diff --git a/go.mod b/go.mod index e1f086d267d5..960bc2e5edb8 100644 --- a/go.mod +++ b/go.mod @@ -135,7 +135,6 @@ require ( github.com/alecthomas/chroma v0.10.0 github.com/antchfx/htmlquery v1.3.0 github.com/apparentlymart/go-cidr v1.1.0 - github.com/aquasecurity/go-dep-parser v0.0.0-20240213093706-423cd04548a5 github.com/aws/smithy-go v1.20.2 github.com/hashicorp/go-uuid v1.0.3 github.com/hashicorp/go-version v1.6.0 diff --git a/go.sum b/go.sum index abbd2ce983bc..f5e2ad6aadfa 100644 --- a/go.sum +++ b/go.sum @@ -752,8 +752,6 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4= github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 h1:2a30xLN2sUZcMXl50hg+PJCIDdJgIvIbVcKqLJ/ZrtM= github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986/go.mod h1:NT+jyeCzXk6vXR5MTkdn4z64TgGfE5HMLC8qfj5unl8= -github.com/aquasecurity/go-dep-parser v0.0.0-20240213093706-423cd04548a5 h1:VhlDpfiVYpjCJt+tL2IpJV/T0OkAAKM545yMP4Hlsl0= -github.com/aquasecurity/go-dep-parser v0.0.0-20240213093706-423cd04548a5/go.mod h1:6sh6f0Ixlt+oIMEPGxJyDOmzB03tK2v2rsAlc/9q12g= github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM= github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce/go.mod h1:HXgVzOPvXhVGLJs4ZKO817idqr/xhwsTcj17CLYY74s= github.com/aquasecurity/go-mock-aws v0.0.0-20240523055201-a4152219967f h1:NRq3oUfkheKgoYPjNUApUtClKaBRcc6KzdcBHqZPrAM= diff --git a/pkg/dependency/parser/nodejs/binary/exe.go b/pkg/dependency/parser/executable/executable.go similarity index 95% rename from pkg/dependency/parser/nodejs/binary/exe.go rename to pkg/dependency/parser/executable/executable.go index 340632cbaa13..ea9c703a32a6 100644 --- a/pkg/dependency/parser/nodejs/binary/exe.go +++ b/pkg/dependency/parser/executable/executable.go @@ -1,6 +1,6 @@ // Ported from https://github.com/golang/go/blob/e9c96835971044aa4ace37c7787de231bbde05d9/src/cmd/go/internal/version/exe.go -package binary +package executable import ( "bytes" @@ -11,7 +11,7 @@ import ( ) // An exe is a generic interface to an OS executable (ELF, Mach-O, PE, XCOFF). -type exe interface { +type Exe interface { // ReadData reads and returns up to size byte starting at virtual address addr. ReadData(addr, size uint64) ([]byte, error) @@ -20,7 +20,7 @@ type exe interface { } // openExe opens file and returns it as an exe. -func openExe(r io.Reader) (exe, error) { +func OpenExe(r io.Reader) (Exe, error) { b, err := ioutil.ReadAll(r) if err != nil { return nil, err diff --git a/pkg/dependency/parser/nodejs/binary/parse.go b/pkg/dependency/parser/executable/nodejs/parse.go similarity index 86% rename from pkg/dependency/parser/nodejs/binary/parse.go rename to pkg/dependency/parser/executable/nodejs/parse.go index bee21abdb35c..78adda3037bd 100644 --- a/pkg/dependency/parser/nodejs/binary/parse.go +++ b/pkg/dependency/parser/executable/nodejs/parse.go @@ -1,6 +1,6 @@ // Ported from https://github.com/golang/go/blob/e9c96835971044aa4ace37c7787de231bbde05d9/src/cmd/go/internal/version/version.go -package binary +package nodejsparser import ( "bytes" @@ -9,6 +9,7 @@ import ( "github.com/aquasecurity/trivy/pkg/dependency" "github.com/aquasecurity/trivy/pkg/dependency/types" + exe "github.com/aquasecurity/trivy/pkg/dependency/parser/executable" ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" xio "github.com/aquasecurity/trivy/pkg/x/io" ) @@ -25,7 +26,7 @@ func NewParser() types.Parser { // Parse scans file to try to report the NodeJS version. func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, error) { - x, err := openExe(r) + x, err := exe.OpenExe(r) if err != nil { return nil, nil, ErrUnrecognizedExe } @@ -37,7 +38,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, var libs []types.Library libs = append(libs, types.Library{ - ID: packageID(mod, vers), + ID: dependency.ID(ftypes.NodeJsExecutable, mod, vers), Name: mod, Version: vers, }) @@ -46,7 +47,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, } // findVers finds and returns the NodeJS version in the executable x. -func findVers(x exe) (vers, mod string) { +func findVers(x exe.Exe) (vers, mod string) { text, size := x.DataStart() data, err := x.ReadData(text, size) if err != nil { @@ -67,7 +68,3 @@ func findVers(x exe) (vers, mod string) { return "node", vers } - -func packageID(name, version string) string { - return dependency.ID(ftypes.NodeJsGeneric, name, version) -} diff --git a/pkg/dependency/parser/nodejs/binary/parse_test.go b/pkg/dependency/parser/executable/nodejs/parse_test.go similarity index 93% rename from pkg/dependency/parser/nodejs/binary/parse_test.go rename to pkg/dependency/parser/executable/nodejs/parse_test.go index f8eb792d0820..4008c4468abd 100644 --- a/pkg/dependency/parser/nodejs/binary/parse_test.go +++ b/pkg/dependency/parser/executable/nodejs/parse_test.go @@ -1,4 +1,4 @@ -package binary +package nodejsparser import ( "os" @@ -43,7 +43,7 @@ func TestParse(t *testing.T) { got, _, err := parser.Parse(f) if tt.wantErr != "" { require.NotNil(t, err) - assert.Contains(t, err.Error(), tt.wantErr) + require.ErrorContains(t, err, tt.wantErr) return } diff --git a/pkg/dependency/parser/nodejs/binary/testdata/dummy b/pkg/dependency/parser/executable/nodejs/testdata/dummy similarity index 100% rename from pkg/dependency/parser/nodejs/binary/testdata/dummy rename to pkg/dependency/parser/executable/nodejs/testdata/dummy diff --git a/pkg/dependency/parser/nodejs/binary/testdata/node.12.elf b/pkg/dependency/parser/executable/nodejs/testdata/node.12.elf similarity index 100% rename from pkg/dependency/parser/nodejs/binary/testdata/node.12.elf rename to pkg/dependency/parser/executable/nodejs/testdata/node.12.elf diff --git a/pkg/dependency/parser/php/binary/parse.go