@cyclonedx/cdxgen 9.8.10 → 9.9.1

package/data/frameworks-list.json

@@ -0,0 +1,146 @@
+{
+  "all": [
+    "System.Web",
+    "System.ServiceModel",
+    "System.Data",
+    "spring",
+    "pkg:pypi/flask",
+    "pkg:pypi/django",
+    "beego",
+    "chi",
+    "echo",
+    "github.com/gin-gonic/gin",
+    "gorilla",
+    "rye",
+    "httprouter",
+    "akka",
+    "dropwizard",
+    "vertx",
+    "gwt",
+    "jax-rs",
+    "jax-ws",
+    "jsf",
+    "play",
+    "spark",
+    "struts",
+    "angular",
+    "react",
+    "next",
+    "ember",
+    "express",
+    "knex",
+    "vue",
+    "pkg:pypi/aiohttp",
+    "pkg:pypi/bottle",
+    "pkg:pypi/cherrypy",
+    "pkg:pypi/drt",
+    "pkg:pypi/falcon",
+    "pkg:pypi/hug",
+    "pkg:pypi/pyramid",
+    "pkg:pypi/sanic",
+    "pkg:pypi/tornado",
+    "pkg:pypi/fastapi",
+    "pkg:pypi/pyqt",
+    "pkg:pypi/tkinter",
+    "pkg:pypi/kivy",
+    "pkg:pypi/pyside",
+    "pkg:pypi/scikit",
+    "pkg:pypi/tensorflow",
+    "pkg:pypi/pytorch",
+    "pkg:pypi/keras",
+    "pkg:pypi/numpy",
+    "pkg:pypi/scipy",
+    "pkg:pypi/pandas",
+    "pkg:pypi/matplotlib",
+    "pkg:pypi/google-api-core",
+    "pkg:pypi/google-cloud",
+    "pkg:pypi/botocore",
+    "pkg:pypi/boto3",
+    "pkg:pypi/azure",
+    "vibora",
+    "koa",
+    "-sdk",
+    "org.apache",
+    "appfuse",
+    "drools",
+    "jbpm",
+    "activiti",
+    "barracuda",
+    "birt",
+    "biojava",
+    "bluecove",
+    "bouncycastle",
+    "cascading",
+    "deeplearning4j",
+    "eclipselink",
+    "geoapi",
+    "geotools",
+    "hibernate",
+    "hsqldb",
+    "ibatis",
+    "javassist",
+    "jersey",
+    "jetty",
+    "jfreechart",
+    "jhipster",
+    "jmonkeyengine",
+    "jsf",
+    "keycloak",
+    "liquibase",
+    "lwjgl",
+    "micronaut",
+    "mybatis",
+    "netty",
+    "neuroph",
+    "opencv",
+    "orientdb",
+    "ormlite",
+    "payara",
+    "primefaces",
+    "quarkus",
+    "quartz",
+    "sax",
+    "slf4j",
+    "jasper",
+    "spock",
+    "thymeleaf",
+    "vaadin",
+    "vertx",
+    "wildfly",
+    "zkoss",
+    "org.ow2.asm",
+    "backbone",
+    "dojo",
+    "ember",
+    "enyo",
+    "extjs",
+    "jquery",
+    "jqwidgets",
+    "knockout",
+    "mootools",
+    "prototypejs",
+    "qooxdoo",
+    "openui5",
+    "solidjs",
+    "sproutcore",
+    "svelte",
+    "wakanda",
+    "webix",
+    "github.com/aerogo/aero",
+    "github.com/aofei/air",
+    "github.com/go-the-way/anoweb",
+    "github.com/appist/appy",
+    "github.com/ungerik/go-rest",
+    "goa.design/goa",
+    "github.com/aceld/zinx",
+    "github.com/dolab/gogo",
+    "github.com/yarf-framework/yarf",
+    "github.com/norunners/vert",
+    "pkg:cargo/rocket",
+    "pkg:cargo/actix",
+    "pkg:cargo/nickel",
+    "pkg:cargo/yew",
+    "pkg:cargo/azul",
+    "pkg:cargo/conrod"
+  ]
+}

