@cyclonedx/cdxgen 10.8.9 → 10.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/cdxgen.js +6 -1
- package/binary.js +1 -1
- package/index.js +115 -25
- package/package.json +3 -3
- package/server.js +5 -2
- package/types/evinser.d.ts +3 -3
- package/types/index.d.ts.map +1 -1
- package/types/server.d.ts.map +1 -1
- package/types/utils.d.ts +48 -0
- package/types/utils.d.ts.map +1 -1
- package/types/validator.d.ts.map +1 -1
- package/utils.js +512 -68
- package/utils.test.js +241 -11
- package/validator.js +4 -1
package/bin/cdxgen.js
CHANGED
|
@@ -275,6 +275,11 @@ const args = yargs(hideBin(process.argv))
|
|
|
275
275
|
description:
|
|
276
276
|
"Do not show the donation banner. Set this attribute if you are an active sponsor for OWASP CycloneDX.",
|
|
277
277
|
})
|
|
278
|
+
.option("feature-flags", {
|
|
279
|
+
description: "Experimental feature flags to enable. Advanced users only.",
|
|
280
|
+
hidden: true,
|
|
281
|
+
choices: ["safe-pip-install", "suggest-build-tools"],
|
|
282
|
+
})
|
|
278
283
|
.completion("completion", "Generate bash/zsh completion")
|
|
279
284
|
.array("type")
|
|
280
285
|
.array("excludeType")
|
|
@@ -283,6 +288,7 @@ const args = yargs(hideBin(process.argv))
|
|
|
283
288
|
.array("author")
|
|
284
289
|
.array("exclude")
|
|
285
290
|
.array("standard")
|
|
291
|
+
.array("feature-flags")
|
|
286
292
|
.option("auto-compositions", {
|
|
287
293
|
type: "boolean",
|
|
288
294
|
default: true,
|
|
@@ -438,7 +444,6 @@ const applyAdvancedOptions = (options) => {
|
|
|
438
444
|
}
|
|
439
445
|
return options;
|
|
440
446
|
};
|
|
441
|
-
|
|
442
447
|
applyAdvancedOptions(options);
|
|
443
448
|
|
|
444
449
|
/**
|
package/binary.js
CHANGED
package/index.js
CHANGED
|
@@ -63,12 +63,15 @@ import {
|
|
|
63
63
|
getMvnMetadata,
|
|
64
64
|
getNugetMetadata,
|
|
65
65
|
getPipFrozenTree,
|
|
66
|
+
getPipTreeForPackages,
|
|
66
67
|
getPyMetadata,
|
|
67
68
|
getPyModules,
|
|
68
69
|
getSwiftPackageMetadata,
|
|
69
70
|
getTimestamp,
|
|
70
71
|
hasAnyProjectType,
|
|
71
72
|
includeMavenTestScope,
|
|
73
|
+
isFeatureEnabled,
|
|
74
|
+
isPartialTree,
|
|
72
75
|
isValidIriReference,
|
|
73
76
|
parseBazelActionGraph,
|
|
74
77
|
parseBazelSkyframe,
|
|
@@ -1526,7 +1529,6 @@ export async function createJavaBom(path, options) {
|
|
|
1526
1529
|
) {
|
|
1527
1530
|
parentComponent = bomJsonObj.metadata.component;
|
|
1528
1531
|
options.parentComponent = parentComponent;
|
|
1529
|
-
pkgList = [];
|
|
1530
1532
|
}
|
|
1531
1533
|
if (bomJsonObj.components) {
|
|
1532
1534
|
// Inject evidence into the components. #994
|
|
@@ -1941,7 +1943,11 @@ export async function createJavaBom(path, options) {
