@cyclonedx/cdxgen 10.8.0 → 10.8.2

package/README.md

@@ -460,6 +460,19 @@ cdxgen can automatically detect names of services from YAML manifests such as do
 
 Use the [CycloneDX CLI][cyclonedx-cli-github] tool for advanced use cases such as conversion, diff and merging.
 
+## Including .NET Global Assembly Cache dependencies in the results
+
+Global Assembly Cache (GAC) dependencies must be made available in the build output of the project for cdxgen in order for it to inspect and include in the results. A cdxgen scan with the `--deep` flag will look for additional dependencies in the form of dll files. A simple way to have the dotnet build copy the GAC dependencies into the build directory is to place the file `Directory.Build.props` into the root of the project and ensure the contents include the following:
+```
+<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+<ItemDefinitionGroup>
+  <Reference>
+    <Private>True</Private>
+  </Reference>
+</ItemDefinitionGroup>
+</Project>
+```
+
 ## License
 
 Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the [LICENSE][github-license] file for the full license.

package/display.js

@@ -1,4 +1,5 @@
 import { existsSync, readFileSync } from "node:fs";
+import process from "node:process";
 import { createStream, table } from "table";
 
 // https://github.com/yangshun/tree-node-cli/blob/master/src/index.js

package/docker.js

@@ -17,7 +17,7 @@ import {
   homedir,
   tmpdir,
 } from "node:os";
-import { basename, join } from "node:path";
+import { basename, join, resolve } from "node:path";
 import process from "node:process";
 import stream from "node:stream/promises";
 import { parse } from "node:url";
@@ -1003,6 +1003,14 @@ export const extractFromManifest = async (
  * Returns the location of the layers with additional packages related metadata
  */
 export const exportImage = async (fullImageName) => {
+  // Safely ignore local directories
+  if (
+    !fullImageName ||
+    fullImageName === "." ||
+    existsSync(resolve(fullImageName))
+  ) {
+    return undefined;
+  }
   // Try to get the data locally first
   const localData = await getImage(fullImageName);
   if (!localData) {

package/index.js

@@ -1641,8 +1641,10 @@ export async function createJavaBom(path, options) {
           null,
           allProjectsStr,
         );
-        const splitPropTaskOut =
-          splitOutputByGradleProjects(parallelPropTaskOut);
+        const splitPropTaskOut = splitOutputByGradleProjects(
+          parallelPropTaskOut,
+          ["properties"],
+        );
 
