diff --git a/go.mod b/go.mod index e0482205c28..1f438368908 100644 --- a/go.mod +++ b/go.mod @@ -10,8 +10,8 @@ require ( github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4 github.com/anchore/packageurl-go v0.1.1-0.20220428202044-a072fa3cb6d7 - github.com/anchore/stereoscope v0.0.0-20220616165231-b0fd10fdee06 - github.com/anchore/syft v0.49.0 + github.com/anchore/stereoscope v0.0.0-20220628191509-5bd627c0f9ce + github.com/anchore/syft v0.50.0 github.com/bmatcuk/doublestar/v2 v2.0.4 github.com/docker/docker v20.10.12+incompatible github.com/dustin/go-humanize v1.0.0 diff --git a/go.sum b/go.sum index 2eebb0ae082..775b57e8460 100644 --- a/go.sum +++ b/go.sum @@ -253,10 +253,10 @@ github.com/anchore/packageurl-go v0.1.1-0.20220428202044-a072fa3cb6d7 h1:kDrYkTS github.com/anchore/packageurl-go v0.1.1-0.20220428202044-a072fa3cb6d7/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4= github.com/anchore/sqlite v1.4.6-0.20220607210448-bcc6ee5c4963 h1:vrf2PYH77vqVJoNR15ZuFJ63qwBMqrmGIt/7VsBhLF8= github.com/anchore/sqlite v1.4.6-0.20220607210448-bcc6ee5c4963/go.mod h1:AVRyXOUP0hTz9Cb8OlD1XnwA8t4lBPfTuwPHmEUuiLc= -github.com/anchore/stereoscope v0.0.0-20220616165231-b0fd10fdee06 h1:TSRA7gtuia3eyleTO3t7iPU+9xHbdSaufoUFNQUwUXo= -github.com/anchore/stereoscope v0.0.0-20220616165231-b0fd10fdee06/go.mod h1:sai2ZjAtT/y1GRQBDRbynhdhnQcGWBvVcv8CN3hTWmI= -github.com/anchore/syft v0.49.0 h1:C+ol3K5K1UDgzRAAdHt+dWglex9lAV+JQMotM10HR0s= -github.com/anchore/syft v0.49.0/go.mod h1:bo4IP6CDEnITW3WDy0Sefyg0GpvRPPcmkzB4cLGkcqs= +github.com/anchore/stereoscope v0.0.0-20220628191509-5bd627c0f9ce h1:KNB0d342QvE6V7iwqyf4NoyxRp6LVYoGjU1htgf0at8= +github.com/anchore/stereoscope v0.0.0-20220628191509-5bd627c0f9ce/go.mod h1:sai2ZjAtT/y1GRQBDRbynhdhnQcGWBvVcv8CN3hTWmI= +github.com/anchore/syft v0.50.0 h1:gCLnnpQGX06ATVtaRNnA5M9Cn6hodq7YfOkpFwTElEk= +github.com/anchore/syft v0.50.0/go.mod h1:suElXOFuhOBa76Xd+EVZQw2RZvnHvp+yIyg6IdTCzvs= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= diff --git a/grype/db/v3/namespace_test.go b/grype/db/v3/namespace_test.go index af8f9a1efaf..c55a99cecff 100644 --- a/grype/db/v3/namespace_test.go +++ b/grype/db/v3/namespace_test.go @@ -334,8 +334,9 @@ func Test_NamespacesForLanguage(t *testing.T) { allLanguages.Add(string(l)) } - // remove PHP for coverage as feed has not been updated + // remove PHP, CPP for coverage as feed has not been updated allLanguages.Remove(string(syftPkg.PHP)) + allLanguages.Remove(string(syftPkg.CPP)) for _, test := range tests { t.Run(string(test.language), func(t *testing.T) { diff --git a/grype/pkg/package_test.go b/grype/pkg/package_test.go index 566f2673e7d..f34b1ce9171 100644 --- a/grype/pkg/package_test.go +++ b/grype/pkg/package_test.go @@ -289,6 +289,16 @@ func TestNew(t *testing.T) { }, }, }, + { + name: "cpp conan-metadata", + syftPkg: syftPkg.Package{ + MetadataType: syftPkg.ConanaMetadataType, + Metadata: syftPkg.ConanMetadata{ + Name: "name", + Version: "version", + }, + }, + }, } // capture each observed metadata type, we should see all of them relate to what syft provides by the end of testing diff --git a/test/integration/compare_sbom_input_vs_lib_test.go b/test/integration/compare_sbom_input_vs_lib_test.go index 765b3f67c83..b71c03c918a 100644 --- a/test/integration/compare_sbom_input_vs_lib_test.go +++ b/test/integration/compare_sbom_input_vs_lib_test.go @@ -61,6 +61,7 @@ func TestCompareSBOMInputToLibResults(t *testing.T) { string(syftPkg.DartPubPkg), string(syftPkg.DotnetPkg), string(syftPkg.PhpComposerPkg), + string(syftPkg.ConanPkg), string(syftPkg.JenkinsPluginPkg), // package type cannot be inferred for all formats ) observedPkgTypes := strset.New()