From 81acf380ac58eb6619c573ea0d9256309be941c3 Mon Sep 17 00:00:00 2001 From: Jacek Rzeniewicz Date: Wed, 27 Nov 2024 17:16:05 +0000 Subject: [PATCH] fix: strip off version prefix when parsing CocoaPods paths For artifacts coming with a `v` prefix in the artifactory path, e.g. `libwebp-v1.3.0.tar.gz`, the parsed version number should skip the prefix i.e. it should be `1.3.0` and not `v1.3.0`. --- .../scanner/cocoapods/CocoapodsPackage.java | 3 +-- .../scanner/cocoapods/CocoapodsPackageTest.java | 11 +++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/core/src/main/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackage.java b/core/src/main/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackage.java index 51d3bd0..2c4e3da 100644 --- a/core/src/main/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackage.java +++ b/core/src/main/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackage.java @@ -33,8 +33,7 @@ public static Optional parse( } String[] nameVersion = artifactoryPackageName.replace(".tar.gz", "") - .replaceFirst("(?s)-(?!.*?-)", "!") - .split("!"); + .split("(?s)-[a-zA-Z]*(?!.*?-)"); if (nameVersion.length != 2) { LOG.warn("Unexpected Cocoapods package name: {}", artifactoryPackageName); diff --git a/core/src/test/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackageTest.java b/core/src/test/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackageTest.java index f38955a..65a0645 100644 --- a/core/src/test/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackageTest.java +++ b/core/src/test/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackageTest.java @@ -19,6 +19,17 @@ void parse() { assertThat(pckg.get().getVersion()).isEqualTo("1.9.1"); } + @Test + void parse_whenVersionNumberHasVPrefix() { + Optional pckg = CocoapodsPackage.parse( + "libwebp-v1.3.0.tar.gz" + ); + + assertThat(pckg).isNotEmpty(); + assertThat(pckg.get().getName()).isEqualTo("libwebp"); + assertThat(pckg.get().getVersion()).isEqualTo("1.3.0"); + } + @Test void parse_unexpectedPackageName() { assertThat(CocoapodsPackage.parse("3.5.1.tar.gz")).isEmpty();