scanoss 0.2.18 → 0.2.21

package/src/lib/dependencies/Dependency.ts

@@ -1,60 +0,0 @@
-import os from "os";
-import fs from "fs";
-
-import { IDependencyResponse, IFile, IDependency } from "./DependencyTypes";
-import { FileListDependency } from "./parsers/types";
-import { generateDependenciesPurls } from "./PurlGenerator";
-import { PackageURL } from "packageurl-js";
-
-export class Dependency {
-
-  private workDirectory: string;
-
-  private resultFilePath: string;
-
-  constructor () {
-    this.setWorkDirectory(`${os.tmpdir()}/depscanner-${new Date().getTime()}`);
-  }
-
-  public async scan (fileList: Array<string>): Promise<IDependencyResponse> {
-    const toGrpc = await generateDependenciesPurls(fileList);
-    // Here we should call to the grpc server
-    return this.adapterToDependencyResponse(toGrpc);
-  }
-
-  public setWorkDirectory(workDirectory: string) {
-    this.workDirectory = workDirectory;
-    this.resultFilePath = `${this.workDirectory}/dependencies.json`;
-
-    if (!fs.existsSync(this.workDirectory)) fs.mkdirSync(this.workDirectory);
-  }
-
-  private adapterToDependencyResponse (dependencies: FileListDependency): IDependencyResponse {
-    const results = <IDependencyResponse>{files: []};
-
-    for (const dependency of dependencies.files){
-      let depArr: Array<IDependency> = [];
-      for (const purl of dependency.purls) {
-        const pkg = PackageURL.fromString(purl.purl);
-
-        depArr.push({
-          component: null,
-          purl: purl.purl,
-          version: pkg.version,
-          licenses: [{name: null}]
-        });
-      }
-
-      let fileArr = <IFile>{};
-      fileArr = ({
-        file: dependency.file,
-        id: "dependency",
-        status: "pending",
-        dependencies: depArr
-      });
-
-      results.files.push(fileArr);
-    }
-    return results
-  }
-}

package/src/lib/dependencies/PurlGenerator.ts

@@ -1,44 +0,0 @@
-import fs from 'fs';
-import path from 'path';
-import { FileListDependency, ParserDefinitions } from './parsers/types';
-
-
-import { pomParser } from './parsers/mavenParser';
-import { packagelockParser, packageParser } from './parsers/npmParser';
-import { requirementsParser } from './parsers/pyParser';
-import { gemfilelockParser, gemfileParser } from './parsers/rubyParser';
-
-
-
-/*
- This is a hash map that connect a filename with it's own parser function
- Any parser function must return a FileDependency object (See type.ts file in src/parser
-*/
-const Parser: ParserDefinitions = {
-    'requirements.txt': requirementsParser,
-    'pom.xml': pomParser,
-    'package.json': packageParser,
-    'package-lock.json': packagelockParser,
-    'Gemfile': gemfileParser,
-    'Gemfile.lock': gemfilelockParser
-};
-
-
-export async function generateDependenciesPurls(files: Array<string>): Promise<FileListDependency> {
-    let results: FileListDependency = {files: []};
-    for (const filePath of files) {
-        const fileName = path.basename(filePath);
-        if(Parser[fileName] != null) {
-          try {
-            const fileContent = await fs.promises.readFile(filePath, 'utf8');
-            const dependency = Parser[fileName](fileContent, filePath);
-            if(dependency.purls.length != 0)
-                results.files.push(dependency);
-          } catch (error) {
-            console.error(`Error parsing file: ${filePath}\n`,error);
-          }
-        }
-    }
-    return results;
-}
-

package/src/lib/dependencies/parsers/golangParser.ts

@@ -1,4 +0,0 @@
-
-
-// Reference https://go.dev/ref/mod#go-mod-file
-// 

package/src/lib/dependencies/parsers/pyParser.ts

@@ -1,46 +0,0 @@
-import path from "path";
-import { PackageURL } from "packageurl-js";
-import { FileDependency } from "./types";
-import { isValidPath, isValidUrl } from './utils';
-
-const PURL_TYPE = 'pypi';
-
-// Parse a requirements.txt file from python projects
-// See reference on: https://pip.pypa.io/en/stable/reference/requirements-file-format/
-const MANIFEST_FILE = 'requirements.txt';
-export function requirementsParser(fileContent: string, filePath: string): FileDependency {
-    
-    // If the file is not a python manifest file, return an empty results
-    const results: FileDependency = {file: filePath, purls: []};
-    if(path.basename(filePath) != MANIFEST_FILE)
-        return results;
-
-
-    const lines: Array<string> = fileContent.split('\n');
-    let compName: string = '';
-    let compVer: string = '';
-
-    for (let line of lines) {
-        line = line.trim();
-        if (!line.startsWith('#') && line.length>0) { // Avoid comments and new lines
-            if(isValidUrl(line)) {
-                // For reference about the regex see https://www.rfc-editor.org/rfc/rfc3986#appendix-B
-                const res = line.match(/^(([^:\/?#]+):)?(\/\/([^\/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?/);
-                continue;
-            } 
-            else if(isValidPath(line)) {continue;}   
-            else if(line.startsWith('-r')) {continue;} // recursive dependencies (NOT SUPPORTED YET)
-            else {
-                // Line contains a package name and/or version.
-                const res = line.match(/^([-\w]+)\s*(?:[>=~!]*)\s*([\d\.]*)/);    //Extract name and version
-                if (res) {
-                    compName = res.length > 1 ? res[1] : ' ';
-                    compVer = undefined;
-                }              
-            }
-            const purlString = new PackageURL(PURL_TYPE, undefined, compName, compVer, undefined, undefined).toString();
-            results.purls.push({purl: purlString});
-        }
-    }
-    return results;
-}

package/src/lib/dependencies/parsers/types.ts

@@ -1,50 +0,0 @@
-export interface Purl {
-    purl: string;
-}
-
-export interface FileDependency {
-  file: string;
-  purls: Array<Purl>;
-}
-
-export interface FileListDependency {
-  files: Array<FileDependency>;
-}
-
-type ParserFuncType = (fileContent: string, filePath: string) => FileDependency;
-
-export interface ParserDefinitions {
-    [key: string]: ParserFuncType;
-}
-  
-
-/*
-    EXAMPLE
-{
-  "files": [
-    {
-      "file": "./test/data/requirements.txt",
-      "purls": [
-        {
-          "purl": "pkg:pypi/requests"
-        },
-        {
-          "purl": "pkg:pypi/crc32c@2.2"
-        },
-        {
-          "purl": "pkg:pypi/binaryornot"
-        },
-        {
-          "purl": "pkg:pypi/progress"
-        },
-        {
-          "purl": "pkg:pypi/grpcio"
-        },
-        {
-          "purl": "pkg:pypi/protobuf"
-        }
-      ]
-    }
-  ]
-}
-*/