From dca4ddf084cd598ccd54c8264794b0e7721c759f Mon Sep 17 00:00:00 2001 From: pgahlaut994 Date: Sun, 31 Dec 2023 13:39:14 +0530 Subject: [PATCH 1/3] Removed IDE Specific files --- nbactions.xml | 71 --------------------------------------------------- 1 file changed, 71 deletions(-) delete mode 100644 nbactions.xml diff --git a/nbactions.xml b/nbactions.xml deleted file mode 100644 index cbf2c11..0000000 --- a/nbactions.xml +++ /dev/null @@ -1,71 +0,0 @@ - - - - run - - jar - - - process-classes - org.codehaus.mojo:exec-maven-plugin:3.0.0:exec - - - - ${exec.vmArgs} -classpath %classpath ${exec.mainClass} ${exec.appArgs} - scan - com.phsyberdome.drona.Drona - java - - - - - debug - - jar - - - process-classes - org.codehaus.mojo:exec-maven-plugin:3.0.0:exec - - - -agentlib:jdwp=transport=dt_socket,server=n,address=${jpda.address} - ${exec.vmArgs} -classpath %classpath ${exec.mainClass} ${exec.appArgs} - scan - com.phsyberdome.drona.Drona - java - true - C:\Users\pgahl\OneDrive\Desktop\NITC Waste Management\Backend - - - - - profile - - jar - - - process-classes - org.codehaus.mojo:exec-maven-plugin:3.0.0:exec - - - - ${exec.vmArgs} -classpath %classpath ${exec.mainClass} ${exec.appArgs} - com.phsyberdome.drona.Drona - java - C:\Users\pgahl\OneDrive\Desktop\NITC Waste Management\Backend - scan - - - - build - - * - - - install - - - true - - - From 93cbb7aec834f2aace1a941a50313555b2440ff7 Mon Sep 17 00:00:00 2001 From: pgahlaut994 Date: Sun, 31 Dec 2023 18:04:14 +0530 Subject: [PATCH 2/3] Bug fixes (printing Tree, Maven plugin) --- .gitignore | 1 + README.md | 9 +++++---- pom.xml | 2 +- src/main/java/com/phsyberdome/drona/CLIHelper.java | 2 -- src/main/java/com/phsyberdome/drona/Configuration.java | 4 +++- .../com/phsyberdome/drona/Plugins/JavaMavenPlugin.java | 10 ++++++++-- .../java/com/phsyberdome/drona/Utils/JSONHelper.java | 3 ++- .../java/com/phsyberdome/drona/Utils/PomReader.java | 2 +- 8 files changed, 21 insertions(+), 12 deletions(-) diff --git a/.gitignore b/.gitignore index 09f69c8..47831bb 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ jshell.history /nbproject/ /target-old/ nbactions.xml +nb-configuration.xml diff --git a/README.md b/README.md index b33edcd..06fb6c6 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ A command line tool to scan the dependencies of a project and detect their Licenses. I wrote this while building an SCA Tool. -The tool scans the metadata file (e.g. pom.xml for maven based projects and package.json for npm) and creates a dependency tree detecting the direct as well as transitive dependencies. The license (if found) is analyzed and matched with the licenses in the SPDX License Database using methods of NLP. The motivation for the algorithm of license detection is taken from [Link](https://github.com/go-enry/go-license-detector). +The tool scans the metadata file (e.g. pom.xml for maven based projects and package.json for npm) and creates a dependency tree resolving the direct as well as transitive dependencies. The license (if found) is analyzed and matched with the licenses in the SPDX License Database using methods of NLP. The motivation for the algorithm of license detection is taken from [Link](https://github.com/go-enry/go-license-detector). ![SAMPLE_IMAGE](./images/npm-scan-result.jpg) @@ -17,6 +17,7 @@ The tool scans the metadata file (e.g. pom.xml for maven based projects and pack - [X] License Detection through License files - [ ] License Detection through README files (If no License file is found in the package) - [X] Supports scanning remote public repo +- [X] Supports scanning packages (zip/jar/tgz) - [ ] Export report as XML/JSON ### Supported package/project managers @@ -36,7 +37,7 @@ The tool scans the metadata file (e.g. pom.xml for maven based projects and pack ## Build -Build the jar package using Maven +Build the jar package with Maven ``` mvn -DskipTests package ``` @@ -48,9 +49,9 @@ To scan a local project java -jar scan -src ``` -To scan a remote repository +To scan a remote repository/package ``` -java -jar monitor -src +java -jar monitor -src ``` ## CONTRIBUTING diff --git a/pom.xml b/pom.xml index 603c2dd..33435c0 100644 --- a/pom.xml +++ b/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.phsyberdome phsyberdome-sca-cli - 1.0 + 1.0.1-beta jar diff --git a/src/main/java/com/phsyberdome/drona/CLIHelper.java b/src/main/java/com/phsyberdome/drona/CLIHelper.java index 5e2691e..008901c 100644 --- a/src/main/java/com/phsyberdome/drona/CLIHelper.java +++ b/src/main/java/com/phsyberdome/drona/CLIHelper.java @@ -149,12 +149,10 @@ public static void printDivider(Color color) { } public static void printLine(String data, Color color) { - updateCurrentLine("", color); System.out.println(ansi().fg(color).a(data).reset()); } public static void print(String data, Color color) { - updateCurrentLine("", color); System.out.print(ansi().fg(color).a(data).reset()); } diff --git a/src/main/java/com/phsyberdome/drona/Configuration.java b/src/main/java/com/phsyberdome/drona/Configuration.java index d564f1b..c946c67 100644 --- a/src/main/java/com/phsyberdome/drona/Configuration.java +++ b/src/main/java/com/phsyberdome/drona/Configuration.java @@ -12,6 +12,8 @@ import java.nio.file.Paths; import java.util.logging.Level; import java.util.logging.Logger; +import org.fusesource.jansi.Ansi; +import org.fusesource.jansi.Ansi.Color; /** * @@ -95,7 +97,7 @@ private void readConfigFile(String filename) { Logger.getLogger(Configuration.class.getName()).log(Level.SEVERE, "UNABLE TO READ CONFIG FILE", ex); } }else { - Logger.getLogger(Configuration.class.getName()).log(Level.SEVERE, "No config file found!"); + CLIHelper.printLine("No config file found!",Color.CYAN); } } diff --git a/src/main/java/com/phsyberdome/drona/Plugins/JavaMavenPlugin.java b/src/main/java/com/phsyberdome/drona/Plugins/JavaMavenPlugin.java index 33cb457..bd475b3 100644 --- a/src/main/java/com/phsyberdome/drona/Plugins/JavaMavenPlugin.java +++ b/src/main/java/com/phsyberdome/drona/Plugins/JavaMavenPlugin.java @@ -62,7 +62,7 @@ public void readModules() { File file = FileUtil.searchFile(Configuration.getConfiguration().getBasePath().toFile(), "(.*\\.(pom|POM))|(pom\\.(xml|XML))"); if(file == null) { CLIHelper.updateCurrentLine("pom file not found in project",Ansi.Color.RED); - + return; } Path path = file.toPath(); @@ -73,6 +73,11 @@ public void readModules() { CLIHelper.updateCurrentLine("Couldn't read pom file",Ansi.Color.RED); return; } + String rootArtifactId = PomReader.extractAttributeFromNode(doc.getDocumentElement(), "artifactId"); + String rootGroupId = PomReader.extractAttributeFromNode(doc.getDocumentElement(), "groupId"); + String rootVersion = PomReader.extractAttributeFromNode(doc.getDocumentElement(), "version"); + Module root = new Module(rootArtifactId,rootVersion); + NodeList list = doc.getElementsByTagName("dependency"); for(int i=0;i Date: Sun, 31 Dec 2023 18:14:56 +0530 Subject: [PATCH 3/3] Added few console Info messages --- src/main/java/com/phsyberdome/drona/Configuration.java | 1 + src/main/java/com/phsyberdome/drona/Drona.java | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/src/main/java/com/phsyberdome/drona/Configuration.java b/src/main/java/com/phsyberdome/drona/Configuration.java index c946c67..9519f0f 100644 --- a/src/main/java/com/phsyberdome/drona/Configuration.java +++ b/src/main/java/com/phsyberdome/drona/Configuration.java @@ -98,6 +98,7 @@ private void readConfigFile(String filename) { } }else { CLIHelper.printLine("No config file found!",Color.CYAN); + CLIHelper.printDivider(Color.YELLOW); } } diff --git a/src/main/java/com/phsyberdome/drona/Drona.java b/src/main/java/com/phsyberdome/drona/Drona.java index e63d86d..d700113 100644 --- a/src/main/java/com/phsyberdome/drona/Drona.java +++ b/src/main/java/com/phsyberdome/drona/Drona.java @@ -83,7 +83,13 @@ private static void monitor(String url) { CLIHelper.printLine("INVALID URL TO SCAN!", Color.RED); return; } + CLIHelper.updateCurrentLine("Downloading repository/package...", Color.YELLOW); Path targetPath = FileUtil.getFilePathFromURL(url, Configuration.getConfiguration().getCloneLocation().toString()); + if(targetPath==null){ + return; + } + CLIHelper.updateCurrentLine("", Color.BLUE); + CLIHelper.printLine("Downloaded repository/package", Color.BLUE); scan(targetPath.toString(), null); }