@soos-io/soos-sbom 1.0.1-pre.2 → 1.0.1-pre.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -1
- package/bin/constants.d.ts +3 -0
- package/bin/constants.js +3 -0
- package/bin/index.js +30 -4
- package/bin/utilities.d.ts +1 -0
- package/bin/utilities.js +5 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -38,4 +38,6 @@ Then run from the same terminal `node ./soos/node_modules/@soos-io/soos-sbom/bin
|
|
|
38
38
|
| `--operatingEnvironment`| | Set Operating environment for information purposes only. |
|
|
39
39
|
| `--otherOptions` | | Other Options to pass to syft. |
|
|
40
40
|
| `--projectName` | | Project Name - this is what will be displayed in the SOOS app. |
|
|
41
|
-
| `
|
|
41
|
+
| `--directoriesToExclude` | `**/node_modules/**, "**/bin/**", "**/obj/**", "**/lib/**` | Listing of directories or patterns to exclude from the search for SBOM files. eg: **bin/start/**, **/start/** |
|
|
42
|
+
| `--filesToExclude` | | Listing of files or patterns patterns to exclude from the search for SBOM files. eg: **/int**.cdx.json/, **/internal.cdx.json |
|
|
43
|
+
| `sbomPath` | | The SBOM file or folder to scan. When a folder is specified all SBOMs found in the folder and sub-folders will be scanned. |
|
package/bin/constants.d.ts
CHANGED
package/bin/constants.js
CHANGED
|
@@ -3,6 +3,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.SOOS_SBOM_CONSTANTS = void 0;
|
|
4
4
|
exports.SOOS_SBOM_CONSTANTS = {
|
|
5
5
|
FileRegex: /\.(cdx|spdx)\.json$/,
|
|
6
|
+
FileSyncPattern: "**/*.@(cdx.json|spdx.json)",
|
|
6
7
|
MaxSbomsPerScan: 50,
|
|
7
8
|
UploadBatchSize: 10,
|
|
9
|
+
DefaultDirectoriesToExclude: ["**/node_modules/**", "**/bin/**", "**/obj/**", "**/lib/**"],
|
|
10
|
+
SoosDirectoryToExclude: "**/soos/**",
|
|
8
11
|
};
|
package/bin/index.js
CHANGED
|
@@ -11,6 +11,8 @@ const AnalysisArgumentParser_1 = tslib_1.__importDefault(require("@soos-io/api-c
|
|
|
11
11
|
const package_json_1 = require("../package.json");
|
|
12
12
|
const AnalysisService_1 = tslib_1.__importDefault(require("@soos-io/api-client/dist/services/AnalysisService"));
|
|
13
13
|
const constants_1 = require("./constants");
|
|
14
|
+
const utilities_2 = require("./utilities");
|
|
15
|
+
const Glob = tslib_1.__importStar(require("glob"));
|
|
14
16
|
class SOOSSBOMAnalysis {
|
|
15
17
|
constructor(args) {
|
|
16
18
|
this.args = args;
|
|
@@ -18,8 +20,23 @@ class SOOSSBOMAnalysis {
|
|
|
18
20
|
static parseArgs() {
|
|
19
21
|
const analysisArgumentParser = AnalysisArgumentParser_1.default.create(api_client_1.IntegrationName.SoosSbom, api_client_1.IntegrationType.Script, api_client_1.ScanType.SBOM, package_json_1.version);
|
|
20
22
|
analysisArgumentParser.addBaseScanArguments();
|
|
23
|
+
analysisArgumentParser.argumentParser.add_argument("--directoriesToExclude", {
|
|
24
|
+
help: "Listing of directories or patterns to exclude from the search for SBOM files. eg: **bin/start/**, **/start/**",
|
|
25
|
+
type: (value) => {
|
|
26
|
+
return (0, utilities_2.removeDuplicates)(value.split(",").map((pattern) => pattern.trim()));
|
|
27
|
+
},
|
|
28
|
+
default: constants_1.SOOS_SBOM_CONSTANTS.DefaultDirectoriesToExclude,
|
|
29
|
+
required: false,
|
|
30
|
+
});
|
|
31
|
+
analysisArgumentParser.argumentParser.add_argument("--filesToExclude", {
|
|
32
|
+
help: "Listing of files or patterns patterns to exclude from the search for SBOM files. eg: **/int**.cdx.json/, **/internal.cdx.json",
|
|
33
|
+
type: (value) => {
|
|
34
|
+
return value.split(",").map((pattern) => pattern.trim());
|
|
35
|
+
},
|
|
36
|
+
required: false,
|
|
37
|
+
});
|
|
21
38
|
analysisArgumentParser.argumentParser.add_argument("sbomPath", {
|
|
22
|
-
help: "The SBOM
|
|
39
|
+
help: "The SBOM file or folder to scan. When a folder is specified all SBOMs found in the folder and sub-folders will be scanned.",
|
|
23
40
|
});
|
|
24
41
|
api_client_1.soosLogger.info("Parsing arguments");
|
|
25
42
|
return analysisArgumentParser.parseArguments();
|
|
@@ -128,12 +145,21 @@ class SOOSSBOMAnalysis {
|
|
|
128
145
|
async findSbomFilePaths() {
|
|
129
146
|
const sbomPathStat = await FileSystem.statSync(this.args.sbomPath);
|
|
130
147
|
if (sbomPathStat.isDirectory()) {
|
|
131
|
-
const
|
|
132
|
-
|
|
148
|
+
const searchPattern = this.args.sbomPath.endsWith("/") || this.args.sbomPath.endsWith("\\")
|
|
149
|
+
? `${this.args.sbomPath}${constants_1.SOOS_SBOM_CONSTANTS.FileSyncPattern}`
|
|
150
|
+
: `${this.args.sbomPath}/${constants_1.SOOS_SBOM_CONSTANTS.FileSyncPattern}`;
|
|
151
|
+
const sbomFiles = Glob.sync(searchPattern, {
|
|
152
|
+
ignore: [
|
|
153
|
+
...(this.args.filesToExclude || []),
|
|
154
|
+
...(this.args.directoriesToExclude || []),
|
|
155
|
+
constants_1.SOOS_SBOM_CONSTANTS.SoosDirectoryToExclude,
|
|
156
|
+
],
|
|
157
|
+
nocase: true,
|
|
158
|
+
});
|
|
133
159
|
if (!sbomFiles || sbomFiles.length == 0) {
|
|
134
160
|
throw new Error("No SBOM files found in the directory.");
|
|
135
161
|
}
|
|
136
|
-
return sbomFiles
|
|
162
|
+
return sbomFiles;
|
|
137
163
|
}
|
|
138
164
|
if (!constants_1.SOOS_SBOM_CONSTANTS.FileRegex.test(this.args.sbomPath)) {
|
|
139
165
|
throw new Error("The file does not match the required SBOM pattern.");
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare const removeDuplicates: <T>(list: Array<T>) => Array<T>;
|
package/bin/utilities.js
ADDED