STRLCPY/syft

Create python requirements metadata (#1759)

- Create new metadata struct and type for python requirements.
- Update parsing of python requirements to use python requirements metadata.
- Remove extras and url from line. Add them to metadata instead.
- Add unit test to test that extras are removed from package name.
- Update test to look at requirements metadata.
- Will need updated in future to support more than just == for the version constraint.
- Update JSON schema data

Closes anchore/grype#1246
Closes anchore/grype#1251

Signed-off-by: Shane Dell <[email protected]>

Shane Dell committed with GitHub 1 year ago

a07bfe7d

1 parent 451cb9d5

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

Total 13 files Show one by one

■ ■ ■ ■ ■ ■

internal/constants.go

		skipped 5 lines
6	6
7	7		// JSONSchemaVersion is the current schema version output by the JSON encoder
8	8		// This is roughly following the "SchemaVer" guidelines for versioning the JSON schema. Please see schema/json/README.md for details on how to increment.
9		-	JSONSchemaVersion = "7.1.4"
	9	+	JSONSchemaVersion = "7.1.5"
10	10		)
11	11

■ ■ ■ ■ ■ ■

schema/json/generate.go

		skipped 29 lines
30	30
31	31		// TODO: this should be generated from reflection of whats in the pkg package
32	32		type artifactMetadataContainer struct {
33		-	Alpm pkg.AlpmMetadata
34		-	Apk pkg.ApkMetadata
35		-	Binary pkg.BinaryMetadata
36		-	Cocopods pkg.CocoapodsMetadata
37		-	Conan pkg.ConanMetadata
38		-	ConanLock pkg.ConanLockMetadata
39		-	Dart pkg.DartPubMetadata
40		-	Dotnet pkg.DotnetDepsMetadata
41		-	Dpkg pkg.DpkgMetadata
42		-	Gem pkg.GemMetadata
43		-	GoBin pkg.GolangBinMetadata
44		-	GoMod pkg.GolangModMetadata
45		-	Hackage pkg.HackageMetadata
46		-	Java pkg.JavaMetadata
47		-	KbPackage pkg.KbPackageMetadata
48		-	LinuxKernel pkg.LinuxKernelMetadata
49		-	LinuxKernelModule pkg.LinuxKernelModuleMetadata
50		-	Nix pkg.NixStoreMetadata
51		-	NpmPackage pkg.NpmPackageJSONMetadata
52		-	NpmPackageLock pkg.NpmPackageLockJSONMetadata
53		-	MixLock pkg.MixLockMetadata
54		-	Php pkg.PhpComposerJSONMetadata
55		-	Portage pkg.PortageMetadata
56		-	PythonPackage pkg.PythonPackageMetadata
57		-	PythonPipfilelock pkg.PythonPipfileLockMetadata
58		-	Rebar pkg.RebarLockMetadata
59		-	Rpm pkg.RpmMetadata
60		-	RustCargo pkg.CargoPackageMetadata
	33	+	Alpm pkg.AlpmMetadata
	34	+	Apk pkg.ApkMetadata
	35	+	Binary pkg.BinaryMetadata
	36	+	Cocopods pkg.CocoapodsMetadata
	37	+	Conan pkg.ConanMetadata
	38	+	ConanLock pkg.ConanLockMetadata
	39	+	Dart pkg.DartPubMetadata
	40	+	Dotnet pkg.DotnetDepsMetadata
	41	+	Dpkg pkg.DpkgMetadata
	42	+	Gem pkg.GemMetadata
	43	+	GoBin pkg.GolangBinMetadata
	44	+	GoMod pkg.GolangModMetadata
	45	+	Hackage pkg.HackageMetadata
	46	+	Java pkg.JavaMetadata
	47	+	KbPackage pkg.KbPackageMetadata
	48	+	LinuxKernel pkg.LinuxKernelMetadata
	49	+	LinuxKernelModule pkg.LinuxKernelModuleMetadata
	50	+	Nix pkg.NixStoreMetadata
	51	+	NpmPackage pkg.NpmPackageJSONMetadata
	52	+	NpmPackageLock pkg.NpmPackageLockJSONMetadata
	53	+	MixLock pkg.MixLockMetadata
	54	+	Php pkg.PhpComposerJSONMetadata
	55	+	Portage pkg.PortageMetadata
	56	+	PythonPackage pkg.PythonPackageMetadata
	57	+	PythonPipfilelock pkg.PythonPipfileLockMetadata
	58	+	PythonRequirements pkg.PythonRequirementsMetadata
	59	+	Rebar pkg.RebarLockMetadata
	60	+	Rpm pkg.RpmMetadata
	61	+	RustCargo pkg.CargoPackageMetadata
61	62		}
62	63
63	64		func main() {
		skipped 105 lines

