crash.software
Projects
Pull Requests
Issues
Builds
syft
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY syft Commits b2b332e8
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    README.md
    skipped 260 lines
    261 261   
    262 262  Syft also includes a vast array of utility templating functions from [sprig](http://masterminds.github.io/sprig/) apart from the default Golang [text/template](https://pkg.go.dev/text/template#hdr-Functions) to allow users to customize the output format.
    263 263   
     264 +Lastly, Syft has custom templating functions defined in `./syft/format/template/encoder.go` to help parse the passed-in JSON structs.
     265 + 
    264 266  ## Multiple outputs
    265 267   
    266 268  Syft can also output _multiple_ files in differing formats by appending
    skipped 425 lines
  • ■ ■ ■ ■ ■ ■
    syft/formats/internal/testutils/utils.go
    skipped 234 lines
    235 235   }
    236 236  }
    237 237   
     238 +func DirectoryInputWithAuthorField(t testing.TB) sbom.SBOM {
     239 + catalog := newDirectoryCatalogWithAuthorField()
     240 + 
     241 + src, err := source.NewFromDirectory("/some/path")
     242 + assert.NoError(t, err)
     243 + 
     244 + return sbom.SBOM{
     245 + Artifacts: sbom.Artifacts{
     246 + PackageCatalog: catalog,
     247 + LinuxDistribution: &linux.Release{
     248 + PrettyName: "debian",
     249 + Name: "debian",
     250 + ID: "debian",
     251 + IDLike: []string{"like!"},
     252 + Version: "1.2.3",
     253 + VersionID: "1.2.3",
     254 + },
     255 + },
     256 + Source: src.Metadata,
     257 + Descriptor: sbom.Descriptor{
     258 + Name: "syft",
     259 + Version: "v0.42.0-bogus",
     260 + // the application configuration should be persisted here, however, we do not want to import
     261 + // the application configuration in this package (it's reserved only for ingestion by the cmd package)
     262 + Configuration: map[string]string{
     263 + "config-key": "config-value",
     264 + },
     265 + },
     266 + }
     267 +}
     268 + 
    238 269  func newDirectoryCatalog() *pkg.Catalog {
    239 270   catalog := pkg.NewCatalog()
    240 271   
    skipped 12 lines
    253 284   Metadata: pkg.PythonPackageMetadata{
    254 285   Name: "package-1",
    255 286   Version: "1.0.1",
     287 + Files: []pkg.PythonFileRecord{
     288 + {
     289 + Path: "/some/path/pkg1/dependencies/foo",
     290 + },
     291 + },
     292 + },
     293 + PURL: "a-purl-2", // intentionally a bad pURL for test fixtures
     294 + CPEs: []cpe.CPE{
     295 + cpe.Must("cpe:2.3:*:some:package:2:*:*:*:*:*:*:*"),
     296 + },
     297 + })
     298 + catalog.Add(pkg.Package{
     299 + Name: "package-2",
     300 + Version: "2.0.1",
     301 + Type: pkg.DebPkg,
     302 + FoundBy: "the-cataloger-2",
     303 + Locations: source.NewLocationSet(
     304 + source.NewLocation("/some/path/pkg1"),
     305 + ),
     306 + MetadataType: pkg.DpkgMetadataType,
     307 + Metadata: pkg.DpkgMetadata{
     308 + Package: "package-2",
     309 + Version: "2.0.1",
     310 + },
     311 + PURL: "pkg:deb/debian/[email protected]",
     312 + CPEs: []cpe.CPE{
     313 + cpe.Must("cpe:2.3:*:some:package:2:*:*:*:*:*:*:*"),
     314 + },
     315 + })
     316 + 
     317 + return catalog
     318 +}
     319 + 
     320 +func newDirectoryCatalogWithAuthorField() *pkg.Catalog {
     321 + catalog := pkg.NewCatalog()
     322 + 
     323 + // populate catalog with test data
     324 + catalog.Add(pkg.Package{
     325 + Name: "package-1",
     326 + Version: "1.0.1",
     327 + Type: pkg.PythonPkg,
     328 + FoundBy: "the-cataloger-1",
     329 + Locations: source.NewLocationSet(
     330 + source.NewLocation("/some/path/pkg1"),
     331 + ),
     332 + Language: pkg.Python,
     333 + MetadataType: pkg.PythonPackageMetadataType,
     334 + Licenses: []string{"MIT"},
     335 + Metadata: pkg.PythonPackageMetadata{
     336 + Name: "package-1",
     337 + Version: "1.0.1",
     338 + Author: "test-author",
    256 339   Files: []pkg.PythonFileRecord{
    257 340   {
    258 341   Path: "/some/path/pkg1/dependencies/foo",
    skipped 52 lines
  • ■ ■ ■ ■ ■ ■
    syft/formats/template/encoder.go
    skipped 44 lines
    45 45   
    46 46   return 0
    47 47   }
     48 + // Checks if a field is defined
     49 + f["hasField"] = func(obj interface{}, field string) bool {
     50 + t := reflect.TypeOf(obj)
     51 + _, ok := t.FieldByName(field)
     52 + return ok
     53 + }
    48 54   return f
    49 55  }()
    50 56   
  • ■ ■ ■ ■ ■ ■
    syft/formats/template/encoder_test.go
    skipped 23 lines
    24 24   
    25 25  }
    26 26   
     27 +func TestFormatWithOptionAndHasField(t *testing.T) {
     28 + f := OutputFormat{}
     29 + f.SetTemplatePath("test-fixtures/csv-hasField.template")
     30 + 
     31 + testutils.AssertEncoderAgainstGoldenSnapshot(t,
     32 + f,
     33 + testutils.DirectoryInputWithAuthorField(t),
     34 + *updateTmpl,
     35 + false,
     36 + )
     37 + 
     38 +}
     39 + 
    27 40  func TestFormatWithoutOptions(t *testing.T) {
    28 41   f := Format()
    29 42   err := f.Encode(nil, testutils.DirectoryInput(t))
    skipped 3 lines
  • ■ ■ ■ ■ ■ ■
    syft/formats/template/test-fixtures/csv-hasField.template
     1 +"Package","Version Installed","Found by","Author"
     2 +{{- range .Artifacts}}
     3 +"{{.Name}}","{{.Version}}","{{.FoundBy}}","{{ if hasField .Metadata "Author" }}{{.Metadata.Author}}{{ else }}NO AUTHOR SUPPLIED{{end}}"
     4 +{{- end}}
  • ■ ■ ■ ■ ■ ■
    syft/formats/template/test-fixtures/snapshot/TestFormatWithOptionAndHasField.golden
     1 +"Package","Version Installed","Found by","Author"
     2 +"package-1","1.0.1","the-cataloger-1","test-author"
     3 +"package-2","2.0.1","the-cataloger-2","NO AUTHOR SUPPLIED"
Please wait...
Page is in error, reload to recover