|
|
|
1941
1943
|
|
|
1942
1944
|
// Bazel
|
|
1943
1945
|
// Look for the BUILD file only in the root directory
|
|
1944
|
-
const bazelFiles = getAllFiles(
|
|
1946
|
+
const bazelFiles = getAllFiles(
|
|
1947
|
+
path,
|
|
1948
|
+
`${options.multiProject ? "**/" : ""}BUILD*`,
|
|
1949
|
+
options,
|
|
1950
|
+
);
|
|
1945
1951
|
if (
|
|
1946
1952
|
bazelFiles?.length &&
|
|
1947
1953
|
!options.projectType?.includes("maven") &&
|
|
@@ -1956,9 +1962,18 @@ export async function createJavaBom(path, options) {
|
|
|
1956
1962
|
for (const f of bazelFiles) {
|
|
1957
1963
|
const basePath = dirname(f);
|
|
1958
1964
|
// Invoke bazel build first
|
|
1959
|
-
const bazelTarget = process.env.BAZEL_TARGET || "
|
|
1960
|
-
|
|
1961
|
-
|
|
1965
|
+
const bazelTarget = process.env.BAZEL_TARGET || "//...";
|
|
1966
|
+
let bArgs = [
|
|
1967
|
+
...(process.env?.BAZEL_ARGS?.split(" ") || []),
|
|
1968
|
+
"build",
|
|
1969
|
+
bazelTarget,
|
|
1970
|
+
];
|
|
1971
|
+
// Automatically load any bazelrc file
|
|
1972
|
+
if (!process.env.BAZEL_ARGS && existsSync(join(basePath, ".bazelrc"))) {
|
|
1973
|
+
bArgs = ["--bazelrc=.bazelrc", "build", bazelTarget];
|
|
1974
|
+
}
|
|
1975
|
+
console.log("Executing", BAZEL_CMD, bArgs.join(" "), "in", basePath);
|
|
1976
|
+
let result = spawnSync(BAZEL_CMD, bArgs, {
|
|
1962
1977
|
cwd: basePath,
|
|
1963
1978
|
shell: true,
|
|
1964
1979
|
encoding: "utf-8",
|
|
@@ -1975,16 +1990,23 @@ export async function createJavaBom(path, options) {
|
|
|
1975
1990
|
options.failOnError && process.exit(1);
|
|
1976
1991
|
} else {
|
|
1977
1992
|
const target = process.env.BAZEL_TARGET || "//...";
|
|
1978
|
-
let query;
|
|
1993
|
+
let query = [...(process.env?.BAZEL_ARGS?.split(" ") || [])];
|
|
1979
1994
|
let bazelParser;
|
|
1995
|
+
// Automatically load any bazelrc file
|
|
1996
|
+
if (!process.env.BAZEL_ARGS && existsSync(join(basePath, ".bazelrc"))) {
|
|
1997
|
+
query = ["--bazelrc=.bazelrc"];
|
|
1998
|
+
}
|
|
1980
1999
|
if (["true", "1"].includes(process.env.BAZEL_USE_ACTION_GRAPH)) {
|
|
1981
|
-
query = ["aquery", `outputs('.*.jar',deps(${target}))`];
|
|
2000
|
+
query = query.concat(["aquery", `outputs('.*.jar',deps(${target}))`]);
|
|
1982
2001
|
bazelParser = parseBazelActionGraph;
|
|
1983
2002
|
} else {
|
|
1984
|
-
query = [
|
|
2003
|
+
query = query.concat([
|
|
2004
|
+
"aquery",
|
|
2005
|
+
"--output=textproto",
|
|
2006
|
+
"--skyframe_state",
|
|
2007
|
+
]);
|
|
1985
2008
|
bazelParser = parseBazelSkyframe;
|
|
1986
2009
|
}
|
|
1987
|
-
|
|
1988
2010
|
console.log("Executing", BAZEL_CMD, `${query.join(" ")} in`, basePath);
|
|
1989
2011
|