package/data/lic-mapping.json

@@ -2,12 +2,14 @@
   {
     "exp": "Apache-2.0",
     "names": [
+      "Apache2",
       "Apache 2",
       "Apache 2.0",
       "Apache Version 2.0",
       "Apache 2.0 License",
       "Apache Software License, Version 2.0",
       "The Apache Software License, Version 2.0",
+      "Apache License v2.0",
       "Apache License (v2.0)",
       "Apache License 2.0",
       "Apache License Version 2.0",
@@ -20,6 +22,9 @@
       "Apache-2.0 OR MIT",
       "Apache2.0",
       "apache-2-0",
+      "APL2",
+      "the Apache License, ASL Version 2.0",
+      "Apache Publich License 2.0",
       "https://opensource.org/licenses/Apache2.0",
       "https://opensource.org/license/apache-2-0",
       "http://www.apache.org/licenses/LICENSE-2.0.html"
@@ -27,7 +32,14 @@
   },
   {
     "exp": "0BSD",
-    "names": ["Zero-Clause BSD", "BSD", "BSD License", "BSD-like"]
+    "names": [
+      "Zero-Clause BSD",
+      "BSD",
+      "BSD License",
+      "BSD-like",
+      "new BSD License",
+      "new BSD"
+    ]
   },
   {
     "exp": "BSD-2-Clause",
@@ -37,7 +49,8 @@
       "BSD-2-Clause",
       "BSD 2-Clause License",
       "The BSD 2-Clause License",
-      "The 2-Clause BSD License"
+      "The 2-Clause BSD License",
+      "The BSD License"
     ]
   },
   {
@@ -46,6 +59,7 @@
       "BSD 3 Clause",
       "BSD 3-Clause",
       "BSD-3-Clause",
+      "BSD 3-clause",
       "BSD 3-Clause License",
       "The BSD 3-Clause License",
       "BSD 3-Clause \"New\" or \"Revised\" License (BSD-3-Clause)",
@@ -55,7 +69,8 @@
       "Revised BSD",
       "Revised BSD License",
       "The New BSD License",
-      "BSD (3-clause)"
+      "BSD (3-clause)",
+      "3-Clause BSD License"
     ]
   },
   {
@@ -70,6 +85,10 @@
       "BSD (4-clause)"
     ]
   },
+  {
+    "exp": "CC0-1.0",
+    "names": ["CC0"]
+  },
   {
     "exp": "CDDL-1.0",
     "names": [
@@ -151,6 +170,7 @@
       "LGPL v2.1",
       "LGPL-2.1",
       "LGPL2.1",
+      "LGPL, version 2.1",
       "GNU Lesser General Public License",
       "GNU Lesser General Public License Version 2.1",
       "GNU Lesser General Public License Version 2.1, February 1999",
@@ -270,7 +290,13 @@
   },
   {
     "exp": "MPL-2.0",
-    "names": ["MPL 2.0", "Mozilla Public License 2.0"]
+    "names": [
+      "MPL 2.0",
+      "Mozilla Public License 2.0",
+      "Mozilla Public License version 2.0",
+      "Mozilla Public License, version 2.0",
+      "Mozilla Public License 2.0 (MPL 2.0)"
+    ]
   },
   {
     "exp": "NetCDF",
@@ -282,6 +308,19 @@
   },
   {
     "exp": "ISC",
-    "names": ["ISC license"]
+    "names": ["ISC license", "ISC License (ISCL)"]
+  },
+  {
+    "exp": "ICU",
+    "names": ["Unicode/ICU License"]
+  },
+  {
+    "exp": "PSF-2.0",
+    "names": [
+      "Python Software Foundation License",
+      "Python Software Foundation License (PSFL)",
+      "Python Software Foundation License 2.0",
+      "PSFL"
+    ]
   }
 ]

package/data/pypi-pkg-aliases.json

@@ -553,6 +553,7 @@
   "creole": "python-creole",
   "creoleparser": "creoleparser",
   "crispy-forms": "django-crispy-forms",
+  "crum": "django-crum",
   "cronlog": "python-crontab",
   "crontab": "python-crontab",
   "crypto": "pycryptodome",
@@ -589,6 +590,7 @@
   "djcelery": "django-celery",
   "djkombu": "django-kombu",
   "djorm-pgarray": "djorm-ext-pgarray",
+  "django-filters": "filters-django",
   "dns": "dnspython",
   "docgen": "ansible-docgenerator",
   "docker": "docker-py",
@@ -631,6 +633,7 @@
   "fdpexpect": "pexpect",
   "fedora": "python-fedora",
   "fias": "ailove-django-fias",
+  "fieldsignals": "django-fieldsignals",
   "fiftyone-degrees": "51degrees-mobile-detector",
   "fiftyonedegrees": "51degrees-mobile-detector-v3-wrapper",
   "five": "five.customerize",
@@ -709,6 +712,7 @@
   "igraph": "python-igraph",
   "imdb": "imdbpy",
   "impala": "impyla",
+  "imagekit": "django-imagekit",
   "impersonate": "django-impersonate",
   "inmemorystorage": "ambition-inmemorystorage",
   "ipaddress": "backport-ipaddress",
@@ -845,6 +849,7 @@
   "path": "path.py",
   "patricia": "patricia-trie",
   "paver": "paver",
+  "packageurl": "packageurl-python",
   "peak": "proxytypes",
   "picasso": "anderson.picasso",
   "picklefield": "django-picklefield",
@@ -1057,6 +1062,7 @@
   "slugify": "unicode-slugify",
   "smarkets": "smk-python-sdk",
   "snappy": "ctypes-snappy",
+  "social-core": "social-auth-core",
   "social-django": "social-auth-app-django",
   "socketio": "python-socketio",
   "socketserver": "pies2overrides",

package/display.js

@@ -1,3 +1,4 @@
+import { existsSync, readFileSync } from "fs";
 import { createStream, table } from "table";
 