■ ■ ■ ■ ■ ■

schema/json/schema-7.1.5.json

1	+	{
2	+	"$schema": "https://json-schema.org/draft/2020-12/schema",
3	+	"$id": "https://github.com/anchore/syft/syft/formats/syftjson/model/document",
4	+	"$ref": "#/$defs/Document",
5	+	"$defs": {
6	+	"AlpmFileRecord": {
7	+	"properties": {
8	+	"path": {
9	+	"type": "string"
10	+	},
11	+	"type": {
12	+	"type": "string"
13	+	},
14	+	"uid": {
15	+	"type": "string"
16	+	},
17	+	"gid": {
18	+	"type": "string"
19	+	},
20	+	"time": {
21	+	"type": "string",
22	+	"format": "date-time"
23	+	},
24	+	"size": {
25	+	"type": "string"
26	+	},
27	+	"link": {
28	+	"type": "string"
29	+	},
30	+	"digest": {
31	+	"items": {
32	+	"$ref": "#/$defs/Digest"
33	+	},
34	+	"type": "array"
35	+	}
36	+	},
37	+	"type": "object"
38	+	},
39	+	"AlpmMetadata": {
40	+	"properties": {
41	+	"basepackage": {
42	+	"type": "string"
43	+	},
44	+	"package": {
45	+	"type": "string"
46	+	},
47	+	"version": {
48	+	"type": "string"
49	+	},
50	+	"description": {
51	+	"type": "string"
52	+	},
53	+	"architecture": {
54	+	"type": "string"
55	+	},
56	+	"size": {
57	+	"type": "integer"
58	+	},
59	+	"packager": {
60	+	"type": "string"
61	+	},
62	+	"license": {
63	+	"type": "string"
64	+	},
65	+	"url": {
66	+	"type": "string"
67	+	},
68	+	"validation": {
69	+	"type": "string"
70	+	},
71	+	"reason": {
72	+	"type": "integer"
73	+	},
74	+	"files": {
75	+	"items": {
76	+	"$ref": "#/$defs/AlpmFileRecord"
77	+	},
78	+	"type": "array"
79	+	},
80	+	"backup": {
81	+	"items": {
82	+	"$ref": "#/$defs/AlpmFileRecord"
83	+	},
84	+	"type": "array"
85	+	}
86	+	},
87	+	"type": "object",
88	+	"required": [
89	+	"basepackage",
90	+	"package",
91	+	"version",
92	+	"description",
93	+	"architecture",
94	+	"size",
95	+	"packager",
96	+	"license",
97	+	"url",
98	+	"validation",
99	+	"reason",
100	+	"files",
101	+	"backup"
102	+	]
103	+	},
104	+	"ApkFileRecord": {
105	+	"properties": {
106	+	"path": {
107	+	"type": "string"
108	+	},
109	+	"ownerUid": {
110	+	"type": "string"
111	+	},
112	+	"ownerGid": {
113	+	"type": "string"
114	+	},
115	+	"permissions": {
116	+	"type": "string"
117	+	},
118	+	"digest": {
119	+	"$ref": "#/$defs/Digest"
120	+	}
121	+	},
122	+	"type": "object",
123	+	"required": [
124	+	"path"
125	+	]
126	+	},
127	+	"ApkMetadata": {
128	+	"properties": {
129	+	"package": {
130	+	"type": "string"
131	+	},
132	+	"originPackage": {
133	+	"type": "string"
134	+	},
135	+	"maintainer": {
136	+	"type": "string"
137	+	},
138	+	"version": {
139	+	"type": "string"
140	+	},
141	+	"license": {
142	+	"type": "string"
143	+	},
144	+	"architecture": {
145	+	"type": "string"
146	+	},
147	+	"url": {
148	+	"type": "string"
149	+	},
150	+	"description": {
151	+	"type": "string"
152	+	},
153	+	"size": {
154	+	"type": "integer"
155	+	},
156	+	"installedSize": {
157	+	"type": "integer"
158	+	},
159	+	"pullDependencies": {
160	+	"items": {
161	+	"type": "string"
162	+	},
163	+	"type": "array"
164	+	},
165	+	"provides": {
166	+	"items": {
167	+	"type": "string"
168	+	},
169	+	"type": "array"
170	+	},
171	+	"pullChecksum": {
172	+	"type": "string"
173	+	},
174	+	"gitCommitOfApkPort": {
175	+	"type": "string"
176	+	},
177	+	"files": {
178	+	"items": {
179	+	"$ref": "#/$defs/ApkFileRecord"
180	+	},
181	+	"type": "array"
182	+	}
183	+	},
184	+	"type": "object",
185	+	"required": [
186	+	"package",
187	+	"originPackage",
188	+	"maintainer",
189	+	"version",
190	+	"license",
191	+	"architecture",
192	+	"url",
193	+	"description",
194	+	"size",
195	+	"installedSize",
196	+	"pullDependencies",
197	+	"provides",
198	+	"pullChecksum",
199	+	"gitCommitOfApkPort",
200	+	"files"
201	+	]
202	+	},
203	+	"BinaryMetadata": {
204	+	"properties": {
205	+	"matches": {
206	+	"items": {
207	+	"$ref": "#/$defs/ClassifierMatch"
208	+	},
209	+	"type": "array"
210	+	}
211	+	},
212	+	"type": "object",
213	+	"required": [
214	+	"matches"
215	+	]
216	+	},
217	+	"CargoPackageMetadata": {
218	+	"properties": {
219	+	"name": {
220	+	"type": "string"
221	+	},
222	+	"version": {
223	+	"type": "string"
224	+	},
225	+	"source": {
226	+	"type": "string"
227	+	},
228	+	"checksum": {
229	+	"type": "string"
230	+	},
231	+	"dependencies": {
232	+	"items": {
233	+	"type": "string"
234	+	},
235	+	"type": "array"
236	+	}
237	+	},
238	+	"type": "object",
239	+	"required": [
240	+	"name",
241	+	"version",
242	+	"source",
243	+	"checksum",
244	+	"dependencies"
245	+	]
246	+	},
247	+	"ClassifierMatch": {
248	+	"properties": {
249	+	"classifier": {
250	+	"type": "string"
251	+	},
252	+	"location": {
253	+	"$ref": "#/$defs/Location"
254	+	}
255	+	},
256	+	"type": "object",
257	+	"required": [
258	+	"classifier",
259	+	"location"
260	+	]
261	+	},
262	+	"CocoapodsMetadata": {
263	+	"properties": {
264	+	"checksum": {
265	+	"type": "string"
266	+	}
267	+	},
268	+	"type": "object",
269	+	"required": [
270	+	"checksum"
271	+	]
272	+	},
273	+	"ConanLockMetadata": {
274	+	"properties": {
275	+	"ref": {
276	+	"type": "string"
277	+	},
278	+	"package_id": {
279	+	"type": "string"
280	+	},
281	+	"prev": {
282	+	"type": "string"
283	+	},
284	+	"requires": {
285	+	"type": "string"
286	+	},
287	+	"build_requires": {
288	+	"type": "string"
289	+	},
290	+	"py_requires": {
291	+	"type": "string"
292	+	},
293	+	"options": {
294	+	"patternProperties": {
295	+	".*": {
296	+	"type": "string"
297	+	}
298	+	},
299	+	"type": "object"
300	+	},
301	+	"path": {
302	+	"type": "string"
303	+	},
304	+	"context": {
305	+	"type": "string"
306	+	}
307	+	},
308	+	"type": "object",
309	+	"required": [
310	+	"ref"
311	+	]
312	+	},
313	+	"ConanMetadata": {
314	+	"properties": {
315	+	"ref": {
316	+	"type": "string"
317	+	}
318	+	},
319	+	"type": "object",
320	+	"required": [
321	+	"ref"
322	+	]
323	+	},
324	+	"Coordinates": {
325	+	"properties": {
326	+	"path": {
327	+	"type": "string"
328	+	},
329	+	"layerID": {
330	+	"type": "string"
331	+	}
332	+	},
333	+	"type": "object",
334	+	"required": [
335	+	"path"
336	+	]
337	+	},
338	+	"DartPubMetadata": {
339	+	"properties": {
340	+	"name": {
341	+	"type": "string"
342	+	},
343	+	"version": {
344	+	"type": "string"
345	+	},
346	+	"hosted_url": {
347	+	"type": "string"
348	+	},
349	+	"vcs_url": {
350	+	"type": "string"
351	+	}
352	+	},
353	+	"type": "object",
354	+	"required": [
355	+	"name",
356	+	"version"
357	+	]
358	+	},
359	+	"Descriptor": {
360	+	"properties": {
361	+	"name": {
362	+	"type": "string"
363	+	},
364	+	"version": {
365	+	"type": "string"
366	+	},
367	+	"configuration": true
368	+	},
369	+	"type": "object",
370	+	"required": [
371	+	"name",
372	+	"version"
373	+	]
374	+	},
375	+	"Digest": {
376	+	"properties": {
377	+	"algorithm": {
378	+	"type": "string"
379	+	},
380	+	"value": {
381	+	"type": "string"
382	+	}
383	+	},
384	+	"type": "object",
385	+	"required": [
386	+	"algorithm",
387	+	"value"
388	+	]
389	+	},
390	+	"Document": {
391	+	"properties": {
392	+	"artifacts": {
393	+	"items": {
394	+	"$ref": "#/$defs/Package"
395	+	},
396	+	"type": "array"
397	+	},
398	+	"artifactRelationships": {
399	+	"items": {
400	+	"$ref": "#/$defs/Relationship"
401	+	},
402	+	"type": "array"
403	+	},
404	+	"files": {
405	+	"items": {
406	+	"$ref": "#/$defs/File"
407	+	},
408	+	"type": "array"
409	+	},
410	+	"secrets": {
411	+	"items": {
412	+	"$ref": "#/$defs/Secrets"
413	+	},
414	+	"type": "array"
415	+	},
416	+	"source": {
417	+	"$ref": "#/$defs/Source"
418	+	},
419	+	"distro": {
420	+	"$ref": "#/$defs/LinuxRelease"
421	+	},
422	+	"descriptor": {
423	+	"$ref": "#/$defs/Descriptor"
424	+	},
425	+	"schema": {
426	+	"$ref": "#/$defs/Schema"
427	+	}
428	+	},
429	+	"type": "object",
430	+	"required": [
431	+	"artifacts",
432	+	"artifactRelationships",
433	+	"source",
434	+	"distro",
435	+	"descriptor",
436	+	"schema"
437	+	]
438	+	},
439	+	"DotnetDepsMetadata": {
440	+	"properties": {
441	+	"name": {
442	+	"type": "string"
443	+	},
444	+	"version": {
445	+	"type": "string"
446	+	},
447	+	"path": {
448	+	"type": "string"
449	+	},
450	+	"sha512": {
451	+	"type": "string"
452	+	},
453	+	"hashPath": {
454	+	"type": "string"
455	+	}
456	+	},
457	+	"type": "object",
458	+	"required": [
459	+	"name",
460	+	"version",
461	+	"path",
