@soos-io/soos-sbom 1.1.3 → 1.1.4-pre.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/bin/constants.d.ts +1 -1
  2. package/bin/constants.js +1 -1
  3. package/bin/index.js +48 -20
  4. package/package.json +2 -2
package/bin/constants.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  export declare const SOOS_SBOM_CONSTANTS: {
2
2
  FileRegex: RegExp;
3
- FileSyncPattern: string;
3
+ FilePattern: string;
4
4
  MaxSbomsPerScan: number;
5
5
  UploadBatchSize: number;
6
6
  DefaultDirectoriesToExclude: string[];
package/bin/constants.js CHANGED
@@ -3,7 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.SOOS_SBOM_CONSTANTS = void 0;
4
4
  exports.SOOS_SBOM_CONSTANTS = {
5
5
  FileRegex: /\.(cdx|spdx)\.json$/,
6
- FileSyncPattern: "**/*.@(cdx.json|spdx.json)",
6
+ FilePattern: "**/*.@(cdx.json|spdx.json)",
7
7
  MaxSbomsPerScan: 50,
8
8
  UploadBatchSize: 10,
9
9
  DefaultDirectoriesToExclude: ["**/node_modules/**", "**/bin/**", "**/obj/**", "**/lib/**"],
package/bin/index.js CHANGED
@@ -45,15 +45,6 @@ class SOOSSBOMAnalysis {
45
45
  let analysisId;
46
46
  let scanStatusUrl;
47
47
  let scanStatus;
48
- let sbomFilePaths = await this.findSbomFilePaths();
49
- const hasMoreThanMaximumManifests = sbomFilePaths.length > constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan;
50
- if (hasMoreThanMaximumManifests) {
51
- const filesToSkip = sbomFilePaths.slice(constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan);
52
- sbomFilePaths = sbomFilePaths.slice(0, constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan);
53
- const filesDetectedString = utilities_1.StringUtilities.pluralizeTemplate(sbomFilePaths.length, "file was", "files were");
54
- const filesSkippedString = utilities_1.StringUtilities.pluralizeTemplate(filesToSkip.length, "file");
55
- api_client_1.soosLogger.info(`The maximum number of SBOMs per scan is ${constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan}. ${filesDetectedString} detected, and ${filesSkippedString} will be not be uploaded. \n`, `The following SBOMs will not be included in the scan: \n`, filesToSkip.map((file) => ` "${Path.parse(file).base}": "${file}"`).join("\n"));
56
- }
57
48
  try {
58
49
  const result = await soosAnalysisService.setupScan({
59
50
  clientId: this.args.clientId,
@@ -87,6 +78,41 @@ class SOOSSBOMAnalysis {
87
78
  branchHash = result.branchHash;
88
79
  analysisId = result.analysisId;
89
80
  scanStatusUrl = result.scanStatusUrl;
81
+ const { sbomFilePaths, hasMoreThanMaximumManifests } = await this.findSbomFilePaths();
82
+ if (sbomFilePaths.length === 0) {
83
+ const noFilesMessage = `No SBOM files found. They need to match the pattern ${constants_1.SOOS_SBOM_CONSTANTS.FilePattern}. See https://kb.soos.io/getting-started-with-soos-sbom-manager for more information.`;
84
+ await soosAnalysisService.updateScanStatus({
85
+ analysisId,
86
+ clientId: this.args.clientId,
87
+ projectHash,
88
+ branchHash,
89
+ scanType,
90
+ status: api_client_1.ScanStatus.NoFiles,
91
+ message: noFilesMessage,
92
+ scanStatusUrl,
93
+ });
94
+ api_client_1.soosLogger.error(noFilesMessage);
95
+ api_client_1.soosLogger.always(`${noFilesMessage} - exit 1`);
96
+ (0, process_1.exit)(1);
97
+ }
98
+ if (sbomFilePaths.length === 1 &&
99
+ sbomFilePaths[0] === this.args.sbomPath &&
100
+ !constants_1.SOOS_SBOM_CONSTANTS.FileRegex.test(sbomFilePaths[0])) {
101
+ const noFilesMessage = `The file does not match the required SBOM pattern ${constants_1.SOOS_SBOM_CONSTANTS.FilePattern}. See https://kb.soos.io/getting-started-with-soos-sbom-manager for more information.`;
102
+ await soosAnalysisService.updateScanStatus({
103
+ analysisId,
104
+ clientId: this.args.clientId,
105
+ projectHash,
106
+ branchHash,
107
+ scanType,
108
+ status: api_client_1.ScanStatus.NoFiles,
109
+ message: noFilesMessage,
110
+ scanStatusUrl,
111
+ });
112
+ api_client_1.soosLogger.error(noFilesMessage);
113
