fix required-only,add girBranch to server (#681)

Signed-off-by: Konstantin Ruzavin <36166921+avgkoster@users.noreply.github.com>

server.js

@@ -1,7 +1,7 @@
 import connect from "connect";
 import http from "node:http";
 import bodyParser from "body-parser";
-import url, { URL } from "node:url";
+import url from "node:url";
 import { spawnSync } from "node:child_process";
 import os from "node:os";
 import fs from "node:fs";
@@ -25,22 +25,39 @@ app.use(
 );
 app.use(compression());
 
-const gitClone = (repoUrl) => {
-  const parsedUrl = new URL(repoUrl);
-
-  const sanitizedRepoUrl = `${parsedUrl.protocol}//${parsedUrl.host}${parsedUrl.pathname}`;
-
+const gitClone = (repoUrl, branch = null) => {
   const tempDir = fs.mkdtempSync(
-    path.join(os.tmpdir(), path.basename(parsedUrl.pathname))
+    path.join(os.tmpdir(), path.basename(repoUrl))
   );
-  console.log("Cloning", sanitizedRepoUrl, "to", tempDir);
-  const result = spawnSync("git", ["clone", repoUrl, "--depth", "1", tempDir], {
-    encoding: "utf-8",
-    shell: false
-  });
-  if (result.status !== 0 || result.error) {
-    console.log(result.error);
+
+  if (branch == null) {
+    console.log("Cloning Repo", "to", tempDir);
+    const result = spawnSync(
+      "git",
+      ["clone", repoUrl, "--depth", "1", tempDir],
+      {
+        encoding: "utf-8",
+        shell: false
+      }
+    );
+    if (result.status !== 0 || result.error) {
+      console.log(result.error);
+    }
+  } else {
+    console.log("Cloning repo with optional branch", "to", tempDir);
+    const result = spawnSync(
+      "git",
+      ["clone", repoUrl, "--branch", branch, "--depth", "1", tempDir],
+      {
+        encoding: "utf-8",
+        shell: false
+      }
+    );
+    if (result.status !== 0 || result.error) {
+      console.log(result.error);
+    }
   }
+
   return tempDir;
 };
 
@@ -65,7 +82,8 @@ const parseQueryString = (q, body, options = {}) => {
     "specVersion",
     "filter",
     "only",
-    "autoCompositions"
+    "autoCompositions",
+    "gitBranch"
   ];
 
   for (const param of queryParams) {
@@ -117,7 +135,7 @@ const start = (options) => {
     res.writeHead(200, { "Content-Type": "application/json" });
     let srcDir = filePath;
     if (filePath.startsWith("http") || filePath.startsWith("git")) {
-      srcDir = gitClone(filePath);
+      srcDir = gitClone(filePath, reqOptions.gitBranch);
       cleanup = true;
     }
     console.log("Generating SBOM for", srcDir);

utils.js

@@ -7222,11 +7222,16 @@ export const addEvidenceForImports = (pkgList, allImports) => {
         ? [name, `${group}/${name}`, `@${group}/${name}`]
         : [name];
     for (const alias of aliases) {
-      if (impPkgs.includes(alias)) {
-        const evidences = allImports[alias];
-        if (evidences) {
-          pkg.scope = "required";
-          let importedModules = new Set();
+      const all_includes = impPkgs.filter(
+        (find_pkg) =>
+          find_pkg.startsWith(alias) &&
+          (find_pkg.length === alias.length || find_pkg[alias.length] === "/")
+      );
+      if (impPkgs.includes(alias) || all_includes.length) {
+        let importedModules = new Set();
+        pkg.scope = "required";
+        for (const subevidence of all_includes) {
+          const evidences = allImports[subevidence];
           for (const evidence of evidences) {
             if (evidence && Object.keys(evidence).length && evidence.fileName) {
               pkg.evidence = pkg.evidence || {};
@@ -7247,14 +7252,14 @@ export const addEvidenceForImports = (pkgList, allImports) => {
               }
             }
           }
-          importedModules = Array.from(importedModules);
-          if (importedModules.length) {
-            pkg.properties = pkg.properties || [];
-            pkg.properties.push({
-              name: "ImportedModules",
-              value: importedModules.join(",")
-            });
-          }
+        }
+        importedModules = Array.from(importedModules);
+        if (importedModules.length) {
+          pkg.properties = pkg.properties || [];
+          pkg.properties.push({
+            name: "ImportedModules",
+            value: importedModules.join(",")
+          });
         }
         break;
       }