Skip to content

Commit

Permalink
WIP: Feature/swift evidence (#1414)
Browse files Browse the repository at this point in the history
* Bundle sourcekitten

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

Update to swift 6.0.1

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

* Tweaks

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

---------

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
  • Loading branch information
prabhu authored Oct 10, 2024
1 parent 479acad commit e9f714d
Show file tree
Hide file tree
Showing 21 changed files with 345 additions and 72 deletions.
7 changes: 5 additions & 2 deletions .github/workflows/nodejs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ jobs:
strategy:
matrix:
os: [windows, macos, ubuntu]
deno_version: [1.x, 2.x]
include:
- os: windows
build: |
Expand All @@ -75,11 +76,13 @@ jobs:
runs-on: ${{ matrix.os }}-latest
steps:
- uses: actions/checkout@v4
- uses: denoland/setup-deno@v1
- uses: denoland/setup-deno@v2
with:
deno-version: v1.x
deno-version: v${{ matrix.deno_version }}
- name: deno compile
run: |
deno info bin/cdxgen.js
deno info bin/evinse.js
mkdir build
${{ matrix.build }}
continue-on-error: true
4 changes: 2 additions & 2 deletions .github/workflows/repotests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,9 @@ jobs:
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- uses: denoland/setup-deno@v1
- uses: denoland/setup-deno@v2
with:
deno-version: v1.x
deno-version: v2.x
- uses: oven-sh/setup-bun@v1
- name: Trim CI agent
run: |
Expand Down
15 changes: 12 additions & 3 deletions ci/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ LABEL maintainer="cyclonedx" \

ARG SWIFT_SIGNING_KEY=52BB7E3DE28A71BE22EC05FFEF80A866B47A981F
ARG SWIFT_PLATFORM=ubi9
ARG SWIFT_BRANCH=swift-6.0-release
ARG SWIFT_VERSION=swift-6.0-RELEASE
ARG SWIFT_BRANCH=swift-6.0.1-release
ARG SWIFT_VERSION=swift-6.0.1-RELEASE
ARG SWIFT_WEBROOT=https://download.swift.org
ARG JAVA_VERSION=23-tem
ARG SBT_VERSION=1.10.2
Expand All @@ -23,6 +23,7 @@ ARG GRADLE_VERSION=8.10
ARG GO_VERSION=1.23.1
ARG NODE_VERSION=22.9.0
ARG PYTHON_VERSION=3.12
ARG SOURCEKITTEN_VERSION=0.36.0

ENV GOPATH=/opt/app-root/go \
JAVA_VERSION=$JAVA_VERSION \
Expand Down Expand Up @@ -112,6 +113,14 @@ RUN set -e; \
&& chmod +x /usr/bin/swift \
&& rm -rf "$GNUPGHOME" swift.tar.gz.sig swift.tar.gz \
&& swift --version \
&& mkdir -p /opt/kitten \
&& curl -L https://github.com/jpsim/SourceKitten/releases/download/${SOURCEKITTEN_VERSION}/SourceKitten-${SOURCEKITTEN_VERSION}.tar.gz -o /opt/kitten/SourceKitten.tar.gz \
&& cd /opt/kitten/ && tar -xvf SourceKitten.tar.gz \
&& cd /opt/kitten/SourceKitten-${SOURCEKITTEN_VERSION} \
&& swift build -c release \
&& cp /opt/kitten/SourceKitten-${SOURCEKITTEN_VERSION}/.build/release/sourcekitten /usr/local/bin/sourcekitten \
&& cd /root && rm -rf /opt/kitten \
&& sourcekitten --help \
&& microdnf install -y epel-release \
&& mkdir -p ${ANDROID_HOME}/cmdline-tools \
&& curl -L https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip -o ${ANDROID_HOME}/cmdline-tools/android_tools.zip \
Expand Down Expand Up @@ -154,4 +163,4 @@ RUN set -e; \
&& rm -rf /var/cache/yum /root/.cache/pypoetry \
&& microdnf clean all