         for (const [key, propTaskOut] of splitPropTaskOut.entries()) {
           let retMap = {};
@@ -1747,8 +1749,10 @@ export async function createJavaBom(path, options) {
     const defaultDepTaskArgs = ["--console", "plain", "--build-cache"];
     allProjects.push(parentComponent);
     let depTaskWithArgs = ["dependencies"];
+    let relevantTasks = ["dependencies"];
     if (process.env.GRADLE_DEPENDENCY_TASK) {
       depTaskWithArgs = process.env.GRADLE_DEPENDENCY_TASK.split(" ");
+      relevantTasks = process.env.GRADLE_DEPENDENCY_TASK.split(" ");
     }
     let gradleDepArgs = [];
     gradleDepArgs = gradleDepArgs
@@ -1798,7 +1802,7 @@ export async function createJavaBom(path, options) {
         const cmdOutput = Buffer.from(sstdout).toString();
         const perProjectOutput = splitOutputByGradleProjects(
           cmdOutput,
-          allProjects,
+          relevantTasks,
         );
         for (const [key, singleProjectDepOut] of perProjectOutput.entries()) {
           const sp = allProjects
@@ -2776,7 +2780,7 @@ export async function createPythonBom(path, options) {
       // Retrieve the tree using virtualenv in deep mode and as a fallback
       // This is a slow operation
       if (options.deep || !dependencies.length) {
-        retMap = getPipFrozenTree(basePath, f, tempDir);
+        retMap = getPipFrozenTree(basePath, f, tempDir, parentComponent);
         if (retMap.pkgList?.length) {
           pkgList = pkgList.concat(retMap.pkgList);
         }
@@ -2873,7 +2877,12 @@ export async function createPythonBom(path, options) {
           if (options.installDeps) {
             // If there are multiple requirements files then the tree is getting constructed for each one
             // adding to the delay.
-            const pkgMap = getPipFrozenTree(basePath, f, tempDir);
+            const pkgMap = getPipFrozenTree(
+              basePath,
+              f,
+              tempDir,
+              parentComponent,
+            );
             if (pkgMap.pkgList?.length) {
               pkgList = pkgList.concat(pkgMap.pkgList);
               frozen = pkgMap.frozen;
@@ -2925,11 +2934,16 @@ export async function createPythonBom(path, options) {
     if (options.installDeps) {
       let pkgMap = undefined;
       if (pyProjectMode) {
-        pkgMap = getPipFrozenTree(path, pyProjectFile, tempDir);
+        pkgMap = getPipFrozenTree(
+          path,
+          pyProjectFile,
+          tempDir,
+          parentComponent,
+        );
       } else if (setupPyMode) {
-        pkgMap = getPipFrozenTree(path, setupPy, tempDir);
+        pkgMap = getPipFrozenTree(path, setupPy, tempDir, parentComponent);
       } else {
-        pkgMap = getPipFrozenTree(path, undefined, tempDir);
+        pkgMap = getPipFrozenTree(path, undefined, tempDir, parentComponent);
       }
       // Get the imported modules and a dedupe list of packages
       const parentDependsOn = new Set();
@@ -4508,11 +4522,12 @@ export async function createContainerSpecLikeBom(path, options) {
       }
     }
   }
-  if (origProjectType === "universal") {
+  if (origProjectType?.includes("universal")) {
     // In case of universal, repeat to collect multiX Boms
-    const mbomData = await createMultiXBom([path], {
-      projectType: origProjectType,
+    const mbomData = await createMultiXBom(path, {
+      projectType: [],
       multiProject: true,
+      excludeType: options.excludeType,
     });
     if (mbomData) {
       if (mbomData.components?.length) {
@@ -4536,7 +4551,7 @@ export async function createContainerSpecLikeBom(path, options) {
       }
       if (DEBUG_MODE) {
         console.log(
-          `BOM includes ${components.length} unfiltered components ${dependencies.length} dependencies so far`,
+          `Received ${components.length} unfiltered components ${dependencies.length} dependencies so far.`,
         );
       }
     }
@@ -5335,7 +5350,7 @@ export function dedupeBom(options, components, parentComponent, dependencies) {
   components = trimComponents(components);
   if (DEBUG_MODE) {
     console.log(
-      `BOM includes ${components.length} components and ${dependencies.length} dependencies after dedupe`,
+      `Obtained ${components.length} components and ${dependencies.length} dependencies after dedupe.`,
     );
   }
   const serialNum = `urn:uuid:${uuidv4()}`;
@@ -5359,7 +5374,7 @@ export function dedupeBom(options, components, parentComponent, dependencies) {
 /**
  * Function to create bom string for all languages
  *
- * @param {string} pathList list of to the project
+ * @param {string[]} pathList list of to the project
  * @param {Object} options Parse options from the cli
  */
 export async function createMultiXBom(pathList, options) {
@@ -5369,6 +5384,10 @@ export async function createMultiXBom(pathList, options) {
   let parentComponent = determineParentComponent(options) || {};
   let parentSubComponents = [];
   options.createMultiXBom = true;
+  // Convert single path to an array
+  if (!Array.isArray(pathList)) {
+    pathList = pathList.split(",");
+  }
   if (
     options.projectType &&
     hasAnyProjectType(["oci"], options, false) &&
@@ -5412,7 +5431,7 @@ export async function createMultiXBom(pathList, options) {
       console.log("Scanning", path);
     }
     // Node.js
-    if (hasAnyProjectType(["js"], options)) {
+    if (hasAnyProjectType(["oci", "js"], options)) {
       bomData = await createNodejsBom(path, options);
       if (bomData?.bomJson?.components?.length) {
         if (DEBUG_MODE) {
@@ -5437,7 +5456,7 @@ export async function createMultiXBom(pathList, options) {
       }
     }
     // Java
-    if (hasAnyProjectType(["java"], options)) {
+    if (hasAnyProjectType(["oci", "java"], options)) {
       bomData = await createJavaBom(path, options);
       if (bomData?.bomJson?.components?.length) {
         if (DEBUG_MODE) {
@@ -5461,7 +5480,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["py"], options)) {
+    if (hasAnyProjectType(["oci", "py"], options)) {
       bomData = await createPythonBom(path, options);
       if (bomData?.bomJson?.components?.length) {
         if (DEBUG_MODE) {
@@ -5479,7 +5498,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["go"], options)) {
+    if (hasAnyProjectType(["oci", "go"], options)) {
       bomData = await createGoBom(path, options);
       if (bomData?.bomJson?.components?.length) {
         if (DEBUG_MODE) {
@@ -5497,7 +5516,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["rust"], options)) {
+    if (hasAnyProjectType(["oci", "rust"], options)) {
       bomData = await createRustBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5521,7 +5540,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["php"], options)) {
+    if (hasAnyProjectType(["oci", "php"], options)) {
       bomData = createPHPBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5539,7 +5558,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["ruby"], options)) {
+    if (hasAnyProjectType(["oci", "ruby"], options)) {
       bomData = await createRubyBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5561,7 +5580,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["csharp"], options)) {
+    if (hasAnyProjectType(["oci", "csharp"], options)) {
       bomData = await createCsharpBom(path, options);
       if (bomData?.bomJson?.components?.length) {
         if (DEBUG_MODE) {
@@ -5579,7 +5598,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["dart"], options)) {
+    if (hasAnyProjectType(["oci", "dart"], options)) {
       bomData = await createDartBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5597,7 +5616,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["haskell"], options)) {
+    if (hasAnyProjectType(["oci", "haskell"], options)) {
       bomData = createHaskellBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5615,7 +5634,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["elixir"], options)) {
+    if (hasAnyProjectType(["oci", "elixir"], options)) {
       bomData = createElixirBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5633,7 +5652,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["c"], options)) {
+    if (hasAnyProjectType(["oci", "c"], options)) {
       bomData = createCppBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5651,7 +5670,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["clojure"], options)) {
+    if (hasAnyProjectType(["oci", "clojure"], options)) {
       bomData = createClojureBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5669,7 +5688,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["github"], options)) {
+    if (hasAnyProjectType(["oci", "github"], options)) {
       bomData = createGitHubBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5687,7 +5706,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["cloudbuild"], options)) {
+    if (hasAnyProjectType(["oci", "cloudbuild"], options)) {
       bomData = createCloudBuildBom(path, options);
       if (bomData?.bomJson?.components) {
         if (DEBUG_MODE) {
@@ -5705,7 +5724,7 @@ export async function createMultiXBom(pathList, options) {
         }
       }
     }
-    if (hasAnyProjectType(["swift"], options)) {
+    if (hasAnyProjectType(["oci", "swift"], options)) {
       bomData = await createSwiftBom(path, options);
       if (bomData?.bomJson?.components?.length) {
         if (DEBUG_MODE) {
@@ -5797,6 +5816,14 @@ export async function createMultiXBom(pathList, options) {
       delete parentComponent.components;
     }
   }
+  // some cleanup, but not complete
+  for (const path of pathList) {
+    if (path.startsWith(join(tmpdir(), "docker-images-"))) {
+      if (rmSync) {
+        rmSync(path, { recursive: true, force: true });
+      }
+    }
+  }
   return dedupeBom(options, components, parentComponent, dependencies);
 }
 
