STRLCPY/grype

chore(deps): update Syft to v0.80.0 (#1276)
anchore-actions-token-generator[bot] committed with GitHub 12 months ago

f9df952a

1 parent cddc8bcf

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

■ ■ ■ ■ ■ ■

.gitignore

skipped 13 lines
14 14 *.tar
15 15 *tar.gz
16 16 .idea/
17 + *.iml
17 18 *.log
18 19 .images
19 20 .tmp/
skipped 21 lines

All occurrences

■ ■ ■ ■ ■ ■

go.mod

		skipped 52 lines
53	53		require (
54	54		github.com/anchore/go-logger v0.0.0-20220728155337-03b66a5207d8
55	55		github.com/anchore/sqlite v1.4.6-0.20220607210448-bcc6ee5c4963
56		-	github.com/anchore/syft v0.79.0
	56	+	github.com/anchore/syft v0.80.0
57	57		github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b
58	58		github.com/mitchellh/mapstructure v1.5.0
59	59		)
		skipped 60 lines
120	120		github.com/kevinburke/ssh_config v1.2.0 // indirect
121	121		github.com/klauspost/compress v1.16.4 // indirect
122	122		github.com/klauspost/pgzip v1.2.5 // indirect
123		-	github.com/knqyf263/go-rpmdb v0.0.0-20221030135625-4082a22221ce // indirect
	123	+	github.com/knqyf263/go-rpmdb v0.0.0-20230301153543-ba94b245509b // indirect
124	124		github.com/logrusorgru/aurora v0.0.0-20200102142835-e9ef32dff381 // indirect
125	125		github.com/magiconair/properties v1.8.7 // indirect
126	126		github.com/mattn/go-colorable v0.1.13 // indirect
		skipped 60 lines
187	187		lukechampine.com/uint128 v1.3.0 // indirect
188	188		modernc.org/cc/v3 v3.40.0 // indirect
189	189		modernc.org/ccgo/v3 v3.16.13 // indirect
190		-	modernc.org/libc v1.22.4 // indirect
	190	+	modernc.org/libc v1.22.5 // indirect
191	191		modernc.org/mathutil v1.5.0 // indirect
192	192		modernc.org/memory v1.5.0 // indirect
193	193		modernc.org/opt v0.1.3 // indirect
194		-	modernc.org/sqlite v1.21.2 // indirect
	194	+	modernc.org/sqlite v1.22.1 // indirect
195	195		modernc.org/strutil v1.1.3 // indirect
196	196		modernc.org/token v1.1.0 // indirect
197	197		)
		skipped 1 lines

■ ■ ■ ■ ■ ■

go.sum

		skipped 239 lines
240	240		github.com/anchore/sqlite v1.4.6-0.20220607210448-bcc6ee5c4963/go.mod h1:AVRyXOUP0hTz9Cb8OlD1XnwA8t4lBPfTuwPHmEUuiLc=
241	241		github.com/anchore/stereoscope v0.0.0-20230412183729-8602f1afc574 h1:VFX+FD9EH6am+tfqwr1KeCAmabAknSJQX95aIY3QJJI=
242	242		github.com/anchore/stereoscope v0.0.0-20230412183729-8602f1afc574/go.mod h1:2GGFHkHry/xDlEQgBrVGcarq+z7Z6hLnHdyhcKB2lfQ=
243		-	github.com/anchore/syft v0.79.0 h1:1X7obTqyIEpopueIq2T2RSGbuBA3MJcDnI94b+iEZk8=
244		-	github.com/anchore/syft v0.79.0/go.mod h1:lixQLUvBLnV3kd3kfL/653UXFTo6n38mU2i/RvWb5l4=
	243	+	github.com/anchore/syft v0.80.0 h1:2KCRjkxqscMUKLQsR7RTw39YQrxzOipVY1Db+/2Y7Qs=
	244	+	github.com/anchore/syft v0.80.0/go.mod h1:5zBFVARBz0+C/zwSLibQowriqC2CCca/K38QDfqfo2Y=
245	245		github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
246	246		github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
247	247		github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
		skipped 117 lines
365	365		github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
366	366		github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA=
367	367		github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
	368	+	github.com/glebarez/go-sqlite v1.20.3 h1:89BkqGOXR9oRmG58ZrzgoY/Fhy5x0M+/WV48U5zVrZ4=
368	369		github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY=
369	370		github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4=
370	371		github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4=
		skipped 233 lines
604	605		github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f/go.mod h1:q59u9px8b7UTj0nIjEjvmTWekazka6xIt6Uogz5Dm+8=
605	606		github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d h1:X4cedH4Kn3JPupAwwWuo4AzYp16P0OyLO9d7OnMZc/c=
606	607		github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d/go.mod h1:o8sgWoz3JADecfc/cTYD92/Et1yMqMy0utV1z+VaZao=
607		-	github.com/knqyf263/go-rpmdb v0.0.0-20221030135625-4082a22221ce h1:/w0hAcauo/FBVaBvNMQdPZgKjTu5Ip3jvGIM1+VUE7o=
608		-	github.com/knqyf263/go-rpmdb v0.0.0-20221030135625-4082a22221ce/go.mod h1:zp6SMcRd0GB+uwNJjr+DkrNZdQZ4er2HMO6KyD0vIGU=
	608	+	github.com/knqyf263/go-rpmdb v0.0.0-20230301153543-ba94b245509b h1:boYyvL3tbUuKcMN029mpCl7oYYJ7yIXujLj+fiW4Alc=
	609	+	github.com/knqyf263/go-rpmdb v0.0.0-20230301153543-ba94b245509b/go.mod h1:9LQcoMCMQ9vrF7HcDtXfvqGO4+ddxFQ8+YF/0CVGDww=
609	610		github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
610	611		github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
611	612		github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
		skipped 927 lines
1539	1540		modernc.org/libc v1.16.1/go.mod h1:JjJE0eu4yeK7tab2n4S1w8tlWd9MxXLRzheaRnAKymU=
1540	1541		modernc.org/libc v1.16.7/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU=
1541	1542		modernc.org/libc v1.16.8/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU=
1542		-	modernc.org/libc v1.22.4 h1:wymSbZb0AlrjdAVX3cjreCHTPCpPARbQXNz6BHPzdwQ=
1543		-	modernc.org/libc v1.22.4/go.mod h1:jj+Z7dTNX8fBScMVNRAYZ/jF91K8fdT2hYMThc3YjBY=
	1543	+	modernc.org/libc v1.22.5 h1:91BNch/e5B0uPbJFgqbxXuOnxBQjlS//icfQEGmvyjE=
	1544	+	modernc.org/libc v1.22.5/go.mod h1:jj+Z7dTNX8fBScMVNRAYZ/jF91K8fdT2hYMThc3YjBY=
1544	1545		modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
1545	1546		modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
1546	1547		modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
		skipped 5 lines
1552	1553		modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
1553	1554		modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
1554	1555		modernc.org/sqlite v1.17.3/go.mod h1:10hPVYar9C0kfXuTWGz8s0XtB8uAGymUy51ZzStYe3k=
1555		-	modernc.org/sqlite v1.21.2 h1:ixuUG0QS413Vfzyx6FWx6PYTmHaOegTY+hjzhn7L+a0=
1556		-	modernc.org/sqlite v1.21.2/go.mod h1:cxbLkB5WS32DnQqeH4h4o1B0eMr8W/y8/RGuxQ3JsC0=
	1556	+	modernc.org/sqlite v1.22.1 h1:P2+Dhp5FR1RlVRkQ3dDfCiv3Ok8XPxqpe70IjYVA9oE=
	1557	+	modernc.org/sqlite v1.22.1/go.mod h1:OrDj17Mggn6MhE+iPbBNf7RGKODDE9NFT0f3EwDzJqk=
1557	1558		modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw=
1558	1559		modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY=
1559	1560		modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
1560	1561		modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw=
1561		-	modernc.org/tcl v1.15.1 h1:mOQwiEK4p7HruMZcwKTZPw/aqtGM4aY00uzWhlKKYws=
	1562	+	modernc.org/tcl v1.15.2 h1:C4ybAYCGJw968e+Me18oW55kD/FexcHbqH2xak1ROSY=
1562	1563		modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
1563	1564		modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
1564	1565		modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
1565	1566		modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8=
1566		-	modernc.org/z v1.7.0 h1:xkDw/KepgEjeizO2sNco+hqYkU12taxQFqPEmgm1GWE=
	1567	+	modernc.org/z v1.7.3 h1:zDJf6iHjrnB+WRD88stbXokugjyc0/pB91ri1gO6LZY=
1567	1568		rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
1568	1569		rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
1569	1570		rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
		skipped 3 lines

