From 246e995e03f86418efd3efec48bcbb907ca50ef5 Mon Sep 17 00:00:00 2001 From: prabhu Date: Sat, 4 May 2024 11:57:25 +0100 Subject: [PATCH] Use node 22 via nvm in docker. Enable NODE_COMPILE_CACHE (#1036) * Use node 22 via nvm in docker. Enable NODE_COMPILE_CACHE Signed-off-by: Prabhu Subramanian * Update packages Signed-off-by: Prabhu Subramanian * Fixes #1037 Signed-off-by: Prabhu Subramanian * Of course on GitHub every workflow would fail with out of disk space Signed-off-by: Prabhu Subramanian * Tweaks Signed-off-by: Prabhu Subramanian * Update docker compose. Regenerate types Signed-off-by: Prabhu Subramanian --------- Signed-off-by: Prabhu Subramanian --- .github/workflows/dockertests.yml | 9 +++ .gitignore | 1 + binary.js | 36 ++++++++- ci/Dockerfile | 21 +++-- ci/Dockerfile-bun | 2 +- ci/Dockerfile-deno | 2 +- ci/Dockerfile-fedora | 2 +- ci/Dockerfile-ppc64 | 2 +- deno.json | 6 +- docker-compose.yml | 12 ++- docker.js | 17 +++- docs/ADVANCED.md | 9 ++- index.js | 12 --- jsr.json | 2 +- package-lock.json | 128 ++++++++++++++++++------------ package.json | 8 +- types/binary.d.ts.map | 2 +- types/docker.d.ts.map | 2 +- types/index.d.ts.map | 2 +- types/utils.d.ts.map | 2 +- utils.js | 25 ++++-- utils.test.js | 4 +- 22 files changed, 204 insertions(+), 102 deletions(-) diff --git a/.github/workflows/dockertests.yml b/.github/workflows/dockertests.yml index 9c2152e06..94aa74c78 100644 --- a/.github/workflows/dockertests.yml +++ b/.github/workflows/dockertests.yml @@ -32,6 +32,10 @@ jobs: with: distribution: 'temurin' java-version: ${{ matrix.java-version }} + - name: Trim CI agent + run: | + chmod +x contrib/free_disk_space.sh + ./contrib/free_disk_space.sh - name: npm install, build and test run: | npm install @@ -45,6 +49,7 @@ jobs: path: 'repotests/grafana-operator' - name: dockertests run: | + bin/cdxgen.js elasticsearch:7.2.1 -t docker -o bomresults/bom-elastic.json bin/cdxgen.js ubuntu:latest -t docker -o bomresults/bom-ubuntu.json bin/cdxgen.js almalinux:9.2-minimal -t docker -o bomresults/bom-almalinux.json bin/cdxgen.js centos:latest -t docker -o bomresults/bom-centos.json @@ -83,6 +88,10 @@ jobs: with: distribution: 'temurin' java-version: ${{ matrix.java-version }} + - name: Trim CI agent + run: | + chmod +x contrib/free_disk_space.sh + ./contrib/free_disk_space.sh - name: npm install, build and test run: | npm install diff --git a/.gitignore b/.gitignore index 13332ad0d..8fa326f97 100644 --- a/.gitignore +++ b/.gitignore @@ -124,3 +124,4 @@ oci/ roots/ .python-version build/ +.mise.toml diff --git a/binary.js b/binary.js index 9571cfecf..87787a1d7 100644 --- a/binary.js +++ b/binary.js @@ -421,7 +421,12 @@ export function getOSPackages(src) { if (DEBUG_MODE) { console.log(osReleaseData); } - let distro_codename = osReleaseData["VERSION_CODENAME"] || ""; + let distro_codename = + osReleaseData["VERSION_CODENAME"] || + osReleaseData["CENTOS_MANTISBT_PROJECT"] || + osReleaseData["REDHAT_SUPPORT_PRODUCT"] || + ""; + distro_codename = distro_codename.toLowerCase(); let distro_id = osReleaseData["ID"] || ""; const distro_id_like = osReleaseData["ID_LIKE"] || ""; let purl_type = "rpm"; @@ -505,6 +510,8 @@ export function getOSPackages(src) { if (distro_codename?.length) { purlObj.qualifiers["distro_name"] = distro_codename; } + // Remove any epoch values + delete purlObj.qualifiers.epoch; // Bug fix for mageia and oracle linux // Type is being returned as none for ubuntu as well! if (purlObj.type === "none") { @@ -573,6 +580,32 @@ export function getOSPackages(src) { // continue regardless of error } } + if (comp.purl.includes("epoch=")) { + try { + purlObj = PackageURL.fromString(comp.purl); + purlObj.qualifiers = purlObj.qualifiers || {}; + if (distro_id?.length) { + purlObj.qualifiers["distro"] = distro_id; + } + if (distro_codename?.length) { + purlObj.qualifiers["distro_name"] = distro_codename; + } + delete purlObj.qualifiers.epoch; + allTypes.add(purlObj.namespace); + comp.purl = new PackageURL( + purlObj.type, + purlObj.namespace, + name, + purlObj.version, + purlObj.qualifiers, + purlObj.subpath, + ).toString(); + comp["bom-ref"] = decodeURIComponent(comp.purl); + } catch (err) { + // continue regardless of error + console.log(err); + } + } // Fix licenses if ( comp.licenses && @@ -685,6 +718,7 @@ const retrieveDependencies = (tmpDependencies, origBomRef, comp) => { if (compPurl.qualifiers.distro) { tmpPurl.qualifiers.distro = compPurl.qualifiers.distro; } + delete tmpPurl.qualifiers.epoch; } dependsOn.add(decodeURIComponent(tmpPurl.toString())); } catch (e) { diff --git a/ci/Dockerfile b/ci/Dockerfile index 567980bf3..14eb15b66 100644 --- a/ci/Dockerfile +++ b/ci/Dockerfile @@ -8,7 +8,7 @@ LABEL maintainer="cyclonedx" \ org.opencontainers.image.vendor="cyclonedx" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ - org.opencontainers.image.description="Container image for cyclonedx cdxgen SBOM generator" \ + org.opencontainers.image.description="Container image for cdxgen SBOM generator packing