@cyclonedx/cdxgen 8.5.1 → 8.5.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +18 -9
- package/package.json +1 -1
package/index.js
CHANGED
|
@@ -1061,9 +1061,21 @@ const createJavaBom = async (path, options) => {
|
|
|
1061
1061
|
console.log(
|
|
1062
1062
|
"Resolve the above maven error. This could be due to the following:\n"
|
|
1063
1063
|
);
|
|
1064
|
-
|
|
1065
|
-
|
|
1066
|
-
|
|
1064
|
+
if (
|
|
1065
|
+
result.stderr &&
|
|
1066
|
+
result.stderr.includes(
|
|
1067
|
+
"Could not resolve dependencies" ||
|
|
1068
|
+
result.stderr.includes("no dependency information available")
|
|
1069
|
+
)
|
|
1070
|
+
) {
|
|
1071
|
+
console.log(
|
|
1072
|
+
"1. Try building the project with 'mvn package -Dmaven.test.skip=true' using the correct version of Java and maven before invoking cdxgen."
|
|
1073
|
+
);
|
|
1074
|
+
} else {
|
|
1075
|
+
console.log(
|
|
1076
|
+
"1. Java version requirement: cdxgen container image bundles Java 17 with maven 3.8 which might be incompatible."
|
|
1077
|
+
);
|
|
1078
|
+
}
|
|
1067
1079
|
console.log(
|
|
1068
1080
|
"2. Private dependencies cannot be downloaded: Check if any additional arguments must be passed to maven and set them via MVN_ARGS environment variable."
|
|
1069
1081
|
);
|
|
@@ -1175,7 +1187,6 @@ const createJavaBom = async (path, options) => {
|
|
|
1175
1187
|
parentComponent = {
|
|
1176
1188
|
name: rootProject,
|
|
1177
1189
|
type: "application",
|
|
1178
|
-
qualifiers: { type: "jar" },
|
|
1179
1190
|
...(retMap.metadata || {})
|
|
1180
1191
|
};
|
|
1181
1192
|
const parentPurl = decodeURIComponent(
|
|
@@ -1184,7 +1195,7 @@ const createJavaBom = async (path, options) => {
|
|
|
1184
1195
|
parentComponent.group || "",
|
|
1185
1196
|
parentComponent.name,
|
|
1186
1197
|
parentComponent.version,
|
|
1187
|
-
|
|
1198
|
+
{ type: "jar" },
|
|
1188
1199
|
null
|
|
1189
1200
|
).toString()
|
|
1190
1201
|
);
|
|
@@ -1236,12 +1247,10 @@ const createJavaBom = async (path, options) => {
|
|
|
1236
1247
|
}
|
|
1237
1248
|
if (gradleFiles && gradleFiles.length && options.installDeps) {
|
|
1238
1249
|
let gradleCmd = utils.getGradleCommand(path, null);
|
|
1239
|
-
|
|
1240
|
-
allProjects.push(parentComponent);
|
|
1241
|
-
}
|
|
1250
|
+
allProjects.push(parentComponent);
|
|
1242
1251
|
for (let sp of allProjects) {
|
|
1243
1252
|
let gradleDepArgs = [
|
|
1244
|
-
sp.
|
|
1253
|
+
sp.purl === parentComponent.purl
|
|
1245
1254
|
? "dependencies"
|
|
1246
1255
|
: `:${sp.name}:dependencies`,
|
|
1247
1256
|
"-q",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "8.5.
|
|
3
|
+
"version": "8.5.3",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill-of-Materials (SBOM) from source or container image",
|
|
5
5
|
"homepage": "http://github.com/cyclonedx/cdxgen",
|
|
6
6
|
"author": "Prabhu Subramanian <prabhu@appthreat.com>",
|