npm - @cyclonedx/cdxgen - Versions diffs - 12.4.3 → 12.4.4 - Mend

@cyclonedx/cdxgen 12.4.3 → 12.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/README.md +6 -0
package/bin/audit.js +7 -0
package/bin/cdxgen.js +48 -2
package/bin/evinse.js +7 -0
package/lib/audit/index.js +165 -2
package/lib/audit/index.poku.js +462 -0
package/lib/cli/index.js +317 -169
package/lib/evinser/evinser.js +31 -9
package/lib/helpers/analyzer.js +890 -0
package/lib/helpers/analyzer.poku.js +341 -0
package/lib/helpers/atomUtils.js +445 -0
package/lib/helpers/atomUtils.poku.js +137 -0
package/lib/helpers/bomUtils.js +71 -0
package/lib/helpers/bomUtils.poku.js +45 -0
package/lib/helpers/depsUtils.js +146 -0
package/lib/helpers/depsUtils.poku.js +183 -0
package/lib/helpers/utils.js +585 -191
package/lib/helpers/utils.poku.js +357 -4
package/lib/managers/binary.js +18 -9
package/lib/stages/postgen/postgen.js +215 -0
package/lib/stages/postgen/postgen.poku.js +218 -3
package/lib/validator/bomValidator.js +11 -2
package/package.json +8 -8
package/types/lib/audit/index.d.ts.map +1 -1
package/types/lib/cli/index.d.ts.map +1 -1
package/types/lib/helpers/analyzer.d.ts.map +1 -1
package/types/lib/helpers/atomUtils.d.ts +18 -0
package/types/lib/helpers/atomUtils.d.ts.map +1 -0
package/types/lib/helpers/bomUtils.d.ts +10 -0
package/types/lib/helpers/bomUtils.d.ts.map +1 -1
package/types/lib/helpers/depsUtils.d.ts +9 -0
package/types/lib/helpers/depsUtils.d.ts.map +1 -1
package/types/lib/helpers/utils.d.ts +19 -0
package/types/lib/helpers/utils.d.ts.map +1 -1
package/types/lib/managers/binary.d.ts +2 -1
package/types/lib/managers/binary.d.ts.map +1 -1
package/types/lib/stages/postgen/postgen.d.ts.map +1 -1
package/types/lib/validator/bomValidator.d.ts.map +1 -1

package/lib/evinser/evinser.js CHANGED Viewed

@@ -4,6 +4,10 @@ import process from "node:process";
 import { PackageURL } from "packageurl-js";
+import {
+  buildAtomCommandEnv,
+  filterAtomSlicesByExcludePatterns,
+} from "../helpers/atomUtils.js";
 import {
   collectDosaiCryptoComponents,
   findCryptoAlgos,
@@ -41,6 +45,10 @@ import { createSemanticsSlices } from "./swiftsem.js";
 const typePurlsCache = {};
+function filterAtomSliceData(sliceData, options = {}) {
+  return filterAtomSlicesByExcludePatterns(sliceData, options.exclude);
+}
 /**
  * Function to create the db for the libraries referred in the sbom.
  *
@@ -357,8 +365,10 @@ export async function createSlice(
     args.push(process.env.ATOM_SLICE_DEPTH);
   }
   args.push(resolve(filePath));
+  const atomExcludeEnv = buildAtomCommandEnv(options, language);
   // Execute atom
   const result = executeAtom(filePath, args, {
+    ...atomExcludeEnv,
     ATOM_TOOLS_OPENAPI_FILENAME: openapiSpecFile, // The file would get over-written
     ATOM_TOOLS_OPENAPI_FORMAT:
       process.env?.ATOM_TOOLS_OPENAPI_FORMAT || "openapi3.1.0", // editor.swagger.io doesn't support 3.1.0 yet
@@ -597,15 +607,17 @@ export async function analyzeProject(dbObjMap, options) {
       usableSlicesFile(options.reachablesSlicesFile)
     ) {
       reachablesSlicesFile = options.reachablesSlicesFile;
-      reachablesSlice = JSON.parse(
-        fs.readFileSync(options.reachablesSlicesFile, "utf-8"),
+      reachablesSlice = filterAtomSliceData(
+        JSON.parse(fs.readFileSync(options.reachablesSlicesFile, "utf-8")),
+        options,
       );
     } else {
       retMap = await createSlice(language, dirPath, "reachables", options);
       if (retMap?.slicesFile && safeExistsSync(retMap.slicesFile)) {
         reachablesSlicesFile = retMap.slicesFile;
-        reachablesSlice = JSON.parse(
-          fs.readFileSync(retMap.slicesFile, "utf-8"),
+        reachablesSlice = filterAtomSliceData(
+          JSON.parse(fs.readFileSync(retMap.slicesFile, "utf-8")),
+          options,
         );
       }
     }
@@ -618,13 +630,19 @@ export async function analyzeProject(dbObjMap, options) {
   }
   // Reuse existing usages slices
   if (options.usagesSlicesFile && usableSlicesFile(options.usagesSlicesFile)) {
-    usageSlice = JSON.parse(fs.readFileSync(options.usagesSlicesFile, "utf-8"));
+    usageSlice = filterAtomSliceData(
+      JSON.parse(fs.readFileSync(options.usagesSlicesFile, "utf-8")),
+      options,
+    );
     usagesSlicesFile = options.usagesSlicesFile;
   } else {
     // Generate our own slices
     retMap = await createSlice(language, dirPath, "usages", options);
     if (retMap?.slicesFile && safeExistsSync(retMap.slicesFile)) {
-      usageSlice = JSON.parse(fs.readFileSync(retMap.slicesFile, "utf-8"));
+      usageSlice = filterAtomSliceData(
+        JSON.parse(fs.readFileSync(retMap.slicesFile, "utf-8")),
+        options,
+      );
       usagesSlicesFile = retMap.slicesFile;
     }
     if (retMap?.semanticsSlicesFile) {
@@ -698,14 +716,18 @@ export async function analyzeProject(dbObjMap, options) {
       safeExistsSync(options.dataFlowSlicesFile)
     ) {
       dataFlowSlicesFile = options.dataFlowSlicesFile;
-      dataFlowSlice = JSON.parse(
-        fs.readFileSync(options.dataFlowSlicesFile, "utf-8"),
+      dataFlowSlice = filterAtomSliceData(
+        JSON.parse(fs.readFileSync(options.dataFlowSlicesFile, "utf-8")),
+        options,
       );
     } else if (!PROJECT_TYPE_ALIASES.scala.includes(language)) {
       retMap = await createSlice(language, dirPath, "data-flow", options);
       if (retMap?.slicesFile && safeExistsSync(retMap.slicesFile)) {
         dataFlowSlicesFile = retMap.slicesFile;
-        dataFlowSlice = JSON.parse(fs.readFileSync(retMap.slicesFile, "utf-8"));
+        dataFlowSlice = filterAtomSliceData(
+          JSON.parse(fs.readFileSync(retMap.slicesFile, "utf-8")),
+          options,
+        );
       }
     }
   }