From ddf6b12188aca9e85b64a5e3cf8d748f63d6634e Mon Sep 17 00:00:00 2001 From: Jacek Rzeniewicz Date: Wed, 27 Nov 2024 17:16:05 +0000 Subject: [PATCH] fix: strip off version prefix when parsing CocoaPods paths For artifacts coming with a `v` prefix in the artifactory path, e.g. `libwebp-v1.3.0.tar.gz`, the parsed version number should skip the prefix i.e. it should be `1.3.0` and not `v1.3.0`. --- .../scanner/cocoapods/CocoapodsPackage.java | 2 +- .../scanner/cocoapods/CocoapodsPackageTest.java | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/core/src/main/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackage.java b/core/src/main/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackage.java index 51d3bd0..1fa5122 100644 --- a/core/src/main/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackage.java +++ b/core/src/main/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackage.java @@ -33,7 +33,7 @@ public static Optional parse( } String[] nameVersion = artifactoryPackageName.replace(".tar.gz", "") - .replaceFirst("(?s)-(?!.*?-)", "!") + .replaceFirst("(?s)-[a-zA-Z]*(?!.*?-)", "!") .split("!"); if (nameVersion.length != 2) { diff --git a/core/src/test/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackageTest.java b/core/src/test/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackageTest.java index f38955a..65a0645 100644 --- a/core/src/test/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackageTest.java +++ b/core/src/test/java/io/snyk/plugins/artifactory/scanner/cocoapods/CocoapodsPackageTest.java @@ -19,6 +19,17 @@ void parse() { assertThat(pckg.get().getVersion()).isEqualTo("1.9.1"); } + @Test + void parse_whenVersionNumberHasVPrefix() { + Optional pckg = CocoapodsPackage.parse( + "libwebp-v1.3.0.tar.gz" + ); + + assertThat(pckg).isNotEmpty(); + assertThat(pckg.get().getName()).isEqualTo("libwebp"); + assertThat(pckg.get().getVersion()).isEqualTo("1.3.0"); + } + @Test void parse_unexpectedPackageName() { assertThat(CocoapodsPackage.parse("3.5.1.tar.gz")).isEmpty();