diff --git a/.github/workflows/update-bootstrap-tools.yml b/.github/workflows/update-bootstrap-tools.yml index 8d46bce6d..947fb2fd0 100644 --- a/.github/workflows/update-bootstrap-tools.yml +++ b/.github/workflows/update-bootstrap-tools.yml @@ -26,6 +26,7 @@ jobs: BOUNCER_LATEST_VERSION=$(go list -m -json github.com/wagoodman/go-bouncer@latest 2>/dev/null | jq -r '.Version') CHRONICLE_LATEST_VERSION=$(go list -m -json github.com/anchore/chronicle@latest 2>/dev/null | jq -r '.Version') GORELEASER_LATEST_VERSION=$(go list -m -json github.com/goreleaser/goreleaser@latest 2>/dev/null | jq -r '.Version') + GOSIMPORTS_LATEST_VERSION=$(go list -m -json github.com/rinchsan/gosimports@latest 2>/dev/null | jq -r '.Version') YAJSV_LATEST_VERSION=$(go list -m -json github.com/neilpa/yajsv@latest 2>/dev/null | jq -r '.Version') COSIGN_LATEST_VERSION=$(go list -m -json github.com/sigstore/cosign@latest 2>/dev/null | jq -r '.Version') @@ -34,6 +35,7 @@ jobs: sed -r -i -e 's/^(BOUNCER_VERSION = ).*/\1'${BOUNCER_LATEST_VERSION}'/' Makefile sed -r -i -e 's/^(CHRONICLE_VERSION = ).*/\1'${CHRONICLE_LATEST_VERSION}'/' Makefile sed -r -i -e 's/^(GORELEASER_VERSION = ).*/\1'${GORELEASER_LATEST_VERSION}'/' Makefile + sed -r -i -e 's/^(GOSIMPORTS_VERSION = ).*/\1'${GOSIMPORTS_LATEST_VERSION}'/' Makefile sed -r -i -e 's/^(YAJSV_VERSION = ).*/\1'${YAJSV_LATEST_VERSION}'/' Makefile sed -r -i -e 's/^(COSIGN_VERSION = ).*/\1'${COSIGN_LATEST_VERSION}'/' Makefile @@ -46,6 +48,7 @@ jobs: echo "::set-output name=BOUNCER::$BOUNCER_LATEST_VERSION" echo "::set-output name=CHRONICLE::$CHRONICLE_LATEST_VERSION" echo "::set-output name=GORELEASER::$GORELEASER_LATEST_VERSION" + echo "::set-output name=GOSIMPORTS::$GOSIMPORTS_LATEST_VERSION" echo "::set-output name=YAJSV::$YAJSV_LATEST_VERSION" echo "::set-output name=COSIGN::$COSIGN_LATEST_VERSION" id: latest-versions @@ -69,6 +72,7 @@ jobs: - [bouncer ${{ steps.latest-versions.outputs.BOUNCER }}](https://github.com/wagoodman/go-bouncer/releases/tag/${{ steps.latest-versions.outputs.BOUNCER }}) - [chronicle ${{ steps.latest-versions.outputs.CHRONICLE }}](https://github.com/anchore/chronicle/releases/tag/${{ steps.latest-versions.outputs.CHRONICLE }}) - [goreleaser ${{ steps.latest-versions.outputs.GORELEASER }}](https://github.com/goreleaser/goreleaser/releases/tag/${{ steps.latest-versions.outputs.GORELEASER }}) + - [gosimports ${{ steps.latest-versions.outputs.GOSIMPORTS }}](https://github.com/rinchsan/gosimports/releases/tag/${{ steps.latest-versions.outputs.GOSIMPORTS }}) - [yajsv ${{ steps.latest-versions.outputs.YAJSV }}](https://github.com/neilpa/yajsv/releases/tag/${{ steps.latest-versions.outputs.YAJSV }}) - [cosign ${{ steps.latest-versions.outputs.COSIGN }}](https://github.com/sigstore/cosign/releases/tag/${{ steps.latest-versions.outputs.COSIGN }}) This is an auto-generated pull request to update all of the bootstrap tools to the latest versions. diff --git a/.golangci.yaml b/.golangci.yaml index 536445ff8..75f0538bf 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -22,7 +22,6 @@ linters: - gocritic - gocyclo - gofmt - - goimports - goprintffuncname - gosec - gosimple @@ -49,6 +48,7 @@ linters: # - godot # - godox # - goerr113 +# - goimports # we're using gosimports now instead to account for extra whitespaces (see https://github.com/golang/go/issues/20818) # - golint # deprecated # - gomnd # this is too aggressive # - interfacer # this is a good idea, but is no longer supported and is prone to false positives diff --git a/Makefile b/Makefile index f7091a648..d673bf801 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,7 @@ RESULTSDIR = test/results COVER_REPORT = $(RESULTSDIR)/unit-coverage-details.txt COVER_TOTAL = $(RESULTSDIR)/unit-coverage-summary.txt LINTCMD = $(TEMPDIR)/golangci-lint run --tests=false --timeout=4m --config .golangci.yaml +GOIMPORTS_CMD = $(TEMPDIR)/gosimports -local github.com/anchore RELEASE_CMD=$(TEMPDIR)/goreleaser release --rm-dist SNAPSHOT_CMD=$(RELEASE_CMD) --skip-publish --snapshot VERSION=$(shell git describe --dirty --always --tags) @@ -12,6 +13,7 @@ COMPARE_DIR = ./test/compare GOLANGCILINT_VERSION = v1.49.0 BOUNCER_VERSION = v0.4.0 CHRONICLE_VERSION = v0.4.1 +GOSIMPORTS_VERSION = v0.3.1 GORELEASER_VERSION = v1.11.2 YAJSV_VERSION = v1.4.0 COSIGN_VERSION = v1.11.1 @@ -116,6 +118,8 @@ bootstrap-tools: $(TEMPDIR) curl -sSfL https://raw.githubusercontent.com/wagoodman/go-bouncer/master/bouncer.sh | sh -s -- -b $(TEMPDIR)/ $(BOUNCER_VERSION) curl -sSfL https://raw.githubusercontent.com/anchore/chronicle/main/install.sh | sh -s -- -b $(TEMPDIR)/ $(CHRONICLE_VERSION) .github/scripts/goreleaser-install.sh -d -b $(TEMPDIR)/ $(GORELEASER_VERSION) + # the only difference between goimports and gosimports is that gosimports removes extra whitespace between import blocks (see https://github.com/golang/go/issues/20818) + GOBIN="$(realpath $(TEMPDIR))" go install github.com/rinchsan/gosimports/cmd/gosimports@$(GOSIMPORTS_VERSION) GOBIN="$(realpath $(TEMPDIR))" go install github.com/neilpa/yajsv@$(YAJSV_VERSION) GOBIN="$(realpath $(TEMPDIR))" go install github.com/sigstore/cosign/cmd/cosign@$(COSIGN_VERSION) @@ -139,6 +143,7 @@ lint: ## Run gofmt + golangci lint checks # run all golangci-lint rules $(LINTCMD) + @[ -z "$(shell $(GOIMPORTS_CMD) -d .)" ] || (echo "goimports needs to be fixed" && false) # go tooling does not play well with certain filename characters, ensure the common cases don't result in future "go get" failures $(eval MALFORMED_FILENAMES := $(shell find . | grep -e ':')) @@ -148,6 +153,7 @@ lint: ## Run gofmt + golangci lint checks lint-fix: ## Auto-format all source code + run golangci lint fixers $(call title,Running lint fixers) gofmt -w -s . + $(GOIMPORTS_CMD) -w . $(LINTCMD) --fix go mod tidy diff --git a/cmd/syft/cli/attest.go b/cmd/syft/cli/attest.go index e102144d2..91feb929a 100644 --- a/cmd/syft/cli/attest.go +++ b/cmd/syft/cli/attest.go @@ -4,14 +4,14 @@ import ( "fmt" "log" + sigopts "github.com/sigstore/cosign/cmd/cosign/cli/options" + "github.com/spf13/cobra" + "github.com/spf13/viper" + "github.com/anchore/syft/cmd/syft/cli/attest" "github.com/anchore/syft/cmd/syft/cli/options" "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/config" - "github.com/spf13/cobra" - "github.com/spf13/viper" - - sigopts "github.com/sigstore/cosign/cmd/cosign/cli/options" ) const ( diff --git a/cmd/syft/cli/attest/attest.go b/cmd/syft/cli/attest/attest.go index 43b6d8549..26f7fed11 100644 --- a/cmd/syft/cli/attest/attest.go +++ b/cmd/syft/cli/attest/attest.go @@ -7,24 +7,6 @@ import ( "fmt" "os" - "github.com/wagoodman/go-progress" - - "github.com/anchore/stereoscope" - "github.com/anchore/stereoscope/pkg/image" - "github.com/anchore/syft/cmd/syft/cli/eventloop" - "github.com/anchore/syft/cmd/syft/cli/options" - "github.com/anchore/syft/cmd/syft/cli/packages" - "github.com/anchore/syft/internal/bus" - "github.com/anchore/syft/internal/config" - "github.com/anchore/syft/internal/log" - "github.com/anchore/syft/internal/ui" - "github.com/anchore/syft/syft" - "github.com/anchore/syft/syft/event" - "github.com/anchore/syft/syft/formats/cyclonedxjson" - "github.com/anchore/syft/syft/formats/spdx22json" - "github.com/anchore/syft/syft/formats/syftjson" - "github.com/anchore/syft/syft/sbom" - "github.com/anchore/syft/syft/source" "github.com/google/go-containerregistry/pkg/name" v1 "github.com/google/go-containerregistry/pkg/v1" "github.com/in-toto/in-toto-golang/in_toto" @@ -43,9 +25,26 @@ import ( "github.com/sigstore/rekor/pkg/generated/client" "github.com/sigstore/rekor/pkg/generated/models" "github.com/sigstore/sigstore/pkg/signature/dsse" - "github.com/wagoodman/go-partybus" - signatureoptions "github.com/sigstore/sigstore/pkg/signature/options" + "github.com/wagoodman/go-partybus" + "github.com/wagoodman/go-progress" + + "github.com/anchore/stereoscope" + "github.com/anchore/stereoscope/pkg/image" + "github.com/anchore/syft/cmd/syft/cli/eventloop" + "github.com/anchore/syft/cmd/syft/cli/options" + "github.com/anchore/syft/cmd/syft/cli/packages" + "github.com/anchore/syft/internal/bus" + "github.com/anchore/syft/internal/config" + "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/internal/ui" + "github.com/anchore/syft/syft" + "github.com/anchore/syft/syft/event" + "github.com/anchore/syft/syft/formats/cyclonedxjson" + "github.com/anchore/syft/syft/formats/spdx22json" + "github.com/anchore/syft/syft/formats/syftjson" + "github.com/anchore/syft/syft/sbom" + "github.com/anchore/syft/syft/source" ) var ( diff --git a/cmd/syft/cli/attest/password.go b/cmd/syft/cli/attest/password.go index 89520a0e9..c65367931 100644 --- a/cmd/syft/cli/attest/password.go +++ b/cmd/syft/cli/attest/password.go @@ -7,9 +7,10 @@ import ( "os" "strings" + "github.com/sigstore/cosign/pkg/cosign" + "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/log" - "github.com/sigstore/cosign/pkg/cosign" ) func selectPassFunc(keypath, password string) (cosign.PassFunc, error) { diff --git a/cmd/syft/cli/commands.go b/cmd/syft/cli/commands.go index d1adaff78..17d38fd8e 100644 --- a/cmd/syft/cli/commands.go +++ b/cmd/syft/cli/commands.go @@ -4,22 +4,22 @@ import ( "fmt" "strings" - "github.com/anchore/stereoscope" - "github.com/anchore/syft/internal/logger" - "github.com/anchore/syft/syft" - - "github.com/anchore/syft/cmd/syft/cli/options" - "github.com/anchore/syft/internal" - "github.com/anchore/syft/internal/bus" - "github.com/anchore/syft/internal/config" - "github.com/anchore/syft/internal/log" - "github.com/anchore/syft/internal/version" - "github.com/anchore/syft/syft/event" cranecmd "github.com/google/go-containerregistry/cmd/crane/cmd" "github.com/gookit/color" "github.com/spf13/cobra" "github.com/spf13/viper" "github.com/wagoodman/go-partybus" + + "github.com/anchore/stereoscope" + "github.com/anchore/syft/cmd/syft/cli/options" + "github.com/anchore/syft/internal" + "github.com/anchore/syft/internal/bus" + "github.com/anchore/syft/internal/config" + "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/internal/logger" + "github.com/anchore/syft/internal/version" + "github.com/anchore/syft/syft" + "github.com/anchore/syft/syft/event" ) const indent = " " diff --git a/cmd/syft/cli/convert.go b/cmd/syft/cli/convert.go index 51e46e75d..a2bf4c737 100644 --- a/cmd/syft/cli/convert.go +++ b/cmd/syft/cli/convert.go @@ -4,12 +4,13 @@ import ( "fmt" "log" + "github.com/spf13/cobra" + "github.com/spf13/viper" + "github.com/anchore/syft/cmd/syft/cli/convert" "github.com/anchore/syft/cmd/syft/cli/options" "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/config" - "github.com/spf13/cobra" - "github.com/spf13/viper" ) const ( diff --git a/cmd/syft/cli/eventloop/event_loop.go b/cmd/syft/cli/eventloop/event_loop.go index 396dd7491..e86464b0f 100644 --- a/cmd/syft/cli/eventloop/event_loop.go +++ b/cmd/syft/cli/eventloop/event_loop.go @@ -5,10 +5,11 @@ import ( "fmt" "os" - "github.com/anchore/syft/internal/log" - "github.com/anchore/syft/internal/ui" "github.com/hashicorp/go-multierror" "github.com/wagoodman/go-partybus" + + "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/internal/ui" ) // eventLoop listens to worker errors (from execution path), worker events (from a partybus subscription), and diff --git a/cmd/syft/cli/eventloop/event_loop_test.go b/cmd/syft/cli/eventloop/event_loop_test.go index d2a12fd52..2b76bcb65 100644 --- a/cmd/syft/cli/eventloop/event_loop_test.go +++ b/cmd/syft/cli/eventloop/event_loop_test.go @@ -7,11 +7,12 @@ import ( "testing" "time" - "github.com/anchore/syft/internal/ui" - "github.com/anchore/syft/syft/event" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/wagoodman/go-partybus" + + "github.com/anchore/syft/internal/ui" + "github.com/anchore/syft/syft/event" ) var _ ui.UI = (*uiMock)(nil) diff --git a/cmd/syft/cli/options/packages.go b/cmd/syft/cli/options/packages.go index f810c1d5c..d6783bf6f 100644 --- a/cmd/syft/cli/options/packages.go +++ b/cmd/syft/cli/options/packages.go @@ -3,13 +3,14 @@ package options import ( "fmt" + "github.com/spf13/cobra" + "github.com/spf13/pflag" + "github.com/spf13/viper" + "github.com/anchore/syft/syft" "github.com/anchore/syft/syft/formats/table" "github.com/anchore/syft/syft/pkg/cataloger" "github.com/anchore/syft/syft/source" - "github.com/spf13/cobra" - "github.com/spf13/pflag" - "github.com/spf13/viper" ) type PackagesOptions struct { diff --git a/cmd/syft/cli/options/writer.go b/cmd/syft/cli/options/writer.go index 355617896..d93e1db03 100644 --- a/cmd/syft/cli/options/writer.go +++ b/cmd/syft/cli/options/writer.go @@ -4,11 +4,12 @@ import ( "fmt" "strings" + "github.com/hashicorp/go-multierror" + "github.com/anchore/syft/syft" "github.com/anchore/syft/syft/formats/table" "github.com/anchore/syft/syft/formats/template" "github.com/anchore/syft/syft/sbom" - "github.com/hashicorp/go-multierror" ) // makeWriter creates a sbom.Writer for output or returns an error. this will either return a valid writer diff --git a/cmd/syft/cli/packages.go b/cmd/syft/cli/packages.go index f08c99572..2b6fd69b6 100644 --- a/cmd/syft/cli/packages.go +++ b/cmd/syft/cli/packages.go @@ -4,13 +4,13 @@ import ( "fmt" "log" - "github.com/anchore/syft/cmd/syft/cli/options" + "github.com/spf13/cobra" + "github.com/spf13/viper" + "github.com/anchore/syft/cmd/syft/cli/options" "github.com/anchore/syft/cmd/syft/cli/packages" "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/config" - "github.com/spf13/cobra" - "github.com/spf13/viper" ) const ( diff --git a/cmd/syft/cli/packages/packages.go b/cmd/syft/cli/packages/packages.go index 0e0ada8bf..55954b1ec 100644 --- a/cmd/syft/cli/packages/packages.go +++ b/cmd/syft/cli/packages/packages.go @@ -6,6 +6,8 @@ import ( "io/ioutil" "os" + "github.com/wagoodman/go-partybus" + "github.com/anchore/stereoscope" "github.com/anchore/syft/cmd/syft/cli/eventloop" "github.com/anchore/syft/cmd/syft/cli/options" @@ -22,7 +24,6 @@ import ( "github.com/anchore/syft/syft/formats/template" "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" - "github.com/wagoodman/go-partybus" ) func Run(ctx context.Context, app *config.Application, args []string) error { diff --git a/cmd/syft/cli/poweruser.go b/cmd/syft/cli/poweruser.go index 65d4cc6bf..f02b85e98 100644 --- a/cmd/syft/cli/poweruser.go +++ b/cmd/syft/cli/poweruser.go @@ -3,12 +3,13 @@ package cli import ( "fmt" + "github.com/spf13/cobra" + "github.com/spf13/viper" + "github.com/anchore/syft/cmd/syft/cli/options" "github.com/anchore/syft/cmd/syft/cli/poweruser" "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/config" - "github.com/spf13/cobra" - "github.com/spf13/viper" ) const powerUserExample = ` {{.appName}} {{.command}} diff --git a/cmd/syft/cli/poweruser/poweruser.go b/cmd/syft/cli/poweruser/poweruser.go index 6fda101ec..9c7735964 100644 --- a/cmd/syft/cli/poweruser/poweruser.go +++ b/cmd/syft/cli/poweruser/poweruser.go @@ -5,6 +5,9 @@ import ( "fmt" "os" + "github.com/gookit/color" + "github.com/wagoodman/go-partybus" + "github.com/anchore/stereoscope" "github.com/anchore/syft/cmd/syft/cli/eventloop" "github.com/anchore/syft/cmd/syft/cli/options" @@ -21,8 +24,6 @@ import ( "github.com/anchore/syft/syft/formats/syftjson" "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" - "github.com/gookit/color" - "github.com/wagoodman/go-partybus" ) func Run(ctx context.Context, app *config.Application, args []string) error { diff --git a/cmd/syft/cli/version.go b/cmd/syft/cli/version.go index 078fb0057..b644577ff 100644 --- a/cmd/syft/cli/version.go +++ b/cmd/syft/cli/version.go @@ -6,12 +6,13 @@ import ( "log" "os" + "github.com/spf13/cobra" + "github.com/spf13/viper" + "github.com/anchore/syft/cmd/syft/cli/options" "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/config" "github.com/anchore/syft/internal/version" - "github.com/spf13/cobra" - "github.com/spf13/viper" ) func Version(v *viper.Viper, app *config.Application) *cobra.Command { diff --git a/internal/anchore/import.go b/internal/anchore/import.go index 4225c96c8..e3459a26f 100644 --- a/internal/anchore/import.go +++ b/internal/anchore/import.go @@ -6,14 +6,15 @@ import ( "fmt" "time" + "github.com/antihax/optional" + "github.com/wagoodman/go-partybus" + "github.com/wagoodman/go-progress" + "github.com/anchore/client-go/pkg/external" "github.com/anchore/stereoscope/pkg/image" "github.com/anchore/syft/internal/bus" "github.com/anchore/syft/syft/event" "github.com/anchore/syft/syft/sbom" - "github.com/antihax/optional" - "github.com/wagoodman/go-partybus" - "github.com/wagoodman/go-progress" ) type ImportConfig struct { diff --git a/internal/anchore/import_config_test.go b/internal/anchore/import_config_test.go index 190808c84..ecd964be3 100644 --- a/internal/anchore/import_config_test.go +++ b/internal/anchore/import_config_test.go @@ -8,11 +8,11 @@ import ( "strings" "testing" + "github.com/docker/docker/pkg/ioutils" + "github.com/go-test/deep" "github.com/wagoodman/go-progress" "github.com/anchore/client-go/pkg/external" - "github.com/docker/docker/pkg/ioutils" - "github.com/go-test/deep" ) type mockConfigImportAPI struct { diff --git a/internal/anchore/import_dockerfile.go b/internal/anchore/import_dockerfile.go index bc8083768..83fd31633 100644 --- a/internal/anchore/import_dockerfile.go +++ b/internal/anchore/import_dockerfile.go @@ -8,9 +8,8 @@ import ( "github.com/wagoodman/go-progress" - "github.com/anchore/syft/internal/log" - "github.com/anchore/client-go/pkg/external" + "github.com/anchore/syft/internal/log" ) type dockerfileImportAPI interface { diff --git a/internal/anchore/import_dockerfile_test.go b/internal/anchore/import_dockerfile_test.go index 27a5c6e2d..336fea1c4 100644 --- a/internal/anchore/import_dockerfile_test.go +++ b/internal/anchore/import_dockerfile_test.go @@ -7,12 +7,11 @@ import ( "strings" "testing" + "github.com/docker/docker/pkg/ioutils" + "github.com/go-test/deep" "github.com/wagoodman/go-progress" - "github.com/docker/docker/pkg/ioutils" - "github.com/anchore/client-go/pkg/external" - "github.com/go-test/deep" ) type mockDockerfileImportAPI struct { diff --git a/internal/anchore/import_manifest_test.go b/internal/anchore/import_manifest_test.go index 349970e81..e4edea3a0 100644 --- a/internal/anchore/import_manifest_test.go +++ b/internal/anchore/import_manifest_test.go @@ -8,11 +8,11 @@ import ( "strings" "testing" + "github.com/docker/docker/pkg/ioutils" + "github.com/go-test/deep" "github.com/wagoodman/go-progress" "github.com/anchore/client-go/pkg/external" - "github.com/docker/docker/pkg/ioutils" - "github.com/go-test/deep" ) type mockManifestImportAPI struct { diff --git a/internal/anchore/import_package_sbom.go b/internal/anchore/import_package_sbom.go index cd0abd0e3..cf6551972 100644 --- a/internal/anchore/import_package_sbom.go +++ b/internal/anchore/import_package_sbom.go @@ -8,12 +8,13 @@ import ( "fmt" "net/http" + "github.com/wagoodman/go-progress" + "github.com/anchore/client-go/pkg/external" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/formats/syftjson" syftjsonModel "github.com/anchore/syft/syft/formats/syftjson/model" "github.com/anchore/syft/syft/sbom" - "github.com/wagoodman/go-progress" ) type packageSBOMImportAPI interface { diff --git a/internal/anchore/import_package_sbom_test.go b/internal/anchore/import_package_sbom_test.go index 07b1435f2..c1603efd7 100644 --- a/internal/anchore/import_package_sbom_test.go +++ b/internal/anchore/import_package_sbom_test.go @@ -8,6 +8,12 @@ import ( "strings" "testing" + "github.com/docker/docker/pkg/ioutils" + "github.com/go-test/deep" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/wagoodman/go-progress" + "github.com/anchore/client-go/pkg/external" "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/formats/syftjson" @@ -15,11 +21,6 @@ import ( "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" - "github.com/docker/docker/pkg/ioutils" - "github.com/go-test/deep" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "github.com/wagoodman/go-progress" ) func must(c pkg.CPE, e error) pkg.CPE { diff --git a/internal/config/application.go b/internal/config/application.go index d5898b0d1..037412c58 100644 --- a/internal/config/application.go +++ b/internal/config/application.go @@ -8,16 +8,15 @@ import ( "sort" "strings" - "github.com/anchore/syft/syft/pkg/cataloger" - - "github.com/sirupsen/logrus" - "github.com/adrg/xdg" - "github.com/anchore/syft/internal" - "github.com/anchore/syft/internal/log" "github.com/mitchellh/go-homedir" + "github.com/sirupsen/logrus" "github.com/spf13/viper" "gopkg.in/yaml.v2" + + "github.com/anchore/syft/internal" + "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/syft/pkg/cataloger" ) var ( diff --git a/internal/config/file_classification.go b/internal/config/file_classification.go index f4ba63018..d78812705 100644 --- a/internal/config/file_classification.go +++ b/internal/config/file_classification.go @@ -1,8 +1,9 @@ package config import ( - "github.com/anchore/syft/syft/source" "github.com/spf13/viper" + + "github.com/anchore/syft/syft/source" ) type fileClassification struct { diff --git a/internal/config/file_contents.go b/internal/config/file_contents.go index f8c3c47d1..18a404f5b 100644 --- a/internal/config/file_contents.go +++ b/internal/config/file_contents.go @@ -1,9 +1,10 @@ package config import ( + "github.com/spf13/viper" + "github.com/anchore/syft/internal/file" "github.com/anchore/syft/syft/source" - "github.com/spf13/viper" ) type fileContents struct { diff --git a/internal/config/file_metadata.go b/internal/config/file_metadata.go index 764b9b392..5339f29d7 100644 --- a/internal/config/file_metadata.go +++ b/internal/config/file_metadata.go @@ -1,8 +1,9 @@ package config import ( - "github.com/anchore/syft/syft/source" "github.com/spf13/viper" + + "github.com/anchore/syft/syft/source" ) type FileMetadata struct { diff --git a/internal/config/pkg.go b/internal/config/pkg.go index 88d622541..21e26a59b 100644 --- a/internal/config/pkg.go +++ b/internal/config/pkg.go @@ -1,8 +1,9 @@ package config import ( - "github.com/anchore/syft/syft/pkg/cataloger" "github.com/spf13/viper" + + "github.com/anchore/syft/syft/pkg/cataloger" ) type pkg struct { diff --git a/internal/config/registry.go b/internal/config/registry.go index 6ae85d3e7..7e7e7132b 100644 --- a/internal/config/registry.go +++ b/internal/config/registry.go @@ -3,9 +3,9 @@ package config import ( "os" - "github.com/anchore/stereoscope/pkg/image" - "github.com/spf13/viper" + + "github.com/anchore/stereoscope/pkg/image" ) type RegistryCredentials struct { diff --git a/internal/config/registry_test.go b/internal/config/registry_test.go index 6d9ecf280..c98511c1e 100644 --- a/internal/config/registry_test.go +++ b/internal/config/registry_test.go @@ -4,9 +4,9 @@ import ( "fmt" "testing" - "github.com/anchore/stereoscope/pkg/image" - "github.com/stretchr/testify/assert" + + "github.com/anchore/stereoscope/pkg/image" ) func TestHasNonEmptyCredentials(t *testing.T) { diff --git a/internal/config/secrets.go b/internal/config/secrets.go index 2c07dd498..0d0efc4f1 100644 --- a/internal/config/secrets.go +++ b/internal/config/secrets.go @@ -1,9 +1,10 @@ package config import ( + "github.com/spf13/viper" + "github.com/anchore/syft/internal/file" "github.com/anchore/syft/syft/source" - "github.com/spf13/viper" ) type secrets struct { diff --git a/internal/spdxlicense/generate/generate_license_list_test.go b/internal/spdxlicense/generate/generate_license_list_test.go index d730db141..08a4ae337 100644 --- a/internal/spdxlicense/generate/generate_license_list_test.go +++ b/internal/spdxlicense/generate/generate_license_list_test.go @@ -2,10 +2,10 @@ package main import ( "encoding/json" - "github.com/google/go-cmp/cmp" "os" "testing" + "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/require" ) diff --git a/internal/spdxlicense/generate/license_test.go b/internal/spdxlicense/generate/license_test.go index 4796873ec..81de2406d 100644 --- a/internal/spdxlicense/generate/license_test.go +++ b/internal/spdxlicense/generate/license_test.go @@ -1,9 +1,10 @@ package main import ( - "github.com/stretchr/testify/assert" "strings" "testing" + + "github.com/stretchr/testify/assert" ) var ( diff --git a/internal/ui/common_event_handlers.go b/internal/ui/common_event_handlers.go index 39b131e80..09325b21f 100644 --- a/internal/ui/common_event_handlers.go +++ b/internal/ui/common_event_handlers.go @@ -3,8 +3,9 @@ package ui import ( "fmt" - syftEventParsers "github.com/anchore/syft/syft/event/parsers" "github.com/wagoodman/go-partybus" + + syftEventParsers "github.com/anchore/syft/syft/event/parsers" ) // handleExit is a UI function for processing the Exit bus event, diff --git a/internal/ui/ephemeral_terminal_ui.go b/internal/ui/ephemeral_terminal_ui.go index 7cf7ad329..99b7a08b6 100644 --- a/internal/ui/ephemeral_terminal_ui.go +++ b/internal/ui/ephemeral_terminal_ui.go @@ -11,12 +11,13 @@ import ( "os" "sync" + "github.com/wagoodman/go-partybus" + "github.com/wagoodman/jotframe/pkg/frame" + "github.com/anchore/syft/internal/log" "github.com/anchore/syft/internal/logger" syftEvent "github.com/anchore/syft/syft/event" "github.com/anchore/syft/ui" - "github.com/wagoodman/go-partybus" - "github.com/wagoodman/jotframe/pkg/frame" ) // ephemeralTerminalUI provides an "ephemeral" terminal user interface to display the application state dynamically. diff --git a/internal/ui/etui_event_handlers.go b/internal/ui/etui_event_handlers.go index fcd998e44..606962fbd 100644 --- a/internal/ui/etui_event_handlers.go +++ b/internal/ui/etui_event_handlers.go @@ -9,12 +9,12 @@ import ( "io" "sync" - "github.com/anchore/syft/internal" "github.com/gookit/color" + "github.com/wagoodman/go-partybus" "github.com/wagoodman/jotframe/pkg/frame" + "github.com/anchore/syft/internal" syftEventParsers "github.com/anchore/syft/syft/event/parsers" - "github.com/wagoodman/go-partybus" ) // handleAppUpdateAvailable is a UI handler function to display a new application version to the top of the screen. diff --git a/internal/ui/logger_ui.go b/internal/ui/logger_ui.go index 53cd9f7a9..48f5c1ed6 100644 --- a/internal/ui/logger_ui.go +++ b/internal/ui/logger_ui.go @@ -1,9 +1,10 @@ package ui import ( + "github.com/wagoodman/go-partybus" + "github.com/anchore/syft/internal/log" syftEvent "github.com/anchore/syft/syft/event" - "github.com/wagoodman/go-partybus" ) type loggerUI struct { diff --git a/schema/json/generate.go b/schema/json/generate.go index b9e782bb3..e5833e5ff 100644 --- a/schema/json/generate.go +++ b/schema/json/generate.