diff --git a/pkg/dependency/parser/julia/manifest/parse.go b/pkg/dependency/parser/julia/manifest/parse.go index 061676d3f599..13d1cb208bcb 100644 --- a/pkg/dependency/parser/julia/manifest/parse.go +++ b/pkg/dependency/parser/julia/manifest/parse.go @@ -36,8 +36,9 @@ func (p *Parser) Parse(r xio.ReadSeekerAt) ([]ftypes.Package, []ftypes.Dependenc var primMan primitiveManifest var manMetadata toml.MetaData decoder := toml.NewDecoder(r) - // Try to read the old Manifest format. If that fails, try the new format. - if _, err := decoder.Decode(&oldDeps); err != nil { + // Try to read the old Manifest format. This can also read the v1.0 Manifest format, which we parse out later. + var err error + if manMetadata, err = decoder.Decode(&oldDeps); err != nil { if _, err = r.Seek(0, io.SeekStart); err != nil { return nil, nil, xerrors.Errorf("seek error: %w", err) } diff --git a/pkg/dependency/parser/julia/manifest/parse_test.go b/pkg/dependency/parser/julia/manifest/parse_test.go index 229499c6cb71..95a1180f6de9 100644 --- a/pkg/dependency/parser/julia/manifest/parse_test.go +++ b/pkg/dependency/parser/julia/manifest/parse_test.go @@ -21,14 +21,14 @@ func TestParse(t *testing.T) { { name: "Manifest v1.6", file: "testdata/primary/Manifest_v1.6.toml", - want: juliaV1_6Pkgs, - wantDeps: juliaV1_6Deps, + want: juliaV16Libs, + wantDeps: juliaV16Deps, }, { name: "Manifest v1.8", file: "testdata/primary/Manifest_v1.8.toml", - want: juliaV1_8Pkgs, - wantDeps: juliaV1_8Deps, + want: juliaV18Libs, + wantDeps: juliaV18Deps, }, { name: "no deps v1.6", @@ -45,14 +45,20 @@ func TestParse(t *testing.T) { { name: "dep extensions v1.9", file: "testdata/dep_ext_v1.9/Manifest.toml", - want: juliaV1_9DepExtPkgs, + want: juliaV19DepExtLibs, wantDeps: nil, }, { name: "shadowed dep v1.9", file: "testdata/shadowed_dep_v1.9/Manifest.toml", - want: juliaV1_9ShadowedDepPkgs, - wantDeps: juliaV1_9ShadowedDepDeps, + want: juliaV19ShadowedDepLibs, + wantDeps: juliaV19ShadowedDepDeps, + }, + { + name: "julia v1.0 format", + file: "testdata/julia_v1.0_format/Manifest.toml", + want: juliaV10FormatLibs, + wantDeps: juliaV10FormatDeps, }, } diff --git a/pkg/dependency/parser/julia/manifest/parse_testcase.go b/pkg/dependency/parser/julia/manifest/parse_testcase.go index 75602f7311f8..e75df9b2b840 100644 --- a/pkg/dependency/parser/julia/manifest/parse_testcase.go +++ b/pkg/dependency/parser/julia/manifest/parse_testcase.go @@ -1,18 +1,18 @@ package julia -import ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" +import "github.com/aquasecurity/trivy/pkg/fanal/types" var ( - juliaV1_6Pkgs = []ftypes.Package{ - {ID: "ade2ca70-3891-5945-98fb-dc099432e06a", Name: "Dates", Version: "unknown", Locations: []ftypes.Location{{StartLine: 3, EndLine: 5}}}, - {ID: "682c06a0-de6a-54ab-a142-c8b1cf79cde6", Name: "JSON", Version: "0.21.4", Locations: []ftypes.Location{{StartLine: 7, EndLine: 11}}}, - {ID: "a63ad114-7e13-5084-954f-fe012c677804", Name: "Mmap", Version: "unknown", Locations: []ftypes.Location{{StartLine: 13, EndLine: 14}}}, - {ID: "69de0a69-1ddd-5017-9359-2bf0b02dc9f0", Name: "Parsers", Version: "2.4.2", Locations: []ftypes.Location{{StartLine: 16, EndLine: 20}}}, - {ID: "de0858da-6303-5e67-8744-51eddeeeb8d7", Name: "Printf", Version: "unknown", Locations: []ftypes.Location{{StartLine: 22, EndLine: 24}}}, - {ID: "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5", Name: "Unicode", Version: "unknown", Locations: []ftypes.Location{{StartLine: 26, EndLine: 27}}}, + juliaV16Libs = []ftypes.Library{ + {ID: "ade2ca70-3891-5945-98fb-dc099432e06a", Name: "Dates", Version: "unknown", Locations: []types.Location{{StartLine: 3, EndLine: 5}}}, + {ID: "682c06a0-de6a-54ab-a142-c8b1cf79cde6", Name: "JSON", Version: "0.21.4", Locations: []types.Location{{StartLine: 7, EndLine: 11}}}, + {ID: "a63ad114-7e13-5084-954f-fe012c677804", Name: "Mmap", Version: "unknown", Locations: []types.Location{{StartLine: 13, EndLine: 14}}}, + {ID: "69de0a69-1ddd-5017-9359-2bf0b02dc9f0", Name: "Parsers", Version: "2.4.2", Locations: []types.Location{{StartLine: 16, EndLine: 20}}}, + {ID: "de0858da-6303-5e67-8744-51eddeeeb8d7", Name: "Printf", Version: "unknown", Locations: []types.Location{{StartLine: 22, EndLine: 24}}}, + {ID: "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5", Name: "Unicode", Version: "unknown", Locations: []types.Location{{StartLine: 26, EndLine: 27}}}, } - juliaV1_6Deps = []ftypes.Dependency{ + juliaV16Deps = []ftypes.Dependency{ {ID: "ade2ca70-3891-5945-98fb-dc099432e06a", DependsOn: []string{"de0858da-6303-5e67-8744-51eddeeeb8d7"}}, {ID: "682c06a0-de6a-54ab-a142-c8b1cf79cde6", DependsOn: []string{ "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5", @@ -24,23 +24,23 @@ var ( {ID: "de0858da-6303-5e67-8744-51eddeeeb8d7", DependsOn: []string{"4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5"}}, } - juliaV1_8Pkgs = []ftypes.Package{ - {ID: "ade2ca70-3891-5945-98fb-dc099432e06a", Name: "Dates", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 7, EndLine: 9}}}, - {ID: "682c06a0-de6a-54ab-a142-c8b1cf79cde6", Name: "JSON", Version: "0.21.4", Locations: []ftypes.Location{{StartLine: 11, EndLine: 15}}}, - {ID: "a63ad114-7e13-5084-954f-fe012c677804", Name: "Mmap", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 17, EndLine: 18}}}, - {ID: "69de0a69-1ddd-5017-9359-2bf0b02dc9f0", Name: "Parsers", Version: "2.5.10", Locations: []ftypes.Location{{StartLine: 20, EndLine: 24}}}, - {ID: "aea7be01-6a6a-4083-8856-8a6e6704d82a", Name: "PrecompileTools", Version: "1.1.1", Locations: []ftypes.Location{{StartLine: 26, EndLine: 30}}}, - {ID: "21216c6a-2e73-6563-6e65-726566657250", Name: "Preferences", Version: "1.4.0", Locations: []ftypes.Location{{StartLine: 32, EndLine: 36}}}, - {ID: "de0858da-6303-5e67-8744-51eddeeeb8d7", Name: "Printf", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 38, EndLine: 40}}}, - {ID: "9a3f8284-a2c9-5f02-9a11-845980a1fd5c", Name: "Random", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 42, EndLine: 44}}}, - {ID: "ea8e919c-243c-51af-8825-aaa63cd721ce", Name: "SHA", Version: "0.7.0", Locations: []ftypes.Location{{StartLine: 46, EndLine: 48}}}, - {ID: "9e88b42a-f829-5b0c-bbe9-9e923198166b", Name: "Serialization", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 50, EndLine: 51}}}, - {ID: "fa267f1f-6049-4f14-aa54-33bafae1ed76", Name: "TOML", Version: "1.0.0", Locations: []ftypes.Location{{StartLine: 53, EndLine: 56}}}, - {ID: "cf7118a7-6976-5b1a-9a39-7adc72f591a4", Name: "UUIDs", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 58, EndLine: 60}}}, - {ID: "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5", Name: "Unicode", Version: "1.8.5", Locations: []ftypes.Location{{StartLine: 62, EndLine: 63}}}, + juliaV18Libs = []ftypes.Library{ + {ID: "ade2ca70-3891-5945-98fb-dc099432e06a", Name: "Dates", Version: "1.8.5", Locations: []types.Location{{StartLine: 7, EndLine: 9}}}, + {ID: "682c06a0-de6a-54ab-a142-c8b1cf79cde6", Name: "JSON", Version: "0.21.4", Locations: []types.Location{{StartLine: 11, EndLine: 15}}}, + {ID: "a63ad114-7e13-5084-954f-fe012c677804", Name: "Mmap", Version: "1.8.5", Locations: []types.Location{{StartLine: 17, EndLine: 18}}}, + {ID: "69de0a69-1ddd-5017-9359-2bf0b02dc9f0", Name: "Parsers", Version: "2.5.10", Locations: []types.Location{{StartLine: 20, EndLine: 24}}}, + {ID: "aea7be01-6a6a-4083-8856-8a6e6704d82a", Name: "PrecompileTools", Version: "1.1.1", Locations: []types.Location{{StartLine: 26, EndLine: 30}}}, + {ID: "21216c6a-2e73-6563-6e65-726566657250", Name: "Preferences", Version: "1.4.0", Locations: []types.Location{{StartLine: 32, EndLine: 36}}}, + {ID: "de0858da-6303-5e67-8744-51eddeeeb8d7", Name: "Printf", Version: "1.8.5", Locations: []types.Location{{StartLine: 38, EndLine: 40}}}, + {ID: "9a3f8284-a2c9-5f02-9a11-845980a1fd5c", Name: "Random", Version: "1.8.5", Locations: []types.Location{{StartLine: 42, EndLine: 44}}}, + {ID: "ea8e919c-243c-51af-8825-aaa63cd721ce", Name: "SHA", Version: "0.7.0", Locations: []types.Location{{StartLine: 46, EndLine: 48}}}, + {ID: "9e88b42a-f829-5b0c-bbe9-9e923198166b", Name: "Serialization", Version: "1.8.5", Locations: []types.Location{{StartLine: 50, EndLine: 51}}}, + {ID: "fa267f1f-6049-4f14-aa54-33bafae1ed76", Name: "TOML", Version: "1.0.0", Locations: []types.Location{{StartLine: 53, EndLine: 56}}}, + {ID: "cf7118a7-6976-5b1a-9a39-7adc72f591a4", Name: "UUIDs", Version: "1.8.5", Locations: []types.Location{{StartLine: 58, EndLine: 60}}}, + {ID: "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5", Name: "Unicode", Version: "1.8.5", Locations: []types.Location{{StartLine: 62, EndLine: 63}}}, } - juliaV1_8Deps = []ftypes.Dependency{ + juliaV18Deps = []ftypes.Dependency{ {ID: "ade2ca70-3891-5945-98fb-dc099432e06a", DependsOn: []string{"de0858da-6303-5e67-8744-51eddeeeb8d7"}}, {ID: "682c06a0-de6a-54ab-a142-c8b1cf79cde6", DependsOn: []string{ "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5", @@ -61,17 +61,32 @@ var ( {ID: "cf7118a7-6976-5b1a-9a39-7adc72f591a4", DependsOn: []string{"9a3f8284-a2c9-5f02-9a11-845980a1fd5c", "ea8e919c-243c-51af-8825-aaa63cd721ce"}}, } - juliaV1_9DepExtPkgs = []ftypes.Package{ - {ID: "621f4979-c628-5d54-868e-fcf4e3e8185c", Name: "AbstractFFTs", Version: "1.3.1", Locations: []ftypes.Location{{StartLine: 7, EndLine: 10}}}, + juliaV19DepExtLibs = []ftypes.Library{ + {ID: "621f4979-c628-5d54-868e-fcf4e3e8185c", Name: "AbstractFFTs", Version: "1.3.1", Locations: []types.Location{{StartLine: 7, EndLine: 10}}}, } - juliaV1_9ShadowedDepPkgs = []ftypes.Package{ - {ID: "ead4f63c-334e-11e9-00e6-e7f0a5f21b60", Name: "A", Version: "1.9.0", Locations: []ftypes.Location{{StartLine: 7, EndLine: 8}}}, - {ID: "f41f7b98-334e-11e9-1257-49272045fb24", Name: "B", Version: "1.9.0", Locations: []ftypes.Location{{StartLine: 13, EndLine: 14}}}, - {ID: "edca9bc6-334e-11e9-3554-9595dbb4349c", Name: "B", Version: "1.9.0", Locations: []ftypes.Location{{StartLine: 15, EndLine: 16}}}, + juliaV19ShadowedDepLibs = []ftypes.Library{ + {ID: "ead4f63c-334e-11e9-00e6-e7f0a5f21b60", Name: "A", Version: "1.9.0", Locations: []types.Location{{StartLine: 7, EndLine: 8}}}, + {ID: "f41f7b98-334e-11e9-1257-49272045fb24", Name: "B", Version: "1.9.0", Locations: []types.Location{{StartLine: 13, EndLine: 14}}}, + {ID: "edca9bc6-334e-11e9-3554-9595dbb4349c", Name: "B", Version: "1.9.0", Locations: []types.Location{{StartLine: 15, EndLine: 16}}}, } - juliaV1_9ShadowedDepDeps = []ftypes.Dependency{ + juliaV19ShadowedDepDeps = []ftypes.Dependency{ {ID: "ead4f63c-334e-11e9-00e6-e7f0a5f21b60", DependsOn: []string{"f41f7b98-334e-11e9-1257-49272045fb24"}}, } + + juliaV10FormatLibs = []ftypes.Library{ + {ID: "767738be-2f1f-45a9-b806-0234f3164144", Name: "Foo", Version: "unknown", Locations: []types.Location{{StartLine: 1, EndLine: 5}}}, + {ID: "6f418443-bd2e-4783-b551-cdbac608adf2", Name: "Foo", Version: "unknown", Locations: []types.Location{{StartLine: 7, EndLine: 10}}}, + {ID: "2a550a13-6bab-4a91-a4ee-dff34d6b99d0", Name: "Bar", Version: "unknown", Locations: []types.Location{{StartLine: 12, EndLine: 14}}}, + {ID: "6801f525-dc68-44e8-a4e8-cabd286279e7", Name: "Baz", Version: "unknown", Locations: []types.Location{{StartLine: 19, EndLine: 21}}}, + {ID: "b5ec9b9c-e354-47fd-b367-a348bdc8f909", Name: "Qux", Version: "unknown", Locations: []types.Location{{StartLine: 26, EndLine: 28}}}, + } + + juliaV10FormatDeps = []ftypes.Dependency{ + {ID: "767738be-2f1f-45a9-b806-0234f3164144", DependsOn: []string{"2a550a13-6bab-4a91-a4ee-dff34d6b99d0", "6801f525-dc68-44e8-a4e8-cabd286279e7", "b5ec9b9c-e354-47fd-b367-a348bdc8f909"}}, + {ID: "6f418443-bd2e-4783-b551-cdbac608adf2", DependsOn: []string{"b5ec9b9c-e354-47fd-b367-a348bdc8f909"}}, + {ID: "2a550a13-6bab-4a91-a4ee-dff34d6b99d0", DependsOn: []string{"6801f525-dc68-44e8-a4e8-cabd286279e7", "6f418443-bd2e-4783-b551-cdbac608adf2"}}, + {ID: "6801f525-dc68-44e8-a4e8-cabd286279e7", DependsOn: []string{"6f418443-bd2e-4783-b551-cdbac608adf2", "b5ec9b9c-e354-47fd-b367-a348bdc8f909"}}, + } ) diff --git a/pkg/dependency/parser/julia/manifest/testdata/julia_v1.0_format/Manifest.toml b/pkg/dependency/parser/julia/manifest/testdata/julia_v1.0_format/Manifest.toml new file mode 100644 index 000000000000..a5a893066c36 --- /dev/null +++ b/pkg/dependency/parser/julia/manifest/testdata/julia_v1.0_format/Manifest.toml @@ -0,0 +1,28 @@ +[[Foo]] +deps = ["Bar", "Baz", "Qux"] +uuid = "767738be-2f1f-45a9-b806-0234f3164144" +git-tree-sha1 = "7c626031568a5e432112a74009c3763f9b851e3e" +path = "deps/Foo1" + +[[Foo]] +deps = ["Qux"] +uuid = "6f418443-bd2e-4783-b551-cdbac608adf2" +path = "deps/Foo2.jl" + +[[Bar]] +uuid = "2a550a13-6bab-4a91-a4ee-dff34d6b99d0" +path = "deps/Bar" +[Bar.deps] +Baz = "6801f525-dc68-44e8-a4e8-cabd286279e7" +Foo = "6f418443-bd2e-4783-b551-cdbac608adf2" + +[[Baz]] +uuid = "6801f525-dc68-44e8-a4e8-cabd286279e7" +git-tree-sha1 = "efc7e24c53d6a328011975294a2c75fed2f9800a" +[Baz.deps] +Foo = "6f418443-bd2e-4783-b551-cdbac608adf2" +Qux = "b5ec9b9c-e354-47fd-b367-a348bdc8f909" + +[[Qux]] +uuid = "b5ec9b9c-e354-47fd-b367-a348bdc8f909" +path = "deps/Qux.jl" diff --git a/pkg/dependency/parser/julia/manifest/testdata/julia_v1.0_format/Project.toml b/pkg/dependency/parser/julia/manifest/testdata/julia_v1.0_format/Project.toml new file mode 100644 index 000000000000..9d42e37cd67f --- /dev/null +++ b/pkg/dependency/parser/julia/manifest/testdata/julia_v1.0_format/Project.toml @@ -0,0 +1,6 @@ +name = "TestProject" +uuid = "84c38c17-0c6f-4d12-a694-d20b69c16777" + +[deps] +Foo = "767738be-2f1f-45a9-b806-0234f3164144" +Bar = "2a550a13-6bab-4a91-a4ee-dff34d6b99d0"