■ ■ ■ ■ ■ ■

grype/pkg/package.go

		skipped 22 lines
23	23		// arch = "src"
24	24		var rpmPackageNamePattern = regexp.MustCompile(`^(?P<name>.)-(?P<version>.)-(?P<release>.*)\.(?P<arch>[a-zA-Z][^.]+)(\.rpm)$`)
25	25
26		-	// ID represents a unique value for each package added to a package catalog.
	26	+	// ID represents a unique value for each package added to a package collection.
27	27		type ID string
28	28
29	29		// Package represents an application or library that has been bundled into a distributable format.
		skipped 31 lines
61	61		}
62	62		}
63	63
64		-	func FromCatalog(catalog *pkg.Catalog, config SynthesisConfig) []Package {
	64	+	func FromCollection(catalog *pkg.Collection, config SynthesisConfig) []Package {
65	65		return FromPackages(catalog.Sorted(), config)
66	66		}
67	67
		skipped 23 lines
91	91		return fmt.Sprintf("Pkg(type=%s, name=%s, version=%s, upstreams=%d)", p.Type, p.Name, p.Version, len(p.Upstreams))
92	92		}
93	93
94		-	func removePackagesByOverlap(catalog pkg.Catalog, relationships []artifact.Relationship) pkg.Catalog {
	94	+	func removePackagesByOverlap(catalog pkg.Collection, relationships []artifact.Relationship) pkg.Collection {
95	95		byOverlap := map[artifact.ID]artifact.Relationship{}
96	96		for _, r := range relationships {
97	97		if r.Type == artifact.OwnershipByFileOverlapRelationship {
		skipped 1 lines
99	99		}
100	100		}
101	101
102		-	out := pkg.NewCatalog()
	102	+	out := pkg.NewCollection()
103	103
104	104		for p := range catalog.Enumerate() {
105	105		r, ok := byOverlap[p.ID()]
		skipped 181 lines

■ ■ ■ ■ ■ ■

grype/pkg/package_test.go

		skipped 418 lines
419	419		},
420	420		},
421	421		{
	422	+	name: "python-requirements-metadata",
	423	+	syftPkg: syftPkg.Package{
	424	+	MetadataType: syftPkg.PythonRequirementsMetadataType,
	425	+	Metadata: syftPkg.PythonRequirementsMetadata{
	426	+	Name: "a",
	427	+	Extras: []string{"a"},
	428	+	VersionConstraint: "a",
	429	+	URL: "a",
	430	+	Markers: map[string]string{"a": "a"},
	431	+	},
	432	+	},
	433	+	},
	434	+	{
422	435		name: "binary-metadata",
423	436		syftPkg: syftPkg.Package{
424	437		MetadataType: syftPkg.BinaryMetadataType,
		skipped 90 lines
515	528		}
516	529		}
517	530
518		-	func TestFromCatalog_DoesNotPanic(t *testing.T) {
519		-	catalog := syftPkg.NewCatalog()
	531	+	func TestFromCollection_DoesNotPanic(t *testing.T) {
	532	+	collection := syftPkg.NewCollection()
520	533
521	534		examplePackage := syftPkg.Package{
522	535		Name: "test",
		skipped 4 lines
527	540		Type: syftPkg.NpmPkg,
528	541		}
529	542
530		-	catalog.Add(examplePackage)
	543	+	collection.Add(examplePackage)
531	544		// add it again!
532		-	catalog.Add(examplePackage)
	545	+	collection.Add(examplePackage)
533	546
534	547		assert.NotPanics(t, func() {
535		-	_ = FromCatalog(catalog, SynthesisConfig{})
	548	+	_ = FromCollection(collection, SynthesisConfig{})
536	549		})
537	550		}
538	551
539		-	func TestFromCatalog_GeneratesCPEs(t *testing.T) {
540		-	catalog := syftPkg.NewCatalog()
	552	+	func TestFromCollection_GeneratesCPEs(t *testing.T) {
	553	+	collection := syftPkg.NewCollection()
541	554
542		-	catalog.Add(syftPkg.Package{
	555	+	collection.Add(syftPkg.Package{
543	556		Name: "first",
544	557		Version: "1",
545	558		CPEs: []cpe.CPE{
		skipped 1 lines
547	560		},
548	561		})
549	562
550		-	catalog.Add(syftPkg.Package{
	563	+	collection.Add(syftPkg.Package{
551	564		Name: "second",
552	565		Version: "2",
553	566		})
554	567
555	568		// doesn't generate cpes when no flag
556		-	pkgs := FromCatalog(catalog, SynthesisConfig{})
	569	+	pkgs := FromCollection(collection, SynthesisConfig{})
557	570		assert.Len(t, pkgs[0].CPEs, 1)
558	571		assert.Len(t, pkgs[1].CPEs, 0)
559	572
560	573		// does generate cpes with the flag
561		-	pkgs = FromCatalog(catalog, SynthesisConfig{
	574	+	pkgs = FromCollection(collection, SynthesisConfig{
562	575		GenerateMissingCPEs: true,
563	576		})
564	577		assert.Len(t, pkgs[0].CPEs, 1)
		skipped 76 lines
641	654		}
642	655		for _, test := range tests {
643	656		t.Run(test.name, func(t *testing.T) {
644		-	catalog := removePackagesByOverlap(test.sbom.catalog, test.sbom.relationships)
645		-	pkgs := FromCatalog(catalog, SynthesisConfig{})
	657	+	catalog := removePackagesByOverlap(test.sbom.collection, test.sbom.relationships)
	658	+	pkgs := FromCollection(catalog, SynthesisConfig{})
646	659		var pkgNames []string
647	660		for _, p := range pkgs {
648	661		pkgNames = append(pkgNames, fmt.Sprintf("%s:%s@%s", p.Type, p.Name, p.Version))
		skipped 4 lines
653	666		}
654	667
655	668		type catalogRelationships struct {
656		-	catalog *syftPkg.Catalog
	669	+	collection *syftPkg.Collection
657	670		relationships []artifact.Relationship
658	671		}
659	672
		skipped 44 lines
704	717		})
705	718		}
706	719
707		-	catalog := syftPkg.NewCatalog(pkgs...)
	720	+	catalog := syftPkg.NewCollection(pkgs...)
708	721
709	722		return catalogRelationships{
710		-	catalog: catalog,
	723	+	collection: catalog,
711	724		relationships: relationships,
712	725		}
713	726		}
		skipped 1 lines

■ ■ ■ ■ ■ ■

grype/pkg/syft_provider.go

		skipped 28 lines
29	29
30	30		catalog = removePackagesByOverlap(catalog, relationships)
31	31
32		-	packages := FromCatalog(catalog, config.SynthesisConfig)
	32	+	packages := FromCollection(catalog, config.SynthesisConfig)
33	33		context := Context{
34	34		Source: &src.Metadata,
35	35		Distro: theDistro,
		skipped 3 lines
39	39		Source: src.Metadata,
40	40		Relationships: relationships,
41	41		Artifacts: sbom.Artifacts{
42		-	PackageCatalog: catalog,
	42	+	Packages: catalog,
43	43		},
44	44		}
45	45
		skipped 3 lines

