Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

accept main.version ldflags even without vcs #1855

Merged

Conversation

deitch
Copy link
Contributor

@deitch deitch commented May 30, 2023

syft's workaround for the go binary (devel) issue is here.

It looks at ldflags and, if it cannot find a valid main.version (or similar), it tries to calculate the go pseudo-version, which needs vcs info.

The current design does not check ldflags unless it finds vcs info first. Of course, if it finds ldflags info, it doesn't actually need the vcs info.

This PR changes it around so that it first tries to read ldflags and only after it fails to do so, does it try vcs.

I also added tests for this specific case, as well as adding tests for main.version and main.Version.

Signed-off-by: Avi Deitcher <avi@deitcher.net>
@deitch deitch force-pushed the accept-golang-main-version-even-without-vcs branch from 1011fc5 to 210dc8c Compare May 31, 2023 07:07
@deitch
Copy link
Contributor Author

deitch commented May 31, 2023

Fixed the lint issue

Copy link
Contributor

@wagoodman wagoodman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice adjustment!

@wagoodman wagoodman merged commit 68f8df9 into anchore:main Jun 1, 2023
@deitch deitch deleted the accept-golang-main-version-even-without-vcs branch June 1, 2023 12:35
@deitch
Copy link
Contributor Author

deitch commented Jun 1, 2023

Thanks! I will look for it in the next release, 0.83.0, I guess? When does that come out?

spiffcs added a commit that referenced this pull request Jun 5, 2023
* main: (21 commits)
  chore(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 (#1862)
  chore(deps): bump modernc.org/sqlite from 1.22.1 to 1.23.0 (#1863)
  feat: source-version flag (#1859)
  chore(deps): bump github.com/spf13/viper from 1.15.0 to 1.16.0 (#1851)
  accept main.version ldflags even without vcs (#1855)
  feat: add scope to pom properties (#1779)
  chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#1852)
  chore(deps): bump github.com/docker/docker (#1849)
  Add test to ensure package metadata is represented in the JSON schema (#1841)
  Fix directory resolver to consider CWD and root path input correctly (#1840)
  Migrate location-related structs to the file package (#1751)
  chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#1843)
  fix: add panic recovery for license parse (#1839)
  chore: return both failures when failed to retrieve an image with a scheme (#1801)
  Extract go module versions from ldflags for binaries built by go (#1832)
  fix: duplicate packages, support pnpm lockfile v6 (#1778)
  chore(deps): update stereoscope to e14bc4437b2eac481c5b6f101890b22df4f33596 (#1834)
  chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1829)
  chore(deps): bump github.com/docker/docker (#1833)
  Keep original FileInfo persisted on file.Metadata structs (#1794)
  ...

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@spiffcs spiffcs added the enhancement New feature or request label Jun 5, 2023
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants