@cyclonedx/cdxgen 10.9.7 → 10.9.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +1 -1
- package/package.json +1 -1
- package/types/utils.d.ts +2 -1
- package/types/utils.d.ts.map +1 -1
- package/utils.js +4 -3
- package/utils.test.js +30 -10
- package/validator.js +1 -1
package/index.js
CHANGED
|
@@ -3187,7 +3187,7 @@ export async function createPythonBom(path, options) {
|
|
|
3187
3187
|
if (
|
|
3188
3188
|
isFeatureEnabled(options, "safe-pip-install") &&
|
|
3189
3189
|
pkgList.length &&
|
|
3190
|
-
isPartialTree(dependencies)
|
|
3190
|
+
isPartialTree(dependencies, pkgList.length)
|
|
3191
3191
|
) {
|
|
3192
3192
|
// Trim the current package list first
|
|
3193
3193
|
pkgList = trimComponents(pkgList);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "10.9.
|
|
3
|
+
"version": "10.9.8",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
|
|
5
5
|
"homepage": "http://github.com/cyclonedx/cdxgen",
|
|
6
6
|
"author": "Prabhu Subramanian <prabhu@appthreat.com>",
|
package/types/utils.d.ts
CHANGED
|
@@ -1267,9 +1267,10 @@ export function isValidIriReference(iri: string): boolean;
|
|
|
1267
1267
|
* Method to check if a given dependency tree is partial or not.
|
|
1268
1268
|
*
|
|
1269
1269
|
* @param {Array} dependencies List of dependencies
|
|
1270
|
+
* @param {Number} componentsCount Number of components
|
|
1270
1271
|
* @returns {Boolean} True if the dependency tree lacks any non-root parents without children. False otherwise.
|
|
1271
1272
|
*/
|
|
1272
|
-
export function isPartialTree(dependencies: any[]): boolean;
|
|
1273
|
+
export function isPartialTree(dependencies: any[], componentsCount?: number): boolean;
|
|
1273
1274
|
/**
|
|
1274
1275
|
* Re-compute and set the scope based on the dependency tree
|
|
1275
1276
|
*
|
package/types/utils.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AA2JA,yCAYC;AAED,2CAQC;AAsKD;;;;;;;GAOG;AACH,4EAoBC;AAED;;;;;;GAMG;AACH,mGAkDC;AAED;;;;;;;;GAQG;AACH,yGASC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;;GASG;AACH,iEA2BC;AAED;;;;;GAKG;AACH,6CAqDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MA2DhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAkOhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CAkElB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA2EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAmGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CA8B3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAgBD;;;;GAIG;AACH;;;;;;;;;EA8KC;AAED;;;;GAIG;AACH;;;;;;EAcC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,sDAoBC;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED;;;;;;;GAOG;AACH,sEA4FC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA4BD;;;;;;;;;;GAUG;AACH,2CARW,MAAM,aACN,MAAM;;;;;;;;GAkMhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAqEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAmBD;;IAiEC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAyCD,qFA2HC;AAED,8DA0BC;AAED,sDAiCC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAoDC;AAED;;;;;;;;GAQG;AACH,kGAwPC;AAED;;;EAoNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAqThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;;GAMG;AAEH,uDALW,MAAM,iBACN,MAAM,EAAE,GACN,GAAG,CAuCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OA6ChB;AAqFD;;;;;;;;;GASG;AACH,2CAPW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyYhB;AAED;;;;;;;;;;;GAWG;AACH,gDAPW,MAAM,+BAEN,MAAM;;;;;;;;;;;;;;;;EA4KhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAuQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA0GC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAqBC;AAED
