From 2c9a23f885651ede72672a35cbb80770b653b80d Mon Sep 17 00:00:00 2001 From: Michael <129034281+misl-smlz@users.noreply.github.com> Date: Fri, 29 Sep 2023 06:46:48 +0200 Subject: [PATCH] fix: remove purl decoding (#590) * fix: remove purl decoding this breaks PackageURL.fromString from packageurl-js when the version contains e.g. a + Signed-off-by: Michael Seele * chore: add a few rust repotests Signed-off-by: Michael Seele --------- Signed-off-by: Michael Seele Signed-off-by: Adam Setch --- .github/workflows/repotests.yml | 22 ++++++++++++++++++++++ index.js | 1 - utils.test.js | 2 +- 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/.github/workflows/repotests.yml b/.github/workflows/repotests.yml index 889aef0a3..34fde3b6e 100644 --- a/.github/workflows/repotests.yml +++ b/.github/workflows/repotests.yml @@ -122,6 +122,23 @@ jobs: with: repository: 'home-assistant/android' path: 'repotests/ha-android' + - uses: actions/checkout@v4 + with: + repository: 'rust-lang/rust' + path: 'repotests/rs-rust' + - uses: actions/checkout@v4 + with: + repository: 'rust-lang/cargo' + path: 'repotests/rs-cargo' + - uses: actions/checkout@v4 + with: + repository: 'Keats/validator' + path: 'repotests/rs-validator' + - uses: actions/checkout@v4 + with: + repository: 'tokio-rs/axum' + path: 'repotests/rs-axum' + - uses: dtolnay/rust-toolchain@stable - name: repotests run: | bin/cdxgen.js -p -r -t java repotests/shiftleft-java-example -o bomresults/bom-java.json --generate-key-and-sign @@ -153,6 +170,11 @@ jobs: cd repotests/ha-android && ./gradlew assembleDebug || true && cd ../.. bin/cdxgen.js -r -t java repotests/ha-android -o bomresults/bom-android.json CDXGEN_DEBUG_MODE=debug bin/evinse.js -i bomresults/bom-android.json -o bomresults/bom-android.evinse.json -l java repotests/ha-android + bin/cdxgen.js -r -t rust repotests/rs-rust -o bomresults/bom-rs-rust.json --validate + bin/cdxgen.js -r -t rust repotests/rs-cargo -o bomresults/bom-rs-cargo.json --validate + cargo generate-lockfile --manifest-path repotests/rs-validator/validator/Cargo.toml + bin/cdxgen.js -r -t rust repotests/rs-validator -o bomresults/bom-rs-validator.json --validate + bin/cdxgen.js -r -t rust repotests/rs-axum -o bomresults/bom-rs-axum.json --validate # mkdir -p jenkins # wget https://updates.jenkins.io/download/plugins/sonar/2.14/sonar.hpi # wget https://updates.jenkins.io/download/plugins/bouncycastle-api/2.26/bouncycastle-api.hpi diff --git a/index.js b/index.js index f1466cc37..f5b77af99 100644 --- a/index.js +++ b/index.js @@ -686,7 +686,6 @@ function addComponent( encodeForPurl(pkg.subpath) ); let purlString = purl.toString(); - purlString = decodeURIComponent(purlString); let description = { "#cdata": pkg.description }; if (format === "json") { description = pkg.description || undefined; diff --git a/utils.test.js b/utils.test.js index 6af717344..d490b0cee 100644 --- a/utils.test.js +++ b/utils.test.js @@ -1143,7 +1143,7 @@ test("parse github actions workflow data", async () => { dep_list = parseGitHubWorkflowData( readFileSync("./.github/workflows/repotests.yml", { encoding: "utf-8" }) ); - expect(dep_list.length).toEqual(6); + expect(dep_list.length).toEqual(7); expect(dep_list[0]).toEqual({ group: "actions", name: "checkout",