@cyclonedx/cdxgen 10.8.7 → 10.8.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -1
- package/bin/cdxgen.js +1 -1
- package/index.js +8 -1
- package/package.json +2 -2
- package/server.js +37 -6
- package/types/index.d.ts.map +1 -1
- package/types/server.d.ts.map +1 -1
- package/types/utils.d.ts.map +1 -1
- package/utils.js +23 -17
- package/utils.test.js +2 -0
package/README.md
CHANGED
|
@@ -151,7 +151,7 @@ Options:
|
|
|
151
151
|
--exclude Additional glob pattern(s) to ignore [array]
|
|
152
152
|
--include-formulation Generate formulation section with git metadata and build tools. Defaults to true. Invoke
|
|
153
153
|
with --no-include-formulation to disable. [boolean] [default: true]
|
|
154
|
-
--include-crypto Include crypto libraries
|
|
154
|
+
--include-crypto Include crypto libraries as components. [boolean] [default: false]
|
|
155
155
|
--standard The list of standards which may consist of regulations, industry or organizational-specif
|
|
156
156
|
ic standards, maturity models, best practices, or any other requirements which can be eva
|
|
157
157
|
luated against or attested to.
|
|
@@ -463,6 +463,7 @@ Use the [CycloneDX CLI][cyclonedx-cli-github] tool for advanced use cases such a
|
|
|
463
463
|
## Including .NET Global Assembly Cache dependencies in the results
|
|
464
464
|
|
|
465
465
|
Global Assembly Cache (GAC) dependencies must be made available in the build output of the project for cdxgen in order for it to inspect and include in the results. A cdxgen scan with the `--deep` flag will look for additional dependencies in the form of dll files. A simple way to have the dotnet build copy the GAC dependencies into the build directory is to place the file `Directory.Build.props` into the root of the project and ensure the contents include the following:
|
|
466
|
+
|
|
466
467
|
```
|
|
467
468
|
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
|
468
469
|
<ItemDefinitionGroup>
|
package/bin/cdxgen.js
CHANGED
|
@@ -253,7 +253,7 @@ const args = yargs(hideBin(process.argv))
|
|
|
253
253
|
.option("include-crypto", {
|
|
254
254
|
type: "boolean",
|
|
255
255
|
default: false,
|
|
256
|
-
description: "Include crypto libraries
|
|
256
|
+
description: "Include crypto libraries as components.",
|
|
257
257
|
})
|
|
258
258
|
.option("standard", {
|
|
259
259
|
description:
|
package/index.js
CHANGED
|
@@ -1264,6 +1264,7 @@ export async function createJavaBom(path, options) {
|
|
|
1264
1264
|
let bomJsonFiles = [];
|
|
1265
1265
|
if (
|
|
1266
1266
|
pomFiles?.length &&
|
|
1267
|
+
!options.projectType?.includes("bazel") &&
|
|
1267
1268
|
!options.projectType?.includes("scala") &&
|
|
1268
1269
|
!options.projectType?.includes("sbt") &&
|
|
1269
1270
|
!options.projectType?.includes("gradle")
|
|
@@ -1612,6 +1613,8 @@ export async function createJavaBom(path, options) {
|
|
|
1612
1613
|
// Execute gradle properties
|
|
1613
1614
|
if (
|
|
1614
1615
|
gradleFiles?.length &&
|
|
1616
|
+
!options.projectType?.includes("maven") &&
|
|
1617
|
+
!options.projectType?.includes("bazel") &&
|
|
1615
1618
|
!options.projectType?.includes("scala") &&
|
|
1616
1619
|
!options.projectType?.includes("sbt")
|
|
1617
1620
|
) {
|
|
@@ -1744,6 +1747,8 @@ export async function createJavaBom(path, options) {
|
|
|
1744
1747
|
if (
|
|
1745
1748
|
gradleFiles?.length &&
|
|
1746
1749
|
options.installDeps &&
|
|
1750
|
+
!options.projectType?.includes("maven") &&
|
|
1751
|
+
!options.projectType?.includes("bazel") &&
|
|
1747
1752
|
!options.projectType?.includes("scala") &&
|
|
1748
1753
|
!options.projectType?.includes("sbt")
|
|
1749
1754
|
) {
|
|
@@ -1939,6 +1944,8 @@ export async function createJavaBom(path, options) {
|
|
|
1939
1944
|
const bazelFiles = getAllFiles(path, "BUILD", options);
|
|
1940
1945
|
if (
|
|
1941
1946
|
bazelFiles?.length &&
|
|
1947
|
+
!options.projectType?.includes("maven") &&
|
|
1948
|
+
!options.projectType?.includes("gradle") &&
|
|
1942
1949
|
!options.projectType?.includes("scala") &&
|
|
1943
1950
|
!options.projectType?.includes("sbt")
|
|
1944
1951
|
) {
|
|
@@ -2090,7 +2097,7 @@ export async function createJavaBom(path, options) {
|
|
|
2090
2097
|
sbtVersion != null &&
|
|
2091
2098
|
gte(sbtVersion, "1.3.4") &&
|
|
2092
2099
|
lte(sbtVersion, "1.4.0");
|
|
2093
|
-
const useSlashSyntax = gte(sbtVersion, "1.5.0");
|
|
2100
|
+
const useSlashSyntax = !sbtVersion || gte(sbtVersion, "1.5.0");
|
|
2094
2101
|
const isDependencyTreeBuiltIn =
|
|
2095
2102
|
sbtVersion != null && gte(sbtVersion, "1.4.0");
|
|
2096
2103
|
const tempDir = mkdtempSync(join(tmpdir(), "cdxsbt-"));
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "10.8.