■ ■ ■ ■ ■ ■

grype/pkg/syft_sbom_provider.go

		skipped 29 lines
30	30		return nil, Context{}, nil, err
31	31		}
32	32
33		-	catalog := s.Artifacts.PackageCatalog
	33	+	catalog := s.Artifacts.Packages
34	34		catalog = removePackagesByOverlap(catalog, s.Relationships)
35	35
36		-	return FromCatalog(catalog, config.SynthesisConfig), Context{
	36	+	return FromCollection(catalog, config.SynthesisConfig), Context{
37	37		Source: &s.Source,
38	38		Distro: s.Artifacts.LinuxDistribution,
39	39		}, s, nil
		skipped 177 lines

■ ■ ■ ■ ■ ■

grype/pkg/syft_sbom_provider_test.go

		skipped 149 lines
150	150
151	151		for _, d := range deep.Equal(test.Packages, pkgs) {
152	152		if strings.Contains(d, ".ID: ") {
153		-	// today ID's get assigned by the catalog, which will change in the future. But in the meantime
	153	+	// today ID's get assigned by the collection, which will change in the future. But in the meantime
154	154		// that means that these IDs are random and should not be counted as a difference we care about in
155	155		// this test.
156	156		continue
		skipped 115 lines

■ ■ ■ ■ ■ ■

grype/presenter/models/models_helpers.go

		skipped 33 lines
34	34
35	35		sbom := &sbom.SBOM{
36	36		Artifacts: sbom.Artifacts{
37		-	PackageCatalog: syftPkg.NewCatalog(),
	37	+	Packages: syftPkg.NewCollection(),
38	38		},
39	39		}
40	40
41	41		for _, p := range packages {
42		-	sbom.Artifacts.PackageCatalog.Add(toSyftPkg(p))
	42	+	sbom.Artifacts.Packages.Add(toSyftPkg(p))
43	43		}
44	44
45	45		return sbom
		skipped 208 lines

