wip

Signed-off-by: dervoeti <lukas.voetmand@stackable.tech>
anchore · Nov 18, 2024 · 6191172 · 6191172
1 parent e41f8df
commit 6191172
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 6 deletions.
diff --git a/.binny.yaml b/.binny.yaml
@@ -58,7 +58,7 @@ tools:
   # used to release all artifacts
   - name: goreleaser
     version:
-      want: v2.4.4
+      want: v2.4.5
     method: github-release
     with:
       repo: goreleaser/goreleaser
@@ -111,7 +111,7 @@ tools:
   # used for triggering a release
   - name: gh
     version:
-      want: v2.61.0
+      want: v2.62.0
     method: github-release
     with:
       repo: cli/cli

diff --git a/syft/format/internal/cyclonedxutil/helpers/decoder.go b/syft/format/internal/cyclonedxutil/helpers/decoder.go
@@ -42,13 +42,13 @@ func collectBomPackages(bom *cyclonedx.BOM, s *sbom.SBOM, idMap map[string]inter
 	componentsPresent := false
 	if bom.Components != nil {
 		for i := range *bom.Components {
-			collectPackages(&(*bom.Components)[i], s, idMap)
+			collectPackages(&(*bom.Components)[i], s, bom, idMap)
 		}
 		componentsPresent = true
 	}
 
 	if bom.Metadata != nil && bom.Metadata.Component != nil {
-		collectPackages(bom.Metadata.Component, s, idMap)
+		collectPackages(bom.Metadata.Component, s, bom, idMap)
 		componentsPresent = true
 	}
 
@@ -59,7 +59,7 @@ func collectBomPackages(bom *cyclonedx.BOM, s *sbom.SBOM, idMap map[string]inter
 	return nil
 }
 
-func collectPackages(component *cyclonedx.Component, s *sbom.SBOM, idMap map[string]interface{}) {
+func collectPackages(component *cyclonedx.Component, s *sbom.SBOM, bom *cyclonedx.BOM, idMap map[string]interface{}) {
 	switch component.Type {
 	case cyclonedx.ComponentTypeOS:
 	case cyclonedx.ComponentTypeContainer:
@@ -71,13 +71,16 @@ func collectPackages(component *cyclonedx.Component, s *sbom.SBOM, idMap map[str
 			idMap[syftID] = p
 		}
 		// TODO there must be a better way than needing to call this manually:
+		var oldName = p.Name
+		p.Name = bom.SerialNumber + p.Name
 		p.SetID()
+		p.Name = oldName
 		s.Artifacts.Packages.Add(*p)
 	}
 
 	if component.Components != nil {
 		for i := range *component.Components {
-			collectPackages(&(*component.Components)[i], s, idMap)
+			collectPackages(&(*component.Components)[i], s, bom, idMap)
 		}
 	}
 }