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/alecthomas/jsonschema" + "github.com/anchore/syft/internal" syftjsonModel "github.com/anchore/syft/syft/formats/syftjson/model" "github.com/anchore/syft/syft/pkg" diff --git a/syft/event/parsers/parsers.go b/syft/event/parsers/parsers.go index f384044cd..c6b978100 100644 --- a/syft/event/parsers/parsers.go +++ b/syft/event/parsers/parsers.go @@ -6,11 +6,12 @@ package parsers import ( "fmt" + "github.com/wagoodman/go-partybus" + "github.com/wagoodman/go-progress" + "github.com/anchore/syft/syft/event" "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg/cataloger" - "github.com/wagoodman/go-partybus" - "github.com/wagoodman/go-progress" ) type ErrBadPayload struct { diff --git a/syft/file/all_regular_files_test.go b/syft/file/all_regular_files_test.go index aad33b348..d1e261652 100644 --- a/syft/file/all_regular_files_test.go +++ b/syft/file/all_regular_files_test.go @@ -1,12 +1,14 @@ package file import ( - "github.com/anchore/stereoscope/pkg/imagetest" - "github.com/anchore/syft/syft/source" + "testing" + "github.com/scylladb/go-set/strset" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "testing" + + "github.com/anchore/stereoscope/pkg/imagetest" + "github.com/anchore/syft/syft/source" ) func Test_allRegularFiles(t *testing.T) { diff --git a/syft/file/classification_cataloger_test.go b/syft/file/classification_cataloger_test.go index da6fb37cb..90cca7642 100644 --- a/syft/file/classification_cataloger_test.go +++ b/syft/file/classification_cataloger_test.go @@ -1,11 +1,12 @@ package file import ( - "github.com/anchore/stereoscope/pkg/imagetest" "testing" - "github.com/anchore/syft/syft/source" "github.com/stretchr/testify/assert" + + "github.com/anchore/stereoscope/pkg/imagetest" + "github.com/anchore/syft/syft/source" ) func TestClassifierCataloger_DefaultClassifiers_PositiveCases(t *testing.T) { diff --git a/syft/file/classifier_test.go b/syft/file/classifier_test.go index 9151f3f5b..ddfa50a2b 100644 --- a/syft/file/classifier_test.go +++ b/syft/file/classifier_test.go @@ -4,8 +4,9 @@ import ( "regexp" "testing" - "github.com/anchore/syft/syft/source" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/source" ) func TestFilepathMatches(t *testing.T) { diff --git a/syft/file/contents_cataloger.go b/syft/file/contents_cataloger.go index b65a04284..b4d7802a6 100644 --- a/syft/file/contents_cataloger.go +++ b/syft/file/contents_cataloger.go @@ -7,7 +7,6 @@ import ( "io" "github.com/anchore/syft/internal" - "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/source" ) diff --git a/syft/file/contents_cataloger_test.go b/syft/file/contents_cataloger_test.go index d13025c4c..526baae5c 100644 --- a/syft/file/contents_cataloger_test.go +++ b/syft/file/contents_cataloger_test.go @@ -3,8 +3,9 @@ package file import ( "testing" - "github.com/anchore/syft/syft/source" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/source" ) func TestContentsCataloger(t *testing.T) { diff --git a/syft/file/digest_cataloger.go b/syft/file/digest_cataloger.go index edc096c16..50dccac8d 100644 --- a/syft/file/digest_cataloger.go +++ b/syft/file/digest_cataloger.go @@ -8,15 +8,13 @@ import ( "io" "strings" - "github.com/anchore/syft/internal" - - "github.com/anchore/syft/internal/log" - - "github.com/anchore/syft/internal/bus" - "github.com/anchore/syft/syft/event" "github.com/wagoodman/go-partybus" "github.com/wagoodman/go-progress" + "github.com/anchore/syft/internal" + "github.com/anchore/syft/internal/bus" + "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/syft/event" "github.com/anchore/syft/syft/source" ) diff --git a/syft/file/digest_cataloger_test.go b/syft/file/digest_cataloger_test.go index 277921508..c2f3c6b5f 100644 --- a/syft/file/digest_cataloger_test.go +++ b/syft/file/digest_cataloger_test.go @@ -3,18 +3,16 @@ package file import ( "crypto" "fmt" - "github.com/stretchr/testify/require" "io/ioutil" "os" "path/filepath" "testing" - "github.com/anchore/stereoscope/pkg/file" - - "github.com/anchore/stereoscope/pkg/imagetest" - "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/anchore/stereoscope/pkg/file" + "github.com/anchore/stereoscope/pkg/imagetest" "github.com/anchore/syft/syft/source" ) diff --git a/syft/file/metadata_cataloger.go b/syft/file/metadata_cataloger.go index e9cf28b90..39f1e28b4 100644 --- a/syft/file/metadata_cataloger.go +++ b/syft/file/metadata_cataloger.go @@ -1,12 +1,13 @@ package file import ( + "github.com/wagoodman/go-partybus" + "github.com/wagoodman/go-progress" + "github.com/anchore/syft/internal/bus" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/event" "github.com/anchore/syft/syft/source" - "github.com/wagoodman/go-partybus" - "github.com/wagoodman/go-progress" ) type MetadataCataloger struct { diff --git a/syft/file/metadata_cataloger_test.go b/syft/file/metadata_cataloger_test.go index 9ca27a6d0..c7633bb7c 100644 --- a/syft/file/metadata_cataloger_test.go +++ b/syft/file/metadata_cataloger_test.go @@ -5,10 +5,11 @@ import ( "os" "testing" + "github.com/stretchr/testify/assert" + "github.com/anchore/stereoscope/pkg/file" "github.com/anchore/stereoscope/pkg/imagetest" "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/assert" ) var updateImageGoldenFiles = flag.Bool("update-image", false, "update the golden fixture images used for testing") diff --git a/syft/file/secrets_cataloger.go b/syft/file/secrets_cataloger.go index b8f31980e..aae97acf5 100644 --- a/syft/file/secrets_cataloger.go +++ b/syft/file/secrets_cataloger.go @@ -8,14 +8,14 @@ import ( "regexp" "sort" - "github.com/anchore/syft/internal" + "github.com/wagoodman/go-partybus" + "github.com/wagoodman/go-progress" + "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/bus" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/event" "github.com/anchore/syft/syft/source" - "github.com/wagoodman/go-partybus" - "github.com/wagoodman/go-progress" ) var DefaultSecretsPatterns = map[string]string{ diff --git a/syft/file/secrets_cataloger_test.go b/syft/file/secrets_cataloger_test.go index 696f3865c..b2c55a9f3 100644 --- a/syft/file/secrets_cataloger_test.go +++ b/syft/file/secrets_cataloger_test.go @@ -4,11 +4,10 @@ import ( "regexp" "testing" - "github.com/anchore/syft/internal/file" - - "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/internal/file" + "github.com/anchore/syft/syft/source" ) func TestSecretsCataloger(t *testing.T) { diff --git a/syft/file/secrets_search_by_line_strategy.go b/syft/file/secrets_search_by_line_strategy.go index 0fd87ff63..9a453544b 100644 --- a/syft/file/secrets_search_by_line_strategy.go +++ b/syft/file/secrets_search_by_line_strategy.go @@ -9,7 +9,6 @@ import ( "regexp" "github.com/anchore/syft/internal" - "github.com/anchore/syft/syft/source" ) diff --git a/syft/formats/common/cyclonedxhelpers/author_test.go b/syft/formats/common/cyclonedxhelpers/author_test.go index 11cd95d66..11bc9a8d8 100644 --- a/syft/formats/common/cyclonedxhelpers/author_test.go +++ b/syft/formats/common/cyclonedxhelpers/author_test.go @@ -3,8 +3,9 @@ package cyclonedxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_encodeAuthor(t *testing.T) { diff --git a/syft/formats/common/cyclonedxhelpers/description_test.go b/syft/formats/common/cyclonedxhelpers/description_test.go index 21f722702..3eea431f6 100644 --- a/syft/formats/common/cyclonedxhelpers/description_test.go +++ b/syft/formats/common/cyclonedxhelpers/description_test.go @@ -3,8 +3,9 @@ package cyclonedxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_encodeDescription(t *testing.T) { diff --git a/syft/formats/common/cyclonedxhelpers/external_references.go b/syft/formats/common/cyclonedxhelpers/external_references.go index c7f952717..1c9f39d9d 100644 --- a/syft/formats/common/cyclonedxhelpers/external_references.go +++ b/syft/formats/common/cyclonedxhelpers/external_references.go @@ -4,9 +4,9 @@ import ( "fmt" "strings" - syftFile "github.com/anchore/syft/syft/file" - "github.com/CycloneDX/cyclonedx-go" + + syftFile "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" ) diff --git a/syft/formats/common/cyclonedxhelpers/external_references_test.go b/syft/formats/common/cyclonedxhelpers/external_references_test.go index e5a91daa6..0dd879557 100644 --- a/syft/formats/common/cyclonedxhelpers/external_references_test.go +++ b/syft/formats/common/cyclonedxhelpers/external_references_test.go @@ -4,8 +4,9 @@ import ( "testing" "github.com/CycloneDX/cyclonedx-go" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_encodeExternalReferences(t *testing.T) { diff --git a/syft/formats/common/cyclonedxhelpers/group_test.go b/syft/formats/common/cyclonedxhelpers/group_test.go index 38352131f..23c8c4bbb 100644 --- a/syft/formats/common/cyclonedxhelpers/group_test.go +++ b/syft/formats/common/cyclonedxhelpers/group_test.go @@ -3,8 +3,9 @@ package cyclonedxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_encodeGroup(t *testing.T) { diff --git a/syft/formats/common/cyclonedxhelpers/licenses.go b/syft/formats/common/cyclonedxhelpers/licenses.go index 9acf70d39..ab8aa9d3a 100644 --- a/syft/formats/common/cyclonedxhelpers/licenses.go +++ b/syft/formats/common/cyclonedxhelpers/licenses.go @@ -2,6 +2,7 @@ package cyclonedxhelpers import ( "github.com/CycloneDX/cyclonedx-go" + "github.com/anchore/syft/internal/spdxlicense" "github.com/anchore/syft/syft/pkg" ) diff --git a/syft/formats/common/cyclonedxhelpers/licenses_test.go b/syft/formats/common/cyclonedxhelpers/licenses_test.go index 4b3745adc..d8e7b37cf 100644 --- a/syft/formats/common/cyclonedxhelpers/licenses_test.go +++ b/syft/formats/common/cyclonedxhelpers/licenses_test.go @@ -4,8 +4,9 @@ import ( "testing" "github.com/CycloneDX/cyclonedx-go" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_encodeLicense(t *testing.T) { diff --git a/syft/formats/common/cyclonedxhelpers/publisher_test.go b/syft/formats/common/cyclonedxhelpers/publisher_test.go index 067305986..bda829587 100644 --- a/syft/formats/common/cyclonedxhelpers/publisher_test.go +++ b/syft/formats/common/cyclonedxhelpers/publisher_test.go @@ -3,8 +3,9 @@ package cyclonedxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_encodePublisher(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/description_test.go b/syft/formats/common/spdxhelpers/description_test.go index e62018622..031a9034b 100644 --- a/syft/formats/common/spdxhelpers/description_test.go +++ b/syft/formats/common/spdxhelpers/description_test.go @@ -3,8 +3,9 @@ package spdxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_Description(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/document_name_test.go b/syft/formats/common/spdxhelpers/document_name_test.go index e3d0ff5b5..6f4392d29 100644 --- a/syft/formats/common/spdxhelpers/document_name_test.go +++ b/syft/formats/common/spdxhelpers/document_name_test.go @@ -5,9 +5,10 @@ import ( "strings" "testing" - "github.com/anchore/syft/syft/source" "github.com/scylladb/go-set/strset" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/source" ) func Test_DocumentName(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/document_namespace.go b/syft/formats/common/spdxhelpers/document_namespace.go index 9110efef5..584713bcb 100644 --- a/syft/formats/common/spdxhelpers/document_namespace.go +++ b/syft/formats/common/spdxhelpers/document_namespace.go @@ -5,9 +5,10 @@ import ( "net/url" "path" + "github.com/google/uuid" + "github.com/anchore/syft/internal" "github.com/anchore/syft/syft/source" - "github.com/google/uuid" ) func DocumentNameAndNamespace(srcMetadata source.Metadata) (string, string) { diff --git a/syft/formats/common/spdxhelpers/document_namespace_test.go b/syft/formats/common/spdxhelpers/document_namespace_test.go index 12030100e..545227664 100644 --- a/syft/formats/common/spdxhelpers/document_namespace_test.go +++ b/syft/formats/common/spdxhelpers/document_namespace_test.go @@ -5,9 +5,10 @@ import ( "strings" "testing" - "github.com/anchore/syft/syft/source" "github.com/scylladb/go-set/strset" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/source" ) func Test_documentNamespace(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/download_location_test.go b/syft/formats/common/spdxhelpers/download_location_test.go index 42b205a1e..5ae1d714a 100644 --- a/syft/formats/common/spdxhelpers/download_location_test.go +++ b/syft/formats/common/spdxhelpers/download_location_test.go @@ -3,8 +3,9 @@ package spdxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_DownloadLocation(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/external_refs_test.go b/syft/formats/common/spdxhelpers/external_refs_test.go index 180a5c4db..1ae0a224c 100644 --- a/syft/formats/common/spdxhelpers/external_refs_test.go +++ b/syft/formats/common/spdxhelpers/external_refs_test.go @@ -3,8 +3,9 @@ package spdxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_ExternalRefs(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/homepage_test.go b/syft/formats/common/spdxhelpers/homepage_test.go index 371f45bfb..91b77b725 100644 --- a/syft/formats/common/spdxhelpers/homepage_test.go +++ b/syft/formats/common/spdxhelpers/homepage_test.go @@ -3,8 +3,9 @@ package spdxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_Homepage(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/license_test.go b/syft/formats/common/spdxhelpers/license_test.go index 94c32f9f6..ee51c16c1 100644 --- a/syft/formats/common/spdxhelpers/license_test.go +++ b/syft/formats/common/spdxhelpers/license_test.go @@ -3,8 +3,9 @@ package spdxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_License(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/originator_test.go b/syft/formats/common/spdxhelpers/originator_test.go index be8e9e97b..a35c707fb 100644 --- a/syft/formats/common/spdxhelpers/originator_test.go +++ b/syft/formats/common/spdxhelpers/originator_test.go @@ -3,8 +3,9 @@ package spdxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_Originator(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/source_info_test.go b/syft/formats/common/spdxhelpers/source_info_test.go index a403aed05..75f3987ba 100644 --- a/syft/formats/common/spdxhelpers/source_info_test.go +++ b/syft/formats/common/spdxhelpers/source_info_test.go @@ -3,9 +3,10 @@ package spdxhelpers import ( "testing" + "github.com/stretchr/testify/assert" + "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/assert" ) func Test_SourceInfo(t *testing.T) { diff --git a/syft/formats/common/spdxhelpers/to_syft_model_test.go b/syft/formats/common/spdxhelpers/to_syft_model_test.go index 9f09b3da2..10d35bac6 100644 --- a/syft/formats/common/spdxhelpers/to_syft_model_test.go +++ b/syft/formats/common/spdxhelpers/to_syft_model_test.go @@ -3,11 +3,12 @@ package spdxhelpers import ( "testing" - "github.com/anchore/syft/syft/pkg" - "github.com/anchore/syft/syft/source" "github.com/spdx/tools-golang/spdx" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) func