Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update cataloger to check for expressions before split #1819

Merged
merged 1 commit into from
May 16, 2023
Merged

fix: update cataloger to check for expressions before split #1819

merged 1 commit into from
May 16, 2023

Conversation

spiffcs
Copy link
Contributor

@spiffcs spiffcs commented May 16, 2023

Fixes: #1817

Bug fix for Alpine cataloger to check for valid expressions on the parsed entry before splitting the licenses into individual entities.

@spiffcs
fix: update cataloger to check for expressions before split
6809c72 
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@spiffcs spiffcs added the bug Something isn't working label May 16, 2023
@spiffcs spiffcs enabled auto-merge (squash) May 16, 2023 16:00
@github-actions
Copy link

Benchmark Test Results

Benchmark results from the latest changes vs base branch 
goos: linux%0Agoarch: amd64%0Apkg: github.com/anchore/syft/test/integration%0Acpu: Intel(R) Xeon(R) CPU E5-2673 v4 @ 2.30GHz%0A                                                          │ ./.tmp/benchmark-d2c99e6.txt │%0A                                                          │            sec/op            │%0AImagePackageCatalogers/alpmdb-cataloger-2                                   14.60m ±  3%25%0AImagePackageCatalogers/apkdb-cataloger-2                                    933.0µ ±  4%25%0AImagePackageCatalogers/binary-cataloger-2                                   269.4µ ±  3%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                   819.3µ ±  7%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                              1.703m ±  9%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                         148.8µ ±  4%25%0AImagePackageCatalogers/java-cataloger-2                                     18.29m ±  7%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                     147.0µ ±  2%25%0AImagePackageCatalogers/javascript-package-cataloger-2                       614.4µ ±  4%25%0AImagePackageCatalogers/nix-store-cataloger-2                                417.6µ ±  2%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                   1.087m ±  9%25%0AImagePackageCatalogers/portage-cataloger-2                                  662.9µ ± 21%25%0AImagePackageCatalogers/python-package-cataloger-2                           4.212m ±  8%25%0AImagePackageCatalogers/r-package-cataloger-2                                322.1µ ±  7%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                   771.9µ ±  5%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                             1.325m ±  4%25%0AImagePackageCatalogers/sbom-cataloger-2                                     161.3µ ±  3%25%0Ageomean                                                                     864.9µ%0A%0A                                                          │ ./.tmp/benchmark-d2c99e6.txt │%0A                                                          │             B/op             │%0AImagePackageCatalogers/alpmdb-cataloger-2                                   5.127Mi ± 0%25%0AImagePackageCatalogers/apkdb-cataloger-2                                    205.4Ki ± 0%25%0AImagePackageCatalogers/binary-cataloger-2                                   31.96Ki ± 0%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                   169.0Ki ± 0%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                              404.7Ki ± 0%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                         10.06Ki ± 0%25%0AImagePackageCatalogers/java-cataloger-2                                     2.830Mi ± 0%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                     8.750Ki ± 0%25%0AImagePackageCatalogers/javascript-package-cataloger-2                       101.0Ki ± 0%25%0AImagePackageCatalogers/nix-store-cataloger-2                                49.15Ki ± 0%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                   186.8Ki ± 0%25%0AImagePackageCatalogers/portage-cataloger-2                                  120.1Ki ± 0%25%0AImagePackageCatalogers/python-package-cataloger-2                           1.004Mi ± 0%25%0AImagePackageCatalogers/r-package-cataloger-2                                53.36Ki ± 0%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                   181.0Ki ± 0%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                             144.3Ki ± 0%25%0AImagePackageCatalogers/sbom-cataloger-2                                     14.20Ki ± 0%25%0Ageomean                                                                     133.5Ki%0A%0A                                                          │ ./.tmp/benchmark-d2c99e6.txt │%0A                                                          │          allocs/op           │%0AImagePackageCatalogers/alpmdb-cataloger-2                                    87.75k ± 0%25%0AImagePackageCatalogers/apkdb-cataloger-2                                     4.180k ± 0%25%0AImagePackageCatalogers/binary-cataloger-2                                     896.0 ± 0%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                    3.000k ± 0%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                               6.338k ± 0%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                           281.0 ± 0%25%0AImagePackageCatalogers/java-cataloger-2                                      39.82k ± 0%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                       228.0 ± 0%25%0AImagePackageCatalogers/javascript-package-cataloger-2                        1.404k ± 0%25%0AImagePackageCatalogers/nix-store-cataloger-2                                  895.0 ± 0%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                    4.079k ± 0%25%0AImagePackageCatalogers/portage-cataloger-2                                   2.267k ± 0%25%0AImagePackageCatalogers/python-package-cataloger-2                            16.44k ± 0%25%0AImagePackageCatalogers/r-package-cataloger-2                                  928.0 ± 0%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                    3.989k ± 0%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                              2.447k ± 0%25%0AImagePackageCatalogers/sbom-cataloger-2                                       394.0 ± 0%25%0Ageomean                                                                      2.594k

@spiffcs spiffcs merged commit 1a2a498 into main May 16, 2023
@spiffcs spiffcs deleted the 1817-alpine-licenses branch May 16, 2023 16:04
spiffcs added a commit that referenced this pull request May 18, 2023
@spiffcs
Merge branch 'main' into fix-portage-license-handling
f8cc0c9 
* main: (32 commits)
  chore(deps): bump github.com/google/go-containerregistry (#1823)
  chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1 (#1822)
  chore(deps): bump github.com/docker/docker (#1824)
  fix: update field plurality of 8.0.0 schema before release (#1820)
  fix: update cataloger to check for expressions before split (#1819)
  feat: update syft license concept to complex struct (#1743)
  fix: cyclonedx depends-on relationship inverted (#1816)
  fix: retain sbom cataloger relationships (#1509)
  feat: warn if parsing newer SBOM (#1810)
  feat: Add R cataloger (#1790)
  update cosign to v2 release (different go module) (#1805)
  fix: Reduce log spam on unknown relationship type (#1797)
  chore(deps): update bootstrap tools to latest versions (#1807)
  chore(deps): bump golang.org/x/net from 0.9.0 to 0.10.0 (#1802)
  chore(deps): bump github.com/docker/docker (#1795)
  chore(deps): bump github.com/google/go-containerregistry (#1796)
  chore(deps): update bootstrap tools to latest versions (#1792)
  Print package list when extra packages found (#1791)
  chore(deps): update bootstrap tools to latest versions (#1786)
  chore(deps): bump golang.org/x/term from 0.7.0 to 0.8.0 (#1787)
  ...

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
This was referenced May 22, 2023
Merged
Closed
Closed
Merged
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@spiffcs
fix: update cataloger to check for expressions before split (anchore#…
814f55e 
…1819)

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wagoodman wagoodman wagoodman approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Alpine: license expression should be complete and not parsed out
2 participants
@spiffcs @wagoodman