@cyclonedx/cdxgen 10.8.4 → 10.8.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/cdxgen.js +6 -8
- package/index.js +4 -6
- package/package.json +1 -1
- package/server.js +1 -1
- package/types/index.d.ts.map +1 -1
- package/types/utils.d.ts.map +1 -1
- package/utils.js +16 -6
package/bin/cdxgen.js
CHANGED
|
@@ -246,9 +246,9 @@ const args = yargs(hideBin(process.argv))
|
|
|
246
246
|
})
|
|
247
247
|
.option("include-formulation", {
|
|
248
248
|
type: "boolean",
|
|
249
|
-
default:
|
|
249
|
+
default: false,
|
|
250
250
|
description:
|
|
251
|
-
"Generate formulation section with git metadata and build tools. Defaults to
|
|
251
|
+
"Generate formulation section with git metadata and build tools. Defaults to false.",
|
|
252
252
|
})
|
|
253
253
|
.option("include-crypto", {
|
|
254
254
|
type: "boolean",
|
|
@@ -352,17 +352,17 @@ const options = Object.assign({}, args, {
|
|
|
352
352
|
|
|
353
353
|
if (process.argv[1].includes("cbom")) {
|
|
354
354
|
options.includeCrypto = true;
|
|
355
|
-
options.includeFormulation = true;
|
|
356
355
|
options.evidence = true;
|
|
357
356
|
options.specVersion = 1.6;
|
|
358
357
|
options.deep = true;
|
|
359
358
|
}
|
|
360
359
|
if (options.standard) {
|
|
361
360
|
options.specVersion = 1.6;
|
|
362
|
-
options.includeFormulation = true;
|
|
363
361
|
}
|
|
364
|
-
if (options.
|
|
365
|
-
|
|
362
|
+
if (options.includeFormulation) {
|
|
363
|
+
console.log(
|
|
364
|
+
"NOTE: Formulation section could include sensitive data such as emails and secrets.\nPlease review the generated SBOM before distribution.\n",
|
|
365
|
+
);
|
|
366
366
|
}
|
|
367
367
|
/**
|
|
368
368
|
* Method to apply advanced options such as profile and lifecycles
|
|
@@ -373,12 +373,10 @@ const applyAdvancedOptions = (options) => {
|
|
|
373
373
|
switch (options.profile) {
|
|
374
374
|
case "appsec":
|
|
375
375
|
options.deep = true;
|
|
376
|
-
options.includeFormulation = true;
|
|
377
376
|
break;
|
|
378
377
|
case "research":
|
|
379
378
|
options.deep = true;
|
|
380
379
|
options.evidence = true;
|
|
381
|
-
options.includeFormulation = true;
|
|
382
380
|
options.includeCrypto = true;
|
|
383
381
|
process.env.CDX_MAVEN_INCLUDE_TEST_SCOPE = "true";
|
|
384
382
|
process.env.ASTGEN_IGNORE_DIRS = "";
|
package/index.js
CHANGED
|
@@ -431,7 +431,7 @@ const addFormulationSection = (options, context) => {
|
|
|
431
431
|
});
|
|
432
432
|
}
|
|
433
433
|
// Collect git related components
|
|
434
|
-
if (gitBranch &&
|
|
434
|
+
if (gitBranch && gitFiles) {
|
|
435
435
|
const gitFileComponents = gitFiles.map((f) =>
|
|
436
436
|
options.specVersion >= 1.6
|
|
437
437
|
? {
|
|
@@ -469,14 +469,13 @@ const addFormulationSection = (options, context) => {
|
|
|
469
469
|
}
|
|
470
470
|
}
|
|
471
471
|
aformulation["bom-ref"] = uuidv4();
|
|
472
|
-
aformulation.components = components;
|
|
472
|
+
aformulation.components = trimComponents(components);
|
|
473
473
|
let environmentVars = gitBranch?.length
|
|
474
474
|
? [{ name: "GIT_BRANCH", value: gitBranch }]
|
|
475
475
|
: [];
|
|
476
476
|
for (const aevar of Object.keys(process.env)) {
|
|
477
477
|
if (
|
|
478
478
|
(aevar.startsWith("GIT") ||
|
|
479
|
-
aevar.startsWith("CI_") ||
|
|
480
479
|
aevar.startsWith("ANDROID") ||
|
|
481
480
|
aevar.startsWith("DENO") ||
|
|
482
481
|
aevar.startsWith("DOTNET") ||
|
|
@@ -489,6 +488,8 @@ const addFormulationSection = (options, context) => {
|
|
|
489
488
|
!aevar.toLowerCase().includes("token") &&
|
|
490
489
|
!aevar.toLowerCase().includes("pass") &&
|
|
491
490
|
!aevar.toLowerCase().includes("secret") &&
|
|
491
|
+
!aevar.toLowerCase().includes("user") &&
|
|
492
|
+
!aevar.toLowerCase().includes("email") &&
|
|
492
493
|
process.env[aevar] &&
|
|
493
494
|
process.env[aevar].length
|
|
494
495
|
) {
|
|
@@ -504,9 +505,6 @@ const addFormulationSection = (options, context) => {
|
|
|
504
505
|
let sourceInput = undefined;
|
|
505
506
|
if (environmentVars) {
|
|
506
507
|
sourceInput = { environmentVars };
|
|
507
|
-
if (originUrl) {
|
|
508
|
-
sourceInput.source = { ref: originUrl };
|
|
509
|
-
}
|
|
510
508
|
}
|
|
511
509
|
const sourceWorkflow = {
|
|
512
510
|
"bom-ref": uuidv4(),
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "10.8.
