Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(internal): add Maven native dependency client #1207

Merged
merged 10 commits into from
Sep 4, 2024
Merged

feat(internal): add Maven native dependency client #1207

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
54d3829
feat: add Maven native dependency client
cuixq Aug 22, 2024
3e389cf
Merge branch 'main' into native
cuixq Aug 26, 2024
cfc5f16
merge
cuixq Aug 27, 2024
976b5aa
Merge branch 'main' into native
cuixq Aug 27, 2024
bb04c1c
fix tests
cuixq Aug 27, 2024
79cce84
comment
cuixq Aug 27, 2024
4e06c63
more comments
cuixq Aug 27, 2024
00acb33
review comments
cuixq Aug 28, 2024
c729d37
Merge branch 'google:main' into native
cuixq Sep 2, 2024
fb08aec
Merge branch 'google:main' into native
cuixq Sep 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions cmd/osv-scanner/fix/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (
"github.com/google/osv-scanner/internal/remediation"
"github.com/google/osv-scanner/internal/remediation/upgrade"
"github.com/google/osv-scanner/internal/resolution/client"
"github.com/google/osv-scanner/internal/resolution/datasource"
"github.com/google/osv-scanner/internal/resolution/lockfile"
"github.com/google/osv-scanner/internal/resolution/manifest"
"github.com/google/osv-scanner/pkg/depsdev"
Expand Down Expand Up @@ -292,8 +293,11 @@ func action(ctx *cli.Context, stdout, stderr io.Writer) (reporter.Reporter, erro
}
opts.Client.DependencyClient = cl
case resolve.Maven:
// TODO: MavenRegistryClient
fallthrough
cl, err := client.NewMavenRegistryClient(datasource.MavenCentral)
if err != nil {
return nil, err
}
opts.Client.DependencyClient = cl
case resolve.UnknownSystem:
fallthrough
default:
Expand Down
9 changes: 6 additions & 3 deletions internal/manifest/maven.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import (

type MavenResolverExtractor struct {
client.DependencyClient
datasource.MavenRegistryAPIClient
*datasource.MavenRegistryAPIClient
}

func (e MavenResolverExtractor) ShouldExtract(path string) bool {
Expand Down Expand Up @@ -125,12 +125,15 @@ func (e MavenResolverExtractor) Extract(f lockfile.DepFile) ([]lockfile.PackageD
return maps.Values(details), nil
}

func ParseMavenWithResolver(depClient client.DependencyClient, mavenClient datasource.MavenRegistryAPIClient, pathToLockfile string) ([]lockfile.PackageDetails, error) {
func ParseMavenWithResolver(depClient client.DependencyClient, mavenClient *datasource.MavenRegistryAPIClient, pathToLockfile string) ([]lockfile.PackageDetails, error) {
f, err := lockfile.OpenLocalDepFile(pathToLockfile)
if err != nil {
return []lockfile.PackageDetails{}, err
}
defer f.Close()

return MavenResolverExtractor{DependencyClient: depClient, MavenRegistryAPIClient: mavenClient}.Extract(f)
return MavenResolverExtractor{
DependencyClient: depClient,
MavenRegistryAPIClient: mavenClient,
}.Extract(f)
}
22 changes: 11 additions & 11 deletions internal/manifest/maven_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ func TestMavenResolverExtractor_ShouldExtract(t *testing.T) {
func TestParseMavenWithResolver_FileDoesNotExist(t *testing.T) {
t.Parallel()

packages, err := manifest.ParseMavenWithResolver(nil, datasource.MavenRegistryAPIClient{}, "fixtures/maven/does-not-exist")
packages, err := manifest.ParseMavenWithResolver(nil, nil, "fixtures/maven/does-not-exist")

expectErrIs(t, err, fs.ErrNotExist)
expectPackages(t, packages, []lockfile.PackageDetails{})
Expand All @@ -75,7 +75,7 @@ func TestParseMavenWithResolver_FileDoesNotExist(t *testing.T) {
func TestParseMavenWithResolver_Invalid(t *testing.T) {
t.Parallel()

packages, err := manifest.ParseMavenWithResolver(nil, datasource.MavenRegistryAPIClient{}, "fixtures/maven/not-pom.txt")
packages, err := manifest.ParseMavenWithResolver(nil, nil, "fixtures/maven/not-pom.txt")

