add python/egg support

pkg/egg/parse.go

@@ -0,0 +1,25 @@
+package egg
+
+import (
+	"bufio"
+	"io"
+	"net/textproto"
+
+	"github.com/aquasecurity/go-dep-parser/pkg/types"
+	"golang.org/x/xerrors"
+)
+
+func Parse(r io.Reader) ([]types.Library, error) {
+	rd := textproto.NewReader(bufio.NewReader(r))
+	h, err := rd.ReadMIMEHeader()
+	if err != nil {
+		return nil, xerrors.Errorf("read MIME error: %w", err)
+	}
+
+	return []types.Library{
+		{
+			Name:    h.Get("Name"),
+			Version: h.Get("Version"),
+		},
+	}, nil
+}

pkg/egg/parse_test.go

@@ -0,0 +1,51 @@
+package egg
+
+import (
+	"os"
+	"path"
+	"testing"
+
+	"github.com/aquasecurity/go-dep-parser/pkg/types"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestParse(t *testing.T) {
+	vectors := []struct {
+		file string // Test input file
+		want []types.Library
+	}{
+		{
+			file: "testdata/setuptools-51.3.3-py3.8.egg-info.PKG-INFO",
+
+			// docker run --name python --rm -it python:3.9-alpine sh
+			// apk add py3-setuptools
+			// cat /usr/lib/python3.8/site-packages/setuptools-51.3.3-py3.8.egg-info/PKG-INFO | awk 'NR==2,NR==3' | awk 'BEGIN {FS=" "} {print $2}' | awk '!(NR%2){printf("{\""p"\", \""$0"\"},\n")}{p=$0}'
+			want: []types.Library{
+				{"setuptools", "51.3.3"},
+			},
+		},
+		{
+			file: "testdata/six-1.15.0-py3.8.egg-info",
+
+			// docker run --name python --rm -it python:3.9-alpine sh
+			// apk add py3-setuptools
+			// cat /usr/lib/python3.8/site-packages/six-1.15.0-py3.8.egg-info | awk 'NR==2,NR==3' | awk 'BEGIN {FS=" "} {print $2}' | awk '!(NR%2){printf("{\""p"\", \""$0"\"},\n")}{p=$0}'
+			want: []types.Library{
+				{"six", "1.15.0"},
+			},
+		},
+	}
+
+	for _, v := range vectors {
+		t.Run(path.Base(v.file), func(t *testing.T) {
+			f, err := os.Open(v.file)
+			require.NoError(t, err)
+
+			got, err := Parse(f)
+			require.NoError(t, err)
+
+			assert.Equal(t, v.want, got)
+		})
+	}
+}

