Skip to content

Commit 61da6f0

Browse files
kl-sinclairkl-sinclair
authored
fix empty properties (#2181)
1 parent 4beb87c commit 61da6f0

File tree

2 files changed

+18
-13
lines changed

2 files changed

+18
-13
lines changed

reporter/sbom/cyclonedx.go

+9-4
Original file line numberDiff line numberDiff line change
@@ -191,18 +191,23 @@ func ospkgToCdxComponents(r models.ScanResult, ospkgToPURL map[string]string) []
191191
}
192192
}
193193

194-
purl := osPkgToPURL(r.Family, r.Release, pack.Name, pack.Version, pack.Release, pack.Arch, pack.Repository)
195-
components = append(components, cdx.Component{
194+
purl := osPkgToPURL(r.Family, r.Release, pack)
195+
component := cdx.Component{
196196
BOMRef: purl.ToString(),
197197
Type: cdx.ComponentTypeLibrary,
198198
Name: pack.Name,
199199
Version: pack.Version,
200200
PackageURL: purl.ToString(),
201-
Properties: &props,
202-
})
201+
}
203202

203+
if len(props) > 0 {
204+
component.Properties = &props
205+
}
206+
207+
components = append(components, component)
204208
ospkgToPURL[pack.Name] = purl.ToString()
205209
}
210+
206211
return components
207212
}
208213

reporter/sbom/purl.go

+9-9
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ import (
1111
"github.com/future-architect/vuls/models"
1212
)
1313

14-
func osPkgToPURL(osFamily, osVersion, packName, packVersion, packRelease, packArch, packRepository string) *packageurl.PackageURL {
14+
func osPkgToPURL(osFamily, osVersion string, pkg models.Package) *packageurl.PackageURL {
1515
var pType string
1616
switch osFamily {
1717
case constant.Alma, constant.Amazon, constant.CentOS, constant.Fedora, constant.OpenSUSE, constant.OpenSUSELeap, constant.Oracle, constant.RedHat, constant.Rocky, constant.SUSEEnterpriseDesktop, constant.SUSEEnterpriseServer:
@@ -30,9 +30,9 @@ func osPkgToPURL(osFamily, osVersion, packName, packVersion, packRelease, packAr
3030
pType = "unknown"
3131
}
3232

33-
version := packVersion
34-
if packRelease != "" {
35-
version = fmt.Sprintf("%s-%s", packVersion, packRelease)
33+
version := pkg.Version
34+
if pkg.Release != "" {
35+
version = fmt.Sprintf("%s-%s", pkg.Version, pkg.Release)
3636
}
3737

3838
var qualifiers packageurl.Qualifiers
@@ -42,20 +42,20 @@ func osPkgToPURL(osFamily, osVersion, packName, packVersion, packRelease, packAr
4242
Value: osVersion,
4343
})
4444
}
45-
if packArch != "" {
45+
if pkg.Arch != "" {
4646
qualifiers = append(qualifiers, packageurl.Qualifier{
4747
Key: "arch",
48-
Value: packArch,
48+
Value: pkg.Arch,
4949
})
5050
}
51-
if packRepository != "" {
51+
if pkg.Repository != "" {
5252
qualifiers = append(qualifiers, packageurl.Qualifier{
5353
Key: "repo",
54-
Value: packRepository,
54+
Value: pkg.Repository,
5555
})
5656
}
5757

58-
return packageurl.NewPackageURL(pType, osFamily, packName, version, qualifiers, "")
58+
return packageurl.NewPackageURL(pType, osFamily, pkg.Name, version, qualifiers, "")
5959
}
6060

6161
func libPkgToPURL(libScanner models.LibraryScanner, lib models.Library) *packageurl.PackageURL {

0 commit comments

Comments
 (0)