scanoss 0.40.1 → 0.40.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/build/main/cli/commands/wfp.js +7 -3
- package/build/main/cli/commands/wfp.spec.d.ts +1 -0
- package/build/main/cli/commands/wfp.spec.js +56 -0
- package/build/main/tsconfig.tsbuildinfo +1 -1
- package/build/module/cli/commands/wfp.js +7 -3
- package/build/module/cli/commands/wfp.spec.d.ts +1 -0
- package/build/module/cli/commands/wfp.spec.js +51 -0
- package/build/module/tsconfig.module.tsbuildinfo +1 -1
- package/package.json +1 -1
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import fs from 'fs';
|
|
2
|
+
import path from 'path';
|
|
2
3
|
import cliProgress from 'cli-progress';
|
|
3
4
|
import { isFolder } from './helpers';
|
|
4
5
|
import { ScannerEvents, WinnowingMode } from '../../sdk/scanner/ScannerTypes';
|
|
@@ -11,13 +12,16 @@ export async function wfpHandler(rootPath, options) {
|
|
|
11
12
|
const pathIsFolder = await isFolder(rootPath);
|
|
12
13
|
const wfpCalculator = new WfpCalculator();
|
|
13
14
|
let filesToFingerprint = [];
|
|
15
|
+
let folderRoot = rootPath;
|
|
14
16
|
if (pathIsFolder) {
|
|
15
17
|
const tree = new Tree(rootPath);
|
|
16
18
|
tree.build();
|
|
17
19
|
filesToFingerprint = tree.getFileList(new ScanFilter(""));
|
|
18
20
|
}
|
|
19
21
|
else {
|
|
20
|
-
|
|
22
|
+
const absoluteFilePath = path.resolve(rootPath);
|
|
23
|
+
filesToFingerprint.push(absoluteFilePath);
|
|
24
|
+
folderRoot = path.dirname(absoluteFilePath);
|
|
21
25
|
}
|
|
22
26
|
const optBar1 = { format: 'Fingerprinting Progress: [{bar}] {percentage}% | Fingerprinted {value} files of {total}' };
|
|
23
27
|
const bar1 = new cliProgress.SingleBar(optBar1, cliProgress.Presets.shades_classic);
|
|
@@ -40,9 +44,9 @@ export async function wfpHandler(rootPath, options) {
|
|
|
40
44
|
console.log(fingerprints);
|
|
41
45
|
}
|
|
42
46
|
});
|
|
43
|
-
const wfpInput = { fileList: filesToFingerprint, folderRoot
|
|
47
|
+
const wfpInput = { fileList: filesToFingerprint, folderRoot, obfuscate: options.obfuscate };
|
|
44
48
|
if (options.hpsm)
|
|
45
49
|
wfpInput.winnowingMode = WinnowingMode.FULL_WINNOWING_HPSM;
|
|
46
50
|
await wfpCalculator.start(wfpInput);
|
|
47
51
|
}
|
|
48
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
52
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2ZwLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2NsaS9jb21tYW5kcy93ZnAudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLE1BQU0sSUFBSSxDQUFDO0FBQ3BCLE9BQU8sSUFBSSxNQUFNLE1BQU0sQ0FBQztBQUV4QixPQUFPLFdBQVcsTUFBTSxjQUFjLENBQUM7QUFFdkMsT0FBTyxFQUFFLFFBQVEsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUNyQyxPQUFPLEVBQUUsYUFBYSxFQUFFLGFBQWEsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBRTlFLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSwyREFBMkQsQ0FBQztBQUUxRixPQUFPLEVBQUUsSUFBSSxFQUFFLE1BQU0scUJBQXFCLENBQUM7QUFDM0MsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLG1DQUFtQyxDQUFDO0FBRy9ELE1BQU0sQ0FBQyxLQUFLLFVBQVUsVUFBVSxDQUFDLFFBQWdCLEVBQUUsT0FBWTtJQUU3RCxRQUFRLEdBQUcsUUFBUSxDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBRSxrQ0FBa0M7SUFDM0UsUUFBUSxHQUFHLFFBQVEsQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBRSwwQ0FBMEM7SUFDaEcsTUFBTSxZQUFZLEdBQUcsTUFBTSxRQUFRLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDOUMsTUFBTSxhQUFhLEdBQUcsSUFBSSxhQUFhLEVBQUUsQ0FBQztJQUUxQyxJQUFJLGtCQUFrQixHQUFhLEVBQUUsQ0FBQztJQUN0QyxJQUFJLFVBQVUsR0FBRyxRQUFRLENBQUM7SUFDMUIsSUFBSSxZQUFZLEVBQUUsQ0FBQztRQUNqQixNQUFNLElBQUksR0FBRyxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUNoQyxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDYixrQkFBa0IsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksVUFBVSxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUM7SUFDNUQsQ0FBQztTQUFNLENBQUM7UUFDTixNQUFNLGdCQUFnQixHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDaEQsa0JBQWtCLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLENBQUM7UUFDMUMsVUFBVSxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUM5QyxDQUFDO0lBR0QsTUFBTSxPQUFPLEdBQUcsRUFBRSxNQUFNLEVBQUUseUZBQXlGLEVBQUUsQ0FBQztJQUN0SCxNQUFNLElBQUksR0FBRyxJQUFJLFdBQVcsQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFLFdBQVcsQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDLENBQUM7SUFDcEYsSUFBSSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDLENBQUM7SUFFekMsSUFBSSxZQUFZLEdBQUcsRUFBRSxDQUFDO0lBQ3RCLGFBQWEsQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLHFCQUFxQixFQUFFLENBQUMsa0JBQXNDLEVBQUUsRUFBRTtRQUMvRixJQUFJLENBQUMsU0FBUyxDQUFDLGtCQUFrQixDQUFDLDJCQUEyQixFQUFFLENBQUMsQ0FBQztRQUNqRSxZQUFZLEdBQUcsWUFBWSxDQUFDLE1BQU0sQ0FBRSxrQkFBa0IsQ0FBQyxVQUFVLEVBQUUsQ0FBRSxDQUFDO0lBQ3hFLENBQUMsQ0FBQyxDQUFDO0lBRUgsSUFBSSxPQUFPLENBQUMsT0FBTztRQUNqQixhQUFhLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxHQUFXLEVBQUUsRUFBRTtZQUMzRCxPQUFPLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3JCLENBQUMsQ0FBQyxDQUFDO0lBRUwsYUFBYSxDQUFDLEVBQUUsQ0FBQyxhQUFhLENBQUMsa0JBQWtCLEVBQUUsR0FBRyxFQUFFO1FBQ3RELElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUNaLElBQUcsT0FBTyxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ2xCLEVBQUUsQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRSxZQUFZLENBQUMsQ0FBQztRQUNqRCxDQUFDO2FBQU0sQ0FBQztZQUNOLE9BQU8sQ0FBQyxHQUFHLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDNUIsQ0FBQztJQUNILENBQUMsQ0FBQyxDQUFDO0lBRUgsTUFBTSxRQUFRLEdBQXNCLEVBQUMsUUFBUSxFQUFFLGtCQUFrQixFQUFFLFVBQVUsRUFBRSxTQUFTLEVBQUUsT0FBTyxDQUFDLFNBQVMsRUFBRSxDQUFBO0lBQzdHLElBQUcsT0FBTyxDQUFDLElBQUk7UUFBRSxRQUFRLENBQUMsYUFBYSxHQUFHLGFBQWEsQ0FBQyxtQkFBbUIsQ0FBQztJQUM1RSxNQUFNLGFBQWEsQ0FBQyxLQUFLLENBQUMsUUFBUSxDQUFDLENBQUM7QUFHdEMsQ0FBQyJ9
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
import { expect } from 'chai';
|
|
2
|
+
import fs from 'fs';
|
|
3
|
+
import os from 'os';
|
|
4
|
+
import path from 'path';
|
|
5
|
+
import { wfpHandler } from './wfp';
|
|
6
|
+
describe('Suit test for wfp command', () => {
|
|
7
|
+
let tmpDir;
|
|
8
|
+
let cwd;
|
|
9
|
+
let pwd;
|
|
10
|
+
beforeEach(() => {
|
|
11
|
+
tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'scanoss-wfp-'));
|
|
12
|
+
cwd = process.cwd();
|
|
13
|
+
pwd = process.env.PWD;
|
|
14
|
+
});
|
|
15
|
+
afterEach(() => {
|
|
16
|
+
process.chdir(cwd);
|
|
17
|
+
process.env.PWD = pwd;
|
|
18
|
+
fs.rmSync(tmpDir, { recursive: true, force: true });
|
|
19
|
+
});
|
|
20
|
+
// SP-4442: fingerprinting a single file must emit a non-empty path in the
|
|
21
|
+
// file= line. Previously folderRoot was set to the file path itself, so the
|
|
22
|
+
// relative-path strip produced an empty path, which the scan server rejects
|
|
23
|
+
// ("no files found in .wfp content") and the C engine crashes on.