462	+	"sha512",
463	+	"hashPath"
464	+	]
465	+	},
466	+	"DpkgFileRecord": {
467	+	"properties": {
468	+	"path": {
469	+	"type": "string"
470	+	},
471	+	"digest": {
472	+	"$ref": "#/$defs/Digest"
473	+	},
474	+	"isConfigFile": {
475	+	"type": "boolean"
476	+	}
477	+	},
478	+	"type": "object",
479	+	"required": [
480	+	"path",
481	+	"isConfigFile"
482	+	]
483	+	},
484	+	"DpkgMetadata": {
485	+	"properties": {
486	+	"package": {
487	+	"type": "string"
488	+	},
489	+	"source": {
490	+	"type": "string"
491	+	},
492	+	"version": {
493	+	"type": "string"
494	+	},
495	+	"sourceVersion": {
496	+	"type": "string"
497	+	},
498	+	"architecture": {
499	+	"type": "string"
500	+	},
501	+	"maintainer": {
502	+	"type": "string"
503	+	},
504	+	"installedSize": {
505	+	"type": "integer"
506	+	},
507	+	"files": {
508	+	"items": {
509	+	"$ref": "#/$defs/DpkgFileRecord"
510	+	},
511	+	"type": "array"
512	+	}
513	+	},
514	+	"type": "object",
515	+	"required": [
516	+	"package",
517	+	"source",
518	+	"version",
519	+	"sourceVersion",
520	+	"architecture",
521	+	"maintainer",
522	+	"installedSize",
523	+	"files"
524	+	]
525	+	},
526	+	"File": {
527	+	"properties": {
528	+	"id": {
529	+	"type": "string"
530	+	},
531	+	"location": {
532	+	"$ref": "#/$defs/Coordinates"
533	+	},
534	+	"metadata": {
535	+	"$ref": "#/$defs/FileMetadataEntry"
536	+	},
537	+	"contents": {
538	+	"type": "string"
539	+	},
540	+	"digests": {
541	+	"items": {
542	+	"$ref": "#/$defs/Digest"
543	+	},
544	+	"type": "array"
545	+	}
546	+	},
547	+	"type": "object",
548	+	"required": [
549	+	"id",
550	+	"location"
551	+	]
552	+	},
553	+	"FileMetadataEntry": {
554	+	"properties": {
555	+	"mode": {
556	+	"type": "integer"
557	+	},
558	+	"type": {
559	+	"type": "string"
560	+	},
561	+	"linkDestination": {
562	+	"type": "string"
563	+	},
564	+	"userID": {
565	+	"type": "integer"
566	+	},
567	+	"groupID": {
568	+	"type": "integer"
569	+	},
570	+	"mimeType": {
571	+	"type": "string"
572	+	},
573	+	"size": {
574	+	"type": "integer"
575	+	}
576	+	},
577	+	"type": "object",
578	+	"required": [
579	+	"mode",
580	+	"type",
581	+	"userID",
582	+	"groupID",
583	+	"mimeType",
584	+	"size"
585	+	]
586	+	},
587	+	"GemMetadata": {
588	+	"properties": {
589	+	"name": {
590	+	"type": "string"
591	+	},
592	+	"version": {
593	+	"type": "string"
594	+	},
595	+	"files": {
596	+	"items": {
597	+	"type": "string"
598	+	},
599	+	"type": "array"
600	+	},
601	+	"authors": {
602	+	"items": {
603	+	"type": "string"
604	+	},
605	+	"type": "array"
606	+	},
607	+	"licenses": {
608	+	"items": {
609	+	"type": "string"
610	+	},
611	+	"type": "array"
612	+	},
613	+	"homepage": {
614	+	"type": "string"
615	+	}
616	+	},
617	+	"type": "object",
618	+	"required": [
619	+	"name",
620	+	"version"
621	+	]
622	+	},
623	+	"GolangBinMetadata": {
624	+	"properties": {
625	+	"goBuildSettings": {
626	+	"patternProperties": {
627	+	".*": {
628	+	"type": "string"
629	+	}
630	+	},
631	+	"type": "object"
632	+	},
633	+	"goCompiledVersion": {
634	+	"type": "string"
635	+	},
636	+	"architecture": {
637	+	"type": "string"
638	+	},
639	+	"h1Digest": {
640	+	"type": "string"
641	+	},
642	+	"mainModule": {
643	+	"type": "string"
644	+	}
645	+	},
646	+	"type": "object",
647	+	"required": [
648	+	"goCompiledVersion",
649	+	"architecture"
650	+	]
651	+	},
652	+	"GolangModMetadata": {
653	+	"properties": {
654	+	"h1Digest": {
655	+	"type": "string"
656	+	}
657	+	},
658	+	"type": "object"
659	+	},
660	+	"HackageMetadata": {
661	+	"properties": {
662	+	"name": {
663	+	"type": "string"
664	+	},
665	+	"version": {
666	+	"type": "string"
667	+	},
668	+	"pkgHash": {
669	+	"type": "string"
670	+	},
671	+	"snapshotURL": {
672	+	"type": "string"
673	+	}
674	+	},
675	+	"type": "object",
676	+	"required": [
677	+	"name",
678	+	"version"
679	+	]
680	+	},
681	+	"IDLikes": {
682	+	"items": {
683	+	"type": "string"
684	+	},
685	+	"type": "array"
686	+	},
687	+	"JavaManifest": {
688	+	"properties": {
689	+	"main": {
690	+	"patternProperties": {
691	+	".*": {
692	+	"type": "string"
693	+	}
694	+	},
695	+	"type": "object"
696	+	},
697	+	"namedSections": {
698	+	"patternProperties": {
699	+	".*": {
700	+	"patternProperties": {
701	+	".*": {
702	+	"type": "string"
703	+	}
704	+	},
705	+	"type": "object"
706	+	}
707	+	},
708	+	"type": "object"
709	+	}
710	+	},
711	+	"type": "object"
712	+	},
713	+	"JavaMetadata": {
714	+	"properties": {
715	+	"virtualPath": {
716	+	"type": "string"
717	+	},
718	+	"manifest": {
719	+	"$ref": "#/$defs/JavaManifest"
720	+	},
721	+	"pomProperties": {
722	+	"$ref": "#/$defs/PomProperties"
723	+	},
724	+	"pomProject": {
725	+	"$ref": "#/$defs/PomProject"
726	+	},
727	+	"digest": {
728	+	"items": {
729	+	"$ref": "#/$defs/Digest"
730	+	},
731	+	"type": "array"
732	+	}
733	+	},
734	+	"type": "object",
735	+	"required": [
736	+	"virtualPath"
737	+	]
738	+	},
739	+	"KbPackageMetadata": {
740	+	"properties": {
741	+	"product_id": {
742	+	"type": "string"
743	+	},
744	+	"kb": {
745	+	"type": "string"
746	+	}
747	+	},
748	+	"type": "object",
749	+	"required": [
750	+	"product_id",
751	+	"kb"
752	+	]
753	+	},
754	+	"LinuxKernelMetadata": {
755	+	"properties": {
756	+	"name": {
757	+	"type": "string"
758	+	},
759	+	"architecture": {
760	+	"type": "string"
761	+	},
762	+	"version": {
763	+	"type": "string"
764	+	},
765	+	"extendedVersion": {
766	+	"type": "string"
767	+	},
768	+	"buildTime": {
769	+	"type": "string"
770	+	},
771	+	"author": {
772	+	"type": "string"
773	+	},
774	+	"format": {
775	+	"type": "string"
776	+	},
777	+	"rwRootFS": {
778	+	"type": "boolean"
779	+	},
780	+	"swapDevice": {
781	+	"type": "integer"
782	+	},
783	+	"rootDevice": {
784	+	"type": "integer"
785	+	},
786	+	"videoMode": {
787	+	"type": "string"
788	+	}
789	+	},
790	+	"type": "object",
791	+	"required": [
792	+	"name",
793	+	"architecture",
794	+	"version"
795	+	]
796	+	},
797	+	"LinuxKernelModuleMetadata": {
798	+	"properties": {
799	+	"name": {
800	+	"type": "string"
801	+	},
802	+	"version": {
803	+	"type": "string"
804	+	},
805	+	"sourceVersion": {
806	+	"type": "string"
807	+	},
808	+	"path": {
809	+	"type": "string"
810	+	},
811	+	"description": {
812	+	"type": "string"
813	+	},
814	+	"author": {
815	+	"type": "string"
816	+	},
817	+	"license": {
818	+	"type": "string"
819	+	},
820	+	"kernelVersion": {
821	+	"type": "string"
822	+	},
823	+	"versionMagic": {
824	+	"type": "string"
825	+	},
826	+	"parameters": {
827	+	"patternProperties": {
828	+	".*": {
829	+	"$ref": "#/$defs/LinuxKernelModuleParameter"
830	+	}
831	+	},
832	+	"type": "object"
833	+	}
834	+	},
835	+	"type": "object"
836	+	},
837	+	"LinuxKernelModuleParameter": {
838	+	"properties": {
839	+	"type": {
840	+	"type": "string"
841	+	},
842	+	"description": {
843	+	"type": "string"
844	+	}
845	+	},
846	+	"type": "object"
847	+	},
848	+	"LinuxRelease": {
849	+	"properties": {
850	+	"prettyName": {
851	+	"type": "string"
852	+	},
853	+	"name": {
854	+	"type": "string"
855	+	},
856	+	"id": {
857	+	"type": "string"
858	+	},
859	+	"idLike": {
860	+	"$ref": "#/$defs/IDLikes"
861	+	},
862	+	"version": {
863	+	"type": "string"
864	+	},
865	+	"versionID": {
866	+	"type": "string"
867	+	},
868	+	"versionCodename": {
869	+	"type": "string"
870	+	},
871	+	"buildID": {
872	+	"type": "string"
873	+	},
874	+	"imageID": {
875	+	"type": "string"
876	+	},
877	+	"imageVersion": {
878	+	"type": "string"
879	+	},
880	+	"variant": {
881	+	"type": "string"
882	+	},
883	+	"variantID": {
884	+	"type": "string"
885	+	},
886	+	"homeURL": {
887	+	"type": "string"
888	+	},
889	+	"supportURL": {
890	+	"type": "string"
891	+	},
892	+	"bugReportURL": {
893	+	"type": "string"
894	+	},
895	+	"privacyPolicyURL": {
896	+	"type": "string"
897	+	},
898	+	"cpeName": {
899	+	"type": "string"
900	+	},
901	+	"supportEnd": {
902	+	"type": "string"
903	+	}
904	+	},
905	+	"type": "object"
906	+	},
907	+	"Location": {
908	+	"properties": {
909	+	"path": {
910	+	"type": "string"
911	+	},
912	+	"layerID": {
913	+	"type": "string"
914	+	},
915	+	"annotations": {
916	+	"patternProperties": {
917	+	".*": {
918	+	"type": "string"
919	+	}
920	+	},
921	+	"type": "object"
