gpkg: add basic support (#53)

deplist.go

@@ -71,6 +71,7 @@ func GetDeps(fullPath string) ([]Dependency, Bitmask, error) {
 
 	pomPath := filepath.Join(fullPath, "pom.xml")
 	goPath := filepath.Join(fullPath, "go.mod")
+	goPkgPath := filepath.Join(fullPath, "Gopkg.lock")
 	rubyPath := filepath.Join(fullPath, "Gemfile.lock")
 	pythonPath := filepath.Join(fullPath, "requirements.txt")
 
@@ -165,7 +166,6 @@ func GetDeps(fullPath string) ([]Dependency, Bitmask, error) {
 				}
 
 				for path, goPkg := range pkgs {
-
 					d := Dependency{
 						DepType: LangGolang,
 						Path:    path,
@@ -174,6 +174,24 @@ func GetDeps(fullPath string) ([]Dependency, Bitmask, error) {
 					}
 					deps = append(deps, d)
 				}
+			case goPkgPath:
+				pkgs, err := scan.GetGoPkgDeps(path)
+				if err != nil {
+					return err
+				}
+
+				if len(pkgs) > 0 {
+					foundTypes.DepFoundAddFlag(LangGolang)
+				}
+				for _, goPkg := range pkgs {
+					d := Dependency{
+						DepType: LangGolang,
+						Path:    goPkg.Name,
+						Files:   goPkg.Gofiles,
+						Version: goPkg.Version,
+					}
+					deps = append(deps, d)
+				}
 			case pomPath:
 				pkgs, err := scan.GetMvnDeps(path)
 				if err != nil {

go.mod

@@ -3,6 +3,7 @@ module github.com/mcoops/deplist
 go 1.16
 
 require (
+	github.com/BurntSushi/toml v0.4.1
 	github.com/mcoops/jargo v1.0.1
 	github.com/mcoops/packageurl-go v0.2.0
 	github.com/sirupsen/logrus v1.8.1

go.sum

@@ -1,3 +1,5 @@
+github.com/BurntSushi/toml v0.4.1 h1:GaI7EiDXDRfa8VshkTj7Fym7ha+y8/XxIgD2okUIjLw=
+github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=

internal/scan/gopkg.go

@@ -0,0 +1,57 @@
+package scan
+
+import (
+	"github.com/BurntSushi/toml"
+	log "github.com/sirupsen/logrus"
+)
+
+type GoPkgLockDeps struct {
+	Name    string
+	Version string
+	Gofiles []string
+}
+
+type goPkg struct {
+	Name     string   `toml:"name"`
+	Packages []string `toml:"packages"`
+	Revision string   `toml:"revision"`
+	Version  string   `toml:"version"`
+}
+
+type goPkgDeps struct {
+	Deps []goPkg `toml:"projects"`
+}
+
+func GetGoPkgDeps(path string) ([]GoPkgLockDeps, error) {
+	log.Debugf("GetGoPkgDeps %s", path)
+
+	var deps goPkgDeps
+	var gathered []GoPkgLockDeps
+
+	_, err := toml.DecodeFile(path, &deps)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, d := range deps.Deps {
+		ver := d.Version
+		if ver == "" {
+			ver = d.Revision
+		}
+
+		var files []string
+		if len(d.Packages) > 1 {
+			files = append(files, d.Packages...)
+		}
+
+		gathered = append(gathered,
+			GoPkgLockDeps{
+				Name:    d.Name,
+				Version: ver,
+				Gofiles: files,
+			},
+		)
+	}
+
+	return gathered, nil
+}