Feature/mac m1 (#13)

* darwin arm64 package Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com> * Move upx to the script Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com> --------- Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
CycloneDX · Jan 30, 2024 · d4b5d4e · d4b5d4e
1 parent 5712362
commit d4b5d4e
Show file tree

Hide file tree

Showing 32 changed files with 278 additions and 96 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -12,16 +12,16 @@ jobs:
       contents: read
       packages: write
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Use Node.js
-      uses: actions/setup-node@v3
+      uses: actions/setup-node@v4
       with:
         node-version: 20.x
         registry-url: https://registry.npmjs.org/
-    - uses: actions/setup-go@v3
+    - uses: actions/setup-go@v5
       with:
         go-version: '^1.19.8'
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with:
         path: |
           ~/.cache/go-build
@@ -31,10 +31,10 @@ jobs:
           ${{ runner.os }}-go-
     - name: Release
       run: |
-        wget https://github.com/upx/upx/releases/download/v4.2.1/upx-4.2.1-amd64_linux.tar.xz
-        tar -xvf upx-4.2.1-amd64_linux.tar.xz
-        chmod +x upx-4.2.1-amd64_linux/upx
-        sudo cp upx-4.2.1-amd64_linux/upx /usr/local/bin/
+        wget https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-amd64_linux.tar.xz
+        tar -xvf upx-4.2.2-amd64_linux.tar.xz
+        chmod +x upx-4.2.2-amd64_linux/upx
+        sudo cp upx-4.2.2-amd64_linux/upx /usr/local/bin/
         npm config set //npm.pkg.github.com/:_authToken=$GITHUB_TOKEN
         npm config set //registry.npmjs.org/:_authToken=$NPMJS_AUTH_TOKEN
         bash build.sh
@@ -50,7 +50,21 @@ jobs:
         npm publish --access=public --@cyclonedx:registry='https://registry.npmjs.org'
         popd
 
-        pushd packages/arm64
+        pushd packages/linux-arm64
+        echo "cyclonedx:registry=https://npm.pkg.github.com" > ~/.npmrc
+        npm publish --access=public --@cyclonedx:registry='https://npm.pkg.github.com'
+        echo "cyclonedx:registry=https://registry.npmjs.org" > ~/.npmrc
+        npm publish --access=public --@cyclonedx:registry='https://registry.npmjs.org'
+        popd
+
+        pushd packages/windows-arm64
+        echo "cyclonedx:registry=https://npm.pkg.github.com" > ~/.npmrc
+        npm publish --access=public --@cyclonedx:registry='https://npm.pkg.github.com'
+        echo "cyclonedx:registry=https://registry.npmjs.org" > ~/.npmrc
+        npm publish --access=public --@cyclonedx:registry='https://registry.npmjs.org'
+        popd
+
+        pushd packages/darwin-arm64
         echo "cyclonedx:registry=https://npm.pkg.github.com" > ~/.npmrc
         npm publish --access=public --@cyclonedx:registry='https://npm.pkg.github.com'
         echo "cyclonedx:registry=https://registry.npmjs.org" > ~/.npmrc