ENTRYPOINT ["node", "/opt/cdxgen/bin/cdxgen.js"]
ENTRYPOINT ["node", "/opt/cdxgen/bin/cdxgen.js"]
4 changes: 2 additions & 2 deletions ci/Dockerfile-bun
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ LABEL maintainer="cyclonedx" \

ARG SWIFT_SIGNING_KEY=52BB7E3DE28A71BE22EC05FFEF80A866B47A981F
ARG SWIFT_PLATFORM=ubi9
ARG SWIFT_BRANCH=swift-6.0-release
ARG SWIFT_VERSION=swift-6.0-RELEASE
ARG SWIFT_BRANCH=swift-6.0.1-release
ARG SWIFT_VERSION=swift-6.0.1-RELEASE
ARG SWIFT_WEBROOT=https://download.swift.org
ARG JAVA_VERSION=23-tem
ARG SBT_VERSION=1.10.2
Expand Down
17 changes: 13 additions & 4 deletions ci/Dockerfile-deno
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,16 @@ LABEL maintainer="cyclonedx" \

ARG SWIFT_SIGNING_KEY=52BB7E3DE28A71BE22EC05FFEF80A866B47A981F
ARG SWIFT_PLATFORM=ubi9
ARG SWIFT_BRANCH=swift-6.0-release
ARG SWIFT_VERSION=swift-6.0-RELEASE
ARG SWIFT_BRANCH=swift-6.0.1-release
ARG SWIFT_VERSION=swift-6.0.1-RELEASE
ARG SWIFT_WEBROOT=https://download.swift.org
ARG JAVA_VERSION=23-tem
ARG SBT_VERSION=1.10.2
ARG MAVEN_VERSION=3.9.9
ARG GRADLE_VERSION=8.10
ARG GO_VERSION=1.23.1
ARG PYTHON_VERSION=3.12
ARG SOURCEKITTEN_VERSION=0.36.0

ENV GOPATH=/opt/app-root/go \
JAVA_VERSION=$JAVA_VERSION \
Expand All @@ -41,7 +42,7 @@ ENV GOPATH=/opt/app-root/go \
ANDROID_HOME=/opt/android-sdk-linux \
JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF-8" \
GLOBAL_NODE_MODULES_PATH=/root/.cache/deno/npm/registry.npmjs.org \
CDXGEN_PLUGINS_DIR=/root/.cache/deno/npm/registry.npmjs.org/@cyclonedx/cdxgen-plugins-bin/1.2.0/plugins \
CDXGEN_PLUGINS_DIR=/root/.cache/deno/npm/registry.npmjs.org/@cyclonedx/cdxgen-plugins-bin/1.6.3/plugins \
SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
SWIFT_PLATFORM=$SWIFT_PLATFORM \
SWIFT_BRANCH=$SWIFT_BRANCH \
Expand Down Expand Up @@ -79,7 +80,7 @@ RUN set -e; \
&& python${PYTHON_VERSION} -m pip install --no-cache-dir --upgrade pip virtualenv \
&& python${PYTHON_VERSION} -m pip install --no-cache-dir --upgrade pipenv poetry blint --target /opt/pypi \
&& curl -fsSL https://deno.land/x/install/install.sh | sh \
&& deno install -g --allow-read --allow-env --allow-run --allow-sys=uid,systemMemoryInfo,gid,homedir --allow-write --allow-net -n cdxgen "npm:@cyclonedx/cdxgen/cdxgen" \