result = spawnSync(BAZEL_CMD, query, {
|
|
1990
2012
|
cwd: basePath,
|
|
@@ -2064,8 +2086,12 @@ export async function createJavaBom(path, options) {
|
|
|
2064
2086
|
options,
|
|
2065
2087
|
);
|
|
2066
2088
|
|
|
2067
|
-
if (
|
|
2068
|
-
|
|
2089
|
+
if (
|
|
2090
|
+
sbtProjects?.length &&
|
|
2091
|
+
!options.projectType?.includes("bazel") &&
|
|
2092
|
+
!options.projectType?.includes("gradle") &&
|
|
2093
|
+
!options.projectType?.includes("maven")
|
|
2094
|
+
) {
|
|
2069
2095
|
// If the project use sbt lock files
|
|
2070
2096
|
if (sbtLockFiles?.length) {
|
|
2071
2097
|
for (const f of sbtLockFiles) {
|
|
@@ -2749,6 +2775,10 @@ export async function createPythonBom(path, options) {
|
|
|
2749
2775
|
if (pyProjectMode) {
|
|
2750
2776
|
const tmpParentComponent = parsePyProjectToml(pyProjectFile);
|
|
2751
2777
|
if (tmpParentComponent?.name) {
|
|
2778
|
+
// Bug fix. Version could be missing in pyproject.toml
|
|
2779
|
+
if (!tmpParentComponent.version && parentComponent.version) {
|
|
2780
|
+
tmpParentComponent.version = parentComponent.version;
|
|
2781
|
+
}
|
|
2752
2782
|
parentComponent = tmpParentComponent;
|
|
2753
2783
|
delete parentComponent.homepage;
|
|
2754
2784
|
delete parentComponent.repository;
|
|
@@ -2815,6 +2845,7 @@ export async function createPythonBom(path, options) {
|
|
|
2815
2845
|
};
|
|
2816
2846
|
dependencies.splice(0, 0, pdependencies);
|
|
2817
2847
|
}
|
|
2848
|
+
options.parentComponent = parentComponent;
|
|
2818
2849
|
return buildBomNSData(options, pkgList, "pypi", {
|
|
2819
2850
|
src: path,
|
|
2820
2851
|
filename: poetryFiles.join(", "),
|
|
@@ -2822,7 +2853,7 @@ export async function createPythonBom(path, options) {
|
|
|
2822
2853
|
parentComponent,
|
|
2823
2854
|
formulationList,
|
|
2824
2855
|
});
|
|
2825
|
-
}
|
|
2856
|
+
} // poetryMode
|
|
2826
2857
|
if (metadataFiles?.length) {
|
|
2827
2858
|
// dist-info directories
|
|
2828
2859
|
for (const mf of metadataFiles) {
|
|
@@ -3049,6 +3080,45 @@ export async function createPythonBom(path, options) {
|
|
|
3049
3080
|
pkgList = pkgList.concat(dlist);
|
|
3050
3081
|
}
|
|
3051
3082
|
}
|
|
3083
|
+
// Check and complete the dependency tree
|
|
3084
|
+
if (
|
|
3085
|
+
isFeatureEnabled(options, "safe-pip-install") &&
|
|
3086
|
+
pkgList.length &&
|
|
3087
|
+
isPartialTree(dependencies)
|
|
3088
|
+
) {
|
|
3089
|
+
// Trim the current package list first
|
|
3090
|
+
pkgList = trimComponents(pkgList);
|
|
3091
|
+
console.log(
|
|
3092
|
+
`Attempting to recover the pip dependency tree from ${pkgList.length} packages. Please wait ...`,
|
|
3093
|
+
);
|
|
3094
|
+
const newPkgMap = getPipTreeForPackages(