■ ■ ■ ■ ■ ■

test/integration/match_by_image_test.go

		skipped 23 lines
24	24		"github.com/anchore/syft/syft/source"
25	25		)
26	26
27		-	func addAlpineMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	27	+	func addAlpineMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
28	28		packages := catalog.PackagesByPath("/lib/apk/db/installed")
29	29		if len(packages) != 1 {
30	30		t.Logf("Alpine Packages: %+v", packages)
		skipped 55 lines
86	86		})
87	87		}
88	88
89		-	func addJavascriptMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	89	+	func addJavascriptMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
90	90		packages := catalog.PackagesByPath("/javascript/pkg-json/package.json")
91	91		if len(packages) != 1 {
92	92		t.Logf("Javascript Packages: %+v", packages)
		skipped 25 lines
118	118		})
119	119		}
120	120
121		-	func addPythonMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	121	+	func addPythonMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
122	122		packages := catalog.PackagesByPath("/python/dist-info/METADATA")
123	123		if len(packages) != 1 {
124	124		for _, p := range packages {
		skipped 30 lines
155	155		})
156	156		}
157	157
158		-	func addDotnetMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	158	+	func addDotnetMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
159	159		packages := catalog.PackagesByPath("/dotnet/TestLibrary.deps.json")
160	160		if len(packages) != 1 {
161	161		for _, p := range packages {
		skipped 30 lines
192	192		})
193	193		}
194	194
195		-	func addRubyMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	195	+	func addRubyMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
196	196		packages := catalog.PackagesByPath("/ruby/specifications/bundler.gemspec")
197	197		if len(packages) != 1 {
198	198		t.Logf("Ruby Packages: %+v", packages)
		skipped 26 lines
225	225		})
226	226		}
227	227
228		-	func addGolangMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	228	+	func addGolangMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
229	229		modPackages := catalog.PackagesByPath("/golang/go.mod")
230	230		if len(modPackages) != 1 {
231	231		t.Logf("Golang Mod Packages: %+v", modPackages)
		skipped 44 lines
276	276		}
277	277		}
278	278
279		-	func addJavaMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	279	+	func addJavaMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
280	280		packages := make([]syftPkg.Package, 0)
281	281		for p := range catalog.Enumerate(syftPkg.JavaPkg) {
282	282		packages = append(packages, p)
		skipped 34 lines
317	317		})
318	318		}
319	319
320		-	func addDpkgMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	320	+	func addDpkgMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
321	321		packages := catalog.PackagesByPath("/var/lib/dpkg/status")
322	322		if len(packages) != 1 {
323	323		t.Logf("Dpkg Packages: %+v", packages)
		skipped 34 lines
358	358		})
359	359		}
360	360
361		-	func addPortageMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	361	+	func addPortageMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
362	362		packages := catalog.PackagesByPath("/var/db/pkg/app-containers/skopeo-1.5.1/CONTENTS")
363	363		if len(packages) != 1 {
364	364		t.Logf("Portage Packages: %+v", packages)
		skipped 32 lines
397	397		})
398	398		}
399	399
400		-	func addRhelMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	400	+	func addRhelMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
401	401		packages := catalog.PackagesByPath("/var/lib/rpm/Packages")
402	402		if len(packages) != 1 {
403	403		t.Logf("RPMDB Packages: %+v", packages)
		skipped 33 lines
437	437		})
438	438		}
439	439
440		-	func addSlesMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	440	+	func addSlesMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
441	441		packages := catalog.PackagesByPath("/var/lib/rpm/Packages")
442	442		if len(packages) != 1 {
443	443		t.Logf("Sles Packages: %+v", packages)
		skipped 33 lines
477	477		})
478	478		}
479	479
480		-	func addHaskellMatches(t testing.T, theSource source.Source, catalog syftPkg.Catalog, theStore mockStore, theResult match.Matches) {
	480	+	func addHaskellMatches(t testing.T, theSource source.Source, catalog syftPkg.Collection, theStore mockStore, theResult match.Matches) {
481	481		packages := catalog.PackagesByPath("/haskell/stack.yaml")
482	482		if len(packages) < 1 {
483	483		t.Logf("Haskel Packages: %+v", packages)
		skipped 34 lines
518	518
519	519		tests := []struct {
520	520		fixtureImage string