&& deno install -g --allow-read --allow-env --allow-run --allow-sys=uid,systemMemoryInfo,gid,homedir --allow-write --allow-net -n cdxgen --node-modules-dir=auto "npm:@cyclonedx/cdxgen/cdxgen" \
&& deno install -g --allow-read --allow-env --allow-run --allow-sys=uid,systemMemoryInfo,gid,homedir --allow-write -n atom "npm:@appthreat/atom/atom" \
&& deno install -g --allow-read --allow-env --allow-run --allow-sys=uid,systemMemoryInfo,gid,homedir --allow-write -n astgen "npm:@appthreat/atom/astgen" \
&& deno install -g --allow-read --allow-env --allow-run --allow-sys=uid,systemMemoryInfo,gid,homedir --allow-write -n phpastgen "npm:@appthreat/atom/phpastgen" \
Expand Down Expand Up @@ -110,6 +111,14 @@ RUN set -e; \
&& chmod +x /usr/bin/swift \
&& rm -rf "$GNUPGHOME" swift.tar.gz.sig swift.tar.gz \
&& swift --version \
&& mkdir -p /opt/kitten \
&& curl -L https://github.com/jpsim/SourceKitten/releases/download/${SOURCEKITTEN_VERSION}/SourceKitten-${SOURCEKITTEN_VERSION}.tar.gz -o /opt/kitten/SourceKitten.tar.gz \
&& cd /opt/kitten/ && tar -xvf SourceKitten.tar.gz \
&& cd /opt/kitten/SourceKitten-${SOURCEKITTEN_VERSION} \
&& swift build -c release \
&& cp /opt/kitten/SourceKitten-${SOURCEKITTEN_VERSION}/.build/release/sourcekitten /usr/local/bin/sourcekitten \
&& cd /root && rm -rf /opt/kitten \
&& sourcekitten --help \
&& microdnf install -y epel-release \
&& mkdir -p ${ANDROID_HOME}/cmdline-tools \
&& curl -L https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip -o ${ANDROID_HOME}/cmdline-tools/android_tools.zip \
Expand Down
2 changes: 1 addition & 1 deletion deno.json
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
"exclude": ["test/", "data/", "contrib/"]
},
"lock": false,
"nodeModulesDir": true,
"nodeModulesDir": "auto",
"unstable": [],
"test": {
"include": ["*.test.js"]
Expand Down
34 changes: 20 additions & 14 deletions lib/cli/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import {
getOriginUrl,
gitTreeHashes,
listFiles,
runSwiftCommand,
} from "../helpers/envcontext.js";
import {
CARGO_CMD,
Expand Down Expand Up @@ -3158,7 +3159,7 @@ export async function createGoBom(path, options) {
} catch (err) {
maybeBinary = false;
}
if (maybeBinary || options.lifecycle === "post-build") {
if (maybeBinary || options?.lifecycle?.includes("post-build")) {
return createBinaryBom(path, options);
}

