Add ruby.NewGemSpecCataloger to DirectoryCatalogers. (#1971)

* Add ruby.NewGemSpecCataloger to DirectoryCatalogers. Signed-off-by: Evan <chaol@vmware.com> * fixed tests Signed-off-by: Evan <chaol@vmware.com> * Addressed review comment Signed-off-by: Evan <chaol@vmware.com> * Remove NewInstalledGemSpecCataloger from default dir catalogers Because the files that the installed gemspec cataloger work off of are a subset of the files that the more general gemspec cataloger will work off of, we shouldn't have both of them on by default, since this could result in finding the same package twice. Signed-off-by: Will Murphy <will.murphy@anchore.com> --------- Signed-off-by: Evan <chaol@vmware.com> Signed-off-by: Will Murphy <will.murphy@anchore.com> Co-authored-by: Will Murphy <will.murphy@anchore.com>
2024-09-20 06:01:53 +00:00 · 2023-10-23 20:49:57 +08:00 · 2023-10-23 20:49:57 +08:00 · 671ff39933
commit 671ff39933
parent 263be01faa
3 changed files with 13 additions and 3 deletions
--- a/syft/pkg/cataloger/cataloger.go
+++ b/syft/pkg/cataloger/cataloger.go
@ -57,7 +57,7 @@ func ImageCatalogers(cfg Config) []pkg.Cataloger {
 		python.NewPythonPackageCataloger(),
 		r.NewPackageCataloger(),
 		rpm.NewRpmDBCataloger(),
-		ruby.NewGemSpecCataloger(),
+		ruby.NewInstalledGemSpecCataloger(),
 		sbom.NewSBOMCataloger(),
 	}, cfg.Catalogers)
 }
@ -93,6 +93,7 @@ func DirectoryCatalogers(cfg Config) []pkg.Cataloger {
 		rpm.NewFileCataloger(),
 		rpm.NewRpmDBCataloger(),
 		ruby.NewGemFileLockCataloger(),
+		ruby.NewGemSpecCataloger(),
 		rust.NewCargoLockCataloger(),
 		sbom.NewSBOMCataloger(),
 		swift.NewCocoapodsCataloger(),
@ -136,6 +137,7 @@ func AllCatalogers(cfg Config) []pkg.Cataloger {
 		rpm.NewRpmDBCataloger(),
 		ruby.NewGemFileLockCataloger(),
 		ruby.NewGemSpecCataloger(),
+		ruby.NewInstalledGemSpecCataloger(),
 		rust.NewAuditBinaryCataloger(),
 		rust.NewCargoLockCataloger(),
 		sbom.NewSBOMCataloger(),
--- a/syft/pkg/cataloger/ruby/catalogers.go
+++ b/syft/pkg/cataloger/ruby/catalogers.go
@ -13,8 +13,14 @@ func NewGemFileLockCataloger() *generic.Cataloger {
 		WithParserByGlobs(parseGemFileLockEntries, "**/Gemfile.lock")
 }

-// NewGemSpecCataloger returns a new Bundler cataloger object tailored for detecting installations of gems (e.g. Gemspec).
-func NewGemSpecCataloger() *generic.Cataloger {
+// NewInstalledGemSpecCataloger returns a new Bundler cataloger object tailored for detecting installations of gems (e.g. Gemspec).
+func NewInstalledGemSpecCataloger() *generic.Cataloger {
 	return generic.NewCataloger("ruby-gemspec-cataloger").
 		WithParserByGlobs(parseGemSpecEntries, "**/specifications/**/*.gemspec")
 }
+
+// NewGemSpecCataloger looks for gems with a broader scope.
+func NewGemSpecCataloger() *generic.Cataloger {
+	return generic.NewCataloger("ruby-gemspec-cataloger").
+		WithParserByGlobs(parseGemSpecEntries, "**/*.gemspec")
+}
--- a/test/integration/catalog_packages_cases_test.go
+++ b/test/integration/catalog_packages_cases_test.go
@ -94,6 +94,7 @@ var dirOnlyTestCases = []testCase{
 			"arel":                 "5.0.1.20140414130214",
 			"bootstrap-sass":       "3.1.1.1",
 			"builder":              "3.2.2",
+			"bundler":              "2.1.4",
 			"coffee-rails":         "4.0.1",
 			"coffee-script":        "2.2.0",
 			"coffee-script-source": "1.7.0",
@ -136,6 +137,7 @@ var dirOnlyTestCases = []testCase{
 			"turbolinks":           "3.0.0",
 			"tzinfo":               "1.2.0",
 			"uglifier":             "2.5.0",
+			"unbundler":            "3.1.4",
 			"unicorn":              "4.8.3",
 		},
 	},