|
|
3
|
+
"version": "10.8.6",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
|
|
5
5
|
"homepage": "http://github.com/cyclonedx/cdxgen",
|
|
6
6
|
"author": "Prabhu Subramanian <prabhu@appthreat.com>",
|
package/server.js
CHANGED
package/types/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"AAsvBA;;;;;;;;GAQG;AACH,gFAFW,MAAM,SAchB;AAyUD;;;;;;;GAOG;AACH,mCALW,MAAM,qBAiEhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;EAKhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;EAkBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BA0+BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BA2chB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAsXhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAkUhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAqIhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAiDhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBA+KhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBAsHhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,qBAuBhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAqDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,8BA4ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,8BAwFhB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,qBAiUhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBAwJhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAmFhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAyWhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM;;;;;;;;;;;;;;;;;;;;GAoChB;AAED;;;;;;;;KA+DC;AAED;;;;;;GAMG;AACH,yDA2CC;AAED;;;;;;;;;GASG;AACH,2GA6BC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,EAAE,8BAmclB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,8BAiUhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,qBAsOhB;AAED;;;;;;GAMG;AACH,wDAFY,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,GAAG,SAAS,CAAC,CA2FxE"}
|
package/types/utils.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAsSA;;;;;;GAMG;AACH,mGAkDC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;GAQG;AACH,iEAoBC;AAED;;;;;GAKG;AACH,6CAmDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MAwDhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAqNhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CA2DlB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA0EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAiGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CAwB3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAsSA;;;;;;GAMG;AACH,mGAkDC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;GAQG;AACH,iEAoBC;AAED;;;;;GAKG;AACH,6CAmDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MAwDhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAqNhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CA2DlB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA0EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAiGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CAwB3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAqEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAED;;IAsCC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAED,8DAsCC;AAED,sDAqDC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAgDC;AAED;;;;;;;;GAQG;AACH,kGA0MC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAqThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;;GAMG;AAEH,uDALW,MAAM,iBACN,MAAM,EAAE,GACN,GAAG,CAuCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OA6ChB;AAkFD;;;;;;;;;GASG;AACH,2CAPW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiWhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAgQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA0GC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAuBC;AA55VD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAiBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,6CAE6D;AAG7D,oCAEoD;AAGpD,uCAEuD;AAYvD,4BAA6B;AAU7B,8BAAiC;AAMjC,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,kDAWE;AAGF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+DE;AAiEF,8BAQG;AAwwIH,8CAUE"}
|
package/utils.js
CHANGED
|
@@ -464,7 +464,8 @@ export function isSpdxLicenseExpression(license) {
|
|
|
464
464
|
* Convert the array of licenses to a CycloneDX 1.5 compliant license array.