|
|
24
|
+
it('Emits a non-empty file path when fingerprinting a single file', async () => {
|
|
25
|
+
const sampleFile = path.join(tmpDir, 'sample.js');
|
|
26
|
+
fs.writeFileSync(sampleFile, 'function hello() { return "world"; }\n');
|
|
27
|
+
const outputFile = path.join(tmpDir, 'out.wfp');
|
|
28
|
+
await wfpHandler(sampleFile, { output: outputFile });
|
|
29
|
+
const wfp = fs.readFileSync(outputFile, 'utf-8');
|
|
30
|
+
const fileLine = wfp.split('\n').find((l) => l.startsWith('file='));
|
|
31
|
+
expect(fileLine, 'expected a file= line in the wfp output').to.not.be.undefined;
|
|
32
|
+
// file=<md5>,<size>,<path>
|
|
33
|
+
const filePath = fileLine.split(',')[2];
|
|
34
|
+
expect(filePath, 'file= path should not be empty for a single file').to.equal('/sample.js');
|
|
35
|
+
});
|
|
36
|
+
// SP-4442: the customer ran `cd <dir> && scanoss-js wfp <name>`. A bare
|
|
37
|
+
// relative filename must still resolve to a correct path, not get mangled by
|
|
38
|
+
// the relative-path strip (folderRoot must be a real prefix, not ".").
|
|
39
|
+
it('Emits a correct file path for a bare relative filename', async () => {
|
|
40
|
+
fs.writeFileSync(path.join(tmpDir, 'jquery-1.8.1-min.js'), 'function hello() { return "world"; }\n');
|
|
41
|
+
process.chdir(tmpDir);
|
|
42
|
+
process.env.PWD = tmpDir;
|
|
43
|
+
const outputFile = path.join(tmpDir, 'out.wfp');
|
|
44
|
+
await wfpHandler('jquery-1.8.1-min.js', { output: outputFile });
|
|
45
|
+
const wfp = fs.readFileSync(outputFile, 'utf-8');
|
|
46
|
+
const fileLine = wfp.split('\n').find((l) => l.startsWith('file='));
|
|
47
|
+
const filePath = fileLine.split(',')[2];
|
|
48
|
+
expect(filePath, 'bare relative filename should not be corrupted').to.equal('/jquery-1.8.1-min.js');
|
|
49
|
+
});
|
|
50
|
+
});
|
|
51
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2ZwLnNwZWMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvY2xpL2NvbW1hbmRzL3dmcC5zcGVjLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxNQUFNLENBQUM7QUFDOUIsT0FBTyxFQUFFLE1BQU0sSUFBSSxDQUFDO0FBQ3BCLE9BQU8sRUFBRSxNQUFNLElBQUksQ0FBQztBQUNwQixPQUFPLElBQUksTUFBTSxNQUFNLENBQUM7QUFDeEIsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLE9BQU8sQ0FBQztBQUVuQyxRQUFRLENBQUMsMkJBQTJCLEVBQUUsR0FBRyxFQUFFO0lBRXpDLElBQUksTUFBYyxDQUFDO0lBQ25CLElBQUksR0FBVyxDQUFDO0lBQ2hCLElBQUksR0FBdUIsQ0FBQztJQUU1QixVQUFVLENBQUMsR0FBRyxFQUFFO1FBQ2QsTUFBTSxHQUFHLEVBQUUsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsTUFBTSxFQUFFLEVBQUUsY0FBYyxDQUFDLENBQUMsQ0FBQztRQUNoRSxHQUFHLEdBQUcsT0FBTyxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBQ3BCLEdBQUcsR0FBRyxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQztJQUN4QixDQUFDLENBQUMsQ0FBQztJQUVILFNBQVMsQ0FBQyxHQUFHLEVBQUU7UUFDYixPQUFPLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ25CLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxHQUFHLEdBQUcsQ0FBQztRQUN0QixFQUFFLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxFQUFFLFNBQVMsRUFBRSxJQUFJLEVBQUUsS0FBSyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7SUFDdEQsQ0FBQyxDQUFDLENBQUM7SUFFSCwwRUFBMEU7SUFDMUUsNEVBQTRFO0lBQzVFLDRFQUE0RTtJQUM1RSxrRUFBa0U7SUFDbEUsRUFBRSxDQUFDLCtEQUErRCxFQUFFLEtBQUssSUFBSSxFQUFFO1FBQzdFLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLFdBQVcsQ0FBQyxDQUFDO1FBQ2xELEVBQUUsQ0FBQyxhQUFhLENBQUMsVUFBVSxFQUFFLHdDQUF3QyxDQUFDLENBQUM7UUFDdkUsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsU0FBUyxDQUFDLENBQUM7UUFFaEQsTUFBTSxVQUFVLENBQUMsVUFBVSxFQUFFLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxDQUFDLENBQUM7UUFFckQsTUFBTSxHQUFHLEdBQUcsRUFBRSxDQUFDLFlBQVksQ0FBQyxVQUFVLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDakQsTUFBTSxRQUFRLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztRQUNwRSxNQUFNLENBQUMsUUFBUSxFQUFFLHlDQUF5QyxDQUFDLENBQUMsRUFBRSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsU0FBUyxDQUFDO1FBRWhGLDJCQUEyQjtRQUMzQixNQUFNLFFBQVEsR0FBRyxRQUFRLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ3hDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsa0RBQWtELENBQUMsQ0FBQyxFQUFFLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBQzlGLENBQUMsQ0FBQyxDQUFDO0lBRUgsd0VBQXdFO0lBQ3hFLDZFQUE2RTtJQUM3RSx1RUFBdUU7SUFDdkUsRUFBRSxDQUFDLHdEQUF3RCxFQUFFLEtBQUssSUFBSSxFQUFFO1FBQ3RFLEVBQUUsQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUscUJBQXFCLENBQUMsRUFBRSx3Q0FBd0MsQ0FBQyxDQUFDO1FBQ3JHLE9BQU8sQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDdEIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEdBQUcsTUFBTSxDQUFDO1FBQ3pCLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLFNBQVMsQ0FBQyxDQUFDO1FBRWhELE1BQU0sVUFBVSxDQUFDLHFCQUFxQixFQUFFLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxDQUFDLENBQUM7UUFFaEUsTUFBTSxHQUFHLEdBQUcsRUFBRSxDQUFDLFlBQVksQ0FBQyxVQUFVLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDakQsTUFBTSxRQUFRLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztRQUNwRSxNQUFNLFFBQVEsR0FBRyxRQUFRLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ3hDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsZ0RBQWdELENBQUMsQ0FBQyxFQUFFLENBQUMsS0FBSyxDQUFDLHNCQUFzQixDQUFDLENBQUM7SUFDdEcsQ0FBQyxDQUFDLENBQUM7QUFFTCxDQUFDLENBQUMsQ0FBQyJ9
|