|
|
3095
|
+
path,
|
|
3096
|
+
pkgList,
|
|
3097
|
+
tempDir,
|
|
3098
|
+
parentComponent,
|
|
3099
|
+
);
|
|
3100
|
+
if (DEBUG_MODE && newPkgMap.failedPkgList.length) {
|
|
3101
|
+
if (newPkgMap.failedPkgList.length < pkgList.length) {
|
|
3102
|
+
console.log(
|
|
3103
|
+
`${newPkgMap.failedPkgList.length} packages failed to install.`,
|
|
3104
|
+
);
|
|
3105
|
+
}
|
|
3106
|
+
}
|
|
3107
|
+
if (newPkgMap?.pkgList?.length) {
|
|
3108
|
+
pkgList = pkgList.concat(newPkgMap.pkgList);
|
|
3109
|
+
pkgList = trimComponents(pkgList);
|
|
3110
|
+
}
|
|
3111
|
+
if (newPkgMap.dependenciesList) {
|
|
3112
|
+
dependencies = mergeDependencies(
|
|
3113
|
+
dependencies,
|
|
3114
|
+
newPkgMap.dependenciesList,
|
|
3115
|
+
parentComponent,
|
|
3116
|
+
);
|
|
3117
|
+
if (DEBUG_MODE && dependencies.length > 1) {
|
|
3118
|
+
console.log("Recovered", dependencies.length, "dependencies.");
|
|
3119
|
+
}
|
|
3120
|
+
}
|
|
3121
|
+
}
|
|
3052
3122
|
// Clean up
|
|
3053
3123
|
if (tempDir?.startsWith(tmpdir()) && rmSync) {
|
|
3054
3124
|
rmSync(tempDir, { recursive: true, force: true });
|
|
@@ -4873,6 +4943,32 @@ export async function createCsharpBom(path, options) {
|
|
|
4873
4943
|
`${options.multiProject ? "**/" : ""}*.nupkg`,
|
|
4874
4944
|
options,
|
|
4875
4945
|
);
|
|
4946
|
+
// Support for detecting and suggesting build tools for this project
|
|
4947
|
+
// We parse all the .csproj files to collect the target framework strings
|
|
4948
|
+
if (isFeatureEnabled(options, "suggest-build-tools")) {
|
|
4949
|
+
const targetFrameworks = new Set();
|
|
4950
|
+
for (const f of csProjFiles) {
|
|
4951
|
+
const csProjData = readFileSync(f, { encoding: "utf-8" });
|
|
4952
|
+
const retMap = parseCsProjData(csProjData, f, {});
|
|
4953
|
+
if (retMap?.parentComponent?.properties) {
|
|
4954
|
+
const parentProperties = retMap.parentComponent.properties;
|
|
4955
|
+
retMap.parentComponent.properties
|
|
4956
|
+
.filter(
|
|
4957
|
+
(p) =>
|
|
4958
|
+
p.name === "cdx:dotnet:target_framework" && p.value.trim().length,
|
|
4959
|
+
)
|
|
4960
|
+
.forEach((p) => {
|
|
4961
|
+
const frameworkValues = p.value
|
|
4962
|
+
.split(";")
|
|
4963
|
+
.filter((v) => v.trim().length && !v.startsWith("$("))
|
|
4964
|
+
.forEach((v) => {
|
|
4965
|
+
targetFrameworks.add(v);
|
|
4966
|
+
});
|
|
4967
|
+
});
|
|
4968
|
+
}
|
|
4969
|
+
}
|
|
4970
|
+
console.log("Target frameworks found:", Array.from(targetFrameworks));
|
|
4971
|
+
}
|
|
4876
4972
|
// Support for automatic restore for .Net projects
|
|
4877
4973
|
if (
|
|
4878
4974
|
options.installDeps &&
|
|
@@ -4922,9 +5018,11 @@ export async function createCsharpBom(path, options) {