latest build tools." \ org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen -r /app --server" ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561 @@ -21,6 +21,7 @@ ARG SBT_VERSION=1.9.8 ARG MAVEN_VERSION=3.9.6 ARG GRADLE_VERSION=8.7 ARG GO_VERSION=1.22.2 +ARG NODE_VERSION=22.1.0 ENV GOPATH=/opt/app-root/go \ JAVA_VERSION=$JAVA_VERSION \ @@ -45,8 +46,10 @@ ENV GOPATH=/opt/app-root/go \ SWIFT_WEBROOT=$SWIFT_WEBROOT \ LC_ALL=en_US.UTF-8 \ LANG=en_US.UTF-8 \ - LANGUAGE=en_US.UTF-8 -ENV PATH=${PATH}:${JAVA_HOME}/bin:${MAVEN_HOME}/bin:${GRADLE_HOME}/bin:${SBT_HOME}/bin:${GOPATH}/bin:/usr/local/go/bin:/usr/local/bin/:/root/.local/bin:${ANDROID_HOME}/cmdline-tools/latest/bin:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools: + LANGUAGE=en_US.UTF-8 \ + NVM_DIR="/root/.nvm" \ + NODE_COMPILE_CACHE="/opt/cdxgen-node-cache" +ENV PATH=${PATH}:/root/.nvm/versions/node/v${NODE_VERSION}/bin:${JAVA_HOME}/bin:${MAVEN_HOME}/bin:${GRADLE_HOME}/bin:${SBT_HOME}/bin:${GOPATH}/bin:/usr/local/go/bin:/usr/local/bin/:/root/.local/bin:${ANDROID_HOME}/cmdline-tools/latest/bin:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools: RUN set -e; \ ARCH_NAME="$(rpm --eval '%{_arch}')"; \ @@ -62,15 +65,17 @@ RUN set -e; \ ;; \ *) echo >&2 "error: unsupported architecture: '$ARCH_NAME'"; exit 1 ;; \ esac; \ - echo -e "[nodejs]\nname=nodejs\nstream=20\nprofiles=\nstate=enabled\n" > /etc/dnf/modules.d/nodejs.module \ - && microdnf module enable php ruby -y \ + microdnf module enable php ruby -y \ && microdnf install -y php php-curl php-zip php-bcmath php-json php-pear php-mbstring php-devel make gcc git-core \ python3.11 python3.11-devel python3.11-pip ruby ruby-devel glibc-common glibc-all-langpacks \ - pcre2 which tar gzip zip unzip sudo nodejs ncurses sqlite-devel dotnet-sdk-8.0 \ + pcre2 which tar gzip zip unzip sudo ncurses sqlite-devel dotnet-sdk-8.0 \ && alternatives --install /usr/bin/python3 python /usr/bin/python3.11 1 \ && python3 --version \ && python3 -m pip install --upgrade pip virtualenv \ && python3 -m pip install --user pipenv poetry blint \ + && curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash \ + && source /root/.nvm/nvm.sh \ + && nvm install ${NODE_VERSION} \ && node --version \ && curl -s "https://get.sdkman.io" | bash \ && source "$HOME/.sdkman/bin/sdkman-init.sh" \ @@ -127,8 +132,10 @@ RUN set -e; \ && bundler --version COPY . /opt/cdxgen RUN cd /opt/cdxgen && npm install --omit=dev \ - && chown -R cyclonedx:cyclonedx /opt/cdxgen \ + && mkdir -p /opt/cdxgen-node-cache \ + && chown -R cyclonedx:cyclonedx /opt/cdxgen /opt/cdxgen-node-cache \ && chmod a-w -R /opt \ + && node /opt/cdxgen/bin/cdxgen.js --help \ && rm -rf /var/cache/yum \ && microdnf clean all diff --git a/ci/Dockerfile-bun b/ci/Dockerfile-bun index c8f024288..d081f0d8d 100644 --- a/ci/Dockerfile-bun +++ b/ci/Dockerfile-bun @@ -8,7 +8,7 @@ LABEL maintainer="cyclonedx" \ org.opencontainers.image.vendor="cyclonedx" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ - org.opencontainers.image.description="Container image for cyclonedx cdxgen SBOM generator" \ + org.opencontainers.image.description="Container image for cdxgen SBOM generator" \ org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-bun -r /app --server" ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561 diff --git a/ci/Dockerfile-deno b/ci/Dockerfile-deno index 493e47e63..92ca7bda9 100644 --- a/ci/Dockerfile-deno +++ b/ci/Dockerfile-deno @@ -8,7 +8,7 @@ LABEL maintainer="cyclonedx" \ org.opencontainers.image.vendor="cyclonedx" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ - org.opencontainers.image.description="Container image for cyclonedx cdxgen SBOM generator" \ + org.opencontainers.image.description="Container image for cdxgen SBOM generator" \ org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-deno -r /app --server" ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561 diff --git a/ci/Dockerfile-fedora b/ci/Dockerfile-fedora index baa696310..f241526ee 100644 --- a/ci/Dockerfile-fedora +++ b/ci/Dockerfile-fedora @@ -8,7 +8,7 @@ LABEL maintainer="cyclonedx" \ org.opencontainers.image.vendor="cyclonedx" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ - org.opencontainers.image.description="Container image for cyclonedx cdxgen SBOM generator for testing" \ + org.opencontainers.image.description="Container image for cdxgen SBOM generator for testing" \ org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-fedora -r /app --server" ARG JAVA_VERSION=21-tem diff --git a/ci/Dockerfile-ppc64 b/ci/Dockerfile-ppc64 index 219147093..4c6cc661b 100644 --- a/ci/Dockerfile-ppc64 +++ b/ci/Dockerfile-ppc64 @@ -8,7 +8,7 @@ LABEL maintainer="cyclonedx" \ org.opencontainers.image.vendor="cyclonedx" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ - org.opencontainers.image.description="Container image for cyclonedx cdxgen SBOM generator" \ + org.opencontainers.image.description="Container image for cdxgen SBOM generator" \ org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-ppc64 -r /app --server" ARG SBT_VERSION=1.9.8 diff --git a/deno.json b/deno.json index 4ed42c464..9bc294963 100644 --- a/deno.json +++ b/deno.json @@ -1,6 +1,6 @@ { "name": "@cyclonedx/cdxgen", - "version": "10.5.0", + "version": "10.5.1", "exports": "./index.js", "compilerOptions": { "allowJs": true, @@ -46,8 +46,8 @@ "@appthreat/cdx-proto": "npm:@appthreat/cdx-proto@1.0.1", "@babel/parser": "npm:@babel/parser@^7.24.5", "@babel/traverse": "npm:@babel/traverse@^7.24.5", - "@npmcli/arborist": "npm:@npmcli/arborist@7.5.0", - "ajv": "npm:ajv@^8.12.0", + "@npmcli/arborist": "npm:@npmcli/arborist@7.5.1", + "ajv": "npm:ajv@^8.13.0", "ajv-formats": "npm:ajv-formats@^3.0.1", "cheerio": "npm:cheerio@^1.0.0-rc.12", "edn-data": "npm:edn-data@1.1.1", diff --git a/docker-compose.yml b/docker-compose.yml index 95f93f41e..627389ce0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,16 @@ -version: "3.9" +name: cdxgen + services: cdxgen: + # For custom builds, use the annotations to describe the pedigree.variants + annotations: + org.opencontainers.image.vendor: cyclonedx + org.opencontainers.image.licenses: Apache-2.0 + org.opencontainers.image.title: cdxgen + environment: + - NODE_COMPILE_CACHE=/tmp/cdxgen-node-cache # Using compile cache improves cold start performance + - FETCH_LICENSE=false # Set this to true to always include license + - CDXGEN_DEBUG_MODE=info # Set this to debug to get more console output build: dockerfile: ./ci/Dockerfile context: . diff --git a/docker.js b/docker.js index c0f0e33e3..d51f401bc 100644 --- a/docker.js +++ b/docker.js @@ -367,6 +367,10 @@ export const getConnection = async (options, forRegistry) => { "Ensure Docker for Desktop is running as an administrator with 'Exposing daemon on TCP without TLS' setting turned on.", opts, ); + } else if (_platform() === "darwin") { + console.warn( + "Ensure Podman Desktop (open-source) or Docker for Desktop (May require subscription) is running.", + ); } else { console.warn( "Ensure docker/podman service or Docker for Desktop is running.", @@ -690,13 +694,17 @@ export const extractTar = async (fullImageName, dir) => { preserveOwner: false, noMtime: true, noChmod: true, - strict: false, + strict: true, C: dir, portable: true, onwarn: () => {}, filter: (path, entry) => { // Some files are known to cause issues with extract if ( + path.endsWith("etc/machine-id") || + path.includes("usr/lib/systemd/") || + path.includes("usr/lib64/libdevmapper.so") || + path.includes("usr/sbin/") || path.includes("cacerts") || path.includes("ssl/certs") || path.includes("logs/") || @@ -704,6 +712,7 @@ export const extractTar = async (fullImageName, dir) => { path.includes("usr/share/zoneinfo/") || path.includes("usr/share/doc/") || path.includes("usr/share/i18n/") || + path.includes("usr/share/licenses/device-mapper-libs") || [ "BlockDevice", "CharacterDevice", @@ -728,7 +737,9 @@ export const extractTar = async (fullImageName, dir) => { "Please run cdxgen from a powershell terminal with admin privileges to create symlinks.", ); console.log(err); - } else if (!["TAR_BAD_ARCHIVE", "TAR_ENTRY_INFO"].includes(err.code)) { + } else if ( + !["TAR_BAD_ARCHIVE", "TAR_ENTRY_INFO", "EACCES"].includes(err.code) + ) { console.log( `Error while extracting image ${fullImageName} to ${dir}. Please file this bug to the cdxgen repo. https://github.com/CycloneDX/cdxgen/issues`, ); @@ -739,6 +750,8 @@ export const extractTar = async (fullImageName, dir) => { if (DEBUG_MODE) { console.log(`Archive ${fullImageName} is empty. Skipping.`); } + } else if (["EACCES"].includes(err.code)) { + console.log(err); } else { console.log(err); } diff --git a/docs/ADVANCED.md b/docs/ADVANCED.md index e4bb29b8b..8e8096480 100644 --- a/docs/ADVANCED.md +++ b/docs/ADVANCED.md @@ -492,11 +492,16 @@ Example: ## Generate Cryptography Bill of Materials (CBOM) -Use the `cbom` alias to generate a CBOM. This is currently supported only for Java projects. +Use the `cbom` alias to generate a CBOM. This is currently supported only for Java and Python projects. ```shell cbom -t java -# cdxgen -t java --include-crypto -o bom.json . +# cdxgen -t java --include-crypto -o bom.json --spec-version 1.6 . +``` + +```shell +cbom -t python +# cdxgen -t python --include-crypto -o bom.json --spec-version . ``` Using the `cbom` alias sets the following options: diff --git a/index.js b/index.js index c4907988d..5e7d89cc9 100644 --- a/index.js +++ b/index.js @@ -5807,18 +5807,6 @@ export async function createBom(path, options) { [...new Set(exportData.pkgPathList)], options, ); - if (exportData.allLayersDir?.startsWith(tmpdir())) { - if (DEBUG_MODE) { - console.log(`Cleaning up ${exportData.allLayersDir}`); - } - try { - if (rmSync) { - rmSync(exportData.allLayersDir, { recursive: true, force: true }); - } - } catch (err) { - // continue regardless of error - } - } return bomData; } if (path.endsWith(".war")) { diff --git a/jsr.json b/jsr.json index e80e57d7a..116e79153 100644 --- a/jsr.json +++ b/jsr.json @@ -1,6 +1,6 @@ { "name": "@cyclonedx/cdxgen", - "version": "10.5.0", + "version": "10.5.1", "exports": "./index.js", "include": ["*.js", "bin/**", "data/**", "types/**"], "exclude": ["test/", "docs/", "contrib/", "ci/", "tools_config/"] diff --git a/package-lock.json b/package-lock.json index d3c84c677..a0e35f758 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,18 +1,18 @@ { "name": "@cyclonedx/cdxgen", - "version": "10.5.0", + "version": "10.5.1", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@cyclonedx/cdxgen", - "version": "10.5.0", + "version": "10.5.1", "license": "Apache-2.0", "dependencies": { "@babel/parser": "^7.24.5", "@babel/traverse": "^7.24.5", - "@npmcli/arborist": "7.5.0", - "ajv": "^8.12.0", + "@npmcli/arborist": "7.5.1", + "ajv": "^8.13.0", "ajv-formats": "^3.0.1", "cheerio": "^1.0.0-rc.12", "edn-data": "1.1.1", @@ -44,7 +44,7 @@ "obom": "bin/cdxgen.js" }, "devDependencies": { - "@biomejs/biome": "1.7.1", + "@biomejs/biome": "1.7.2", "jest": "^29.7.0", "typescript": "^5.4.5" }, @@ -615,9 +615,9 @@ "dev": true }, "node_modules/@biomejs/biome": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/biome/-/biome-1.7.1.tgz", - "integrity": "sha512-wb2UNoFXcgaMdKXKT5ytsYntaogl2FSTjDt20CZynF3v7OXQUcIpTrr+be3XoOGpoZRj3Ytq9TSpmplUREXmeA==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/biome/-/biome-1.7.2.tgz", + "integrity": "sha512-6Skx9N47inLQzYi9RKgJ7PBnUnaHnMe/imqX43cOcJjZtfMnQLxEvfM2Eyo7gChkwrZlwc+VbA4huFRjw2fsYA==", "dev": true, "hasInstallScript": true, "bin": { @@ -631,20 +631,20 @@ "url": "https://opencollective.com/biome" }, "optionalDependencies": { - "@biomejs/cli-darwin-arm64": "1.7.1", - "@biomejs/cli-darwin-x64": "1.7.1", - "@biomejs/cli-linux-arm64": "1.7.1", - "@biomejs/cli-linux-arm64-musl": "1.7.1", - "@biomejs/cli-linux-x64": "1.7.1", - "@biomejs/cli-linux-x64-musl": "1.7.1", - "@biomejs/cli-win32-arm64": "1.7.1", - "@biomejs/cli-win32-x64": "1.7.1" + "@biomejs/cli-darwin-arm64": "1.7.2", + "@biomejs/cli-darwin-x64": "1.7.2", + "@biomejs/cli-linux-arm64": "1.7.2", + "@biomejs/cli-linux-arm64-musl": "1.7.2", + "@biomejs/cli-linux-x64": "1.7.2", + "@biomejs/cli-linux-x64-musl": "1.7.2", + "@biomejs/cli-win32-arm64": "1.7.2", + "@biomejs/cli-win32-x64": "1.7.2" } }, "node_modules/@biomejs/cli-darwin-arm64": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/cli-darwin-arm64/-/cli-darwin-arm64-1.7.1.tgz", - "integrity": "sha512-qfLrIIB58dkgiY/1tgG6fSCBK22PZaSIf6blweZBsG6iMij05mEuJt50ne+zPnNFNUmt8t43NC/qOXT3iFHQBA==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/cli-darwin-arm64/-/cli-darwin-arm64-1.7.2.tgz", + "integrity": "sha512-CrldIueHivWEWmeTkK8bTXajeX53F8i2Rrkkt8cPZyMtzkrwxf8Riq4a/jz3SQBHkxHFT4TqGbSTNMXe3X1ogA==", "cpu": [ "arm64" ], @@ -658,9 +658,9 @@ } }, "node_modules/@biomejs/cli-darwin-x64": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/cli-darwin-x64/-/cli-darwin-x64-1.7.1.tgz", - "integrity": "sha512-OGeyNsEcp5VnKbF9/TBjPCTHNEOm7oHegEve07U3KZmzqfpw2Oe3i9DVW8t6vvj1TYbrwWYCld25H34kBDY7Vg==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/cli-darwin-x64/-/cli-darwin-x64-1.7.2.tgz", + "integrity": "sha512-UELnLJuJOsTL9meArvn8BtiXDURyPil2Ej9me2uVpEvee8UQdqd/bssP5we400OWShlL1AAML4fn6d2WX5332g==", "cpu": [ "x64" ], @@ -674,9 +674,9 @@ } }, "node_modules/@biomejs/cli-linux-arm64": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/cli-linux-arm64/-/cli-linux-arm64-1.7.1.tgz", - "integrity": "sha512-MQDf5wErj1iBvlcxCyOa0XqZYN8WJrupVgbNnqhntO3yVATg8GxduVUn1fDSaolznkDRsj7Pz3Xu1esBFwvfmg==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/cli-linux-arm64/-/cli-linux-arm64-1.7.2.tgz", + "integrity": "sha512-Z1CSGQE6fHz55gkiFHv9E8wEAaSUd7dHSRaxSCBa7utonHqpIeMbvj3Evm1w0WfGLFDtRXLV1fTfEdM0FMTOhA==", "cpu": [ "arm64" ], @@ -690,9 +690,9 @@ } }, "node_modules/@biomejs/cli-linux-arm64-musl": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/cli-linux-arm64-musl/-/cli-linux-arm64-musl-1.7.1.tgz", - "integrity": "sha512-giH0/CzLOJ+wbxLxd5Shnr5xQf5fGnTRWLDe3lzjaF7IplVydNCEeZJtncB01SvyA6DAFJsvQ4LNxzAOQfEVCg==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/cli-linux-arm64-musl/-/cli-linux-arm64-musl-1.7.2.tgz", + "integrity": "sha512-kKYZiem7Sj7wI0dpVxJlK7C+TFQwzO/ctufIGXGJAyEmUe9vEKSzV8CXpv+JIRiTWyqaZJ4K+eHz4SPdPCv05w==", "cpu": [ "arm64" ], @@ -706,9 +706,9 @@ } }, "node_modules/@biomejs/cli-linux-x64": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/cli-linux-x64/-/cli-linux-x64-1.7.1.tgz", - "integrity": "sha512-3wmCsGcC3KZ4pfTknXHfyMMlXPMhgfXVAcG5GlrR+Tq2JGiAw0EUydaLpsSBEbcG7IxH6OiUZEJZ95kAycCHBA==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/cli-linux-x64/-/cli-linux-x64-1.7.2.tgz", + "integrity": "sha512-vXXyox8/CQijBxAu0+r8FfSO7JlC4tob3PbaFda8gPJFRz2uFJw39HtxVUwbTV1EcU6wSPh4SiRu5sZfP1VHrQ==", "cpu": [ "x64" ], @@ -722,9 +722,9 @@ } }, "node_modules/@biomejs/cli-linux-x64-musl": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/cli-linux-x64-musl/-/cli-linux-x64-musl-1.7.1.tgz", - "integrity": "sha512-ySNDtPhsLxU125IFHHAxfpoHBpkM56s4mEXeO70GZtgZay/o1h8IUPWCWf5Z7gKgc4jwgYN1U1U9xabI3hZVAg==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/cli-linux-x64-musl/-/cli-linux-x64-musl-1.7.2.tgz", + "integrity": "sha512-x10LpGMepDrLS+h2TZ6/T7egpHjGKtiI4GuShNylmBQJWfTotbFf9eseHggrqJ4WZf9yrGoVYrtbxXftuB95sQ==", "cpu": [ "x64" ], @@ -738,9 +738,9 @@ } }, "node_modules/@biomejs/cli-win32-arm64": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/cli-win32-arm64/-/cli-win32-arm64-1.7.1.tgz", - "integrity": "sha512-8hIDakEqZn0i6+388noYKdZ0ZrovTwnvMU/Qp/oJou0G7EPVdXupOe0oxiQSdRN0W7f6CS/yjPCYuVGzDG6r0g==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/cli-win32-arm64/-/cli-win32-arm64-1.7.2.tgz", + "integrity": "sha512-kRXdlKzcU7INf6/ldu0nVmkOgt7bKqmyXRRCUqqaJfA32+9InTbkD8tGrHZEVYIWr+eTuKcg16qZVDsPSDFZ8g==", "cpu": [ "arm64" ], @@ -754,9 +754,9 @@ } }, "node_modules/@biomejs/cli-win32-x64": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@biomejs/cli-win32-x64/-/cli-win32-x64-1.7.1.tgz", - "integrity": "sha512-3W9k3uH6Ea6VOpAS9xkkAlS0LTfnGQjmIUCegZ8SDtK2NgJ1gO+qdEkGJb0ltahusFTN1QxJ107dM7ASA9IUEg==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@biomejs/cli-win32-x64/-/cli-win32-x64-1.7.2.tgz", + "integrity": "sha512-qHTtpAs+CNglAAuaTy09htoqUhrQyd3nd0aGTuLNqD10h1llMVi8WFZfoa+e5MuDSfYtMK6nW2Tbf6WgzzR1Qw==", "cpu": [ "x64" ], @@ -1770,9 +1770,9 @@ } }, "node_modules/@npmcli/arborist": { - "version": "7.5.0", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-7.5.0.tgz", - "integrity": "sha512-Uu1hkXEVjz85gJfYqa0d2upTihR+Nw18ozkIuKb5oZXb8+wpCtuRUxP2mV20GYX7ZoWZym6QgC0jxUDLdHaTVQ==", + "version": "7.5.1", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-7.5.1.tgz", + "integrity": "sha512-rjGX1tzn9HVQHv5lIP2wANvJmG5+/aFiVFoTBSzneOaSuBUJOnFRha2DE+cIRRekuGllmYff2/XcXnOWrZOJ/w==", "dependencies": { "@isaacs/string-locale-compare": "^1.1.0", "@npmcli/fs": "^3.1.0", @@ -1783,8 +1783,8 @@ "@npmcli/node-gyp": "^3.0.0", "@npmcli/package-json": "^5.1.0", "@npmcli/query": "^3.1.0", - "@npmcli/redact": "^1.1.0", - "@npmcli/run-script": "^8.0.0", + "@npmcli/redact": "^2.0.0", + "@npmcli/run-script": "^8.1.0", "bin-links": "^4.0.1", "cacache": "^18.0.0", "common-ancestor-path": "^1.0.1", @@ -1796,7 +1796,7 @@ "npm-install-checks": "^6.2.0", "npm-package-arg": "^11.0.2", "npm-pick-manifest": "^9.0.0", - "npm-registry-fetch": "^16.2.1", + "npm-registry-fetch": "^17.0.0", "pacote": "^18.0.1", "parse-conflict-json": "^3.0.0", "proc-log": "^4.2.0", @@ -1816,6 +1816,32 @@ "node": "^16.14.0 || >=18.0.0" } }, + "node_modules/@npmcli/arborist/node_modules/@npmcli/redact": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/redact/-/redact-2.0.0.tgz", + "integrity": "sha512-SEjCPAVHWYUIQR+Yn03kJmrJjZDtJLYpj300m3HV9OTRZNpC5YpbMsM3eTkECyT4aWj8lDr9WeY6TWefpubtYQ==", + "engines": { + "node": "^16.14.0 || >=18.0.0" + } + }, + "node_modules/@npmcli/arborist/node_modules/npm-registry-fetch": { + "version": "17.0.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-17.0.1.tgz", + "integrity": "sha512-fLu9MTdZTlJAHUek/VLklE6EpIiP3VZpTiuN7OOMCt2Sd67NCpSEetMaxHHEZiZxllp8ZLsUpvbEszqTFEc+wA==", + "dependencies": { + "@npmcli/redact": "^2.0.0", + "make-fetch-happen": "^13.0.0", + "minipass": "^7.0.2", + "minipass-fetch": "^3.0.0", + "minipass-json-stream": "^1.0.1", + "minizlib": "^2.1.2", + "npm-package-arg": "^11.0.0", + "proc-log": "^4.0.0" + }, + "engines": { + "node": "^16.14.0 || >=18.0.0" + } + }, "node_modules/@npmcli/arborist/node_modules/proc-log": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-4.2.0.tgz", @@ -2359,14 +2385,14 @@ } }, "node_modules/ajv": { - "version": "8.12.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.12.0.tgz", - "integrity": "sha512-sRu1kpcO9yLtYxBKvqfTeh9KzZEwO3STyX1HT+4CaDzC6HpTGYhIhPIzj9XuKU7KYDwnaeh5hcOwjy1QuJzBPA==", + "version": "8.13.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.13.0.tgz", + "integrity": "sha512-PRA911Blj99jR5RMeTunVbNXMF6Lp4vZXnk5GQjcnUWUTsrXtekg/pnmFFI2u/I36Y/2bITGS30GZCXei6uNkA==", "dependencies": { - "fast-deep-equal": "^3.1.1", + "fast-deep-equal": "^3.1.3", "json-schema-traverse": "^1.0.0", "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" + "uri-js": "^4.4.1" }, "funding": { "type": "github", diff --git a/package.json b/package.json index f363eac9a..7f8bbd7ad 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@cyclonedx/cdxgen", - "version": "10.5.0", + "version": "10.5.1", "description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image", "homepage": "http://github.com/cyclonedx/cdxgen", "author": "Prabhu Subramanian ", @@ -59,8 +59,8 @@ "dependencies": { "@babel/parser": "^7.24.5", "@babel/traverse": "^7.24.5", - "@npmcli/arborist": "7.5.0", - "ajv": "^8.12.0", + "@npmcli/arborist": "7.5.1", + "ajv": "^8.13.0", "ajv-formats": "^3.0.1", "cheerio": "^1.0.0-rc.12", "edn-data": "1.1.1", @@ -102,7 +102,7 @@ }, "files": ["*.js", "bin/", "data/", "types/"], "devDependencies": { - "@biomejs/biome": "1.7.1", + "@biomejs/biome": "1.7.2", "jest": "^29.7.0", "typescript": "^5.4.5" } diff --git