Support for invoking multiple package managers for java (CycloneDX#1217)

* Support for invoking multiple package managers for java Signed-off-by: Prabhu Subramanian <[email protected]> * Improved gradle troubleshooting message Signed-off-by: Prabhu Subramanian <[email protected]> * Fix test Signed-off-by: Prabhu Subramanian <[email protected]> --------- Signed-off-by: Prabhu Subramanian <[email protected]>
timmyteo · Jul 5, 2024 · e556616 · e556616
1 parent c9460a9
commit e556616
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 50 deletions.
diff --git a/bin/repl.js b/bin/repl.js
@@ -163,9 +163,15 @@ cdxgenRepl.defineCommand("search", {
             searchStr = `components[group ~> /${searchStr}/i or name ~> /${searchStr}/i or description ~> /${searchStr}/i or publisher ~> /${searchStr}/i or purl ~> /${searchStr}/i]`;
           }
           const expression = jsonata(searchStr);
-          const components = await expression.evaluate(sbom);
+          let components = await expression.evaluate(sbom);
           const dexpression = jsonata(dependenciesSearchStr);
-          const dependencies = await dexpression.evaluate(sbom);
+          let dependencies = await dexpression.evaluate(sbom);
+          if (components && !Array.isArray(components)) {
+            components = [components];
+          }
+          if (dependencies && !Array.isArray(dependencies)) {
+            dependencies = [dependencies];
+          }
           if (!components) {
             console.log("No results found!");
           } else {

diff --git a/display.js b/display.js
@@ -427,7 +427,7 @@ export const printSummary = (bomJson) => {
       bomPkgNamespaces = aprop?.value.split("\\n");
     }
   }
-  if (!bomPkgTypes && !bomPkgNamespaces) {
+  if (!bomPkgTypes.length && !bomPkgNamespaces.length) {
     return;
   }
   const message = `** Package Types (${bomPkgTypes.length}) **\n${bomPkgTypes.join("\n")}\n\n** Namespaces (${bomPkgNamespaces.length}) **\n${bomPkgNamespaces.join("\n")}`;

diff --git a/index.js b/index.js
@@ -1577,26 +1577,6 @@ export async function createJavaBom(path, options) {
         );
       }
     }
-    if (pkgList) {
-      pkgList = trimComponents(pkgList);
-      pkgList = await getMvnMetadata(pkgList, jarNSMapping);
-      return buildBomNSData(options, pkgList, "maven", {
-        src: path,
-        filename: pomFiles.join(", "),
-        nsMapping: jarNSMapping,
-        dependencies,
-        parentComponent,
-        tools,
-      });
-    }
-    if (bomJsonFiles.length) {
-      const bomNSData = {};
-      bomNSData.bomJsonFiles = bomJsonFiles;
-      bomNSData.nsMapping = jarNSMapping;
-      bomNSData.dependencies = dependencies;
-      bomNSData.parentComponent = parentComponent;
-      return bomNSData;
-    }
   }
   // gradle
   const gradleFiles = getAllFiles(
@@ -1933,14 +1913,6 @@ export async function createJavaBom(path, options) {
         jarNSMapping = { ...jarNSMapping, ...tmpjarNSMapping };
       }
     }
-    pkgList = await getMvnMetadata(pkgList, jarNSMapping);
-    return buildBomNSData(options, pkgList, "maven", {
-      src: gradleRootPath,
-      filename: gradleFiles.join(", "),
-      nsMapping: jarNSMapping,
-      dependencies,
-      parentComponent,
-    });
   }
 
   // Bazel
@@ -2017,15 +1989,6 @@ export async function createJavaBom(path, options) {
           console.log("Bazel unexpectedly didn't produce any output");
           options.failOnError && process.exit(1);
         }
-        // FIXME: How do we retrieve jarNSMapping for bazel projects?
-        pkgList = await getMvnMetadata(pkgList, jarNSMapping);
-        return buildBomNSData(options, pkgList, "maven", {
-          src: path,
-          filename: "BUILD",
-          nsMapping: {},
-          dependencies,
-          parentComponent,
-        });
       }
     }
   }
@@ -2222,15 +2185,16 @@ export async function createJavaBom(path, options) {
         jarNSMapping = { ...jarNSMapping, ...tmpjarNSMapping };
       }
     }
-    pkgList = await getMvnMetadata(pkgList, jarNSMapping);
-    return buildBomNSData(options, pkgList, "maven", {
-      src: path,
-      filename: sbtProjects.join(", "),
-      nsMapping: jarNSMapping,
-      dependencies,
-      parentComponent,
-    });
   }
+  pkgList = trimComponents(pkgList);
+  pkgList = await getMvnMetadata(pkgList, jarNSMapping);
+  return buildBomNSData(options, pkgList, "maven", {
+    src: path,
+    nsMapping: jarNSMapping,
+    dependencies,
+    parentComponent,
+    tools,
+  });
 }
 
 /**

diff --git a/types/index.d.ts.map b/types/index.d.ts.map
diff --git a/types/utils.d.ts.map b/types/utils.d.ts.map
diff --git a/utils.js b/utils.js
@@ -2878,6 +2878,10 @@ export function executeGradleProperties(dir, rootPath, subProject) {
         console.log(
           "3. Check if the SBOM is generated for the correct root project for your application.",
         );
+      } else if (result.stderr?.includes("Unable to find Git repository")) {
+        console.log(
+          "3. A plugin might be requiring a valid git repository. Retry by cloning this repo or performing 'git init' as a workaround.",
+        );
       }
     }
   }