@datadog/datadog-ci-plugin-sbom 5.8.0 → 5.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.d.ts +10 -6
- package/dist/constants.js +12 -7
- package/dist/constants.js.map +1 -1
- package/dist/payload.js +27 -23
- package/dist/payload.js.map +1 -1
- package/dist/validation.d.ts +1 -1
- package/dist/validation.js +1 -1
- package/package.json +5 -5
package/dist/constants.d.ts
CHANGED
|
@@ -1,8 +1,12 @@
|
|
|
1
1
|
export declare const API_ENDPOINT = "api/v2/static-analysis-sca/dependencies";
|
|
2
|
-
export declare const
|
|
3
|
-
export declare const
|
|
4
|
-
export declare const
|
|
5
|
-
export declare const
|
|
6
|
-
export declare const
|
|
7
|
-
export declare const
|
|
2
|
+
export declare const LEGACY_PACKAGE_MANAGER_PROPERTY_KEY = "osv-scanner:package-manager";
|
|
3
|
+
export declare const LEGACY_IS_DEPENDENCY_DIRECT_PROPERTY_KEY = "osv-scanner:is-direct";
|
|
4
|
+
export declare const LEGACY_IS_DEPENDENCY_DEV_ENVIRONMENT_PROPERTY_KEY = "osv-scanner:is-dev";
|
|
5
|
+
export declare const LEGACY_EXCLUSION_KEY = "datadog-sbom-generator:exclusion";
|
|
6
|
+
export declare const LEGACY_REACHABLE_SYMBOL_LOCATION_KEY_PREFIX = "datadog-sbom-generator:reachable-symbol-location";
|
|
7
|
+
export declare const PACKAGE_MANAGER_PROPERTY_KEY = "datadog:package-manager";
|
|
8
|
+
export declare const IS_DEPENDENCY_DIRECT_PROPERTY_KEY = "datadog:is-direct";
|
|
9
|
+
export declare const IS_DEPENDENCY_DEV_ENVIRONMENT_PROPERTY_KEY = "datadog:is-dev";
|
|
10
|
+
export declare const EXCLUSION_KEY = "datadog:exclusion";
|
|
11
|
+
export declare const REACHABLE_SYMBOL_LOCATION_KEY_PREFIX = "datadog:reachable-symbol-location";
|
|
8
12
|
export declare const TARGET_FRAMEWORK_KEY = "datadog:target-framework";
|
package/dist/constants.js
CHANGED
|
@@ -1,15 +1,20 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.TARGET_FRAMEWORK_KEY = exports.REACHABLE_SYMBOL_LOCATION_KEY_PREFIX = exports.EXCLUSION_KEY = exports.
|
|
3
|
+
exports.TARGET_FRAMEWORK_KEY = exports.REACHABLE_SYMBOL_LOCATION_KEY_PREFIX = exports.EXCLUSION_KEY = exports.IS_DEPENDENCY_DEV_ENVIRONMENT_PROPERTY_KEY = exports.IS_DEPENDENCY_DIRECT_PROPERTY_KEY = exports.PACKAGE_MANAGER_PROPERTY_KEY = exports.LEGACY_REACHABLE_SYMBOL_LOCATION_KEY_PREFIX = exports.LEGACY_EXCLUSION_KEY = exports.LEGACY_IS_DEPENDENCY_DEV_ENVIRONMENT_PROPERTY_KEY = exports.LEGACY_IS_DEPENDENCY_DIRECT_PROPERTY_KEY = exports.LEGACY_PACKAGE_MANAGER_PROPERTY_KEY = exports.API_ENDPOINT = void 0;
|
|
4
4
|
exports.API_ENDPOINT = 'api/v2/static-analysis-sca/dependencies';
|
|
5
5
|
// os-scanner specific SBOM properties
|
|
6
|
-
exports.
|
|
7
|
-
exports.
|
|
8
|
-
exports.