TestToSyftModel(t *testing.T) { diff --git a/syft/formats/common/testutils/utils.go b/syft/formats/common/testutils/utils.go index b1004d506..5276c46e5 100644 --- a/syft/formats/common/testutils/utils.go +++ b/syft/formats/common/testutils/utils.go @@ -5,6 +5,9 @@ import ( "strings" "testing" + "github.com/sergi/go-diff/diffmatchpatch" + "github.com/stretchr/testify/assert" + "github.com/anchore/go-testutils" "github.com/anchore/stereoscope/pkg/filetree" "github.com/anchore/stereoscope/pkg/image" @@ -13,8 +16,6 @@ import ( "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" - "github.com/sergi/go-diff/diffmatchpatch" - "github.com/stretchr/testify/assert" ) type redactor func(s []byte) []byte diff --git a/syft/formats/cyclonedxjson/encoder.go b/syft/formats/cyclonedxjson/encoder.go index 3260cfc00..3281d2eaf 100644 --- a/syft/formats/cyclonedxjson/encoder.go +++ b/syft/formats/cyclonedxjson/encoder.go @@ -4,6 +4,7 @@ import ( "io" "github.com/CycloneDX/cyclonedx-go" + "github.com/anchore/syft/syft/formats/common/cyclonedxhelpers" "github.com/anchore/syft/syft/sbom" ) diff --git a/syft/formats/cyclonedxjson/format.go b/syft/formats/cyclonedxjson/format.go index 77543e115..14b3005fd 100644 --- a/syft/formats/cyclonedxjson/format.go +++ b/syft/formats/cyclonedxjson/format.go @@ -2,6 +2,7 @@ package cyclonedxjson import ( "github.com/CycloneDX/cyclonedx-go" + "github.com/anchore/syft/syft/formats/common/cyclonedxhelpers" "github.com/anchore/syft/syft/sbom" ) diff --git a/syft/formats/cyclonedxxml/encoder.go b/syft/formats/cyclonedxxml/encoder.go index 949b940cb..b8abdf81a 100644 --- a/syft/formats/cyclonedxxml/encoder.go +++ b/syft/formats/cyclonedxxml/encoder.go @@ -4,6 +4,7 @@ import ( "io" "github.com/CycloneDX/cyclonedx-go" + "github.com/anchore/syft/syft/formats/common/cyclonedxhelpers" "github.com/anchore/syft/syft/sbom" ) diff --git a/syft/formats/cyclonedxxml/format.go b/syft/formats/cyclonedxxml/format.go index 50aabf54f..de1e57cb0 100644 --- a/syft/formats/cyclonedxxml/format.go +++ b/syft/formats/cyclonedxxml/format.go @@ -2,6 +2,7 @@ package cyclonedxxml import ( "github.com/CycloneDX/cyclonedx-go" + "github.com/anchore/syft/syft/formats/common/cyclonedxhelpers" "github.com/anchore/syft/syft/sbom" ) diff --git a/syft/formats/spdx22json/decoder_test.go b/syft/formats/spdx22json/decoder_test.go index 6f718dc4d..004b14d76 100644 --- a/syft/formats/spdx22json/decoder_test.go +++ b/syft/formats/spdx22json/decoder_test.go @@ -5,8 +5,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func TestSPDXJSONDecoder(t *testing.T) { diff --git a/syft/formats/spdx22json/to_format_model_test.go b/syft/formats/spdx22json/to_format_model_test.go index 0c75859b8..2845568b9 100644 --- a/syft/formats/spdx22json/to_format_model_test.go +++ b/syft/formats/spdx22json/to_format_model_test.go @@ -3,16 +3,14 @@ package spdx22json import ( "testing" - "github.com/anchore/syft/syft/pkg" - - "github.com/anchore/syft/syft/file" + "github.com/stretchr/testify/assert" "github.com/anchore/syft/syft/artifact" - + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/formats/common/spdxhelpers" "github.com/anchore/syft/syft/formats/spdx22json/model" + "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/assert" ) func Test_toFileTypes(t *testing.T) { diff --git a/syft/formats/spdx22tagvalue/encoder.go b/syft/formats/spdx22tagvalue/encoder.go index 6f9fdf5d8..c195391c2 100644 --- a/syft/formats/spdx22tagvalue/encoder.go +++ b/syft/formats/spdx22tagvalue/encoder.go @@ -3,8 +3,9 @@ package spdx22tagvalue import ( "io" - "github.com/anchore/syft/syft/sbom" "github.com/spdx/tools-golang/tvsaver" + + "github.com/anchore/syft/syft/sbom" ) func encoder(output io.Writer, s sbom.SBOM) error { diff --git a/syft/formats/spdx22tagvalue/to_format_model.go b/syft/formats/spdx22tagvalue/to_format_model.go index 15511cc94..ae4c00477 100644 --- a/syft/formats/spdx22tagvalue/to_format_model.go +++ b/syft/formats/spdx22tagvalue/to_format_model.go @@ -4,13 +4,13 @@ import ( "fmt" "time" - "github.com/anchore/syft/syft/sbom" + "github.com/spdx/tools-golang/spdx" "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/spdxlicense" "github.com/anchore/syft/syft/formats/common/spdxhelpers" "github.com/anchore/syft/syft/pkg" - "github.com/spdx/tools-golang/spdx" + "github.com/anchore/syft/syft/sbom" ) // toFormatModel creates and populates a new JSON document struct that follows the SPDX 2.2 spec from the given cataloging results. diff --git a/syft/formats/syftjson/decoder.go b/syft/formats/syftjson/decoder.go index 3c6dece36..b6286bd97 100644 --- a/syft/formats/syftjson/decoder.go +++ b/syft/formats/syftjson/decoder.go @@ -5,9 +5,8 @@ import ( "fmt" "io" - "github.com/anchore/syft/syft/sbom" - "github.com/anchore/syft/syft/formats/syftjson/model" + "github.com/anchore/syft/syft/sbom" ) func decoder(reader io.Reader) (*sbom.SBOM, error) { diff --git a/syft/formats/syftjson/decoder_test.go b/syft/formats/syftjson/decoder_test.go index 529c7faac..ed9043b8b 100644 --- a/syft/formats/syftjson/decoder_test.go +++ b/syft/formats/syftjson/decoder_test.go @@ -5,9 +5,10 @@ import ( "strings" "testing" - "github.com/anchore/syft/syft/formats/common/testutils" "github.com/go-test/deep" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/formats/common/testutils" ) func TestEncodeDecodeCycle(t *testing.T) { diff --git a/syft/formats/syftjson/encoder_test.go b/syft/formats/syftjson/encoder_test.go index 16a10ad0e..22d66e1f2 100644 --- a/syft/formats/syftjson/encoder_test.go +++ b/syft/formats/syftjson/encoder_test.go @@ -4,16 +4,13 @@ import ( "flag" "testing" - "github.com/anchore/syft/syft/file" - "github.com/anchore/syft/syft/artifact" - + "github.com/anchore/syft/syft/file" + "github.com/anchore/syft/syft/formats/common/testutils" "github.com/anchore/syft/syft/linux" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" - - "github.com/anchore/syft/syft/formats/common/testutils" ) var updateJson = flag.Bool("update-json", false, "update the *.golden files for json encoders") diff --git a/syft/formats/syftjson/model/file.go b/syft/formats/syftjson/model/file.go index be2c88df3..10e1249db 100644 --- a/syft/formats/syftjson/model/file.go +++ b/syft/formats/syftjson/model/file.go @@ -2,7 +2,6 @@ package model import ( "github.com/anchore/syft/syft/file" - "github.com/anchore/syft/syft/source" ) diff --git a/syft/formats/syftjson/model/package.go b/syft/formats/syftjson/model/package.go index 12ef3c335..7249af296 100644 --- a/syft/formats/syftjson/model/package.go +++ b/syft/formats/syftjson/model/package.go @@ -5,10 +5,9 @@ import ( "errors" "fmt" - "github.com/anchore/syft/syft/source" - "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) var errUnknownMetadataType = errors.New("unknown metadata type") diff --git a/syft/formats/syftjson/model/package_test.go b/syft/formats/syftjson/model/package_test.go index da282f426..0887a4e0a 100644 --- a/syft/formats/syftjson/model/package_test.go +++ b/syft/formats/syftjson/model/package_test.go @@ -2,10 +2,12 @@ package model import ( "encoding/json" - "github.com/anchore/syft/syft/pkg" + "testing" + "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "testing" + + "github.com/anchore/syft/syft/pkg" ) func TestUnmarshalPackageGolang(t *testing.T) { diff --git a/syft/formats/syftjson/model/source_test.go b/syft/formats/syftjson/model/source_test.go index cedf06e9d..bcd4b9bd1 100644 --- a/syft/formats/syftjson/model/source_test.go +++ b/syft/formats/syftjson/model/source_test.go @@ -4,11 +4,10 @@ import ( "encoding/json" "testing" - "github.com/anchore/syft/syft/source" - "github.com/google/go-cmp/cmp" - "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/source" ) func TestSource_UnmarshalJSON(t *testing.T) { diff --git a/syft/formats/syftjson/to_format_model.go b/syft/formats/syftjson/to_format_model.go index 58e4dbb7c..2d5fd84ab 100644 --- a/syft/formats/syftjson/to_format_model.go +++ b/syft/formats/syftjson/to_format_model.go @@ -5,18 +5,14 @@ import ( "sort" "strconv" - "github.com/anchore/syft/syft/linux" - - "github.com/anchore/syft/syft/file" - - "github.com/anchore/syft/syft/artifact" - - "github.com/anchore/syft/syft/sbom" - "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/syft/artifact" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/formats/syftjson/model" + "github.com/anchore/syft/syft/linux" "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" ) diff --git a/syft/formats/syftjson/to_format_model_test.go b/syft/formats/syftjson/to_format_model_test.go index 37564bae2..b09c74ac1 100644 --- a/syft/formats/syftjson/to_format_model_test.go +++ b/syft/formats/syftjson/to_format_model_test.go @@ -4,11 +4,11 @@ import ( "testing" "github.com/scylladb/go-set/strset" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" "github.com/anchore/syft/syft/formats/syftjson/model" "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" ) func Test_toSourceModel(t *testing.T) { diff --git a/syft/formats/syftjson/to_syft_model.go b/syft/formats/syftjson/to_syft_model.go index 9c2760434..8a97ae68f 100644 --- a/syft/formats/syftjson/to_syft_model.go +++ b/syft/formats/syftjson/to_syft_model.go @@ -1,6 +1,8 @@ package syftjson import ( + "github.com/google/go-cmp/cmp" + "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/formats/syftjson/model" @@ -8,7 +10,6 @@ import ( "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" - "github.com/google/go-cmp/cmp" ) func toSyftModel(doc model.Document) (*sbom.SBOM, error) { diff --git a/syft/formats/syftjson/to_syft_model_test.go b/syft/formats/syftjson/to_syft_model_test.go index 5fb8b854f..1e7b86c3d 100644 --- a/syft/formats/syftjson/to_syft_model_test.go +++ b/syft/formats/syftjson/to_syft_model_test.go @@ -3,11 +3,12 @@ package syftjson import ( "testing" + "github.com/scylladb/go-set/strset" + "github.com/stretchr/testify/assert" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/formats/syftjson/model" "github.com/anchore/syft/syft/source" - "github.com/scylladb/go-set/strset" - "github.com/stretchr/testify/assert" ) func Test_toSyftSourceData(t *testing.T) { diff --git a/syft/formats/table/encoder.go b/syft/formats/table/encoder.go index e651674c5..458d6eb6d 100644 --- a/syft/formats/table/encoder.go +++ b/syft/formats/table/encoder.go @@ -6,9 +6,9 @@ import ( "sort" "strings" - "github.com/anchore/syft/syft/sbom" - "github.com/olekukonko/tablewriter" + + "github.com/anchore/syft/syft/sbom" ) func encoder(output io.Writer, s sbom.SBOM) error { diff --git a/syft/formats/table/encoder_test.go b/syft/formats/table/encoder_test.go index 3417e45f3..434ba4028 100644 --- a/syft/formats/table/encoder_test.go +++ b/syft/formats/table/encoder_test.go @@ -4,8 +4,9 @@ import ( "flag" "testing" - "github.com/anchore/syft/syft/formats/common/testutils" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/formats/common/testutils" ) var updateTableGoldenFiles = flag.Bool("update-table", false, "update the *.golden files for table format") diff --git a/syft/formats/template/encoder_test.go b/syft/formats/template/encoder_test.go index dc42e3538..b5a46bd29 100644 --- a/syft/formats/template/encoder_test.go +++ b/syft/formats/template/encoder_test.go @@ -4,8 +4,9 @@ import ( "flag" "testing" - "github.com/anchore/syft/syft/formats/common/testutils" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/formats/common/testutils" ) var updateTmpl = flag.Bool("update-tmpl", false, "update the *.golden files for json encoders") diff --git a/syft/formats/text/encoder.go b/syft/formats/text/encoder.go index ee97abd4a..49619346e 100644 --- a/syft/formats/text/encoder.go +++ b/syft/formats/text/encoder.go @@ -6,7 +6,6 @@ import ( "text/tabwriter" "github.com/anchore/syft/syft/sbom" - "github.com/anchore/syft/syft/source" ) diff --git a/syft/formats_test.go b/syft/formats_test.go index 3b999a833..36b1d1dd9 100644 --- a/syft/formats_test.go +++ b/syft/formats_test.go @@ -6,6 +6,9 @@ import ( "os" "testing" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/anchore/syft/syft/formats/cyclonedxjson" "github.com/anchore/syft/syft/formats/cyclonedxxml" "github.com/anchore/syft/syft/formats/github" @@ -16,9 +19,6 @@ import ( "github.com/anchore/syft/syft/formats/template" "github.com/anchore/syft/syft/formats/text" "github.com/anchore/syft/syft/sbom" - "github.com/stretchr/testify/require" - - "github.com/stretchr/testify/assert" ) func TestIdentify(t *testing.T) { diff --git a/syft/lib.go b/syft/lib.go index d0a1fdf4d..12aa33960 100644 --- a/syft/lib.go +++ b/syft/lib.go @@ -19,16 +19,16 @@ package syft import ( "fmt" - "github.com/anchore/syft/syft/artifact" + "github.com/wagoodman/go-partybus" "github.com/anchore/syft/internal/bus" "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/linux" "github.com/anchore/syft/syft/logger" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger" "github.com/anchore/syft/syft/source" - "github.com/wagoodman/go-partybus" ) // CatalogPackages takes an inventory of packages from the given image from a particular perspective diff --git a/syft/linux/identify_release.go b/syft/linux/identify_release.go index 2b0fbfa48..8b24cae8d 100644 --- a/syft/linux/identify_release.go +++ b/syft/linux/identify_release.go @@ -7,10 +7,11 @@ import ( "strings" "github.com/acobaugh/osrelease" + "github.com/google/go-cmp/cmp" + "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/source" - "github.com/google/go-cmp/cmp" ) // returns a distro or nil diff --git a/syft/linux/identify_release_test.go b/syft/linux/identify_release_test.go index 687af079d..09b6b657d 100644 --- a/syft/linux/identify_release_test.go +++ b/syft/linux/identify_release_test.go @@ -5,9 +5,10 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/source" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/anchore/syft/syft/source" ) func TestIdentifyRelease(t *testing.T) { diff --git a/syft/pkg/alpm_metadata.go b/syft/pkg/alpm_metadata.go index 0867915c6..567b9fd81 100644 --- a/syft/pkg/alpm_metadata.go +++ b/syft/pkg/alpm_metadata.go @@ -4,10 +4,11 @@ import ( "sort" "time" + "github.com/scylladb/go-set/strset" + "github.com/anchore/packageurl-go" "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/linux" - "github.com/scylladb/go-set/strset" ) const AlpmDBGlob = "**/var/lib/pacman/local/**/desc" diff --git a/syft/pkg/alpm_metadata_test.go b/syft/pkg/alpm_metadata_test.go index 8adae54b1..e31ad02a1 100644 --- a/syft/pkg/alpm_metadata_test.go +++ b/syft/pkg/alpm_metadata_test.go @@ -3,9 +3,10 @@ package pkg import ( "testing" + "github.com/sergi/go-diff/diffmatchpatch" + "github.com/anchore/packageurl-go" "github.com/anchore/syft/syft/linux" - "github.com/sergi/go-diff/diffmatchpatch" ) func TestAlpmMetadata_pURL(t *testing.T) { diff --git a/syft/pkg/apk_metadata.go b/syft/pkg/apk_metadata.go index 843b5a77f..ca8881872 100644 --- a/syft/pkg/apk_metadata.go +++ b/syft/pkg/apk_metadata.go @@ -3,10 +3,11 @@ package pkg import ( "sort" + "github.com/scylladb/go-set/strset" + "github.com/anchore/packageurl-go" "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/linux" - "github.com/scylladb/go-set/strset" ) const ApkDBGlob = "**/lib/apk/db/installed" diff --git a/syft/pkg/apk_metadata_test.go b/syft/pkg/apk_metadata_test.go index 1e981201f..05c463530 100644 --- a/syft/pkg/apk_metadata_test.go +++ b/syft/pkg/apk_metadata_test.go @@ -4,11 +4,11 @@ import ( "strings" "testing" - "github.com/anchore/syft/syft/linux" - - "github.com/anchore/packageurl-go" "github.com/go-test/deep" "github.com/sergi/go-diff/diffmatchpatch" + + "github.com/anchore/packageurl-go" + "github.com/anchore/syft/syft/linux" ) func TestApkMetadata_pURL(t *testing.T) { diff --git a/syft/pkg/catalog.go b/syft/pkg/catalog.go index 7dfff5126..59ff0292a 100644 --- a/syft/pkg/catalog.go +++ b/syft/pkg/catalog.go @@ -4,10 +4,11 @@ import ( "sort" "sync" + "github.com/jinzhu/copier" + "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/artifact" - "github.com/jinzhu/copier" ) type orderedIDSet struct { diff --git a/syft/pkg/catalog_test.go b/syft/pkg/catalog_test.go index 43f52b87b..71c3a6d0f 100644 --- a/syft/pkg/catalog_test.go +++ b/syft/pkg/catalog_test.go @@ -3,11 +3,12 @@ package pkg import ( "testing" - "github.com/anchore/syft/syft/artifact" - "github.com/anchore/syft/syft/source" "github.com/scylladb/go-set/strset" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/anchore/syft/syft/artifact" + "github.com/anchore/syft/syft/source" ) type expectedIndexes struct { diff --git a/syft/pkg/cataloger/alpm/parse_alpm_db.go b/syft/pkg/cataloger/alpm/parse_alpm_db.go index 5125cc1d5..bf40fb3a3 100644 --- a/syft/pkg/cataloger/alpm/parse_alpm_db.go +++ b/syft/pkg/cataloger/alpm/parse_alpm_db.go @@ -10,11 +10,12 @@ import ( "strings" "time" + "github.com/mitchellh/mapstructure" + "github.com/vbatts/go-mtree" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - "github.com/mitchellh/mapstructure" - "github.com/vbatts/go-mtree" ) var ( diff --git a/syft/pkg/cataloger/alpm/parse_alpm_db_test.go b/syft/pkg/cataloger/alpm/parse_alpm_db_test.go index fd5e28a0c..5dd56f051 100644 --- a/syft/pkg/cataloger/alpm/parse_alpm_db_test.go +++ b/syft/pkg/cataloger/alpm/parse_alpm_db_test.go @@ -6,9 +6,10 @@ import ( "testing" "time" + "github.com/go-test/deep" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" - "github.com/go-test/deep" ) func TestDatabaseParser(t *testing.T) { diff --git a/syft/pkg/cataloger/apkdb/parse_apk_db.go b/syft/pkg/cataloger/apkdb/parse_apk_db.go index 34038f2ab..95433fda4 100644 --- a/syft/pkg/cataloger/apkdb/parse_apk_db.go +++ b/syft/pkg/cataloger/apkdb/parse_apk_db.go @@ -8,14 +8,13 @@ import ( "strconv" "strings" - "github.com/anchore/syft/syft/artifact" - - "github.com/anchore/syft/syft/file" + "github.com/mitchellh/mapstructure" "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/syft/artifact" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" - "github.com/mitchellh/mapstructure" ) // integrity check diff --git a/syft/pkg/cataloger/apkdb/parse_apk_db_test.go b/syft/pkg/cataloger/apkdb/parse_apk_db_test.go index 958c1f870..6b9147475 100644 --- a/syft/pkg/cataloger/apkdb/parse_apk_db_test.go +++ b/syft/pkg/cataloger/apkdb/parse_apk_db_test.go @@ -5,10 +5,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/file" - "github.com/go-test/deep" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" ) diff --git a/syft/pkg/cataloger/catalog.go b/syft/pkg/cataloger/catalog.go index c9bd4f51a..b844b1d97 100644 --- a/syft/pkg/cataloger/catalog.go +++ b/syft/pkg/cataloger/catalog.go @@ -3,6 +3,10 @@ package cataloger import ( "fmt" + "github.com/hashicorp/go-multierror" + "github.com/wagoodman/go-partybus" + "github.com/wagoodman/go-progress" + "github.com/anchore/syft/internal/bus" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/artifact" @@ -11,9 +15,6 @@ import ( "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common/cpe" "github.com/anchore/syft/syft/source" - "github.com/hashicorp/go-multierror" - "github.com/wagoodman/go-partybus" - "github.com/wagoodman/go-progress" ) // Monitor provides progress-related data for observing the progress of a Catalog() call (published on the event bus). diff --git a/syft/pkg/cataloger/cataloger_test.go b/syft/pkg/cataloger/cataloger_test.go index e47944dab..071e7bd30 100644 --- a/syft/pkg/cataloger/cataloger_test.go +++ b/syft/pkg/cataloger/cataloger_test.go @@ -1,11 +1,13 @@ package cataloger import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/assert" - "testing" ) var _ Cataloger = (*dummy)(nil) diff --git a/syft/pkg/cataloger/common/cpe/candidate_by_package_type_test.go b/syft/pkg/cataloger/common/cpe/candidate_by_package_type_test.go index 497d298a6..90e2c1cdc 100644 --- a/syft/pkg/cataloger/common/cpe/candidate_by_package_type_test.go +++ b/syft/pkg/cataloger/common/cpe/candidate_by_package_type_test.go @@ -3,8 +3,9 @@ package cpe import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_additionalProducts(t *testing.T) { diff --git a/syft/pkg/cataloger/common/cpe/filter.go b/syft/pkg/cataloger/common/cpe/filter.go index cfb696c7d..69be278c1 100644 --- a/syft/pkg/cataloger/common/cpe/filter.go +++ b/syft/pkg/cataloger/common/cpe/filter.go @@ -3,8 +3,9 @@ package cpe import ( "strings" - "github.com/anchore/syft/syft/pkg" "github.com/facebookincubator/nvdtools/wfn" + + "github.com/anchore/syft/syft/pkg" ) const jenkinsName = "jenkins" diff --git a/syft/pkg/cataloger/common/cpe/filter_test.go b/syft/pkg/cataloger/common/cpe/filter_test.go index d57bc8b72..f0727a7c9 100644 --- a/syft/pkg/cataloger/common/cpe/filter_test.go +++ b/syft/pkg/cataloger/common/cpe/filter_test.go @@ -3,8 +3,9 @@ package cpe import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_disallowJenkinsServerCPEForPluginPackage(t *testing.T) { diff --git a/syft/pkg/cataloger/common/cpe/generate.go b/syft/pkg/cataloger/common/cpe/generate.go index a93bf343a..5de119b54 100644 --- a/syft/pkg/cataloger/common/cpe/generate.go +++ b/syft/pkg/cataloger/common/cpe/generate.go @@ -7,9 +7,10 @@ import ( "sort" "strings" + "github.com/facebookincubator/nvdtools/wfn" + "github.com/anchore/syft/internal" "github.com/anchore/syft/syft/pkg" - "github.com/facebookincubator/nvdtools/wfn" ) func newCPE(product, vendor, version, targetSW string) *wfn.Attributes { diff --git a/syft/pkg/cataloger/common/cpe/generate_test.go b/syft/pkg/cataloger/common/cpe/generate_test.go index 52676b528..518ed6f26 100644 --- a/syft/pkg/cataloger/common/cpe/generate_test.go +++ b/syft/pkg/cataloger/common/cpe/generate_test.go @@ -6,10 +6,11 @@ import ( "strings" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/scylladb/go-set" "github.com/scylladb/go-set/strset" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func TestGeneratePackageCPEs(t *testing.T) { diff --git a/syft/pkg/cataloger/common/cpe/java.go b/syft/pkg/cataloger/common/cpe/java.go index 552e04f4e..7975e80e4 100644 --- a/syft/pkg/cataloger/common/cpe/java.go +++ b/syft/pkg/cataloger/common/cpe/java.go @@ -3,9 +3,10 @@ package cpe import ( "strings" + "github.com/scylladb/go-set/strset" + "github.com/anchore/syft/internal" "github.com/anchore/syft/syft/pkg" - "github.com/scylladb/go-set/strset" ) var ( diff --git a/syft/pkg/cataloger/common/cpe/java_test.go b/syft/pkg/cataloger/common/cpe/java_test.go index 0f87e5b56..c27e2ac5b 100644 --- a/syft/pkg/cataloger/common/cpe/java_test.go +++ b/syft/pkg/cataloger/common/cpe/java_test.go @@ -4,8 +4,9 @@ import ( "strings" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_productsFromArtifactAndGroupIDs(t *testing.T) { diff --git a/syft/pkg/cataloger/cpp/parse_conanfile_test.go b/syft/pkg/cataloger/cpp/parse_conanfile_test.go index bdcb0322b..4500f0bd8 100644 --- a/syft/pkg/cataloger/cpp/parse_conanfile_test.go +++ b/syft/pkg/cataloger/cpp/parse_conanfile_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParseConanfile(t *testing.T) { diff --git a/syft/pkg/cataloger/dart/parse_pubspec_lock.go b/syft/pkg/cataloger/dart/parse_pubspec_lock.go index 2ecd8177c..38dfe8708 100644 --- a/syft/pkg/cataloger/dart/parse_pubspec_lock.go +++ b/syft/pkg/cataloger/dart/parse_pubspec_lock.go @@ -5,11 +5,12 @@ import ( "io" "net/url" + "gopkg.in/yaml.v2" + "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" - "gopkg.in/yaml.v2" ) // integrity check diff --git a/syft/pkg/cataloger/deb/cataloger.go b/syft/pkg/cataloger/deb/cataloger.go index 4b9146fd7..a9db587b7 100644 --- a/syft/pkg/cataloger/deb/cataloger.go +++ b/syft/pkg/cataloger/deb/cataloger.go @@ -11,7 +11,6 @@ import ( "sort" "github.com/anchore/syft/internal" - "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" diff --git a/syft/pkg/cataloger/deb/cataloger_test.go b/syft/pkg/cataloger/deb/cataloger_test.go index 4373f5620..8744ec561 100644 --- a/syft/pkg/cataloger/deb/cataloger_test.go +++ b/syft/pkg/cataloger/deb/cataloger_test.go @@ -1,15 +1,15 @@ package deb import ( - "github.com/stretchr/testify/assert" "testing" - "github.com/anchore/syft/syft/file" + "github.com/go-test/deep" + "github.com/stretchr/testify/assert" "github.com/anchore/stereoscope/pkg/imagetest" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - "github.com/go-test/deep" ) func TestDpkgCataloger(t *testing.T) { diff --git a/syft/pkg/cataloger/deb/parse_dpkg_info_files_test.go b/syft/pkg/cataloger/deb/parse_dpkg_info_files_test.go index c345c714e..f3e097b72 100644 --- a/syft/pkg/cataloger/deb/parse_dpkg_info_files_test.go +++ b/syft/pkg/cataloger/deb/parse_dpkg_info_files_test.go @@ -4,10 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/file" - "github.com/go-test/deep" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" ) diff --git a/syft/pkg/cataloger/deb/parse_dpkg_status.go b/syft/pkg/cataloger/deb/parse_dpkg_status.go index 3be240151..9bc4023ab 100644 --- a/syft/pkg/cataloger/deb/parse_dpkg_status.go +++ b/syft/pkg/cataloger/deb/parse_dpkg_status.go @@ -8,11 +8,12 @@ import ( "regexp" "strings" + "github.com/dustin/go-humanize" + "github.com/mitchellh/mapstructure" + "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/pkg" - "github.com/dustin/go-humanize" - "github.com/mitchellh/mapstructure" ) var ( diff --git a/syft/pkg/cataloger/deb/parse_dpkg_status_test.go b/syft/pkg/cataloger/deb/parse_dpkg_status_test.go index ed1dd9487..46d928ca0 100644 --- a/syft/pkg/cataloger/deb/parse_dpkg_status_test.go +++ b/syft/pkg/cataloger/deb/parse_dpkg_status_test.go @@ -9,11 +9,11 @@ import ( "strings" "testing" - "github.com/anchore/syft/syft/file" + "github.com/go-test/deep" "github.com/stretchr/testify/assert" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" - "github.com/go-test/deep" ) func compareEntries(t *testing.T, left, right pkg.DpkgMetadata) { diff --git a/syft/pkg/cataloger/golang/parse_go_bin.go b/syft/pkg/cataloger/golang/parse_go_bin.go index 5dd726783..cabf30f32 100644 --- a/syft/pkg/cataloger/golang/parse_go_bin.go +++ b/syft/pkg/cataloger/golang/parse_go_bin.go @@ -12,11 +12,12 @@ import ( "strings" "time" + "golang.org/x/mod/module" + "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/golang/internal/xcoff" "github.com/anchore/syft/syft/source" - "golang.org/x/mod/module" ) const GOARCH = "GOARCH" diff --git a/syft/pkg/cataloger/golang/parse_go_bin_test.go b/syft/pkg/cataloger/golang/parse_go_bin_test.go index 2c2a383ae..6f48c02b9 100644 --- a/syft/pkg/cataloger/golang/parse_go_bin_test.go +++ b/syft/pkg/cataloger/golang/parse_go_bin_test.go @@ -11,10 +11,11 @@ import ( "syscall" "testing" - "github.com/anchore/syft/syft/pkg" - "github.com/anchore/syft/syft/source" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) // make will run the default make target for the given test fixture path diff --git a/syft/pkg/cataloger/golang/parse_go_mod.go b/syft/pkg/cataloger/golang/parse_go_mod.go index 61c52c93e..db03f4a99 100644 --- a/syft/pkg/cataloger/golang/parse_go_mod.go +++ b/syft/pkg/cataloger/golang/parse_go_mod.go @@ -5,9 +5,10 @@ import ( "io" "sort" + "golang.org/x/mod/modfile" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" - "golang.org/x/mod/modfile" ) // parseGoMod takes a go.mod and lists all packages discovered. diff --git a/syft/pkg/cataloger/haskell/parse_cabal_freeze_test.go b/syft/pkg/cataloger/haskell/parse_cabal_freeze_test.go index 162d0d8cb..3f898dfff 100644 --- a/syft/pkg/cataloger/haskell/parse_cabal_freeze_test.go +++ b/syft/pkg/cataloger/haskell/parse_cabal_freeze_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParseCabalFreeze(t *testing.T) { diff --git a/syft/pkg/cataloger/haskell/parse_stack_lock.go b/syft/pkg/cataloger/haskell/parse_stack_lock.go index 0d08c25ff..0cbbda80b 100644 --- a/syft/pkg/cataloger/haskell/parse_stack_lock.go +++ b/syft/pkg/cataloger/haskell/parse_stack_lock.go @@ -5,10 +5,11 @@ import ( "io" "strings" + "gopkg.in/yaml.v3" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" - "gopkg.in/yaml.v3" ) // integrity check diff --git a/syft/pkg/cataloger/haskell/parse_stack_lock_test.go b/syft/pkg/cataloger/haskell/parse_stack_lock_test.go index 3ad296b2c..0f1cfde40 100644 --- a/syft/pkg/cataloger/haskell/parse_stack_lock_test.go +++ b/syft/pkg/cataloger/haskell/parse_stack_lock_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func fixtureP(str string) *string { diff --git a/syft/pkg/cataloger/haskell/parse_stack_yaml.go b/syft/pkg/cataloger/haskell/parse_stack_yaml.go index eb71f51ca..3fceb15cc 100644 --- a/syft/pkg/cataloger/haskell/parse_stack_yaml.go +++ b/syft/pkg/cataloger/haskell/parse_stack_yaml.go @@ -4,10 +4,11 @@ import ( "fmt" "io" + "gopkg.in/yaml.v3" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" - "gopkg.in/yaml.v3" ) // integrity check diff --git a/syft/pkg/cataloger/haskell/parse_stack_yaml_test.go b/syft/pkg/cataloger/haskell/parse_stack_yaml_test.go index 351630b71..cdf7c0359 100644 --- a/syft/pkg/cataloger/haskell/parse_stack_yaml_test.go +++ b/syft/pkg/cataloger/haskell/parse_stack_yaml_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParseStackYaml(t *testing.T) { diff --git a/syft/pkg/cataloger/java/archive_filename.go b/syft/pkg/cataloger/java/archive_filename.go index cb4d14216..519cd7dd0 100644 --- a/syft/pkg/cataloger/java/archive_filename.go +++ b/syft/pkg/cataloger/java/archive_filename.go @@ -6,7 +6,6 @@ import ( "strings" "github.com/anchore/syft/internal/log" - "github.com/anchore/syft/syft/pkg" ) diff --git a/syft/pkg/cataloger/java/archive_filename_test.go b/syft/pkg/cataloger/java/archive_filename_test.go index da3c95907..f1c34aaa7 100644 --- a/syft/pkg/cataloger/java/archive_filename_test.go +++ b/syft/pkg/cataloger/java/archive_filename_test.go @@ -3,8 +3,9 @@ package java import ( "testing" - "github.com/anchore/syft/syft/pkg" "github.com/sergi/go-diff/diffmatchpatch" + + "github.com/anchore/syft/syft/pkg" ) func TestExtractInfoFromJavaArchiveFilename(t *testing.T) { diff --git a/syft/pkg/cataloger/java/archive_parser_test.go b/syft/pkg/cataloger/java/archive_parser_test.go index 64d181496..30c67f0e9 100644 --- a/syft/pkg/cataloger/java/archive_parser_test.go +++ b/syft/pkg/cataloger/java/archive_parser_test.go @@ -12,11 +12,12 @@ import ( "syscall" "testing" - "github.com/anchore/syft/internal" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" "github.com/gookit/color" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/internal" + "github.com/anchore/syft/syft/pkg" ) func generateJavaBuildFixture(t *testing.T, fixturePath string) { diff --git a/syft/pkg/cataloger/java/package_url_test.go b/syft/pkg/cataloger/java/package_url_test.go index 27cf46ef9..b3785a4df 100644 --- a/syft/pkg/cataloger/java/package_url_test.go +++ b/syft/pkg/cataloger/java/package_url_test.go @@ -1,9 +1,11 @@ package java import ( - "github.com/anchore/syft/syft/pkg" - "github.com/stretchr/testify/assert" "testing" + + "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func Test_packageURL(t *testing.T) { diff --git a/syft/pkg/cataloger/java/parse_java_manifest.go b/syft/pkg/cataloger/java/parse_java_manifest.go index 688595b03..93e2823ff 100644 --- a/syft/pkg/cataloger/java/parse_java_manifest.go +++ b/syft/pkg/cataloger/java/parse_java_manifest.go @@ -8,7 +8,6 @@ import ( "strings" "github.com/anchore/syft/internal/log" - "github.com/anchore/syft/syft/pkg" ) diff --git a/syft/pkg/cataloger/java/parse_java_manifest_test.go b/syft/pkg/cataloger/java/parse_java_manifest_test.go index 0982e35b2..231cd7c98 100644 --- a/syft/pkg/cataloger/java/parse_java_manifest_test.go +++ b/syft/pkg/cataloger/java/parse_java_manifest_test.go @@ -5,10 +5,10 @@ import ( "os" "testing" + "github.com/go-test/deep" "github.com/stretchr/testify/assert" "github.com/anchore/syft/syft/pkg" - "github.com/go-test/deep" ) func TestParseJavaManifest(t *testing.T) { diff --git a/syft/pkg/cataloger/java/parse_pom_properties.go b/syft/pkg/cataloger/java/parse_pom_properties.go index 93ccec636..576c7d248 100644 --- a/syft/pkg/cataloger/java/parse_pom_properties.go +++ b/syft/pkg/cataloger/java/parse_pom_properties.go @@ -6,8 +6,9 @@ import ( "io" "strings" - "github.com/anchore/syft/syft/pkg" "github.com/mitchellh/mapstructure" + + "github.com/anchore/syft/syft/pkg" ) const pomPropertiesGlob = "*pom.properties" diff --git a/syft/pkg/cataloger/java/parse_pom_properties_test.go b/syft/pkg/cataloger/java/parse_pom_properties_test.go index ab7a3d2b2..63b9e4c0c 100644 --- a/syft/pkg/cataloger/java/parse_pom_properties_test.go +++ b/syft/pkg/cataloger/java/parse_pom_properties_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func TestParseJavaPomProperties(t *testing.T) { diff --git a/syft/pkg/cataloger/java/parse_pom_xml.go b/syft/pkg/cataloger/java/parse_pom_xml.go index 1f7b932b6..b343c8f46 100644 --- a/syft/pkg/cataloger/java/parse_pom_xml.go +++ b/syft/pkg/cataloger/java/parse_pom_xml.go @@ -6,10 +6,11 @@ import ( "io" "strings" - "github.com/anchore/syft/syft/artifact" - "github.com/anchore/syft/syft/pkg" "github.com/vifraa/gopom" "golang.org/x/net/html/charset" + + "github.com/anchore/syft/syft/artifact" + "github.com/anchore/syft/syft/pkg" ) const pomXMLGlob = "*pom.xml" diff --git a/syft/pkg/cataloger/java/parse_pom_xml_test.go b/syft/pkg/cataloger/java/parse_pom_xml_test.go index e314716f4..8c25cad9d 100644 --- a/syft/pkg/cataloger/java/parse_pom_xml_test.go +++ b/syft/pkg/cataloger/java/parse_pom_xml_test.go @@ -4,10 +4,10 @@ import ( "os" "testing" + "github.com/stretchr/testify/assert" "github.com/vifraa/gopom" "github.com/anchore/syft/syft/pkg" - "github.com/stretchr/testify/assert" ) func Test_parserPomXML(t *testing.T) { diff --git a/syft/pkg/cataloger/java/tar_wrapped_archive_parser.go b/syft/pkg/cataloger/java/tar_wrapped_archive_parser.go index 4d0a60420..fd6091515 100644 --- a/syft/pkg/cataloger/java/tar_wrapped_archive_parser.go +++ b/syft/pkg/cataloger/java/tar_wrapped_archive_parser.go @@ -5,7 +5,6 @@ import ( "io" "github.com/anchore/syft/internal/file" - "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" diff --git a/syft/pkg/cataloger/java/tar_wrapped_archive_parser_test.go b/syft/pkg/cataloger/java/tar_wrapped_archive_parser_test.go index 8a1f73162..707359995 100644 --- a/syft/pkg/cataloger/java/tar_wrapped_archive_parser_test.go +++ b/syft/pkg/cataloger/java/tar_wrapped_archive_parser_test.go @@ -5,9 +5,8 @@ import ( "path" "testing" - "github.com/stretchr/testify/require" - "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" ) func Test_parseTarWrappedJavaArchive(t *testing.T) { diff --git a/syft/pkg/cataloger/java/zip_wrapped_archive_parser.go b/syft/pkg/cataloger/java/zip_wrapped_archive_parser.go index 6e32ed428..0b8c9b641 100644 --- a/syft/pkg/cataloger/java/zip_wrapped_archive_parser.go +++ b/syft/pkg/cataloger/java/zip_wrapped_archive_parser.go @@ -5,7 +5,6 @@ import ( "io" "github.com/anchore/syft/internal/file" - "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" diff --git a/syft/pkg/cataloger/javascript/parse_package_json.go b/syft/pkg/cataloger/javascript/parse_package_json.go index 32a67b507..31a9f2c66 100644 --- a/syft/pkg/cataloger/javascript/parse_package_json.go +++ b/syft/pkg/cataloger/javascript/parse_package_json.go @@ -7,12 +7,10 @@ import ( "io" "regexp" - "github.com/anchore/syft/internal/log" - - "github.com/anchore/syft/internal" - "github.com/mitchellh/mapstructure" + "github.com/anchore/syft/internal" + "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" diff --git a/syft/pkg/cataloger/javascript/parse_package_json_test.go b/syft/pkg/cataloger/javascript/parse_package_json_test.go index 60a2a06cb..9225737ee 100644 --- a/syft/pkg/cataloger/javascript/parse_package_json_test.go +++ b/syft/pkg/cataloger/javascript/parse_package_json_test.go @@ -4,9 +4,10 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/pkg" ) func TestParsePackageJSON(t *testing.T) { diff --git a/syft/pkg/cataloger/javascript/parse_pnpm_lock.go b/syft/pkg/cataloger/javascript/parse_pnpm_lock.go index fc0cb2cb4..aa1cc169b 100644 --- a/syft/pkg/cataloger/javascript/parse_pnpm_lock.go +++ b/syft/pkg/cataloger/javascript/parse_pnpm_lock.go @@ -4,10 +4,11 @@ import ( "fmt" "io" + "gopkg.in/yaml.v3" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" - "gopkg.in/yaml.v3" ) // integrity check diff --git a/syft/pkg/cataloger/javascript/parse_pnpm_lock_test.go b/syft/pkg/cataloger/javascript/parse_pnpm_lock_test.go index af626eef2..49118075e 100644 --- a/syft/pkg/cataloger/javascript/parse_pnpm_lock_test.go +++ b/syft/pkg/cataloger/javascript/parse_pnpm_lock_test.go @@ -5,8 +5,9 @@ import ( "sort" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func fixtureP(str string) *string { diff --git a/syft/pkg/cataloger/javascript/parse_yarn_lock_test.go b/syft/pkg/cataloger/javascript/parse_yarn_lock_test.go index fbe2ce7a7..da54f19a3 100644 --- a/syft/pkg/cataloger/javascript/parse_yarn_lock_test.go +++ b/syft/pkg/cataloger/javascript/parse_yarn_lock_test.go @@ -4,9 +4,10 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/anchore/syft/syft/pkg" ) func TestParseYarnBerry(t *testing.T) { diff --git a/syft/pkg/cataloger/php/parse_composer_lock_test.go b/syft/pkg/cataloger/php/parse_composer_lock_test.go index c0658aa51..b5522d15d 100644 --- a/syft/pkg/cataloger/php/parse_composer_lock_test.go +++ b/syft/pkg/cataloger/php/parse_composer_lock_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParseComposerFileLock(t *testing.T) { diff --git a/syft/pkg/cataloger/php/parse_installed_json_test.go b/syft/pkg/cataloger/php/parse_installed_json_test.go index 9c925afce..45c40d6b9 100644 --- a/syft/pkg/cataloger/php/parse_installed_json_test.go +++ b/syft/pkg/cataloger/php/parse_installed_json_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) var expectedInstalledJsonPackages = []*pkg.Package{ diff --git a/syft/pkg/cataloger/portage/cataloger_test.go b/syft/pkg/cataloger/portage/cataloger_test.go index 26aad66fb..c0e6f71bb 100644 --- a/syft/pkg/cataloger/portage/cataloger_test.go +++ b/syft/pkg/cataloger/portage/cataloger_test.go @@ -3,12 +3,12 @@ package portage import ( "testing" - "github.com/anchore/syft/syft/file" + "github.com/go-test/deep" "github.com/anchore/stereoscope/pkg/imagetest" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - "github.com/go-test/deep" ) func TestPortageCataloger(t *testing.T) { diff --git a/syft/pkg/cataloger/python/package_cataloger.go b/syft/pkg/cataloger/python/package_cataloger.go index d58fe7ccd..2a95a2498 100644 --- a/syft/pkg/cataloger/python/package_cataloger.go +++ b/syft/pkg/cataloger/python/package_cataloger.go @@ -8,10 +8,8 @@ import ( "path/filepath" "github.com/anchore/syft/internal" - "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" - "github.com/anchore/syft/syft/source" ) diff --git a/syft/pkg/cataloger/python/package_cataloger_test.go b/syft/pkg/cataloger/python/package_cataloger_test.go index fa6917ac3..f5140e644 100644 --- a/syft/pkg/cataloger/python/package_cataloger_test.go +++ b/syft/pkg/cataloger/python/package_cataloger_test.go @@ -3,9 +3,10 @@ package python import ( "testing" + "github.com/go-test/deep" + "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - "github.com/go-test/deep" ) func TestPythonPackageWheelCataloger(t *testing.T) { diff --git a/syft/pkg/cataloger/python/parse_pipfile_lock_test.go b/syft/pkg/cataloger/python/parse_pipfile_lock_test.go index d9fd1a02d..42495a1f8 100644 --- a/syft/pkg/cataloger/python/parse_pipfile_lock_test.go +++ b/syft/pkg/cataloger/python/parse_pipfile_lock_test.go @@ -1,13 +1,13 @@ package python import ( - "github.com/anchore/syft/syft/source" "os" "testing" "github.com/google/go-cmp/cmp" "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) func TestParsePipFileLock(t *testing.T) { diff --git a/syft/pkg/cataloger/python/parse_poetry_lock.go b/syft/pkg/cataloger/python/parse_poetry_lock.go index 8cae5ed9e..cee921f4c 100644 --- a/syft/pkg/cataloger/python/parse_poetry_lock.go +++ b/syft/pkg/cataloger/python/parse_poetry_lock.go @@ -4,10 +4,11 @@ import ( "fmt" "io" + "github.com/pelletier/go-toml" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" - "github.com/pelletier/go-toml" ) // integrity check diff --git a/syft/pkg/cataloger/python/parse_poetry_lock_test.go b/syft/pkg/cataloger/python/parse_poetry_lock_test.go index a582a8344..3abdf6061 100644 --- a/syft/pkg/cataloger/python/parse_poetry_lock_test.go +++ b/syft/pkg/cataloger/python/parse_poetry_lock_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParsePoetryLock(t *testing.T) { diff --git a/syft/pkg/cataloger/python/parse_requirements_test.go b/syft/pkg/cataloger/python/parse_requirements_test.go index 3a1871059..9d60f9575 100644 --- a/syft/pkg/cataloger/python/parse_requirements_test.go +++ b/syft/pkg/cataloger/python/parse_requirements_test.go @@ -1,13 +1,13 @@ package python import ( - "github.com/anchore/syft/syft/source" "os" "testing" "github.com/google/go-cmp/cmp" "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) func TestParseRequirementsTxt(t *testing.T) { diff --git a/syft/pkg/cataloger/python/parse_setup_test.go b/syft/pkg/cataloger/python/parse_setup_test.go index b5614fa3d..685af622c 100644 --- a/syft/pkg/cataloger/python/parse_setup_test.go +++ b/syft/pkg/cataloger/python/parse_setup_test.go @@ -1,13 +1,13 @@ package python import ( - "github.com/anchore/syft/syft/source" "os" "testing" "github.com/google/go-cmp/cmp" "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) func TestParseSetup(t *testing.T) { diff --git a/syft/pkg/cataloger/python/parse_wheel_egg_metadata.go b/syft/pkg/cataloger/python/parse_wheel_egg_metadata.go index 4c6a880f1..f21c31bfa 