521		-	expectedFn func(source.Source, syftPkg.Catalog, mockStore) match.Matches
	521	+	expectedFn func(source.Source, syftPkg.Collection, mockStore) match.Matches
522	522		}{
523	523		{
524	524		fixtureImage: "image-debian-match-coverage",
525		-	expectedFn: func(theSource source.Source, catalog syftPkg.Catalog, theStore mockStore) match.Matches {
	525	+	expectedFn: func(theSource source.Source, catalog syftPkg.Collection, theStore mockStore) match.Matches {
526	526		expectedMatches := match.NewMatches()
527	527		addPythonMatches(t, theSource, catalog, theStore, &expectedMatches)
528	528		addRubyMatches(t, theSource, catalog, theStore, &expectedMatches)
		skipped 8 lines
537	537		},
538	538		{
539	539		fixtureImage: "image-centos-match-coverage",
540		-	expectedFn: func(theSource source.Source, catalog syftPkg.Catalog, theStore mockStore) match.Matches {
	540	+	expectedFn: func(theSource source.Source, catalog syftPkg.Collection, theStore mockStore) match.Matches {
541	541		expectedMatches := match.NewMatches()
542	542		addRhelMatches(t, theSource, catalog, theStore, &expectedMatches)
543	543		return expectedMatches
		skipped 1 lines
545	545		},
546	546		{
547	547		fixtureImage: "image-alpine-match-coverage",
548		-	expectedFn: func(theSource source.Source, catalog syftPkg.Catalog, theStore mockStore) match.Matches {
	548	+	expectedFn: func(theSource source.Source, catalog syftPkg.Collection, theStore mockStore) match.Matches {
549	549		expectedMatches := match.NewMatches()
550	550		addAlpineMatches(t, theSource, catalog, theStore, &expectedMatches)
551	551		return expectedMatches
		skipped 1 lines
553	553		},
554	554		{
555	555		fixtureImage: "image-sles-match-coverage",
556		-	expectedFn: func(theSource source.Source, catalog syftPkg.Catalog, theStore mockStore) match.Matches {
	556	+	expectedFn: func(theSource source.Source, catalog syftPkg.Collection, theStore mockStore) match.Matches {
557	557		expectedMatches := match.NewMatches()
558	558		addSlesMatches(t, theSource, catalog, theStore, &expectedMatches)
559	559		return expectedMatches
		skipped 1 lines
561	561		},
562	562		{
563	563		fixtureImage: "image-portage-match-coverage",
564		-	expectedFn: func(theSource source.Source, catalog syftPkg.Catalog, theStore mockStore) match.Matches {
	564	+	expectedFn: func(theSource source.Source, catalog syftPkg.Collection, theStore mockStore) match.Matches {
565	565		expectedMatches := match.NewMatches()
566	566		addPortageMatches(t, theSource, catalog, theStore, &expectedMatches)
567	567		return expectedMatches
		skipped 25 lines
593	593		// enable all catalogers to cover non default cases
594	594		config.Catalogers = []string{"all"}
595	595
596		-	theCatalog, _, theDistro, err := syft.CatalogPackages(theSource, config)
	596	+	collection, _, theDistro, err := syft.CatalogPackages(theSource, config)
597	597		require.NoError(t, err)
598	598
599	599		matchers := matcher.NewDefaultMatchers(matcher.Config{})
		skipped 8 lines
608	608		ExclusionProvider: ep,
609	609		}
610	610
611		-	actualResults := grype.FindVulnerabilitiesForPackage(str, theDistro, matchers, pkg.FromCatalog(theCatalog, pkg.SynthesisConfig{}))
	611	+	actualResults := grype.FindVulnerabilitiesForPackage(str, theDistro, matchers, pkg.FromCollection(collection, pkg.SynthesisConfig{}))
612	612
613	613		for _, m := range actualResults.Sorted() {
614	614		for _, d := range m.Details {
		skipped 2 lines
617	617		}
618	618
619	619		// build expected matches from what's discovered from the catalog
620		-	expectedMatches := test.expectedFn(*theSource, theCatalog, theStore)
	620	+	expectedMatches := test.expectedFn(*theSource, collection, theStore)
621	621
622	622		assertMatches(t, expectedMatches.Sorted(), actualResults.Sorted())
623	623		})
		skipped 34 lines

■ ■ ■ ■ ■ ■

test/integration/utils_test.go

		skipped 83 lines
84	84		config := cataloger.DefaultConfig()
85	85		config.Search.Scope = source.SquashedScope
86	86		// TODO: relationships are not verified at this time
87		-	catalog, _, distro, err := syft.CatalogPackages(src, config)
	87	+	collection, _, distro, err := syft.CatalogPackages(src, config)
88	88
89	89		s := sbom.SBOM{
90	90		Artifacts: sbom.Artifacts{
91		-	PackageCatalog: catalog,
	91	+	Packages: collection,
92	92		LinuxDistribution: distro,
93	93		},
94	94		Source: src.Metadata,
		skipped 31 lines

		skipped 13 lines
14	14		*.tar
15	15		*tar.gz
16	16		.idea/
	17	+	*.iml
17	18		*.log
18	19		.images
19	20		.tmp/
		skipped 21 lines

chore(deps): update Syft to v0.80.0 (#1276)