|
|
465
465
|
* This should return an array containing:
|
|
466
466
|
* - one or more SPDX license if no expression is present
|
|
467
|
-
* - the
|
|
467
|
+
* - the license of the expression if one expression is present
|
|
468
|
+
* - a unified conditional 'OR' license expression if more then one expression is present
|
|
468
469
|
*
|
|
469
470
|
* @param {Array} licenses Array of licenses
|
|
470
471
|
* @returns {Array} CycloneDX 1.5 compliant license array
|
|
@@ -479,7 +480,14 @@ export function adjustLicenseInformation(licenses) {
|
|
|
479
480
|
});
|
|
480
481
|
if (expressions.length >= 1) {
|
|
481
482
|
if (expressions.length > 1) {
|
|
482
|
-
|
|
483
|
+
return [
|
|
484
|
+
{
|
|
485
|
+
expression: expressions
|
|
486
|
+
.map((e) => e.expression || "")
|
|
487
|
+
.filter(Boolean)
|
|
488
|
+
.join(" OR "),
|
|
489
|
+
},
|
|
490
|
+
];
|
|
483
491
|
}
|
|
484
492
|
return [{ expression: expressions[0].expression }];
|
|
485
493
|
}
|
|
@@ -710,7 +718,7 @@ export async function getSwiftPackageMetadata(pkgList) {
|
|
|
710
718
|
* @param {Array} pkgList Package list
|
|
711
719
|
*/
|
|
712
720
|
export async function getNpmMetadata(pkgList) {
|
|
713
|
-
const NPM_URL = "https://registry.npmjs.org/";
|
|
721
|
+
const NPM_URL = process.env.NPM_URL || "https://registry.npmjs.org/";
|
|
714
722
|
const cdepList = [];
|
|
715
723
|
for (const p of pkgList) {
|
|
716
724
|
try {
|
|
@@ -2861,6 +2869,7 @@ export function executeGradleProperties(dir, rootPath, subProject) {
|
|
|
2861
2869
|
cwd: dir,
|
|
2862
2870
|
encoding: "utf-8",
|
|
2863
2871
|
shell: isWin,
|
|
2872
|
+
maxBuffer: 10 * 1024 * 1024,
|
|
2864
2873
|
});
|
|
2865
2874
|
if (result.status !== 0 || result.error) {
|
|
2866
2875
|
if (result.stderr) {
|
|
@@ -4246,7 +4255,7 @@ export async function getRepoLicense(repoUrl, repoMetadata) {
|
|
|
4246
4255
|
export async function getGoPkgLicense(repoMetadata) {
|
|
4247
4256
|
const group = repoMetadata.group;
|
|
4248
4257
|
const name = repoMetadata.name;
|
|
4249
|
-
let pkgUrlPrefix = "https://pkg.go.dev/";
|
|
4258
|
+
let pkgUrlPrefix = process.env.GO_PKG_URL || "https://pkg.go.dev/";
|
|
4250
4259
|
if (group && group !== "." && group !== name) {
|
|
4251
4260
|
pkgUrlPrefix = `${pkgUrlPrefix + group}/`;
|
|
4252
4261
|
}
|
|
@@ -5152,7 +5161,8 @@ export async function parseGemfileLockData(gemLockData, lockFile) {
|
|
|
5152
5161
|
* @param {Array} pkgList Package list
|
|
5153
5162
|
*/
|
|
5154
5163
|
export async function getCratesMetadata(pkgList) {
|
|
5155
|
-
const CRATES_URL =
|
|
5164
|
+
const CRATES_URL =
|
|
5165
|
+
process.env.RUST_CRATES_URL || "https://crates.io/api/v1/crates/";
|
|
5156
5166
|
const cdepList = [];
|
|
5157
5167
|
for (const p of pkgList) {
|
|
5158
5168
|
try {
|
|
@@ -10933,7 +10943,7 @@ async function queryNuget(p, NUGET_URL) {
|
|
|
10933
10943
|
* @param {Array} pkgList Package list
|
|
10934
10944
|
*/
|
|
10935
10945
|
export async function getNugetMetadata(pkgList, dependencies = undefined) {
|
|
10936
|
-
const NUGET_URL = await getNugetUrl();
|
|
10946
|
+
const NUGET_URL = process.env.NUGET_URL || (await getNugetUrl());
|
|
10937
10947
|
const cdepList = [];
|
|
10938
10948
|
const depRepList = {};
|
|
10939
10949
|
for (const p of pkgList) {
|