From cdc29e74055f103f5bb86891a9998ec3b64b0e4d Mon Sep 17 00:00:00 2001
From: Malte Poll <mp@edgeless.systems>
Date: Sat, 1 Oct 2022 14:11:24 +0200
Subject: [PATCH] Allow type "file:..."

Signed-off-by: Malte Poll <mp@edgeless.systems>
---
 action.yml                        |  2 +-
 dist/attachReleaseAssets/index.js | 13 +++++++++++--
 dist/downloadSyft/index.js        | 13 +++++++++++--
 dist/runSyftAction/index.js       | 13 +++++++++++--
 package-lock.json                 | 14 +++++++-------
 package.json                      |  2 +-
 src/Syft.ts                       |  6 +++---
 src/github/SyftGithubAction.ts    | 18 ++++++++++++++++--
 8 files changed, 61 insertions(+), 20 deletions(-)

diff --git a/action.yml b/action.yml
index 71c25bf9..f7139522 100644
--- a/action.yml
+++ b/action.yml
@@ -7,7 +7,7 @@ branding:
 inputs:
   path:
     required: false
-    description: "A path on the filesystem to scan"
+    description: "A path on the filesystem to scan. Can be a file or directory."
     default: "."
 
   image:
diff --git a/dist/attachReleaseAssets/index.js b/dist/attachReleaseAssets/index.js
index 57d3b795..bcc7db09 100644
--- a/dist/attachReleaseAssets/index.js
+++ b/dist/attachReleaseAssets/index.js
@@ -24011,11 +24011,20 @@ function executeSyft(_a) {
                 args = [...args, `${input.image}`];
             }
         }
-        else if ("path" in input && input.path) {
+        else if ("path" in input &&
+            input.path &&
+            fs.existsSync(input.path) &&
+            fs.lstatSync(input.path).isDirectory()) {
             args = [...args, `dir:${input.path}`];
         }
+        else if ("path" in input &&
+            input.path &&
+            fs.existsSync(input.path) &&
+            fs.lstatSync(input.path).isFile()) {
+            args = [...args, `file:${input.path}`];
+        }
         else {
-            throw new Error("Invalid input, no image or path specified");
+            throw new Error("Invalid input, no image or path specified or path does not exist");
         }
         args = [...args, "-o", format];
         if (opts.uploadToDependencySnapshotAPI) {
diff --git a/dist/downloadSyft/index.js b/dist/downloadSyft/index.js
index e4d5f637..9a9b1636 100644
--- a/dist/downloadSyft/index.js
+++ b/dist/downloadSyft/index.js
@@ -24059,11 +24059,20 @@ function executeSyft(_a) {
                 args = [...args, `${input.image}`];
             }
         }
-        else if ("path" in input && input.path) {
+        else if ("path" in input &&
+            input.path &&
+            fs.existsSync(input.path) &&
+            fs.lstatSync(input.path).isDirectory()) {
             args = [...args, `dir:${input.path}`];
         }
+        else if ("path" in input &&
+            input.path &&
+            fs.existsSync(input.path) &&
+            fs.lstatSync(input.path).isFile()) {
+            args = [...args, `file:${input.path}`];
+        }
         else {
-            throw new Error("Invalid input, no image or path specified");
+            throw new Error("Invalid input, no image or path specified or path does not exist");
         }
         args = [...args, "-o", format];
         if (opts.uploadToDependencySnapshotAPI) {
diff --git a/dist/runSyftAction/index.js b/dist/runSyftAction/index.js
index c39d79b1..909c6825 100644
--- a/dist/runSyftAction/index.js
+++ b/dist/runSyftAction/index.js
@@ -24011,11 +24011,20 @@ function executeSyft(_a) {
                 args = [...args, `${input.image}`];
             }
         }
-        else if ("path" in input && input.path) {
+        else if ("path" in input &&
+            input.path &&
+            fs.existsSync(input.path) &&
+            fs.lstatSync(input.path).isDirectory()) {
             args = [...args, `dir:${input.path}`];
         }
+        else if ("path" in input &&
+            input.path &&
+            fs.existsSync(input.path) &&
+            fs.lstatSync(input.path).isFile()) {
+            args = [...args, `file:${input.path}`];
+        }
         else {
-            throw new Error("Invalid input, no image or path specified");
+            throw new Error("Invalid input, no image or path specified or path does not exist");
         }
         args = [...args, "-o", format];
         if (opts.uploadToDependencySnapshotAPI) {
diff --git a/package-lock.json b/package-lock.json
index ccc2e6c1..bf7f4ea3 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -42,7 +42,7 @@
         "pretty-quick": "^3.1.3",
         "ts-jest": "^29.0.1",
         "type-fest": "^2.19.0",
-        "typescript": "^4.8.3"
+        "typescript": "^4.8.4"
       }
     },
     "node_modules/@actions/artifact": {
@@ -9798,9 +9798,9 @@
       }
     },
     "node_modules/typescript": {
-      "version": "4.8.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.3.tgz",
-      "integrity": "sha512-goMHfm00nWPa8UvR/CPSvykqf6dVV8x/dp0c5mFTMTIu0u0FlGWRioyy7Nn0PGAdHxpJZnuO/ut+PpQ8UiHAig==",
+      "version": "4.8.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.4.tgz",
+      "integrity": "sha512-QCh+85mCy+h0IGff8r5XWzOVSbBO+KfeYrMQh7NJ58QujwcE22u+NUSmUxqF+un70P9GXKxa2HCNiTTMJknyjQ==",
       "dev": true,
       "bin": {
         "tsc": "bin/tsc",
@@ -17454,9 +17454,9 @@
       }
     },
     "typescript": {
-      "version": "4.8.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.3.tgz",
-      "integrity": "sha512-goMHfm00nWPa8UvR/CPSvykqf6dVV8x/dp0c5mFTMTIu0u0FlGWRioyy7Nn0PGAdHxpJZnuO/ut+PpQ8UiHAig==",
+      "version": "4.8.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.8.4.tgz",
+      "integrity": "sha512-QCh+85mCy+h0IGff8r5XWzOVSbBO+KfeYrMQh7NJ58QujwcE22u+NUSmUxqF+un70P9GXKxa2HCNiTTMJknyjQ==",
       "dev": true
     },
     "unbox-primitive": {
diff --git a/package.json b/package.json
index 3828354c..0eff28f8 100644
--- a/package.json
+++ b/package.json
@@ -67,6 +67,6 @@
     "pretty-quick": "^3.1.3",
     "ts-jest": "^29.0.1",
     "type-fest": "^2.19.0",
-    "typescript": "^4.8.3"
+    "typescript": "^4.8.4"
   }
 }
diff --git a/src/Syft.ts b/src/Syft.ts
index 893e0f32..f9d27dbb 100644
--- a/src/Syft.ts
+++ b/src/Syft.ts
@@ -1,7 +1,7 @@
 /**
- * Used for filesystem directory input to Syft
+ * Used for filesystem directory/file input to Syft
  */
-export interface SyftDirectoryInput {
+export interface SyftPathInput {
   path: string;
 }
 