@@ -5810,8 +5837,7 @@ export async function createXBom(path, options) {
   try {
     accessSync(path, constants.R_OK);
   } catch (err) {
-    console.error(path, "is invalid");
-    process.exit(1);
+    return undefined;
   }
   // node.js - package.json
   if (
@@ -6152,7 +6178,9 @@ export async function createBom(path, options) {
     }
     isContainerMode = true;
   } else if (
-    (options.projectType && hasAnyProjectType(["oci"], options, false)) ||
+    (options.projectType &&
+      !options.projectType?.includes("universal") &&
+      hasAnyProjectType(["oci"], options, false)) ||
     path.startsWith("docker.io") ||
     path.startsWith("quay.io") ||
     path.startsWith("ghcr.io") ||
@@ -6161,15 +6189,17 @@ export async function createBom(path, options) {
     path.includes(":latest")
   ) {
     exportData = await exportImage(path);
-    if (!exportData) {
-      console.log(
-        "BOM generation has failed due to problems with exporting the image",
-      );
-      options.failOnError && process.exit(1);
-      return {};
+    if (exportData) {
+      isContainerMode = true;
+    } else {
+      if (DEBUG_MODE) {
+        console.log(path, "doesn't appear to be a valid container image.");
+      }
     }
-    isContainerMode = true;
-  } else if (projectType === "oci-dir") {
+  } else if (
+    !options.projectType?.includes("universal") &&
+    hasAnyProjectType(["oci-dir"], options, false)
+  ) {
     isContainerMode = true;
     exportData = {
       inspectData: undefined,
@@ -6254,7 +6284,7 @@ export async function createBom(path, options) {
   }
   if (projectType.length > 1) {
     console.log("Generate BOM for project types:", projectType.join(", "));
-    return await createMultiXBom([path], options);
+    return await createMultiXBom(path, options);
   }
   // Use the project type alias to return any singular BOM
   if (PROJECT_TYPE_ALIASES["java"].includes(projectType[0])) {
@@ -6352,7 +6382,7 @@ export async function createBom(path, options) {
       // In recurse mode return multi-language Bom
       // https://github.com/cyclonedx/cdxgen/issues/95
       if (options.multiProject) {
-        return await createMultiXBom([path], options);
+        return await createMultiXBom(path, options);
       }
       return await createXBom(path, options);
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen",
-  "version": "10.8.0",
+  "version": "10.8.2",
   "description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
   "homepage": "http://github.com/cyclonedx/cdxgen",
   "author": "Prabhu Subramanian <prabhu@appthreat.com>",
@@ -88,13 +88,13 @@
   "optionalDependencies": {
     "@appthreat/atom": "2.0.16",
     "@appthreat/cdx-proto": "1.0.1",
-    "@cyclonedx/cdxgen-plugins-bin": "1.6.0",
-    "@cyclonedx/cdxgen-plugins-bin-arm64": "1.6.0",
-    "@cyclonedx/cdxgen-plugins-bin-darwin-amd64": "1.6.0",
-    "@cyclonedx/cdxgen-plugins-bin-darwin-arm64": "1.6.0",
-    "@cyclonedx/cdxgen-plugins-bin-ppc64": "1.6.0",
-    "@cyclonedx/cdxgen-plugins-bin-windows-amd64": "1.6.0",
-    "@cyclonedx/cdxgen-plugins-bin-windows-arm64": "1.6.0",
+    "@cyclonedx/cdxgen-plugins-bin": "1.6.2",
+    "@cyclonedx/cdxgen-plugins-bin-arm64": "1.6.2",
+    "@cyclonedx/cdxgen-plugins-bin-darwin-amd64": "1.6.2",
+    "@cyclonedx/cdxgen-plugins-bin-darwin-arm64": "1.6.2",
+    "@cyclonedx/cdxgen-plugins-bin-ppc64": "1.6.2",
+    "@cyclonedx/cdxgen-plugins-bin-windows-amd64": "1.6.2",
+    "@cyclonedx/cdxgen-plugins-bin-windows-arm64": "1.6.2",
     "body-parser": "^1.20.2",
     "compression": "^1.7.4",
     "connect": "^3.7.0",