|
|
|
4922
5018
|
console.log(
|
|
4923
5019
|
"Authenticate with any private registries such as Azure Artifacts feed before running cdxgen.",
|
|
4924
5020
|
);
|
|
4925
|
-
|
|
4926
|
-
|
|
4927
|
-
|
|
5021
|
+
if (process.env?.CDXGEN_IN_CONTAINER !== "true") {
|
|
5022
|
+
console.log(
|
|
5023
|
+
"Alternatively, try using the unofficial `ghcr.io/appthreat/cdxgen-dotnet6:v10` container image, which bundles nuget (mono) and a range of dotnet SDKs.",
|
|
5024
|
+
);
|
|
5025
|
+
}
|
|
4928
5026
|
}
|
|
4929
5027
|
console.log(result.stdout, result.stderr);
|
|
4930
5028
|
options.failOnError && process.exit(1);
|
|
@@ -5050,10 +5148,6 @@ export async function createCsharpBom(path, options) {
|
|
|
5050
5148
|
console.log(`Parsing ${f}`);
|
|
5051
5149
|
}
|
|
5052
5150
|
pkgData = readFileSync(f, { encoding: "utf-8" });
|
|
5053
|
-
// Remove byte order mark
|
|
5054
|
-
if (pkgData.charCodeAt(0) === 0xfeff) {
|
|
5055
|
-
pkgData = pkgData.slice(1);
|
|
5056
|
-
}
|
|
5057
5151
|
const dlist = parseCsPkgData(pkgData, f);
|
|
5058
5152
|
if (dlist?.length) {
|
|
5059
5153
|
pkgList = pkgList.concat(dlist);
|
|
@@ -5100,13 +5194,9 @@ export async function createCsharpBom(path, options) {
|
|
|
5100
5194
|
if (DEBUG_MODE) {
|
|
5101
5195
|
console.log(`Parsing ${f}`);
|
|
5102
5196
|
}
|
|
5103
|
-
|
|
5104
|
-
// Remove byte order mark
|
|
5105
|
-
if (csProjData.charCodeAt(0) === 0xfeff) {
|
|
5106
|
-
csProjData = csProjData.slice(1);
|
|
5107
|
-
}
|
|
5197
|
+
const csProjData = readFileSync(f, { encoding: "utf-8" });
|
|
5108
5198
|
const retMap = parseCsProjData(csProjData, f, pkgNameVersions);
|
|
5109
|
-
if (retMap?.parentComponent) {
|
|
5199
|
+
if (retMap?.parentComponent?.purl) {
|
|
5110
5200
|
// If there are multiple project files, track the parent components using nested components
|
|
5111
5201
|
if (csProjFiles.length > 1) {
|
|
5112
5202
|
if (!parentComponent.components) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "10.
|
|
3
|
+
"version": "10.9.1",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
|
|
5
5
|
"homepage": "http://github.com/cyclonedx/cdxgen",
|
|
6
6
|
"author": "Prabhu Subramanian <prabhu@appthreat.com>",
|
|
@@ -68,7 +68,7 @@
|
|
|
68
68
|
"find-up": "7.0.0",
|
|
69
69
|
"glob": "^11.0.0",
|
|
70
70
|
"global-agent": "^3.0.0",
|
|
71
|
-
"got": "14.4.
|
|
71
|
+
"got": "14.4.2",
|
|
72
72
|
"iconv-lite": "^0.6.3",
|
|
73
73
|
"js-yaml": "^4.1.0",
|
|
74
74
|
"jws": "^4.0.0",
|
|
@@ -111,7 +111,7 @@
|
|
|
111
111
|
"devDependencies": {
|
|
112
112
|
"@biomejs/biome": "1.8.3",
|
|
113
113
|
"jest": "^29.7.0",
|
|
114
|
-
"typescript": "^5.5.
