@cyclonedx/cdxgen 10.9.3 → 10.9.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/data/README.md +1 -0
  2. package/data/glibc-stdlib.json +93 -0
  3. package/index.js +1 -1
  4. package/package.json +1 -1
  5. package/postgen.js +24 -1
  6. package/types/postgen.d.ts.map +1 -1
  7. package/types/utils.d.ts.map +1 -1
  8. package/utils.js +62 -1
  9. package/utils.test.js +10 -1
package/data/README.md CHANGED
@@ -22,3 +22,4 @@ Contents of data directory and their purpose.
22
22
  | wrapdb-releases.json | Database of all available meson wraps. Generated using contrib/wrapdb.py. |
23
23
  | frameworks-list.json | List of string fragments to categorize components into frameworks |
24
24
  | crypto-oid.json | Peter Gutmann's crypto oid [mapping](https://www.cs.auckland.ac.nz/~pgut001). GPL, BSD, or CC BY license |
25
+ | glibc-stdlib.json | Standard libraries that can be filtered out in C++ |
package/data/glibc-stdlib.json ADDED
@@ -0,0 +1,93 @@
1
+ [
2
+ "algorithm",
3
+ "iomanip",
4
+ "list",
5
+ "ostream",
6
+ "streambuf",
7
+ "bitset",
8
+ "ios",
9
+ "locale",
10
+ "queue",
11
+ "string",
12
+ "complex",
13
+ "iosfwd",
14
+ "map",
15
+ "set",
16
+ "typeinfo",
17
+ "deque",
18
+ "iostream",
19
+ "memory",
20
+ "sstream",
21
+ "utility",
22
+ "exception",
23
+ "istream",
24
+ "new",
25
+ "stack",
26
+ "valarray",
27
+ "fstream",
28
+ "iterator",
29
+ "numeric",
30
+ "stdexcept",
31
+ "vector",
32
+ "functional",
33
+ "limits",
34
+ "debugging",
35
+ "inplace_vector",
36
+ "linalg",
37
+ "rcu",
38
+ "text_encoding",
39
+ "hazard_pointer",
40
+ "expected",
41
+ "flat_set",
42
+ "mdspan",
43
+ "spanstream",
44
+ "stdfloat",
45
+ "flat_map",
46
+ "generator",
47
+ "print",
48
+ "stacktrace",
49
+ "barrier",
50
+ "concepts",
51
+ "latch",
52
+ "semaphore",
53
+ "stop_token",
54
+ "bit",
55
+ "coroutine",
56
+ "numbers",
57
+ "source_location",
58
+ "syncstream",
59
+ "compare",
60
+ "format",
61
+ "ranges",
62
+ "span",
63
+ "version",
64
+ "any",
65
+ "execution",
66
+ "memory_resource",
67
+ "string_view",
68
+ "variant",
69
+ "charconv",
70
+ "filesystem",
71
+ "optional",
72
+ "shared_mutex",
73
+ "array",
74
+ "condition_variable",
75
+ "mutex",
76
+ "scoped_allocator",
77
+ "type_traits",
78
+ "atomic",
79
+ "forward_list",
80
+ "random",
81
+ "system_error",
82
+ "typeindex",
83
+ "chrono",
84
+ "future",
85
+ "ratio",
86
+ "thread",
87
+ "unordered_map",
88
+ "codecvt",
89
+ "initializer_list",
90
+ "regex",
91
+ "tuple",
92
+ "unordered_set"
93
+ ]
package/index.js CHANGED
@@ -5843,7 +5843,7 @@ export async function createMultiXBom(pathList, options) {
5843
5843
  }
5844
5844
  // Jar scanning is enabled by default
5845
5845
  // See #330
5846
- bomData = createJarBom(path, options);
5846
+ bomData = await createJarBom(path, options);
5847
5847
  if (bomData?.bomJson?.components?.length) {
5848
5848
  if (DEBUG_MODE) {
5849
5849
  console.log(
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@cyclonedx/cdxgen",
3
- "version": "10.9.3",
3
+ "version": "10.9.5",
4
4
  "description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
5
5
  "homepage": "http://github.com/cyclonedx/cdxgen",
6
6
  "author": "Prabhu Subramanian <prabhu@appthreat.com>",
package/postgen.js CHANGED
@@ -3,7 +3,7 @@ import { tmpdir } from "node:os";
3
3
  import { join } from "node:path";
4
4
  import process from "node:process";
5
5
  import { PackageURL } from "packageurl-js";
6
- import { dirNameStr } from "./utils.js";
6
+ import { DEBUG_MODE, dirNameStr, hasAnyProjectType } from "./utils.js";
7
7
 