package/types/display.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"display.d.ts","sourceRoot":"","sources":["../display.js"],"names":[],"mappings":"AAsWA,iEA0BC;AAED,uDAoBC;AAnYM,mFAmEN;AAQM,iDAkBN;AACM,kDAsBN;AAeM,qDA4BN;AACM,mDA8CN;AACM,wFAuCN;AA4DM,2DA+BN;AAoDM,iDA8BN"}
+{"version":3,"file":"display.d.ts","sourceRoot":"","sources":["../display.js"],"names":[],"mappings":"AAuWA,iEA0BC;AAED,uDAoBC;AAnYM,mFAmEN;AAQM,iDAkBN;AACM,kDAsBN;AAeM,qDA4BN;AACM,mDA8CN;AACM,wFAuCN;AA4DM,2DA+BN;AAoDM,iDA8BN"}

package/types/docker.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../docker.js"],"names":[],"mappings":"AAoDA;;GAEG;AACH,4CA6CC;AAxED,4BAA6C;AAC7C,8CAA+C;AAkFxC,iCAHI,MAAM,WACN,MAAM,iDAehB;AAqBM,6DAmBN;AAgLM,4EAwGN;AAEM,oFAwBN;AAUM;;;;;;;;EAwEN;AAsBM,2DA8KN;AAEM,2EAsFN;AAMM;;;;;;;;;;;;;GAqDN;AAEM;;;;;;;GAqGN;AAMM,8DAyHN;AAKM,4EAmGN;AAEM,+EAMN;AAEM,4EAyCN;AAEM,iFA0BN"}
+{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../docker.js"],"names":[],"mappings":"AAoDA;;GAEG;AACH,4CA6CC;AAxED,4BAA6C;AAC7C,8CAA+C;AAkFxC,iCAHI,MAAM,WACN,MAAM,iDAehB;AAqBM,6DAmBN;AAgLM,4EAwGN;AAEM,oFAwBN;AAUM;;;;;;;;EAwEN;AAsBM,2DA8KN;AAEM,2EAsFN;AAMM;;;;;;;;;;;;;GAqDN;AAEM;;;;;;;GAqGN;AAMM,8DAiIN;AAKM,4EAmGN;AAEM,+EAMN;AAEM,4EAyCN;AAEM,iFA0BN"}

package/types/index.d.ts

@@ -237,10 +237,10 @@ export function dedupeBom(options: any, components: any[], parentComponent: any,
 /**
  * Function to create bom string for all languages
  *
- * @param {string} pathList list of to the project
+ * @param {string[]} pathList list of to the project
  * @param {Object} options Parse options from the cli
  */
-export function createMultiXBom(pathList: string, options: any): Promise<any>;
+export function createMultiXBom(pathList: string[], options: any): Promise<any>;
 /**
  * Function to create bom string for various languages
  *

