-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #5 from vulsio/add-php
feat: enable PHP scan
- Loading branch information
Showing
8 changed files
with
211 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| package php | ||
|
|
||
| import ( | ||
| "encoding/json" | ||
| "fmt" | ||
| "strings" | ||
|
|
||
| "github.com/vulsio/licensecheck/shared" | ||
| ) | ||
|
|
||
| const ref = "https://packagist.org/packages/%s.json" | ||
|
|
||
| // Scanner is struct to scan license info | ||
| // Crawler is exported to modify or make it easy to test by mock | ||
| type Scanner struct { | ||
| Crawler shared.Crawler | ||
| } | ||
|
|
||
| // ScanLicense returns result of fetch https://pypi.org | ||
| // version is not required (if version is given, the result will be more rigorous) | ||
| func (s *Scanner) ScanLicense(name, version string) (string, float64, error) { | ||
| if s.Crawler == nil { | ||
| s.Crawler = &shared.DefaultCrawler{} | ||
| } | ||
| b, err := s.Crawler.Crawl(fmt.Sprintf(ref, name)) | ||
| if err != nil { | ||
| return "unknown", 0, err | ||
| } | ||
| result, confidence, err := parseResponce(b, version) | ||
| if err != nil { | ||
| return "unknown", 0, err | ||
| } | ||
| return result, confidence, nil | ||
| } | ||
|
|
||
| func parseResponce(b []byte, version string) (string, float64, error) { | ||
| license := struct { | ||
| Package struct { | ||
| Versions map[string]struct { | ||
| License []string `json:"license"` | ||
| } `json:"versions"` | ||
| } `json:"package"` | ||
| }{} | ||
| if err := json.Unmarshal(b, &license); err != nil { | ||
| return "", 0, shared.ErrNotFound | ||
| } | ||
| if version == "" { | ||
| if pkg, ok := license.Package.Versions["dev-main"]; ok { | ||
| return joinedResult(pkg.License) | ||
| } | ||
| if pkg, ok := license.Package.Versions["dev-master"]; ok { | ||
| return joinedResult(pkg.License) | ||
| } | ||
| } else { | ||
| if pkg, ok := license.Package.Versions[version]; ok { | ||
| return joinedResult(pkg.License) | ||
| } | ||
| } | ||
| return "", 0, shared.ErrNotFound | ||
| } | ||
|
|
||
| func joinedResult(licenses []string) (string, float64, error) { | ||
| s := strings.Join(licenses, ",") | ||
| if s == "" { | ||
| return "", 0, shared.ErrNotFound | ||
| } | ||
| return s, 1, nil | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| package php | ||
|
|
||
| import ( | ||
| "errors" | ||
| "io/ioutil" | ||
| "math" | ||
| "testing" | ||
|
|
||
| "github.com/golang/mock/gomock" | ||
| "github.com/vulsio/licensecheck/shared" | ||
| "github.com/vulsio/licensecheck/shared/mock" | ||
| ) | ||
|
|
||
| func TestScanLicense(t *testing.T) { | ||
| ctrl := gomock.NewController(t) | ||
| tests := []struct { | ||
| name string | ||
| in string | ||
| version string | ||
| result string | ||
| confidence float64 | ||
| wantErr error | ||
| }{ | ||
| { | ||
| name: "success", | ||
| in: "../../testdata/php/input1.json", | ||
| result: "MIT", | ||
| confidence: 1, | ||
| }, | ||
| { | ||
| name: "no license info", | ||
| in: "../../testdata/php/input2.json", | ||
| result: "unknown", | ||
| confidence: 0, | ||
| wantErr: shared.ErrNotFound, | ||
| }, | ||
| { | ||
| name: "package that default is dev-master", | ||
| in: "../../testdata/php/input3.json", | ||
| result: "MIT", | ||
| confidence: 1, | ||
| }, | ||
| { | ||
| name: "success with version", | ||
| in: "../../testdata/php/input1.json", | ||
| version: "1.0.0", | ||
| result: "MIT", | ||
| confidence: 1, | ||
| }, | ||
| { | ||
| name: "no license info with version", | ||
| in: "../../testdata/php/input2.json", | ||
| version: "1.0.0", | ||
| result: "unknown", | ||
| confidence: 0, | ||
| wantErr: shared.ErrNotFound, | ||
| }, | ||
| { | ||
| name: "not exist version", | ||
| in: "../../testdata/php/input1.json", | ||
| version: "999", | ||
| result: "unknown", | ||
| confidence: 0, | ||
| wantErr: shared.ErrNotFound, | ||
| }, | ||
| } | ||
| for _, tt := range tests { | ||
| t.Run(tt.name, func(t *testing.T) { | ||
| b, err := ioutil.ReadFile(tt.in) | ||
| if err != nil { | ||
| t.Fatal(err) | ||
| } | ||
| sc := new(Scanner) | ||
| cl := mock.NewMockCrawler(ctrl) | ||
| cl.EXPECT().Crawl(gomock.Any()).Return(b, nil) | ||
| sc.Crawler = cl | ||
|
|
||
| result, confidence, err := sc.ScanLicense("test", tt.version) | ||
| if err != nil && !errors.Is(err, tt.wantErr) { | ||
| t.Fatal(err) | ||
| } | ||
| if result != tt.result { | ||
| t.Errorf("want: %s, got: %s", tt.result, result) | ||
| } | ||
| if math.Abs(confidence-tt.confidence) >= 1e-6 { | ||
| t.Errorf("want: %f, got: %f", tt.confidence, confidence) | ||
| } | ||
| }) | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| { | ||
| "package": { | ||
| "versions": { | ||
| "dev-main": { | ||
| "license": [ | ||
| "MIT" | ||
| ] | ||
| }, | ||
| "1.0.0": { | ||
| "license": [ | ||
| "MIT" | ||
| ] | ||
| } | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| { | ||
| "package": { | ||
| "versions": { | ||
| "dev-main": { | ||
| "license": [] | ||
| }, | ||
| "1.0.0": { | ||
| "license": [] | ||
| } | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| { | ||
| "package": { | ||
| "versions": { | ||
| "dev-master": { | ||
| "license": [ | ||
| "MIT" | ||
| ] | ||
| }, | ||
| "1.0.0": { | ||
| "license": [ | ||
| "MIT" | ||
| ] | ||
| } | ||
| } | ||
| } | ||
| } |