From 8120d8ed0ed6bbfda4b6c0d3aba50fdf7bf5f122 Mon Sep 17 00:00:00 2001 From: Tushar Goel <34160672+TG1999@users.noreply.github.com> Date: Tue, 12 Mar 2024 21:17:43 +0530 Subject: [PATCH] Add support for go packages in manifest files (#148) * Add support for go packages in manifest files Signed-off-by: Tushar Goel * Fix failing tests Signed-off-by: Tushar Goel * Add documentation about go packages in mod files Signed-off-by: Tushar Goel * Fix doctests Signed-off-by: Tushar Goel * Fix linting errors Signed-off-by: Tushar Goel * Raise exception when go_package contains @ Signed-off-by: Tushar Goel * Add tests Signed-off-by: Tushar Goel * Address review comments Signed-off-by: Tushar Goel * Change python_version to 3.8 for mypy Signed-off-by: Tushar Goel --------- Signed-off-by: Tushar Goel --- CHANGELOG.rst | 7 +++++++ setup.cfg | 2 +- src/packageurl/utils.py | 14 +++++++++++++- tests/contrib/test_utils.py | 8 ++++++++ 4 files changed, 29 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 4e73a39..bf7dc2d 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,6 +1,13 @@ Changelog ========= +Next Release (2024-02-29) +------------------------- + +- Add support to get PackageURL from ``go_package`` or + go module "name version" string as seen in a go.mod file. + + 0.14.0 (2024-02-29) ------------------- diff --git a/setup.cfg b/setup.cfg index 54949ae..487a689 100644 --- a/setup.cfg +++ b/setup.cfg @@ -68,7 +68,7 @@ known_django = django sections = FUTURE,STDLIB,DJANGO,THIRDPARTY,FIRSTPARTY,LOCALFOLDER [mypy] -python_version = 3.7 +python_version = 3.8 files = src/packageurl/__init__.py show_error_codes = True diff --git a/src/packageurl/utils.py b/src/packageurl/utils.py index c8a528f..46e3022 100644 --- a/src/packageurl/utils.py +++ b/src/packageurl/utils.py @@ -30,12 +30,24 @@ def get_golang_purl(go_package: str): """ Return a PackageURL object given an imported ``go_package`` + or go module "name version" string as seen in a go.mod file. + >>> get_golang_purl(go_package="github.com/gorilla/mux v1.8.1") + PackageURL(type='golang', namespace='github.com/gorilla', name='mux', version='v1.8.1', qualifiers={}, subpath=None) """ if not go_package: return + version = None + # Go package in *.mod files is represented like this + # package version + # github.com/gorilla/mux v1.8.1 + # https://github.com/moby/moby/blob/6c10086976d07d4746e03dcfd188972a2f07e1c9/vendor.mod#L51 + if "@" in go_package: + raise Exception(f"{go_package} should not contain ``@``") + if " " in go_package: + go_package, _, version = go_package.rpartition(" ") parts = go_package.split("/") if not parts: return name = parts[-1] namespace = "/".join(parts[:-1]) - return PackageURL(type="golang", namespace=namespace, name=name) + return PackageURL(type="golang", namespace=namespace, name=name, version=version) diff --git a/tests/contrib/test_utils.py b/tests/contrib/test_utils.py index 6f92d7f..23a01b0 100644 --- a/tests/contrib/test_utils.py +++ b/tests/contrib/test_utils.py @@ -24,6 +24,8 @@ # Visit https://github.com/package-url/packageurl-python for support and # download. +import pytest + from packageurl.contrib.django.utils import purl_to_lookups from packageurl.utils import get_golang_purl @@ -66,3 +68,9 @@ def test_get_golang_purl(): ) assert golang_purl_1.name == "v3" assert golang_purl_1.namespace == "github.com/envoyproxy/go-control-plane/envoy/config/listener" + golang_purl_2 = get_golang_purl( + go_package="github.com/grpc-ecosystem/go-grpc-middleware v1.3.0" + ) + assert "pkg:golang/github.com/grpc-ecosystem/go-grpc-middleware@v1.3.0" == str(golang_purl_2) + with pytest.raises(Exception): + get_golang_purl("github.com/envoyproxy/go-control-plane/envoy/config/listener@v3.1")