use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.
the class AggregateBdioCreator method createAggregateBdioFile.
public Optional<UploadTarget> createAggregateBdioFile(File sourcePath, File bdioDirectory, final List<DetectCodeLocation> codeLocations, NameVersion projectNameVersion) throws DetectUserFriendlyException {
final DependencyGraph aggregateDependencyGraph = createAggregateDependencyGraph(sourcePath, codeLocations);
if (aggregateDependencyGraph.getRootDependencies().size() == 0) {
logger.info("The aggregate contained no dependencies, will not create bdio file.");
return Optional.empty();
}
final ExternalId projectExternalId = simpleBdioFactory.createNameVersionExternalId(new Forge("/", "/", "DETECT"), projectNameVersion.getName(), projectNameVersion.getVersion());
final String codeLocationName = codeLocationNameManager.createAggregateCodeLocationName(projectNameVersion);
final SimpleBdioDocument aggregateBdioDocument = simpleBdioFactory.createSimpleBdioDocument(codeLocationName, projectNameVersion.getName(), projectNameVersion.getVersion(), projectExternalId, aggregateDependencyGraph);
final String filename = String.format("%s.jsonld", integrationEscapeUtil.escapeForUri(detectConfiguration.getProperty(DetectProperty.DETECT_BOM_AGGREGATE_NAME, PropertyAuthority.None)));
final File aggregateBdioFile = new File(bdioDirectory, filename);
detectBdioWriter.writeBdioFile(aggregateBdioFile, aggregateBdioDocument);
return Optional.of(UploadTarget.createDefault(codeLocationName, aggregateBdioFile));
}
use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.
the class CodeLocationBdioCreator method createBdioFiles.
public List<UploadTarget> createBdioFiles(File bdioOutput, final List<BdioCodeLocation> bdioCodeLocations, NameVersion projectNameVersion) throws DetectUserFriendlyException {
final List<UploadTarget> uploadTargets = new ArrayList<>();
for (final BdioCodeLocation bdioCodeLocation : bdioCodeLocations) {
String codeLocationName = bdioCodeLocation.codeLocationName;
ExternalId externalId = bdioCodeLocation.codeLocation.getExternalId();
DependencyGraph dependencyGraph = bdioCodeLocation.codeLocation.getDependencyGraph();
final SimpleBdioDocument simpleBdioDocument = simpleBdioFactory.createSimpleBdioDocument(codeLocationName, projectNameVersion.getName(), projectNameVersion.getVersion(), externalId, dependencyGraph);
final File outputFile = new File(bdioOutput, bdioCodeLocation.bdioName);
detectBdioWriter.writeBdioFile(outputFile, simpleBdioDocument);
uploadTargets.add(UploadTarget.createDefault(codeLocationName, outputFile));
}
return uploadTargets;
}
use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.
the class PackagistParser method getDependencyGraphFromProject.
public PackagistParseResult getDependencyGraphFromProject(final String sourcePath, final String composerJsonText, final String composerLockText) {
final LazyExternalIdDependencyGraphBuilder builder = new LazyExternalIdDependencyGraphBuilder();
final JsonObject composerJsonObject = new JsonParser().parse(composerJsonText).getAsJsonObject();
final NameVersion projectNameVersion = parseNameVersionFromJson(composerJsonObject);
final JsonObject composerLockObject = new JsonParser().parse(composerLockText).getAsJsonObject();
final List<PackagistPackage> models = convertJsonToModel(composerLockObject, detectConfiguration.getBooleanProperty(DetectProperty.DETECT_PACKAGIST_INCLUDE_DEV_DEPENDENCIES, PropertyAuthority.None));
final List<NameVersion> rootPackages = parseDependencies(composerJsonObject, detectConfiguration.getBooleanProperty(DetectProperty.DETECT_PACKAGIST_INCLUDE_DEV_DEPENDENCIES, PropertyAuthority.None));
models.forEach(it -> {
final ExternalId id = externalIdFactory.createNameVersionExternalId(Forge.PACKAGIST, it.getNameVersion().getName(), it.getNameVersion().getVersion());
final NameDependencyId dependencyId = new NameDependencyId(it.getNameVersion().getName());
builder.setDependencyInfo(dependencyId, it.getNameVersion().getName(), it.getNameVersion().getVersion(), id);
if (isRootPackage(it.getNameVersion(), rootPackages)) {
builder.addChildToRoot(dependencyId);
}
it.getDependencies().forEach(child -> {
if (existsInPackages(child, models)) {
final NameDependencyId childId = new NameDependencyId(child.getName());
builder.addChildWithParent(childId, dependencyId);
} else {
logger.warn("Dependency was not found in packages list but found a require that used it: " + child.getName());
}
});
});
ExternalId projectExternalId;
if (projectNameVersion.getName() == null || projectNameVersion.getVersion() == null) {
projectExternalId = externalIdFactory.createPathExternalId(Forge.PACKAGIST, sourcePath);
} else {
projectExternalId = externalIdFactory.createNameVersionExternalId(Forge.PACKAGIST, projectNameVersion.getName(), projectNameVersion.getVersion());
}
final DependencyGraph graph = builder.build();
final DetectCodeLocation codeLocation = new DetectCodeLocation.Builder(DetectCodeLocationType.PACKAGIST, sourcePath, projectExternalId, graph).build();
return new PackagistParseResult(projectNameVersion.getName(), projectNameVersion.getVersion(), codeLocation);
}
use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.