a/types/binary.d.ts.map b/types/binary.d.ts.map index 87310dcd2..aa392dd55 100644 --- a/types/binary.d.ts.map +++ b/types/binary.d.ts.map @@ -1 +1 @@ -{"version":3,"file":"binary.d.ts","sourceRoot":"","sources":["../binary.js"],"names":[],"mappings":"AAsRA,iDA8BC;AAED,wDAmBC;AAED;;;;;;;EAgVC;AAiCD,gDAgDC;AAED;;;;;;GAMG;AACH,qCAJW,MAAM,cACN,MAAM,WA2BhB;AAED;;;;;;;;GAQG;AACH,kCANW,MAAM,iBACN,MAAM,YACN,OAAO,GAEN,OAAO,CA8BlB"} \ No newline at end of file +{"version":3,"file":"binary.d.ts","sourceRoot":"","sources":["../binary.js"],"names":[],"mappings":"AAsRA,iDA8BC;AAED,wDAmBC;AAED;;;;;;;EAiXC;AAkCD,gDAgDC;AAED;;;;;;GAMG;AACH,qCAJW,MAAM,cACN,MAAM,WA2BhB;AAED;;;;;;;;GAQG;AACH,kCANW,MAAM,iBACN,MAAM,YACN,OAAO,GAEN,OAAO,CA8BlB"} \ No newline at end of file diff --git a/types/docker.d.ts.map b/types/docker.d.ts.map index 14667b739..7f3bd3549 100644 --- a/types/docker.d.ts.map +++ b/types/docker.d.ts.map @@ -1 +1 @@ -{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../docker.js"],"names":[],"mappings":"AA4BA,4BAA6C;AA+BtC,iCAHI,MAAM,WACN,MAAM,iDAehB;AAqBM,6DAmBN;AAgLM,4EA+FN;AAEM,oFAwBN;AAUM;;;;;;;;EAwEN;AAmBM,2DA2KN;AAEM,2EA+DN;AAMM;;;;;;;;;;;;;GAqDN;AAEM;;;;;;;GAqGN;AAMM,8DAqHN;AAKM,4EAmGN;AAEM,+EAMN;AAEM,4EAyCN;AAEM,iFA0BN"} \ No newline at end of file +{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../docker.js"],"names":[],"mappings":"AA4BA,4BAA6C;AA+BtC,iCAHI,MAAM,WACN,MAAM,iDAehB;AAqBM,6DAmBN;AAgLM,4EAmGN;AAEM,oFAwBN;AAUM;;;;;;;;EAwEN;AAmBM,2DA2KN;AAEM,2EAwEN;AAMM;;;;;;;;;;;;;GAqDN;AAEM;;;;;;;GAqGN;AAMM,8DAqHN;AAKM,4EAmGN;AAEM,+EAMN;AAEM,4EAyCN;AAEM,iFA0BN"} \ No newline at end of file diff --git a/types/index.d.ts.map b/types/index.d.ts.map index 864bdafcb..3e93e67fe 100644 --- a/types/index.d.ts.map +++ b/types/index.d.ts.map @@ -1 +1 @@ -{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"AAgtBA;;;;;;;;GAQG;AACH,gFAFW,MAAM,SAchB;AAwTD;;;;;;;GAOG;AACH,mCALW,MAAM,qBAiEhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;EAKhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;EAkBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BA23BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAkZhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAgWhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAiThB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAkGhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAiDhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBA+KhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBAsHhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,qBAuBhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAqDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,8BA4ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,8BAwFhB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,qBA8ThB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBAwJhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAmFhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAmRhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM;;;;;;;;;;;;;;;;;;;;GAoChB;AAED;;;;;;;;KA8DC;AAED,uDAWC;AAED;;;;;;;;;GASG;AACH,2GA6BC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,8BAoZhB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,8BAkUhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,qBAkRhB;AAED;;;;;GAKG;AACH,qEAyFC"} \ No newline at end of file +{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.js"],"names":[],"mappings":"AAgtBA;;;;;;;;GAQG;AACH,gFAFW,MAAM,SAchB;AAwTD;;;;;;;GAOG;AACH,mCALW,MAAM,qBAiEhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;EAKhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;EAkBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BA23BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAkZhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAgWhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAiThB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAkGhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAiDhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBA+KhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBAsHhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,qBAuBhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,8BAqDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,8BA4ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,qBA2BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,8BAwFhB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,qBA8ThB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,qBAwJhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,8BAmFhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,8BAmRhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM;;;;;;;;;;;;;;;;;;;;GAoChB;AAED;;;;;;;;KA8DC;AAED,uDAWC;AAED;;;;;;;;;GASG;AACH,2GA6BC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,8BAoZhB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,8BAkUhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,qBAsQhB;AAED;;;;;GAKG;AACH,qEAyFC"} \ No newline at end of file diff --git