|
|
9
|
-
exports.FILE_PACKAGE_PROPERTY_KEY = 'osv-scanner:package';
|
|
6
|
+
exports.LEGACY_PACKAGE_MANAGER_PROPERTY_KEY = 'osv-scanner:package-manager';
|
|
7
|
+
exports.LEGACY_IS_DEPENDENCY_DIRECT_PROPERTY_KEY = 'osv-scanner:is-direct';
|
|
8
|
+
exports.LEGACY_IS_DEPENDENCY_DEV_ENVIRONMENT_PROPERTY_KEY = 'osv-scanner:is-dev';
|
|
10
9
|
// datadog-sbom-generator specific SBOM properties
|
|
11
|
-
exports.
|
|
12
|
-
exports.
|
|
10
|
+
exports.LEGACY_EXCLUSION_KEY = 'datadog-sbom-generator:exclusion';
|
|
11
|
+
exports.LEGACY_REACHABLE_SYMBOL_LOCATION_KEY_PREFIX = 'datadog-sbom-generator:reachable-symbol-location';
|
|
12
|
+
// datadog canonical SBOM properties
|
|
13
|
+
exports.PACKAGE_MANAGER_PROPERTY_KEY = 'datadog:package-manager';
|
|
14
|
+
exports.IS_DEPENDENCY_DIRECT_PROPERTY_KEY = 'datadog:is-direct';
|
|
15
|
+
exports.IS_DEPENDENCY_DEV_ENVIRONMENT_PROPERTY_KEY = 'datadog:is-dev';
|
|
16
|
+
exports.EXCLUSION_KEY = 'datadog:exclusion';
|
|
17
|
+
exports.REACHABLE_SYMBOL_LOCATION_KEY_PREFIX = 'datadog:reachable-symbol-location';
|
|
13
18
|
// datadog-sca specific SBOM properties
|
|
14
19
|
exports.TARGET_FRAMEWORK_KEY = 'datadog:target-framework';
|
|
15
20
|
//# sourceMappingURL=constants.js.map
|
package/dist/constants.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";;;AAAa,QAAA,YAAY,GAAG,yCAAyC,CAAA;AAErE,sCAAsC;AACzB,QAAA,
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";;;AAAa,QAAA,YAAY,GAAG,yCAAyC,CAAA;AAErE,sCAAsC;AACzB,QAAA,mCAAmC,GAAG,6BAA6B,CAAA;AACnE,QAAA,wCAAwC,GAAG,uBAAuB,CAAA;AAClE,QAAA,iDAAiD,GAAG,oBAAoB,CAAA;AAErF,kDAAkD;AACrC,QAAA,oBAAoB,GAAG,kCAAkC,CAAA;AACzD,QAAA,2CAA2C,GAAG,kDAAkD,CAAA;AAE7G,oCAAoC;AACvB,QAAA,4BAA4B,GAAG,yBAAyB,CAAA;AACxD,QAAA,iCAAiC,GAAG,mBAAmB,CAAA;AACvD,QAAA,0CAA0C,GAAG,gBAAgB,CAAA;AAC7D,QAAA,aAAa,GAAG,mBAAmB,CAAA;AACnC,QAAA,oCAAoC,GAAG,mCAAmC,CAAA;AAEvF,uCAAuC;AAC1B,QAAA,oBAAoB,GAAG,0BAA0B,CAAA"}
|
package/dist/payload.js
CHANGED
|
@@ -118,9 +118,6 @@ const generatePayload = (jsonContent, tags, service, env) => {
|
|
|
118
118
|
dependencies.push(dependency);
|
|
119
119
|
}
|
|
120
120
|
}
|
|
121
|
-
else if (component['type'] === 'file') {
|
|
122
|
-
files.push(extractingFile(component));
|
|
123
|
-
}
|
|
124
121
|
}
|
|
125
122
|
}
|
|
126
123
|
if (jsonContent['dependencies']) {
|
|
@@ -211,16 +208,34 @@ const extractingDependency = (component) => {
|
|
|
211
208
|
locations.push(loc);
|
|
212
209
|
}
|
|
213
210
|
}
|
|
211
|
+
// values coming from legacy property names
|
|
212
|
+
let legacyPackageManager = '';
|
|
213
|
+
let legacyIsDirect;
|
|
214
|
+
let legacyIsDev;
|
|
215
|
+
// values coming from new canonical properties
|
|
214
216
|
let packageManager = '';
|
|
215
217
|
let isDirect;
|
|
216
218
|
let isDev;
|
|
217
|
-
const exclusions =
|
|
219
|
+
const exclusions = new Set();
|
|
218
220
|
const targetFrameworks = [];
|
|
219
221
|
const reachableSymbolProperties = [];
|
|
220
222
|
for (const property of (_a = component['properties']) !== null && _a !== void 0 ? _a : []) {
|
|
221
223
|
const propertyName = property.name;
|
|
222
224
|
const propertyValue = property.value;
|
|
223
|
-
if (propertyName === constants_1.
