@cyclonedx/cdxgen 9.8.9 → 9.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +54 -36
- package/analyzer.js +6 -2
- package/bin/cdxgen.js +65 -30
- package/bin/evinse.js +67 -4
- package/bin/verify.js +2 -0
- package/binary.js +20 -2
- package/data/README.md +1 -0
- package/data/frameworks-list.json +128 -0
- package/display.js +34 -0
- package/docker.js +64 -5
- package/evinser.js +109 -10
- package/index.js +103 -91
- package/package.json +7 -6
- package/postgen.js +92 -0
- package/postgen.test.js +70 -0
- package/server.js +18 -11
- package/utils.js +407 -177
- package/utils.test.js +81 -7
package/server.js
CHANGED
|
@@ -7,6 +7,8 @@ import os from "node:os";
|
|
|
7
7
|
import fs from "node:fs";
|
|
8
8
|
import path from "node:path";
|
|
9
9
|
import { createBom, submitBom } from "./index.js";
|
|
10
|
+
import { postProcess } from "./postgen.js";
|
|
11
|
+
|
|
10
12
|
import compression from "compression";
|
|
11
13
|
|
|
12
14
|
// Timeout milliseconds. Default 10 mins
|
|
@@ -60,7 +62,10 @@ const parseQueryString = (q, body, options = {}) => {
|
|
|
60
62
|
"parentUUID",
|
|
61
63
|
"serverUrl",
|
|
62
64
|
"apiKey",
|
|
63
|
-
"specVersion"
|
|
65
|
+
"specVersion",
|
|
66
|
+
"filter",
|
|
67
|
+
"only",
|
|
68
|
+
"autoCompositions"
|
|
64
69
|
];
|
|
65
70
|
|
|
66
71
|
for (const param of queryParams) {
|
|
@@ -69,11 +74,6 @@ const parseQueryString = (q, body, options = {}) => {
|
|
|
69
74
|
}
|
|
70
75
|
}
|
|
71
76
|
|
|
72
|
-
// To help dependency track users, we downgrade the spec version to 1.4 automatically
|
|
73
|
-
if (options.serverUrl || options.apiKey) {
|
|
74
|
-
options.specVersion = 1.4;
|
|
75
|
-
}
|
|
76
|
-
|
|
77
77
|
options.projectType == options.type;
|
|
78
78
|
delete options.type;
|
|
79
79
|
|
|
@@ -94,7 +94,7 @@ const start = (options) => {
|
|
|
94
94
|
.listen(options.serverPort, options.serverHost);
|
|
95
95
|
configureServer(cdxgenServer);
|
|
96
96
|
|
|
97
|
-
app.use("/health", async function (
|
|
97
|
+
app.use("/health", async function (_req, res) {
|
|
98
98
|
res.setHeader("Content-Type", "application/json");
|
|
99
99
|
res.end(JSON.stringify({ status: "OK" }, null, 2));
|
|
100
100
|
});
|
|
@@ -102,7 +102,11 @@ const start = (options) => {
|
|
|
102
102
|
app.use("/sbom", async function (req, res) {
|
|
103
103
|
const q = url.parse(req.url, true).query;
|
|
104
104
|
let cleanup = false;
|
|
105
|
-
|
|
105
|
+
const reqOptions = parseQueryString(
|
|
106
|
+
q,
|
|
107
|
+
req.body,
|
|
108
|
+
Object.assign({}, options)
|
|
109
|
+
);
|
|
106
110
|
const filePath = q.path || q.url || req.body.path || req.body.url;
|
|
107
111
|
if (!filePath) {
|
|
108
112
|
res.writeHead(500, { "Content-Type": "application/json" });
|
|
@@ -117,7 +121,10 @@ const start = (options) => {
|
|
|
117
121
|
cleanup = true;
|
|
118
122
|
}
|
|
119
123
|
console.log("Generating SBOM for", srcDir);
|
|
120
|
-
|
|
124
|
+
let bomNSData = (await createBom(srcDir, reqOptions)) || {};
|
|
125
|
+
if (reqOptions.requiredOnly || reqOptions["filter"] || reqOptions["only"]) {
|
|
126
|
+
bomNSData = postProcess(bomNSData, reqOptions);
|
|
127
|
+
}
|
|
121
128
|
if (bomNSData.bomJson) {
|
|
122
129
|
if (
|
|
123
130
|
typeof bomNSData.bomJson === "string" ||
|
|
@@ -128,9 +135,9 @@ const start = (options) => {
|
|
|
128
135
|
res.write(JSON.stringify(bomNSData.bomJson, null, 2));
|
|
129
136
|
}
|
|
130
137
|
}
|
|
131
|
-
if (
|
|
138
|
+
if (reqOptions.serverUrl && reqOptions.apiKey) {
|
|
132
139
|
console.log("Publishing SBOM to Dependency Track");
|
|
133
|
-
submitBom(
|
|
140
|
+
submitBom(reqOptions, bomNSData.bomJson);
|
|
134
141
|
}
|
|
135
142
|
res.end("\n");
|
|
136
143
|
if (cleanup && srcDir && srcDir.startsWith(os.tmpdir()) && fs.rmSync) {
|