UNPKG

@cyclonedx/cdxgen

Version:

Creates CycloneDX Software Bill of Materials (SBOM) from source or container image

github.com/cdxgen/cdxgen

cdxgen/cdxgen

70 lines (61 loc) 2.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
function toProperties(propertiesOrObject) { if (Array.isArray(propertiesOrObject)) { return propertiesOrObject; } if (Array.isArray(propertiesOrObject?.properties)) { return propertiesOrObject.properties; } return []; } export function getPropertyValue(propertiesOrObject, propertyName) { return toProperties(propertiesOrObject).find( (property) => property?.name === propertyName, )?.value; } function hasPropertyValue(propertiesOrObject, propertyName, valuePredicate) { const propertyValue = getPropertyValue(propertiesOrObject, propertyName); if (typeof valuePredicate === "function") { return valuePredicate(propertyValue); } return propertyValue === valuePredicate; } function isFileComponent(component) { return component?.type === "file"; } function isCryptographicAssetComponent(component) { return component?.type === "cryptographic-asset"; } export function getUnpackagedExecutableComponents(components = []) { return (components || []).filter( (component) => isFileComponent(component) && hasPropertyValue(component, "internal:is_executable", "true"), ); } export function getUnpackagedSharedLibraryComponents(components = []) { return (components || []).filter( (component) => isFileComponent(component) && hasPropertyValue(component, "internal:is_shared_library", "true"), ); } export function getSourceDerivedCryptoComponents(components = []) { return (components || []).filter( (component) => isCryptographicAssetComponent(component) && hasPropertyValue(component, "cdx:crypto:sourceType", (propertyValue) => propertyValue?.startsWith("js-ast:"), ), ); } export function getContainerFileInventoryStats(components = []) { const unpackagedExecutables = getUnpackagedExecutableComponents(components); const unpackagedSharedLibraries = getUnpackagedSharedLibraryComponents(components); return { unpackagedExecutables, unpackagedSharedLibraries, unpackagedExecutableCount: unpackagedExecutables.length, unpackagedSharedLibraryCount: unpackagedSharedLibraries.length, }; }