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -10,19 +10,19 @@ jobs:
       contents: read
       packages: write
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Use Node.js
-      uses: actions/setup-node@v3
+      uses: actions/setup-node@v4
       with:
         node-version: 20.x
         registry-url: https://registry.npmjs.org/
-    - uses: actions/setup-go@v3
+    - uses: actions/setup-go@v5
       with:
         go-version: '^1.19.8'
-    - uses: actions/setup-python@v4
+    - uses: actions/setup-python@v5
       with:
-        python-version: '3.10'
-    - uses: actions/cache@v3
+        python-version: '3.11'
+    - uses: actions/cache@v4
       with:
         path: |
           ~/.cache/go-build
@@ -32,21 +32,54 @@ jobs:
           ${{ runner.os }}-go-
     - name: Build
       run: |
-        wget https://github.com/upx/upx/releases/download/v4.2.1/upx-4.2.1-amd64_linux.tar.xz
-        tar -xvf upx-4.2.1-amd64_linux.tar.xz
-        chmod +x upx-4.2.1-amd64_linux/upx
-        sudo cp upx-4.2.1-amd64_linux/upx /usr/local/bin/
+        wget https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-amd64_linux.tar.xz
+        tar -xvf upx-4.2.2-amd64_linux.tar.xz
+        chmod +x upx-4.2.2-amd64_linux/upx
+        sudo cp upx-4.2.2-amd64_linux/upx /usr/local/bin/
         bash build.sh
         pip3 install blint
         blint -i plugins -o /tmp/reports
         npm publish --dry-run
         pushd packages/windows-amd64
         npm publish --dry-run
         popd
-        pushd packages/arm64
+        pushd packages/linux-arm64
+        npm publish --dry-run
+        popd
+        pushd packages/windows-arm64
+        npm publish --dry-run
+        popd
+        pushd packages/darwin-arm64
         npm publish --dry-run
         popd
         pushd packages/ppc64
         npm publish --dry-run
         popd
-      continue-on-error: true
+  winpkg:
+    runs-on: windows-latest
+    permissions:
+      contents: read
+    steps:
+    - uses: actions/checkout@v4
+    - name: Use Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: 20.x
+        registry-url: https://registry.npmjs.org/
+    - uses: actions/setup-go@v5
+      with:
+        go-version: '^1.19.8'
+    - uses: actions/setup-python@v5
+      with:
+        python-version: '3.11'
+    - uses: actions/cache@v4
+      with:
+        path: |
+          ~/.cache/go-build
+          ~/go/pkg/mod
+        key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+        restore-keys: |
+          ${{ runner.os }}-go-
+    - name: Build
+      run: |
+        .\build.ps1
diff --git a/build.ps1 b/build.ps1
@@ -3,13 +3,14 @@ New-Item -ItemType Directory -Path plugins\cargo-auditable -Force
 New-Item -ItemType Directory -Path plugins\osquery -Force
 New-Item -ItemType Directory -Path plugins\dosai -Force
 
-Invoke-WebRequest -Uri https://github.com/upx/upx/releases/download/v4.2.1/upx-4.2.1-win64.zip -UseBasicParsing -OutFile upx-4.2.1-win64.zip
-Expand-Archive -Path upx-4.2.1-win64.zip -DestinationPath . -Force
+Invoke-WebRequest -Uri https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-win64.zip -UseBasicParsing -OutFile upx-4.2.2-win64.zip
+Expand-Archive -Path upx-4.2.2-win64.zip -DestinationPath . -Force
 
-Invoke-WebRequest -Uri https://github.com/osquery/osquery/releases/download/5.10.2/osquery-5.10.2.windows_x86_64.zip -UseBasicParsing -OutFile osquery-5.10.2.windows_x86_64.zip
-Expand-Archive -Path osquery-5.10.2.windows_x86_64.zip -DestinationPath . -Force
-copy "osquery-5.10.2.windows_x86_64\Program Files\osquery\osqueryi.exe" plugins\osquery\osqueryi-windows-amd64.exe
-upx-4.2.1-win64\upx.exe -9 --lzma plugins\osquery\osqueryi-windows-amd64.exe
+Invoke-WebRequest -Uri https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0.windows_x86_64.zip -UseBasicParsing -OutFile osquery-5.11.0.windows_x86_64.zip
+Expand-Archive -Path osquery-5.11.0.windows_x86_64.zip -DestinationPath . -Force
+copy "osquery-5.11.0.windows_x86_64\Program Files\osquery\osqueryi.exe" plugins\osquery\osqueryi-windows-amd64.exe
+upx-4.2.2-win64\upx.exe -9 --lzma plugins\osquery\osqueryi-windows-amd64.exe
+plugins\osquery\osqueryi-windows-amd64.exe --help
 
 Invoke-WebRequest -Uri https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai.exe -UseBasicParsing -OutFile plugins/dosai/dosai-windows-amd64.exe
 
@@ -19,28 +20,28 @@ set GOARCH=amd64
 New-Item -ItemType Directory -Path plugins\goversion -Force
 cd thirdparty\goversion
 go build -ldflags "-H=windowsgui -s -w" -o build\goversion-windows-amd64.exe
-..\..\upx-4.2.1-win64\upx.exe -9 --lzma build\goversion-windows-amd64.exe
+..\..\upx-4.2.2-win64\upx.exe -9 --lzma build\goversion-windows-amd64.exe
 copy build\* ..\..\plugins\goversion\
 Remove-Item build -Recurse -Force
 cd ..\..
 