|
|
114
|
+
"typescript": "^5.5.4"
|
|
115
115
|
},
|
|
116
116
|
"scripts": {
|
|
117
117
|
"test": "node --experimental-vm-modules node_modules/jest/bin/jest.js --inject-globals false docker.test.js utils.test.js display.test.js postgen.test.js",
|
package/server.js
CHANGED
|
@@ -178,14 +178,17 @@ const start = (options) => {
|
|
|
178
178
|
let bomNSData = (await createBom(srcDir, reqOptions)) || {};
|
|
179
179
|
bomNSData = postProcess(bomNSData, reqOptions);
|
|
180
180
|
if (reqOptions.serverUrl && reqOptions.apiKey) {
|
|
181
|
-
console.log(
|
|
181
|
+
console.log(
|
|
182
|
+
`Publishing SBOM ${reqOptions.projectName} to Dependency Track`,
|
|
183
|
+
reqOptions.serverUrl,
|
|
184
|
+
);
|
|
182
185
|
const response = await submitBom(reqOptions, bomNSData.bomJson);
|
|
183
186
|
const errorMessages = response?.errors;
|
|
184
187
|
if (errorMessages) {
|
|
185
188
|
res.writeHead(500, { "Content-Type": "application/json" });
|
|
186
189
|
return res.end(
|
|
187
190
|
JSON.stringify({
|
|
188
|
-
error:
|
|
191
|
+
error: `Unable to submit the SBOM ${reqOptions.projectName} to the Dependency Track server ${reqOptions.serverUrl}`,
|
|
189
192
|
details: errorMessages,
|
|
190
193
|
}),
|
|
191
194
|
);
|
package/types/evinser.d.ts
CHANGED
|
@@ -30,7 +30,7 @@ export function prepareDB(options: any): Promise<{
|
|
|
30
30
|
changed<K extends keyof any>(key: K, dirty: boolean): void;
|
|
31
31
|
changed(): false | string[];
|
|
32
32
|
previous(): Partial<any>;
|
|
33
|
-
previous<K extends string | number | symbol>(key: K): any
|
|
33
|
+
previous<K extends string | number | symbol>(key: K): any;
|
|
34
34
|
save(options?: import("sequelize").SaveOptions<any>): Promise<any>;
|
|
35
35
|
reload(options?: import("sequelize").FindOptions<any>): Promise<any>;
|
|
36
36
|
validate(options?: import("sequelize/types/instance-validator.js").ValidationOptions): Promise<void>;
|
|
@@ -213,7 +213,7 @@ export function prepareDB(options: any): Promise<{
|
|
|
213
213
|
changed<K extends keyof any>(key: K, dirty: boolean): void;
|
|
214
214
|
changed(): false | string[];
|
|
215
215
|
previous(): Partial<any>;
|
|
216
|
-
previous<K extends string | number | symbol>(key: K): any
|
|
216
|
+
previous<K extends string | number | symbol>(key: K): any;
|
|
217
217
|
save(options?: import("sequelize").SaveOptions<any>): Promise<any>;
|
|
218
218
|
reload(options?: import("sequelize").FindOptions<any>): Promise<any>;
|
|
219
219
|
validate(options?: import("sequelize/types/instance-validator.js").ValidationOptions): Promise<void>;
|
|
@@ -396,7 +396,7 @@ export function prepareDB(options: any): Promise<{
|
|
|
396
396
|
changed<K extends keyof any>(key: K, dirty: boolean): void;
|
|
397
397
|
changed(): false | string[];
|
|
398
398
|
previous(): Partial<any>;
|
|
399
|
-
previous<K extends string | number | symbol>(key: K): any
|
|
399
|
+
previous<K extends string | number | symbol>(key: K): any;
|
|
400
400
|
save(options?: import("sequelize").SaveOptions<any>): Promise<any>;
|
|
401
401
|
reload(options?: import("sequelize").FindOptions<any>): Promise<any>;
|
|
402
402
|
validate(options?: import("sequelize/types/instance-validator.js").ValidationOptions): Promise<void>;
|
package/types/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"AAyvBA;;;;;;;;GAQG;AACH,gFAFW,MAAM,SAchB;AAyUD;;;;;;;GAOG;AACH,mCALW,MAAM,qBAiEhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;EAKhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;EAkBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAwgChB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BA2chB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAkahB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAkUhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAqIhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAiDhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBA+KhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBAsHhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,qBAuBhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAqDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,8BA4ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,8BAwFhB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,qBAiUhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBAwJhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAmFhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BA6XhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM;;;;;;;;;;;;;;;;;;;;GAoChB;AAED;;;;;;;;KA+DC;AAED;;;;;;GAMG;AACH,yDA2CC;AAED;;;;;;;;;GASG;AACH,2GA6BC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,EAAE,8BAmclB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,8BAiUhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,qBAsOhB;AAED;;;;;;GAMG;AACH,wDAFY,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,GAAG,SAAS,CAAC,CA2FxE"}
|
package/types/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../server.js"],"names":[],"mappings":"AAuIA,yDAKC;AAED,
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../server.js"],"names":[],"mappings":"AAuIA,yDAKC;AAED,0CAuEC"}
|
package/types/utils.d.ts
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Method to check if a given feature flag is enabled.
