@cyclonedx/cdxgen 8.5.0 → 8.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +17 -14
- package/package.json +1 -1
- package/utils.js +1 -1
- package/utils.test.js +21 -0
package/index.js
CHANGED
|
@@ -1178,6 +1178,18 @@ const createJavaBom = async (path, options) => {
|
|
|
1178
1178
|
qualifiers: { type: "jar" },
|
|
1179
1179
|
...(retMap.metadata || {})
|
|
1180
1180
|
};
|
|
1181
|
+
const parentPurl = decodeURIComponent(
|
|
1182
|
+
new PackageURL(
|
|
1183
|
+
"maven",
|
|
1184
|
+
parentComponent.group || "",
|
|
1185
|
+
parentComponent.name,
|
|
1186
|
+
parentComponent.version,
|
|
1187
|
+
parentComponent.qualifiers,
|
|
1188
|
+
null
|
|
1189
|
+
).toString()
|
|
1190
|
+
);
|
|
1191
|
+
parentComponent["purl"] = parentPurl;
|
|
1192
|
+
parentComponent["bom-ref"] = parentPurl;
|
|
1181
1193
|
}
|
|
1182
1194
|
// Get the sub-project properties and set the root dependencies
|
|
1183
1195
|
if (allProjectsStr && allProjectsStr.length) {
|
|
@@ -1217,16 +1229,7 @@ const createJavaBom = async (path, options) => {
|
|
|
1217
1229
|
return s;
|
|
1218
1230
|
});
|
|
1219
1231
|
dependencies.push({
|
|
1220
|
-
ref:
|
|
1221
|
-
new PackageURL(
|
|
1222
|
-
"maven",
|
|
1223
|
-
parentComponent.group,
|
|
1224
|
-
parentComponent.name,
|
|
1225
|
-
parentComponent.version,
|
|
1226
|
-
parentComponent.qualifiers,
|
|
1227
|
-
null
|
|
1228
|
-
).toString()
|
|
1229
|
-
),
|
|
1232
|
+
ref: parentComponent["bom-ref"],
|
|
1230
1233
|
dependsOn: rootDependsOn
|
|
1231
1234
|
});
|
|
1232
1235
|
}
|
|
@@ -1302,7 +1305,7 @@ const createJavaBom = async (path, options) => {
|
|
|
1302
1305
|
console.log(
|
|
1303
1306
|
"Obtained",
|
|
1304
1307
|
pkgList.length,
|
|
1305
|
-
"from this gradle
|
|
1308
|
+
"from this gradle project. De-duping this list ..."
|
|
1306
1309
|
);
|
|
1307
1310
|
} else {
|
|
1308
1311
|
console.log(
|
|
@@ -1693,7 +1696,7 @@ const createNodejsBom = async (path, options) => {
|
|
|
1693
1696
|
type: "application"
|
|
1694
1697
|
};
|
|
1695
1698
|
ppurl = new PackageURL(
|
|
1696
|
-
"
|
|
1699
|
+
"npm",
|
|
1697
1700
|
parentComponent.group,
|
|
1698
1701
|
parentComponent.name,
|
|
1699
1702
|
parentComponent.version,
|
|
@@ -1824,7 +1827,7 @@ const createNodejsBom = async (path, options) => {
|
|
|
1824
1827
|
type: "application"
|
|
1825
1828
|
};
|
|
1826
1829
|
ppurl = new PackageURL(
|
|
1827
|
-
"
|
|
1830
|
+
"npm",
|
|
1828
1831
|
parentComponent.group,
|
|
1829
1832
|
parentComponent.name,
|
|
1830
1833
|
parentComponent.version,
|
|
@@ -1852,7 +1855,7 @@ const createNodejsBom = async (path, options) => {
|
|
|
1852
1855
|
// Fixes: 212. Handle case where there are no package.json to determine the parent package
|
|
1853
1856
|
if (Object.keys(parentComponent).length && parentComponent.name) {
|
|
1854
1857
|
const ppurl = new PackageURL(
|
|
1855
|
-
"
|
|
1858
|
+
"npm",
|
|
1856
1859
|
parentComponent.group,
|
|
1857
1860
|
parentComponent.name,
|
|
1858
1861
|
parentComponent.version,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "8.5.
|
|
3
|
+
"version": "8.5.1",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill-of-Materials (SBOM) from source or container image",
|
|
5
5
|
"homepage": "http://github.com/cyclonedx/cdxgen",
|
|
6
6
|
"author": "Prabhu Subramanian <prabhu@appthreat.com>",
|
package/utils.js
CHANGED
|
@@ -1533,7 +1533,7 @@ const parseGradleProperties = function (rawOutput) {
|
|
|
1533
1533
|
const spStrs = tmpB[1].replace(/[[\]']/g, "").split(", ");
|
|
1534
1534
|
const tmpprojects = spStrs
|
|
1535
1535
|
.flatMap((s) => s.replace("project ", ""))
|
|
1536
|
-
.filter((s) =>
|
|
1536
|
+
.filter((s) => ![":app", ""].includes(s.trim()));
|
|
1537
1537
|
tmpprojects.forEach(projects.add, projects);
|
|
1538
1538
|
}
|
|
1539
1539
|
}
|
package/utils.test.js
CHANGED
|
@@ -310,6 +310,27 @@ test("parse gradle properties", () => {
|
|
|
310
310
|
]
|
|
311
311
|
}
|
|
312
312
|
});
|
|
313
|
+
retMap = utils.parseGradleProperties(
|
|
314
|
+
fs.readFileSync("./test/data/gradle-properties-single2.txt", {
|
|
315
|
+
encoding: "utf-8"
|
|
316
|
+
})
|
|
317
|
+
);
|
|
318
|
+
expect(retMap).toEqual({
|
|
319
|
+
rootProject: "java-test",
|
|
320
|
+
projects: [],
|
|
321
|
+
metadata: {
|
|
322
|
+
group: "com.ajmalab.demo",
|
|
323
|
+
version: "latest",
|
|
324
|
+
properties: [
|
|
325
|
+
{
|
|
326
|
+
name: "buildFile",
|
|
327
|
+
value: "/home/almalinux/work/sandbox/java-test/build.gradle"
|
|
328
|
+
},
|
|
329
|
+
{ name: "projectDir", value: "/home/almalinux/work/sandbox/java-test" },
|
|
330
|
+
{ name: "rootDir", value: "/home/almalinux/work/sandbox/java-test" }
|
|
331
|
+
]
|
|
332
|
+
}
|
|
333
|
+
});
|
|
313
334
|
retMap = utils.parseGradleProperties(
|
|
314
335
|
fs.readFileSync("./test/data/gradle-properties-elastic.txt", {
|
|
315
336
|
encoding: "utf-8"
|