@soos-io/soos-sbom 1.0.1-pre.1 → 1.0.1-pre.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/constants.d.ts +2 -0
- package/bin/constants.js +2 -0
- package/bin/index.js +31 -18
- package/package.json +5 -5
package/bin/constants.d.ts
CHANGED
package/bin/constants.js
CHANGED
package/bin/index.js
CHANGED
|
@@ -31,7 +31,15 @@ class SOOSSBOMAnalysis {
|
|
|
31
31
|
let branchHash;
|
|
32
32
|
let analysisId;
|
|
33
33
|
let scanStatusUrl;
|
|
34
|
-
|
|
34
|
+
let sbomFilePaths = await this.findSbomFilePaths();
|
|
35
|
+
const hasMoreThanMaximumManifests = sbomFilePaths.length > constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan;
|
|
36
|
+
if (hasMoreThanMaximumManifests) {
|
|
37
|
+
const filesToSkip = sbomFilePaths.slice(constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan);
|
|
38
|
+
sbomFilePaths = sbomFilePaths.slice(0, constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan);
|
|
39
|
+
const filesDetectedString = utilities_1.StringUtilities.pluralizeTemplate(sbomFilePaths.length, "file was", "files were");
|
|
40
|
+
const filesSkippedString = utilities_1.StringUtilities.pluralizeTemplate(filesToSkip.length, "file");
|
|
41
|
+
api_client_1.soosLogger.info(`The maximum number of SBOMs per scan is ${constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan}. ${filesDetectedString} detected, and ${filesSkippedString} will be not be uploaded. \n`, `The following SBOMs will not be included in the scan: \n`, filesToSkip.map((file) => ` "${Path.parse(file).base}": "${file}"`).join("\n"));
|
|
42
|
+
}
|
|
35
43
|
try {
|
|
36
44
|
const result = await soosAnalysisService.setupScan({
|
|
37
45
|
clientId: this.args.clientId,
|
|
@@ -66,17 +74,22 @@ class SOOSSBOMAnalysis {
|
|
|
66
74
|
analysisId = result.analysisId;
|
|
67
75
|
scanStatusUrl = result.scanStatusUrl;
|
|
68
76
|
api_client_1.soosLogger.logLineSeparator();
|
|
69
|
-
api_client_1.soosLogger.info("Uploading SBOM File...");
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
77
|
+
api_client_1.soosLogger.info("Uploading SBOM File(s)...");
|
|
78
|
+
for (let i = 0; i < sbomFilePaths.length; i += constants_1.SOOS_SBOM_CONSTANTS.UploadBatchSize) {
|
|
79
|
+
const sbomFilePathsBatch = sbomFilePaths.slice(i, i + constants_1.SOOS_SBOM_CONSTANTS.UploadBatchSize);
|
|
80
|
+
const formData = await soosAnalysisService.getAnalysisFilesAsFormData(sbomFilePathsBatch, this.args.sbomPath);
|
|
81
|
+
const manifestUploadResponse = await soosAnalysisService.analysisApiClient.uploadManifestFiles({
|
|
82
|
+
clientId: this.args.clientId,
|
|
83
|
+
projectHash,
|
|
84
|
+
branchHash,
|
|
85
|
+
analysisId,
|
|
86
|
+
manifestFiles: formData,
|
|
87
|
+
hasMoreThanMaximumManifests,
|
|
88
|
+
});
|
|
89
|
+
api_client_1.soosLogger.info(` SBOM Files: \n`, ` ${manifestUploadResponse.message} \n`, manifestUploadResponse.manifests
|
|
90
|
+
?.map((m) => ` ${m.name}: ${m.statusMessage}`)
|
|
91
|
+
.join("\n"));
|
|
92
|
+
}
|
|
80
93
|
api_client_1.soosLogger.logLineSeparator();
|
|
81
94
|
await soosAnalysisService.startScan({
|
|
82
95
|
clientId: this.args.clientId,
|
|
@@ -112,20 +125,20 @@ class SOOSSBOMAnalysis {
|
|
|
112
125
|
(0, process_1.exit)(1);
|
|
113
126
|
}
|
|
114
127
|
}
|
|
115
|
-
async
|
|
128
|
+
async findSbomFilePaths() {
|
|
116
129
|
const sbomPathStat = await FileSystem.statSync(this.args.sbomPath);
|
|
117
130
|
if (sbomPathStat.isDirectory()) {
|
|
118
131
|
const files = await FileSystem.promises.readdir(this.args.sbomPath);
|
|
119
|
-
const
|
|
120
|
-
if (!
|
|
121
|
-
throw new Error("No SBOM
|
|
132
|
+
const sbomFiles = files.filter((file) => constants_1.SOOS_SBOM_CONSTANTS.FileRegex.test(file));
|
|
133
|
+
if (!sbomFiles || sbomFiles.length == 0) {
|
|
134
|
+
throw new Error("No SBOM files found in the directory.");
|
|
122
135
|
}
|
|
123
|
-
return Path.join(this.args.sbomPath, sbomFile);
|
|
136
|
+
return sbomFiles.map((sbomFile) => Path.join(this.args.sbomPath, sbomFile));
|
|
124
137
|
}
|
|
125
138
|
if (!constants_1.SOOS_SBOM_CONSTANTS.FileRegex.test(this.args.sbomPath)) {
|
|
126
139
|
throw new Error("The file does not match the required SBOM pattern.");
|
|
127
140
|
}
|
|
128
|
-
return this.args.sbomPath;
|
|
141
|
+
return [this.args.sbomPath];
|
|
129
142
|
}
|
|
130
143
|
static async createAndRun() {
|
|
131
144
|
api_client_1.soosLogger.info("Starting SOOS SBOM Analysis");
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@soos-io/soos-sbom",
|
|
3
|
-
"version": "1.0.1-pre.
|
|
3
|
+
"version": "1.0.1-pre.2",
|
|
4
4
|
"description": "SOOS wrapper script to upload SBOMs.",
|
|
5
5
|
"main": "bin/index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -39,16 +39,16 @@
|
|
|
39
39
|
},
|
|
40
40
|
"homepage": "https://github.com/soos-io/soos-sbom#readme",
|
|
41
41
|
"dependencies": {
|
|
42
|
-
"@soos-io/api-client": "1.0.
|
|
42
|
+
"@soos-io/api-client": "1.0.5",
|
|
43
43
|
"argparse": "^2.0.1",
|
|
44
44
|
"glob": "^11.0.0",
|
|
45
45
|
"tslib": "^2.6.3"
|
|
46
46
|
},
|
|
47
47
|
"devDependencies": {
|
|
48
|
-
"@types/argparse": "^2.0.
|
|
49
|
-
"@types/node": "^20.16.
|
|
48
|
+
"@types/argparse": "^2.0.16",
|
|
49
|
+
"@types/node": "^20.16.5",
|
|
50
50
|
"prettier": "^3.3.3",
|
|
51
|
-
"typescript": "^5.
|
|
51
|
+
"typescript": "^5.6.2"
|
|
52
52
|
},
|
|
53
53
|
"bin": {
|
|
54
54
|
"soos-sbom": "bin/index.js"
|