b/pkg/dependency/parser/executable/php/parse.go similarity index 87% rename from pkg/dependency/parser/php/binary/parse.go rename to pkg/dependency/parser/executable/php/parse.go index 50e29d6d5dd4..d70874e39afc 100644 --- a/pkg/dependency/parser/php/binary/parse.go +++ b/pkg/dependency/parser/executable/php/parse.go @@ -1,6 +1,6 @@ // Ported from https://github.com/golang/go/blob/e9c96835971044aa4ace37c7787de231bbde05d9/src/cmd/go/internal/version/version.go -package binary +package phpparser import ( "bytes" @@ -9,6 +9,7 @@ import ( "github.com/aquasecurity/trivy/pkg/dependency" "github.com/aquasecurity/trivy/pkg/dependency/types" + exe "github.com/aquasecurity/trivy/pkg/dependency/parser/executable" ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" xio "github.com/aquasecurity/trivy/pkg/x/io" ) @@ -26,7 +27,7 @@ func NewParser() types.Parser { // Parse scans file to try to report the Python version. func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, error) { - x, err := openExe(r) + x, err := exe.OpenExe(r) if err != nil { return nil, nil, ErrUnrecognizedExe } @@ -38,7 +39,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, var libs []types.Library libs = append(libs, types.Library{ - ID: packageID(name, vers), + ID: dependency.ID(ftypes.PhpExecutable, name, vers), Name: name, Version: vers, }) @@ -47,7 +48,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, } // findVers finds and returns the PHP version in the executable x. -func findVers(x exe) (vers, mod string) { +func findVers(x exe.Exe) (vers, mod string) { text, size := x.DataStart() data, err := x.ReadData(text, size) if err != nil { @@ -68,7 +69,3 @@ func findVers(x exe) (vers, mod string) { return "php", vers } - -func packageID(name, version string) string { - return dependency.ID(ftypes.PhpGeneric, name, version) -} diff --git a/pkg/dependency/parser/php/binary/parse_test.go b/pkg/dependency/parser/executable/php/parse_test.go similarity index 93% rename from pkg/dependency/parser/php/binary/parse_test.go rename to pkg/dependency/parser/executable/php/parse_test.go index ddb560ef2700..a6808974ce7a 100644 --- a/pkg/dependency/parser/php/binary/parse_test.go +++ b/pkg/dependency/parser/executable/php/parse_test.go @@ -1,4 +1,4 @@ -package binary +package phpparser import ( "os" @@ -43,7 +43,7 @@ func TestParse(t *testing.T) { got, _, err := parser.Parse(f) if tt.wantErr != "" { require.NotNil(t, err) - assert.Contains(t, err.Error(), tt.wantErr) + require.ErrorContains(t, err, tt.wantErr) return } diff --git a/pkg/dependency/parser/php/binary/testdata/dummy b/pkg/dependency/parser/executable/php/testdata/dummy similarity index 100% rename from pkg/dependency/parser/php/binary/testdata/dummy rename to pkg/dependency/parser/executable/php/testdata/dummy diff --git a/pkg/dependency/parser/php/binary/testdata/php.elf b/pkg/dependency/parser/executable/php/testdata/php.elf similarity index 100% rename from pkg/dependency/parser/php/binary/testdata/php.elf rename to pkg/dependency/parser/executable/php/testdata/php.elf diff --git a/pkg/dependency/parser/python/binary/parse_test.go b/pkg/dependency/parser/executable/python/parse_test.go similarity index 95% rename from pkg/dependency/parser/python/binary/parse_test.go rename to pkg/dependency/parser/executable/python/parse_test.go index fef330d589e0..35e51f1d247d 100644 --- a/pkg/dependency/parser/python/binary/parse_test.go +++ b/pkg/dependency/parser/executable/python/parse_test.go @@ -1,4 +1,4 @@ -package binary +package pythonparser import ( "os" @@ -65,7 +65,7 @@ func TestParse(t *testing.T) { got, _, err := parser.Parse(f) if tt.wantErr != "" { require.NotNil(t, err) - assert.Contains(t, err.Error(), tt.wantErr) + require.ErrorContains(t, err, tt.wantErr) return } diff --git a/pkg/dependency/parser/python/binary/parse.go b/pkg/dependency/parser/executable/python/parser.go similarity index 88% rename from pkg/dependency/parser/python/binary/parse.go rename to pkg/dependency/parser/executable/python/parser.go index b29b22d9efea..35af0f42fa5b 100644 --- a/pkg/dependency/parser/python/binary/parse.go +++ b/pkg/dependency/parser/executable/python/parser.go @@ -1,6 +1,6 @@ // Ported from https://github.com/golang/go/blob/e9c96835971044aa4ace37c7787de231bbde05d9/src/cmd/go/internal/version/version.go -package binary +package pythonparser import ( "bytes" @@ -9,6 +9,7 @@ import ( "github.com/aquasecurity/trivy/pkg/dependency" "github.com/aquasecurity/trivy/pkg/dependency/types" + exe "github.com/aquasecurity/trivy/pkg/dependency/parser/executable" ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" xio "github.com/aquasecurity/trivy/pkg/x/io" ) @@ -26,7 +27,7 @@ func NewParser() types.Parser { // Parse scans file to try to report the Python version. func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, error) { - x, err := openExe(r) + x, err := exe.OpenExe(r) if err != nil { return nil, nil, ErrUnrecognizedExe } @@ -38,7 +39,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, var libs []types.Library libs = append(libs, types.Library{ - ID: packageID(name, vers), + ID: dependency.ID(ftypes.PythonExecutable, name, vers), Name: name, Version: vers, }) @@ -47,7 +48,7 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]types.Library, []types.Dependency, } // findVers finds and returns the Python version in the executable x. -func findVers(x exe) (mod, vers string) { +func findVers(x exe.Exe) (mod, vers string) { text, size := x.DataStart() data, err := x.ReadData(text, size) if err != nil { @@ -69,7 +70,3 @@ func findVers(x exe) (mod, vers string) { return "python", vers } - -func packageID(name, version string) string { - return dependency.ID(ftypes.PythonGeneric, name, version) -} diff --git a/pkg/dependency/parser/python/binary/testdata/dummy b/pkg/dependency/parser/executable/python/testdata/dummy similarity index 100% rename from pkg/dependency/parser/python/binary/testdata/dummy rename to pkg/dependency/parser/executable/python/testdata/dummy diff --git a/pkg/dependency/parser/python/binary/testdata/python2.7.elf b/pkg/dependency/parser/executable/python/testdata/python2.7.elf old mode 100755 new mode 100644 similarity index 100% rename from pkg/dependency/parser/python/binary/testdata/python2.7.elf rename to pkg/dependency/parser/executable/python/testdata/python2.7.elf diff --git a/pkg/dependency/parser/python/binary/testdata/python3.10.elf b/pkg/dependency/parser/executable/python/testdata/python3.10.elf old mode 100755 new mode 100644 similarity index 100% rename from pkg/dependency/parser/python/binary/testdata/python3.10.elf rename to pkg/dependency/parser/executable/python/testdata/python3.10.elf diff --git a/pkg/dependency/parser/python/binary/testdata/python3.9.elf b/pkg/dependency/parser/executable/python/testdata/python3.9.elf old mode 100755 new mode 100644 similarity index 100% rename from pkg/dependency/parser/python/binary/testdata/python3.9.elf rename to pkg/dependency/parser/executable/python/testdata/python3.9.elf diff --git a/pkg/dependency/parser/php/binary/exe.go b/pkg/dependency/parser/php/binary/exe.go deleted file mode 100644 index 76ada37dfc67..000000000000 --- a/pkg/dependency/parser/php/binary/exe.go +++ /dev/null @@ -1,83 +0,0 @@ -// Ported from https://github.com/golang/go/blob/e9c96835971044aa4ace37c7787de231bbde05d9/src/cmd/go/internal/version/exe.go - -package binary - -import ( - "bytes" - "debug/elf" - "fmt" - "io" - "io/ioutil" -) - -// An exe is a generic interface to an OS executable (ELF, Mach-O, PE, XCOFF). -type exe interface { - // ReadData reads and returns up to size byte starting at virtual address addr. - ReadData(addr, size uint64) ([]byte, error) - - // DataStart returns the writable data segment start address. - DataStart() (uint64, uint64) -} - -// openExe opens file and returns it as an exe. -func openExe(r io.Reader) (exe, error) { - b, err := ioutil.ReadAll(r) - if err != nil { - return nil, err - } - - br := bytes.NewReader(b) - - data := make([]byte, 16) - if _, err := io.ReadFull(br, data); err != nil { - return nil, err - } - _, err = br.Seek(0, 0) - if err != nil { - return nil, err - } - - if bytes.HasPrefix(data, []byte("\x7FELF")) { - e, err := elf.NewFile(br) - if err != nil { - return nil, err - } - return &elfExe{e}, nil - } - - return nil, fmt.Errorf("unrecognized executable format") -} - -// elfExe is the ELF implementation of the exe interface. -type elfExe struct { - f *elf.File -} - -func (x *elfExe) ReadData(addr, size uint64) ([]byte, error) { - for _, prog := range x.f.Progs { - if prog.Vaddr > addr || addr > prog.Vaddr+prog.Filesz-1 { - continue - } - n := prog.Vaddr + prog.Filesz - addr - if n > size { - n = size - } - data := make([]byte, n) - _, err := prog.ReadAt(data, int64(addr-prog.Vaddr)) - if err != nil { - return nil, err - } - return data, nil - - } - return nil, fmt.Errorf("address not mapped") -} - -func (x *elfExe) DataStart() (uint64, uint64) { - for _, s := range x.f.Sections { - if s.Name == ".rodata" { - return s.Addr, s.SectionHeader.Size - } - } - return 0, 0 -} diff --git a/pkg/dependency/parser/python/binary/exe.go b/pkg/dependency/parser/python/binary/exe.go deleted file mode 100644 index 340632cbaa13..000000000000 --- a/pkg/dependency/parser/python/binary/exe.go +++ /dev/null @@ -1,82 +0,0 @@ -// Ported from https://github.com/golang/go/blob/e9c96835971044aa4ace37c7787de231bbde05d9/src/cmd/go/internal/version/exe.go - -package binary - -import ( - "bytes" - "debug/elf" - "fmt" - "io" - "io/ioutil" -) - -// An exe is a generic interface to an OS executable (ELF, Mach-O, PE, XCOFF). -type exe interface { - // ReadData reads and returns up to size byte starting at virtual address addr. - ReadData(addr, size uint64) ([]byte, error) - - // DataStart returns the writable data segment start address. - DataStart() (uint64, uint64) -} - -// openExe opens file and returns it as an exe. -func openExe(r io.Reader) (exe, error) { - b, err := ioutil.ReadAll(r) - if err != nil { - return nil, err - } - - br := bytes.NewReader(b) - - data := make([]byte, 16) - if _, err := io.ReadFull(br, data); err != nil { - return nil, err - } - _, err = br.Seek(0, 0) - if err != nil { - return nil, err - } - - if bytes.HasPrefix(data, []byte("\x7FELF")) { - e, err := elf.NewFile(br) - if err != nil { - return nil, err - } - return &elfExe{e}, nil - } - - return nil, fmt.Errorf("unrecognized executable format") -} - -// elfExe is the ELF implementation of the exe interface. -type elfExe struct { - f *elf.File -} - -func (x *elfExe) ReadData(addr, size uint64) ([]byte, error) { - for _, prog := range x.f.Progs { - if prog.Vaddr > addr || addr > prog.Vaddr+prog.Filesz-1 { - continue - } - n := prog.Vaddr + prog.Filesz - addr - if n > size { - n = size - } - data := make([]byte, n) - _, err := prog.ReadAt(data, int64(addr-prog.Vaddr)) - if err != nil { - return nil, err - } - return data, nil - } - return nil, fmt.Errorf("address not mapped") -} - -func (x *elfExe) DataStart() (uint64, uint64) { - for _, s := range x.f.Sections { - if s.Name == ".rodata" { - return s.Addr, s.SectionHeader.Size - } - } - return 0, 0 -} diff --git a/pkg/fanal/analyzer/all/import.go b/pkg/fanal/analyzer/all/import.go index 2c35e5343e0d..a5b0d05298a1 100644 --- a/pkg/fanal/analyzer/all/import.go +++ b/pkg/fanal/analyzer/all/import.go @@ -21,18 +21,15 @@ import ( _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/java/jar" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/java/pom" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/julia/pkg" - _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/nodejs/binary" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/nodejs/npm" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/nodejs/pkg" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/nodejs/pnpm" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/nodejs/yarn" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/php/composer" - _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/php/binary" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/python/packaging" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/python/pip" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/python/pipenv" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/python/poetry" - _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/python/binary" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/ruby/bundler" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/ruby/gemspec" _ "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language/rust/binary" diff --git a/pkg/fanal/analyzer/const.go b/pkg/fanal/analyzer/const.go index 367075279fe0..cd686a6f9694 100644 --- a/pkg/fanal/analyzer/const.go +++ b/pkg/fanal/analyzer/const.go @@ -49,8 +49,8 @@ const ( TypeCargo Type = "cargo" // PHP - TypeComposer Type = "composer" - TypePHPGeneric Type = "php" + TypeComposer Type = "composer" + TypePHPExecutable Type = "php" // Java TypeJar Type = "jar" @@ -58,11 +58,11 @@ const ( TypeGradleLock Type = "gradle-lockfile" // Node.js - TypeNpmPkgLock Type = "npm" - TypeNodePkg Type = "node-pkg" - TypeYarn Type = "yarn" - TypePnpm Type = "pnpm" - TypeNodeJsGeneric Type = "nodejs" + TypeNpmPkgLock Type = "npm" + TypeNodePkg Type = "node-pkg" + TypeYarn Type = "yarn" + TypePnpm Type = "pnpm" + TypeNodeJsExecutable Type = "nodejs" // .NET TypeNuget Type = "nuget" @@ -74,11 +74,11 @@ const ( TypeCondaEnv Type = "conda-environment" // Python - TypePythonPkg Type = "python-pkg" - TypePip Type = "pip" - TypePipenv Type = "pipenv" - TypePoetry Type = "poetry" - TypePythonGeneric Type = "python" + TypePythonPkg Type = "python-pkg" + TypePip Type = "pip" + TypePipenv Type = "pipenv" + TypePoetry Type = "poetry" + TypePythonExecutalbe Type = "python" // Go TypeGoBinary Type = "gobinary" @@ -173,13 +173,11 @@ var ( TypeGemSpec, TypeCargo, TypeComposer, - TypePHPGeneric, TypeJar, TypePom, TypeGradleLock, TypeNpmPkgLock, TypeNodePkg, - TypeNodeJsGeneric, TypeYarn, TypePnpm, TypeNuget, @@ -200,7 +198,6 @@ var ( TypePubSpecLock, TypeMixLock, TypeJulia, - TypePythonGeneric, } // TypeLockfiles has all lock file analyzers diff --git a/pkg/fanal/analyzer/executable/executable.go b/pkg/fanal/analyzer/executable/executable.go index b484cb0fde3a..cc0f8c830420 100644 --- a/pkg/fanal/analyzer/executable/executable.go +++ b/pkg/fanal/analyzer/executable/executable.go @@ -3,11 +3,17 @@ package executable import ( "context" "os" + "regexp" "golang.org/x/xerrors" + "github.com/aquasecurity/trivy/pkg/dependency/parser/executable/nodejs" + "github.com/aquasecurity/trivy/pkg/dependency/parser/executable/python" + "github.com/aquasecurity/trivy/pkg/dependency/parser/executable/php" "github.com/aquasecurity/trivy/pkg/digest" "github.com/aquasecurity/trivy/pkg/fanal/analyzer" + "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language" + "github.com/aquasecurity/trivy/pkg/fanal/types" "github.com/aquasecurity/trivy/pkg/fanal/utils" ) @@ -21,6 +27,50 @@ const version = 1 // so that it can search for SBOM attestation in post-handler. type executableAnalyzer struct{} +// Returns boolean argument in first argument, indicating whether the Executable version is detectable +func isDetectableLibraryExecutable(fileInfo os.FileInfo) (bool, types.TargetType, error) { + isPythonExecutable := isDetectablePythonExecutable(fileInfo); + if isPythonExecutable { + return true, types.PythonExecutable, nil + } + isNodeJsExecutable := isDetectableNodeJsExecutable(fileInfo); + if isNodeJsExecutable { + return true, types.NodeJsExecutable, nil + } + isPhpExecutable := isDetectablePhpExecutable(fileInfo); + if isPhpExecutable { + return true, types.PhpExecutable, nil + } + return false, types.TargetType("") , nil +} + +func isDetectablePythonExecutable(fileInfo os.FileInfo) bool { + pythonLibNameRegex := regexp.MustCompile("^libpython[0-9]+(?:[.0-9]+)+[a-z]?[.]so.*$") + pythonExecutableNameRegex := regexp.MustCompile("(?:.*/|^)python(?P[0-9]+(?:[.0-9]+)+)?$") + isPythonExecutable := pythonExecutableNameRegex.FindSubmatch([]byte(fileInfo.Name())) + isPythonLibSo := pythonLibNameRegex.FindSubmatch([]byte(fileInfo.Name())) + return utils.IsExecutable(fileInfo) && (isPythonExecutable != nil || isPythonLibSo != nil) +} + +func isDetectableNodeJsExecutable(fileInfo os.FileInfo) bool { + nodejsExecutableNameRegex := regexp.MustCompile("(?:.*/|^)node(?P[0-9]+(?:[.0-9]+)+)?$") + isNodeJsExecutable := nodejsExecutableNameRegex.FindSubmatch([]byte(fileInfo.Name())) + return utils.IsExecutable(fileInfo) && (isNodeJsExecutable != nil) +} + +func isDetectablePhpExecutable(fileInfo os.FileInfo) bool { + phpExecutableNameRegex := regexp.MustCompile("(.*/|^)php[0-9]*$") + phpLibNameRegex := regexp.MustCompile("(.*/|^)libphp[0-9.-a-z]*[.]so$") + phpFpmNameRegex := regexp.MustCompile("(.*/|^)php-fpm[0-9]*$") + phpCgiNameRegex := regexp.MustCompile("(.