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AA2JA,yCAYC;AAED,2CAQC;AAsKD;;;;;;;GAOG;AACH,4EAoBC;AAED;;;;;;GAMG;AACH,mGAkDC;AAED;;;;;;;;GAQG;AACH,yGASC;AAgBD;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;;GASG;AACH,iEA2BC;AAED;;;;;GAKG;AACH,6CAqDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAqVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MA2DhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAkOhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AA2BD;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA0ZhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;;;;GAMG;AACH,0CALW,MAAM,WACN,MAAM,OAgJhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CAkElB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MA2EhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAmGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CA8B3B;AAED;;;;;;;;;GASG;AACH,0EAFY,OAAO,QAAQ,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,OAAO,QAAQ,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,iFAFW,GAAC,OA0BX;AAED;;;;;GAKG;AACH,sFAsNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MAmEhB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFAgKC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAgBD;;;;GAIG;AACH;;;;;;;;;EA8KC;AAED;;;;GAIG;AACH;;;;;;EAcC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,sDAoBC;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,OAAO,QAAQ,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED;;;;;;;GAOG;AACH,sEA4FC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GA0DhB;AA4BD;;;;;;;;;;GAUG;AACH,2CARW,MAAM,aACN,MAAM;;;;;;;;GAkMhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAqEC;AAED;;;;GAIG;AACH,gEA0DC;AA0BD;;;;;;;;;;;;;;;;;GAiBG;AACH,mEALW,OAAO,4BAiLjB;AAED;;;;;;;;GAQG;AACH,+DALW,OAAO,4BAsIjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAmBD;;IAiEC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAyCD,qFA2HC;AAED,8DA0BC;AAED,sDAiCC;AAED,yDAgCC;AAED,qDAkDC;AAED;;;;;GAKG;AACH,mDASC;AAED;;;;;;GAMG;AACH,4EA4EC;AAED,kEAoDC;AAED;;;;;;;;GAQG;AACH,kGAwPC;AAED;;;EAoNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,OAAO,QAAQ,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAqThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;;GAMG;AAEH,uDALW,MAAM,iBACN,MAAM,EAAE,GACN,GAAG,CAuCf;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DA2EC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OA6ChB;AAqFD;;;;;;;;;GASG;AACH,2CAPW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyYhB;AAED;;;;;;;;;;;GAWG;AACH,gDAPW,MAAM,+BAEN,MAAM;;;;;;;;;;;;;;;;EA4KhB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAuQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AA8HD;;;;GAIG;AACH;;;GAkHC;AAED,yEA0GC;AAED;;;;;;GAMG;AACH,mDAkBC;AAED;;;;;;;;;;GAUG;AACH,0DAqBC;AAED;;;;;;GAMG;AACH,sFAYC;AAED;;;;;;;GAOG;AACH,2EAgCC;AAp6XD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAqBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,6CAE6D;AAG7D,oCAEoD;AAGpD,uCAEuD;AAYvD,8BAAyC;AAczC,gCAA6C;AAU7C,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,kDAWE;AAGF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA8FE;;;;AAwHF,8BAQG;AAqqJH,8CAUE"}
|
package/utils.js
CHANGED
|
@@ -10517,7 +10517,7 @@ export function getPipFrozenTree(
|
|
|
10517
10517
|
);
|
|
10518
10518
|
} else {
|
|
10519
10519
|
console.log(
|
|
10520
|
-
"The version or the version specifiers used for a dependency is invalid.
|
|
10520
|
+
"The version or the version specifiers used for a dependency is invalid. Try with a different python type such as -t python310 or -t python39.\nOriginal error from pip:\n",
|
|
10521
10521
|
);
|
|
10522
10522
|
}
|
|
10523
10523
|
console.log(result.stderr);
|
|
@@ -12194,9 +12194,10 @@ export function isValidIriReference(iri) {
|
|
|
12194
12194
|
* Method to check if a given dependency tree is partial or not.
|
|
12195
12195
|
*
|
|
12196
12196
|
* @param {Array} dependencies List of dependencies
|
|
12197
|
+
* @param {Number} componentsCount Number of components
|
|
12197
12198
|
* @returns {Boolean} True if the dependency tree lacks any non-root parents without children. False otherwise.
