@cyclonedx/cdxgen 9.11.4 → 9.11.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/docker.js +11 -1
- package/index.js +5 -1
- package/package.json +1 -1
- package/utils.js +13 -3
package/docker.js
CHANGED
|
@@ -693,7 +693,17 @@ export const extractTar = async (fullImageName, dir) => {
|
|
|
693
693
|
path.includes("ssl/certs") ||
|
|
694
694
|
path.includes("etc/") ||
|
|
695
695
|
path.includes("logs/") ||
|
|
696
|
-
|
|
696
|
+
path.includes("dev/") ||
|
|
697
|
+
[
|
|
698
|
+
"BlockDevice",
|
|
699
|
+
"CharacterDevice",
|
|
700
|
+
"FIFO",
|
|
701
|
+
"MultiVolume",
|
|
702
|
+
"TapeVolume",
|
|
703
|
+
"SymbolicLink",
|
|
704
|
+
"RenamedOrSymlinked",
|
|
705
|
+
"HardLink"
|
|
706
|
+
].includes(entry.type)
|
|
697
707
|
) {
|
|
698
708
|
return false;
|
|
699
709
|
}
|
package/index.js
CHANGED
|
@@ -4459,7 +4459,11 @@ export const createCsharpBom = async (path, options) => {
|
|
|
4459
4459
|
if (FETCH_LICENSE) {
|
|
4460
4460
|
const retMap = await getNugetMetadata(pkgList, dependencies);
|
|
4461
4461
|
if (retMap.dependencies && retMap.dependencies.length) {
|
|
4462
|
-
dependencies =
|
|
4462
|
+
dependencies = mergeDependencies(
|
|
4463
|
+
dependencies,
|
|
4464
|
+
retMap.dependencies,
|
|
4465
|
+
parentComponent
|
|
4466
|
+
);
|
|
4463
4467
|
}
|
|
4464
4468
|
pkgList = trimComponents(pkgList, "json");
|
|
4465
4469
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "9.11.
|
|
3
|
+
"version": "9.11.6",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
|
|
5
5
|
"homepage": "http://github.com/cyclonedx/cdxgen",
|
|
6
6
|
"author": "Prabhu Subramanian <prabhu@appthreat.com>",
|
package/utils.js
CHANGED
|
@@ -129,7 +129,7 @@ export const SEARCH_MAVEN_ORG =
|
|
|
129
129
|
|
|
130
130
|
// circuit breaker for search maven.org
|
|
131
131
|
let search_maven_org_errors = 0;
|
|
132
|
-
const MAX_SEARCH_MAVEN_ORG_ERRORS =
|
|
132
|
+
const MAX_SEARCH_MAVEN_ORG_ERRORS = 1;
|
|
133
133
|
|
|
134
134
|
// circuit breaker for get repo license
|
|
135
135
|
let get_repo_license_errors = 0;
|
|
@@ -7106,7 +7106,15 @@ export const extractJarArchive = async function (
|
|
|
7106
7106
|
sha +
|
|
7107
7107
|
"%22&rows=20&wt=json";
|
|
7108
7108
|
const res = await cdxgenAgent.get(searchurl, {
|
|
7109
|
-
responseType: "json"
|
|
7109
|
+
responseType: "json",
|
|
7110
|
+
timeout: {
|
|
7111
|
+
lookup: 200,
|
|
7112
|
+
connect: 5000,
|
|
7113
|
+
secureConnect: 5000,
|
|
7114
|
+
socket: 1000,
|
|
7115
|
+
send: 10000,
|
|
7116
|
+
response: 1000
|
|
7117
|
+
}
|
|
7110
7118
|
});
|
|
7111
7119
|
const data = res && res.body ? res.body["response"] : undefined;
|
|
7112
7120
|
if (data && data["numFound"] == 1) {
|
|
@@ -7118,7 +7126,9 @@ export const extractJarArchive = async function (
|
|
|
7118
7126
|
}
|
|
7119
7127
|
} catch (err) {
|
|
7120
7128
|
if (err && err.message && !err.message.includes("404")) {
|
|
7121
|
-
|
|
7129
|
+
if (DEBUG_MODE) {
|
|
7130
|
+
console.log(err);
|
|
7131
|
+
}
|
|
7122
7132
|
search_maven_org_errors++;
|
|
7123
7133
|
}
|
|
7124
7134
|
}
|