100644 --- a/syft/pkg/cataloger/python/parse_wheel_egg_metadata.go +++ b/syft/pkg/cataloger/python/parse_wheel_egg_metadata.go @@ -7,11 +7,10 @@ import ( "path/filepath" "strings" - "github.com/anchore/syft/internal/file" - "github.com/anchore/syft/internal/log" - "github.com/mitchellh/mapstructure" + "github.com/anchore/syft/internal/file" + "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/pkg" ) diff --git a/syft/pkg/cataloger/python/parse_wheel_egg_metadata_test.go b/syft/pkg/cataloger/python/parse_wheel_egg_metadata_test.go index 737da67f9..7159962b8 100644 --- a/syft/pkg/cataloger/python/parse_wheel_egg_metadata_test.go +++ b/syft/pkg/cataloger/python/parse_wheel_egg_metadata_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParseWheelEggMetadata(t *testing.T) { diff --git a/syft/pkg/cataloger/python/parse_wheel_egg_record_test.go b/syft/pkg/cataloger/python/parse_wheel_egg_record_test.go index 7b178d9f0..5090d4bd3 100644 --- a/syft/pkg/cataloger/python/parse_wheel_egg_record_test.go +++ b/syft/pkg/cataloger/python/parse_wheel_egg_record_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParseWheelEggRecord(t *testing.T) { diff --git a/syft/pkg/cataloger/rpm/parse_rpmdb.go b/syft/pkg/cataloger/rpm/parse_rpmdb.go index 5340c1258..5fc82b25a 100644 --- a/syft/pkg/cataloger/rpm/parse_rpmdb.go +++ b/syft/pkg/cataloger/rpm/parse_rpmdb.go @@ -6,12 +6,13 @@ import ( "io/ioutil" "os" + rpmdb "github.com/knqyf263/go-rpmdb/pkg" + "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - rpmdb "github.com/knqyf263/go-rpmdb/pkg" ) // parseRpmDb parses an "Packages" RPM DB and returns the Packages listed within it. diff --git a/syft/pkg/cataloger/rpm/parse_rpmdb_test.go b/syft/pkg/cataloger/rpm/parse_rpmdb_test.go index 4838c0d96..8b8571120 100644 --- a/syft/pkg/cataloger/rpm/parse_rpmdb_test.go +++ b/syft/pkg/cataloger/rpm/parse_rpmdb_test.go @@ -5,14 +5,12 @@ import ( "os" "testing" + "github.com/go-test/deep" "github.com/stretchr/testify/assert" "github.com/anchore/syft/syft/file" - - "github.com/anchore/syft/syft/source" - "github.com/anchore/syft/syft/pkg" - "github.com/go-test/deep" + "github.com/anchore/syft/syft/source" ) type rpmdbTestFileResolverMock struct { diff --git a/syft/pkg/cataloger/rpm/parse_rpmmanifest_test.go b/syft/pkg/cataloger/rpm/parse_rpmmanifest_test.go index a9b73df42..977a1077d 100644 --- a/syft/pkg/cataloger/rpm/parse_rpmmanifest_test.go +++ b/syft/pkg/cataloger/rpm/parse_rpmmanifest_test.go @@ -4,9 +4,10 @@ import ( "os" "testing" + "github.com/go-test/deep" + "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/source" - "github.com/go-test/deep" ) func TestParseRpmManifest(t *testing.T) { diff --git a/syft/pkg/cataloger/ruby/parse_gemspec.go b/syft/pkg/cataloger/ruby/parse_gemspec.go index e175c417b..a61d95518 100644 --- a/syft/pkg/cataloger/ruby/parse_gemspec.go +++ b/syft/pkg/cataloger/ruby/parse_gemspec.go @@ -8,10 +8,9 @@ import ( "regexp" "strings" - "github.com/anchore/syft/internal" - "github.com/mitchellh/mapstructure" + "github.com/anchore/syft/internal" "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" diff --git a/syft/pkg/cataloger/ruby/parse_gemspec_test.go b/syft/pkg/cataloger/ruby/parse_gemspec_test.go index 75e3fa24e..748394594 100644 --- a/syft/pkg/cataloger/ruby/parse_gemspec_test.go +++ b/syft/pkg/cataloger/ruby/parse_gemspec_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParseGemspec(t *testing.T) { diff --git a/syft/pkg/cataloger/rust/audit_binary_cataloger.go b/syft/pkg/cataloger/rust/audit_binary_cataloger.go index eeab99cf1..700b0f2ec 100644 --- a/syft/pkg/cataloger/rust/audit_binary_cataloger.go +++ b/syft/pkg/cataloger/rust/audit_binary_cataloger.go @@ -3,13 +3,14 @@ package rust import ( "fmt" + rustaudit "github.com/microsoft/go-rustaudit" + "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/internal/unionreader" "github.com/anchore/syft/syft/source" - rustaudit "github.com/microsoft/go-rustaudit" ) const catalogerName = "cargo-auditable-binary-cataloger" diff --git a/syft/pkg/cataloger/rust/parse_cargo_lock.go b/syft/pkg/cataloger/rust/parse_cargo_lock.go index 8910a70dd..fa40e53c9 100644 --- a/syft/pkg/cataloger/rust/parse_cargo_lock.go +++ b/syft/pkg/cataloger/rust/parse_cargo_lock.go @@ -4,10 +4,11 @@ import ( "fmt" "io" + "github.com/pelletier/go-toml" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" - "github.com/pelletier/go-toml" ) // integrity check diff --git a/syft/pkg/cataloger/rust/parse_cargo_lock_test.go b/syft/pkg/cataloger/rust/parse_cargo_lock_test.go index 4bf2cd3e2..579c591cd 100644 --- a/syft/pkg/cataloger/rust/parse_cargo_lock_test.go +++ b/syft/pkg/cataloger/rust/parse_cargo_lock_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParseCargoLock(t *testing.T) { diff --git a/syft/pkg/cataloger/swift/parse_podfile_lock.go b/syft/pkg/cataloger/swift/parse_podfile_lock.go index 31819bef1..735f28a08 100644 --- a/syft/pkg/cataloger/swift/parse_podfile_lock.go +++ b/syft/pkg/cataloger/swift/parse_podfile_lock.go @@ -6,10 +6,11 @@ import ( "io/ioutil" "strings" + "gopkg.in/yaml.v3" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg/cataloger/common" - "gopkg.in/yaml.v3" ) // integrity check diff --git a/syft/pkg/cataloger/swift/parse_podfile_lock_test.go b/syft/pkg/cataloger/swift/parse_podfile_lock_test.go index 8592eb4f8..a434d904e 100644 --- a/syft/pkg/cataloger/swift/parse_podfile_lock_test.go +++ b/syft/pkg/cataloger/swift/parse_podfile_lock_test.go @@ -4,8 +4,9 @@ import ( "os" "testing" - "github.com/anchore/syft/syft/pkg" "github.com/go-test/deep" + + "github.com/anchore/syft/syft/pkg" ) func TestParsePodfileLock(t *testing.T) { diff --git a/syft/pkg/dpkg_metadata.go b/syft/pkg/dpkg_metadata.go index cc69a6173..fb405a85b 100644 --- a/syft/pkg/dpkg_metadata.go +++ b/syft/pkg/dpkg_metadata.go @@ -4,11 +4,11 @@ import ( "fmt" "sort" - "github.com/anchore/syft/syft/file" + "github.com/scylladb/go-set/strset" "github.com/anchore/packageurl-go" + "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/linux" - "github.com/scylladb/go-set/strset" ) const DpkgDBGlob = "**/var/lib/dpkg/{status,status.d/**}" diff --git a/syft/pkg/dpkg_metadata_test.go b/syft/pkg/dpkg_metadata_test.go index 145baf308..088e41000 100644 --- a/syft/pkg/dpkg_metadata_test.go +++ b/syft/pkg/dpkg_metadata_test.go @@ -5,9 +5,9 @@ import ( "testing" "github.com/go-test/deep" + "github.com/sergi/go-diff/diffmatchpatch" "github.com/anchore/syft/syft/linux" - "github.com/sergi/go-diff/diffmatchpatch" ) func TestDpkgMetadata_pURL(t *testing.T) { diff --git a/syft/pkg/java_metadata.go b/syft/pkg/java_metadata.go index 4e606a03d..779845b54 100644 --- a/syft/pkg/java_metadata.go +++ b/syft/pkg/java_metadata.go @@ -3,10 +3,9 @@ package pkg import ( "strings" + "github.com/anchore/syft/internal" "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/linux" - - "github.com/anchore/syft/internal" ) var _ urlIdentifier = (*JavaMetadata)(nil) diff --git a/syft/pkg/npm_package_json_metadata_test.go b/syft/pkg/npm_package_json_metadata_test.go index ff5e5f0e6..4557c29d0 100644 --- a/syft/pkg/npm_package_json_metadata_test.go +++ b/syft/pkg/npm_package_json_metadata_test.go @@ -4,9 +4,10 @@ import ( "fmt" "testing" - "github.com/anchore/packageurl-go" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/anchore/packageurl-go" ) func TestNpmPackageJSONMetadata_PackageURL(t *testing.T) { diff --git a/syft/pkg/package_test.go b/syft/pkg/package_test.go index 6e95e3896..7c3246a08 100644 --- a/syft/pkg/package_test.go +++ b/syft/pkg/package_test.go @@ -3,11 +3,12 @@ package pkg import ( "testing" - "github.com/anchore/stereoscope/pkg/file" - "github.com/anchore/syft/syft/source" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/anchore/stereoscope/pkg/file" + "github.com/anchore/syft/syft/source" ) func TestIDUniqueness(t *testing.T) { diff --git a/syft/pkg/php_composer_json_metadata_test.go b/syft/pkg/php_composer_json_metadata_test.go index 81453a7d0..ee38ad871 100644 --- a/syft/pkg/php_composer_json_metadata_test.go +++ b/syft/pkg/php_composer_json_metadata_test.go @@ -1,9 +1,11 @@ package pkg import ( - "github.com/anchore/syft/syft/linux" - "github.com/sergi/go-diff/diffmatchpatch" "testing" + + "github.com/sergi/go-diff/diffmatchpatch" + + "github.com/anchore/syft/syft/linux" ) func TestPhpComposerJsonMetadata_pURL(t *testing.T) { diff --git a/syft/pkg/python_package_metadata.go b/syft/pkg/python_package_metadata.go index de5664d48..cacfb5ab4 100644 --- a/syft/pkg/python_package_metadata.go +++ b/syft/pkg/python_package_metadata.go @@ -4,10 +4,10 @@ import ( "fmt" "sort" - "github.com/anchore/syft/syft/linux" + "github.com/scylladb/go-set/strset" "github.com/anchore/packageurl-go" - "github.com/scylladb/go-set/strset" + "github.com/anchore/syft/syft/linux" ) var ( diff --git a/syft/pkg/python_package_metadata_test.go b/syft/pkg/python_package_metadata_test.go index f4e61b05d..4798ef373 100644 --- a/syft/pkg/python_package_metadata_test.go +++ b/syft/pkg/python_package_metadata_test.go @@ -1,12 +1,13 @@ package pkg import ( - "github.com/anchore/syft/syft/linux" - "github.com/sergi/go-diff/diffmatchpatch" "strings" "testing" "github.com/go-test/deep" + "github.com/sergi/go-diff/diffmatchpatch" + + "github.com/anchore/syft/syft/linux" ) func TestPythonPackageMetadata_pURL(t *testing.T) { diff --git a/syft/pkg/relationships_by_file_ownership.go b/syft/pkg/relationships_by_file_ownership.go index 5738b85c1..564952f93 100644 --- a/syft/pkg/relationships_by_file_ownership.go +++ b/syft/pkg/relationships_by_file_ownership.go @@ -3,10 +3,11 @@ package pkg import ( "sort" - "github.com/anchore/syft/internal/log" - "github.com/anchore/syft/syft/artifact" "github.com/bmatcuk/doublestar/v4" "github.com/scylladb/go-set/strset" + + "github.com/anchore/syft/internal/log" + "github.com/anchore/syft/syft/artifact" ) // AltRpmDBGlob allows db matches against new locations introduced in fedora:{36,37} diff --git a/syft/pkg/relationships_by_file_ownership_test.go b/syft/pkg/relationships_by_file_ownership_test.go index ff0f71f9e..e9de69e6b 100644 --- a/syft/pkg/relationships_by_file_ownership_test.go +++ b/syft/pkg/relationships_by_file_ownership_test.go @@ -3,9 +3,10 @@ package pkg import ( "testing" + "github.com/stretchr/testify/assert" + "github.com/anchore/syft/syft/artifact" "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/assert" ) func TestOwnershipByFilesRelationship(t *testing.T) { diff --git a/syft/pkg/rpm_metadata.go b/syft/pkg/rpm_metadata.go index 684de377c..f2d8880d6 100644 --- a/syft/pkg/rpm_metadata.go +++ b/syft/pkg/rpm_metadata.go @@ -5,10 +5,11 @@ import ( "sort" "strconv" + "github.com/scylladb/go-set/strset" + "github.com/anchore/packageurl-go" "github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/linux" - "github.com/scylladb/go-set/strset" ) // Packages is the legacy Berkely db based format diff --git a/syft/pkg/rpm_metadata_test.go b/syft/pkg/rpm_metadata_test.go index 85f36212e..84ddef60d 100644 --- a/syft/pkg/rpm_metadata_test.go +++ b/syft/pkg/rpm_metadata_test.go @@ -5,9 +5,9 @@ import ( "testing" "github.com/go-test/deep" + "github.com/sergi/go-diff/diffmatchpatch" "github.com/anchore/syft/syft/linux" - "github.com/sergi/go-diff/diffmatchpatch" ) func TestRpmMetadata_pURL(t *testing.T) { diff --git a/syft/pkg/type_test.go b/syft/pkg/type_test.go index 2b25749ae..5902185dc 100644 --- a/syft/pkg/type_test.go +++ b/syft/pkg/type_test.go @@ -4,7 +4,6 @@ import ( "testing" "github.com/scylladb/go-set/strset" - "github.com/stretchr/testify/assert" ) diff --git a/syft/pkg/url_test.go b/syft/pkg/url_test.go index 85be8241f..03b689d2d 100644 --- a/syft/pkg/url_test.go +++ b/syft/pkg/url_test.go @@ -3,10 +3,11 @@ package pkg import ( "testing" - "github.com/anchore/syft/syft/linux" "github.com/scylladb/go-set/strset" "github.com/sergi/go-diff/diffmatchpatch" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/syft/linux" ) func TestPackageURL(t *testing.T) { diff --git a/syft/sbom/multi_writer.go b/syft/sbom/multi_writer.go index 9dbb1124f..fc7eb8c4d 100644 --- a/syft/sbom/multi_writer.go +++ b/syft/sbom/multi_writer.go @@ -5,9 +5,10 @@ import ( "os" "path" - "github.com/anchore/syft/internal/log" "github.com/hashicorp/go-multierror" "github.com/mitchellh/go-homedir" + + "github.com/anchore/syft/internal/log" ) // multiWriter holds a list of child sbom.Writers to apply all Write and Close operations to diff --git a/syft/source/all_layers_resolver_test.go b/syft/source/all_layers_resolver_test.go index e9e078012..2eb17b82b 100644 --- a/syft/source/all_layers_resolver_test.go +++ b/syft/source/all_layers_resolver_test.go @@ -1,11 +1,11 @@ package source import ( - "github.com/stretchr/testify/require" "io" "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" "github.com/anchore/stereoscope/pkg/imagetest" ) diff --git a/syft/source/coordinate_set_test.go b/syft/source/coordinate_set_test.go index 5601cdc91..7f50a61ff 100644 --- a/syft/source/coordinate_set_test.go +++ b/syft/source/coordinate_set_test.go @@ -1,11 +1,12 @@ package source import ( - "github.com/anchore/syft/syft/artifact" - "github.com/stretchr/testify/require" "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + + "github.com/anchore/syft/syft/artifact" ) func TestCoordinatesSet(t *testing.T) { diff --git a/syft/source/directory_resolver.go b/syft/source/directory_resolver.go index be90dd82a..700d1383e 100644 --- a/syft/source/directory_resolver.go +++ b/syft/source/directory_resolver.go @@ -11,15 +11,15 @@ import ( "runtime" "strings" - "github.com/anchore/syft/internal" + "github.com/wagoodman/go-partybus" + "github.com/wagoodman/go-progress" "github.com/anchore/stereoscope/pkg/file" "github.com/anchore/stereoscope/pkg/filetree" + "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/bus" "github.com/anchore/syft/internal/log" "github.com/anchore/syft/syft/event" - "github.com/wagoodman/go-partybus" - "github.com/wagoodman/go-progress" ) const