package/types/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"AAovBA;;;;;;;;GAQG;AACH,gFAFW,MAAM,SAchB;AAyUD;;;;;;;GAOG;AACH,mCALW,MAAM,qBAiEhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;EAKhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;EAkBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAs+BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BA2chB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BA4WhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAkUhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAqIhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAiDhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBA+KhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBAsHhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,qBAuBhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAqDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,8BA4ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,8BAwFhB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,qBAgUhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBAwJhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAmFhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAyWhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM;;;;;;;;;;;;;;;;;;;;GAoChB;AAED;;;;;;;;KA+DC;AAED;;;;;;GAMG;AACH,yDA2CC;AAED;;;;;;;;;GASG;AACH,2GA6BC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,8BAubhB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,8BAkUhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,qBAkOhB;AAED;;;;;;GAMG;AACH,wDAFY,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,GAAG,SAAS,CAAC,CA2FxE"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"AAovBA;;;;;;;;GAQG;AACH,gFAFW,MAAM,SAchB;AAyUD;;;;;;;GAOG;AACH,mCALW,MAAM,qBAiEhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;EAKhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;EAkBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BA0+BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BA2chB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAsXhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAkUhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAqIhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAiDhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBA+KhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBAsHhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,qBAuBhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAqDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,8BA4ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,8BAwFhB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,qBAiUhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBAwJhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAmFhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAyWhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM;;;;;;;;;;;;;;;;;;;;GAoChB;AAED;;;;;;;;KA+DC;AAED;;;;;;GAMG;AACH,yDA2CC;AAED;;;;;;;;;GASG;AACH,2GA6BC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,EAAE,8BAmclB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,8BAiUhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,qBAsOhB;AAED;;;;;;GAMG;AACH,wDAFY,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,GAAG,SAAS,CAAC,CA2FxE"}

package/types/utils.d.ts

@@ -989,9 +989,10 @@ export function getGradleCommand(srcPath: string, rootPath: string): string;
  * Method to split the output produced by Gradle using parallel processing by project
  *
  * @param {string} rawOutput Full output produced by Gradle using parallel processing
+ * @param {string[]} relevantTasks The list of gradle tasks whose output need to be considered.
  * @returns {map} Map with subProject names as keys and corresponding dependency task outputs as values.
  */
-export function splitOutputByGradleProjects(rawOutput: string): map;
+export function splitOutputByGradleProjects(rawOutput: string, relevantTasks: string[]): map;
 /**
  * Method to return the maven command to use.
  *
@@ -1020,9 +1021,11 @@ export function findAppModules(src: string, language: string, methodology?: stri
  * @param {string} basePath Base path
  * @param {string} reqOrSetupFile Requirements or setup.py file
  * @param {string} tempVenvDir Temp venv dir
+ * @param {Object} parentComponent Parent component
+ *
  * @returns List of packages from the virtual env
  */
-export function getPipFrozenTree(basePath: string, reqOrSetupFile: string, tempVenvDir: string): {
+export function getPipFrozenTree(basePath: string, reqOrSetupFile: string, tempVenvDir: string, parentComponent: any): {
     pkgList: {
         name: any;
         version: any;

package/types/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAsSA;;;;;;GAMG;AACH,mGAkDC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;GAQG;AACH,iEAoBC;AAED;;;;;GAKG;AACH,6CAmDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MAwDhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAqNhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CA2DlB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA0EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAiGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CAwB3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAoEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAED;;IAqCC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAED,8DAsCC;AAED,sDAqDC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAgDC;AAED;;;;;;;;GAQG;AACH,kGA0MC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAmThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;GAKG;AAEH,uDAJW,MAAM,GACJ,GAAG,CAiCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OAgDhB;AA0DD;;;;;;;GAOG;AACH,2CALW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAqUhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAgQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA+FC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAuBC;AAr1VD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAiBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,6CAE6D;AAG7D,oCAEoD;AAGpD,uCAEuD;AAYvD,4BAA6B;AAU7B,8BAAiC;AAMjC,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,kDAWE;AAGF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+DE;AAiEF,8BAQG;AAwwIH,8CAUE"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAsSA;;;;;;GAMG;AACH,mGAkDC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;GAQG;AACH,iEAoBC;AAED;;;;;GAKG;AACH,6CAmDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MAwDhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAqNhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CA2DlB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA0EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAiGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CAwB3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAoEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAED;;IAsCC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAED,8DAsCC;AAED,sDAqDC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAgDC;AAED;;;;;;;;GAQG;AACH,kGA0MC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAqThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;;GAMG;AAEH,uDALW,MAAM,iBACN,MAAM,EAAE,GACN,GAAG,CAuCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OAgDhB;AAkFD;;;;;;;;;GASG;AACH,2CAPW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiWhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAgQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA0GC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAuBC;AA95VD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAiBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,6CAE6D;AAG7D,oCAEoD;AAGpD,uCAEuD;AAYvD,4BAA6B;AAU7B,8BAAiC;AAMjC,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,kDAWE;AAGF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+DE;AAiEF,8BAQG;AAwwIH,8CAUE"}