922	+	}
923	+	},
924	+	"type": "object",
925	+	"required": [
926	+	"path"
927	+	]
928	+	},
929	+	"MixLockMetadata": {
930	+	"properties": {
931	+	"name": {
932	+	"type": "string"
933	+	},
934	+	"version": {
935	+	"type": "string"
936	+	},
937	+	"pkgHash": {
938	+	"type": "string"
939	+	},
940	+	"pkgHashExt": {
941	+	"type": "string"
942	+	}
943	+	},
944	+	"type": "object",
945	+	"required": [
946	+	"name",
947	+	"version",
948	+	"pkgHash",
949	+	"pkgHashExt"
950	+	]
951	+	},
952	+	"NixStoreMetadata": {
953	+	"properties": {
954	+	"outputHash": {
955	+	"type": "string"
956	+	},
957	+	"output": {
958	+	"type": "string"
959	+	},
960	+	"files": {
961	+	"items": {
962	+	"type": "string"
963	+	},
964	+	"type": "array"
965	+	}
966	+	},
967	+	"type": "object",
968	+	"required": [
969	+	"outputHash",
970	+	"files"
971	+	]
972	+	},
973	+	"NpmPackageJSONMetadata": {
974	+	"properties": {
975	+	"name": {
976	+	"type": "string"
977	+	},
978	+	"version": {
979	+	"type": "string"
980	+	},
981	+	"author": {
982	+	"type": "string"
983	+	},
984	+	"licenses": {
985	+	"items": {
986	+	"type": "string"
987	+	},
988	+	"type": "array"
989	+	},
990	+	"homepage": {
991	+	"type": "string"
992	+	},
993	+	"description": {
994	+	"type": "string"
995	+	},
996	+	"url": {
997	+	"type": "string"
998	+	},
999	+	"private": {
1000	+	"type": "boolean"
1001	+	}
1002	+	},
1003	+	"type": "object",
1004	+	"required": [
1005	+	"name",
1006	+	"version",
1007	+	"author",
1008	+	"licenses",
1009	+	"homepage",
1010	+	"description",
1011	+	"url",
1012	+	"private"
1013	+	]
1014	+	},
1015	+	"NpmPackageLockJSONMetadata": {
1016	+	"properties": {
1017	+	"resolved": {
1018	+	"type": "string"
1019	+	},
1020	+	"integrity": {
1021	+	"type": "string"
1022	+	}
1023	+	},
1024	+	"type": "object",
1025	+	"required": [
1026	+	"resolved",
1027	+	"integrity"
1028	+	]
1029	+	},
1030	+	"Package": {
1031	+	"properties": {
1032	+	"id": {
1033	+	"type": "string"
1034	+	},
1035	+	"name": {
1036	+	"type": "string"
1037	+	},
1038	+	"version": {
1039	+	"type": "string"
1040	+	},
1041	+	"type": {
1042	+	"type": "string"
1043	+	},
1044	+	"foundBy": {
1045	+	"type": "string"
1046	+	},
1047	+	"locations": {
1048	+	"items": {
1049	+	"$ref": "#/$defs/Location"
1050	+	},
1051	+	"type": "array"
1052	+	},
1053	+	"licenses": {
1054	+	"items": {
1055	+	"type": "string"
1056	+	},
1057	+	"type": "array"
1058	+	},
1059	+	"language": {
1060	+	"type": "string"
1061	+	},
1062	+	"cpes": {
1063	+	"items": {
1064	+	"type": "string"
1065	+	},
1066	+	"type": "array"
1067	+	},
1068	+	"purl": {
1069	+	"type": "string"
1070	+	},
1071	+	"metadataType": {
1072	+	"type": "string"
1073	+	},
1074	+	"metadata": {
1075	+	"anyOf": [
1076	+	{
1077	+	"type": "null"
1078	+	},
1079	+	{
1080	+	"$ref": "#/$defs/AlpmMetadata"
1081	+	},
1082	+	{
1083	+	"$ref": "#/$defs/ApkMetadata"
1084	+	},
1085	+	{
1086	+	"$ref": "#/$defs/BinaryMetadata"
1087	+	},
1088	+	{
1089	+	"$ref": "#/$defs/CargoPackageMetadata"
1090	+	},
1091	+	{
1092	+	"$ref": "#/$defs/CocoapodsMetadata"
1093	+	},
1094	+	{
1095	+	"$ref": "#/$defs/ConanLockMetadata"
1096	+	},
1097	+	{
1098	+	"$ref": "#/$defs/ConanMetadata"
1099	+	},
1100	+	{
1101	+	"$ref": "#/$defs/DartPubMetadata"
1102	+	},
1103	+	{
1104	+	"$ref": "#/$defs/DotnetDepsMetadata"
1105	+	},
1106	+	{
1107	+	"$ref": "#/$defs/DpkgMetadata"
1108	+	},
1109	+	{
1110	+	"$ref": "#/$defs/GemMetadata"
1111	+	},
1112	+	{
1113	+	"$ref": "#/$defs/GolangBinMetadata"
1114	+	},
1115	+	{
1116	+	"$ref": "#/$defs/GolangModMetadata"
1117	+	},
1118	+	{
1119	+	"$ref": "#/$defs/HackageMetadata"
1120	+	},
1121	+	{
1122	+	"$ref": "#/$defs/JavaMetadata"
1123	+	},
1124	+	{
1125	+	"$ref": "#/$defs/KbPackageMetadata"
1126	+	},
1127	+	{
1128	+	"$ref": "#/$defs/LinuxKernelMetadata"
1129	+	},
1130	+	{
1131	+	"$ref": "#/$defs/LinuxKernelModuleMetadata"
1132	+	},
1133	+	{
1134	+	"$ref": "#/$defs/MixLockMetadata"
1135	+	},
1136	+	{
1137	+	"$ref": "#/$defs/NixStoreMetadata"
1138	+	},
1139	+	{
1140	+	"$ref": "#/$defs/NpmPackageJSONMetadata"
1141	+	},
1142	+	{
1143	+	"$ref": "#/$defs/NpmPackageLockJSONMetadata"
1144	+	},
1145	+	{
1146	+	"$ref": "#/$defs/PhpComposerJSONMetadata"
1147	+	},
1148	+	{
1149	+	"$ref": "#/$defs/PortageMetadata"
1150	+	},
1151	+	{
1152	+	"$ref": "#/$defs/PythonPackageMetadata"
1153	+	},
1154	+	{
1155	+	"$ref": "#/$defs/PythonPipfileLockMetadata"
1156	+	},
1157	+	{
1158	+	"$ref": "#/$defs/PythonRequirementsMetadata"
1159	+	},
1160	+	{
1161	+	"$ref": "#/$defs/RebarLockMetadata"
1162	+	},
1163	+	{
1164	+	"$ref": "#/$defs/RpmMetadata"
1165	+	}
1166	+	]
1167	+	}
1168	+	},
1169	+	"type": "object",
1170	+	"required": [
1171	+	"id",
1172	+	"name",
1173	+	"version",
1174	+	"type",
1175	+	"foundBy",
1176	+	"locations",
1177	+	"licenses",
1178	+	"language",
1179	+	"cpes",
1180	+	"purl"
1181	+	]
1182	+	},
1183	+	"PhpComposerAuthors": {
1184	+	"properties": {
1185	+	"name": {
1186	+	"type": "string"
1187	+	},
1188	+	"email": {
1189	+	"type": "string"
1190	+	},
1191	+	"homepage": {
1192	+	"type": "string"
1193	+	}
1194	+	},
1195	+	"type": "object",
1196	+	"required": [
1197	+	"name"
1198	+	]
1199	+	},
1200	+	"PhpComposerExternalReference": {
1201	+	"properties": {
1202	+	"type": {
1203	+	"type": "string"
1204	+	},
1205	+	"url": {
1206	+	"type": "string"
1207	+	},
1208	+	"reference": {
1209	+	"type": "string"
1210	+	},
1211	+	"shasum": {
1212	+	"type": "string"
1213	+	}
1214	+	},
1215	+	"type": "object",
1216	+	"required": [
1217	+	"type",
1218	+	"url",
1219	+	"reference"
1220	+	]
1221	+	},
1222	+	"PhpComposerJSONMetadata": {
1223	+	"properties": {
1224	+	"name": {
1225	+	"type": "string"
1226	+	},
1227	+	"version": {
1228	+	"type": "string"
1229	+	},
1230	+	"source": {
1231	+	"$ref": "#/$defs/PhpComposerExternalReference"
1232	+	},
1233	+	"dist": {
1234	+	"$ref": "#/$defs/PhpComposerExternalReference"
1235	+	},
1236	+	"require": {
1237	+	"patternProperties": {
1238	+	".*": {
1239	+	"type": "string"
1240	+	}
1241	+	},
1242	+	"type": "object"
1243	+	},
1244	+	"provide": {
1245	+	"patternProperties": {
1246	+	".*": {
1247	+	"type": "string"
1248	+	}
1249	+	},
1250	+	"type": "object"
1251	+	},
1252	+	"require-dev": {
1253	+	"patternProperties": {
1254	+	".*": {
1255	+	"type": "string"
1256	+	}
1257	+	},
1258	+	"type": "object"
1259	+	},
1260	+	"suggest": {
1261	+	"patternProperties": {
1262	+	".*": {
1263	+	"type": "string"
1264	+	}
1265	+	},
1266	+	"type": "object"
1267	+	},
1268	+	"type": {
1269	+	"type": "string"
1270	+	},
1271	+	"notification-url": {
1272	+	"type": "string"
1273	+	},
1274	+	"bin": {
1275	+	"items": {
1276	+	"type": "string"
1277	+	},
1278	+	"type": "array"
1279	+	},
1280	+	"license": {
1281	+	"items": {
1282	+	"type": "string"
1283	+	},
1284	+	"type": "array"
1285	+	},
1286	+	"authors": {
1287	+	"items": {
1288	+	"$ref": "#/$defs/PhpComposerAuthors"
1289	+	},
1290	+	"type": "array"
1291	+	},
1292	+	"description": {
1293	+	"type": "string"
1294	+	},
1295	+	"homepage": {
1296	+	"type": "string"
1297	+	},
1298	+	"keywords": {
1299	+	"items": {
1300	+	"type": "string"
1301	+	},
1302	+	"type": "array"
1303	+	},
1304	+	"time": {
1305	+	"type": "string"
1306	+	}
1307	+	},
1308	+	"type": "object",
1309	+	"required": [
1310	+	"name",
1311	+	"version",
1312	+	"source",
1313	+	"dist"
1314	+	]
1315	+	},
1316	+	"PomParent": {
1317	+	"properties": {
1318	+	"groupId": {
1319	+	"type": "string"
1320	+	},
1321	+	"artifactId": {
1322	+	"type": "string"
1323	+	},
1324	+	"version": {
1325	+	"type": "string"
1326	+	}
1327	+	},
1328	+	"type": "object",
1329	+	"required": [
1330	+	"groupId",
1331	+	"artifactId",
1332	+	"version"
1333	+	]
1334	+	},
1335	+	"PomProject": {
1336	+	"properties": {
1337	+	"path": {
1338	+	"type": "string"
1339	+	},
1340	+	"parent": {
1341	+	"$ref": "#/$defs/PomParent"
1342	+	},
1343	+	"groupId": {
1344	+	"type": "string"
1345	+	},
1346	+	"artifactId": {
1347	+	"type": "string"
1348	+	},
1349	+	"version": {
1350	+	"type": "string"
1351	+	},
1352	+	"name": {
1353	+	"type": "string"
1354	+	},
1355	+	"description": {
1356	+	"type": "string"
1357	+	},
1358	+	"url": {
1359	+	"type": "string"
1360	+	}
1361	+	},
1362	+	"type": "object",
1363	+	"required": [
1364	+	"path",
1365	+	"groupId",
1366	+	"artifactId",
1367	+	"version",
1368	+	"name"
1369	+	]
1370	+	},
1371	+	"PomProperties": {
1372	+	"properties": {
1373	+	"path": {
1374	+	"type": "string"
1375	+	},
1376	+	"name": {
1377	+	"type": "string"
1378	+	},
1379	+	"groupId": {
1380	+	"type": "string"
1381	+	},
1382	+	"artifactId": {
1383	+	"type": "string"
1384	+	},
1385	+	"version": {
1386	+	"type": "string"
1387	+	},
1388	+	"extraFields": {
1389	+	"patternProperties": {
1390	+	".*": {
1391	+	"type": "string"
1392	+	}
1393	+	},
1394	+	"type": "object"
1395	+	}
1396	+	},
1397	+	"type": "object",
1398	+	"required": [
1399	+	"path",
1400	+	"name",
1401	+	"groupId",
1402	+	"artifactId",
1403	+	"version"
1404	+	]
1405	+	},
1406	+	"PortageFileRecord": {
1407	+	"properties": {
1408	+	"path": {
1409	+	"type": "string"
1410	+	},
1411	+	"digest": {
1412	+	"$ref": "#/$defs/Digest"
1413	+	}
1414	+	},
1415	+	"type": "object",
1416	+	"required": [
1417	+	"path"
1418	+	]
1419	+	},
1420	+	"PortageMetadata": {
1421	+	"properties": {
1422	+	"installedSize": {
1423	+	"type": "integer"
1424	+	},
1425	+	"files": {
1426	+	"items": {
1427	+	"$ref": "#/$defs/PortageFileRecord"
1428	+	},
1429	+	"type": "array"
1430	+	}
1431	+	},
1432	+	"type": "object",
1433	+	"required": [
1434	+	"installedSize",
1435	+	"files"
1436	+	]
1437	+	},
1438	+	"PythonDirectURLOriginInfo": {
1439	+	"properties": {
1440	+	"url": {
1441	+	"type": "string"
1442	+	},
1443	+	"commitId": {
1444	+	"type": "string"
1445	+	},
1446	+	"vcs": {
1447	+	"type": "string"
1448	+	}
1449	+	},
1450	+	"type": "object",
1451	+	"required": [
1452	+	"url"
1453	+	]
1454	+	},
1455	+	"PythonFileDigest": {
1456	+	"properties": {
1457	+	"algorithm": {
1458	+	"type": "string"
1459	+	},
1460	+	"value": {
1461	+	"type": "string"
1462	+	}
1463	+	},
1464	+	"type": "object",
1465	+	"required": [
1466	+	"algorithm",
1467	+	"value"
1468	+	]
1469	+	},
1470	+	"PythonFileRecord": {
1471	+	"properties": {
1472	+	"path": {
1473	+	"type": "string"
1474	+	},
1475	+	"digest": {
1476	+	"$ref": "#/$defs/PythonFileDigest"
1477	+	},
1478	+	"size": {
1479	+	"type": "string"
1480	+	}
1481	+	},
1482	+	"type": "object",
1483	+	"required": [
1484	+	"path"
1485	+	]
1486	+	},
1487	+	"PythonPackageMetadata": {
1488	+	"properties": {
1489	+	"name": {
1490	+	"type": "string"
1491	+	},
1492	+	"version": {
1493	+	"type": "string"
1494	+	},
1495	+	"license": {
1496	+	"type": "string"
1497	+	},
1498	+	"author": {
1499	+	"type": "string"
1500	+	},
1501	+	"authorEmail": {
1502	+	"type": "string"
1503	+	},
1504	+	"platform": {
1505	+	"type": "string"
1506	+	},
1507	+	"files": {
1508	+	"items": {
1509	+	"$ref": "#/$defs/PythonFileRecord"
1510	+	},
1511	+	"type": "array"
1512	+	},
1513	+	"sitePackagesRootPath": {
1514	+	"type": "string"
1515	+	},
1516	+	"topLevelPackages": {
1517	+	"items": {
1518	+	"type": "string"
1519	+	},
1520	+	"type": "array"
1521	+	},
1522	+	"directUrlOrigin": {
1523	+	"$ref": "#/$defs/PythonDirectURLOriginInfo"
1524	+	}
1525	+	},
1526	+	"type": "object",
1527	+	"required": [
1528	+	"name",
1529	+	"version",
1530	+	"license",
1531	+	"author",
1532	+	"authorEmail",
1533	+	"platform",
1534	+	"sitePackagesRootPath"
1535	+	]
1536	+	},
1537	+	"PythonPipfileLockMetadata": {
1538	+	"properties": {
1539	+	"hashes": {
1540	+	"items": {
1541	+	"type": "string"
1542	+	},
1543	+	"type": "array"
1544	+	},
1545	+	"index": {
1546	+	"type": "string"
1547	+	}
1548	+	},
1549	+	"type": "object",
1550	+	"required": [
1551	+	"hashes",
1552	+	"index"
1553	+	]
1554	+	},
1555	+	"PythonRequirementsMetadata": {
1556	+	"properties": {
1557	+	"name": {
1558	+	"type": "string"
1559	+	},
1560	+	"extras": {
1561	+	"items": {
1562	+	"type": "string"
1563	+	},
1564	+	"type": "array"
1565	+	},
1566	+	"versionConstraint": {
1567	+	"type": "string"
1568	+	},
1569	+	"url": {
1570	+	"type": "string"
1571	+	},
1572	+	"markers": {
1573	+	"patternProperties": {
1574	+	".*": {
1575	+	"type": "string"
1576	+	}
1577	+	},
1578	+	"type": "object"
1579	+	}
1580	+	},
1581	+	"type": "object",
1582	+	"required": [
1583	+	"name",
1584	+	"extras",
1585	+	"versionConstraint",
1586	+	"url",
1587	+	"markers"
1588	+	]
1589	+	},
1590	+	"RebarLockMetadata": {
1591	+	"properties": {
1592	+	"name": {
1593	+	"type": "string"
1594	+	},
1595	+	"version": {
1596	+	"type": "string"
1597	+	},
1598	+	"pkgHash": {
1599	+	"type": "string"
1600	+	},
1601	+	"pkgHashExt": {
1602	+	"type": "string"
1603	+	}
1604	+	},
1605	+	"type": "object",
1606	+	"required": [
1607	+	"name",
1608	+	"version",
1609	+	"pkgHash",
1610	+	"pkgHashExt"
1611	+	]
1612	+	},
1613	+	"Relationship": {
1614	+	"properties": {
1615	+	"parent": {
1616	+	"type": "string"
1617	+	},
1618	+	"child": {
1619	+	"type": "string"
1620	+	},
1621	+	"type": {
1622	+	"type": "string"
1623	+	},
1624	+	"metadata": true
1625	+	},
1626	+	"type": "object",
1627	+	"required": [
1628	+	"parent",
1629	+	"child",
1630	+	"type"
1631	+	]
1632	+	},
1633	+	"RpmMetadata": {
1634	+	"properties": {
1635	+	"name": {
1636	+	"type": "string"
1637	+	},
1638	+	"version": {
1639	+	"type": "string"
1640	+	},
1641	+	"epoch": {
1642	+	"oneOf": [
1643	+	{
1644	+	"type": "integer"
1645	+	},
1646	+	{
1647	+	"type": "null"
1648	+	}
1649	+	]
1650	+	},
1651	+	"architecture": {
1652	+	"type": "string"
1653	+	},
1654	+	"release": {
1655	+	"type": "string"
1656	+	},
1657	+	"sourceRpm": {
1658	+	"type": "string"
1659	+	},
1660	+	"size": {
1661	+	"type": "integer"
1662	+	},
1663	+	"license": {
1664	+	"type": "string"
1665	+	},
1666	+	"vendor": {
1667	+	"type": "string"
1668	+	},
1669	+	"modularityLabel": {
1670	+	"type": "string"
1671	+	},
1672	+	"files": {
1673	+	"items": {
1674	+	"$ref": "#/$defs/RpmdbFileRecord"
1675	+	},
1676	+	"type": "array"
1677	+	}
1678	+	},
1679	+	"type": "object",
1680	+	"required": [
1681	+	"name",
1682	+	"version",
1683	+	"epoch",
1684	+	"architecture",
1685	+	"release",
1686	+	"sourceRpm",
1687	+	"size",
1688	+	"license",
1689	+	"vendor",
1690	+	"modularityLabel",
1691	+	"files"
1692	+	]
1693	+	},
1694	+	"RpmdbFileRecord": {
1695	+	"properties": {
1696	+	"path": {
1697	+	"type": "string"
1698	+	},
1699	+	"mode": {
1700	+	"type": "integer"
1701	+	},
1702	+	"size": {
1703	+	"type": "integer"
1704	+	},
1705	+	"digest": {
1706	+	"$ref": "#/$defs/Digest"
1707	+	},
1708	+	"userName": {
1709	+	"type": "string"
1710	+	},
1711	+	"groupName": {
1712	+	"type": "string"
1713	+	},
1714	+	"flags": {
1715	+	"type": "string"
1716	+	}
1717	+	},
1718	+	"type": "object",
1719	+	"required": [
1720	+	"path",
1721	+	"mode",
1722	+	"size",
1723	+	"digest",
1724	+	"userName",
1725	+	"groupName",
1726	+	"flags"
1727	+	]
1728	+	},
1729	+	"Schema": {
1730	+	"properties": {
1731	+	"version": {
1732	+	"type": "string"
1733	+	},
1734	+	"url": {
1735	+	"type": "string"
1736	+	}
1737	+	},
1738	+	"type": "object",
1739	+	"required": [
1740	+	"version",
1741	+	"url"
1742	+	]
1743	+	},
1744	+	"SearchResult": {
1745	+	"properties": {
1746	+	"classification": {
1747	+	"type": "string"
1748	+	},
1749	+	"lineNumber": {
1750	+	"type": "integer"
1751	+	},
1752	+	"lineOffset": {
1753	+	"type": "integer"
1754	+	},
1755	+	"seekPosition": {
1756	+	"type": "integer"
1757	+	},
1758	+	"length": {
1759	+	"type": "integer"
1760	+	},
1761	+	"value": {
1762	+	"type": "string"
1763	+	}
1764	+	},
1765	+	"type": "object",
1766	+	"required": [
1767	+	"classification",
1768	+	"lineNumber",
1769	+	"lineOffset",
1770	+	"seekPosition",
1771	+	"length"
1772	+	]
1773	+	},
1774	+	"Secrets": {
1775	+	"properties": {
1776	+	"location": {
1777	+	"$ref": "#/$defs/Coordinates"
1778	+	},
1779	+	"secrets": {
1780	+	"items": {
1781	+	"$ref": "#/$defs/SearchResult"
1782	+	},
1783	+	"type": "array"
1784	+	}
1785	+	},
1786	+	"type": "object",
1787	+	"required": [
1788	+	"location",
1789	+	"secrets"
1790	+	]
1791	+	},
1792	+	"Source": {
1793	+	"properties": {
1794	+	"id": {
1795	+	"type": "string"
1796	+	},
1797	+	"type": {
1798	+	"type": "string"
1799	+	},
1800	+	"target": true
1801	+	},
1802	+	"type": "object",
1803	+	"required": [
1804	+	"id",
1805	+	"type",
1806	+	"target"
1807	+	]
1808	+	}
1809	+	}
1810	+	}
1811	+