WindowsOS = "windows" diff --git a/syft/source/directory_resolver_test.go b/syft/source/directory_resolver_test.go index f178414c5..bd67ec744 100644 --- a/syft/source/directory_resolver_test.go +++ b/syft/source/directory_resolver_test.go @@ -15,13 +15,12 @@ import ( "testing" "time" - "github.com/stretchr/testify/require" - "github.com/scylladb/go-set/strset" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/wagoodman/go-progress" "github.com/anchore/stereoscope/pkg/file" - "github.com/stretchr/testify/assert" - "github.com/wagoodman/go-progress" ) func TestDirectoryResolver_FilesByPath_relativeRoot(t *testing.T) { diff --git a/syft/source/excluding_file_resolver_test.go b/syft/source/excluding_file_resolver_test.go index 4cfe18727..958864e29 100644 --- a/syft/source/excluding_file_resolver_test.go +++ b/syft/source/excluding_file_resolver_test.go @@ -5,9 +5,9 @@ import ( "strings" "testing" - "github.com/anchore/stereoscope/pkg/file" - "github.com/stretchr/testify/assert" + + "github.com/anchore/stereoscope/pkg/file" ) func TestExcludingResolver(t *testing.T) { diff --git a/syft/source/file_metadata.go b/syft/source/file_metadata.go index 432a1d8f4..8082c7512 100644 --- a/syft/source/file_metadata.go +++ b/syft/source/file_metadata.go @@ -4,10 +4,8 @@ import ( "os" "github.com/anchore/stereoscope/pkg/file" - - "github.com/anchore/syft/internal/log" - "github.com/anchore/stereoscope/pkg/image" + "github.com/anchore/syft/internal/log" ) type FileMetadata struct { diff --git a/syft/source/image_squash_resolver_test.go b/syft/source/image_squash_resolver_test.go index 7f0819b9e..7bb7c9587 100644 --- a/syft/source/image_squash_resolver_test.go +++ b/syft/source/image_squash_resolver_test.go @@ -1,12 +1,12 @@ package source import ( - "github.com/stretchr/testify/require" "io" "testing" "github.com/scylladb/go-set/strset" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" "github.com/anchore/stereoscope/pkg/imagetest" ) diff --git a/syft/source/location_set_test.go b/syft/source/location_set_test.go index dc80a4962..e9a98fe2b 100644 --- a/syft/source/location_set_test.go +++ b/syft/source/location_set_test.go @@ -1,11 +1,12 @@ package source import ( - "github.com/anchore/syft/syft/artifact" - "github.com/stretchr/testify/require" "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + + "github.com/anchore/syft/syft/artifact" ) func TestLocationSet(t *testing.T) { diff --git a/syft/source/location_test.go b/syft/source/location_test.go index eb3532058..92b6ee45b 100644 --- a/syft/source/location_test.go +++ b/syft/source/location_test.go @@ -3,8 +3,9 @@ package source import ( "testing" - "github.com/anchore/stereoscope/pkg/file" "github.com/stretchr/testify/assert" + + "github.com/anchore/stereoscope/pkg/file" ) func TestLocation_ID(t *testing.T) { diff --git a/syft/source/scheme.go b/syft/source/scheme.go index 1c90dba03..46a621478 100644 --- a/syft/source/scheme.go +++ b/syft/source/scheme.go @@ -4,9 +4,10 @@ import ( "fmt" "strings" - "github.com/anchore/stereoscope/pkg/image" "github.com/mitchellh/go-homedir" "github.com/spf13/afero" + + "github.com/anchore/stereoscope/pkg/image" ) // Scheme represents the optional prefixed string at the beginning of a user request (e.g. "docker:"). diff --git a/syft/source/scheme_test.go b/syft/source/scheme_test.go index 4e94f602c..0523f977e 100644 --- a/syft/source/scheme_test.go +++ b/syft/source/scheme_test.go @@ -4,10 +4,11 @@ import ( "os" "testing" - "github.com/anchore/stereoscope/pkg/image" "github.com/mitchellh/go-homedir" "github.com/spf13/afero" "github.com/stretchr/testify/assert" + + "github.com/anchore/stereoscope/pkg/image" ) func TestDetectScheme(t *testing.T) { diff --git a/syft/source/source.go b/syft/source/source.go index 855cbae0f..2a27d8ae3 100644 --- a/syft/source/source.go +++ b/syft/source/source.go @@ -13,12 +13,13 @@ import ( "strings" "sync" - "github.com/anchore/stereoscope" - "github.com/anchore/stereoscope/pkg/image" - "github.com/anchore/syft/internal/log" "github.com/bmatcuk/doublestar/v4" "github.com/mholt/archiver/v3" "github.com/spf13/afero" + + "github.com/anchore/stereoscope" + "github.com/anchore/stereoscope/pkg/image" + "github.com/anchore/syft/internal/log" ) // Source is an object that captures the data source to be cataloged, configuration, and a specific resolver used diff --git a/syft/source/source_test.go b/syft/source/source_test.go index 8945e36cd..b7e960fcb 100644 --- a/syft/source/source_test.go +++ b/syft/source/source_test.go @@ -13,13 +13,11 @@ import ( "syscall" "testing" - "github.com/anchore/stereoscope/pkg/imagetest" - + "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/stretchr/testify/assert" - "github.com/anchore/stereoscope/pkg/image" + "github.com/anchore/stereoscope/pkg/imagetest" ) func TestParseInput(t *testing.T) { diff --git a/test/cli/json_schema_test.go b/test/cli/json_schema_test.go index d4ea995df..508e7c5fa 100644 --- a/test/cli/json_schema_test.go +++ b/test/cli/json_schema_test.go @@ -6,9 +6,10 @@ import ( "strings" "testing" + "github.com/xeipuuv/gojsonschema" + "github.com/anchore/stereoscope/pkg/imagetest" "github.com/anchore/syft/internal" - "github.com/xeipuuv/gojsonschema" ) // this is the path to the json schema directory relative to the root of the repo diff --git a/test/cli/spdx_json_schema_test.go b/test/cli/spdx_json_schema_test.go index f9d036c05..25c7d18c8 100644 --- a/test/cli/spdx_json_schema_test.go +++ b/test/cli/spdx_json_schema_test.go @@ -6,8 +6,9 @@ import ( "strings" "testing" - "github.com/anchore/stereoscope/pkg/imagetest" "github.com/xeipuuv/gojsonschema" + + "github.com/anchore/stereoscope/pkg/imagetest" ) // this is the path to the json schema directory relative to the root of the repo diff --git a/test/integration/catalog_packages_test.go b/test/integration/catalog_packages_test.go index 3b2cd7693..71f5e0c8e 100644 --- a/test/integration/catalog_packages_test.go +++ b/test/integration/catalog_packages_test.go @@ -3,18 +3,16 @@ package integration import ( "testing" + "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/anchore/syft/syft/linux" - "github.com/anchore/syft/syft/pkg/cataloger" - "github.com/google/go-cmp/cmp" - "github.com/anchore/stereoscope/pkg/imagetest" - "github.com/anchore/syft/syft/source" - "github.com/anchore/syft/internal" + "github.com/anchore/syft/syft/linux" "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/pkg/cataloger" + "github.com/anchore/syft/syft/source" ) func BenchmarkImagePackageCatalogers(b *testing.B) { diff --git a/test/integration/convert_test.go b/test/integration/convert_test.go index e6ef03189..c50d4fd09 100644 --- a/test/integration/convert_test.go +++ b/test/integration/convert_test.go @@ -6,6 +6,8 @@ import ( "os" "testing" + "github.com/stretchr/testify/require" + "github.com/anchore/syft/cmd/syft/cli/convert" "github.com/anchore/syft/internal/config" "github.com/anchore/syft/syft" @@ -17,7 +19,6 @@ import ( "github.com/anchore/syft/syft/formats/table" "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/require" ) var convertibleFormats = []sbom.Format{ diff --git a/test/integration/distro_test.go b/test/integration/distro_test.go index 07360f6eb..d2159660f 100644 --- a/test/integration/distro_test.go +++ b/test/integration/distro_test.go @@ -3,11 +3,10 @@ package integration import ( "testing" - "github.com/anchore/syft/syft/source" - "github.com/stretchr/testify/assert" "github.com/anchore/syft/syft/linux" + "github.com/anchore/syft/syft/source" ) func TestDistroImage(t *testing.T) { diff --git a/test/integration/encode_decode_cycle_test.go b/test/integration/encode_decode_cycle_test.go index 342d96a35..5b9e82dfb 100644 --- a/test/integration/encode_decode_cycle_test.go +++ b/test/integration/encode_decode_cycle_test.go @@ -6,20 +6,17 @@ import ( "regexp" "testing" - "github.com/anchore/syft/syft/formats/cyclonedxjson" - "github.com/anchore/syft/syft/formats/cyclonedxxml" - "github.com/anchore/syft/syft/formats/syftjson" - "github.com/anchore/syft/syft/source" "github.com/google/go-cmp/cmp" - - "github.com/anchore/syft/syft/sbom" + "github.com/sergi/go-diff/diffmatchpatch" + "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/anchore/syft/syft" - - "github.com/sergi/go-diff/diffmatchpatch" - - "github.com/stretchr/testify/assert" + "github.com/anchore/syft/syft/formats/cyclonedxjson" + "github.com/anchore/syft/syft/formats/cyclonedxxml" + "github.com/anchore/syft/syft/formats/syftjson" + "github.com/anchore/syft/syft/sbom" + "github.com/anchore/syft/syft/source" ) // TestEncodeDecodeEncodeCycleComparison is testing for differences in how SBOM documents get encoded on multiple cycles. diff --git a/test/integration/license_list_test.go b/test/integration/license_list_test.go index e0e384123..7a441e953 100644 --- a/test/integration/license_list_test.go +++ b/test/integration/license_list_test.go @@ -5,8 +5,9 @@ import ( "net/http" "testing" - "github.com/anchore/syft/internal/spdxlicense" "github.com/stretchr/testify/assert" + + "github.com/anchore/syft/internal/spdxlicense" ) func TestSPDXLicenseListIsTheLatest(t *testing.T) { diff --git a/test/integration/package_deduplication_test.go b/test/integration/package_deduplication_test.go index 4e9171b18..f00e854a6 100644 --- a/test/integration/package_deduplication_test.go +++ b/test/integration/package_deduplication_test.go @@ -6,9 +6,10 @@ import ( "fmt" "testing" - "github.com/anchore/syft/syft/source" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/anchore/syft/syft/source" ) func TestPackageDeduplication(t *testing.T) { diff --git a/test/integration/package_ownership_relationship_test.go b/test/integration/package_ownership_relationship_test.go index 86da411cd..4ca1873a1 100644 --- a/test/integration/package_ownership_relationship_test.go +++ b/test/integration/package_ownership_relationship_test.go @@ -5,10 +5,9 @@ import ( "encoding/json" "testing" - "github.com/anchore/syft/syft/source" - "github.com/anchore/syft/syft/formats/syftjson" syftjsonModel "github.com/anchore/syft/syft/formats/syftjson/model" + "github.com/anchore/syft/syft/source" ) func TestPackageOwnershipRelationships(t *testing.T) { diff --git a/test/integration/regression_apk_scanner_buffer_size_test.go b/test/integration/regression_apk_scanner_buffer_size_test.go index e6fdf58dd..a04cbe3e6 100644 --- a/test/integration/regression_apk_scanner_buffer_size_test.go +++ b/test/integration/regression_apk_scanner_buffer_size_test.go @@ -3,9 +3,8 @@ package integration import ( "testing" - "github.com/anchore/syft/syft/source" - "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) func TestRegression212ApkBufferSize(t *testing.T) { diff --git a/test/integration/regression_go_bin_scanner_arch_test.go b/test/integration/regression_go_bin_scanner_arch_test.go index a0ae70c85..2465d5dab 100644 --- a/test/integration/regression_go_bin_scanner_arch_test.go +++ b/test/integration/regression_go_bin_scanner_arch_test.go @@ -4,9 +4,8 @@ import ( "strings" "testing" - "github.com/anchore/syft/syft/source" - "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) func TestRegressionGoArchDiscovery(t *testing.T) { diff --git a/test/integration/sqlite_rpmdb_test.go b/test/integration/sqlite_rpmdb_test.go index 73b780451..b47642390 100644 --- a/test/integration/sqlite_rpmdb_test.go +++ b/test/integration/sqlite_rpmdb_test.go @@ -3,9 +3,8 @@ package integration import ( "testing" - "github.com/anchore/syft/syft/source" - "github.com/anchore/syft/syft/pkg" + "github.com/anchore/syft/syft/source" ) func TestSqliteRpm(t *testing.T) { diff --git a/test/integration/utils_test.go b/test/integration/utils_test.go index 81bd76061..c3f6abf46 100644 --- a/test/integration/utils_test.go +++ b/test/integration/utils_test.go @@ -5,12 +5,10 @@ import ( "github.com/stretchr/testify/require" - "github.com/anchore/syft/syft/pkg/cataloger" - - "github.com/anchore/syft/syft/sbom" - "github.com/anchore/stereoscope/pkg/imagetest" "github.com/anchore/syft/syft" + "github.com/anchore/syft/syft/pkg/cataloger" + "github.com/anchore/syft/syft/sbom" "github.com/anchore/syft/syft/source" ) diff --git a/ui/event_handlers.go b/ui/event_handlers.go index 43c04a9fb..0fa56fd43 100644 --- a/ui/event_handlers.go +++ b/ui/event_handlers.go @@ -8,17 +8,18 @@ import ( "sync" "time" - stereoEventParsers "github.com/anchore/stereoscope/pkg/event/parsers" - "github.com/anchore/stereoscope/pkg/image/docker" - "github.com/anchore/syft/internal" - "github.com/anchore/syft/internal/ui/components" - syftEventParsers "github.com/anchore/syft/syft/event/parsers" "github.com/dustin/go-humanize" "github.com/gookit/color" "github.com/wagoodman/go-partybus" "github.com/wagoodman/go-progress" "github.com/wagoodman/go-progress/format" "github.com/wagoodman/jotframe/pkg/frame" + + stereoEventParsers "github.com/anchore/stereoscope/pkg/event/parsers" + "github.com/anchore/stereoscope/pkg/image/docker" + "github.com/anchore/syft/internal" + "github.com/anchore/syft/internal/ui/components" + syftEventParsers "github.com/anchore/syft/syft/event/parsers" ) const maxBarWidth = 50 diff --git a/ui/handler.go b/ui/handler.go index bf9eb81d3..c4c98a733 100644 --- a/ui/handler.go +++ b/ui/handler.go @@ -9,10 +9,11 @@ import ( "context" "sync" - stereoscopeEvent "github.com/anchore/stereoscope/pkg/event" - syftEvent "github.com/anchore/syft/syft/event" "github.com/wagoodman/go-partybus" "github.com/wagoodman/jotframe/pkg/frame" + + stereoscopeEvent "github.com/anchore/stereoscope/pkg/event" + syftEvent "github.com/anchore/syft/syft/event" ) // Handler is an aggregated event handler for the set of supported events (PullDockerImage, ReadImage, FetchImage, PackageCatalogerStarted)