STRLCPY/syft

■ ■ ■ ■ ■ ■

schema/json/schema-8.0.0.json

		skipped 747 lines
748	748		"type": {
749	749		"type": "string"
750	750		},
751		-	"url": {
	751	+	"urls": {
752	752		"items": {
753	753		"type": "string"
754	754		},
		skipped 11 lines
766	766		"value",
767	767		"spdxExpression",
768	768		"type",
769		-	"url",
	769	+	"urls",
770	770		"locations"
771	771		]
772	772		},
		skipped 1099 lines

■ ■ ■ ■ ■ ■

syft/formats/common/cyclonedxhelpers/licenses.go

		skipped 98 lines
99	99		// singular expression case
100	100		// only ID field here since we guarantee that the license is valid
101	101		if value, exists := spdxlicense.ID(l.SPDXExpression); exists {
102		-	if !l.URL.Empty() {
	102	+	if !l.URLs.Empty() {
103	103		processLicenseURLs(l, value, &spdxc)
104	104		continue
105	105		}
		skipped 21 lines
127	127
128	128		// license string that are not valid spdx expressions or ids
129	129		// we only use license Name here since we cannot guarantee that the license is a valid SPDX expression
130		-	if !l.URL.Empty() {
	130	+	if !l.URLs.Empty() {
131	131		processLicenseURLs(l, "", &otherc)
132	132		continue
133	133		}
		skipped 7 lines
141	141		}
142	142
143	143		func processLicenseURLs(l pkg.License, spdxID string, populate *cyclonedx.Licenses) {
144		-	for _, url := range l.URL.ToSlice() {
	144	+	for _, url := range l.URLs.ToSlice() {
145	145		if spdxID == "" {
146	146		populate = append(populate, cyclonedx.LicenseChoice{
147	147		License: &cyclonedx.License{
		skipped 59 lines

■ ■ ■ ■ ■ ■

syft/formats/common/cyclonedxhelpers/licenses_test.go

		skipped 136 lines
137	137		},
138	138		},
139	139		{
140		-	name: "with multiple URLs and single with no URL",
	140	+	name: "with multiple URLs and single with no URLs",
141	141		input: pkg.Package{
142	142		Licenses: pkg.NewLicenseSet(
143	143		pkg.NewLicense("MIT"),
		skipped 80 lines
224	224		Value: "RandomLicense",
225	225		// CycloneDX specification doesn't give a field for determining the license type
226	226		Type: license.Declared,
227		-	URL: internal.NewStringSet(),
	227	+	URLs: internal.NewStringSet(),
228	228		},
229	229		},
230	230		},
		skipped 13 lines
244	244		Value: "MIT",
245	245		SPDXExpression: "MIT",
246	246		Type: license.Declared,
247		-	URL: internal.NewStringSet(),
	247	+	URLs: internal.NewStringSet(),
248	248		},
249	249		},
250	250		},
		skipped 12 lines
263	263		Value: "MIT AND GPL-3.0-only WITH Classpath-exception-2.0",
264	264		SPDXExpression: "MIT AND GPL-3.0-only WITH Classpath-exception-2.0",
265	265		Type: license.Declared,
266		-	URL: internal.NewStringSet(),
	266	+	URLs: internal.NewStringSet(),
267	267		},
268	268		},
269	269		},
		skipped 8 lines

■ ■ ■ ■ ■ ■

syft/formats/syftjson/model/package.go

		skipped 39 lines
40	40		Value string `json:"value"`
41	41		SPDXExpression string `json:"spdxExpression"`
42	42		Type license.Type `json:"type"`
43		-	URL []string `json:"url"`
44		-	Location []source.Location `json:"locations"`
	43	+	URLs []string `json:"urls"`
	44	+	Locations []source.Location `json:"locations"`
45	45		}
46	46
47	47		func newModelLicensesFromValues(licenses []string) (ml []License) {
		skipped 97 lines

