Skip to content

Commit 06f2a6a

Browse files
paketo-botSophie Wigmore
paketo-bot
and
Sophie Wigmore
authored
Running 'go get -u ./...' (#517)
* Running 'go get -u ./...' * fix SBOM unit test --------- Co-authored-by: Sophie Wigmore <swigmore@vmware.com>
1 parent cef812e commit 06f2a6a

File tree

3 files changed

+151
-114
lines changed

3 files changed

+151
-114
lines changed

build_test.go

+49-8
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package phpdist_test
33
import (
44
"bytes"
55
"errors"
6+
"io"
67
"os"
78
"path/filepath"
89
"strings"
@@ -123,16 +124,56 @@ func testBuild(t *testing.T, context spec.G, it spec.S) {
123124
Expect(result.Layers[0].Metadata[phpdist.DepKey]).To(Equal(""))
124125

125126
Expect(filepath.Join(layersDir, "php")).To(BeADirectory())
126-
Expect(result.Layers[0].SBOM.Formats()).To(Equal([]packit.SBOMFormat{
127-
{
128-
Extension: sbom.Format(sbom.CycloneDXFormat).Extension(),
129-
Content: sbom.NewFormattedReader(sbom.SBOM{}, sbom.CycloneDXFormat),
127+
128+
layer := result.Layers[0]
129+
Expect(layer.SBOM.Formats()).To(HaveLen(2))
130+
cdx := layer.SBOM.Formats()[0]
131+
spdx := layer.SBOM.Formats()[1]
132+
133+
Expect(cdx.Extension).To(Equal("cdx.json"))
134+
content, err := io.ReadAll(cdx.Content)
135+
Expect(err).NotTo(HaveOccurred())
136+
Expect(string(content)).To(MatchJSON(`{
137+
"bomFormat": "CycloneDX",
138+
"components": [],
139+
"metadata": {
140+
"tools": [
141+
{
142+
"name": "syft",
143+
"vendor": "anchore",
144+
"version": "[not provided]"
145+
}
146+
]
130147
},
131-
{
132-
Extension: sbom.Format(sbom.SPDXFormat).Extension(),
133-
Content: sbom.NewFormattedReader(sbom.SBOM{}, sbom.SPDXFormat),
148+
"specVersion": "1.3",
149+
"version": 1
150+
}`))
151+
152+
Expect(spdx.Extension).To(Equal("spdx.json"))
153+
content, err = io.ReadAll(spdx.Content)
154+
Expect(err).NotTo(HaveOccurred())
155+
Expect(string(content)).To(MatchJSON(`{
156+
"SPDXID": "SPDXRef-DOCUMENT",
157+
"creationInfo": {
158+
"created": "0001-01-01T00:00:00Z",
159+
"creators": [
160+
"Organization: Anchore, Inc",
161+
"Tool: syft-"
162+
],
163+
"licenseListVersion": "3.16"
134164
},
135-
}))
165+
"dataLicense": "CC0-1.0",
166+
"documentNamespace": "https://paketo.io/packit/unknown-source-type/unknown-88cfa225-65e0-5755-895f-c1c8f10fde76",
167+
"name": "unknown",
168+
"relationships": [
169+
{
170+
"relatedSpdxElement": "SPDXRef-DOCUMENT",
171+
"relationshipType": "DESCRIBES",
172+
"spdxElementId": "SPDXRef-DOCUMENT"
173+
}
174+
],
175+
"spdxVersion": "SPDX-2.2"
176+
}`))
136177

137178
Expect(dependencyManager.ResolveCall.Receives.Path).To(Equal(filepath.Join(cnbDir, "buildpack.toml")))
138179
Expect(dependencyManager.ResolveCall.Receives.Id).To(Equal("php"))

go.mod

+28-38
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ require (
66
github.com/BurntSushi/toml v1.2.1
77
github.com/onsi/gomega v1.27.2
88
github.com/paketo-buildpacks/occam v0.15.1
9-
github.com/paketo-buildpacks/packit/v2 v2.8.1
9+
github.com/paketo-buildpacks/packit/v2 v2.8.2
1010
github.com/sclevine/spec v1.4.0
1111
)
1212