|
|
225
|
+
if (propertyName === constants_1.LEGACY_PACKAGE_MANAGER_PROPERTY_KEY) {
|
|
226
|
+
legacyPackageManager = propertyValue;
|
|
227
|
+
}
|
|
228
|
+
else if (propertyName === constants_1.LEGACY_IS_DEPENDENCY_DIRECT_PROPERTY_KEY) {
|
|
229
|
+
legacyIsDirect = parseTrueOrUndefined(propertyValue);
|
|
230
|
+
}
|
|
231
|
+
else if (propertyName === constants_1.LEGACY_IS_DEPENDENCY_DEV_ENVIRONMENT_PROPERTY_KEY) {
|
|
232
|
+
legacyIsDev = parseTrueOrUndefined(propertyValue);
|
|
233
|
+
}
|
|
234
|
+
else if (propertyName === constants_1.LEGACY_EXCLUSION_KEY || propertyName === constants_1.EXCLUSION_KEY) {
|
|
235
|
+
// here we merge everything using a set
|
|
236
|
+
exclusions.add(propertyValue);
|
|
237
|
+
}
|
|
238
|
+
else if (propertyName === constants_1.PACKAGE_MANAGER_PROPERTY_KEY) {
|
|
224
239
|
packageManager = propertyValue;
|
|
225
240
|
}
|
|
226
241
|
else if (propertyName === constants_1.IS_DEPENDENCY_DIRECT_PROPERTY_KEY) {
|
|
@@ -229,13 +244,12 @@ const extractingDependency = (component) => {
|
|
|
229
244
|
else if (propertyName === constants_1.IS_DEPENDENCY_DEV_ENVIRONMENT_PROPERTY_KEY) {
|
|
230
245
|
isDev = parseTrueOrUndefined(propertyValue);
|
|
231
246
|
}
|
|
232
|
-
else if (propertyName === constants_1.EXCLUSION_KEY) {
|
|
233
|
-
exclusions.push(propertyValue);
|
|
234
|
-
}
|
|
235
247
|
else if (propertyName === constants_1.TARGET_FRAMEWORK_KEY) {
|
|
236
248
|
targetFrameworks.push(propertyValue);
|
|
237
249
|
}
|
|
238
|
-
else if (propertyName.startsWith(constants_1.