|
|
3
|
+
"version": "10.8.9",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
|
|
5
5
|
"homepage": "http://github.com/cyclonedx/cdxgen",
|
|
6
6
|
"author": "Prabhu Subramanian <prabhu@appthreat.com>",
|
|
@@ -76,7 +76,7 @@
|
|
|
76
76
|
"packageurl-js": "1.0.2",
|
|
77
77
|
"prettify-xml": "^1.2.0",
|
|
78
78
|
"properties-reader": "^2.3.0",
|
|
79
|
-
"semver": "^7.6.
|
|
79
|
+
"semver": "^7.6.3",
|
|
80
80
|
"ssri": "^10.0.6",
|
|
81
81
|
"table": "^6.8.2",
|
|
82
82
|
"tar": "^6.2.1",
|
package/server.js
CHANGED
|
@@ -85,21 +85,54 @@ const parseQueryString = (q, body, options = {}) => {
|
|
|
85
85
|
"only",
|
|
86
86
|
"autoCompositions",
|
|
87
87
|
"gitBranch",
|
|
88
|
-
"
|
|
88
|
+
"lifecycle",
|
|
89
|
+
"deep",
|
|
90
|
+
"profile",
|
|
91
|
+
"exclude",
|
|
92
|
+
"includeFormulation",
|
|
93
|
+
"includeCrypto",
|
|
94
|
+
"standard",
|
|
89
95
|
];
|
|
90
96
|
|
|
91
97
|
for (const param of queryParams) {
|
|
92
98
|
if (q[param]) {
|
|
93
|
-
|
|
99
|
+
let value = q[param];
|
|
100
|
+
// Convert string to boolean
|
|
101
|
+
if (value === "true") {
|
|
102
|
+
value = true;
|
|
103
|
+
} else if (value === "false") {
|
|
104
|
+
value = false;
|
|
105
|
+
}
|
|
106
|
+
options[param] = value;
|
|
94
107
|
}
|
|
95
108
|
}
|
|
96
109
|
|
|
97
110
|
options.projectType = options.type?.split(",");
|
|
98
111
|
delete options.type;
|
|
99
|
-
|
|
112
|
+
if (options.lifecycle === "pre-build") {
|
|
113
|
+
options.installDeps = false;
|
|
114
|
+
}
|
|
115
|
+
if (options.profile) {
|
|
116
|
+
applyProfileOptions(options);
|
|
117
|
+
}
|
|
100
118
|
return options;
|
|
101
119
|
};
|
|
102
120
|
|
|
121
|
+
const applyProfileOptions = (options) => {
|
|
122
|
+
switch (options.profile) {
|
|
123
|
+
case "appsec":
|
|
124
|
+
options.deep = true;
|
|
125
|
+
break;
|
|
126
|
+
case "research":
|
|
127
|
+
options.deep = true;
|
|
128
|
+
options.evidence = true;
|
|
129
|
+
options.includeCrypto = true;
|
|
130
|
+
break;
|
|
131
|
+
default:
|
|
132
|
+
break;
|
|
133
|
+
}
|
|
134
|
+
};
|
|
135
|
+
|
|
103
136
|
const configureServer = (cdxgenServer) => {
|
|
104
137
|
cdxgenServer.headersTimeout = TIMEOUT_MS;
|
|
105
138
|
cdxgenServer.requestTimeout = TIMEOUT_MS;
|
|
@@ -143,9 +176,7 @@ const start = (options) => {
|
|
|
143
176
|
}
|
|
144
177
|
console.log("Generating SBOM for", srcDir);
|
|
145
178
|
let bomNSData = (await createBom(srcDir, reqOptions)) || {};
|
|
146
|
-
|
|
147
|
-
bomNSData = postProcess(bomNSData, reqOptions);
|
|
148
|
-
}
|
|
179
|
+
bomNSData = postProcess(bomNSData, reqOptions);
|
|
149
180
|
if (reqOptions.serverUrl && reqOptions.apiKey) {
|
|
150
181
|
console.log("Publishing SBOM to Dependency Track");
|
|
151
182
|
const response = await submitBom(reqOptions, bomNSData.bomJson);
|
package/types/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"AAsvBA;;;;;;;;GAQG;AACH,gFAFW,MAAM,SAchB;AAyUD;;;;;;;GAOG;AACH,mCALW,MAAM,qBAiEhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;EAKhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;EAkBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"AAsvBA;;;;;;;;GAQG;AACH,gFAFW,MAAM,SAchB;AAyUD;;;;;;;GAOG;AACH,mCALW,MAAM,qBAiEhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;EAKhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;EAkBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAi/BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BA2chB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAsXhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAkUhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAqIhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAiDhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBA+KhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBAsHhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,qBAuBhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAqDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,8BA4ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,8BAwFhB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,qBAiUhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBAwJhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAmFhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAyWhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM;;;;;;;;;;;;;;;;;;;;GAoChB;AAED;;;;;;;;KA+DC;AAED;;;;;;GAMG;AACH,yDA2CC;AAED;;;;;;;;;GASG;AACH,2GA6BC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,EAAE,8BAmclB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,8BAiUhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,qBAsOhB;AAED;;;;;;GAMG;AACH,wDAFY,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,GAAG,SAAS,CAAC,CA2FxE"}
|
package/types/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../server.js"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../server.js"],"names":[],"mappings":"AAuIA,yDAKC;AAED,0CAoEC"}
|
package/types/utils.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAsSA;;;;;;GAMG;AACH,mGAkDC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;;GASG;AACH,iEA2BC;AAED;;;;;GAKG;AACH,6CAqDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MAwDhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAqNhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CA2DlB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA2EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAsSA;;;;;;GAMG;AACH,mGAkDC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;;GASG;AACH,iEA2BC;AAED;;;;;GAKG;AACH,6CAqDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MAwDhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAqNhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CA2DlB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA2EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAmGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CA8B3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAqEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAED;;IAsCC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAED,8DAsCC;AAED,sDAqDC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAgDC;AAED;;;;;;;;GAQG;AACH,kGA0MC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAqThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;;GAMG;AAEH,uDALW,MAAM,iBACN,MAAM,EAAE,GACN,GAAG,CAuCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OA6ChB;AAkFD;;;;;;;;;GASG;AACH,2CAPW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiWhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAgQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA0GC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAqBC;AA76VD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAiBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,6CAE6D;AAG7D,oCAEoD;AAGpD,uCAEuD;AAYvD,4BAA6B;AAU7B,8BAAiC;AAMjC,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,kDAWE;AAGF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+DE;AAiEF,8BAQG;AA2xIH,8CAUE"}
|
package/utils.js
CHANGED
|
@@ -3182,23 +3182,25 @@ export async function getMvnMetadata(pkgList, jarNSMapping = {}) {
|
|
|
3182
3182
|
try {
|
|
3183
3183
|
if (DEBUG_MODE) {
|
|
3184
3184
|
console.log(
|
|
3185
|
-
`Querying ${pomMetadata.urlPrefix}
|
|
3185
|
+
