Examples with DependencyGraph com.synopsys.integration.bdio.graph.DependencyGraph used on opensource projects

Example 41 with DependencyGraph

use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.

the class AggregateBdioCreator method createAggregateBdioFile.

public Optional<UploadTarget> createAggregateBdioFile(File sourcePath, File bdioDirectory, final List<DetectCodeLocation> codeLocations, NameVersion projectNameVersion) throws DetectUserFriendlyException {
    final DependencyGraph aggregateDependencyGraph = createAggregateDependencyGraph(sourcePath, codeLocations);
    if (aggregateDependencyGraph.getRootDependencies().size() == 0) {
        logger.info("The aggregate contained no dependencies, will not create bdio file.");
        return Optional.empty();
    }
    final ExternalId projectExternalId = simpleBdioFactory.createNameVersionExternalId(new Forge("/", "/", "DETECT"), projectNameVersion.getName(), projectNameVersion.getVersion());
    final String codeLocationName = codeLocationNameManager.createAggregateCodeLocationName(projectNameVersion);
    final SimpleBdioDocument aggregateBdioDocument = simpleBdioFactory.createSimpleBdioDocument(codeLocationName, projectNameVersion.getName(), projectNameVersion.getVersion(), projectExternalId, aggregateDependencyGraph);
    final String filename = String.format("%s.jsonld", integrationEscapeUtil.escapeForUri(detectConfiguration.getProperty(DetectProperty.DETECT_BOM_AGGREGATE_NAME, PropertyAuthority.None)));
    final File aggregateBdioFile = new File(bdioDirectory, filename);
    detectBdioWriter.writeBdioFile(aggregateBdioFile, aggregateBdioDocument);
    return Optional.of(UploadTarget.createDefault(codeLocationName, aggregateBdioFile));
}

Example 42 with DependencyGraph

use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.

the class CodeLocationBdioCreator method createBdioFiles.

public List<UploadTarget> createBdioFiles(File bdioOutput, final List<BdioCodeLocation> bdioCodeLocations, NameVersion projectNameVersion) throws DetectUserFriendlyException {
    final List<UploadTarget> uploadTargets = new ArrayList<>();
    for (final BdioCodeLocation bdioCodeLocation : bdioCodeLocations) {
        String codeLocationName = bdioCodeLocation.codeLocationName;
        ExternalId externalId = bdioCodeLocation.codeLocation.getExternalId();
        DependencyGraph dependencyGraph = bdioCodeLocation.codeLocation.getDependencyGraph();
        final SimpleBdioDocument simpleBdioDocument = simpleBdioFactory.createSimpleBdioDocument(codeLocationName, projectNameVersion.getName(), projectNameVersion.getVersion(), externalId, dependencyGraph);
        final File outputFile = new File(bdioOutput, bdioCodeLocation.bdioName);
        detectBdioWriter.writeBdioFile(outputFile, simpleBdioDocument);
        uploadTargets.add(UploadTarget.createDefault(codeLocationName, outputFile));
    }
    return uploadTargets;
}

Example 43 with DependencyGraph

use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.

the class PackagistParser method getDependencyGraphFromProject.

public PackagistParseResult getDependencyGraphFromProject(final String sourcePath, final String composerJsonText, final String composerLockText) {
    final LazyExternalIdDependencyGraphBuilder builder = new LazyExternalIdDependencyGraphBuilder();
    final JsonObject composerJsonObject = new JsonParser().parse(composerJsonText).getAsJsonObject();
    final NameVersion projectNameVersion = parseNameVersionFromJson(composerJsonObject);
    final JsonObject composerLockObject = new JsonParser().parse(composerLockText).getAsJsonObject();
    final List<PackagistPackage> models = convertJsonToModel(composerLockObject, detectConfiguration.getBooleanProperty(DetectProperty.DETECT_PACKAGIST_INCLUDE_DEV_DEPENDENCIES, PropertyAuthority.None));
    final List<NameVersion> rootPackages = parseDependencies(composerJsonObject, detectConfiguration.getBooleanProperty(DetectProperty.DETECT_PACKAGIST_INCLUDE_DEV_DEPENDENCIES, PropertyAuthority.None));
    models.forEach(it -> {
        final ExternalId id = externalIdFactory.createNameVersionExternalId(Forge.PACKAGIST, it.getNameVersion().getName(), it.getNameVersion().getVersion());
        final NameDependencyId dependencyId = new NameDependencyId(it.getNameVersion().getName());
        builder.setDependencyInfo(dependencyId, it.getNameVersion().getName(), it.getNameVersion().getVersion(), id);
        if (isRootPackage(it.getNameVersion(), rootPackages)) {
            builder.addChildToRoot(dependencyId);
        }
        it.getDependencies().forEach(child -> {
            if (existsInPackages(child, models)) {
                final NameDependencyId childId = new NameDependencyId(child.getName());
                builder.addChildWithParent(childId, dependencyId);
            } else {
                logger.warn("Dependency was not found in packages list but found a require that used it: " + child.getName());
            }
        });
    });
    ExternalId projectExternalId;
    if (projectNameVersion.getName() == null || projectNameVersion.getVersion() == null) {
        projectExternalId = externalIdFactory.createPathExternalId(Forge.PACKAGIST, sourcePath);
    } else {
        projectExternalId = externalIdFactory.createNameVersionExternalId(Forge.PACKAGIST, projectNameVersion.getName(), projectNameVersion.getVersion());
    }
    final DependencyGraph graph = builder.build();
    final DetectCodeLocation codeLocation = new DetectCodeLocation.Builder(DetectCodeLocationType.PACKAGIST, sourcePath, projectExternalId, graph).build();
    return new PackagistParseResult(projectNameVersion.getName(), projectNameVersion.getVersion(), codeLocation);
}

