2.1-rev6":                               "pkg:maven/json-lib/json-lib@2.1-rev6",
   115  	"json@20200518":                                   "pkg:maven/org.json/json@20200518",
   116  	"jstl@1.1.0":                                      "pkg:maven/com.sun/jstl@1.1.0",
   117  	"jtidy@4aug2000r7-dev-hudson-1":                   "pkg:maven/jtidy/jtidy@4aug2000r7-dev-hudson-1",
   118  	"junit@4.13.1":                                    "pkg:maven/junit/junit@4.13.1",
   119  	"kotlin-stdlib-common@1.3.70":                     "pkg:maven/kotlin-stdlib-common/kotlin-stdlib-common@1.3.70",
   120  	"kotlin-stdlib@1.3.70":                            "pkg:maven/kotlin-stdlib/kotlin-stdlib@1.3.70",
   121  	"libpam4j@1.2":                                    "pkg:maven/org.jvnet.libpam4j/libpam4j@1.2",
   122  	"libzfs@0.5":                                      "pkg:maven/org.jvnet.libzfs/libzfs@0.5",
   123  	"localizer@1.10":                                  "pkg:maven/org.jvnet.localizer/localizer@1.10",
   124  	"log4j@1.2.9":                                     "pkg:maven/log4j/log4j@1.2.9",
   125  	"logkit@1.0.1":                                    "pkg:maven/logkit/logkit@1.0.1",
   126  	"mail@1.4":                                        "pkg:maven/com.sun/mail@1.4",
   127  	"maven-agent@1.390":                               "pkg:maven/org.jvnet.hudson.main/maven-agent@1.390",
   128  	"maven-artifact-manager@2.0.9":                    "pkg:maven/org.apache.maven/maven-artifact-manager@2.0.9",
   129  	"maven-artifact@2.0.9":                            "pkg:maven/org.apache.maven/maven-artifact@2.0.9",
   130  	"maven-core@2.0.9":                                "pkg:maven/org.apache.maven/maven-core@2.0.9",
   131  	"maven-embedder@2.0.4":                            "pkg:maven/org.apache.maven/maven-embedder@2.0.4",
   132  	"maven-embedder@2.0.4-hudson-1":                   "pkg:maven/org.jvnet.hudson/maven-embedder@2.0.4-hudson-1",
   133  	"maven-error-diagnostics@2.0.9":                   "pkg:maven/org.apache.maven/maven-error-diagnostics@2.0.9",
   134  	"maven-interceptor@1.390":                         "pkg:maven/org.jvnet.hudson.main/maven-interceptor@1.390",
   135  	"maven-model@2.0.9":                               "pkg:maven/org.apache.maven/maven-model@2.0.9",
   136  	"maven-monitor@2.0.9":                             "pkg:maven/org.apache.maven/maven-monitor@2.0.9",
   137  	"maven-plugin-api@2.0.9":                          "pkg:maven/org.apache.maven/maven-plugin-api@2.0.9",
   138  	"maven-plugin-descriptor@2.0.9":                   "pkg:maven/org.apache.maven/maven-plugin-descriptor@2.0.9",
   139  	"maven-plugin-parameter-documenter@2.0.9":         "pkg:maven/org.apache.maven/maven-plugin-parameter-documenter@2.0.9",
   140  	"maven-plugin-registry@2.0.9":                     "pkg:maven/org.apache.maven/maven-plugin-registry@2.0.9",
   141  	"maven-plugin@1.390":                              "pkg:maven/org.jvnet.hudson.main/maven-plugin@1.390",
   142  	"maven-profile@2.0.9":                             "pkg:maven/org.apache.maven/maven-profile@2.0.9",
   143  	"maven-project@2.0.9":                             "pkg:maven/org.apache.maven/maven-project@2.0.9",
   144  	"maven-reporting-api@2.0.9":                       "pkg:maven/org.apache.maven.reporting/maven-reporting-api@2.0.9",
   145  	"maven-repository-metadata@2.0.9":                 "pkg:maven/org.apache.maven/maven-repository-metadata@2.0.9",
   146  	"maven-settings@2.0.9":                            "pkg:maven/org.apache.maven/maven-settings@2.0.9",
   147  	"maven2.1-interceptor@1.2":                        "pkg:maven/org.jvnet.hudson/maven2.1-interceptor@1.2",
   148  	"memory-monitor@1.3":                              "pkg:maven/org.jvnet.hudson/memory-monitor@1.3",
   149  	"nomad@0.7.4":                                     "pkg:maven/org.jenkins-ci.plugins/nomad@0.7.4",
   150  	"okhttp@4.5.0":                                    "pkg:maven/com.squareup.okhttp3/okhttp@4.5.0",
   151  	"okio@2.5.0":                                      "pkg:maven/com.squareup.okio/okio@2.5.0",
   152  	"oro@2.0.8":                                       "pkg:maven/org.apache.oro/oro@2.0.8",
   153  	"plexus-container-default@1.0-alpha-9-stable-1":   "pkg:maven/org.codehaus.plexus/plexus-container-default@1.0-alpha-9-stable-1",
   154  	"plexus-interactivity-api@1.0-alpha-4":            "pkg:maven/org.codehaus.plexus/plexus-interactivity-api@1.0-alpha-4",
   155  	"plexus-utils@1.5.1":                              "pkg:maven/org.codehaus.plexus/plexus-utils@1.5.1",
