Skip to content

Commit

Permalink
Add dpkg package source versions to the PURL generated by SCALIBR.
Browse files Browse the repository at this point in the history 
PiperOrigin-RevId: 629428253
  • Loading branch information
@erikvarga @copybara-github
erikvarga authored and copybara-github committed May 2, 2024
1 parent 2cd187f commit 6cb42b9
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 17 deletions.
3 changes: 3 additions & 0 deletions extractor/os/dpkg/extractor.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,9 @@ func (e Extractor) ToPURL(i *extractor.Inventory) (*purl.PackageURL, error) {
if m.SourceName != "" {
q[purl.Source] = m.SourceName
}
if m.SourceVersion != "" {
q[purl.SourceVersion] = m.SourceVersion
}
if m.Architecture != "" {
q[purl.Arch] = m.Architecture
}
Expand Down
29 changes: 18 additions & 11 deletions extractor/os/dpkg/extractor_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -530,6 +530,7 @@ func TestToPURL(t *testing.T) {
pkgname := "pkgname"
sourcename := "sourcename"
version := "1.2.3"
sourceversion := "1.2.4"
source := "sourcename"
e := dpkg.Extractor{}
tests := []struct {
Expand All @@ -538,10 +539,11 @@ func TestToPURL(t *testing.T) {
want *purl.PackageURL
}{
{
name: "both versions present",
name: "both OS versions present",
metadata: &dpkg.Metadata{
PackageName: pkgname,
SourceName: sourcename,
SourceVersion: sourceversion,
OSID: "debian",
OSVersionCodename: "jammy",
OSVersionID: "22.04",
Expand All @@ -552,27 +554,30 @@ func TestToPURL(t *testing.T) {
Namespace: "debian",
Version: version,
Qualifiers: purl.QualifiersFromMap(map[string]string{
purl.Source: source,
purl.Distro: "jammy",
purl.Source: source,
purl.SourceVersion: sourceversion,
purl.Distro: "jammy",
}),
},
},
{
name: "only VERSION_ID set",
metadata: &dpkg.Metadata{
PackageName: pkgname,
SourceName: sourcename,
OSID: "debian",
OSVersionID: "22.04",
PackageName: pkgname,
SourceName: sourcename,
SourceVersion: sourceversion,
OSID: "debian",
OSVersionID: "22.04",
},
want: &purl.PackageURL{
Type: purl.TypeDebian,
Name: pkgname,
Namespace: "debian",
Version: version,
Qualifiers: purl.QualifiersFromMap(map[string]string{
purl.Source: source,
purl.Distro: "22.04",
purl.Source: source,
purl.SourceVersion: sourceversion,
purl.Distro: "22.04",
}),
},
},
Expand All @@ -581,6 +586,7 @@ func TestToPURL(t *testing.T) {
metadata: &dpkg.Metadata{
PackageName: pkgname,
SourceName: sourcename,
SourceVersion: sourceversion,
OSVersionCodename: "jammy",
OSVersionID: "22.04",
},
Expand All @@ -590,8 +596,9 @@ func TestToPURL(t *testing.T) {
Namespace: "linux",
Version: version,
Qualifiers: purl.QualifiersFromMap(map[string]string{
purl.Source: source,
purl.Distro: "jammy",
purl.Source: source,
purl.SourceVersion: sourceversion,
purl.Distro: "jammy",
}),
},
},
Expand Down
13 changes: 7 additions & 6 deletions purl/purl.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -174,10 +174,11 @@ func validType(t string) bool {

// Qualifier names.
const (
Distro = "distro"
Epoch = "epoch"
Arch = "arch"
Origin = "origin"
Source = "source"
SourceRPM = "sourcerpm"
Distro = "distro"
Epoch = "epoch"
Arch = "arch"
Origin = "origin"
Source = "source"
SourceVersion = "sourceversion"
SourceRPM = "sourcerpm"
)

0 comments on commit 6cb42b9

Please sign in to comment.