■ ■ ■ ■ ■ ■

syft/formats/syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden

		skipped 86 lines
87	87		"configuration": {
88	88		"config-key": "config-value"
89	89		}
90		-	},
91		-	"schema": {
92		-	"version": "7.1.4",
93		-	"url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-7.1.4.json"
94	90		}
95	91		}
96	92

■ ■ ■ ■ ■ ■

syft/formats/syftjson/test-fixtures/snapshot/TestEncodeFullJSONDocument.golden

		skipped 186 lines
187	187		"configuration": {
188	188		"config-key": "config-value"
189	189		}
190		-	},
191		-	"schema": {
192		-	"version": "7.1.4",
193		-	"url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-7.1.4.json"
194	190		}
195	191		}
196	192

■ ■ ■ ■ ■ ■

syft/formats/syftjson/test-fixtures/snapshot/TestImageEncoder.golden

		skipped 8 lines
9	9		"locations": [
10	10		{
11	11		"path": "/somefile-1.txt",
12		-	"layerID": "sha256:fb6beecb75b39f4bb813dbf177e501edd5ddb3e69bb45cedeb78c676ee1b7a59"
	12	+	"layerID": "sha256:7e139310bd6ce0956d65a70d26a6d31b240a4f47094a831638f05d381b6c424a"
13	13		}
14	14		],
15	15		"licenses": [
		skipped 24 lines
40	40		"locations": [
41	41		{
42	42		"path": "/somefile-2.txt",
43		-	"layerID": "sha256:319b588ce64253a87b533c8ed01cf0025e0eac98e7b516e12532957e1244fdec"
	43	+	"layerID": "sha256:cc833bf31a480c064d65ca67ee37f77f0d0c8ab98eedde7b286ad1ef6f5bdcac"
44	44		}
45	45		],
46	46		"licenses": [],
		skipped 17 lines
64	64		],
65	65		"artifactRelationships": [],
66	66		"source": {
67		-	"id": "1a678f111c8ddc66fd82687bb024e0dd6af61314404937a80e810c0cf317b796",
	67	+	"id": "0af8fa79f5497297e4e32f3e03de14ac20ad695159df0ac8373e6543614b9a50",
68	68		"type": "image",
69	69		"target": {
70	70		"userInput": "user-image-input",
71		-	"imageID": "sha256:3c51b06feb0cda8ee62d0e3755ef2a8496a6b71f8a55b245f07f31c4bb813d31",
	71	+	"imageID": "sha256:0cb4395791986bda17562bd6f76811bb6f163f686e198397197ef8241bed58df",
72	72		"manifestDigest": "sha256:2731251dc34951c0e50fcc643b4c5f74922dad1a5d98f302b504cf46cd5d9368",
73	73		"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
74	74		"tags": [
		skipped 3 lines
78	78		"layers": [
79	79		{
80	80		"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
81		-	"digest": "sha256:fb6beecb75b39f4bb813dbf177e501edd5ddb3e69bb45cedeb78c676ee1b7a59",
	81	+	"digest": "sha256:7e139310bd6ce0956d65a70d26a6d31b240a4f47094a831638f05d381b6c424a",
82	82		"size": 22
83	83		},
84	84		{
85	85		"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
86		-	"digest": "sha256:319b588ce64253a87b533c8ed01cf0025e0eac98e7b516e12532957e1244fdec",
	86	+	"digest": "sha256:cc833bf31a480c064d65ca67ee37f77f0d0c8ab98eedde7b286ad1ef6f5bdcac",
87	87		"size": 16
88	88		}
89	89		],
90		-	"manifest": "eyJzY2hlbWFWZXJzaW9uIjoyLCJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi92bmQuZG9ja2VyLmRpc3RyaWJ1dGlvbi5tYW5pZmVzdC52Mitqc29uIiwiY29uZmlnIjp7Im1lZGlhVHlwZSI6ImFwcGxpY2F0aW9uL3ZuZC5kb2NrZXIuY29udGFpbmVyLmltYWdlLnYxK2pzb24iLCJzaXplIjo2NzMsImRpZ2VzdCI6InNoYTI1NjozYzUxYjA2ZmViMGNkYThlZTYyZDBlMzc1NWVmMmE4NDk2YTZiNzFmOGE1NWIyNDVmMDdmMzFjNGJiODEzZDMxIn0sImxheWVycyI6W3sibWVkaWFUeXBlIjoiYXBwbGljYXRpb24vdm5kLmRvY2tlci5pbWFnZS5yb290ZnMuZGlmZi50YXIuZ3ppcCIsInNpemUiOjIwNDgsImRpZ2VzdCI6InNoYTI1NjpmYjZiZWVjYjc1YjM5ZjRiYjgxM2RiZjE3N2U1MDFlZGQ1ZGRiM2U2OWJiNDVjZWRlYjc4YzY3NmVlMWI3YTU5In0seyJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi92bmQuZG9ja2VyLmltYWdlLnJvb3Rmcy5kaWZmLnRhci5nemlwIiwic2l6ZSI6MjA0OCwiZGlnZXN0Ijoic2hhMjU2OjMxOWI1ODhjZTY0MjUzYTg3YjUzM2M4ZWQwMWNmMDAyNWUwZWFjOThlN2I1MTZlMTI1MzI5NTdlMTI0NGZkZWMifV19",
91		-	"config": "eyJhcmNoaXRlY3R1cmUiOiJhbWQ2NCIsImNvbmZpZyI6eyJFbnYiOlsiUEFUSD0vdXNyL2xvY2FsL3NiaW46L3Vzci9sb2NhbC9iaW46L3Vzci9zYmluOi91c3IvYmluOi9zYmluOi9iaW4iXSwiV29ya2luZ0RpciI6Ii8iLCJPbkJ1aWxkIjpudWxsfSwiY3JlYXRlZCI6IjIwMjItMDgtMDFUMjA6MDk6MjIuNTA5NDIxNzEyWiIsImhpc3RvcnkiOlt7ImNyZWF0ZWQiOiIyMDIyLTA4LTAxVDIwOjA5OjIyLjQ4Nzg5NTUxOVoiLCJjcmVhdGVkX2J5IjoiQUREIGZpbGUtMS50eHQgL3NvbWVmaWxlLTEudHh0ICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjItMDgtMDFUMjA6MDk6MjIuNTA5NDIxNzEyWiIsImNyZWF0ZWRfYnkiOiJBREQgZmlsZS0yLnR4dCAvc29tZWZpbGUtMi50eHQgIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn1dLCJvcyI6ImxpbnV4Iiwicm9vdGZzIjp7InR5cGUiOiJsYXllcnMiLCJkaWZmX2lkcyI6WyJzaGEyNTY6ZmI2YmVlY2I3NWIzOWY0YmI4MTNkYmYxNzdlNTAxZWRkNWRkYjNlNjliYjQ1Y2VkZWI3OGM2NzZlZTFiN2E1OSIsInNoYTI1NjozMTliNTg4Y2U2NDI1M2E4N2I1MzNjOGVkMDFjZjAwMjVlMGVhYzk4ZTdiNTE2ZTEyNTMyOTU3ZTEyNDRmZGVjIl19fQ==",
	90	+	"manifest": "eyJzY2hlbWFWZXJzaW9uIjoyLCJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi92bmQuZG9ja2VyLmRpc3RyaWJ1dGlvbi5tYW5pZmVzdC52Mitqc29uIiwiY29uZmlnIjp7Im1lZGlhVHlwZSI6ImFwcGxpY2F0aW9uL3ZuZC5kb2NrZXIuY29udGFpbmVyLmltYWdlLnYxK2pzb24iLCJzaXplIjo2NzEsImRpZ2VzdCI6InNoYTI1NjowY2I0Mzk1NzkxOTg2YmRhMTc1NjJiZDZmNzY4MTFiYjZmMTYzZjY4NmUxOTgzOTcxOTdlZjgyNDFiZWQ1OGRmIn0sImxheWVycyI6W3sibWVkaWFUeXBlIjoiYXBwbGljYXRpb24vdm5kLmRvY2tlci5pbWFnZS5yb290ZnMuZGlmZi50YXIuZ3ppcCIsInNpemUiOjIwNDgsImRpZ2VzdCI6InNoYTI1Njo3ZTEzOTMxMGJkNmNlMDk1NmQ2NWE3MGQyNmE2ZDMxYjI0MGE0ZjQ3MDk0YTgzMTYzOGYwNWQzODFiNmM0MjRhIn0seyJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi92bmQuZG9ja2VyLmltYWdlLnJvb3Rmcy5kaWZmLnRhci5nemlwIiwic2l6ZSI6MjA0OCwiZGlnZXN0Ijoic2hhMjU2OmNjODMzYmYzMWE0ODBjMDY0ZDY1Y2E2N2VlMzdmNzdmMGQwYzhhYjk4ZWVkZGU3YjI4NmFkMWVmNmY1YmRjYWMifV19",
	91	+	"config": "eyJhcmNoaXRlY3R1cmUiOiJhcm02NCIsImNvbmZpZyI6eyJFbnYiOlsiUEFUSD0vdXNyL2xvY2FsL3NiaW46L3Vzci9sb2NhbC9iaW46L3Vzci9zYmluOi91c3IvYmluOi9zYmluOi9iaW4iXSwiV29ya2luZ0RpciI6Ii8iLCJPbkJ1aWxkIjpudWxsfSwiY3JlYXRlZCI6IjIwMjMtMDQtMThUMTQ6MDk6NDIuMzAxMDI2MzhaIiwiaGlzdG9yeSI6W3siY3JlYXRlZCI6IjIwMjMtMDQtMThUMTQ6MDk6NDIuMjg3OTQyNzEzWiIsImNyZWF0ZWRfYnkiOiJBREQgZmlsZS0xLnR4dCAvc29tZWZpbGUtMS50eHQgIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn0seyJjcmVhdGVkIjoiMjAyMy0wNC0xOFQxNDowOTo0Mi4zMDEwMjYzOFoiLCJjcmVhdGVkX2J5IjoiQUREIGZpbGUtMi50eHQgL3NvbWVmaWxlLTIudHh0ICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9XSwib3MiOiJsaW51eCIsInJvb3RmcyI6eyJ0eXBlIjoibGF5ZXJzIiwiZGlmZl9pZHMiOlsic2hhMjU2OjdlMTM5MzEwYmQ2Y2UwOTU2ZDY1YTcwZDI2YTZkMzFiMjQwYTRmNDcwOTRhODMxNjM4ZjA1ZDM4MWI2YzQyNGEiLCJzaGEyNTY6Y2M4MzNiZjMxYTQ4MGMwNjRkNjVjYTY3ZWUzN2Y3N2YwZDBjOGFiOThlZWRkZTdiMjg2YWQxZWY2ZjViZGNhYyJdfX0=",
92	92		"repoDigests": [],
93	93		"architecture": "",
94	94		"os": ""
		skipped 15 lines
110	110		"configuration": {
111	111		"config-key": "config-value"
112	112		}
113		-	},
114		-	"schema": {
115		-	"version": "7.1.4",
116		-	"url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-7.1.4.json"
117	113		}
118	114		}
119	115