Expand Down Expand Up @@ -3558,7 +3559,7 @@ export async function createRustBom(path, options) {
} catch (err) {
maybeBinary = false;
}
if (maybeBinary || options.lifecycle === "post-build") {
if (maybeBinary || options?.lifecycle?.includes("post-build")) {
return createBinaryBom(path, options);
}

Expand Down Expand Up @@ -4342,19 +4343,24 @@ export async function createSwiftBom(path, options) {
continue;
}
let treeData = undefined;
let packageArgs = ["package", "show-dependencies", "--format", "json"];
let swiftCommand = SWIFT_CMD;
if (swiftCommand.startsWith("xcrun")) {
swiftCommand = "xcrun";
packageArgs = ["swift"].concat(packageArgs);
}
if (DEBUG_MODE) {
console.log("Executing 'swift package show-dependencies' in", basePath);
console.log(
`Executing '${swiftCommand} ${packageArgs.join(" ")}' in`,
basePath,
);
}
const result = spawnSync(
SWIFT_CMD,
["package", "show-dependencies", "--format", "json"],
{
cwd: basePath,
encoding: "utf-8",
timeout: TIMEOUT_MS,
maxBuffer: MAX_BUFFER,
},
);
const result = spawnSync(swiftCommand, packageArgs, {
cwd: basePath,
encoding: "utf-8",
timeout: TIMEOUT_MS,
maxBuffer: MAX_BUFFER,
});
if (result.status === 0 && result.stdout) {
completedPath.push(basePath);
treeData = Buffer.from(result.stdout).toString();
Expand Down Expand Up @@ -4974,7 +4980,7 @@ export async function createCsharpBom(path, options) {
let manifestFiles = [];
let pkgData = undefined;
let dependencies = [];
if (options.lifecycle === "post-build") {
if (options?.lifecycle?.includes("post-build")) {
return createBinaryBom(path, options);
}
let parentComponent = createDefaultParentComponent(path, "nuget", options);
Expand Down
53 changes: 53 additions & 0 deletions lib/evinser/swiftsem.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
// Swift entity kinds
// https://github.com/swiftlang/swift/blob/main/tools/SourceKit/docs/SwiftSupport.txt
const SWIFT_ENTITY_KINDS = {
IMPORT_CLANG: "source.lang.swift.import.module.clang",
IMPORT_SWIFT: "source.lang.swift.import.module.swift",
IMPORT_SOURCE: "source.lang.swift.import.sourcefile",
DECL_EXTN_STRUCT: "source.lang.swift.decl.extension.struct",
DECL_EXTN_CLASS: "source.lang.swift.decl.extension.class",
DECL_EXTN_ENUM: "source.lang.swift.decl.extension.enum",
DECL_FREE: "source.lang.swift.decl.function.free",
REF_FREE: "source.lang.swift.ref.function.free",
DECL_METHOD_INSTANCE: "source.lang.swift.decl.function.method.instance",
REF_METHOD_INSTANCE: "source.lang.swift.ref.function.method.instance",
DECL_METHOD_STATIC: "source.lang.swift.decl.function.method.static",
REF_METHOD_STATIC: "source.lang.swift.ref.function.method.static",
DECL_CONSTRUCTOR: "source.lang.swift.decl.function.constructor",
REF_CONSTRUCTOR: "source.lang.swift.ref.function.constructor",
DECL_DESTRUCTOR: "source.lang.swift.decl.function.destructor",
REF_DESTRUCTOR: "source.lang.swift.ref.function.destructor",
DECL_OPERATOR: "source.lang.swift.decl.function.operator",
REF_OPERATOR: "source.lang.swift.ref.function.operator",
DECL_SUBSCRIPT: "source.lang.swift.decl.function.subscript",
REF_SUBSCRIPT: "source.lang.swift.ref.function.subscript",
DECL_GETTER: "source.lang.swift.decl.function.accessor.getter",
REF_GETTER: "source.lang.swift.ref.function.accessor.getter",
DECL_SETTER: "source.lang.swift.decl.function.accessor.setter",
REF_SETTER: "source.lang.swift.ref.function.accessor.setter",
DECL_CLASS: "source.lang.swift.decl.class",
REF_CLASS: "source.lang.swift.ref.class",
DECL_STRUCT: "source.lang.swift.decl.struct",
REF_STRUCT: "source.lang.swift.ref.struct",
DECL_ENUM: "source.lang.swift.decl.enum",
REF_ENUM: "source.lang.swift.ref.enum",
DECL_ENUM_ELEMENT: "source.lang.swift.decl.enumelement",
REF_ENUM_ELEMENT: "source.lang.swift.ref.enumelement",
DECL_PROTOCOL: "source.lang.swift.decl.protocol",
REF_PROTOCOL: "source.lang.swift.ref.protocol",
DECL_TYPE_ALIAS: "source.lang.swift.decl.typealias",
REF_TYPE_ALIAS: "source.lang.swift.ref.typealias",
DECL_VAR_GLOBAL: "source.lang.swift.decl.var.global",
REF_VAR_GLOBAL: "source.lang.swift.ref.var.global",
DECL_VAR_INSTANCE: "source.lang.swift.decl.var.instance",
REF_VAR_INSTANCE: "source.lang.swift.ref.var.instance",
DECL_VAR_STATIC: "source.lang.swift.decl.var.static",
REF_VAR_STATIC: "source.lang.swift.ref.var.static",
DECL_VAR_LOCAL: "source.lang.swift.decl.var.local",
REF_VAR_LOCAL: "source.lang.swift.ref.var.local",
};
for (const key of Object.keys(SWIFT_ENTITY_KINDS)) {
if (key.toUpperCase() === key) {
SWIFT_ENTITY_KINDS[SWIFT_ENTITY_KINDS[key]] = key;
}
}
63 changes: 54 additions & 9 deletions lib/helpers/envcontext.js
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,12 @@ import {
DOTNET_CMD,
GCC_CMD,
GO_CMD,
MAX_BUFFER,
NODE_CMD,
NPM_CMD,
RUSTC_CMD,
SWIFT_CMD,
TIMEOUT_MS,
getJavaCommand,
getPythonCommand,
isWin,
Expand All @@ -21,13 +24,13 @@ import {
export const GIT_COMMAND = process.env.GIT_CMD || "git";