■ ■ ■ ■ ■ ■

syft/formats/syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden

		skipped 15 lines
16	16		"value": "MIT",
17	17		"spdxExpression": "MIT",
18	18		"type": "declared",
19		-	"url": [],
	19	+	"urls": [],
20	20		"locations": []
21	21		}
22	22		],
		skipped 79 lines

■ ■ ■ ■ ■ ■

syft/formats/syftjson/test-fixtures/snapshot/TestEncodeFullJSONDocument.golden

		skipped 15 lines
16	16		"value": "MIT",
17	17		"spdxExpression": "MIT",
18	18		"type": "declared",
19		-	"url": [],
	19	+	"urls": [],
20	20		"locations": []
21	21		}
22	22		],
		skipped 179 lines

■ ■ ■ ■ ■ ■

syft/formats/syftjson/test-fixtures/snapshot/TestImageEncoder.golden

		skipped 16 lines
17	17		"value": "MIT",
18	18		"spdxExpression": "MIT",
19	19		"type": "declared",
20		-	"url": [],
	20	+	"urls": [],
21	21		"locations": []
22	22		}
23	23		],
		skipped 101 lines

■ ■ ■ ■ ■ ■

syft/formats/syftjson/to_format_model.go

		skipped 187 lines
188	188		for _, l := range pkgLicenses {
189	189		// guarantee collection
190	190		locations := make([]source.Location, 0)
191		-	if v := l.Location.ToSlice(); v != nil {
	191	+	if v := l.Locations.ToSlice(); v != nil {
192	192		locations = v
193	193		}
194	194		modelLicenses = append(modelLicenses, model.License{
195	195		Value: l.Value,
196	196		SPDXExpression: l.SPDXExpression,
197	197		Type: l.Type,
198		-	URL: l.URL.ToSlice(),
199		-	Location: locations,
	198	+	URLs: l.URLs.ToSlice(),
	199	+	Locations: locations,
200	200		})
201	201		}
202	202		return
		skipped 92 lines

■ ■ ■ ■ ■ ■

syft/formats/syftjson/to_syft_model.go

		skipped 107 lines
108	108		Value: l.Value,
109	109		SPDXExpression: l.SPDXExpression,
110	110		Type: l.Type,
111		-	URL: internal.NewStringSet(l.URL...),
112		-	Location: source.NewLocationSet(l.Location...),
	111	+	URLs: internal.NewStringSet(l.URLs...),
	112	+	Locations: source.NewLocationSet(l.Locations...),
113	113		})
114	114		}
115	115		return
		skipped 228 lines

■ ■ ■ ■ ■ ■

syft/pkg/cataloger/apkdb/parse_apk_db_test.go

		skipped 683 lines
684	684		test.expected.Locations = source.NewLocationSet(fixtureLocation)
685	685		licenses := test.expected.Licenses.ToSlice()
686	686		for i := range licenses {
687		-	licenses[i].Location.Add(fixtureLocation)
	687	+	licenses[i].Locations.Add(fixtureLocation)
688	688		}
689	689		test.expected.Licenses = pkg.NewLicenseSet(licenses...)
690	690		pkgtest.TestFileParser(t, test.fixture, parseApkDB, []pkg.Package{test.expected}, nil)
		skipped 577 lines