@@ -20,22 +20,23 @@ require (
2020
github.com/Masterminds/sprig/v3 v3.2.3 // indirect
2121
github.com/Microsoft/go-winio v0.6.0 // indirect
2222
github.com/acobaugh/osrelease v0.1.0 // indirect
23-
github.com/anchore/go-logger v0.0.0-20220728155337-03b66a5207d8 // indirect
23+
github.com/anchore/go-logger v0.0.0-20230120230012-47be9bb822a2 // indirect
2424
github.com/anchore/go-macholibre v0.0.0-20220308212642-53e6d0aaf6fb // indirect
25-
github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 // indirect
25+
github.com/anchore/go-struct-converter v0.0.0-20221221214134-65614c61201e // indirect
2626
github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b // indirect
2727
github.com/anchore/packageurl-go v0.1.1-0.20230104203445-02e0a6721501 // indirect
28-
github.com/anchore/stereoscope v0.0.0-20221208011002-c5ff155d72f1 // indirect
29-
github.com/anchore/syft v0.70.0 // indirect
30-
github.com/andybalholm/brotli v1.0.4 // indirect
28+
github.com/anchore/stereoscope v0.0.0-20230301191755-abfb374a1122 // indirect
29+
github.com/anchore/syft v0.74.0 // indirect
30+
github.com/andybalholm/brotli v1.0.5 // indirect
3131
github.com/apex/log v1.9.0 // indirect
32+
github.com/becheran/wildmatch-go v1.0.0 // indirect
3233
github.com/bmatcuk/doublestar/v4 v4.6.0 // indirect
3334
github.com/cenkalti/backoff/v4 v4.2.0 // indirect
34-
github.com/containerd/containerd v1.6.18 // indirect
35-
github.com/containerd/stargz-snapshotter/estargz v0.12.1 // indirect
36-
github.com/docker/cli v20.10.21+incompatible // indirect
35+
github.com/containerd/containerd v1.6.19 // indirect
36+
github.com/containerd/stargz-snapshotter/estargz v0.14.2 // indirect
37+
github.com/docker/cli v23.0.1+incompatible // indirect
3738
github.com/docker/distribution v2.8.1+incompatible // indirect
38-
github.com/docker/docker v23.0.0+incompatible // indirect
39+
github.com/docker/docker v23.0.1+incompatible // indirect
3940
github.com/docker/docker-credential-helpers v0.7.0 // indirect
4041
github.com/docker/go-connections v0.4.0 // indirect
4142
github.com/docker/go-units v0.5.0 // indirect
@@ -52,15 +53,13 @@ require (
5253
github.com/google/uuid v1.3.0 // indirect
5354
github.com/hashicorp/errwrap v1.1.0 // indirect
5455
github.com/hashicorp/go-multierror v1.1.1 // indirect
55-
github.com/huandu/xstrings v1.3.3 // indirect
56+
github.com/huandu/xstrings v1.4.0 // indirect
5657
github.com/imdario/mergo v0.3.13 // indirect
5758
github.com/jinzhu/copier v0.3.5 // indirect
58-
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
59-
github.com/klauspost/compress v1.15.12 // indirect
59+
github.com/klauspost/compress v1.16.0 // indirect
6060
github.com/klauspost/pgzip v1.2.5 // indirect
61-
github.com/knqyf263/go-rpmdb v0.0.0-20221030135625-4082a22221ce // indirect
61+
github.com/knqyf263/go-rpmdb v0.0.0-20230301153543-ba94b245509b // indirect
6262
github.com/magiconair/properties v1.8.7 // indirect
63-
github.com/mattn/go-isatty v0.0.16 // indirect
6463
github.com/mattn/go-runewidth v0.0.14 // indirect
6564
github.com/mholt/archiver/v3 v3.5.1 // indirect
6665
github.com/microsoft/go-rustaudit v0.0.0-20220808201409-204dfee52032 // indirect
