mirror of
https://github.com/anchore/syft
synced 2024-11-14 16:17:17 +00:00
07e76907f6
* migrate location structs to file package Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * replace source.Location refs with file package call Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove hardlink test for file based catalogers Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove hardlink test for all-regular-files testing Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * migrate file resolver implementations to separate package Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * [wip] migrate resolvers to internal Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * migrate resolvers to syft/internal Signed-off-by: Alex Goodman <alex.goodman@anchore.com> --------- Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: <>
39 lines
850 B
Go
39 lines
850 B
Go
package licenses
|
|
|
|
import (
|
|
"io"
|
|
|
|
"github.com/google/licensecheck"
|
|
|
|
"github.com/anchore/syft/syft/file"
|
|
"github.com/anchore/syft/syft/license"
|
|
"github.com/anchore/syft/syft/pkg"
|
|
)
|
|
|
|
const (
|
|
coverageThreshold = 75
|
|
unknownLicenseType = "UNKNOWN"
|
|
)
|
|
|
|
// Parse scans the contents of a license file to attempt to determine the type of license it is
|
|
func Parse(reader io.Reader, l file.Location) (licenses []pkg.License, err error) {
|
|
licenses = make([]pkg.License, 0)
|
|
contents, err := io.ReadAll(reader)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
cov := licensecheck.Scan(contents)
|
|
if cov.Percent < coverageThreshold {
|
|
// unknown or no licenses here?
|
|
return licenses, nil
|
|
}
|
|
|
|
for _, m := range cov.Match {
|
|
lic := pkg.NewLicenseFromLocations(m.ID, l)
|
|
lic.Type = license.Concluded
|
|
|
|
licenses = append(licenses, lic)
|
|
}
|
|
|
|
return licenses, nil
|
|
}
|