■ ■ ■ ■ ■ ■

syft/pkg/cataloger/golang/licenses_test.go

		skipped 34 lines
35	35		Value: "Apache-2.0",
36	36		SPDXExpression: "Apache-2.0",
37	37		Type: license.Concluded,
38		-	Location: source.NewLocationSet(loc1),
39		-	URL: internal.NewStringSet(),
	38	+	Locations: source.NewLocationSet(loc1),
	39	+	URLs: internal.NewStringSet(),
40	40		},
41	41		},
42	42		{
		skipped 3 lines
46	46		Value: "MIT",
47	47		SPDXExpression: "MIT",
48	48		Type: license.Concluded,
49		-	Location: source.NewLocationSet(loc2),
50		-	URL: internal.NewStringSet(),
	49	+	Locations: source.NewLocationSet(loc2),
	50	+	URLs: internal.NewStringSet(),
51	51		},
52	52		},
53	53		}
		skipped 72 lines
126	126		Value: "Apache-2.0",
127	127		SPDXExpression: "Apache-2.0",
128	128		Type: license.Concluded,
129		-	Location: source.NewLocationSet(loc1),
130		-	URL: internal.NewStringSet(),
	129	+	Locations: source.NewLocationSet(loc1),
	130	+	URLs: internal.NewStringSet(),
131	131		},
132	132		},
133	133		{
		skipped 3 lines
137	137		Value: "MIT",
138	138		SPDXExpression: "MIT",
139	139		Type: license.Concluded,
140		-	Location: source.NewLocationSet(loc2),
141		-	URL: internal.NewStringSet(),
	140	+	Locations: source.NewLocationSet(loc2),
	141	+	URLs: internal.NewStringSet(),
142	142		},
143	143		},
144	144		}
		skipped 88 lines

■ ■ ■ ■ ■ ■

syft/pkg/cataloger/php/parse_installed_json_test.go

		skipped 134 lines
135	135		expectedPkgs[i].Locations = locations
136	136		locationLicenses := pkg.NewLicenseSet()
137	137		for _, license := range expectedPkgs[i].Licenses.ToSlice() {
138		-	license.Location = locations
	138	+	license.Locations = locations
139	139		locationLicenses.Add(license)
140	140		}
141	141		expectedPkgs[i].Licenses = locationLicenses
		skipped 6 lines

■ ■ ■ ■ ■ ■

syft/pkg/license.go

		skipped 13 lines
14	14		var _ sort.Interface = (*Licenses)(nil)
15	15
16	16		// License represents an SPDX Expression or license value extracted from a packages metadata
17		-	// We want to ignore URL and Location since we merge these fields across equal licenses.
	17	+	// We want to ignore URLs and Location since we merge these fields across equal licenses.
18	18		// A License is a unique combination of value, expression and type, where
19	19		// its sources are always considered merged and additions to the evidence
20	20		// of where it was found and how it was sourced.
		skipped 5 lines
26	26		Value string `json:"value"`
27	27		SPDXExpression string `json:"spdxExpression"`
28	28		Type license.Type `json:"type"`
29		-	URL internal.StringSet `hash:"ignore"`
30		-	Location source.LocationSet `hash:"ignore"`
	29	+	URLs internal.StringSet `hash:"ignore"`
	30	+	Locations source.LocationSet `hash:"ignore"`
31	31		}
32	32
33	33		type Licenses []License
		skipped 6 lines
40	40		if l[i].Value == l[j].Value {
41	41		if l[i].SPDXExpression == l[j].SPDXExpression {
42	42		if l[i].Type == l[j].Type {
43		-	// While URL and location are not exclusive fields
	43	+	// While URLs and location are not exclusive fields
44	44		// returning true here reduces the number of swaps
45	45		// while keeping a consistent sort order of
46	46		// the order that they appear in the list initially
		skipped 22 lines
69	69		Value: value,
70	70		SPDXExpression: spdxExpression,
71	71		Type: license.Declared,
72		-	URL: internal.NewStringSet(),
73		-	Location: source.NewLocationSet(),
	72	+	URLs: internal.NewStringSet(),
	73	+	Locations: source.NewLocationSet(),
74	74		}
75	75		}
76	76
		skipped 7 lines
84	84		Value: value,
85	85		SPDXExpression: spdxExpression,
86	86		Type: t,
87		-	URL: internal.NewStringSet(),
88		-	Location: source.NewLocationSet(),
	87	+	URLs: internal.NewStringSet(),
	88	+	Locations: source.NewLocationSet(),
89	89		}
90	90		}
91	91
		skipped 17 lines
109	109		func NewLicenseFromLocations(value string, locations ...source.Location) License {
110	110		l := NewLicense(value)
111	111		for _, loc := range locations {
112		-	l.Location.Add(loc)
	112	+	l.Locations.Add(loc)
113	113		}
114	114		return l
115	115		}
		skipped 2 lines
118	118		l := NewLicense(value)
119	119		for _, u := range urls {
120	120		if u != "" {
121		-	l.URL.Add(u)
	121	+	l.URLs.Add(u)
122	122		}
123	123		}
124	124		return l
		skipped 16 lines
141	141		return nil, fmt.Errorf("cannot merge licenses with different hash")
142	142		}
143	143
144		-	s.URL.Add(l.URL.ToSlice()...)
145		-	if s.Location.Empty() && l.Location.Empty() {
	144	+	s.URLs.Add(l.URLs.ToSlice()...)
	145	+	if s.Locations.Empty() && l.Locations.Empty() {
146	146		return &s, nil
147	147		}
148	148
149		-	s.Location.Add(l.Location.ToSlice()...)
	149	+	s.Locations.Add(l.Locations.ToSlice()...)
150	150		return &s, nil
151	151		}
152	152

