Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Find version numbers from jars with different naming conventions #1174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 24, 2022
Merged

Find version numbers from jars with different naming conventions #1174

merged 1 commit into from
Aug 24, 2022

Conversation

@kzantow
Copy link
Contributor

@kzantow kzantow commented Aug 24, 2022

This PR adds support for different JAR naming conventions -- specifically <name>.<version> and <name>_<version>.

Closes #466

@kzantow kzantow force-pushed the support-more-jar-patterns branch from 7ab10b9 to 03d51c6 Compare August 24, 2022 16:34
kzantow
kzantow commented Aug 24, 2022
View reviewed changes
syft/pkg/cataloger/java/archive_filename.go
// jetpack-build235-rc5 --> name="jetpack", version="build2.0-rc5"
// ironman-r4-2009 --> name="ironman", version="r4-2009"
var nameAndVersionPattern = regexp.MustCompile(`(?Ui)^(?P<name>(?:[[:alpha:]][[:word:].]*(?:\.[[:alpha:]][[:word:].]*)*-?)+)(?:-(?P<version>(?:\d.*|(?:build\d*.*)|(?:rc?\d+(?:^[[:alpha:]].*)?))))?$`)
var nameAndVersionPattern = regexp.MustCompile(`(?Ui)^(?P<name>(?:[[:alpha:]][[:word:].]*(?:\.[[:alpha:]][[:word:].]*)*-?)+)(?:-(?P<version>(\d.*|(build\d*.*)|(rc?\d+(?:^[[:alpha:]].*)?))))?$`)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NOTE: this gets rid of warnings for ignored capture groups (?:, which were already ignored.

kzantow
kzantow commented Aug 24, 2022
View reviewed changes
syft/pkg/cataloger/java/archive_filename.go
// ironman-r4-2009 --> name="ironman", version="r4-2009"
var nameAndVersionPattern = regexp.MustCompile(`(?Ui)^(?P<name>(?:[[:alpha:]][[:word:].]*(?:\.[[:alpha:]][[:word:].]*)*-?)+)(?:-(?P<version>(?:\d.*|(?:build\d*.*)|(?:rc?\d+(?:^[[:alpha:]].*)?))))?$`)
var nameAndVersionPattern = regexp.MustCompile(`(?Ui)^(?P<name>(?:[[:alpha:]][[:word:].]*(?:\.[[:alpha:]][[:word:].]*)*-?)+)(?:-(?P<version>(\d.*|(build\d*.*)|(rc?\d+(?:^[[:alpha:]].*)?))))?$`)
var secondaryVersionPattern = regexp.MustCompile(`(?:[._-](?P<version>(\d.*|(build\d*.*)|(rc?\d+(?:^[[:alpha:]].*)?))))?$`)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implemented as a secondary match due to difficulty making a reasonable regex that would support these alternate jar conventions AND ones like jboss-saaj-api_1.4_spec-1.0.2.Final.jar

@kzantow kzantow requested a review from a team August 24, 2022 16:38
@kzantow kzantow merged commit 57c5413 into anchore:main Aug 24, 2022
@kzantow kzantow deleted the support-more-jar-patterns branch August 24, 2022 16:56
spiffcs added a commit that referenced this pull request Aug 25, 2022
@spiffcs
Merge branch 'main' into 1095-convert-option-error
ca445f8 
* main:
  Update syft bootstrap tools to latest versions. (#1176)
  enhance development support on macOS ARM (#1163)
  Capture if a node module is private (#1161)
  Find version numbers from jars with different naming conventions (#1174)
  Update syft bootstrap tools to latest versions. (#1171)
  Fix update-bootstrap-tools workflow (#1170)
  workflow to create automated PRs to update bootstrap tools (#1167)
  feat: add support for licenses in package-lock json v2 (#1164)
  External sources configuration (#1158)
  feat: add support for pnpm (#1166)
  Prevent symlinks causing duplicate package-file relationships (#1168)
  Associate node package licenses from node_modules (#1152)
aiwantaozi pushed a commit to aiwantaozi/syft that referenced this pull request Oct 20, 2022
@kzantow @aiwantaozi
Find version numbers from jars with different naming conventions (anc…
8b655b1 
…hore#1174)
spiffcs pushed a commit that referenced this pull request Oct 21, 2022
@kzantow @spiffcs
Find version numbers from jars with different naming conventions (#1174)
079561e 
Signed-off-by: Christopher Phillips <[email protected]>
spiffcs pushed a commit that referenced this pull request Oct 21, 2022
@kzantow @spiffcs
Find version numbers from jars with different naming conventions (#1174)
9acfbba 
Signed-off-by: Christopher Phillips <[email protected]>
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@kzantow
Find version numbers from jars with different naming conventions (anc…
9ea0490 
…hore#1174)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@spiffcs spiffcs spiffcs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Java-Cataloger produces empty entries for cyclonedx output

2 participants

@kzantow @spiffcs