From d6e43a15f7773cecbed0b717e3b9b025e014a32e Mon Sep 17 00:00:00 2001 From: Christopher Phillips Date: Tue, 16 May 2023 12:24:27 -0400 Subject: [PATCH 1/2] fix: update field plurality of 8.0.0 schema before release Signed-off-by: Christopher Phillips --- schema/json/schema-8.0.0.json | 4 +-- .../common/cyclonedxhelpers/licenses.go | 6 ++--- .../common/cyclonedxhelpers/licenses_test.go | 8 +++--- syft/formats/syftjson/model/package.go | 4 +-- syft/formats/syftjson/to_format_model.go | 6 ++--- syft/formats/syftjson/to_syft_model.go | 4 +-- syft/pkg/cataloger/apkdb/parse_apk_db_test.go | 2 +- syft/pkg/cataloger/golang/licenses_test.go | 16 ++++++------ .../php/parse_installed_json_test.go | 2 +- syft/pkg/license.go | 26 +++++++++---------- syft/pkg/license_set.go | 4 +-- syft/pkg/license_set_test.go | 12 ++++----- syft/pkg/license_test.go | 4 +-- 13 files changed, 49 insertions(+), 49 deletions(-) diff --git a/schema/json/schema-8.0.0.json b/schema/json/schema-8.0.0.json index 74157826c1b..6cd2a57b8d6 100644 --- a/schema/json/schema-8.0.0.json +++ b/schema/json/schema-8.0.0.json @@ -748,7 +748,7 @@ "type": { "type": "string" }, - "url": { + "urls": { "items": { "type": "string" }, @@ -766,7 +766,7 @@ "value", "spdxExpression", "type", - "url", + "urls", "locations" ] }, diff --git a/syft/formats/common/cyclonedxhelpers/licenses.go b/syft/formats/common/cyclonedxhelpers/licenses.go index a2e0772bffa..731d33a8823 100644 --- a/syft/formats/common/cyclonedxhelpers/licenses.go +++ b/syft/formats/common/cyclonedxhelpers/licenses.go @@ -99,7 +99,7 @@ func separateLicenses(p pkg.Package) (spdx, other cyclonedx.Licenses, expression // singular expression case // only ID field here since we guarantee that the license is valid if value, exists := spdxlicense.ID(l.SPDXExpression); exists { - if !l.URL.Empty() { + if !l.URLs.Empty() { processLicenseURLs(l, value, &spdxc) continue } @@ -127,7 +127,7 @@ func separateLicenses(p pkg.Package) (spdx, other cyclonedx.Licenses, expression // license string that are not valid spdx expressions or ids // we only use license Name here since we cannot guarantee that the license is a valid SPDX expression - if !l.URL.Empty() { + if !l.URLs.Empty() { processLicenseURLs(l, "", &otherc) continue } @@ -141,7 +141,7 @@ func separateLicenses(p pkg.Package) (spdx, other cyclonedx.Licenses, expression } func processLicenseURLs(l pkg.License, spdxID string, populate *cyclonedx.Licenses) { - for _, url := range l.URL.ToSlice() { + for _, url := range l.URLs.ToSlice() { if spdxID == "" { *populate = append(*populate, cyclonedx.LicenseChoice{ License: &cyclonedx.License{ diff --git a/syft/formats/common/cyclonedxhelpers/licenses_test.go b/syft/formats/common/cyclonedxhelpers/licenses_test.go index b3a390abcbb..5f390335cb6 100644 --- a/syft/formats/common/cyclonedxhelpers/licenses_test.go +++ b/syft/formats/common/cyclonedxhelpers/licenses_test.go @@ -137,7 +137,7 @@ func Test_encodeLicense(t *testing.T) { }, }, { - name: "with multiple URLs and single with no URL", + name: "with multiple URLs and single with no URLs", input: pkg.Package{ Licenses: pkg.NewLicenseSet( pkg.NewLicense("MIT"), @@ -224,7 +224,7 @@ func TestDecodeLicenses(t *testing.T) { Value: "RandomLicense", // CycloneDX specification doesn't give a field for determining the license type Type: license.Declared, - URL: internal.NewStringSet(), + URLs: internal.NewStringSet(), }, }, }, @@ -244,7 +244,7 @@ func TestDecodeLicenses(t *testing.T) { Value: "MIT", SPDXExpression: "MIT", Type: license.Declared, - URL: internal.NewStringSet(), + URLs: internal.NewStringSet(), }, }, }, @@ -263,7 +263,7 @@ func TestDecodeLicenses(t *testing.T) { Value: "MIT AND GPL-3.0-only WITH Classpath-exception-2.0", SPDXExpression: "MIT AND GPL-3.0-only WITH Classpath-exception-2.0", Type: license.Declared, - URL: internal.NewStringSet(), + URLs: internal.NewStringSet(), }, }, }, diff --git