syft/formats/syftjson/test-fixtures/snapshot/stereoscope-fixture-image-simple.golden

Binary file.

■ ■ ■ ■ ■ ■

syft/pkg/cataloger/python/package.go

		skipped 39 lines
40	40		return p
41	41		}
42	42
	43	+	func newPackageForRequirementsWithMetadata(name, version string, metadata pkg.PythonRequirementsMetadata, locations ...source.Location) pkg.Package {
	44	+	p := pkg.Package{
	45	+	Name: name,
	46	+	Version: version,
	47	+	Locations: source.NewLocationSet(locations...),
	48	+	PURL: packageURL(name, version, nil),
	49	+	Language: pkg.Python,
	50	+	Type: pkg.PythonPkg,
	51	+	MetadataType: pkg.PythonRequirementsMetadataType,
	52	+	Metadata: metadata,
	53	+	}
	54	+
	55	+	p.SetID()
	56	+
	57	+	return p
	58	+	}
	59	+
43	60		func newPackageForPackage(m pkg.PythonPackageMetadata, sources ...source.Location) pkg.Package {
44	61		var licenses []string
45	62		if m.License != "" {
		skipped 54 lines

■ ■ ■ ■ ■ ■ ■

syft/pkg/cataloger/python/parse_requirements.go

		skipped 2 lines
3	3		import (
4	4		"bufio"
5	5		"fmt"
	6	+	"regexp"
6	7		"strings"
7	8		"unicode"
8	9
		skipped 6 lines
15	16
16	17		var _ generic.Parser = parseRequirementsTxt
17	18
	19	+	var (
	20	+	extrasRegex = regexp.MustCompile(`\[.*\]`)
	21	+	urlRegex = regexp.MustCompile("@.git.")
	22	+	)
	23	+
18	24		// parseRequirementsTxt takes a Python requirements.txt file, returning all Python packages that are locked to a
19	25		// specific version.
20	26		func parseRequirementsTxt(_ source.FileResolver, _ *generic.Environment, reader source.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
		skipped 2 lines
23	29		scanner := bufio.NewScanner(reader)
24	30		for scanner.Scan() {
25	31		line := scanner.Text()
	32	+	rawLineNoComments := removeTrailingComment(line)
26	33		line = trimRequirementsTxtLine(line)
27	34
28	35		if line == "" {
		skipped 28 lines
57	64		return !unicode.IsLetter(r) && !unicode.IsNumber(r)
58	65		})
59	66
	67	+	// TODO: Update to support more than only ==
	68	+	versionConstraint := fmt.Sprintf("== %s", version)
	69	+
60	70		if name == "" \|\| version == "" {
61	71		log.WithFields("path", reader.RealPath).Debugf("found empty package in requirements.txt line: %q", line)
62	72		continue
63	73		}
64	74		packages = append(
65	75		packages,
66		-	newPackageForIndex(
	76	+	newPackageForRequirementsWithMetadata(
67	77		name,
68	78		version,
	79	+	pkg.PythonRequirementsMetadata{
	80	+	Name: name,
	81	+	Extras: parseExtras(rawLineNoComments),
	82	+	VersionConstraint: versionConstraint,
	83	+	URL: parseURL(rawLineNoComments),
	84	+	Markers: parseMarkers(rawLineNoComments),
	85	+	},
69	86		reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
70	87		),
71	88		)
		skipped 21 lines
93	110		line = strings.TrimSpace(line)
94	111		line = removeTrailingComment(line)
95	112		line = removeEnvironmentMarkers(line)
	113	+	line = checkForRegex(line) // remove extras and url from line if found
96	114
97	115		return line
98	116		}
		skipped 23 lines
122	140		return parts[0]
123	141		}
124	142
	143	+	func parseExtras(packageName string) []string {
	144	+	if extrasRegex.MatchString(packageName) {
	145	+	// Remove square brackets
	146	+	extras := strings.TrimFunc(extrasRegex.FindString(packageName), func(r rune) bool {
	147	+	return !unicode.IsLetter(r) && !unicode.IsNumber(r)
	148	+	})
	149	+
	150	+	// Remove any additional whitespace
	151	+	extras = strings.ReplaceAll(extras, " ", "")
	152	+
	153	+	return strings.Split(extras, ",")
	154	+	}
	155	+
	156	+	return []string{}
	157	+	}
	158	+
	159	+	func parseMarkers(line string) map[string]string {
	160	+	markers := map[string]string{}
	161	+	parts := strings.SplitN(line, ";", 2)
	162	+
	163	+	if len(parts) == 2 {
	164	+	splittableMarkers := parts[1]
	165	+
	166	+	for _, combineString := range []string{" or ", " and "} {
	167	+	splittableMarkers = strings.TrimSpace(
	168	+	strings.ReplaceAll(splittableMarkers, combineString, ","),
	169	+	)
	170	+	}
	171	+
	172	+	splittableMarkers = strings.TrimSpace(splittableMarkers)
	173	+
	174	+	for _, mark := range strings.Split(splittableMarkers, ",") {
	175	+	markparts := strings.Split(mark, " ")
	176	+	markers[markparts[0]] = strings.Join(markparts[1:], " ")
	177	+	}
	178	+	}
	179	+
	180	+	return markers
	181	+	}
	182	+
	183	+	func parseURL(line string) string {
	184	+	parts := strings.Split(line, "@")
	185	+
	186	+	if len(parts) > 1 {
	187	+	desiredIndex := -1
	188	+
	189	+	for index, part := range parts {
	190	+	part := strings.TrimFunc(part, func(r rune) bool {
	191	+	return !unicode.IsLetter(r) && !unicode.IsNumber(r)
	192	+	})
	193	+
	194	+	if strings.HasPrefix(part, "git") {
	195	+	desiredIndex = index
	196	+	break
	197	+	}
	198	+	}
	199	+
	200	+	if desiredIndex != -1 {
	201	+	return strings.TrimSpace(strings.Join(parts[desiredIndex:], "@"))
	202	+	}
	203	+	}
	204	+
	205	+	return ""
	206	+	}
	207	+
	208	+	// function to check a string for all possilbe regex expressions, replacing it if found
	209	+	func checkForRegex(stringToCheck string) string {
	210	+	stringToReturn := stringToCheck
	211	+
	212	+	for _, r := range []*regexp.Regexp{
	213	+	urlRegex,
	214	+	extrasRegex,
	215	+	} {
	216	+	if r.MatchString(stringToCheck) {
	217	+	stringToReturn = r.ReplaceAllString(stringToCheck, "")
	218	+	}
	219	+	}
	220	+
	221	+	return stringToReturn
	222	+	}
	223	+