*/|^)php-cgi[0-9]*$") + + isPHPExecutable := phpExecutableNameRegex.FindSubmatch([]byte(fileInfo.Name())) + isPHPLib := phpLibNameRegex.FindSubmatch([]byte(fileInfo.Name())) + isPHPFpm := phpFpmNameRegex.FindSubmatch([]byte(fileInfo.Name())) + isPHPCgi := phpCgiNameRegex.FindSubmatch([]byte(fileInfo.Name())) + return utils.IsExecutable(fileInfo) && (isPHPExecutable != nil || isPHPLib != nil || isPHPFpm != nil || isPHPCgi != nil) +} + func (a executableAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisInput) (*analyzer.AnalysisResult, error) { // Skip non-binaries isBinary, err := utils.IsBinary(input.Content, input.Info.Size()) @@ -32,6 +82,29 @@ func (a executableAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisIn if err != nil { return nil, xerrors.Errorf("sha256 error: %w", err) } + isDetectableLib, binaryType, err := isDetectableLibraryExecutable(input.Info) + if isDetectableLib && binaryType != "" && err != nil { + switch binaryType { + case types.PythonExecutable: + res, err := language.Analyze(types.PythonExecutable, input.FilePath, input.Content, pythonparser.NewParser()) + if err != nil { + return nil, nil + } + return res, nil + case types.NodeJsExecutable: + res, err := language.Analyze(types.NodeJsExecutable, input.FilePath, input.Content, nodejsparser.NewParser()) + if err != nil { + return nil, nil + } + return res, nil + case types.PhpExecutable: + res, err := language.Analyze(types.PhpExecutable, input.FilePath, input.Content, phpparser.NewParser()) + if err != nil { + return nil, nil + } + return res, nil + } + } return &analyzer.AnalysisResult{ Digests: map[string]string{ diff --git a/pkg/fanal/analyzer/language/nodejs/binary/binary.go b/pkg/fanal/analyzer/language/nodejs/binary/binary.go deleted file mode 100644 index b3ac94ecb7dd..000000000000 --- a/pkg/fanal/analyzer/language/nodejs/binary/binary.go +++ /dev/null @@ -1,52 +0,0 @@ -package generic - -import ( - "context" - "errors" - "regexp" - "fmt" - "os" - - "golang.org/x/xerrors" - - "github.com/aquasecurity/trivy/pkg/dependency/parser/nodejs/binary" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language" - "github.com/aquasecurity/trivy/pkg/fanal/types" - "github.com/aquasecurity/trivy/pkg/fanal/utils" - "github.com/aquasecurity/trivy/pkg/log" -) - - -func init() { - analyzer.RegisterAnalyzer(&nodejsBinaryAnalyzer{}) -} - -const version = 1 - -type nodejsBinaryAnalyzer struct{} - -func (a nodejsBinaryAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisInput) (*analyzer.AnalysisResult, error) { - res, err := language.Analyze(types.NodeJsGeneric, input.FilePath, input.Content, binary.NewParser()) - if errors.Is(err, binary.ErrUnrecognizedExe) { - return nil, nil - } else if err != nil { - return nil, xerrors.Errorf("NodeJS binary parse error: %w", err) - } - log.Debug("result", fmt.Sprintf("%+v\n", res)) - return res, nil -} - -func (a nodejsBinaryAnalyzer) Required(_ string, fileInfo os.FileInfo) bool { - nodejsBinaryNameRegex := regexp.MustCompile("(?:.*/|^)node(?P[0-9]+(?:[.0-9]+)+)?$") - isNodeJsBinary := nodejsBinaryNameRegex.FindSubmatch([]byte(fileInfo.Name())) - return utils.IsExecutable(fileInfo) && (isNodeJsBinary != nil) -} - -func (a nodejsBinaryAnalyzer) Type() analyzer.Type { - return analyzer.TypeNodeJsGeneric //Since we don't know the exact type of the binary and ecosystem, we need to use TypeGeneric which will query NVD for vulns -} - -func (a nodejsBinaryAnalyzer) Version() int { - return version -} diff --git a/pkg/fanal/analyzer/language/nodejs/binary/binary_test.go b/pkg/fanal/analyzer/language/nodejs/binary/binary_test.go deleted file mode 100644 index c04b512e34e0..000000000000 --- a/pkg/fanal/analyzer/language/nodejs/binary/binary_test.go +++ /dev/null @@ -1,107 +0,0 @@ -package generic - -import ( - "context" - "os" - "runtime" - "testing" - - "github.com/samber/lo" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" - "github.com/aquasecurity/trivy/pkg/fanal/types" -) - -func Test_nodejsBinaryAnalyzer_Analyze(t *testing.T) { - tests := []struct { - name string - inputFile string - want *analyzer.AnalysisResult - }{ - { - name: "happy path", - inputFile: "testdata/node", - want: &analyzer.AnalysisResult{ - Applications: []types.Application{ - { - Type: types.NodeJsGeneric, - FilePath: "testdata/node", - Libraries: types.Packages{ - { - ID: "node@12.16.3", - Name: "node", - Version: "12.16.3", - }, - }, - }, - }, - }, - }, - { - name: "not node binary", - inputFile: "testdata/dummy", - }, - { - name: "broken elf", - inputFile: "testdata/broken_elf", - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - f, err := os.Open(tt.inputFile) - require.NoError(t, err) - defer f.Close() - - a := nodejsBinaryAnalyzer{} - ctx := context.Background() - got, err := a.Analyze(ctx, analyzer.AnalysisInput{ - FilePath: tt.inputFile, - Content: f, - }) - - assert.NoError(t, err) - assert.Equal(t, tt.want, got) - }) - } -} - - -func Test_nodejsBinaryAnalyzer_Required(t *testing.T) { - tests := []struct { - name string - filePath string - want bool - }{ - { - name: "Python binary", - filePath: "testdata/node", - want: true, - }, - { - name: "executable file", - filePath: lo.Ternary(runtime.GOOS == "windows", "testdata/binary.exe", "testdata/0755"), - want: false, - }, - { - name: "file perm 0644", - filePath: "testdata/0644", - want: false, - }, - { - name: "symlink", - filePath: "testdata/symlink", - want: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - a := nodejsBinaryAnalyzer{} - fileInfo, err := os.Lstat(tt.filePath) - require.NoError(t, err) - got := a.Required(tt.filePath, fileInfo) - assert.Equal(t, tt.want, got, fileInfo.Mode().Perm()) - }) - } -} diff --git a/pkg/fanal/analyzer/language/nodejs/binary/testdata/0644 b/pkg/fanal/analyzer/language/nodejs/binary/testdata/0644 deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/nodejs/binary/testdata/0755 b/pkg/fanal/analyzer/language/nodejs/binary/testdata/0755 deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/nodejs/binary/testdata/broken_elf b/pkg/fanal/analyzer/language/nodejs/binary/testdata/broken_elf deleted file mode 100644 index 1a736bf298d6..000000000000 --- a/pkg/fanal/analyzer/language/nodejs/binary/testdata/broken_elf +++ /dev/null @@ -1 +0,0 @@ -ELF diff --git a/pkg/fanal/analyzer/language/nodejs/binary/testdata/dummy b/pkg/fanal/analyzer/language/nodejs/binary/testdata/dummy deleted file mode 100644 index 26bf640459d3..000000000000 --- a/pkg/fanal/analyzer/language/nodejs/binary/testdata/dummy +++ /dev/null @@ -1 +0,0 @@ -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA \ No newline at end of file diff --git a/pkg/fanal/analyzer/language/nodejs/binary/testdata/foo b/pkg/fanal/analyzer/language/nodejs/binary/testdata/foo deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/nodejs/binary/testdata/node b/pkg/fanal/analyzer/language/nodejs/binary/testdata/node deleted file mode 100755 index f91f9c958c6f..000000000000 Binary files a/pkg/fanal/analyzer/language/nodejs/binary/testdata/node and /dev/null differ diff --git a/pkg/fanal/analyzer/language/nodejs/binary/testdata/symlink b/pkg/fanal/analyzer/language/nodejs/binary/testdata/symlink deleted file mode 120000 index 19102815663d..000000000000 --- a/pkg/fanal/analyzer/language/nodejs/binary/testdata/symlink +++ /dev/null @@ -1 +0,0 @@ -foo \ No newline at end of file diff --git a/pkg/fanal/analyzer/language/php/binary/binary.go b/pkg/fanal/analyzer/language/php/binary/binary.go deleted file mode 100644 index 6396aca872ab..000000000000 --- a/pkg/fanal/analyzer/language/php/binary/binary.go +++ /dev/null @@ -1,59 +0,0 @@ -package generic - -import ( - "context" - "errors" - "regexp" - "fmt" - "os" - - "golang.org/x/xerrors" - - "github.com/aquasecurity/trivy/pkg/dependency/parser/php/binary" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language" - "github.com/aquasecurity/trivy/pkg/fanal/types" - "github.com/aquasecurity/trivy/pkg/fanal/utils" - "github.com/aquasecurity/trivy/pkg/log" -) - - -func init() { - analyzer.RegisterAnalyzer(&phpBinaryAnalyzer{}) -} - -const version = 1 - -type phpBinaryAnalyzer struct{} - -func (a phpBinaryAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisInput) (*analyzer.AnalysisResult, error) { - res, err := language.Analyze(types.PhpGeneric, input.FilePath, input.Content, binary.NewParser()) - if errors.Is(err, binary.ErrUnrecognizedExe) { - return nil, nil - } else if err != nil { - return nil, xerrors.Errorf("PHP binary parse error: %w", err) - } - log.Debug("result", fmt.Sprintf("%+v\n", res)) - return res, nil -} - -func (a phpBinaryAnalyzer) Required(_ string, fileInfo os.FileInfo) bool { - phpBinaryNameRegex := regexp.MustCompile("(.*/|^)php[0-9]*$") - phpLibNameRegex := regexp.MustCompile("(.*/|^)libphp[0-9.-a-z]*[.]so$") - phpFpmNameRegex := regexp.MustCompile("(.*/|^)php-fpm[0-9]*$") - phpCgiNameRegex := regexp.MustCompile("(.*/|^)php-cgi[0-9]*$") - - isPHPBinary := phpBinaryNameRegex.FindSubmatch([]byte(fileInfo.Name())) - isPHPLib := phpLibNameRegex.FindSubmatch([]byte(fileInfo.Name())) - isPHPFpm := phpFpmNameRegex.FindSubmatch([]byte(fileInfo.Name())) - isPHPCgi := phpCgiNameRegex.FindSubmatch([]byte(fileInfo.Name())) - return utils.IsExecutable(fileInfo) && (isPHPBinary != nil || isPHPLib != nil || isPHPFpm != nil || isPHPCgi != nil) -} - -func (a phpBinaryAnalyzer) Type() analyzer.Type { - return analyzer.TypePHPGeneric //Since we don't know the exact type of the binary and ecosystem, we need to use TypeGeneric which will query NVD for vulns -} - -func (a phpBinaryAnalyzer) Version() int { - return version -} \ No newline at end of file diff --git a/pkg/fanal/analyzer/language/php/binary/binary_test.go b/pkg/fanal/analyzer/language/php/binary/binary_test.go deleted file mode 100644 index 9078b4a99e43..000000000000 --- a/pkg/fanal/analyzer/language/php/binary/binary_test.go +++ /dev/null @@ -1,107 +0,0 @@ -package generic - -import ( - "context" - "os" - "runtime" - "testing" - - "github.com/samber/lo" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" - "github.com/aquasecurity/trivy/pkg/fanal/types" -) - -func Test_rustBinaryLibraryAnalyzer_Analyze(t *testing.T) { - tests := []struct { - name string - inputFile string - want *analyzer.AnalysisResult - }{ - { - name: "happy path", - inputFile: "testdata/php", - want: &analyzer.AnalysisResult{ - Applications: []types.Application{ - { - Type: types.PhpGeneric, - FilePath: "testdata/php", - Libraries: types.Packages{ - { - ID: "php@8.0.7", - Name: "php", - Version: "8.0.7", - }, - }, - }, - }, - }, - }, - { - name: "not Python binary", - inputFile: "testdata/dummy", - }, - { - name: "broken elf", - inputFile: "testdata/broken_elf", - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - f, err := os.Open(tt.inputFile) - require.NoError(t, err) - defer f.Close() - - a := phpBinaryAnalyzer{} - ctx := context.Background() - got, err := a.Analyze(ctx, analyzer.AnalysisInput{ - FilePath: tt.inputFile, - Content: f, - }) - - assert.NoError(t, err) - assert.Equal(t, tt.want, got) - }) - } -} - - -func Test_pythonBinaryAnalyzer_Required(t *testing.T) { - tests := []struct { - name string - filePath string - want bool - }{ - { - name: "Python binary", - filePath: "testdata/php", - want: true, - }, - { - name: "executable file", - filePath: lo.Ternary(runtime.GOOS == "windows", "testdata/binary.exe", "testdata/0755"), - want: false, - }, - { - name: "file perm 0644", - filePath: "testdata/0644", - want: false, - }, - { - name: "symlink", - filePath: "testdata/symlink", - want: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - a := phpBinaryAnalyzer{} - fileInfo, err := os.Lstat(tt.filePath) - require.NoError(t, err) - got := a.Required(tt.filePath, fileInfo) - assert.Equal(t, tt.want, got, fileInfo.Mode().Perm()) - }) - } -} diff --git a/pkg/fanal/analyzer/language/php/binary/testdata/0644 b/pkg/fanal/analyzer/language/php/binary/testdata/0644 deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/php/binary/testdata/0755 b/pkg/fanal/analyzer/language/php/binary/testdata/0755 deleted file mode 100755 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/php/binary/testdata/broken_elf b/pkg/fanal/analyzer/language/php/binary/testdata/broken_elf deleted file mode 100644 index 1a736bf298d6..000000000000 --- a/pkg/fanal/analyzer/language/php/binary/testdata/broken_elf +++ /dev/null @@ -1 +0,0 @@ -ELF diff --git a/pkg/fanal/analyzer/language/php/binary/testdata/dummy b/pkg/fanal/analyzer/language/php/binary/testdata/dummy deleted file mode 100644 index 26bf640459d3..000000000000 --- a/pkg/fanal/analyzer/language/php/binary/testdata/dummy +++ /dev/null @@ -1 +0,0 @@ -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA \ No newline at end of file diff --git a/pkg/fanal/analyzer/language/php/binary/testdata/foo b/pkg/fanal/analyzer/language/php/binary/testdata/foo deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/php/binary/testdata/php b/pkg/fanal/analyzer/language/php/binary/testdata/php deleted file mode 100755 index 6f5592299136..000000000000 Binary files a/pkg/fanal/analyzer/language/php/binary/testdata/php and /dev/null differ diff --git a/pkg/fanal/analyzer/language/php/binary/testdata/symlink b/pkg/fanal/analyzer/language/php/binary/testdata/symlink deleted file mode 120000 index a9c3f30e007a..000000000000 --- a/pkg/fanal/analyzer/language/php/binary/testdata/symlink +++ /dev/null @@ -1 +0,0 @@ -./foo \ No newline at end of file diff --git a/pkg/fanal/analyzer/language/python/binary/binary.go b/pkg/fanal/analyzer/language/python/binary/binary.go deleted file mode 100644 index 2a7e6e6f2f24..000000000000 --- a/pkg/fanal/analyzer/language/python/binary/binary.go +++ /dev/null @@ -1,54 +0,0 @@ -package generic - -import ( - "context" - "errors" - "regexp" - "fmt" - "os" - - "golang.org/x/xerrors" - - "github.com/aquasecurity/trivy/pkg/dependency/parser/python/binary" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" - "github.com/aquasecurity/trivy/pkg/fanal/analyzer/language" - "github.com/aquasecurity/trivy/pkg/fanal/types" - "github.com/aquasecurity/trivy/pkg/fanal/utils" - "github.com/aquasecurity/trivy/pkg/log" -) - - -func init() { - analyzer.RegisterAnalyzer(&pythonBinaryAnalyzer{}) -} - -const version = 1 - -type pythonBinaryAnalyzer struct{} - -func (a pythonBinaryAnalyzer) Analyze(_ context.Context, input analyzer.AnalysisInput) (*analyzer.AnalysisResult, error) { - res, err := language.Analyze(types.PythonGeneric, input.FilePath, input.Content, binary.NewParser()) - if errors.Is(err, binary.ErrUnrecognizedExe) || errors.Is(err, binary.ErrNonPythonBinary) { - return nil, nil - } else if err != nil { - return nil, xerrors.Errorf("Python binary parse error: %w", err) - } - log.Debug("result", fmt.Sprintf("%+v\n", res)) - return res, nil -} - -func (a pythonBinaryAnalyzer) Required(_ string, fileInfo os.FileInfo) bool { - pythonLibNameRegex := regexp.MustCompile("^libpython[0-9]+(?:[.0-9]+)+[a-z]?[.]so.*$") - pythonBinaryNameRegex := regexp.MustCompile("(?:.*/|^)python(?P[0-9]+(?:[.0-9]+)+)?$") - isPythonBinary := pythonBinaryNameRegex.FindSubmatch([]byte(fileInfo.Name())) - isPythonLibSo := pythonLibNameRegex.FindSubmatch([]byte(fileInfo.Name())) - return utils.IsExecutable(fileInfo) && (isPythonBinary != nil || isPythonLibSo != nil) -} - -func (a pythonBinaryAnalyzer) Type() analyzer.Type { - return analyzer.TypePythonGeneric //Since we don't know the exact type of the binary and ecosystem, we need to use TypeGeneric which will query NVD for vulns -} - -func (a pythonBinaryAnalyzer) Version() int { - return version -} diff --git a/pkg/fanal/analyzer/language/python/binary/binary_test.go b/pkg/fanal/analyzer/language/python/binary/binary_test.go deleted file mode 100644 index 35f0dfc82d31..000000000000 --- a/pkg/fanal/analyzer/language/python/binary/binary_test.go +++ /dev/null @@ -1,107 +0,0 @@ -package generic - -import ( - "context" - "os" - "runtime" - "testing" - - "github.com/samber/lo" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - - "github.com/aquasecurity/trivy/pkg/fanal/analyzer" - "github.com/aquasecurity/trivy/pkg/fanal/types" -) - -func Test_rustBinaryLibraryAnalyzer_Analyze(t *testing.T) { - tests := []struct { - name string - inputFile string - want *analyzer.AnalysisResult - }{ - { - name: "happy path", - inputFile: "testdata/python3.10", - want: &analyzer.AnalysisResult{ - Applications: []types.Application{ - { - Type: types.PythonGeneric, - FilePath: "testdata/python3.10", - Libraries: types.Packages{ - { - ID: "python@3.10.12", - Name: "python", - Version: "3.10.12", - }, - }, - }, - }, - }, - }, - { - name: "not Python binary", - inputFile: "testdata/dummy", - }, - { - name: "broken elf", - inputFile: "testdata/broken_elf", - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - f, err := os.Open(tt.inputFile) - require.NoError(t, err) - defer f.Close() - - a := pythonBinaryAnalyzer{} - ctx := context.Background() - got, err := a.Analyze(ctx, analyzer.AnalysisInput{ - FilePath: tt.inputFile, - Content: f, - }) - - assert.NoError(t, err) - assert.Equal(t, tt.want, got) - }) - } -} - - -func Test_pythonBinaryAnalyzer_Required(t *testing.T) { - tests := []struct { - name string - filePath string - want bool - }{ - { - name: "Python binary", - filePath: "testdata/python2.7", - want: true, - }, - { - name: "executable file", - filePath: lo.Ternary(runtime.GOOS == "windows", "testdata/binary.exe", "testdata/0755"), - want: false, - }, - { - name: "file perm 0644", - filePath: "testdata/0644", - want: false, - }, - { - name: "symlink", - filePath: "testdata/symlink", - want: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - a := pythonBinaryAnalyzer{} - fileInfo, err := os.Lstat(tt.filePath) - require.NoError(t, err) - got := a.Required(tt.filePath, fileInfo) - assert.Equal(t, tt.want, got, fileInfo.Mode().Perm()) - }) - } -} diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/0644 b/pkg/fanal/analyzer/language/python/binary/testdata/0644 deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/0755 b/pkg/fanal/analyzer/language/python/binary/testdata/0755 deleted file mode 100755 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/broken_elf b/pkg/fanal/analyzer/language/python/binary/testdata/broken_elf deleted file mode 100644 index 1a736bf298d6..000000000000 --- a/pkg/fanal/analyzer/language/python/binary/testdata/broken_elf +++ /dev/null @@ -1 +0,0 @@ -ELF diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/dummy b/pkg/fanal/analyzer/language/python/binary/testdata/dummy deleted file mode 100644 index 26bf640459d3..000000000000 --- a/pkg/fanal/analyzer/language/python/binary/testdata/dummy +++ /dev/null @@ -1 +0,0 @@ -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA \ No newline at end of file diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/foo b/pkg/fanal/analyzer/language/python/binary/testdata/foo deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/python2.7 b/pkg/fanal/analyzer/language/python/binary/testdata/python2.7 deleted file mode 100755 index 4cfee55c3d44..000000000000 Binary files a/pkg/fanal/analyzer/language/python/binary/testdata/python2.7 and /dev/null differ diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/python3.10 b/pkg/fanal/analyzer/language/python/binary/testdata/python3.10 deleted file mode 100644 index a7ac65d3c156..000000000000 Binary files a/pkg/fanal/analyzer/language/python/binary/testdata/python3.10 and /dev/null differ diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/python3.9 b/pkg/fanal/analyzer/language/python/binary/testdata/python3.9 deleted file mode 100644 index d75bbfa4fcf0..000000000000 Binary files a/pkg/fanal/analyzer/language/python/binary/testdata/python3.9 and /dev/null differ diff --git a/pkg/fanal/analyzer/language/python/binary/testdata/symlink b/pkg/fanal/analyzer/language/python/binary/testdata/symlink deleted file mode 120000 index 9af1f534727e..000000000000 --- a/pkg/fanal/analyzer/language/python/binary/testdata/symlink +++ /dev/null @@ -1 +0,0 @@ -pkg/fanal/analyzer/language/python/binary/testdata/foo \ No newline at end of file diff --git a/pkg/fanal/types/const.go b/pkg/fanal/types/const.go index def474300c56..fa41ed099a5c 100644 --- a/pkg/fanal/types/const.go +++ b/pkg/fanal/types/const.go @@ -43,40 +43,40 @@ const ( // Programming language dependencies const ( - Bundler LangType = "bundler" - GemSpec LangType = "gemspec" - Cargo LangType = "cargo" - PhpGeneric LangType = "php" - Composer LangType = "composer" - Npm LangType = "npm" - NuGet LangType = "nuget" - DotNetCore LangType = "dotnet-core" - PackagesProps LangType = "packages-props" - Pip LangType = "pip" - Pipenv LangType = "pipenv" - Poetry LangType = "poetry" - CondaPkg LangType = "conda-pkg" - CondaEnv LangType = "conda-environment" - PythonPkg LangType = "python-pkg" - PythonGeneric LangType = "python" - NodeJsGeneric LangType = "nodejs" - NodePkg LangType = "node-pkg" - Yarn LangType = "yarn" - Pnpm LangType = "pnpm" - Jar LangType = "jar" - Pom LangType = "pom" - Gradle LangType = "gradle" - GoBinary LangType = "gobinary" - GoModule LangType = "gomod" - JavaScript LangType = "javascript" - RustBinary LangType = "rustbinary" - Conan LangType = "conan" - Cocoapods LangType = "cocoapods" - Swift LangType = "swift" - Pub LangType = "pub" - Hex LangType = "hex" - Bitnami LangType = "bitnami" - Julia LangType = "julia" + Bundler LangType = "bundler" + GemSpec LangType = "gemspec" + Cargo LangType = "cargo" + PhpExecutable LangType = "php" + Composer LangType = "composer" + Npm LangType = "npm" + NuGet LangType = "nuget" + DotNetCore LangType = "dotnet-core" + PackagesProps LangType = "packages-props" + Pip LangType = "pip" + Pipenv LangType = "pipenv" + Poetry LangType = "poetry" + CondaPkg LangType = "conda-pkg" + CondaEnv LangType = "conda-environment" + PythonPkg LangType = "python-pkg" + PythonExecutable LangType = "python" + NodeJsExecutable LangType = "nodejs" + NodePkg LangType = "node-pkg" + Yarn LangType = "yarn" + Pnpm LangType = "pnpm" + Jar LangType = "jar" + Pom LangType = "pom" + Gradle LangType = "gradle" + GoBinary LangType = "gobinary" + GoModule LangType = "gomod" + JavaScript LangType = "javascript" + RustBinary LangType = "rustbinary" + Conan LangType = "conan" + Cocoapods LangType = "cocoapods" + Swift LangType = "swift" + Pub LangType = "pub" + Hex LangType = "hex" + Bitnami LangType = "bitnami" + Julia LangType = "julia" K8sUpstream LangType = "kubernetes" EKS LangType = "eks" // Amazon Elastic Kubernetes Service diff --git a/pkg/purl/purl.go b/pkg/purl/purl.go index 6705154d9161..4f8c70fcf39c 100644 --- a/pkg/purl/purl.go +++ b/pkg/purl/purl.go @@ -476,7 +476,7 @@ func purlType(t ftypes.TargetType) string { ftypes.Amazon, ftypes.Fedora, ftypes.Oracle, ftypes.OpenSUSE, ftypes.OpenSUSELeap, ftypes.OpenSUSETumbleweed, ftypes.SLES, ftypes.Photon: return packageurl.TypeRPM - case ftypes.PythonGeneric, ftypes.PhpGeneric, ftypes.NodeJsGeneric: + case ftypes.PythonExecutable, ftypes.PhpExecutable, ftypes.NodeJsExecutable: return packageurl.TypeGeneric case TypeOCI: return packageurl.TypeOCI