a/syft/formats/syftjson/model/package.go b/syft/formats/syftjson/model/package.go index c739cdada49..c4fc9580467 100644 --- a/syft/formats/syftjson/model/package.go +++ b/syft/formats/syftjson/model/package.go @@ -40,8 +40,8 @@ type License struct { Value string `json:"value"` SPDXExpression string `json:"spdxExpression"` Type license.Type `json:"type"` - URL []string `json:"url"` - Location []source.Location `json:"locations"` + URLs []string `json:"urls"` + Locations []source.Location `json:"locations"` } func newModelLicensesFromValues(licenses []string) (ml []License) { diff --git a/syft/formats/syftjson/to_format_model.go b/syft/formats/syftjson/to_format_model.go index 67feccc177f..718237b99b5 100644 --- a/syft/formats/syftjson/to_format_model.go +++ b/syft/formats/syftjson/to_format_model.go @@ -188,15 +188,15 @@ func toLicenseModel(pkgLicenses []pkg.License) (modelLicenses []model.License) { for _, l := range pkgLicenses { // guarantee collection locations := make([]source.Location, 0) - if v := l.Location.ToSlice(); v != nil { + if v := l.Locations.ToSlice(); v != nil { locations = v } modelLicenses = append(modelLicenses, model.License{ Value: l.Value, SPDXExpression: l.SPDXExpression, Type: l.Type, - URL: l.URL.ToSlice(), - Location: locations, + URLs: l.URLs.ToSlice(), + Locations: locations, }) } return diff --git a/syft/formats/syftjson/to_syft_model.go b/syft/formats/syftjson/to_syft_model.go index bfbc53866d0..0d02ef6f974 100644 --- a/syft/formats/syftjson/to_syft_model.go +++ b/syft/formats/syftjson/to_syft_model.go @@ -108,8 +108,8 @@ func toSyftLicenses(m []model.License) (p []pkg.License) { Value: l.Value, SPDXExpression: l.SPDXExpression, Type: l.Type, - URL: internal.NewStringSet(l.URL...), - Location: source.NewLocationSet(l.Location...), + URLs: internal.NewStringSet(l.URLs...), + Locations: source.NewLocationSet(l.Locations...), }) } return diff --git a/syft/pkg/cataloger/apkdb/parse_apk_db_test.go b/syft/pkg/cataloger/apkdb/parse_apk_db_test.go index 3070e95ccbf..ac344631514 100644 --- a/syft/pkg/cataloger/apkdb/parse_apk_db_test.go +++ b/syft/pkg/cataloger/apkdb/parse_apk_db_test.go @@ -684,7 +684,7 @@ func TestSinglePackageDetails(t *testing.T) { test.expected.Locations = source.NewLocationSet(fixtureLocation) licenses := test.expected.Licenses.ToSlice() for i := range licenses { - licenses[i].Location.Add(fixtureLocation) + licenses[i].Locations.Add(fixtureLocation) } test.expected.Licenses = pkg.NewLicenseSet(licenses...) pkgtest.TestFileParser(t, test.fixture, parseApkDB, []pkg.Package{test.expected}, nil) diff --git a/syft/pkg/cataloger/golang/licenses_test.go b/syft/pkg/cataloger/golang/licenses_test.go index 64b66b3f6ff..8f4545198bf 100644 --- a/syft/pkg/cataloger/golang/licenses_test.go +++ b/syft/pkg/cataloger/golang/licenses_test.go @@ -35,8 +35,8 @@ func Test_LocalLicenseSearch(t *testing.T) { Value: "Apache-2.0", SPDXExpression: "Apache-2.0", Type: license.Concluded, - Location: source.NewLocationSet(loc1), - URL: internal.NewStringSet(), + Locations: source.NewLocationSet(loc1), + URLs: internal.NewStringSet(), }, }, { @@ -46,8 +46,8 @@ func Test_LocalLicenseSearch(t *testing.T) { Value: "MIT", SPDXExpression: "MIT", Type: license.Concluded, - Location: source.NewLocationSet(loc2), - URL: internal.NewStringSet(), + Locations: source.NewLocationSet(loc2), + URLs: internal.NewStringSet(), }, }, } @@ -126,8 +126,8 @@ func Test_RemoteProxyLicenseSearch(t *testing.T) { Value: "Apache-2.0", SPDXExpression: "Apache-2.0", Type: license.Concluded, - Location: source.NewLocationSet(loc1), - URL: internal.NewStringSet(), + Locations: source.NewLocationSet(loc1), + URLs: internal.NewStringSet(), }, }, { @@ -137,8 +137,8 @@ func Test_RemoteProxyLicenseSearch(t *testing.T) { Value: "MIT", SPDXExpression: "MIT", Type: license.Concluded, - Location: source.NewLocationSet(loc2), - URL: internal.NewStringSet(), + Locations: source.NewLocationSet(loc2), + URLs: internal.NewStringSet(), }, }, } diff --git a/syft/pkg/cataloger/php/parse_installed_json_test.go b/syft/pkg/cataloger/php/parse_installed_json_test.go index 4b914640aaa..dde72021eaf 100644 --- a/syft/pkg/cataloger/php/parse_installed_json_test.go +++ b/syft/pkg/cataloger/php/parse_installed_json_test.go @@ -135,7 +135,7 @@ func TestParseInstalledJsonComposerV1(t *testing.T) { expectedPkgs[i].Locations = locations locationLicenses := pkg.NewLicenseSet() for _, license := range expectedPkgs[i].Licenses.ToSlice() { - license.Location = locations + license.Locations = locations locationLicenses.Add(license) } expectedPkgs[i].Licenses = locationLicenses diff --git a/syft/pkg/license.go b/syft/pkg/license.go index e5cc57910cd..0e0a3f04b99 100644 --- a/syft/pkg/license.go +++ b/syft/pkg/license.go @@ -14,7 +14,7 @@ import ( var _ sort.Interface = (*Licenses)(nil) // License represents an SPDX Expression or license value extracted from a packages metadata -// We want to ignore URL and Location since we merge these fields across equal licenses. +// We want to ignore URLs and Location since we merge these fields across equal licenses. // A License is a unique combination of value, expression and type, where // its sources are always considered merged and additions to the evidence // of where it was found and how it was sourced. @@ -26,8 +26,8 @@ type License struct { Value string `json:"value"` SPDXExpression string `json:"spdxExpression"` Type license.Type `json:"type"` - URL internal.StringSet `hash:"ignore"` - Location source.LocationSet `hash:"ignore"` + URLs internal.StringSet `hash:"ignore"` + Locations source.LocationSet `hash:"ignore"` } type Licenses []License @@ -40,7 +40,7 @@ func (l Licenses) Less(i, j int) bool { if l[i].Value == l[j].Value { if l[i].SPDXExpression == l[j].SPDXExpression { if l[i].Type == l[j].Type { - // While URL and location are not exclusive fields + // While URLs and location are not exclusive fields // returning true here reduces the number of swaps // while keeping a consistent sort order of // the order that they appear in the list initially @@ -69,8 +69,8 @@ func NewLicense(value string) License { Value: value, SPDXExpression: spdxExpression, Type: license.Declared, - URL: internal.NewStringSet(), - Location: source.NewLocationSet(), + URLs: internal.NewStringSet(), + Locations: source.NewLocationSet(), } } @@ -84,8 +84,8 @@ func NewLicenseFromType(value string, t license.Type) License { Value: value, SPDXExpression: spdxExpression, Type: t, - URL: internal.NewStringSet(), - Location: source.NewLocationSet(), + URLs: internal.NewStringSet(), + Locations: source.NewLocationSet(), } } @@ -109,7 +109,7 @@ func NewLicensesFromLocation(location source.Location, values ...string) (licens func NewLicenseFromLocations(value string, locations ...source.Location) License { l := NewLicense(value) for _, loc := range locations { - l.Location.Add(loc) + l.Locations.Add(loc) } return l } @@ -118,7 +118,7 @@ func NewLicenseFromURLs(value string, urls ...string) License { l := NewLicense(value) for _, u := range urls { if u != "" { - l.URL.Add(u) + l.URLs.Add(u) } } return l @@ -141,11 +141,11 @@ func (s License) Merge(l License) (*License, error) { return nil, fmt.Errorf("cannot merge licenses with different hash") } - s.URL.Add(l.URL.ToSlice()...) - if s.Location.Empty() && l.Location.Empty() { + s.URLs.Add(l.URLs.ToSlice()...) + if s.Locations.Empty() && l.Locations.Empty() { return &s, nil } - s.Location.Add(l.Location.ToSlice()...) + s.Locations.Add(l.Locations.ToSlice()...) return &s, nil } diff --git a/syft/pkg/license_set.go b/syft/pkg/license_set.go index d404288a0cf..99593fae2a2 100644 --- a/syft/pkg/license_set.go +++ b/syft/pkg/license_set.go @@ -34,8 +34,8 @@ func (s *LicenseSet) addToExisting(license License) (id artifact.ID, merged bool return id, false, nil } - // we got the same id; we want to merge the URL and