■ ■ ■ ■ ■ ■

syft/pkg/cataloger/python/parse_requirements_test.go

		skipped 13 lines
14	14		locations := source.NewLocationSet(source.NewLocation(fixture))
15	15		expectedPkgs := []pkg.Package{
16	16		{
17		-	Name: "flask",
18		-	Version: "4.0.0",
19		-	PURL: "pkg:pypi/[email protected]",
20		-	Locations: locations,
21		-	Language: pkg.Python,
22		-	Type: pkg.PythonPkg,
	17	+	Name: "flask",
	18	+	Version: "4.0.0",
	19	+	PURL: "pkg:pypi/[email protected]",
	20	+	Locations: locations,
	21	+	Language: pkg.Python,
	22	+	Type: pkg.PythonPkg,
	23	+	MetadataType: pkg.PythonRequirementsMetadataType,
	24	+	Metadata: pkg.PythonRequirementsMetadata{
	25	+	Name: "flask",
	26	+	Extras: []string{},
	27	+	VersionConstraint: "== 4.0.0",
	28	+	URL: "",
	29	+	Markers: map[string]string{},
	30	+	},
23	31		},
24	32		{
25		-	Name: "foo",
26		-	Version: "1.0.0",
27		-	PURL: "pkg:pypi/[email protected]",
28		-	Locations: locations,
29		-	Language: pkg.Python,
30		-	Type: pkg.PythonPkg,
	33	+	Name: "foo",
	34	+	Version: "1.0.0",
	35	+	PURL: "pkg:pypi/[email protected]",
	36	+	Locations: locations,
	37	+	Language: pkg.Python,
	38	+	Type: pkg.PythonPkg,
	39	+	MetadataType: pkg.PythonRequirementsMetadataType,
	40	+	Metadata: pkg.PythonRequirementsMetadata{
	41	+	Name: "foo",
	42	+	Extras: []string{},
	43	+	VersionConstraint: "== 1.0.0",
	44	+	URL: "",
	45	+	Markers: map[string]string{},
	46	+	},
	47	+	},
	48	+	{
	49	+	Name: "SomeProject",
	50	+	Version: "5.4",
	51	+	PURL: "pkg:pypi/[email protected]",
	52	+	Locations: locations,
	53	+	Language: pkg.Python,
	54	+	Type: pkg.PythonPkg,
	55	+	MetadataType: pkg.PythonRequirementsMetadataType,
	56	+	Metadata: pkg.PythonRequirementsMetadata{
	57	+	Name: "SomeProject",
	58	+	Extras: []string{},
	59	+	VersionConstraint: "== 5.4",
	60	+	URL: "",
	61	+	Markers: map[string]string{"python_version": "< '3.8'"},
	62	+	},
	63	+	},
	64	+	{
	65	+	Name: "argh",
	66	+	Version: "0.26.2",
	67	+	PURL: "pkg:pypi/[email protected]",
	68	+	Locations: locations,
	69	+	Language: pkg.Python,
	70	+	Type: pkg.PythonPkg,
	71	+	MetadataType: pkg.PythonRequirementsMetadataType,
	72	+	Metadata: pkg.PythonRequirementsMetadata{
	73	+	Name: "argh",
	74	+	Extras: []string{},
	75	+	VersionConstraint: "== 0.26.2",
	76	+	URL: "",
	77	+	Markers: map[string]string{},
	78	+	},
	79	+	},
	80	+	{
	81	+	Name: "argh",
	82	+	Version: "0.26.3",
	83	+	PURL: "pkg:pypi/[email protected]",
	84	+	Locations: locations,
	85	+	Language: pkg.Python,
	86	+	Type: pkg.PythonPkg,
	87	+	MetadataType: pkg.PythonRequirementsMetadataType,
	88	+	Metadata: pkg.PythonRequirementsMetadata{
	89	+	Name: "argh",
	90	+	Extras: []string{},
	91	+	VersionConstraint: "== 0.26.3",
	92	+	URL: "",
	93	+	Markers: map[string]string{},
	94	+	},
31	95		},
32	96		{
33		-	Name: "SomeProject",
34		-	Version: "5.4",
35		-	PURL: "pkg:pypi/SomeProject@5.4",
36		-	Locations: locations,
37		-	Language: pkg.Python,
38		-	Type: pkg.PythonPkg,
	97	+	Name: "celery",
	98	+	Version: "4.4.7",
	99	+	PURL: "pkg:pypi/celery@4.4.7",
	100	+	Locations: locations,
	101	+	Language: pkg.Python,
	102	+	Type: pkg.PythonPkg,
	103	+	MetadataType: pkg.PythonRequirementsMetadataType,
	104	+	Metadata: pkg.PythonRequirementsMetadata{
	105	+	Name: "celery",
	106	+	Extras: []string{"redis", "pytest"},
	107	+	VersionConstraint: "== 4.4.7",
	108	+	URL: "",
	109	+	Markers: map[string]string{},
	110	+	},
39	111		},
40	112		{
41		-	Name: "argh",
42		-	Version: "0.26.2",
43		-	PURL: "pkg:pypi/argh@0.26.2",
44		-	Locations: locations,
45		-	Language: pkg.Python,
46		-	Type: pkg.PythonPkg,
	113	+	Name: "requests",
	114	+	Version: "2.8",
	115	+	PURL: "pkg:pypi/requests@2.8",
	116	+	Locations: locations,
	117	+	Language: pkg.Python,
	118	+	Type: pkg.PythonPkg,
	119	+	MetadataType: pkg.PythonRequirementsMetadataType,
	120	+	Metadata: pkg.PythonRequirementsMetadata{
	121	+	Name: "requests",
	122	+	Extras: []string{"security"},
	123	+	VersionConstraint: "== 2.8",
	124	+	URL: "",
	125	+	Markers: map[string]string{
	126	+	"python_version": `< "2.7"`,
	127	+	"sys_platform": `== "linux"`,
	128	+	},
	129	+	},
47	130		},
48	131		{
49		-	Name: "argh",
50		-	Version: "0.26.3",
51		-	PURL: "pkg:pypi/argh@0.26.3",
52		-	Locations: locations,
53		-	Language: pkg.Python,
54		-	Type: pkg.PythonPkg,
	132	+	Name: "GithubSampleProject",
	133	+	Version: "3.7.1",
	134	+	PURL: "pkg:pypi/GithubSampleProject@3.7.1",
	135	+	Locations: locations,
	136	+	Language: pkg.Python,
	137	+	Type: pkg.PythonPkg,
	138	+	MetadataType: pkg.PythonRequirementsMetadataType,
	139	+	Metadata: pkg.PythonRequirementsMetadata{
	140	+	Name: "GithubSampleProject",
	141	+	Extras: []string{},
	142	+	VersionConstraint: "== 3.7.1",
	143	+	URL: "git+https://github.com/owner/repo@releases/tag/v3.7.1",
	144	+	Markers: map[string]string{},
	145	+	},
55	146		},
56	147		}
57	148
		skipped 5 lines

■ ■ ■ ■ ■ ■

syft/pkg/cataloger/python/test-fixtures/requires/requirements.txt

		skipped 16 lines
17	17		# CommentedOut == 1.2.3
18	18		# maybe invalid, but found out in the wild
19	19		==2.3.4
	20	+	celery[redis, pytest] == 4.4.7 # should remove [redis, pytest]
	21	+	requests[security] == 2.8.* ; python_version < "2.7" and sys_platform == "linux"
	22	+	GithubSampleProject == 3.7.1 @ git+https://github.com/owner/repo@releases/tag/v3.7.1
	23	+

■ ■ ■ ■ ■ ■

syft/pkg/metadata.go

		skipped 35 lines
36	36		PortageMetadataType MetadataType = "PortageMetadata"
37	37		PythonPackageMetadataType MetadataType = "PythonPackageMetadata"
38	38		PythonPipfileLockMetadataType MetadataType = "PythonPipfileLockMetadata"
	39	+	PythonRequirementsMetadataType MetadataType = "PythonRequirementsMetadata"
39	40		RebarLockMetadataType MetadataType = "RebarLockMetadataType"
40	41		RpmMetadataType MetadataType = "RpmMetadata"
41	42		RustCargoPackageMetadataType MetadataType = "RustCargoPackageMetadata"
		skipped 25 lines
67	68		PortageMetadataType,
68	69		PythonPackageMetadataType,
69	70		PythonPipfileLockMetadataType,
	71	+	PythonRequirementsMetadataType,
70	72		RebarLockMetadataType,
71	73		RpmMetadataType,
72	74		RustCargoPackageMetadataType,
		skipped 25 lines
98	100		PortageMetadataType: reflect.TypeOf(PortageMetadata{}),
99	101		PythonPackageMetadataType: reflect.TypeOf(PythonPackageMetadata{}),
100	102		PythonPipfileLockMetadataType: reflect.TypeOf(PythonPipfileLockMetadata{}),
	103	+	PythonRequirementsMetadataType: reflect.TypeOf(PythonRequirementsMetadata{}),
101	104		RebarLockMetadataType: reflect.TypeOf(RebarLockMetadata{}),
102	105		RpmMetadataType: reflect.TypeOf(RpmMetadata{}),
103	106		RustCargoPackageMetadataType: reflect.TypeOf(CargoPackageMetadata{}),
		skipped 12 lines

■ ■ ■ ■ ■ ■

syft/pkg/python_requirements_metadata.go

1	+	package pkg
2	+
3	+	type PythonRequirementsMetadata struct {
4	+	Name string `json:"name" mapstruct:"Name"`
5	+	Extras []string `json:"extras" mapstruct:"Extras"`
6	+	VersionConstraint string `json:"versionConstraint" mapstruct:"VersionConstraint"`
7	+	URL string `json:"url" mapstruct:"URL"`
8	+	Markers map[string]string `json:"markers" mapstruct:"Markers"`
9	+	}
10	+