■ ■ ■ ■ ■ ■

syft/pkg/license_set.go

		skipped 33 lines
34	34		return id, false, nil
35	35		}
36	36
37		-	// we got the same id; we want to merge the URL and Location data
38		-	// URL/Location are not considered when taking the Hash
	37	+	// we got the same id; we want to merge the URLs and Location data
	38	+	// URLs/Location are not considered when taking the Hash
39	39		m, err := v.Merge(license)
40	40		if err != nil {
41	41		return id, false, fmt.Errorf("could not merge license into map: %w", err)
		skipped 48 lines

■ ■ ■ ■ ■ ■

syft/pkg/license_set_test.go

		skipped 96 lines
97	97		Value: "MIT",
98	98		SPDXExpression: "MIT",
99	99		Type: license.Declared,
100		-	URL: internal.NewStringSet("https://example.com"),
101		-	Location: source.NewLocationSet(source.NewLocation("/place")),
	100	+	URLs: internal.NewStringSet("https://example.com"),
	101	+	Locations: source.NewLocationSet(source.NewLocation("/place")),
102	102		},
103	103		},
104	104		},
		skipped 10 lines
115	115		Value: "MIT",
116	116		SPDXExpression: "MIT",
117	117		Type: license.Concluded,
118		-	URL: internal.NewStringSet(),
119		-	Location: source.NewLocationSet(),
	118	+	URLs: internal.NewStringSet(),
	119	+	Locations: source.NewLocationSet(),
120	120		},
121	121		{
122	122		Value: "MIT",
123	123		SPDXExpression: "MIT",
124	124		Type: license.Declared,
125		-	URL: internal.NewStringSet("https://example.com"),
126		-	Location: source.NewLocationSet(source.NewLocation("/place")),
	125	+	URLs: internal.NewStringSet("https://example.com"),
	126	+	Locations: source.NewLocationSet(source.NewLocation("/place")),
127	127		},
128	128		},
129	129		},
		skipped 11 lines

■ ■ ■ ■ ■ ■

syft/pkg/license_test.go

		skipped 20 lines
21	21		lic1 := NewLicenseFromLocations("MIT", loc1)
22	22		lic2 := NewLicenseFromLocations("MIT", loc2)
23	23
24		-	lic1.URL.Add("foo")
25		-	lic2.URL.Add("bar") // we also want to check the URL are ignored
	24	+	lic1.URLs.Add("foo")
	25	+	lic2.URLs.Add("bar") // we also want to check the URLs are ignored
26	26
27	27		hash1, err := artifact.IDByHash(lic1)
28	28		require.NoError(t, err)
		skipped 72 lines

fix: update field plurality of 8.0.0 schema before release (#1820)