+ api_client_1.soosLogger.always(`${noFilesMessage} - exit 1`);
114
+ (0, process_1.exit)(1);
115
+ }
90
116
  api_client_1.soosLogger.logLineSeparator();
91
117
  api_client_1.soosLogger.info("Uploading SBOM File(s)...");
92
118
  for (let i = 0; i < sbomFilePaths.length; i += constants_1.SOOS_SBOM_CONSTANTS.UploadBatchSize) {
@@ -100,7 +126,7 @@ class SOOSSBOMAnalysis {
100
126
  manifestFiles: formData,
101
127
  hasMoreThanMaximumManifests,
102
128
  });
103
- api_client_1.soosLogger.info(` SBOM Files: \n`, ` ${manifestUploadResponse.message} \n`, manifestUploadResponse.manifests
129
+ api_client_1.soosLogger.info(` SBOM File(s): \n`, ` ${manifestUploadResponse.message} \n`, manifestUploadResponse.manifests
104
130
  ?.map((m) => ` ${m.name}: ${m.statusMessage}`)
105
131
  .join("\n"));
106
132
  }
@@ -160,9 +186,9 @@ class SOOSSBOMAnalysis {
160
186
  const sbomPathStat = await FileSystem.statSync(this.args.sbomPath);
161
187
  if (sbomPathStat.isDirectory()) {
162
188
  const searchPattern = this.args.sbomPath.endsWith("/") || this.args.sbomPath.endsWith("\\")
163
- ? `${this.args.sbomPath}${constants_1.SOOS_SBOM_CONSTANTS.FileSyncPattern}`
164
- : `${this.args.sbomPath}/${constants_1.SOOS_SBOM_CONSTANTS.FileSyncPattern}`;
165
- const sbomFiles = Glob.sync(searchPattern, {
189
+ ? `${this.args.sbomPath}${constants_1.SOOS_SBOM_CONSTANTS.FilePattern}`
190
+ : `${this.args.sbomPath}/${constants_1.SOOS_SBOM_CONSTANTS.FilePattern}`;
191
+ let sbomFilePaths = Glob.sync(searchPattern, {
166
192
  ignore: [
167
193
  ...(this.args.filesToExclude || []),
168
194
  ...(this.args.directoriesToExclude || []),
@@ -170,15 +196,17 @@ class SOOSSBOMAnalysis {
170
196
  ],
171
197
  nocase: true,
172
198
  });
173
- if (!sbomFiles || sbomFiles.length == 0) {
174
- throw new Error("No SBOM files found in the directory.");
199
+ const hasMoreThanMaximumManifests = sbomFilePaths.length > constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan;
200
+ if (hasMoreThanMaximumManifests) {
201
+ const filesToSkip = sbomFilePaths.slice(constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan);
202
+ sbomFilePaths = sbomFilePaths.slice(0, constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan);
203
+ const filesDetectedString = utilities_1.StringUtilities.pluralizeTemplate(sbomFilePaths.length, "file was", "files were");
204
+ const filesSkippedString = utilities_1.StringUtilities.pluralizeTemplate(filesToSkip.length, "file");
205
+ api_client_1.soosLogger.info(`The maximum number of SBOMs per scan is ${constants_1.SOOS_SBOM_CONSTANTS.MaxSbomsPerScan}. ${filesDetectedString} detected, and ${filesSkippedString} will be not be uploaded. \n`, `The following SBOMs will not be included in the scan: \n`, filesToSkip.map((file) => ` "${Path.parse(file).base}": "${file}"`).join("\n"));
175
206
  }
176
- return sbomFiles;
177
- }
178
- if (!constants_1.SOOS_SBOM_CONSTANTS.FileRegex.test(this.args.sbomPath)) {
179
- throw new Error("The file does not match the required SBOM pattern.");
207
+ return { sbomFilePaths, hasMoreThanMaximumManifests };
180
208
  }
181
- return [this.args.sbomPath];
209
+ return { sbomFilePaths: [this.args.sbomPath], hasMoreThanMaximumManifests: false };
182
210
  }
183
211
  static async createAndRun() {
184
212
  try {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@soos-io/soos-sbom",
3
- "version": "1.1.3",
3
+ "version": "1.1.4-pre.2",
4
4
  "description": "Upload your Software Bill of Materials (SBOM) to SOOS for vulnerability analysis, license matching and more. Register for a free trial today at https://app.soos.io/register",
5
5
  "main": "bin/index.js",
6
6
  "scripts": {
@@ -42,7 +42,7 @@
42
42
  },
43
43
  "homepage": "https://github.com/soos-io/soos-sbom#readme",
44
44
  "dependencies": {
45
- "@soos-io/api-client": "1.3.12",
45
+ "@soos-io/api-client": "1.4.1",
46
46
  "glob": "^11.0.1",
47
47
  "tslib": "^2.6.3"
48
48
  },