|
|
250
|
+
else if (propertyName.startsWith(constants_1.LEGACY_REACHABLE_SYMBOL_LOCATION_KEY_PREFIX) ||
|
|
251
|
+
propertyName.startsWith(constants_1.REACHABLE_SYMBOL_LOCATION_KEY_PREFIX)) {
|
|
252
|
+
// here we keep everything, deduplication will be managed downstream
|
|
239
253
|
const missingKeys = validateReachableSymbolLocationValue(propertyValue);
|
|
240
254
|
if (missingKeys.length > 0) {
|
|
241
255
|
console.error(`Error in reachable symbol locations for ${purl}:`);
|
|
@@ -250,6 +264,9 @@ const extractingDependency = (component) => {
|
|
|
250
264
|
});
|
|
251
265
|
}
|
|
252
266
|
}
|
|
267
|
+
packageManager = packageManager !== '' ? packageManager : legacyPackageManager;
|
|
268
|
+
isDev = isDev !== undefined ? isDev : legacyIsDev;
|
|
269
|
+
isDirect = isDirect !== undefined ? isDirect : legacyIsDirect;
|
|
253
270
|
const dependency = {
|
|
254
271
|
name: component['name'],
|
|
255
272
|
group: component['group'] || undefined,
|
|
@@ -263,23 +280,10 @@ const extractingDependency = (component) => {
|
|
|
263
280
|
package_manager: packageManager,
|
|
264
281
|
reachable_symbol_properties: reachableSymbolProperties,
|
|
265
282
|
target_frameworks: targetFrameworks,
|
|
266
|
-
exclusions,
|
|
283
|
+
exclusions: Array.from(exclusions),
|
|
267
284
|
};
|
|
268
285
|
return dependency;
|
|
269
286
|
};
|
|
270
|
-
const extractingFile = (component) => {
|
|
271
|
-
var _a;
|
|
272
|
-
let purl;
|
|
273
|
-
for (const property of (_a = component['properties']) !== null && _a !== void 0 ? _a : []) {
|
|
274
|
-
if (property['name'] === constants_1.FILE_PACKAGE_PROPERTY_KEY) {
|
|
275
|
-
purl = property['value'];
|
|
276
|
-
}
|
|
277
|
-
}
|
|
278
|
-
return {
|
|
279
|
-
name: component['name'],
|
|
280
|
-
purl,
|
|
281
|
-
};
|
|
282
|
-
};
|
|
283
287
|
const extractingRelations = (dependency) => {
|
|
284
288
|
return {
|
|
285
289
|
component_ref: dependency['ref'],
|
package/dist/payload.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../src/payload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAkC;AAClC,oDAA2B;AAG3B,gEAU8C;AAE9C,
|
|
1
|
+
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../src/payload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAkC;AAClC,oDAA2B;AAG3B,gEAU8C;AAE9C,2CAYoB;AACpB,yCAAmD;AAgBnD,sFAAsF;AACtF,mBAAmB;AACnB,MAAM,aAAa,GAAG,CAAC,QAA0B,EAAwB,EAAE;IACzE,IAAI,CAAC,QAAQ,EAAE;QACb,OAAO,SAAS,CAAA;KACjB;IACD,IACE,CAAC,QAAQ,CAAC,SAAS;QACnB,CAAC,QAAQ,CAAC,UAAU;QACpB,CAAC,QAAQ,CAAC,QAAQ;QAClB,CAAC,QAAQ,CAAC,YAAY;QACtB,CAAC,QAAQ,CAAC,UAAU,EACpB;QACA,OAAO,SAAS,CAAA;KACjB;IAED,IAAI,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC,UAAU,EAAE;QAC3C,OAAO,SAAS,CAAA;KACjB;IAED,IAAI,QAAQ,CAAC,QAAQ,KAAK,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,YAAY,EAAE;QAC7F,OAAO,SAAS,CAAA;KACjB;IAED,wBAAwB;IACxB,IAAI,QAAQ,CAAC,UAAU,IAAI,CAAC,IAAI,QAAQ,CAAC,QAAQ,IAAI,CAAC,IAAI,QAAQ,CAAC,YAAY,IAAI,CAAC,IAAI,QAAQ,CAAC,UAAU,IAAI,CAAC,EAAE;QAChH,OAAO,SAAS,CAAA;KACjB;IAED,OAAO;QACL,SAAS,EAAE,QAAQ,CAAC,SAAS;QAC7B,KAAK,EAAE;YACL,IAAI,EAAE,QAAQ,CAAC,UAAU;YACzB,GAAG,EAAE,QAAQ,CAAC,YAAY;SAC3B;QACD,GAAG,EAAE;YACH,IAAI,EAAE,QAAQ,CAAC,QAAQ;YACvB,GAAG,EAAE,QAAQ,CAAC,UAAU;SACzB;KACF,CAAA;AACH,CAAC,CAAA;AAED,4FAA4F;AAC5F,MAAM,oBAAoB,GAAG,CAAC,SAAiB,EAAyB,EAAE;IACxE,IAAI;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QAEpC,MAAM,GAAG,GAAc;YACrB,KAAK,EAAE,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACrC,SAAS,EAAE,aAAa,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAC7C,IAAI,EAAE,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACnC,OAAO,EAAE,aAAa,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;SAC1C,CAAA;QAED,iFAAiF;QACjF,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE;YACd,OAAO,SAAS,CAAA;SACjB;QAED,OAAO,GAAG,CAAA;KACX;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,EAAE,CAAC,CAAA;KACpD;IAED,OAAO,SAAS,CAAA;AAClB,CAAC,CAAA;AAED,0CAA0C;AAC1C,sDAAsD;AACtD,yCAAyC;AAClC,MAAM,eAAe,GAAG,CAC7B,WAAgB,EAChB,IAAc,EACd,OAAe,EACf,GAAW,EACa,EAAE;;IAC1B,MAAM,YAAY,GAAiB,EAAE,CAAA;IACrC,MAAM,KAAK,GAAW,EAAE,CAAA;IACxB,MAAM,SAAS,GAAgB,EAAE,CAAA;IACjC,MAAM,eAAe,GAAoB,EAAE,CAAA;IAE3C,IAAI,WAAW,EAAE;QACf,8EAA8E;QAC9E,uDAAuD;QACvD,IAAI,CAAC,IAAI,CAAC,+BAAwB,CAAC,EAAE;YACnC,MAAM,cAAc,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAA;YAErD,IAAI,cAAc,EAAE;gBAClB,IAAI,CAAC,+BAAwB,CAAC,GAAG,cAAc,CAAC,IAAI,CAAA;gBACpD,IAAI,CAAC,kCAA2B,CAAC,GAAG,cAAc,CAAC,OAAO,CAAA;aAC3D;SACF;QACD,IAAI,WAAW,CAAC,YAAY,CAAC,EAAE;YAC7B,KAAK,MAAM,SAAS,IAAI,WAAW,CAAC,YAAY,CAAC,EAAE;gBACjD,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE;oBAC5C,SAAQ;iBACT;gBAED,IAAI,SAAS,CAAC,MAAM,CAAC,KAAK,SAAS,IAAI,SAAS,CAAC,MAAM,CAAC,KAAK,WAAW,EAAE;oBACxE,MAAM,UAAU,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAA;oBAElD,IAAI,UAAU,KAAK,SAAS,EAAE;wBAC5B,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;qBAC9B;iBACF;aACF;SACF;QACD,IAAI,WAAW,CAAC,cAAc,CAAC,EAAE;YAC/B,KAAK,MAAM,UAAU,IAAI,WAAW,CAAC,cAAc,CAAC,EAAE;gBACpD,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE;oBAClD,SAAQ;iBACT;gBACD,SAAS,CAAC,IAAI,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAA;aAChD;SACF;QACD,IAAI,WAAW,CAAC,iBAAiB,CAAC,EAAE;YAClC,KAAK,MAAM,aAAa,IAAI,WAAW,CAAC,iBAAiB,CAAC,EAAE;gBAC1D,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,EAAE;oBACrD,SAAQ;iBACT;gBACD,MAAM,OAAO,GAAa,EAAE,CAAA;gBAC5B,+DAA+D;gBAC/D,IAAI,aAAa,CAAC,SAAS,CAAC,EAAE;oBAC5B,KAAK,MAAM,QAAQ,IAAI,aAAa,CAAC,SAAS,CAAC,EAAE;wBAC/C,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;4BACpB,SAAQ;yBACT;wBACD,OAAO,CAAC,IAAI,CAAC;4BACX,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC;yBACrB,CAAC,CAAA;qBACH;iBACF;gBACD,eAAe,CAAC,IAAI,CAAC;oBACnB,EAAE,EAAE,aAAa,CAAC,IAAI,CAAC;oBACvB,OAAO,EAAE,aAAa,CAAC,SAAS,CAAC;oBACjC,OAAO;iBACR,CAAC,CAAA;aACH;SACF;KACF;IAED,yEAAyE;IACzE,kCAAkC;IAClC,OAAO;QACL,EAAE,EAAE,gBAAM,CAAC,UAAU,EAAE;QACvB,MAAM,EAAE;YACN,WAAW,EAAE,MAAA,IAAI,CAAC,6BAAsB,CAAC,mCAAI,EAAE;YAC/C,YAAY,EAAE,MAAA,IAAI,CAAC,8BAAuB,CAAC,mCAAI,EAAE;YACjD,cAAc,EAAE,MAAA,IAAI,CAAC,gCAAyB,CAAC,mCAAI,EAAE;YACrD,eAAe,EAAE,MAAA,IAAI,CAAC,iCAA0B,CAAC,mCAAI,EAAE;YACvD,GAAG,EAAE,MAAA,IAAI,CAAC,cAAO,CAAC,mCAAI,EAAE;YACxB,MAAM,EAAE,MAAA,IAAI,CAAC,iBAAU,CAAC,mCAAI,EAAE;SAC/B;QACD,UAAU,EAAE;YACV,GAAG,EAAE,MAAA,IAAI,CAAC,yBAAkB,CAAC,mCAAI,EAAE;SACpC;QACD,IAAI;QACJ,YAAY;QACZ,KAAK;QACL,SAAS;QACT,eAAe;QACf,OAAO;QACP,GAAG;KACJ,CAAA;AACH,CAAC,CAAA;AA9FY,QAAA,eAAe,mBA8F3B;AAED,MAAM,oBAAoB,GAAG,CAAC,SAAc,EAA0B,EAAE;;IACtE,MAAM,IAAI,GAAG,IAAA,mCAAwB,EAAC,SAAS,CAAC,CAAA;IAEhD,IAAI,CAAC,IAAI,EAAE;QACT,OAAM;KACP;IAED,MAAM,IAAI,GAAuB,SAAS,CAAC,MAAM,CAAC,CAAA;IAElD,IAAI,CAAC,IAAI,EAAE;QACT,OAAO,CAAC,KAAK,CAAC,kCAAkC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QAEpE,OAAM;KACP;IAED,MAAM,SAAS,GAAgB,EAAE,CAAA;IAEjC,qDAAqD;IACrD,MAAM,gBAAgB,GAAgB,IAAI,GAAG,EAAE,CAAA;IAC/C,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC,UAAU,CAAC,CAAC,aAAa,CAAC,EAAE;QACjE,KAAK,MAAM,GAAG,IAAI,SAAS,CAAC,UAAU,CAAC,CAAC,aAAa,CAAC,EAAE;YACtD,IAAI,GAAG,CAAC,UAAU,CAAC,EAAE;gBACnB,MAAM,GAAG,GAAW,GAAG,CAAC,UAAU,CAAC,CAAA;gBAEnC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;oBAC9B,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;iBAC1B;aACF;SACF;KACF;IAED,KAAK,MAAM,CAAC,IAAI,gBAAgB,EAAE;QAChC,MAAM,GAAG,GAAG,oBAAoB,CAAC,CAAC,CAAC,CAAA;QACnC,IAAI,GAAG,EAAE;YACP,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;SACpB;KACF;IAED,2CAA2C;IAC3C,IAAI,oBAAoB,GAAG,EAAE,CAAA;IAC7B,IAAI,cAAc,CAAA;IAClB,IAAI,WAAW,CAAA;IAEf,8CAA8C;IAC9C,IAAI,cAAc,GAAG,EAAE,CAAA;IACvB,IAAI,QAAQ,CAAA;IACZ,IAAI,KAAK,CAAA;IAET,MAAM,UAAU,GAAgB,IAAI,GAAG,EAAU,CAAA;IACjD,MAAM,gBAAgB,GAAa,EAAE,CAAA;IACrC,MAAM,yBAAyB,GAAe,EAAE,CAAA;IAEhD,KAAK,MAAM,QAAQ,IAAI,MAAA,SAAS,CAAC,YAAY,CAAC,mCAAI,EAAE,EAAE;QACpD,MAAM,YAAY,GAAW,QAAQ,CAAC,IAAI,CAAA;QAC1C,MAAM,aAAa,GAAW,QAAQ,CAAC,KAAK,CAAA;QAE5C,IAAI,YAAY,KAAK,+CAAmC,EAAE;YACxD,oBAAoB,GAAG,aAAa,CAAA;SACrC;aAAM,IAAI,YAAY,KAAK,oDAAwC,EAAE;YACpE,cAAc,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAA;SACrD;aAAM,IAAI,YAAY,KAAK,6DAAiD,EAAE;YAC7E,WAAW,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAA;SAClD;aAAM,IAAI,YAAY,KAAK,gCAAoB,IAAI,YAAY,KAAK,yBAAa,EAAE;YAClF,uCAAuC;YACvC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;SAC9B;aAAM,IAAI,YAAY,KAAK,wCAA4B,EAAE;YACxD,cAAc,GAAG,aAAa,CAAA;SAC/B;aAAM,IAAI,YAAY,KAAK,6CAAiC,EAAE;YAC7D,QAAQ,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAA;SAC/C;aAAM,IAAI,YAAY,KAAK,sDAA0C,EAAE;YACtE,KAAK,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAA;SAC5C;aAAM,IAAI,YAAY,KAAK,gCAAoB,EAAE;YAChD,gBAAgB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