package/utils.js

@@ -6001,8 +6001,7 @@ export function recurseImageNameLookup(keyValueObj, pkgList, imgList) {
 }
 
 export function parseContainerFile(fileContents) {
-  const imgList = [];
-
+  const imagesSet = new Set();
   const buildStageNames = [];
   for (let line of fileContents.split("\n")) {
     line = line.trim();
@@ -6012,11 +6011,14 @@ export function parseContainerFile(fileContents) {
     }
 
     if (line.startsWith("FROM")) {
-      const fromStatement = line.split("FROM")[1].split("AS");
+      // The alias could be called AS or as
+      const fromStatement = line.split("FROM ")[1].split(/\s(as|AS)\s/);
 
       const imageStatement = fromStatement[0].trim();
-      const buildStageName = fromStatement[1]?.trim();
-
+      const buildStageName =
+        fromStatement.length > 1
+          ? fromStatement[fromStatement.length - 1].trim()
+          : undefined;
       if (buildStageNames.includes(imageStatement)) {
         if (DEBUG_MODE) {
           console.log(
@@ -6025,10 +6027,7 @@ export function parseContainerFile(fileContents) {
         }
         continue;
       }
-
-      imgList.push({
-        image: imageStatement,
-      });
+      imagesSet.add(imageStatement);
 
       if (buildStageName) {
         buildStageNames.push(buildStageName);
@@ -6036,7 +6035,9 @@ export function parseContainerFile(fileContents) {
     }
   }
 
-  return imgList;
+  return Array.from(imagesSet).map((i) => {
+    return { image: i };
+  });
 }
 
 export function parseBitbucketPipelinesFile(fileContents) {
@@ -8953,7 +8954,9 @@ export async function extractJarArchive(jarFile, tempDir, jarNSMapping = {}) {
     } // for
   } // if
   if (jarFiles.length !== pkgList.length) {
-    console.log(`Obtained only ${pkgList.length} from ${jarFiles.length} jars`);
+    console.log(
+      `Obtained only ${pkgList.length} components from ${jarFiles.length} jars.`,
+    );
   }
   return pkgList;
 }
@@ -9199,20 +9202,28 @@ export function getGradleCommand(srcPath, rootPath) {
  * Method to split the output produced by Gradle using parallel processing by project
  *
  * @param {string} rawOutput Full output produced by Gradle using parallel processing
+ * @param {string[]} relevantTasks The list of gradle tasks whose output need to be considered.
  * @returns {map} Map with subProject names as keys and corresponding dependency task outputs as values.
  */
 
-export function splitOutputByGradleProjects(rawOutput) {
+export function splitOutputByGradleProjects(rawOutput, relevantTasks) {
   const outputSplitBySubprojects = new Map();
   let subProjectOut = "";
   const outSplitByLine = rawOutput.split("\n");
   let currentProjectName = "";
+  const regexPatternForRelevantTasks = `.*:(${relevantTasks.join("|")})(?=\s|\r|$)`;
+  const regexForRelevantTasks = new RegExp(regexPatternForRelevantTasks);
   for (const [i, line] of outSplitByLine.entries()) {
-    //filter out everything before first dependencies task output
+    //filter out everything before first task output
     if (!line.startsWith("> Task :") && subProjectOut === "") {
       continue;
     }
 
+    //ignore output of irrelevant tasks
+    if (line.startsWith("> Task :") && !regexForRelevantTasks.test(line)) {
+      continue;
+    }
+
     if (line.startsWith("Root project '") || line.startsWith("Project ':")) {
       currentProjectName = line.split("'")[1];
       currentProjectName = currentProjectName.replace(":", "");
@@ -9225,7 +9236,6 @@ export function splitOutputByGradleProjects(rawOutput) {
     }
     //if in subproject block, keep appending to string
     subProjectOut += `${line}\n`;
-
     //if end of last dependencies output block, push to array
     if (i === outSplitByLine.length - 1) {
       outputSplitBySubprojects.set(currentProjectName, subProjectOut);
@@ -9522,15 +9532,46 @@ function flattenDeps(dependenciesMap, pkgList, reqOrSetupFile, t) {
     .sort();
 }
 
