@contrast/contrast 1.0.3 → 1.0.6

package/src/scaAnalysis/go/goParseDeps.js

@@ -0,0 +1,203 @@
+const crypto = require('crypto')
+
+const parseGoDependencies = goDeps => {
+  return parseGo(goDeps)
+}
+
+const parseGo = modGraphOutput => {
+  let splitLines = splitAllLinesIntoArray(modGraphOutput)
+  const directDepNames = getDirectDepNames(splitLines)
+  const uniqueTransitiveDepNames = getAllUniqueTransitiveDepNames(
+    splitLines,
+    directDepNames
+  )
+
+  let rootNodes = createRootNodes(splitLines)
+
+  createTransitiveDeps(uniqueTransitiveDepNames, splitLines, rootNodes)
+
+  return rootNodes
+}
+
+const splitAllLinesIntoArray = modGraphOutput => {
+  return modGraphOutput.split(/\r\n|\r|\n/)
+}
+
+const getAllDepsOfADepAsEdge = (dep, deps) => {
+  let edges = {}
+
+  const depRows = deps.filter(line => {
+    return line.startsWith(dep)
+  })
+
+  depRows.forEach(dep => {
+    const edgeName = dep.split(' ')[1]
+    edges[edgeName] = edgeName
+  })
+
+  return edges
+}
+
+const getAllDepsOfADepAsName = (dep, deps) => {
+  let edges = []
+
+  const depRows = deps.filter(line => {
+    return line.startsWith(dep)
+  })
+
+  depRows.forEach(dep => {
+    const edgeName = dep.split(' ')[1]
+    edges.push(edgeName)
+  })
+
+  return edges
+}
+
+const createRootNodes = deps => {
+  let rootDep = {}
+  const rootDeps = getRootDeps(deps)
+
+  const edges = rootDeps.map(dep => {
+    return dep.split(' ')[1]
+  })
+
+  rootDep[rootDeps[0].split(' ')[0]] = {}
+
+  edges.forEach(edge => {
+    const splitEdge = edge.split('@')
+    const splitGroupName = splitEdge[0].split('/')
+    const name = splitGroupName.pop()
+    const lastSlash = splitEdge[0].lastIndexOf('/')
+    let group = splitEdge[0].substring(0, lastSlash)
+    const hash = getHash(splitEdge[0])
+
+    group = checkGroupExists(group, name)
+
+    //get the edges of the root dependency
+    const edgesOfDep = getAllDepsOfADepAsEdge(edge, deps)
+
+    rootDep[rootDeps[0].split(' ')[0]][edge] = {
+      artifactID: name,
+      group: group,
+      version: splitEdge[1],
+      scope: '"compile',
+      type: 'direct',
+      hash: hash,
+      edges: edgesOfDep
+    }
+  })
+  return rootDep
+}
+
+const getRootDeps = deps => {
+  const rootDeps = deps.filter(dep => {
+    const parentDep = dep.split(' ')[0]
+    if (parentDep.split('@v').length === 1) {
+      return dep
+    }
+  })
+  return rootDeps
+}
+
+const getHash = library => {
+  let shaSum = crypto.createHash('sha1')
+  shaSum.update(library)
+  return shaSum.digest('hex')
+}
+
+const getDirectDepNames = deps => {