   156  	"remoting@1.390":                                  "pkg:maven/org.jvnet.hudson.main/remoting@1.390",
   157  	"robust-http-client@1.1":                          "pkg:maven/org.jvnet.robust-http-client/robust-http-client@1.1",
   158  	"sdk@3.0":                                         "pkg:maven/sdk/sdk@3.0",
   159  	"sezpoz@1.7":                                      "pkg:maven/net.java.sezpoz/sezpoz@1.7",
   160  	"slave@":                                          "pkg:maven/slave/slave",
   161  	"slide-webdavlib@2.1":                             "pkg:maven/slide-webdavlib/slide-webdavlib@2.1",
   162  	"spring-aop@2.5":                                  "pkg:maven/org.springframework.bundle.spring.aop/spring-aop@2.5",
   163  	"spring-beans@2.5":                                "pkg:maven/org.springframework/spring-beans@2.5",
   164  	"spring-context@2.5":                              "pkg:maven/org.springframework.bundle.spring.context/spring-context@2.5",
   165  	"spring-core@2.5":                                 "pkg:maven/org.springframework/spring-core@2.5",
   166  	"spring-dao@1.2.9":                                "pkg:maven/spring-dao/spring-dao@1.2.9",
   167  	"spring-jdbc@1.2.9":                               "pkg:maven/spring-jdbc/spring-jdbc@1.2.9",
   168  	"spring-web@2.5":                                  "pkg:maven/org.springframework/spring-web@2.5",
   169  	"ssh-slaves@0.14":                                 "pkg:maven/org.jvnet.hudson.plugins/ssh-slaves@0.14",
   170  	"stapler-adjunct-timeline@1.2":                    "pkg:maven/org.kohsuke.stapler/stapler-adjunct-timeline@1.2",
   171  	"stapler-jelly@1.155":                             "pkg:maven/org.kohsuke.stapler/stapler-jelly@1.155",
   172  	"stapler@1.155":                                   "pkg:maven/org.kohsuke.stapler/stapler@1.155",
   173  	"stax-api@1.0.1":                                  "pkg:maven/stax-api/stax-api@1.0.1",
   174  	"subversion@1.20":                                 "pkg:maven/org.jvnet.hudson.plugins/subversion@1.20",
   175  	"svnkit@1.3.4-hudson-2":                           "pkg:maven/svnkit/svnkit@1.3.4-hudson-2",
   176  	"task-reactor@1.2":                                "pkg:maven/org.jvnet.hudson/task-reactor@1.2",
   177  	"tiger-types@1.3":                                 "pkg:maven/org.jvnet/tiger-types@1.3",
   178  	"trilead-putty-extension@1.0":                     "pkg:maven/org.kohsuke/trilead-putty-extension@1.0",
   179  	"trilead-ssh2@build212-hudson-5":                  "pkg:maven/org.jvnet.hudson/trilead-ssh2@build212-hudson-5",
   180  	"txw2@20070624":                                   "pkg:maven/txw2/txw2@20070624",
   181  	"wagon-file@1.0-beta-2":                           "pkg:maven/org.apache.maven.wagon/wagon-file@1.0-beta-2",
   182  	"wagon-http-lightweight@1.0-beta-2":               "pkg:maven/org.apache.maven.wagon/wagon-http-lightweight@1.0-beta-2",
   183  	"wagon-http-shared@1.0-beta-2":                    "pkg:maven/org.apache.maven.wagon/wagon-http-shared@1.0-beta-2",
   184  	"wagon-provider-api@1.0-beta-2":                   "pkg:maven/org.apache.maven.wagon/wagon-provider-api@1.0-beta-2",
   185  	"wagon-ssh-common@1.0-beta-2":                     "pkg:maven/org.apache.maven.wagon/wagon-ssh-common@1.0-beta-2",
   186  	"wagon-ssh-external@1.0-beta-2":                   "pkg:maven/org.apache.maven.wagon/wagon-ssh-external@1.0-beta-2",
   187  	"wagon-ssh@1.0-beta-2":                            "pkg:maven/org.apache.maven.wagon/wagon-ssh@1.0-beta-2",
   188  	"wagon-webdav@1.0-beta-2-hudson-1":                "pkg:maven/org.jvnet.hudson/wagon-webdav@1.0-beta-2-hudson-1",
   189  	"windows-remote-command@1.0":                      "pkg:maven/org.jvnet.hudson/windows-remote-command@1.0",
   190  	"winp@1.14":                                       "pkg:maven/org.jvnet.winp/winp@1.14",
   191  	"winstone@0.9.10-hudson-24":                       "pkg:maven/org.jvnet.hudson.winstone/winstone@0.9.10-hudson-24",
   192  	"wstx-asl@3.2.7":                                  "pkg:maven/wstx-asl/wstx-asl@3.2.7",
   193  	"xml-im-exporter@1.1":                             "pkg:maven/xml-im-exporter/xml-im-exporter@1.1",
   194  	"xpp3@1.1.4c":                                     "pkg:maven/xpp3/xpp3@1.1.4c",
   195  	"xpp3_min@1.1.4c":                                 "pkg:maven/xpp3_min/xpp3_min@1.1.4c",
   196  	"xstream@1.3.1-hudson-8":                          "pkg:maven/org.jvnet.hudson/xstream@1.3.1-hudson-8",
   197  }