 New-Item -ItemType Directory -Path plugins\cargo-auditable -Force
 cd thirdparty\cargo-auditable
 go build -ldflags "-H=windowsgui -s -w" -o build\cargo-auditable-windows-amd64.exe
-..\..\upx-4.2.1-win64\upx.exe -9 --lzma build\cargo-auditable-windows-amd64.exe
+..\..\upx-4.2.2-win64\upx.exe -9 --lzma build\cargo-auditable-windows-amd64.exe
 copy build\* ..\..\plugins\cargo-auditable\
 Remove-Item build -Recurse -Force
 cd ..\..
 
 New-Item -ItemType Directory -Path plugins\trivy -Force
 cd thirdparty\trivy
 go build -ldflags "-H=windowsgui -s -w" -o build\trivy-windows-amd64.exe
-..\..\upx-4.2.1-win64\upx.exe -9 --lzma build\trivy-windows-amd64.exe
+..\..\upx-4.2.2-win64\upx.exe -9 --lzma build\trivy-windows-amd64.exe
 copy build\* ..\..\plugins\trivy\
 Remove-Item build -Recurse -Force
 cd ..\..
 
-Remove-Item osquery-5.10.2.windows_x86_64 -Recurse -Force
-Remove-Item osquery-5.10.2.windows_x86_64.zip -Recurse -Force
-Remove-Item upx-4.2.1-win64 -Recurse -Force
-Remove-Item upx-4.2.1-win64.zip -Recurse -Force
+Remove-Item osquery-5.11.0.windows_x86_64 -Recurse -Force
+Remove-Item osquery-5.11.0.windows_x86_64.zip -Recurse -Force
+Remove-Item upx-4.2.2-win64 -Recurse -Force
+Remove-Item upx-4.2.2-win64.zip -Recurse -Force
diff --git a/build.sh b/build.sh
@@ -7,13 +7,13 @@ rm -rf plugins/osquery
 rm -rf plugins/dosai
 mkdir -p plugins/osquery plugins/dosai
 
-wget https://github.com/osquery/osquery/releases/download/5.10.2/osquery-5.10.2_1.linux_x86_64.tar.gz
-tar -xvf osquery-5.10.2_1.linux_x86_64.tar.gz
+wget https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0_1.linux_x86_64.tar.gz
+tar -xvf osquery-5.11.0_1.linux_x86_64.tar.gz
 cp opt/osquery/bin/osqueryd plugins/osquery/osqueryi-linux-amd64
 upx -9 --lzma plugins/osquery/osqueryi-linux-amd64
 sha256sum plugins/osquery/osqueryi-linux-amd64 > plugins/osquery/osqueryi-linux-amd64.sha256
 rm -rf etc usr var opt
-rm osquery-5.10.2_1.linux_x86_64.tar.gz
+rm osquery-5.11.0_1.linux_x86_64.tar.gz
 
 curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai -o plugins/dosai/dosai-linux-amd64
 chmod +x plugins/dosai/dosai-linux-amd64
@@ -31,12 +31,15 @@ do
 done
 
 ./plugins/osquery/osqueryi-linux-amd64 --help
+upx -9 --lzma ./plugins/goversion/goversion-linux-amd64
 ./plugins/goversion/goversion-linux-amd64
+upx -9 --lzma ./plugins/trivy/trivy-cdxgen-linux-amd64
 ./plugins/trivy/trivy-cdxgen-linux-amd64 -v
+upx -9 --lzma ./plugins/cargo-auditable/cargo-auditable-cdxgen-linux-amd64
 ./plugins/cargo-auditable/cargo-auditable-cdxgen-linux-amd64
 ./plugins/dosai/dosai-linux-amd64 --help
 
-for flavours in windows-amd64 arm64 ppc64
+for flavours in windows-amd64 linux-arm64 windows-arm64 darwin-arm64 ppc64
 do
     chmod +x packages/$flavours/build-$flavours.sh
     pushd packages/$flavours