|
|
3
|
+
*
|
|
4
|
+
* @param {Object} cliOptions CLI options
|
|
5
|
+
* @param {String} feature Feature flag
|
|
6
|
+
*
|
|
7
|
+
* @returns {Boolean} True if the feature is enabled
|
|
8
|
+
*/
|
|
9
|
+
export function isFeatureEnabled(cliOptions: any, feature: string): boolean;
|
|
1
10
|
/**
|
|
2
11
|
* Method to check if the given project types are allowed by checking against include and exclude types passed from the CLI arguments.
|
|
3
12
|
*
|
|
@@ -607,6 +616,7 @@ export function parseCabalData(cabalData: any): any[];
|
|
|
607
616
|
export function parseMixLockData(mixData: any): any[];
|
|
608
617
|
export function parseGitHubWorkflowData(ghwData: any): any[];
|
|
609
618
|
export function parseCloudBuildData(cbwData: any): any[];
|
|
619
|
+
export function mapConanPkgRefToPurlStringAndNameAndVersion(conanPkgRef: any): any[];
|
|
610
620
|
export function parseConanLockData(conanLockData: any): any[];
|
|
611
621
|
export function parseConanData(conanData: any): any[];
|
|
612
622
|
export function parseLeiningenData(leinData: any): any[];
|
|
@@ -1076,6 +1086,8 @@ export function getPipFrozenTree(basePath: string, reqOrSetupFile: string, tempV
|
|
|
1076
1086
|
rootList: {
|
|
1077
1087
|
name: any;
|
|
1078
1088
|
version: any;
|
|
1089
|
+
purl: string;
|
|
1090
|
+
"bom-ref": string;
|
|
1079
1091
|
}[];
|
|
1080
1092
|
dependenciesList: {
|
|
1081
1093
|
ref: string;
|
|
@@ -1083,6 +1095,35 @@ export function getPipFrozenTree(basePath: string, reqOrSetupFile: string, tempV
|
|
|
1083
1095
|
}[];
|
|
1084
1096
|
frozen: boolean;
|
|
1085
1097
|
};
|
|
1098
|
+
/**
|
|
1099
|
+
* The problem: pip installation can fail for a number of reasons such as missing OS dependencies and devel packages.
|
|
1100
|
+
* When it fails, we don't get any dependency tree. As a workaroud, this method would attempt to install one package at a time to the same virtual environment and then attempts to obtain a dependency tree.
|
|
1101
|
+
* Such a tree could be incorrect or quite approximate, but some users might still find it useful to know the names of the indirect dependencies.
