stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
cf5b72974f923126944f4dcd47e85864ebb31a3b
git.stella-ops.org/docs/features/unchecked/scanner/macos-homebrew-package-analyzer.md

1.3 KiB
Raw Blame History

macOS Homebrew Package Analyzer

Module

Scanner

Status

IMPLEMENTED

Description

OS-level analyzer that discovers Homebrew-installed packages by parsing Cellar receipts, producing SBOM components with version, tap source, and installed-on-request metadata.

Implementation Details

  • Homebrew Analyzer:
    • src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Homebrew/HomebrewPackageAnalyzer.cs - HomebrewPackageAnalyzer discovers Homebrew-installed packages by parsing Cellar receipts, producing SBOM components with version, tap source, and installed-on-request metadata
    • src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Homebrew/HomebrewAnalyzerPlugin.cs - Plugin registration for the Homebrew analyzer

E2E Test Plan

  • Scan a macOS container image with Homebrew-installed packages and verify packages are discovered from Cellar receipts
  • Verify each discovered package includes version, tap source (e.g., homebrew/core), and installed-on-request status
  • Verify SBOM components are produced with correct PURL format for Homebrew packages
  • Verify packages installed as dependencies (not on-request) are correctly distinguished from explicitly installed packages
  • Verify custom tap packages are correctly attributed to their source tap