pkg/egg/testdata/setuptools-51.3.3-py3.8.egg-info.PKG-INFO

@@ -0,0 +1,87 @@
+Metadata-Version: 2.1
+Name: setuptools
+Version: 51.3.3
+Summary: Easily download, build, install, upgrade, and uninstall Python packages
+Home-page: https://github.com/pypa/setuptools
+Author: Python Packaging Authority
+Author-email: distutils-sig@python.org
+License: UNKNOWN
+Project-URL: Documentation, https://setuptools.readthedocs.io/
+Description: .. image:: https://img.shields.io/pypi/v/setuptools.svg
+           :target: `PyPI link`_
+
+        .. image:: https://img.shields.io/pypi/pyversions/setuptools.svg
+           :target: `PyPI link`_
+
+        .. _PyPI link: https://pypi.org/project/setuptools
+
+        .. image:: https://github.com/pypa/setuptools/workflows/tests/badge.svg
+           :target: https://github.com/pypa/setuptools/actions?query=workflow%3A%22tests%22
+           :alt: tests
+
+        .. image:: https://img.shields.io/badge/code%20style-black-000000.svg
+           :target: https://github.com/psf/black
+           :alt: Code style: Black
+
+        .. image:: https://img.shields.io/readthedocs/setuptools/latest.svg
+            :target: https://setuptools.readthedocs.io
+
+        .. image:: https://img.shields.io/codecov/c/github/pypa/setuptools/master.svg?logo=codecov&logoColor=white
+           :target: https://codecov.io/gh/pypa/setuptools
+
+        .. image:: https://tidelift.com/badges/github/pypa/setuptools?style=flat
+           :target: https://tidelift.com/subscription/pkg/pypi-setuptools?utm_source=pypi-setuptools&utm_medium=readme
+
+        See the `Installation Instructions
+        <https://packaging.python.org/installing/>`_ in the Python Packaging
+        User's Guide for instructions on installing, upgrading, and uninstalling
+        Setuptools.
+
+        Questions and comments should be directed to the `distutils-sig
+        mailing list <http://mail.python.org/pipermail/distutils-sig/>`_.
+        Bug reports and especially tested patches may be
+        submitted directly to the `bug tracker
+        <https://github.com/pypa/setuptools/issues>`_.
+
+
+        Code of Conduct
+        ===============
+
+        Everyone interacting in the setuptools project's codebases, issue trackers,
+        chat rooms, and mailing lists is expected to follow the
+        `PSF Code of Conduct <https://github.com/pypa/.github/blob/main/CODE_OF_CONDUCT.md>`_.
+
+
+        For Enterprise
+        ==============
+
+        Available as part of the Tidelift Subscription.
+
+        Setuptools and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.
+
+        `Learn more <https://tidelift.com/subscription/pkg/pypi-setuptools?utm_source=pypi-setuptools&utm_medium=referral&utm_campaign=github>`_.
+
+
+        Security Contact
+        ================
+
+        To report a security vulnerability, please use the
+        `Tidelift security contact <https://tidelift.com/security>`_.
+        Tidelift will coordinate the fix and disclosure.
+
+Keywords: CPAN PyPI distutils eggs package management
+Platform: UNKNOWN
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Topic :: System :: Archiving :: Packaging
+Classifier: Topic :: System :: Systems Administration
+Classifier: Topic :: Utilities
+Requires-Python: >=3.6
+Provides-Extra: testing
+Provides-Extra: docs
+Provides-Extra: ssl
+Provides-Extra: certs

pkg/egg/testdata/six-1.15.0-py3.8.egg-info

@@ -0,0 +1,46 @@
+Metadata-Version: 1.1
+Name: six
+Version: 1.15.0
+Summary: Python 2 and 3 compatibility utilities
+Home-page: https://github.com/benjaminp/six
+Author: Benjamin Peterson
+Author-email: benjamin@python.org
+License: MIT
+Description: .. image:: https://img.shields.io/pypi/v/six.svg
+           :target: https://pypi.org/project/six/
+           :alt: six on PyPI
+
+        .. image:: https://travis-ci.org/benjaminp/six.svg?branch=master
+           :target: https://travis-ci.org/benjaminp/six
+           :alt: six on TravisCI
+
+        .. image:: https://readthedocs.org/projects/six/badge/?version=latest
+           :target: https://six.readthedocs.io/
+           :alt: six's documentation on Read the Docs
+
+        .. image:: https://img.shields.io/badge/license-MIT-green.svg
+           :target: https://github.com/benjaminp/six/blob/master/LICENSE
+           :alt: MIT License badge
+
+        Six is a Python 2 and 3 compatibility library.  It provides utility functions
+        for smoothing over the differences between the Python versions with the goal of
+        writing Python code that is compatible on both Python versions.  See the
+        documentation for more information on what is provided.
+
+        Six supports Python 2.7 and 3.3+.  It is contained in only one Python
+        file, so it can be easily copied into your project. (The copyright and license
+        notice must be retained.)
+
+        Online documentation is at https://six.readthedocs.io/.
+
+        Bugs can be reported to https://github.com/benjaminp/six.  The code can also
+        be found there.
+
+Platform: UNKNOWN
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Programming Language :: Python :: 2
+Classifier: Programming Language :: Python :: 3
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Topic :: Software Development :: Libraries
+Classifier: Topic :: Utilities