8
8
  /**
9
9
  * Filter and enhance BOM post generation.
@@ -128,6 +128,7 @@ export function applyStandards(bomJson, options) {
128
128
  export function filterBom(bomJson, options) {
129
129
  const newPkgMap = {};
130
130
  let filtered = false;
131
+ let anyFiltered = false;
131
132
  if (!bomJson?.components) {
132
133
  return bomJson;
133
134
  }
@@ -192,6 +193,9 @@ export function filterBom(bomJson, options) {
192
193
  }
193
194
  }
194
195
  if (filtered) {
196
+ if (!anyFiltered) {
197
+ anyFiltered = true;
198
+ }
195
199
  const newcomponents = [];
196
200
  const newdependencies = [];
197
201
  for (const aref of Object.keys(newPkgMap).sort()) {
@@ -236,6 +240,25 @@ export function filterBom(bomJson, options) {
236
240
  });
237
241
  }
238
242
  }
243
+ if (!anyFiltered && DEBUG_MODE) {
244
+ if (
245
+ options.requiredOnly &&
246
+ !options.deep &&
247
+ hasAnyProjectType(["python"], options, false)
248
+ ) {
249
+ console.log(
250
+ "Try running cdxgen with --deep argument to identify component usages with atom.",
251
+ );
252
+ } else if (
253
+ options.requiredOnly &&
254
+ options.noBabel &&
255
+ hasAnyProjectType(["js"], options, false)
256
+ ) {
257
+ console.log(
258
+ "Enable babel by removing --no-babel argument to improve usage detection.",
259
+ );
260
+ }
261
+ }
239
262
  return bomJson;
240
263
  }
241
264
 
package/types/postgen.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"postgen.d.ts","sourceRoot":"","sources":["../postgen.js"],"names":[],"mappings":"AAOA;;;;;;;GAOG;AACH,+DAcC;AAED;;;;;;;GAOG;AACH,+DAqCC;AAED;;;;;;;GAOG;AACH,gEA+BC;AAED;;;;;;;GAOG;AACH,2DAgHC;AAED;;GAEG;AACH,+CAIC"}
1
+ {"version":3,"file":"postgen.d.ts","sourceRoot":"","sources":["../postgen.js"],"names":[],"mappings":"AAOA;;;;;;;GAOG;AACH,+DAcC;AAED;;;;;;;GAOG;AACH,+DAqCC;AAED;;;;;;;GAOG;AACH,gEA+BC;AAED;;;;;;;GAOG;AACH,2DAuIC;AAED;;GAEG;AACH,+CAIC"}
package/types/utils.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAsJA,yCAYC;AAED,2CAQC;AAqKD;;;;;;;GAOG;AACH,4EAoBC;AAED;;;;;;GAMG;AACH,mGAkDC;AAED;;;;;;;;GAQG;AACH,yGASC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;;GASG;AACH,iEA2BC;AAED;;;;;GAKG;AACH,6CAqDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MA2DhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAkOhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CAkElB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA2EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAmGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CA8B3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAqEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAED;;IAsCC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAyCD,qFA2HC;AAED,8DA0BC;AAED,sDAiCC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAoDC;AAED;;;;;;;;GAQG;AACH,kGAwPC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAqThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;;GAMG;AAEH,uDALW,MAAM,iBACN,MAAM,EAAE,GACN,GAAG,CAuCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OA6ChB;AAqFD;;;;;;;;;GASG;AACH,2CAPW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyYhB;AAED;;;;;;;;;;;GAWG;AACH,gDAPW,MAAM,+BAEN,MAAM;;;;;;;;;;;;;;;;EA4KhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAgQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA0GC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAqBC;AAED;;;;;GAKG;AACH,4DAWC;AAED;;;;;;;GAOG;AACH,2EA4BC;AAh/WD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAiBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,6CAE6D;AAG7D,oCAEoD;AAGpD,uCAEuD;AAYvD,8BAAyC;AAczC,gCAA6C;AAU7C,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,kDAWE;AAGF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA6FE;;;;AAwHF,8BAQG;AAkzIH,8CAUE"}
1
+ {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AA0JA,yCAYC;AAED,2CAQC;AAqKD;;;;;;;GAOG;AACH,4EAoBC;AAED;;;;;;GAMG;AACH,mGAkDC;AAED;;;;;;;;GAQG;AACH,yGASC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;;GASG;AACH,iEA2BC;AAED;;;;;GAKG;AACH,6CAqDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MA2DhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAkOhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CAkElB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA2EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAmGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CA8B3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAqEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAuBD;;IA+DC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAyCD,qFA2HC;AAED,8DA0BC;AAED,sDAiCC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAoDC;AAED;;;;;;;;GAQG;AACH,kGAwPC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAqThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;;GAMG;AAEH,uDALW,MAAM,iBACN,MAAM,EAAE,GACN,GAAG,CAuCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OA6ChB;AAqFD;;;;;;;;;GASG;AACH,2CAPW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyYhB;AAED;;;;;;;;;;;GAWG;AACH,gDAPW,MAAM,+BAEN,MAAM;;;;;;;;;;;;;;;;EA4KhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAuQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA0GC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAqBC;AAED;;;;;GAKG;AACH,4DAWC;AAED;;;;;;;GAOG;AACH,2EAgCC;AA7iXD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAqBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,6CAE6D;AAG7D,oCAEoD;AAGpD,uCAEuD;AAYvD,8BAAyC;AAczC,gCAA6C;AAU7C,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,kDAWE;AAGF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA6FE;;;;AAwHF,8BAQG;AAkzIH,8CAUE"}
package/utils.js CHANGED
@@ -85,6 +85,10 @@ export const frameworksList = JSON.parse(
85
85
  const selfPJson = JSON.parse(
86
86
  readFileSync(join(dirNameStr, "package.json"), "utf-8"),
87
87
  );
88
+
89
+ const CPP_STD_MODULES = JSON.parse(
90
+ readFileSync(join(dirNameStr, "data", "glibc-stdlib.json"), "utf-8"),
91
+ );
88
92
  const _version = selfPJson.version;
89
93
 
