From 3aa81b5e9675db22c27963ce77df5cc49a884ef9 Mon Sep 17 00:00:00 2001 From: Nikemare <102925451+Nikemare@users.noreply.github.com> Date: Fri, 20 Oct 2023 08:06:04 +0200 Subject: [PATCH] Improved detection for standalone jar files (#652) if group is empty use name as group try to fetch metadata from maven (including licence information) Signed-off-by: Nikemare <102925451+Nikemare@users.noreply.github.com> --- index.js | 17 ++++++++++------- utils.js | 7 ++----- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/index.js b/index.js index 8ddde63e1..13e9e98b8 100644 --- a/index.js +++ b/index.js @@ -1053,7 +1053,7 @@ const buildBomNSData = (options, pkgInfo, ptype, context) => { * @param path to the project * @param options Parse options from the cli */ -export const createJarBom = (path, options) => { +export const createJarBom = async (path, options) => { let pkgList = []; let jarFiles = []; let nsMapping = {}; @@ -1094,6 +1094,9 @@ export const createJarBom = (path, options) => { if (dlist && dlist.length) { pkgList = pkgList.concat(dlist); } + if (pkgList.length) { + pkgList = await getMvnMetadata(pkgList); + } } // Clean up if (tempDir && tempDir.startsWith(tmpdir()) && rmSync) { @@ -4729,7 +4732,7 @@ export const createMultiXBom = async (pathList, options) => { } // Jar scanning is enabled by default // See #330 - bomData = createJarBom(path, options); + bomData = await createJarBom(path, options); if ( bomData && bomData.bomJson && @@ -4755,7 +4758,7 @@ export const createMultiXBom = async (pathList, options) => { } } // for if (options.lastWorkingDir && options.lastWorkingDir !== "") { - bomData = createJarBom(options.lastWorkingDir, options); + bomData = await createJarBom(options.lastWorkingDir, options); if ( bomData && bomData.bomJson && @@ -5229,20 +5232,20 @@ export const createBom = async (path, options) => { case "sbt": return await createJavaBom(path, options); case "jar": - return createJarBom(path, options); + return await createJarBom(path, options); case "gradle-index": case "gradle-cache": options.useGradleCache = true; - return createJarBom(GRADLE_CACHE_DIR, options); + return await createJarBom(GRADLE_CACHE_DIR, options); case "sbt-index": case "sbt-cache": options.useSbtCache = true; - return createJarBom(SBT_CACHE_DIR, options); + return await createJarBom(SBT_CACHE_DIR, options); case "maven-index": case "maven-cache": case "maven-repo": options.useMavenCache = true; - return createJarBom( + return await createJarBom( process.env.MAVEN_CACHE_DIR || join(homedir(), ".m2", "repository"), options ); diff --git a/utils.js b/utils.js index 4132f83c7..504541b42 100644 --- a/utils.js +++ b/utils.js @@ -6299,11 +6299,8 @@ export const extractJarArchive = function ( } } if (name && version) { - // If group and name are the same we only need the name - if (group == name) { - group = ""; - } - group = group === "." ? "" : encodeForPurl(group || "") || ""; + // if group is empty use name as group + group = encodeForPurl(group === "." ? name : group || name) || ""; let apkg = { group, name: name ? encodeForPurl(name) : "",