@@ -82,16 +81,15 @@ require (
8281
github.com/pelletier/go-toml v1.9.5 // indirect
8382
github.com/pierrec/lz4/v4 v4.1.17 // indirect
8483
github.com/pkg/errors v0.9.1 // indirect
85-
github.com/remyoudompheng/bigfft v0.0.0-20220927061507-ef77025ab5aa // indirect
86-
github.com/rivo/uniseg v0.4.2 // indirect
84+
github.com/rivo/uniseg v0.4.4 // indirect
8785
github.com/sassoftware/go-rpmutils v0.2.0 // indirect
8886
github.com/scylladb/go-set v1.0.3-0.20200225121959-cc7b2070d91e // indirect
8987
github.com/shopspring/decimal v1.3.1 // indirect
9088
github.com/sirupsen/logrus v1.9.0 // indirect
9189
github.com/spdx/tools-golang v0.5.0-rc1 // indirect
92-
github.com/spf13/afero v1.9.3 // indirect
90+
github.com/spf13/afero v1.9.5 // indirect
9391
github.com/spf13/cast v1.5.0 // indirect
94-
github.com/sylabs/sif/v2 v2.8.3 // indirect
92+
github.com/sylabs/sif/v2 v2.10.0 // indirect
9593
github.com/sylabs/squashfs v0.6.1 // indirect
9694
github.com/testcontainers/testcontainers-go v0.17.0 // indirect
9795
github.com/therootcompany/xz v1.0.1 // indirect
@@ -100,30 +98,22 @@ require (
10098
github.com/vbatts/tar-split v0.11.2 // indirect
10199
github.com/vifraa/gopom v0.2.1 // indirect
102100
github.com/wagoodman/go-partybus v0.0.0-20210627031916-db1f5573bbc5 // indirect
103-
github.com/wagoodman/go-progress v0.0.0-20220614130704-4b1c25a33c7c // indirect
101+
github.com/wagoodman/go-progress v0.0.0-20230301185719-21920a456ad5 // indirect
104102
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
105-
golang.org/x/crypto v0.3.0 // indirect
106-
golang.org/x/exp v0.0.0-20220823124025-807a23277127 // indirect
107-
golang.org/x/mod v0.8.0 // indirect
108-
golang.org/x/net v0.7.0 // indirect
103+
golang.org/x/crypto v0.7.0 // indirect
104+
golang.org/x/exp v0.0.0-20230306221820-f0f767cdffd6 // indirect
105+
golang.org/x/mod v0.9.0 // indirect
106+
golang.org/x/net v0.8.0 // indirect
109107
golang.org/x/sync v0.1.0 // indirect
110-
golang.org/x/sys v0.5.0 // indirect
111-
golang.org/x/text v0.7.0 // indirect
108+
golang.org/x/sys v0.6.0 // indirect
109+
golang.org/x/text v0.8.0 // indirect
112110
golang.org/x/tools v0.6.0 // indirect
113111
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
114-
google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef // indirect
115-
google.golang.org/grpc v1.52.0 // indirect
112+
google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4 // indirect
113+
google.golang.org/grpc v1.53.0 // indirect
116114
google.golang.org/protobuf v1.28.1 // indirect
117115
gopkg.in/yaml.v2 v2.4.0 // indirect
118116
gopkg.in/yaml.v3 v3.0.1 // indirect
119-
lukechampine.com/uint128 v1.2.0 // indirect
120-
modernc.org/cc/v3 v3.40.0 // indirect
121-
modernc.org/ccgo/v3 v3.16.13 // indirect
122-
modernc.org/libc v1.21.4 // indirect
123-
modernc.org/mathutil v1.5.0 // indirect
124-
modernc.org/memory v1.4.0 // indirect
125-
modernc.org/opt v0.1.3 // indirect
126-
modernc.org/sqlite v1.19.4 // indirect
127-
modernc.org/strutil v1.1.3 // indirect
128-
modernc.org/token v1.0.1 // indirect
117+
modernc.org/libc v1.22.3 // indirect
118+
modernc.org/sqlite v1.21.0 // indirect
129119
)

0 commit comments

Comments
 (0)