90
94
  // Refer to contrib/py-modules.py for a script to generate this list
@@ -6136,7 +6140,29 @@ export function recurseImageNameLookup(keyValueObj, pkgList, imgList) {
6136
6140
  return imgList;
6137
6141
  }
6138
6142
 
6143
+ function substituteBuildArgs(statement, buildArgs) {
6144
+ for (const argMatch of [
6145
+ ...statement.matchAll(/\${?([^:\/\\}]+)}?/g),
6146
+ ].reverse()) {
6147
+ const fullArgName = argMatch[0];
6148
+ const argName = argMatch[1];
6149
+ const argIndex = argMatch.index;
6150
+ if (buildArgs.has(argName)) {
6151
+ statement =
6152
+ statement.slice(0, argIndex) +
6153
+ buildArgs.get(argName) +
6154
+ statement.slice(argIndex + fullArgName.length);
6155
+ } else {
6156
+ console.warn(
6157
+ `Unable to substitute build argument '${fullArgName}' in '${statement}'.`,
6158
+ );
6159
+ }
6160
+ }
6161
+ return statement;
6162
+ }
6163
+
6139
6164
  export function parseContainerFile(fileContents) {
6165
+ const buildArgs = new Map();
6140
6166
  const imagesSet = new Set();
6141
6167
  const buildStageNames = [];
6142
6168
  for (let line of fileContents.split("\n")) {
@@ -6146,11 +6172,26 @@ export function parseContainerFile(fileContents) {
6146
6172
  continue; // skip commented out lines
6147
6173
  }
6148
6174
 
6175
+ if (line.startsWith("ARG")) {
6176
+ const argStatement = line.split("ARG ")[1].split("=");
6177
+
6178
+ if (argStatement.length < 2) {
6179
+ continue; // skip ARG statements without default value
6180
+ }
6181
+
6182
+ const argName = argStatement[0].trim();
6183
+ let argValue = argStatement[1].trim().replace(/['"]+/g, "");
6184
+ if (argValue.includes("$")) {
6185
+ argValue = substituteBuildArgs(argValue, buildArgs);
6186
+ }
6187
+ buildArgs.set(argName, argValue);
6188
+ }
6189
+
6149
6190
  if (line.startsWith("FROM")) {
6150
6191
  // The alias could be called AS or as
6151
6192
  const fromStatement = line.split("FROM ")[1].split(/\s(as|AS)\s/);
6152
6193
 