|
|
12198
12199
|
*/
|
|
12199
|
-
export function isPartialTree(dependencies) {
|
|
12200
|
+
export function isPartialTree(dependencies, componentsCount = 1) {
|
|
12200
12201
|
if (dependencies?.length <= 1) {
|
|
12201
12202
|
return true;
|
|
12202
12203
|
}
|
|
@@ -12206,7 +12207,7 @@ export function isPartialTree(dependencies) {
|
|
|
12206
12207
|
parentsWithChildsCount++;
|
|
12207
12208
|
}
|
|
12208
12209
|
}
|
|
12209
|
-
return parentsWithChildsCount <= 1;
|
|
12210
|
+
return parentsWithChildsCount <= Math.max(Math.round(componentsCount / 3), 1);
|
|
12210
12211
|
}
|
|
12211
12212
|
|
|
12212
12213
|
/**
|
package/utils.test.js
CHANGED
|
@@ -3199,7 +3199,9 @@ test("parseYarnLock", async () => {
|
|
|
3199
3199
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarn-multi.lock");
|
|
3200
3200
|
expect(parsedList.pkgList.length).toEqual(1909);
|
|
3201
3201
|
expect(parsedList.dependenciesList.length).toEqual(1909);
|
|
3202
|
-
expect(
|
|
3202
|
+
expect(
|
|
3203
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3204
|
+
).toBeFalsy();
|
|
3203
3205
|
expect(parsedList.pkgList[0]).toEqual({
|
|
3204
3206
|
_integrity:
|
|
3205
3207
|
"sha512-zpruxnFMz6K94gs2pqc3sidzFDbQpKT5D6P/J/I9s8ekHZ5eczgnRp6pqXC86Bh7+44j/btpmOT0kwiboyqTnA==",
|
|
@@ -3232,7 +3234,9 @@ test("parseYarnLock", async () => {
|
|
|
3232
3234
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarn-light.lock");
|
|
3233
3235
|
expect(parsedList.pkgList.length).toEqual(315);
|
|
3234
3236
|
expect(parsedList.dependenciesList.length).toEqual(315);
|
|
3235
|
-
expect(
|
|
3237
|
+
expect(
|
|
3238
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3239
|
+
).toBeFalsy();
|
|
3236
3240
|
expect(parsedList.pkgList[0]).toEqual({
|
|
3237
3241
|
_integrity:
|
|
3238
3242
|
"sha512-rZ1k9kQvJX21Vwgx1L6kSQ6yeXo9cCMyqURSnjG+MRoJn+Mr3LblxmVdzScHXRzv0N9yzy49oG7Bqxp9Knyv/g==",
|
|
@@ -3265,7 +3269,9 @@ test("parseYarnLock", async () => {
|
|
|
3265
3269
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarn3.lock");
|
|
3266
3270
|
expect(parsedList.pkgList.length).toEqual(5);
|
|
3267
3271
|
expect(parsedList.dependenciesList.length).toEqual(5);
|
|
3268
|
-
expect(
|
|
3272
|
+
expect(
|
|
3273
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3274
|
+
).toBeFalsy();
|
|
3269
3275
|
expect(parsedList.pkgList[1]).toEqual({
|
|
3270
3276
|
_integrity:
|
|
3271
3277
|
"sha512-+X9Jn4mPI+RYV0ITiiLyJSYlT9um111BocJSaztsxXR+9ZxWErpzdfQqyk+EYZUOklugjJkerQZRtJGLfJeClw==",
|
|
@@ -3298,7 +3304,9 @@ test("parseYarnLock", async () => {
|
|
|
3298
3304
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarnv2.lock");
|
|
3299
3305
|
expect(parsedList.pkgList.length).toEqual(1088);
|
|
3300
3306
|
expect(parsedList.dependenciesList.length).toEqual(1088);
|
|
3301
|
-
expect(
|
|
3307
|
+
expect(
|
|
3308
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3309
|
+
).toBeFalsy();
|
|
3302
3310
|
expect(parsedList.pkgList[0]).toEqual({
|
|
3303
3311
|
_integrity:
|
|
3304
3312
|
"sha512-G0U5NjBUYIs39l1J1ckgpVfVX2IxpzRAIT4/2An86O2Mcri3k5xNu7/RRkfObo12wN9s7BmnREAMhH7252oZiA==",
|
|
@@ -3330,7 +3338,9 @@ test("parseYarnLock", async () => {
|
|
|
3330
3338
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarnv3.lock");
|
|
3331
3339
|
expect(parsedList.pkgList.length).toEqual(363);
|
|
3332
3340
|
expect(parsedList.dependenciesList.length).toEqual(363);
|
|
3333
|
-
expect(
|
|
3341
|
+
expect(
|
|
3342
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3343
|
+
).toBeFalsy();
|
|
3334
3344
|
