Mirrors/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft synced 2024-11-10 06:14:16 +00:00
Code Issues Projects Releases Packages Wiki Activity

fix: Improve pnpm support (#1752)

Browse source 
Signed-off-by: Shane Dell <shanedell100@gmail.com>
This commit is contained in:
Shane Dell 2023-04-21 13:58:23 -04:00 committed by GitHub
parent b2b332e8b2
commit 13485ca5e7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 24 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
syft/pkg/cataloger/javascript/parse_pnpm_lock.go
View file

@ -3,6 +3,7 @@ package javascript
import (
"fmt"
"io"
"strings"
"gopkg.in/yaml.v3"
@ -16,7 +17,8 @@ import (
var _ generic.Parser = parsePnpmLock
type pnpmLockYaml struct {
Dependencies map[string]string `json:"dependencies"`
Dependencies map[string]string `json:"dependencies"`
Packages map[string]interface{} `json:"packages"`
}
func parsePnpmLock(resolver source.FileResolver, _ *generic.Environment, reader source.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
@ -36,6 +38,19 @@ func parsePnpmLock(resolver source.FileResolver, _ *generic.Environment, reader
pkgs = append(pkgs, newPnpmPackage(resolver, reader.Location, name, version))
}
// parse packages from packages section of pnpm-lock.yaml
for nameVersion := range lockFile.Packages {
nameVersionSplit := strings.Split(strings.TrimPrefix(nameVersion, "/"), "/")
// last element in split array is version
version := nameVersionSplit[len(nameVersionSplit)-1]
// construct name from all array items other than last item (version)
name := strings.Join(nameVersionSplit[:len(nameVersionSplit)-1], "/")
pkgs = append(pkgs, newPnpmPackage(resolver, reader.Location, name, version))
}
pkg.Sort(pkgs)
return pkgs, nil, nil

8
syft/pkg/cataloger/javascript/parse_pnpm_lock_test.go
View file

@ -40,6 +40,14 @@ func TestParsePnpmLock(t *testing.T) {
Language: pkg.JavaScript,
Type: pkg.NpmPkg,
},
{
Name: "@bcoe/v8-coverage",
Version: "0.2.3",
PURL: "pkg:npm/%40bcoe/v8-coverage@0.2.3",
Locations: locationSet,
Language: pkg.JavaScript,
Type: pkg.NpmPkg,
},
}
pkgtest.TestFileParser(t, fixture, parsePnpmLock, expectedPkgs, expectedRelationships)