 // https://github.com/yangshun/tree-node-cli/blob/master/src/index.js
@@ -277,3 +278,36 @@ const recursePrint = (depMap, subtree, level, shownList, treeGraphics) => {
     }
   }
 };
+
+export const printReachables = (sliceArtefacts) => {
+  const reachablesSlicesFile = sliceArtefacts.reachablesSlicesFile;
+  if (!existsSync(reachablesSlicesFile)) {
+    return;
+  }
+  const purlCounts = {};
+  const reachablesSlices = JSON.parse(
+    readFileSync(reachablesSlicesFile, "utf-8")
+  );
+  for (const areachable of reachablesSlices.reachables || []) {
+    const purls = areachable.purls || [];
+    for (const apurl of purls) {
+      purlCounts[apurl] = (purlCounts[apurl] || 0) + 1;
+    }
+  }
+  const sortedPurls = Object.fromEntries(
+    Object.entries(purlCounts).sort(([, a], [, b]) => b - a)
+  );
+  const data = [["Package URL", "Reachable Flows"]];
+  for (const apurl of Object.keys(sortedPurls)) {
+    data.push([apurl, "" + sortedPurls[apurl]]);
+  }
+  const config = {
+    header: {
+      alignment: "center",
+      content: "Reachable Components\nGenerated with \u2665 by cdxgen"
+    }
+  };
+  if (data.length > 1) {
+    console.log(table(data, config));
+  }
+};

package/docker.js

@@ -323,6 +323,9 @@ export const parseImageName = (fullImageName) => {
       fullImageName = fullImageName.replace(":" + nameObj.tag, "");
     }
   }
+  if (fullImageName && fullImageName.startsWith("library/")) {
+    fullImageName = fullImageName.replace("library/", "");
+  }
   // The left over string is the repo name
   nameObj.repo = fullImageName;
   return nameObj;
@@ -333,7 +336,9 @@ export const parseImageName = (fullImageName) => {
  */
 export const getImage = async (fullImageName) => {
   let localData = undefined;
+  let pullData = undefined;
   const { repo, tag, digest } = parseImageName(fullImageName);
+  let repoWithTag = `${repo}:${tag !== "" ? tag : ":latest"}`;
   // Fetch only the latest tag if none is specified
   if (tag === "" && digest === "") {
     fullImageName = fullImageName + ":latest";
@@ -379,6 +384,14 @@ export const getImage = async (fullImageName) => {
       }
     }
   }
+  try {
+    localData = await makeRequest(`images/${repoWithTag}/json`);
+    if (localData) {
+      return localData;
+    }
+  } catch (err) {
+    // ignore
+  }
   try {
     localData = await makeRequest(`images/${repo}/json`);
   } catch (err) {
@@ -397,7 +410,7 @@ export const getImage = async (fullImageName) => {
     }
     // If the data is not available locally
     try {
-      const pullData = await makeRequest(
+      pullData = await makeRequest(
         `images/create?fromImage=${fullImageName}`,
         "POST"
       );
@@ -415,15 +428,42 @@ export const getImage = async (fullImageName) => {
         return undefined;
       }
     } catch (err) {
-      // continue regardless of error
+      try {
+        if (DEBUG_MODE) {
+          console.log(`Re-trying the pull with the name ${repoWithTag}.`);
+        }
+        pullData = await makeRequest(
+          `images/create?fromImage=${repoWithTag}`,
+          "POST"
+        );
+      } catch (err) {
+        // continue regardless of error
+      }
     }
     try {
       if (DEBUG_MODE) {
-        console.log(`Trying with ${repo}`);
+        console.log(`Trying with ${repoWithTag}`);
+      }
+      localData = await makeRequest(`images/${repoWithTag}/json`);
+      if (localData) {
+        return localData;
       }
-      localData = await makeRequest(`images/${repo}/json`);
     } catch (err) {
       try {
+        if (DEBUG_MODE) {
+          console.log(`Trying with ${repo}`);
+        }
+        localData = await makeRequest(`images/${repo}/json`);
+        if (localData) {
+          return localData;
+        }
+      } catch (err) {
+        // continue regardless of error
+      }
+      try {
+        if (DEBUG_MODE) {
+          console.log(`Trying with ${fullImageName}`);
+        }
         localData = await makeRequest(`images/${fullImageName}/json`);
       } catch (err) {
         // continue regardless of error
@@ -701,7 +741,26 @@ export const exportImage = async (fullImageName) => {
         })
       );
     } catch (err) {
-      console.error(err);
+      if (localData && localData.Id) {
+        console.log(`Retrying with ${localData.Id}`);
+        try {
+          await stream.pipeline(
+            client.stream(`images/${localData.Id}/get`),
+            x({
+              sync: true,
+              preserveOwner: false,
+              noMtime: true,
+              noChmod: true,
+              strict: true,
+              C: tempDir,
+              portable: true,
+              onwarn: () => {}
+            })
+          );
+        } catch (err) {
+          console.log(err);
+        }
+      }
     }
   }
   // Continue with extracting the layers