+  const directDepNames = []
+
+  deps.forEach(dep => {
+    const parentDep = dep.split(' ')[0]
+    if (parentDep.split('@v').length === 1) {
+      dep.split(' ')[1] !== undefined
+        ? directDepNames.push(dep.split(' ')[1])
+        : null
+    }
+  })
+  return directDepNames
+}
+
+const getAllUniqueTransitiveDepNames = (deps, directDepNames) => {
+  let uniqueDeps = []
+
+  deps.forEach(dep => {
+    const parentDep = dep.split(' ')[0]
+    if (parentDep.split('@v').length !== 1) {
+      if (!directDepNames.includes(parentDep)) {
+        if (!uniqueDeps.includes(parentDep)) {
+          parentDep.length > 1 ? uniqueDeps.push(parentDep) : null
+        }
+      }
+    }
+  })
+  return uniqueDeps
+}
+
+const checkGroupExists = (group, name) => {
+  if (group === null || group === '') {
+    return name
+  }
+  return group
+}
+
+const createTransitiveDeps = (transitiveDeps, splitLines, rootNodes) => {
+  transitiveDeps.forEach(dep => {
+    //create transitive dep
+    const splitEdge = dep.split('@')
+    const splitGroupName = splitEdge[0].split('/')
+    const name = splitGroupName.pop()
+    const lastSlash = splitEdge[0].lastIndexOf('/')
+    let group = splitEdge[0].substring(0, lastSlash)
+    const hash = getHash(splitEdge[0])
+
+    group = checkGroupExists(group, name)
+
+    const transitiveDep = {
+      artifactID: name,
+      group: group,
+      version: splitEdge[1],
+      scope: 'compile',
+      type: 'transitive',
+      hash: hash,
+      edges: {}
+    }
+
+    //add edges to transitiveDep
+    const edges = getAllDepsOfADepAsEdge(dep, splitLines)
+    transitiveDep.edges = edges
+
+    //add all edges as a transitive dependency to rootNodes
+    const edgesAsName = getAllDepsOfADepAsName(dep, splitLines)
+
+    edgesAsName.forEach(dep => {
+      const splitEdge = dep.split('@')
+      const splitGroupName = splitEdge[0].split('/')
+      const name = splitGroupName.pop()
+      const lastSlash = splitEdge[0].lastIndexOf('/')
+      let group = splitEdge[0].substring(0, lastSlash)
+      const hash = getHash(splitEdge[0])
+
+      group = checkGroupExists(group, name)
+
+      const transitiveDep = {
+        artifactID: name,
+        group: group,
+        version: splitEdge[1],
+        scope: 'compile',
+        type: 'transitive',
+        hash: hash,
+        edges: {}
+      }
+      rootNodes[Object.keys(rootNodes)[0]][dep] = transitiveDep
+    })
+
+    //add transitive dependency to rootNodes
+    rootNodes[Object.keys(rootNodes)[0]][dep] = transitiveDep
+  })
+}
+
+module.exports = {
+  parseGoDependencies
+}