+function get_python_command_from_env(env) {
+  // Virtual environments needs special treatment to use the correct python executable
+  // Without this step, the default python is always used resulting in false positives
+  const python_exe_name = isWin ? "python.exe" : "python";
+  const python3_exe_name = isWin ? "python3.exe" : "python3";
+  let python_cmd_to_use = PYTHON_CMD;
+  if (env.VIRTUAL_ENV) {
+    if (existsSync(join(env.VIRTUAL_ENV, "bin", python_exe_name))) {
+      python_cmd_to_use = join(env.VIRTUAL_ENV, "bin", python_exe_name);
+    } else if (existsSync(join(env.VIRTUAL_ENV, "bin", python3_exe_name))) {
+      python_cmd_to_use = join(env.VIRTUAL_ENV, "bin", python3_exe_name);
+    }
+  } else if (env.CONDA_PREFIX) {
+    if (existsSync(join(env.CONDA_PREFIX, "bin", python_exe_name))) {
+      python_cmd_to_use = join(env.CONDA_PREFIX, "bin", python_exe_name);
+    } else if (existsSync(join(env.CONDA_PREFIX, "bin", python3_exe_name))) {
+      python_cmd_to_use = join(env.CONDA_PREFIX, "bin", python3_exe_name);
+    }
+  } else if (env.CONDA_PYTHON_EXE) {
+    python_cmd_to_use = env.CONDA_PYTHON_EXE;
+  }
+  return python_cmd_to_use;
+}
+
 /**
  * Execute pip freeze by creating a virtual env in a temp directory and construct the dependency tree
  *
  * @param {string} basePath Base path
  * @param {string} reqOrSetupFile Requirements or setup.py file
  * @param {string} tempVenvDir Temp venv dir
+ * @param {Object} parentComponent Parent component
+ *
  * @returns List of packages from the virtual env
  */
-export function getPipFrozenTree(basePath, reqOrSetupFile, tempVenvDir) {
+export function getPipFrozenTree(
+  basePath,
+  reqOrSetupFile,
+  tempVenvDir,
+  parentComponent,
+) {
   const pkgList = [];
   const formulationList = [];
   const rootList = [];
@@ -9682,6 +9723,9 @@ export function getPipFrozenTree(basePath, reqOrSetupFile, tempVenvDir) {
         }
       }
     } else {
+      // We are about to do a pip install with the right python command from the virtual environment
+      // This step can fail if the correct OS packages and development libraries are not installed
+      const python_cmd_for_tree = get_python_command_from_env(env);
       let pipInstallArgs = [
         "-m",
         "pip",
@@ -9704,8 +9748,11 @@ export function getPipFrozenTree(basePath, reqOrSetupFile, tempVenvDir) {
         const addArgs = process.env.PIP_INSTALL_ARGS.split(" ");
         pipInstallArgs = pipInstallArgs.concat(addArgs);
       }
+      if (DEBUG_MODE) {
+        console.log("Executing", python_cmd_for_tree, pipInstallArgs.join(" "));
+      }
       // Attempt to perform pip install
-      result = spawnSync(PYTHON_CMD, pipInstallArgs, {
+      result = spawnSync(python_cmd_for_tree, pipInstallArgs, {
         cwd: basePath,
         encoding: "utf-8",
         timeout: TIMEOUT_MS,
@@ -9774,8 +9821,12 @@ export function getPipFrozenTree(basePath, reqOrSetupFile, tempVenvDir) {
         `About to construct the pip dependency tree based on ${reqOrSetupFile}. Please wait ...`,
       );
     }
+    const python_cmd_for_tree = get_python_command_from_env(env);
+    if (DEBUG_MODE) {
+      console.log(`Using the python executable ${python_cmd_for_tree}`);
+    }
     // This is a slow step that ideally needs to be invoked only once per venv
-    const tree = getTreeWithPlugin(env, PYTHON_CMD, basePath);
+    const tree = getTreeWithPlugin(env, python_cmd_for_tree, basePath);
     if (DEBUG_MODE && !tree.length) {
       console.log(
         "Dependency tree generation has failed. Please check for any errors or version incompatibilities reported in the logs.",
@@ -9784,6 +9835,17 @@ export function getPipFrozenTree(basePath, reqOrSetupFile, tempVenvDir) {
     const dependenciesMap = {};
     for (const t of tree) {
       const name = t.name.replace(/_/g, "-").toLowerCase();
+      // Bug #1232 - the root package might lack a version resulting in duplicate tree
+      // So we make use of the existing parent component to try and patch the version
+      if (
+        parentComponent &&
+        parentComponent.name === t.name &&
+        parentComponent.version &&
+        parentComponent?.version !== "latest" &&
+        t.version === "latest"
+      ) {
+        t.version = parentComponent.version;
+      }
       const version = t.version;
       const scope = PYTHON_EXCLUDED_COMPONENTS.includes(name)
         ? "excluded"
@@ -11053,6 +11115,17 @@ export function addEvidenceForDotnet(pkgList, slicesFile) {
         }
       }
     }
+    if (slicesData.AssemblyInformation) {
+      for (const apkg of pkgList) {
+        if (!apkg.version) {
+          for (const assemblyInfo of slicesData.AssemblyInformation) {
+            if (apkg.name === assemblyInfo.Name) {
+              apkg.version = assemblyInfo.Version;
+            }
+          }
+        }
+      }
+    }
   }
   if (Object.keys(purlLocationMap).length) {
     for (const apkg of pkgList) {