Location data - // URL/Location are not considered when taking the Hash + // we got the same id; we want to merge the URLs and Location data + // URLs/Location are not considered when taking the Hash m, err := v.Merge(license) if err != nil { return id, false, fmt.Errorf("could not merge license into map: %w", err) diff --git a/syft/pkg/license_set_test.go b/syft/pkg/license_set_test.go index c6039b2c2ed..16abd83a8a1 100644 --- a/syft/pkg/license_set_test.go +++ b/syft/pkg/license_set_test.go @@ -97,8 +97,8 @@ func TestLicenseSet_Add(t *testing.T) { Value: "MIT", SPDXExpression: "MIT", Type: license.Declared, - URL: internal.NewStringSet("https://example.com"), - Location: source.NewLocationSet(source.NewLocation("/place")), + URLs: internal.NewStringSet("https://example.com"), + Locations: source.NewLocationSet(source.NewLocation("/place")), }, }, }, @@ -115,15 +115,15 @@ func TestLicenseSet_Add(t *testing.T) { Value: "MIT", SPDXExpression: "MIT", Type: license.Concluded, - URL: internal.NewStringSet(), - Location: source.NewLocationSet(), + URLs: internal.NewStringSet(), + Locations: source.NewLocationSet(), }, { Value: "MIT", SPDXExpression: "MIT", Type: license.Declared, - URL: internal.NewStringSet("https://example.com"), - Location: source.NewLocationSet(source.NewLocation("/place")), + URLs: internal.NewStringSet("https://example.com"), + Locations: source.NewLocationSet(source.NewLocation("/place")), }, }, }, diff --git a/syft/pkg/license_test.go b/syft/pkg/license_test.go index 142d18d0a86..f3456f5aa21 100644 --- a/syft/pkg/license_test.go +++ b/syft/pkg/license_test.go @@ -21,8 +21,8 @@ func Test_Hash(t *testing.T) { lic1 := NewLicenseFromLocations("MIT", loc1) lic2 := NewLicenseFromLocations("MIT", loc2) - lic1.URL.Add("foo") - lic2.URL.Add("bar") // we also want to check the URL are ignored + lic1.URLs.Add("foo") + lic2.URLs.Add("bar") // we also want to check the URLs are ignored hash1, err := artifact.IDByHash(lic1) require.NoError(t, err) From 1f445aba27de8a523268215dd75bcabffafb0380 Mon Sep 17 00:00:00 2001 From: Christopher Phillips Date: Tue, 16 May 2023 12:40:57 -0400 Subject: [PATCH 2/2] fix: update snapshots with new plural fields Signed-off-by: Christopher Phillips --- .../syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden | 2 +- .../test-fixtures/snapshot/TestEncodeFullJSONDocument.golden | 2 +- .../syftjson/test-fixtures/snapshot/TestImageEncoder.golden | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/syft/formats/syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden b/syft/formats/syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden index 1336756c8c6..a162e983559 100644 --- a/syft/formats/syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden +++ b/syft/formats/syftjson/test-fixtures/snapshot/TestDirectoryEncoder.golden @@ -16,7 +16,7 @@ "value": "MIT", "spdxExpression": "MIT", "type": "declared", - "url": [], + "urls": [], "locations": [] } ], diff --git a/syft/formats/syftjson/test-fixtures/snapshot/TestEncodeFullJSONDocument.golden b/syft/formats/syftjson/test-fixtures/snapshot/TestEncodeFullJSONDocument.golden index 923ff4f517c..c039a245730 100644 --- a/syft/formats/syftjson/test-fixtures/snapshot/TestEncodeFullJSONDocument.golden +++ b/syft/formats/syftjson/test-fixtures/snapshot/TestEncodeFullJSONDocument.golden @@ -16,7 +16,7 @@ "value": "MIT", "spdxExpression": "MIT", "type": "declared", - "url": [], + "urls": [], "locations": [] } ], diff --git a/syft/formats/syftjson/test-fixtures/snapshot/TestImageEncoder.golden b/syft/formats/syftjson/test-fixtures/snapshot/TestImageEncoder.golden index efee678a598..c0a2f758d36 100644 --- a/syft/formats/syftjson/test-fixtures/snapshot/TestImageEncoder.golden +++ b/syft/formats/syftjson/test-fixtures/snapshot/TestImageEncoder.golden @@ -17,7 +17,7 @@ "value": "MIT", "spdxExpression": "MIT", "type": "declared", - "url": [], + "urls": [], "locations": [] } ],