a/types/utils.d.ts.map b/types/utils.d.ts.map index bc8fa20a5..4383e1c04 100644 --- a/types/utils.d.ts.map +++ b/types/utils.d.ts.map @@ -1 +1 @@ -{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AAuNA;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;GAQG;AACH,iEAoBC;AAED;;;;;GAKG;AACH,6CAmDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAoVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MAwDhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAsMhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA8KhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;GAGG;AACH,0CAFW,MAAM;;;;;;;;;EAwFhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CAgElB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MAsEhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFA+FC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CAwB3B;AAED;;;;;;;;;GASG;AACH,0EAFY,eAAe,CAM1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,eAAe,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,2FAkBC;AAED;;;;;GAKG;AACH,sFAgNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MA+ChB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFA+IC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,eAAe,CA4D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GAqDhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAiCC;AAED;;;;GAIG;AACH,gEA0DC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,kDALW,MAAM,WACN,OAAO,SAwKjB;AAED;;;;;;;GAOG;AACH,8CALW,MAAM,WACN,OAAO,SA4HjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAED;;IAqCC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAED,8DAsCC;AAED,sDAqDC;AAED,yDAgCC;AAED,qDAkDC;AAED,2DASC;AAED,wEAmDC;AAED,oDAyBC;AAED,uEA0FC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,eAAe,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAiThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA0ChB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;GAKG;AAEH,uDAJW,MAAM,OAmChB;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DAyEC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OAgDhB;AA0DD;;;;;;;GAOG;AACH,2CALW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyShB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAgQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AAkHD;;;;GAIG;AACH;;;GAkHC;AAED,yEA6FC;AAj6TD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAiBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,oCAEoD;AAGpD,uCAEuD;AAYvD,4BAA6B;AAU7B,8BAAiC;AAMjC,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAM/B,8BAIG;AA63HH,8CAUE"} \ No newline at end of file +{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../utils.js"],"names":[],"mappings":"AA8NA;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,0BAqBhB;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,+BAoBhB;AAYD;;;;GAIG;AACH,gCAFa,MAAM,CAIlB;AAED;;;;;;IAMI;AACJ,iDAJW,MAAM,GACJ,OAAO,CAiBnB;AAED;;;;;;;;GAQG;AACH,iEAoBC;AAED;;;;;GAKG;AACH,6CAmDC;AAED;;;;;;GAMG;AACH,sEA0DC;AAED;;;;GAIG;AACH,4EAoCC;AAED;;;GAGG;AACH;;EAUC;AAED,sEA0BC;AAED;;;;GAIG;AACH,+DA4CC;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,OAAO,kBAkFjB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM;;;GAoVhB;AAED;;;;;;;GAOG;AACH,6CAFW,MAAM,MAwDhB;AAwBD;;;;GAIG;AACH,4CAFW,MAAM;;;GAsMhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,kBAiEhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,oBACN,MAAM;;;;;;;;;GA8KhB;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBA+ChB;AAED;;;;GAIG;AACH,sCAFW,MAAM,kBAgFhB;AAED;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;IAqDC;AAED;;;GAGG;AACH,0CAFW,MAAM;;;;;;;;;EAwFhB;AAED;;;;;;GAMG;AACH,0CALW,MAAM,qBACN,MAAM,oBACN,MAAM,uBACN,MAAM;;;;;;;;;;;;;;;;EAkNhB;AAED;;;GAGG;AACH,uCAFW,MAAM,SAoChB;AAED;;;GAGG;AACH,wCAFW,MAAM,OAahB;AAED,yEAwBC;AAED;;;;GAIG;AACH,+CAFW,MAAM;;;EA6ChB;AAED;;;;GAIG;AACH,iDAFW,MAAM;;;;;;;;EAsChB;AAED;;;;;;;;GAQG;AACH,qDANW,MAAM,YACN,MAAM,0BAGJ,MAAM,CAgElB;AAED;;;;;;GAMG;AACH,6CAJW,MAAM,YACN,MAAM,cACN,MAAM,MAsEhB;AAED;;;GAGG;AACH,iDAFW,MAAM,SA4ChB;AAED;;;GAGG;AACH,8CAFW,MAAM,SAsDhB;AAED;;;GAGG;AACH,2CAFW,MAAM,SAiBhB;AAED;;GAEG;AACH,kDAoCC;AAED;;;;GAIG;AACH,oCAFW,MAAM,OAchB;AAED;;;;GAIG;AACH,kDAUC;AAED;;;;;GAKG;AACH,mFAiGC;AAED;;;;;;;;;GASG;AACH,sFAMC;AAED;;;;;;;;;GASG;AACH,gFAFY,MAAO,SAAS,CAwB3B;AAED;;;;;;;;;GASG;AACH,0EAFY,eAAe,CAU1B;AAED;;;;GAIG;AACH,4DAFW,WAAY,SAYtB;AAED;;;;;;;;;GASG;AACH,+FAFY,eAAe,CAc1B;AAED;;;;GAIG;AACH;;;EAqBC;AAED;;;;;GAKG;AACH,2FAkBC;AAED;;;;;GAKG;AACH,sFAgNC;AAED;;;;GAIG;AACH,qDAmBC;AAED;;;;GAIG;AACH,gEAeC;AAED;;;;GAIG;AACH,6CAFW,MAAM,MA+ChB;AAED;;;;;GAKG;AACH,6DAFW,MAAM;;;;;;;GAqHhB;AAED;;;;;GAKG;AACH,mFA+IC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM;;;;;;;;GA2EhB;AAED;;;;GAIG;AACH,mEAqBC;AAED;;;;GAIG;AACH,+DAFY,SAAO,SAAS,CAc3B;AAED;;;;GAIG;AACH,oDAFY,QAAQ,CASnB;AAED;;;;;GAKG;AACH,oEAFY,SAAO,SAAS,CAc3B;AAED;;;;;;GAMG;AACH,oEAFY,eAAe,CA8D1B;AAED;;;;GAIG;AACH,iEAgDC;AAED,+FA4BC;AAED,8EA2EC;AAED;;;;;GAKG;AACH,0CAHW,MAAM;;;GAqDhB;AA0BD;;;;;;;;;GASG;AACH,2CAPW,MAAM,aACN,MAAM;;;;;;GA6FhB;AAED;;;;GAIG;AACH,yCAHW,MAAM,OAehB;AAED;;;;GAIG;AACH,0CAHW,MAAM,kBAuChB;AAED,+DA+CC;AAED,uEAwBC;AA6BD;;;;GAIG;AACH,oEAmGC;AAED;;;;GAIG;AACH,8CAFW,MAAM,kBAgChB;AAED;;;;;GAKG;AACH,kDAHW,MAAM,YACN,MAAM;;;;;;;;;;;;;;GAuPhB;AAED;;;;GAIG;AACH,kEAiCC;AAED;;;;GAIG;AACH,gEA0DC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,kDALW,MAAM,WACN,OAAO,SAwKjB;AAED;;;;;;;GAOG;AACH,8CALW,MAAM,WACN,OAAO,SA4HjB;AAED;;;IAwIC;AAED,wEA0BC;AAED,mEAqCC;AAED,0DAkBC;AAED,wDA+DC;AAED,0FAkEC;AAED;;IAqCC;AAED;;IA2DC;AAED,2DAiEC;AAED,yDAaC;AAaD,gDA+EC;AAED,yDAkDC;AAED,sDA0BC;AAED,sDAyBC;AAED,6DAwCC;AAED,yDAmCC;AAED,8DAsCC;AAED,sDAqDC;AAED,yDAgCC;AAED,qDAkDC;AAED,2DASC;AAED,wEAmDC;AAED,oDAyBC;AAED,uEA0FC;AAED;;;EAiNC;AAED;;;;EAsHC;AAED;;;EA+GC;AAED;;;;;GAKG;AACH,+CAHW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2IhB;AAED;;;;;;EA+HC;AAED;;;;GAIG;AACH,0CAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAqDhB;AAmBD;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAchB;AAED;;;;;GAKG;AACH,wCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,yCAHW,MAAM,YAQhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,YAQhB;AAED;;;;;;;GAOG;AACH;;;;;;;;;;IA2IC;AA2CD;;;;GAIG;AACH,0FAHW,MAAM,WACN,MAAM,UAuDhB;AAED;;;;GAIG;AACH,8CAHW,MAAM,WACN,MAAM;;;;;;EAqBhB;AAED;;;GAGG;AACH,iDAFW,MAAM;;;;;;;;;;;;;;;;;;;;;IAwDhB;AAED;;;;;;;GAOG;AACH,iDALW,MAAM,YACN,MAAM,YACN,OAAO,oBACP,OAAO,eA6DjB;AAED,oIAgCC;AAED;;;;;;;GAOG;AACH,sCALW,MAAM,eACN,MAAM,eA6JhB;AAED;;;;;;;;;;;;;;;;;;;;;;IA6DC;AAED;;;;;;;EA8BC;AAED,uDAeC;AAED,2DAeC;AAED,2CAIC;AAED;;;;;;GAMG;AACH,uDAJW,MAAM,MAgBhB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,QACN,MAAM,GACJ,eAAe,CAU3B;AAED;;;;;;;;GAQG;AACH,2CANW,MAAM,WACN,MAAM,iBACN,MAAM,kBAmThB;AAED;;;;;;;GAOG;AACH,iDAFW,MAAM,OAehB;AAED;;;;;;;;;;;GAWG;AACH,uCAHW,MAAM,UACN,MAAM,UAYhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,uBACN,MAAM,WAgBhB;AAED;;;;GAIG;AACH,4CAFW,MAAM,UAIhB;AAED;;;;;;;;GAQG;AACH,sCANW,MAAM,eACN,MAAM,oBACN,MAAM,gBAgChB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,kBA4EhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,YACN,MAAM,UAiChB;AACD;;;;;GAKG;AAEH,uDAJW,MAAM,OAmChB;AACD;;;;;GAKG;AACH,yCAHW,MAAM,YACN,MAAM,UAsEhB;AAED;;GAEG;AACH,sCAmBC;AAED,0DAyEC;AAED;;;;;;;;GAQG;AACH,oCANW,MAAM,YACN,MAAM,gBACN,MAAM,eACN,MAAM,OAgDhB;AA0DD;;;;;;;GAOG;AACH,2CALW,MAAM,kBACN,MAAM,eACN,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyShB;AAGD;;;;;EAmBC;AAED;;;;;;GAMG;AACH,kEAHW,MAAM,cACN,MAAM,6BA0IhB;AAED,qDASC;AAED;;;;;;;EA2GC;AAED;;;EA6PC;AAED,sEA6BC;AAED;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM;;;;;;;EAgQhB;AAED;;;;;;GAMG;AACH,2CAHW,MAAM,OAKhB;AAED,qDA0CC;AAkHD;;;;GAIG;AACH;;;GAkHC;AAED,yEA6FC;AAp9TD,gCAAgF;AAChF,4BAA4C;AAC5C,4BAA6C;AAC7C,2BAAmE;AAsBnE,iCAEE;AAiBF,iCAIyC;AAGzC,gCACmE;AAGnE,gCACsE;AAGtE,8BAA+B;AAK/B,4CAEmE;AAGnE,oCAEoD;AAGpD,uCAEuD;AAYvD,4BAA6B;AAU7B,8BAAiC;AAMjC,8BAAiC;AAIjC,4BAA6B;AAI7B,2BAA2B;AAI3B,4BAA6B;AAI7B,2BAA2B;AAI3B,6BAA+B;AAI/B,0BAAyB;AAIzB,6BAA+B;AAM/B,2BAA2B;AAK3B,4BAA6B;AAK7B,6BAA+B;AAS/B,8BAQG;AAq4HH,8CAUE"} \ No newline at end of file diff --git a/utils.js b/utils.js index 4d7744ec8..99df3bfc1 100644 --- a/utils.js +++ b/utils.js @@ -206,11 +206,18 @@ if (process.env.SWIFT_CMD) { SWIFT_CMD = process.env.SWIFT_CMD; } +// HTTP cache +const gotHttpCache = new Map(); + // Custom user-agent for cdxgen export const cdxgenAgent = got.extend({ headers: { "user-agent": `@CycloneDX/cdxgen ${_version}`, }, + cache: gotHttpCache, + retry: { + limit: 0, + }, }); /** @@ -7897,13 +7904,15 @@ export async function extractJarArchive(jarFile, tempDir, jarNSMapping = {}) { jarFile.endsWith(".hpi") || jarFile.endsWith(".jar") ) { - try { - const zip = new StreamZip.async({ file: join(tempDir, fname) }); - await zip.extract(null, tempDir); - await zip.close(); - } catch (e) { - console.log(`Unable to extract ${join(tempDir, fname)}. Skipping.`); - return pkgList; + if (existsSync(join(tempDir, fname))) { + try { + const zip = new StreamZip.async({ file: join(tempDir, fname) }); + await zip.extract(null, tempDir); + await zip.close(); + } catch (e) { + console.log(`Unable to extract ${join(tempDir, fname)}. Skipping.`, e); + return pkgList; + } } jarFiles = getAllFiles(join(tempDir, "WEB-INF", "lib"), "**/*.jar"); if (jarFile.endsWith(".hpi")) { @@ -7929,7 +7938,7 @@ export async function extractJarArchive(jarFile, tempDir, jarNSMapping = {}) { // If the jar file doesn't exist at the point of use, skip it if (!existsSync(jf)) { if (DEBUG_MODE) { - console.log(jf, "is not a readable file"); + console.log(jf, jarFile, "is not a readable file."); } continue; } diff --git a/utils.test.js b/utils.test.js index b5fc713c3..99c338dc9 100644 --- a/utils.test.js +++ b/utils.test.js @@ -2220,8 +2220,8 @@ test("parsePkgLock v3", async () => { projectName: "cdxgen", }); deps = parsedList.pkgList; - expect(deps.length).toEqual(840); - expect(parsedList.dependenciesList.length).toEqual(840); + expect(deps.length).toEqual(842); + expect(parsedList.dependenciesList.length).toEqual(842); }); test("parseBowerJson", async () => {