package/utils.test.js

@@ -165,8 +165,10 @@ test("splits parallel gradle properties output correctly", () => {
     "./test/gradle-prop-parallel.out",
     { encoding: "utf-8" },
   );
+  const relevantTasks = ["properties"];
   const propOutputSplitBySubProject = splitOutputByGradleProjects(
     parallelGradlePropertiesOutput,
+    relevantTasks,
   );
 
   expect(propOutputSplitBySubProject.size).toEqual(4);
@@ -195,8 +197,10 @@ test("splits parallel gradle dependencies output correctly", () => {
     "./test/gradle-dep-parallel.out",
     { encoding: "utf-8" },
   );
+  const relevantTasks = ["dependencies"];
   const depOutputSplitBySubProject = splitOutputByGradleProjects(
     parallelGradleDepOutput,
+    relevantTasks,
   );
 
   expect(depOutputSplitBySubProject.size).toEqual(4);
@@ -218,6 +222,41 @@ test("splits parallel gradle dependencies output correctly", () => {
   expect(retMap.dependenciesList.length).toEqual(13);
 });
 
+test("splits parallel custom gradle task outputs correctly", () => {
+  const parallelGradleOutputWithOverridenTask = readFileSync(
+    "./test/gradle-build-env-dep.out",
+    { encoding: "utf-8" },
+  );
+  const overridenTasks = ["buildEnvironment"];
+  const customDepTaskOuputSplitByProject = splitOutputByGradleProjects(
+    parallelGradleOutputWithOverridenTask,
+    overridenTasks,
+  );
+  expect(customDepTaskOuputSplitByProject.size).toEqual(4);
+  expect(customDepTaskOuputSplitByProject.has("dependency-diff-check")).toBe(
+    true,
+  );
+  expect(
+    customDepTaskOuputSplitByProject.has("dependency-diff-check-service"),
+  ).toBe(true);
+  expect(
+    customDepTaskOuputSplitByProject.has("dependency-diff-check-common-core"),
+  ).toBe(true);
+  expect(
+    customDepTaskOuputSplitByProject.has(
+      "dependency-diff-check-client-starter",
+    ),
+  ).toBe(true);
+
+  const retMap = parseGradleDep(
+    customDepTaskOuputSplitByProject.get(
+      "dependency-diff-check-client-starter",
+    ),
+  );
+  expect(retMap.pkgList.length).toEqual(22);
+  expect(retMap.dependenciesList.length).toEqual(23);
+});
+
 test("parse gradle dependencies", () => {
   expect(parseGradleDep(null)).toEqual({});
   let parsedList = parseGradleDep(
@@ -3764,23 +3803,17 @@ test("parse containerfiles / dockerfiles", () => {
   const dep_list = parseContainerFile(
     readFileSync("./test/data/Dockerfile", { encoding: "utf-8" }),
   );
-  expect(dep_list.length).toEqual(5);
-  expect(dep_list[0]).toEqual({
-    image: "hello-world",
-  });
+  expect(dep_list.length).toEqual(4);
   expect(dep_list[0]).toEqual({
     image: "hello-world",
   });
   expect(dep_list[1]).toEqual({
-    image: "hello-world",
-  });
-  expect(dep_list[2]).toEqual({
     image: "hello-world:latest",
   });
-  expect(dep_list[3]).toEqual({
+  expect(dep_list[2]).toEqual({
     image: "hello-world@sha256:1234567890abcdef",
   });
-  expect(dep_list[4]).toEqual({
+  expect(dep_list[3]).toEqual({
     image: "hello-world:latest@sha256:1234567890abcdef",
   });
 });