snyk-mvn-plugin/dist/search.js

Snyk CLI Maven plugin

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.getMavenPackageInfo = getMavenPackageInfo;
const packageurl_js_1 = require("packageurl-js");
const debugLib = require("debug");
const path = require("path");
const debug = debugLib('snyk-mvn-plugin');
const PACKAGE_SEARCH_TYPE = 'maven';
const PACKAGE_SEARCH_ENDPOINT = '/packages';
const PACKAGE_SEARCH_VERSION = '2022-09-21~beta';
async function getMavenPackageInfo(sha1, targetPath, snykHttpClient) {
    const searchResults = await searchMavenPackageByChecksum(sha1, targetPath, snykHttpClient);
    if (searchResults.length == 0) {
        return [fallbackPackageInfo(sha1, targetPath)];
    }
    // try to find a specific package based on file name
    const matchingSearchResults = [];
    if (searchResults.length > 1) {
        const sha1Target = path.parse(targetPath).base;
        debug(`Got multiple results for ${sha1}, looking for match on ${sha1Target}`);
        searchResults.forEach((result) => {
            if (sha1Target.includes(result.groupId)) {
                matchingSearchResults.push(result);
            }
        });
    }
    // if nothing matches found return all search results
    return matchingSearchResults.length === 0
        ? searchResults
        : matchingSearchResults;
}
async function searchMavenPackageByChecksum(sha1, targetPath, snykHttpClient) {
    const { res, body } = await snykHttpClient({
        method: 'get',
        path: PACKAGE_SEARCH_ENDPOINT,
        qs: {
            version: PACKAGE_SEARCH_VERSION,
            package_type: PACKAGE_SEARCH_TYPE,
            package_sha1: sha1,
        },
    });
    if (!res?.statusCode ||
        res?.statusCode >= 400 ||
        !body ||
        body.errors) {
        debug(`Failed to resolve ${targetPath}.`);
        if (body && body.errors) {
            const catalogError = body.errors[0];
            debug(catalogError.detail);
            debug(catalogError.meta.links[0]);
        }
        return [];
    }
    return mapPackageSearchResult(body, sha1, targetPath);
}
function mapPackageSearchResult(body, sha1, targetPath) {
    return body.data
        .map((purl) => {
        try {
            const pkg = packageurl_js_1.PackageURL.fromString(purl.id);
            const fallback = fallbackPackageInfo(sha1, targetPath);
            return {
                groupId: pkg.namespace || fallback.groupId,
                artifactId: pkg.name || fallback.artifactId,
                version: pkg.version || fallback.version,
            };
        }
        catch (_error) {
            debug(`Failed to parse package url components for ${targetPath} using sha1 '${sha1}.`);
            return undefined;
        }
    })
        .filter((mvnPackage) => mvnPackage !== undefined);
}
function fallbackPackageInfo(sha1, targetPath) {
    return {
        groupId: 'unknown',
        artifactId: `${targetPath}:${sha1}`,
        version: 'unknown',
    };
}
//# sourceMappingURL=search.js.map