expect(parsedList.pkgList[0]).toEqual({
|
|
3335
3345
|
_integrity:
|
|
3336
3346
|
"sha512-vtU+q0TmdIDmezU7lKub73vObN6nmd3lkcKWz7R9hyNI8gz5o7grDb+FML9nykOLW+09gGIup2xyJ86j5vBKpg==",
|
|
@@ -3362,7 +3372,9 @@ test("parseYarnLock", async () => {
|
|
|
3362
3372
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarn4.lock");
|
|
3363
3373
|
expect(parsedList.pkgList.length).toEqual(1);
|
|
3364
3374
|
expect(parsedList.dependenciesList.length).toEqual(1);
|
|
3365
|
-
expect(
|
|
3375
|
+
expect(
|
|
3376
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3377
|
+
).toBeTruthy();
|
|
3366
3378
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarn-at.lock");
|
|
3367
3379
|
expect(parsedList.pkgList.length).toEqual(4);
|
|
3368
3380
|
expect(parsedList.dependenciesList.length).toEqual(4);
|
|
@@ -3394,7 +3406,9 @@ test("parseYarnLock", async () => {
|
|
|
3394
3406
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarn5.lock");
|
|
3395
3407
|
expect(parsedList.pkgList.length).toEqual(1962);
|
|
3396
3408
|
expect(parsedList.dependenciesList.length).toEqual(1962);
|
|
3397
|
-
expect(
|
|
3409
|
+
expect(
|
|
3410
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3411
|
+
).toBeFalsy();
|
|
3398
3412
|
expect(parsedList.pkgList[0].purl).toEqual(
|
|
3399
3413
|
"pkg:npm/%40ampproject/remapping@2.2.0",
|
|
3400
3414
|
);
|
|
@@ -3408,7 +3422,9 @@ test("parseYarnLock", async () => {
|
|
|
3408
3422
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarn6.lock");
|
|
3409
3423
|
expect(parsedList.pkgList.length).toEqual(1472);
|
|
3410
3424
|
expect(parsedList.dependenciesList.length).toEqual(1472);
|
|
3411
|
-
expect(
|
|
3425
|
+
expect(
|
|
3426
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3427
|
+
).toBeFalsy();
|
|
3412
3428
|
expect(parsedList.pkgList[0].purl).toEqual(
|
|
3413
3429
|
"pkg:npm/%40aashutoshrathi/word-wrap@1.2.6",
|
|
3414
3430
|
);
|
|
@@ -3425,7 +3441,9 @@ test("parseYarnLock", async () => {
|
|
|
3425
3441
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarn7.lock");
|
|
3426
3442
|
expect(parsedList.pkgList.length).toEqual(1350);
|
|
3427
3443
|
expect(parsedList.dependenciesList.length).toEqual(1347);
|
|
3428
|
-
expect(
|
|
3444
|
+
expect(
|
|
3445
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3446
|
+
).toBeFalsy();
|
|
3429
3447
|
expect(parsedList.pkgList[0].purl).toEqual(
|
|
3430
3448
|
"pkg:npm/%40aashutoshrathi/word-wrap@1.2.6",
|
|
3431
3449
|
);
|
|
@@ -3478,7 +3496,9 @@ test("parseYarnLock", async () => {
|
|
|
3478
3496
|
parsedList = await parseYarnLock("./test/data/yarn_locks/yarnv1-empty.lock");
|
|
3479
3497
|
expect(parsedList.pkgList.length).toEqual(770);
|
|
3480
3498
|
expect(parsedList.dependenciesList.length).toEqual(770);
|
|
3481
|
-
expect(
|
|
3499
|
+
expect(
|
|
3500
|
+
isPartialTree(parsedList.dependenciesList, parsedList.pkgList.length),
|
|
3501
|
+
).toBeFalsy();
|
|
3482
3502
|
expect(parsedList.pkgList[0].purl).toEqual(
|
|
3483
3503
|
"pkg:npm/%40ampproject/remapping@2.2.0",
|
|
3484
3504
|
);
|
package/validator.js
CHANGED
|
@@ -221,7 +221,7 @@ export const validateRefs = (bomJson) => {
|
|
|
221
221
|
const warningsList = [];
|
|
222
222
|
const refMap = buildRefs(bomJson);
|
|
223
223
|
if (bomJson?.dependencies) {
|
|
224
|
-
if (isPartialTree(bomJson.dependencies)) {
|
|
224
|
+
if (isPartialTree(bomJson.dependencies, bomJson?.components?.length)) {
|
|
225
225
|
warningsList.push("Dependency tree is partial lacking child nodes.");
|
|
226
226
|
}
|
|
227
227
|
for (const dep of bomJson.dependencies) {
|