|
|
1102
|
+
*
|
|
1103
|
+
* @param {string} basePath Base path
|
|
1104
|
+
* @param {Array} pkgList Existing package list
|
|
1105
|
+
* @param {string} tempVenvDir Temp venv dir
|
|
1106
|
+
* @param {Object} parentComponent Parent component
|
|
1107
|
+
*
|
|
1108
|
+
* @returns List of packages from the virtual env
|
|
1109
|
+
*/
|
|
1110
|
+
export function getPipTreeForPackages(basePath: string, pkgList: any[], tempVenvDir: string, parentComponent: any): {
|
|
1111
|
+
failedPkgList?: undefined;
|
|
1112
|
+
rootList?: undefined;
|
|
1113
|
+
dependenciesList?: undefined;
|
|
1114
|
+
} | {
|
|
1115
|
+
failedPkgList: any[];
|
|
1116
|
+
rootList: {
|
|
1117
|
+
name: any;
|
|
1118
|
+
version: any;
|
|
1119
|
+
purl: string;
|
|
1120
|
+
"bom-ref": string;
|
|
1121
|
+
}[];
|
|
1122
|
+
dependenciesList: {
|
|
1123
|
+
ref: string;
|
|
1124
|
+
dependsOn: any;
|
|
1125
|
+
}[];
|
|
1126
|
+
};
|
|
1086
1127
|
export function parsePackageJsonName(name: any): {
|
|
1087
1128
|
scope: any;
|
|
1088
1129
|
fullName: string;
|
|
@@ -1166,6 +1207,13 @@ export function parseMakeDFile(dfile: string): any;
|
|
|
1166
1207
|
*
|
|
1167
1208
|
*/
|
|
1168
1209
|
export function isValidIriReference(iri: string): boolean;
|
|
1210
|
+
/**
|
|
1211
|
+
* Method to check if a given dependency tree is partial or not.
|
|
1212
|
+
*
|
|
1213
|
+
* @param {Array} dependencies List of dependencies
|
|
1214
|
+
* @returns {Boolean} True if the dependency tree lacks any non-root parents without children. False otherwise.
|
|
1215
|
+
*/
|
|
1216
|
+
export function isPartialTree(dependencies: any[]): boolean;
|
|
1169
1217
|
export const dirNameStr: string;
|
|
1170
1218
|
export const isWin: boolean;
|
|
1171
1219
|
export const isMac: boolean;
|
package/types/utils.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAuSA;;;;;;;GAOG;AACH,4EAoBC;AAED;;;;;;GAMG;AACH,mGAkDC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;;GASG;AACH,iEA2BC;AAED;;;;;GAKG;AACH,6CAqDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MA2DhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAkOhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CAkElB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA2EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAmGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CA8B3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAqEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAED;;IAsCC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAyCD,qFA2HC;AAED,8DA0BC;AAED,sDAiCC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAoDC;AAED;;;;;;;;GAQG;AACH,kGAwPC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAqThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;;GAMG;AAEH,uDALW,MAAM,iBACN,MAAM,EAAE,GACN,GAAG,CAuCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OA6ChB;AAqFD;;;;;;;;;GASG;AACH,2CAPW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAmWhB;AAED;;;;;;;;;;;GAWG;AACH,gDAPW,MAAM,+BAEN,MAAM;;;;;;;;;;;;;;;;EA+KhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAgQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA0GC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAqBC;AAED;;;;;GAKG;AACH,4DAWC;AAz2WD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAiBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,6CAE6D;AAG7D,oCAEoD;AAGpD,uCAEuD;AAYvD,4BAA6B;AAU7B,8BAAiC;AAMjC,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,kDAWE;AAGF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgEE;AA+FF,8BAQG;AAkzIH,8CAUE"}
|
package/types/validator.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../validator.js"],"names":[],"mappings":"AAmBO,qCAFI,MAAM,WA6ChB;AAOM,0CAFI,MAAM,WAiDhB;AAOM,uCAFI,MAAM,WAgEhB;AA6BM,sCAFI,MAAM,
|
|
1
|
+
{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../validator.js"],"names":[],"mappings":"AAmBO,qCAFI,MAAM,WA6ChB;AAOM,0CAFI,MAAM,WAiDhB;AAOM,uCAFI,MAAM,WAgEhB;AA6BM,sCAFI,MAAM,WA8ChB"}
|