expectErrContaining(t, err, "could not extract from")
expectPackages(t, packages, []lockfile.PackageDetails{})
Expand All @@ -84,7 +84,7 @@ func TestParseMavenWithResolver_Invalid(t *testing.T) {
func TestParseMavenWithResolver_InvalidSyntax(t *testing.T) {
t.Parallel()

packages, err := manifest.ParseMavenWithResolver(nil, datasource.MavenRegistryAPIClient{}, "fixtures/maven/invalid-syntax.xml")
packages, err := manifest.ParseMavenWithResolver(nil, nil, "fixtures/maven/invalid-syntax.xml")

expectErrContaining(t, err, "XML syntax error")
expectPackages(t, packages, []lockfile.PackageDetails{})
Expand All @@ -93,7 +93,7 @@ func TestParseMavenWithResolver_InvalidSyntax(t *testing.T) {
func TestParseMavenWithResolver_NoPackages(t *testing.T) {
t.Parallel()

packages, err := manifest.ParseMavenWithResolver(nil, datasource.MavenRegistryAPIClient{}, "fixtures/maven/empty.xml")
packages, err := manifest.ParseMavenWithResolver(nil, nil, "fixtures/maven/empty.xml")
if err != nil {
t.Errorf("Got unexpected error: %v", err)
}
Expand All @@ -105,7 +105,7 @@ func TestParseMavenWithResolver_OnePackage(t *testing.T) {
t.Parallel()

resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, datasource.MavenRegistryAPIClient{}, "fixtures/maven/one-package.xml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, nil, "fixtures/maven/one-package.xml")
if err != nil {
t.Errorf("Got unexpected error: %v", err)
}
Expand All @@ -124,7 +124,7 @@ func TestParseMavenWithResolver_TwoPackages(t *testing.T) {
t.Parallel()

resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, datasource.MavenRegistryAPIClient{}, "fixtures/maven/two-packages.xml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, nil, "fixtures/maven/two-packages.xml")
if err != nil {
t.Errorf("Got unexpected error: %v", err)
}
Expand All @@ -149,7 +149,7 @@ func TestParseMavenWithResolver_WithDependencyManagement(t *testing.T) {
t.Parallel()

resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, datasource.MavenRegistryAPIClient{}, "fixtures/maven/with-dependency-management.xml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, nil, "fixtures/maven/with-dependency-management.xml")
if err != nil {
t.Errorf("Got unexpected error: %v", err)
}
Expand All @@ -174,7 +174,7 @@ func TestParseMavenWithResolver_Interpolation(t *testing.T) {
t.Parallel()

resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, datasource.MavenRegistryAPIClient{}, "fixtures/maven/interpolation.xml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, nil, "fixtures/maven/interpolation.xml")
if err != nil {
t.Errorf("Got unexpected error: %v", err)
}
Expand Down Expand Up @@ -205,7 +205,7 @@ func TestParseMavenWithResolver_WithScope(t *testing.T) {
t.Parallel()

resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, datasource.MavenRegistryAPIClient{}, "fixtures/maven/with-scope.xml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, nil, "fixtures/maven/with-scope.xml")
if err != nil {
t.Errorf("Got unexpected error: %v", err)
}
Expand Down Expand Up @@ -259,7 +259,7 @@ func TestParseMavenWithResolver_WithParent(t *testing.T) {
`))

resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, *datasource.NewMavenRegistryAPIClient(srv.URL), "fixtures/maven/with-parent.xml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, datasource.NewMavenRegistryAPIClient(srv.URL), "fixtures/maven/with-parent.xml")
if err != nil {
t.Errorf("Got unexpected error: %v", err)
}
Expand Down Expand Up @@ -308,7 +308,7 @@ func TestParseMavenWithResolver_Transitive(t *testing.T) {
t.Parallel()

resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, datasource.MavenRegistryAPIClient{}, "fixtures/maven/transitive.xml")
packages, err := manifest.ParseMavenWithResolver(resolutionClient, nil, "fixtures/maven/transitive.xml")
if err != nil {
t.Errorf("Got unexpected error: %v", err)
}
Expand Down
7 changes: 7 additions & 0 deletions internal/resolution/client/depsdev_client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,13 @@ func (d *DepsDevClient) PreFetch(ctx context.Context, requirements []resolve.Req
}

vk := vks[len(vks)-1]
for _, v := range vks {
// We prefer the exact version for soft requirements.
if im.Version == v.Version {
vk = v
break
}
}

// Make a request for the precomputed dependency tree
resp, err := d.c.GetDependencies(ctx, &pb.GetDependenciesRequest{
Expand Down
Loading
Loading