;SACrC;aAAM,IACL,YAAY,CAAC,UAAU,CAAC,uDAA2C,CAAC;YACpE,YAAY,CAAC,UAAU,CAAC,gDAAoC,CAAC,EAC7D;YACA,oEAAoE;YACpE,MAAM,WAAW,GAAG,oCAAoC,CAAC,aAAa,CAAC,CAAA;YACvE,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;gBAC1B,OAAO,CAAC,KAAK,CAAC,2CAA2C,IAAI,GAAG,CAAC,CAAA;gBACjE,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE;oBAC7B,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,aAAa,CAAC,CAAA;iBACrC;gBACD,SAAQ;aACT;YACD,yBAAyB,CAAC,IAAI,CAAC;gBAC7B,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,aAAa;aACrB,CAAC,CAAA;SACH;KACF;IAED,cAAc,GAAG,cAAc,KAAK,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,oBAAoB,CAAA;IAC9E,KAAK,GAAG,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW,CAAA;IACjD,QAAQ,GAAG,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAA;IAE7D,MAAM,UAAU,GAAe;QAC7B,IAAI,EAAE,SAAS,CAAC,MAAM,CAAC;QACvB,KAAK,EAAE,SAAS,CAAC,OAAO,CAAC,IAAI,SAAS;QACtC,OAAO,EAAE,SAAS,CAAC,SAAS,CAAC,IAAI,SAAS;QAC1C,QAAQ,EAAE,IAAI;QACd,QAAQ,EAAE,EAAE;QACZ,IAAI;QACJ,SAAS;QACT,SAAS,EAAE,QAAQ;QACnB,MAAM,EAAE,KAAK;QACb,eAAe,EAAE,cAAc;QAC/B,2BAA2B,EAAE,yBAAyB;QACtD,iBAAiB,EAAE,gBAAgB;QACnC,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC;KACnC,CAAA;IAED,OAAO,UAAU,CAAA;AACnB,CAAC,CAAA;AAED,MAAM,mBAAmB,GAAG,CAAC,UAAe,EAAa,EAAE;IACzD,OAAO;QACL,aAAa,EAAE,UAAU,CAAC,KAAK,CAAC;QAChC,UAAU,EAAE,UAAU,CAAC,WAAW,CAAC;KACpC,CAAA;AACH,CAAC,CAAA;AAED,MAAM,iBAAiB,GAAG,CAAC,WAAgB,EAA8B,EAAE;;IACzE,MAAM,KAAK,GAAG,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,QAAQ,0CAAE,KAAK,CAAA;IAE1C,2CAA2C;IAC3C,sDAAsD;IACtD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QACxB,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QACtC,6CAA6C;QAC7C,sDAAsD;KACvD;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QACpC,MAAM,aAAa,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAA;QAE9C,OAAO,qBAAqB,CAAC,aAAa,CAAC,CAAA;KAC5C;IAED,OAAO,SAAS,CAAA;AAClB,CAAC,CAAA;AAED,MAAM,iBAAiB,GAAG,CAAC,IAAS,EAAO,EAAE;IAC3C,IAAI,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE;QACrD,+DAA+D;QAC/D,kDAAkD;QAClD,MAAM,oBAAoB,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,SAAc,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,aAAa,CAAC,CAAA;QACvG,IAAI,oBAAoB,EAAE;YACxB,OAAO,oBAAoB,CAAA;SAC5B;QAED,0DAA0D;QAC1D,OAAO,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;KAC1B;IAED,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAED,MAAM,qBAAqB,GAAG,CAAC,IAAS,EAAkB,EAAE;IAC1D,OAAO;QACL,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC;QAClB,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC;KACzB,CAAA;AACH,CAAC,CAAA;AAED,MAAM,oBAAoB,GAAG,CAAC,KAAc,EAAoB,EAAE;IAChE,OAAO,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,WAAW,EAAE,MAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAA;AAC3D,CAAC,CAAA;AACD,0EAA0E;AAC1E,iFAAiF;AACjF,MAAM,oCAAoC,GAAG,CAAC,KAAa,EAAY,EAAE;IACvE,MAAM,WAAW,GAAG,EAAE,CAAA;IAEtB,MAAM,UAAU,GAAmC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;IAEpE,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE;QAClC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE;YACxB,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;SAC9B;QACD,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE;YACzB,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;SAC/B;QACD,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE;YACvB,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;SAC7B;QACD,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE;YAC3B,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;SACjC;QACD,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE;YACzB,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;SAC/B;QACD,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE;YACrB,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;SAC3B;KACF;IAED,OAAO,WAAW,CAAA;AACpB,CAAC,CAAA"}
|
package/dist/validation.d.ts
CHANGED
|
@@ -14,7 +14,7 @@ export declare const getValidator: () => Ajv;
|
|
|
14
14
|
*/
|
|
15
15
|
export declare const validateSbomFileAgainstSchema: (path: string, ajv: Ajv, debug: boolean) => boolean;
|
|
16
16
|
/**
|
|
17
|
-
* Validate an SBOM file again what we need.
|
|
17
|
+
* Validate an SBOM file again with what we need.
|
|
18
18
|
* @param path - the path of the file to validate
|
|
19
19
|
* @param debug - if we need to show debug information
|
|
20
20
|
*/
|
package/dist/validation.js
CHANGED
|
@@ -87,7 +87,7 @@ const validateSbomFileAgainstSchema = (path, ajv, debug) => {
|
|
|
87
87
|
};
|
|
88
88
|
exports.validateSbomFileAgainstSchema = validateSbomFileAgainstSchema;
|
|
89
89
|
/**
|
|
90
|
-
* Validate an SBOM file again what we need.
|
|
90
|
+
* Validate an SBOM file again with what we need.
|
|
91
91
|
* @param path - the path of the file to validate
|
|
92
92
|
* @param debug - if we need to show debug information
|
|
93
93
|
*/
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@datadog/datadog-ci-plugin-sbom",
|
|
3
|
-
"version": "5.
|
|
3
|
+
"version": "5.9.1",
|
|
4
4
|
"description": "Datadog CI plugin for `sbom` commands",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"keywords": [
|
|
@@ -35,15 +35,15 @@
|
|
|
35
35
|
"prepack": "yarn package:clean-dist"
|
|
36
36
|
},
|
|
37
37
|
"peerDependencies": {
|
|
38
|
-
"@datadog/datadog-ci-base": "5.
|
|
38
|
+
"@datadog/datadog-ci-base": "5.9.1"
|
|
39
39
|
},
|
|
40
40
|
"dependencies": {
|
|
41
|
-
"ajv": "^8.
|
|
42
|
-
"ajv-formats": "^
|
|
41
|
+
"ajv": "^8.18.0",
|
|
42
|
+
"ajv-formats": "^3.0.1",
|
|
43
43
|
"axios": "^1.13.5",
|
|
44
44
|
"chalk": "3.0.0",
|
|
45
45
|
"packageurl-js": "^2.0.1",
|
|
46
|
-
"simple-git": "3.
|
|
46
|
+
"simple-git": "3.33.0",
|
|
47
47
|
"upath": "^2.0.1"
|
|
48
48
|
},
|
|
49
49
|
"devDependencies": {
|