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin",
-  "version": "1.5.4",
+  "version": "1.5.5",
   "description": "Binary plugins to supercharge @cyclonedx/cdxgen npm package",
   "main": "index.js",
   "repository": {

diff --git a/packages/arm64/build-arm64.sh b/packages/arm64/build-arm64.sh
diff --git a/packages/darwin-arm64/build-darwin-arm64.sh b/packages/darwin-arm64/build-darwin-arm64.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+rm -rf plugins/goversion
+rm -rf plugins/trivy
+rm -rf plugins/cargo-auditable
+rm -rf plugins/osquery
+rm -rf plugins/dosai
+mkdir -p plugins/osquery plugins/dosai
+
+curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai -o plugins/dosai/dosai-darwin-arm64
+chmod +x plugins/dosai/dosai-darwin-arm64
+sha256sum plugins/dosai/dosai-darwin-arm64 > plugins/dosai/dosai-darwin-arm64.sha256
+
+for plug in goversion trivy cargo-auditable
+do
+    mkdir -p plugins/$plug
+    mv ../../plugins/$plug/*darwin-arm64* plugins/$plug/
+done
diff --git a/packages/arm64/index.js → packages/darwin-arm64/index.js b/packages/arm64/index.js → packages/darwin-arm64/index.js
diff --git a/packages/darwin-arm64/package.json b/packages/darwin-arm64/package.json
@@ -0,0 +1,34 @@
+{
+  "name": "@cyclonedx/cdxgen-plugins-bin-darwin-arm64",
+  "version": "1.5.5",
+  "description": "Arm64 binary plugins to supercharge @cyclonedx/cdxgen npm package",
+  "main": "index.js",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/cyclonedx/cdxgen-plugins-bin.git"
+  },
+  "keywords": [
+    "cdxgen",
+    "sbom",
+    "bom",
+    "plugins",
+    "dependency",
+    "appsec"
+  ],
+  "author": "Prabhu Subramanian <prabhu@appthreat.com>",
+  "license": "Apache-2.0",
+  "bugs": {
+    "url": "https://github.com/cyclonedx/cdxgen-plugins-bin/issues"
+  },
+  "homepage": "https://github.com/cyclonedx/cdxgen-plugins-bin#readme",
+  "files": [
+    "*.js",
+    "plugins/"
+  ],
+  "os": [
+    "darwin"
+  ],
+  "cpu": [
+    "arm64"
+  ]
+}
diff --git a/packages/arm64/plugins/.gitignore → packages/darwin-arm64/plugins/.gitignore b/packages/arm64/plugins/.gitignore → packages/darwin-arm64/plugins/.gitignore
diff --git a/packages/arm64/plugins/.gitkeep → packages/darwin-arm64/plugins/.gitkeep b/packages/arm64/plugins/.gitkeep → packages/darwin-arm64/plugins/.gitkeep
diff --git a/packages/arm64/plugins/.npmignore → packages/darwin-arm64/plugins/.npmignore b/packages/arm64/plugins/.npmignore → packages/darwin-arm64/plugins/.npmignore
diff --git a/packages/linux-arm64/build-linux-arm64.sh b/packages/linux-arm64/build-linux-arm64.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+rm -rf plugins/goversion
+rm -rf plugins/trivy
+rm -rf plugins/cargo-auditable
+rm -rf plugins/osquery
+rm -rf plugins/dosai
+mkdir -p plugins/osquery plugins/dosai
+
+wget https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0_1.linux_aarch64.tar.gz
+tar -xvf osquery-5.11.0_1.linux_aarch64.tar.gz
+cp opt/osquery/bin/osqueryd plugins/osquery/osqueryi-linux-arm64
+upx -9 --lzma plugins/osquery/osqueryi-linux-arm64
+sha256sum plugins/osquery/osqueryi-linux-arm64 > plugins/osquery/osqueryi-linux-arm64.sha256
+rm -rf etc usr var opt
+rm osquery-5.11.0_1.linux_aarch64.tar.gz
+
+curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai-linux-arm64 -o plugins/dosai/dosai-linux-arm64
+chmod +x plugins/dosai/dosai-linux-arm64
+sha256sum plugins/dosai/dosai-linux-arm64 > plugins/dosai/dosai-linux-arm64.sha256
+
+for plug in goversion trivy cargo-auditable
+do
+    mkdir -p plugins/$plug
+    mv ../../plugins/$plug/*linux-arm64* plugins/$plug/
+    upx -9 --lzma plugins/$plug/*linux-arm64* || true
+done
diff --git a/packages/linux-arm64/index.js b/packages/linux-arm64/index.js
@@ -0,0 +1,8 @@
+// Debug mode flag
+const DEBUG_MODE =
+  process.env.CDXGEN_DEBUG_MODE === "debug" ||
+  process.env.NODE_ENV === "development";
+
+if (DEBUG_MODE) {
+  console.log("cdxgen plugins check");
+}