6153
- const imageStatement = fromStatement[0].trim();
6194
+ let imageStatement = fromStatement[0].trim();
6154
6195
  const buildStageName =
6155
6196
  fromStatement.length > 1
6156
6197
  ? fromStatement[fromStatement.length - 1].trim()
@@ -6163,6 +6204,15 @@ export function parseContainerFile(fileContents) {
6163
6204
  }
6164
6205
  continue;
6165
6206
  }
6207
+ if (imageStatement.includes("$")) {
6208
+ imageStatement = substituteBuildArgs(imageStatement, buildArgs);
6209
+ if (imageStatement.includes("$")) {
6210
+ console.warn(
6211
+ `Unable to substitute build arguments in '${line}' statement.`,
6212
+ );
6213
+ continue;
6214
+ }
6215
+ }
6166
6216
  imagesSet.add(imageStatement);
6167
6217
 
6168
6218
  if (buildStageName) {
@@ -11045,6 +11095,7 @@ export function getCppModules(src, options, osPkgsList, epkgList) {
11045
11095
  const epkgMap = {};
11046
11096
  let parentComponent = undefined;
11047
11097
  const dependsOn = [];
11098
+
11048
11099
  (epkgList || []).forEach((p) => {
11049
11100
  epkgMap[`${p.group}/${p.name}`] = p;
11050
11101
  });
@@ -11193,6 +11244,12 @@ export function getCppModules(src, options, osPkgsList, epkgList) {
11193
11244
  const version = "";
11194
11245
  // We need to resolve the name to an os package here
11195
11246
  const name = fileName.replace(extn, "");
11247
+ // Logic here if name matches the standard library of cpp
11248
+ // we skip it
11249
+ // Load the glibc-stdlib.json file, which contains std lib for cpp
11250
+ if (CPP_STD_MODULES.includes(name)) {
11251
+ continue;
11252
+ }
11196
11253
  let apkg = getOSPackageForFile(afile, osPkgsList) ||
11197
11254
  epkgMap[`${group}/${name}`] || {
11198
11255
  name,
@@ -11806,6 +11863,10 @@ export function recomputeScope(pkgList, dependencies) {
11806
11863
  }
11807
11864
  }
11808
11865
  }
11866
+ // Prevent marking every component as optional
11867
+ if (!Object.keys(requiredPkgs).length) {
11868
+ return pkgList;
11869
+ }
11809
11870
  for (const pkg of pkgList) {
11810
11871
  if (requiredPkgs[pkg["bom-ref"]]) {
11811
11872
  pkg.scope = "required";
package/utils.test.js CHANGED
@@ -4047,7 +4047,7 @@ test("parse containerfiles / dockerfiles", () => {
4047
4047
  const dep_list = parseContainerFile(
4048
4048
  readFileSync("./test/data/Dockerfile", { encoding: "utf-8" }),
4049
4049
  );
4050
- expect(dep_list.length).toEqual(4);
4050
+ expect(dep_list.length).toEqual(7);
4051
4051
  expect(dep_list[0]).toEqual({
4052
4052
  image: "hello-world",
4053
4053
  });
@@ -4060,6 +4060,15 @@ test("parse containerfiles / dockerfiles", () => {
4060
4060
  expect(dep_list[3]).toEqual({
4061
4061
  image: "hello-world:latest@sha256:1234567890abcdef",
4062
4062
  });
4063
+ expect(dep_list[4]).toEqual({
4064
+ image: "docker.io/hello-world@sha256:1234567890abcdef",
4065
+ });
4066
+ expect(dep_list[5]).toEqual({
4067
+ image: "docker.io/hello-world:latest@sha256:1234567890abcdef",
4068
+ });
4069
+ expect(dep_list[6]).toEqual({
4070
+ image: "docker.io/hello-world:latest",
4071
+ });
4063
4072
  });
4064
4073
 
4065
4074
  test("parse bitbucket-pipelines", () => {