// sdkman tool aliases
export const SDKMAN_TOOL_ALIASES = {
java8: "8.0.422-tem",
java11: "11.0.24-tem",
java17: "17.0.12-tem",
java21: "21.0.4-tem",
java22: "22.0.2-tem",
java23: "23-tem",
export const SDKMAN_JAVA_TOOL_ALIASES = {
java8: process.env.JAVA8_TOOL || "8.0.422-tem",
java11: process.env.JAVA11_TOOL || "11.0.24-tem",
java17: process.env.JAVA17_TOOL || "17.0.12-tem",
java21: process.env.JAVA21_TOOL || "21.0.4-tem",
java22: process.env.JAVA22_TOOL || "22.0.2-tem",
java23: process.env.JAVA23_TOOL || "23-tem",
};

/**
Expand Down Expand Up @@ -286,6 +289,34 @@ export function collectGoInfo(dir) {
return undefined;
}

/**
* Collect swift version
*
* @param {string} dir Working directory
* @returns Object containing swift details
*/
export function collectSwiftInfo(dir) {
const versionDesc = getCommandOutput(SWIFT_CMD, dir, ["--version"]);
if (versionDesc) {
return {
type: "platform",
name: "swift",
version: versionDesc.trim(),
};
}
return undefined;
}

/**
* Method to run a swift command
*
* @param {string} dir Working directory
* @returns Object containing swift details
*/
export function runSwiftCommand(dir, args) {
return getCommandOutput(SWIFT_CMD, dir, args);
}

export function collectEnvInfo(dir) {
const infoComponents = [];
let cmp = collectJavaInfo(dir);
Expand Down Expand Up @@ -328,10 +359,21 @@ export function collectEnvInfo(dir) {
* @returns String output from the command or undefined in case of error
*/
const getCommandOutput = (cmd, dir, args) => {
const result = spawnSync(cmd, args, {
let commandToUse = cmd;
// If the command includes space, automatically move it to the front of the args.
if (cmd?.trim().includes(" ")) {
const tmpA = cmd.split(" ");
commandToUse = tmpA.shift();
if (args?.length && tmpA.length) {
args = tmpA.concat(args);
}
}
const result = spawnSync(commandToUse, args, {
cwd: dir,
encoding: "utf-8",
shell: isWin,
timeout: TIMEOUT_MS,
maxBuffer: MAX_BUFFER,
});
if (result.status !== 0 || result.error) {
return undefined;
Expand Down Expand Up @@ -431,6 +473,7 @@ export function installSdkmanTool(toolType, toolName) {
{
encoding: "utf-8",
shell: process.env.SHELL || true,
timeout: TIMEOUT_MS,
},
);
if (DEBUG_MODE) {
Expand Down Expand Up @@ -521,6 +564,7 @@ export function getNvmToolDirectory(toolName) {
{
encoding: "utf-8",
shell: process.env.SHELL || true,
timeout: TIMEOUT_MS,
},
);
if (DEBUG_MODE) {
Expand Down Expand Up @@ -555,6 +599,7 @@ export function getOrInstallNvmTool(toolVersion) {
{
encoding: "utf-8",
shell: process.env.SHELL || true,
timeout: TIMEOUT_MS,
},
);

Expand Down Expand Up @@ -585,5 +630,5 @@ export function getOrInstallNvmTool(toolVersion) {
* Retrieve sdkman tool full name
*/
function getSdkmanToolFullname(toolName) {
return SDKMAN_TOOL_ALIASES[toolName] || toolName;
return SDKMAN_JAVA_TOOL_ALIASES[toolName] || toolName;
}
Loading

0 comments on commit e9f714d

Please sign in to comment.