Example 44 with DependencyGraph

use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.

the class YarnLockExtractor method extract.

public Extraction extract(final File directory, final File yarnlock, final String yarnExe) {
    try {
        final List<String> yarnLockText = Files.readAllLines(yarnlock.toPath(), StandardCharsets.UTF_8);
        final List<String> exeArgs = Stream.of("list", "--emoji", "false").collect(Collectors.toCollection(ArrayList::new));
        if (detectConfiguration.getBooleanProperty(DetectProperty.DETECT_YARN_PROD_ONLY, PropertyAuthority.None)) {
            exeArgs.add("--prod");
        }
        final Executable yarnListExe = new Executable(directory, yarnExe, exeArgs);
        final ExecutableOutput executableOutput = executableRunner.execute(yarnListExe);
        if (executableOutput.getReturnCode() != 0) {
            final Extraction.Builder builder = new Extraction.Builder().failure(String.format("Executing command '%s' returned a non-zero exit code %s", String.join(" ", exeArgs), executableOutput.getReturnCode()));
            return builder.build();
        }
        final DependencyGraph dependencyGraph = yarnListParser.parseYarnList(yarnLockText, executableOutput.getStandardOutputAsList());
        final ExternalId externalId = externalIdFactory.createPathExternalId(Forge.NPM, directory.getCanonicalPath());
        final DetectCodeLocation detectCodeLocation = new DetectCodeLocation.Builder(DetectCodeLocationType.YARN, directory.getCanonicalPath(), externalId, dependencyGraph).build();
        return new Extraction.Builder().success(detectCodeLocation).build();
    } catch (final Exception e) {
        return new Extraction.Builder().exception(e).build();
    }
}

Example 45 with DependencyGraph

use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.

the class GemlockParser method parseProjectDependencies.

public DependencyGraph parseProjectDependencies(final List<String> gemfileLockLines) {
    encounteredDependencies = new ArrayList<>();
    resolvedDependencies = new ArrayList<>();
    lazyBuilder = new LazyExternalIdDependencyGraphBuilder();
    currentParent = null;
    for (final String line : gemfileLockLines) {
        final String trimmedLine = StringUtils.trimToEmpty(line);
        if (StringUtils.isBlank(trimmedLine)) {
            currentSection = NONE;
        } else if (SPECS_HEADER.equals(trimmedLine)) {
            currentSection = SPECS;
        } else if (DEPENDENCIES_HEADER.equals(trimmedLine)) {
            currentSection = DEPENDENCIES;
        } else if (BUNDLED_WITH_HEADER.equals(trimmedLine)) {
            currentSection = BUNDLED_WITH;
        } else if (BUNDLED_WITH.equals(currentSection)) {
            addBundlerDependency(trimmedLine);
        } else if (SPECS.equals(currentSection)) {
            parseSpecsSectionLine(line);
        } else if (DEPENDENCIES.equals(currentSection)) {
            parseDependencySectionLine(trimmedLine);
        }
    }
    List<String> missingDependencies = encounteredDependencies.stream().filter(it -> !resolvedDependencies.contains(it)).collect(Collectors.toList());
    for (final String missingName : missingDependencies) {
        String missingVersion = "";
        final DependencyId dependencyId = new NameDependencyId(missingName);
        final ExternalId externalId = externalIdFactory.createNameVersionExternalId(Forge.RUBYGEMS, missingName, missingVersion);
        lazyBuilder.setDependencyInfo(dependencyId, missingName, missingVersion, externalId);
    }
    return lazyBuilder.build();
}