`Querying ${pomMetadata.urlPrefix} for '${group}/${p.name}@${p.version}' ${composePomXmlUrl(
|
|
3186
3186
|
pomMetadata,
|
|
3187
3187
|
)}`,
|
|
3188
3188
|
);
|
|
3189
3189
|
}
|
|
3190
3190
|
const bodyJson = await fetchPomXmlAsJson(pomMetadata);
|
|
3191
|
-
|
|
3192
|
-
|
|
3193
|
-
|
|
3194
|
-
|
|
3195
|
-
|
|
3196
|
-
|
|
3191
|
+
if (bodyJson) {
|
|
3192
|
+
p.publisher = bodyJson?.organization?.name
|
|
3193
|
+
? bodyJson?.organization.name._
|
|
3194
|
+
: "";
|
|
3195
|
+
p.description = bodyJson?.description ? bodyJson.description._ : "";
|
|
3196
|
+
if (bodyJson?.scm?.url) {
|
|
3197
|
+
p.repository = { url: bodyJson.scm.url._ };
|
|
3198
|
+
}
|
|
3199
|
+
p.license =
|
|
3200
|
+
parseLicenseEntryOrArrayFromPomXml(bodyJson?.licenses?.license) ||
|
|
3201
|
+
(await extractLicenseCommentFromPomXml(pomMetadata)) ||
|
|
3202
|
+
(await getRepoLicense(p.repository?.url, undefined));
|
|
3197
3203
|
}
|
|
3198
|
-
p.license =
|
|
3199
|
-
parseLicenseEntryOrArrayFromPomXml(bodyJson?.licenses?.license) ||
|
|
3200
|
-
(await extractLicenseCommentFromPomXml(pomMetadata)) ||
|
|
3201
|
-
(await getRepoLicense(p.repository?.url, undefined));
|
|
3202
3204
|
} catch (err) {
|
|
3203
3205
|
if (DEBUG_MODE) {
|
|
3204
3206
|
console.log(
|
|
@@ -3243,6 +3245,9 @@ export function composePomXmlUrl({ urlPrefix, group, name, version }) {
|
|
|
3243
3245
|
*/
|
|
3244
3246
|
export async function fetchPomXmlAsJson({ urlPrefix, group, name, version }) {
|
|
3245
3247
|
const pomXml = await fetchPomXml({ urlPrefix, group, name, version });
|
|
3248
|
+
if (!pomXml) {
|
|
3249
|
+
return undefined;
|
|
3250
|
+
}
|
|
3246
3251
|
const options = {
|
|
3247
3252
|
compact: true,
|
|
3248
3253
|
spaces: 4,
|
|
@@ -3258,6 +3263,9 @@ export async function fetchPomXmlAsJson({ urlPrefix, group, name, version }) {
|
|
|
3258
3263
|
name: pomJson.parent.artifactId?._,
|
|
3259
3264
|
version: pomJson.parent.version?._,
|
|
3260
3265
|
});
|
|
3266
|
+
if (!parentXml) {
|
|
3267
|
+
return undefined;
|
|
3268
|
+
}
|
|
3261
3269
|
const parentJson = xml2js(parentXml, options).project;
|
|
3262
3270
|
const result = { ...parentJson, ...pomJson };
|
|
3263
3271
|
return result;
|
|
@@ -11208,6 +11216,10 @@ export function parseMakeDFile(dfile) {
|
|
|
11208
11216
|
*/
|
|
11209
11217
|
export function isValidIriReference(iri) {
|
|
11210
11218
|
let iriIsValid = true;
|
|
11219
|
+
// See issue #1264
|
|
11220
|
+
if (iri && /[${}]/.test(iri)) {
|
|
11221
|
+
return false;
|
|
11222
|
+
}
|
|
11211
11223
|
const validateIriResult = validateIri(iri, IriValidationStrategy.Strict);
|
|
11212
11224
|
|
|
11213
11225
|
if (validateIriResult instanceof Error) {
|
|
@@ -11219,14 +11231,8 @@ export function isValidIriReference(iri) {
|
|
|
11219
11231
|
iriIsValid = false;
|
|
11220
11232
|
}
|
|
11221
11233
|
}
|
|
11222
|
-
|
|
11223
11234
|
if (iriIsValid) {
|
|
11224
11235
|
return true;
|
|
11225
11236
|
}
|
|
11226
|
-
|
|
11227
|
-
if (DEBUG_MODE) {
|
|
11228
|
-
console.log(`IRI failed validation ${iri}`);
|
|
11229
|
-
}
|
|
11230
|
-
|
|
11231
11237
|
return false;
|
|
11232
11238
|
}
|
package/utils.test.js
CHANGED
|
@@ -4306,6 +4306,8 @@ test.each([
|
|
|
4306
4306
|
["https://", false],
|
|
4307
4307
|
["http://www", true],
|
|
4308
4308
|
["http://www.", true],
|
|
4309
|
+
["https://github.com/apache/maven-resolver/tree/${project.scm.tag}", false],
|
|
4310
|
+
["git@github.com:prometheus/client_java.git", false],
|
|
4309
4311
|
])("isValidIriReference tests: %s", (url, isValid) => {
|
|
4310
4312
|
expect(isValidIriReference(url)).toBe(isValid);
|
|
4311
4313
|
});
|