1.6 KiB
1.6 KiB
macOS pkgutil Receipt Analyzer
Module
Scanner
Status
IMPLEMENTED
Description
Parses macOS pkgutil receipt database and BOM files to discover Apple installer packages, producing SBOM components with package identifier, version, and installed volume.
Implementation Details
- Package Analyzer:
src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Pkgutil/PkgutilPackageAnalyzer.cs-PkgutilPackageAnalyzerdiscovers Apple installer packages from pkgutil receipt databasesrc/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Pkgutil/PkgutilAnalyzerPlugin.cs- Plugin registration for the pkgutil analyzer
- Parsers:
src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Pkgutil/PkgutilReceiptParser.cs-PkgutilReceiptParserparses pkgutil receipt plist files extracting package identifier, version, and install metadatasrc/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Pkgutil/BomParser.cs-BomParserparses macOS BOM (Bill of Materials) files listing installed file manifests
E2E Test Plan
- Scan a macOS container image and verify Apple installer packages are discovered from pkgutil receipts
- Verify each discovered package includes package identifier (e.g.,
com.apple.pkg.CLTools_Executables), version, and installed volume - Verify BOM file parsing correctly identifies the files installed by each package
- Verify SBOM components are produced with correct PURL format for macOS system packages
- Verify packages from third-party PKG installers are also discovered alongside Apple system packages