From 56dbb342ef9dc0bf65bba7db869fe967f9243390 Mon Sep 17 00:00:00 2001 From: Alex Goodman Date: Fri, 18 Oct 2024 14:47:02 -0400 Subject: [PATCH] update to latest packageurl-go (#3347) Signed-off-by: Alex Goodman --- go.mod | 2 +- go.sum | 4 ++-- syft/pkg/cataloger/alpine/package_test.go | 2 +- syft/pkg/cataloger/arch/package_test.go | 2 +- syft/pkg/cataloger/debian/package_test.go | 4 ++-- syft/pkg/cataloger/redhat/package_test.go | 4 ++-- syft/pkg/language_test.go | 2 +- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/go.mod b/go.mod index 1e115f68ffb..02bc6917188 100644 --- a/go.mod +++ b/go.mod @@ -18,7 +18,7 @@ require ( github.com/anchore/go-macholibre v0.0.0-20220308212642-53e6d0aaf6fb github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b - github.com/anchore/packageurl-go v0.1.1-0.20240507183024-848e011fc24f + github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f github.com/anchore/stereoscope v0.0.5-0.20241015153345-9e57bce5efeb github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // we are hinting brotli to latest due to warning when installing archiver v3: diff --git a/go.sum b/go.sum index c79857ecdac..79092dcb06a 100644 --- a/go.sum +++ b/go.sum @@ -113,8 +113,8 @@ github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 h1:VzprUTpc0v github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04/go.mod h1:6dK64g27Qi1qGQZ67gFmBFvEHScy0/C8qhQhNe5B5pQ= github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZVsCYMrIZBpFxwV26CbsuoEh5muXD5I1Ods= github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= -github.com/anchore/packageurl-go v0.1.1-0.20240507183024-848e011fc24f h1:B/E9ixKNCasntpoch61NDaQyGPDXLEJlL+B9B/PbdbA= -github.com/anchore/packageurl-go v0.1.1-0.20240507183024-848e011fc24f/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4= +github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f h1:dAQPIrQ3a5PBqZeZ+B9NGZsGmodk4NO9OjDIsQmQyQM= +github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f/go.mod h1:KoYIv7tdP5+CC9VGkeZV4/vGCKsY55VvoG+5dadg4YI= github.com/anchore/stereoscope v0.0.5-0.20241015153345-9e57bce5efeb h1:yCFQfICLjqx2CK7Tjmxb+gj0OlZx1sRKnHOpKF3tsh8= github.com/anchore/stereoscope v0.0.5-0.20241015153345-9e57bce5efeb/go.mod h1:pTHFcI/hFgBQ1R1fljEG1WMQavBRjuzgi+sZ4jotwko= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= diff --git a/syft/pkg/cataloger/alpine/package_test.go b/syft/pkg/cataloger/alpine/package_test.go index 78cc774175d..ea453806a2f 100644 --- a/syft/pkg/cataloger/alpine/package_test.go +++ b/syft/pkg/cataloger/alpine/package_test.go @@ -112,7 +112,7 @@ func Test_PackageURL(t *testing.T) { ID: "alpine", VersionID: "3.4.6", }, - expected: "pkg:apk/alpine/p@v?arch=a&upstream=origin&distro=alpine-3.4.6", + expected: "pkg:apk/alpine/p@v?arch=a&distro=alpine-3.4.6&upstream=origin", }, { name: "wolfi distro", diff --git a/syft/pkg/cataloger/arch/package_test.go b/syft/pkg/cataloger/arch/package_test.go index 47a09789811..5139bde2784 100644 --- a/syft/pkg/cataloger/arch/package_test.go +++ b/syft/pkg/cataloger/arch/package_test.go @@ -108,7 +108,7 @@ func Test_PackageURL(t *testing.T) { ID: "arch", BuildID: "rolling", }, - expected: "pkg:alpm/arch/p@v?arch=a&upstream=origin&distro=arch-rolling", + expected: "pkg:alpm/arch/p@v?arch=a&distro=arch-rolling&upstream=origin", }, } diff --git a/syft/pkg/cataloger/debian/package_test.go b/syft/pkg/cataloger/debian/package_test.go index 87c7728b91b..a5265973945 100644 --- a/syft/pkg/cataloger/debian/package_test.go +++ b/syft/pkg/cataloger/debian/package_test.go @@ -81,7 +81,7 @@ func Test_packageURL(t *testing.T) { Source: "s", Version: "v", }, - expected: "pkg:deb/debian/p@v?upstream=s&distro=debian-11", + expected: "pkg:deb/debian/p@v?distro=debian-11&upstream=s", }, { name: "with upstream qualifier with source pkg name and version info", @@ -98,7 +98,7 @@ func Test_packageURL(t *testing.T) { Version: "v", SourceVersion: "2.3", }, - expected: "pkg:deb/debian/p@v?upstream=s%402.3&distro=debian-11", + expected: "pkg:deb/debian/p@v?distro=debian-11&upstream=s%402.3", }, } diff --git a/syft/pkg/cataloger/redhat/package_test.go b/syft/pkg/cataloger/redhat/package_test.go index cc24d7d482e..c05af2f5ffa 100644 --- a/syft/pkg/cataloger/redhat/package_test.go +++ b/syft/pkg/cataloger/redhat/package_test.go @@ -43,7 +43,7 @@ func Test_packageURL(t *testing.T) { Release: "r", Epoch: intRef(1), }, - expected: "pkg:rpm/centos/p@v-r?arch=a&epoch=1&distro=centos-7", + expected: "pkg:rpm/centos/p@v-r?arch=a&distro=centos-7&epoch=1", }, { name: "missing distro", @@ -67,7 +67,7 @@ func Test_packageURL(t *testing.T) { Release: "r", SourceRpm: "sourcerpm", }, - expected: "pkg:rpm/redhat/p@v-r?upstream=sourcerpm&distro=rhel-8.4", + expected: "pkg:rpm/redhat/p@v-r?distro=rhel-8.4&upstream=sourcerpm", }, } diff --git a/syft/pkg/language_test.go b/syft/pkg/language_test.go index d5ce5af266d..c90ddf932a4 100644 --- a/syft/pkg/language_test.go +++ b/syft/pkg/language_test.go @@ -87,7 +87,7 @@ func TestLanguageFromPURL(t *testing.T) { want: Lua, }, { - purl: "pkg:opam/ocaml-base-compiler@ 5.2.0", + purl: "pkg:opam/ocaml-base-compiler@5.2.0", want: OCaml, }, }