@@ -24,7 +24,7 @@ export interface SyftImageInput {
  * Syft invocation options
  */
 export interface SyftOptions {
-  input: SyftDirectoryInput | SyftRegistryInput | SyftImageInput;
+  input: SyftPathInput | SyftRegistryInput | SyftImageInput;
   format:
     | "spdx"
     | "spdx-tag-value"
diff --git a/src/github/SyftGithubAction.ts b/src/github/SyftGithubAction.ts
index 22889474..e7be7f14 100644
--- a/src/github/SyftGithubAction.ts
+++ b/src/github/SyftGithubAction.ts
@@ -133,10 +133,24 @@ async function executeSyft({
     } else {
       args = [...args, `${input.image}`];
     }
-  } else if ("path" in input && input.path) {
+  } else if (
+    "path" in input &&
+    input.path &&
+    fs.existsSync(input.path) &&
+    fs.lstatSync(input.path).isDirectory()
+  ) {
     args = [...args, `dir:${input.path}`];
+  } else if (
+    "path" in input &&
+    input.path &&
+    fs.existsSync(input.path) &&
+    fs.lstatSync(input.path).isFile()
+  ) {
+    args = [...args, `file:${input.path}`];
   } else {
-    throw new Error("Invalid input, no image or path specified");
+    throw new Error(
+      "Invalid input, no image or path specified or path does not exist"
+    );
   }
 
   args = [...args, "-o", format];