the class YarnLockExtractor method extract.
public Extraction extract(final File directory, final File yarnlock, final String yarnExe) {
try {
final List<String> yarnLockText = Files.readAllLines(yarnlock.toPath(), StandardCharsets.UTF_8);
final List<String> exeArgs = Stream.of("list", "--emoji", "false").collect(Collectors.toCollection(ArrayList::new));
if (detectConfiguration.getBooleanProperty(DetectProperty.DETECT_YARN_PROD_ONLY, PropertyAuthority.None)) {
exeArgs.add("--prod");
}
final Executable yarnListExe = new Executable(directory, yarnExe, exeArgs);
final ExecutableOutput executableOutput = executableRunner.execute(yarnListExe);
if (executableOutput.getReturnCode() != 0) {
final Extraction.Builder builder = new Extraction.Builder().failure(String.format("Executing command '%s' returned a non-zero exit code %s", String.join(" ", exeArgs), executableOutput.getReturnCode()));
return builder.build();
}
final DependencyGraph dependencyGraph = yarnListParser.parseYarnList(yarnLockText, executableOutput.getStandardOutputAsList());
final ExternalId externalId = externalIdFactory.createPathExternalId(Forge.NPM, directory.getCanonicalPath());
final DetectCodeLocation detectCodeLocation = new DetectCodeLocation.Builder(DetectCodeLocationType.YARN, directory.getCanonicalPath(), externalId, dependencyGraph).build();
return new Extraction.Builder().success(detectCodeLocation).build();
} catch (final Exception e) {
return new Extraction.Builder().exception(e).build();
}
}
use of com.synopsys.integration.bdio.graph.DependencyGraph in project hub-detect by blackducksoftware.
the class GemlockParser method parseProjectDependencies.
public DependencyGraph parseProjectDependencies(final List<String> gemfileLockLines) {
encounteredDependencies = new ArrayList<>();
resolvedDependencies = new ArrayList<>();
lazyBuilder = new LazyExternalIdDependencyGraphBuilder();
currentParent = null;
for (final String line : gemfileLockLines) {
final String trimmedLine = StringUtils.trimToEmpty(line);
if (StringUtils.isBlank(trimmedLine)) {
currentSection = NONE;
} else if (SPECS_HEADER.equals(trimmedLine)) {
currentSection = SPECS;
} else if (DEPENDENCIES_HEADER.equals(trimmedLine)) {
currentSection = DEPENDENCIES;
} else if (BUNDLED_WITH_HEADER.equals(trimmedLine)) {
currentSection = BUNDLED_WITH;
} else if (BUNDLED_WITH.equals(currentSection)) {
addBundlerDependency(trimmedLine);
} else if (SPECS.equals(currentSection)) {
parseSpecsSectionLine(line);
} else if (DEPENDENCIES.equals(currentSection)) {
parseDependencySectionLine(trimmedLine);
}
}
List<String> missingDependencies = encounteredDependencies.stream().filter(it -> !resolvedDependencies.contains(it)).collect(Collectors.toList());
for (final String missingName : missingDependencies) {
String missingVersion = "";
final DependencyId dependencyId = new NameDependencyId(missingName);
final ExternalId externalId = externalIdFactory.createNameVersionExternalId(Forge.RUBYGEMS, missingName, missingVersion);
lazyBuilder.setDependencyInfo(dependencyId, missingName, missingVersion, externalId);
}
return lazyBuilder.build();
}
Aggregations