package/src/scaAnalysis/go/goReadDepFile.js

@@ -0,0 +1,32 @@
+const child_process = require('child_process')
+const i18n = require('i18n')
+
+const getGoDependencies = config => {
+  let cmdStdout
+  let cwd = config.projectPath
+    ? config.projectPath.replace('go.mod', '')
+    : process.cwd()
+
+  try {
+    // A sample of this output can be found
+    // in the go test folder data/goModGraphResults.text
+    cmdStdout = child_process.execSync('go mod graph', { cwd })
+
+    return cmdStdout.toString()
+  } catch (err) {
+    if (err.message === 'spawnSync /bin/sh ENOENT') {
+      err.message =
+        '\n\n*************** No transitive dependencies ***************\n\nWe are unable to build a dependency tree view from your repository as there were no transitive dependencies found.'
+    }
+    console.log(
+      i18n.__('goReadProjectFile', cwd, `${err.message ? err.message : ''}`)
+    )
+    // throw new Error(
+    //   i18n.__('goReadProjectFile', cwd, `${err.message ? err.message : ''}`)
+    // )
+  }
+}
+
+module.exports = {
+  getGoDependencies
+}

package/src/scaAnalysis/java/analysis.js

@@ -0,0 +1,143 @@
+const child_process = require('child_process')
+const path = require('path')
+const i18n = require('i18n')
+const fs = require('fs')
+
+const MAVEN = 'maven'
+const GRADLE = 'gradle'
+
+const determineProjectTypeAndCwd = (files, projectPath) => {
+  const projectData = {}
+
+  if (files[0].includes('pom.xml')) {
+    projectData.projectType = MAVEN
+    projectData.cwd = projectPath
+      ? projectPath
+      : files[0].replace('pom.xml', '')
+  } else if (files[0].includes('build.gradle')) {
+    projectData.projectType = GRADLE
+    projectData.cwd = projectPath
+      ? projectPath
+      : files[0].replace('pom.xml', '')
+  }
+
+  return projectData
+}
+
+const buildMaven = (config, projectData, timeout) => {
+  let cmdStdout
+  let mvn_settings = ''
+
+  try {
+    // Allow users to provide a custom location for their settings.xml
+    if (config.mavenSettingsPath) {
+      mvn_settings = ' -s ' + config.mavenSettingsPath
+    }
+    cmdStdout = child_process.execSync(
+      'mvn dependency:tree -B' + mvn_settings,
+      {
+        cwd: projectData.cwd,
+        timeout
+      }
+    )
+    return cmdStdout.toString()
+  } catch (err) {
+    throw new Error(
+      i18n.__('mavenDependencyTreeNonZero', projectData.cwd, `${err.message}`)
+    )
+  }
+}
+
+const buildGradle = (config, projectData, timeout) => {
+  let cmdStdout
+  let output = {}
+
+  try {
+    // path.sep is user here to either execute as "./gradlew" for UNIX/Linux/MacOS
+    // & ".\gradlew" for Windows
+    // Check if the user has specified a sub-project
+    if (config.subProject) {
+      cmdStdout = child_process.execSync(
+        '.' +
+          path.sep +
+          'gradlew :' +
+          config.subProject +
+          ':dependencies --configuration runtimeClasspath',
+        {
+          cwd: projectData.cwd,
+          timeout
+        }
+      )
+    } else {
+      cmdStdout = child_process.execSync(
+        '.' +
+          path.sep +
+          'gradlew dependencies --configuration runtimeClasspath',
+        {
+          cwd: projectData.cwd,
+          timeout
+        }
+      )
+    }
+    if (
+      cmdStdout
+        .toString()
+        .includes(
+          "runtimeClasspath - Runtime classpath of source set 'main'.\n" +
+            'No dependencies'
+        )
+    ) {
+      cmdStdout = child_process.execSync(
+        '.' + path.sep + 'gradlew dependencies',
+        {
+          cwd: projectData.cwd,
+          timeout
+        }
+      )
+    }
+    output = cmdStdout.toString()
+    return output
+  } catch (err) {
+    if (
+      fs.existsSync(projectData.cwd + 'gradlew') ||
+      fs.existsSync(projectData.cwd + 'gradlew.bat')
+    ) {
+      throw new Error(
+        i18n.__(
+          'gradleDependencyTreeNonZero',
+          projectData.cwd,
+          `${err.message}`
+        )
+      )
+    } else {
+      throw new Error(
+        i18n.__('gradleWrapperUnavailable', projectData.cwd, `${err.message}`)
+      )
+    }
+  }
+}
+
+const getJavaBuildDeps = (config, files) => {
+  const timeout = 960000
+  let output = {
+    mvnDependancyTreeOutput: undefined,
+    projectType: undefined
+  }
+
+  try {
+    const projectData = determineProjectTypeAndCwd(files, config.projectPath)
+    if (projectData.projectType === MAVEN) {
+      output.mvnDependancyTreeOutput = buildMaven(config, projectData, timeout)
+    } else if (projectData.projectType === GRADLE) {
+      output.mvnDependancyTreeOutput = buildGradle(config, projectData, timeout)
+    }
+    output.projectType = projectData.projectType
+    return output
+  } catch (err) {
+    console.log(err.message.toString())
+  }
+}
+
+module.exports = {
+  getJavaBuildDeps
+}

package/src/scaAnalysis/java/index.js

@@ -0,0 +1,21 @@
+const analysis = require('./analysis')
+const { parseBuildDeps } = require('./javaBuildDepsParser')
+const { createJavaTSMessage } = require('../common/formatMessage')
+
+const javaAnalysis = (config, languageFiles) => {
+  languageFiles.java.forEach(file => {
+    file.replace('build.gradle.kts', 'build.gradle')
+  })
+
+  const javaDeps = buildJavaTree(config, languageFiles.java)
+  return createJavaTSMessage(javaDeps)
+}
+
+const buildJavaTree = (config, files) => {
+  const javaBuildDeps = analysis.getJavaBuildDeps(config, files)
+  return parseBuildDeps(config, javaBuildDeps)
+}
+
+module.exports = {
+  javaAnalysis
+}