use of com.synopsys.integration.detectable.detectables.packagist.model.PackagistPackage in project synopsys-detect by blackducksoftware.
the class PackagistParser method getDependencyGraphFromProject.
// TODO: Why are we dealing with JsonObjects rather than Gson straight to classes? Is this to avoid TypeAdapters? If so... smh JM-01/2022
public PackagistParseResult getDependencyGraphFromProject(String composerJsonText, String composerLockText) throws MissingExternalIdException {
LazyExternalIdDependencyGraphBuilder builder = new LazyExternalIdDependencyGraphBuilder();
JsonObject composerJsonObject = new JsonParser().parse(composerJsonText).getAsJsonObject();
NameVersion projectNameVersion = parseNameVersionFromJson(composerJsonObject);
JsonObject composerLockObject = new JsonParser().parse(composerLockText).getAsJsonObject();
List<PackagistPackage> models = convertJsonToModel(composerLockObject);
List<NameVersion> rootPackages = parseDependencies(composerJsonObject);
models.forEach(it -> {
ExternalId id = externalIdFactory.createNameVersionExternalId(Forge.PACKAGIST, it.getNameVersion().getName(), it.getNameVersion().getVersion());
LazyId dependencyId = LazyId.fromName(it.getNameVersion().getName());
builder.setDependencyInfo(dependencyId, it.getNameVersion().getName(), it.getNameVersion().getVersion(), id);
if (isRootPackage(it.getNameVersion(), rootPackages)) {
builder.addChildToRoot(dependencyId);
}
it.getDependencies().forEach(child -> {
if (existsInPackages(child, models)) {
LazyId childId = LazyId.fromName(child.getName());
builder.addChildWithParent(childId, dependencyId);
} else {
logger.warn("Dependency was not found in packages list but found a require that used it: " + child.getName());
}
});
});
DependencyGraph graph = builder.build();
CodeLocation codeLocation;
if (projectNameVersion.getName() == null || projectNameVersion.getVersion() == null) {
codeLocation = new CodeLocation(graph);
} else {
codeLocation = new CodeLocation(graph, externalIdFactory.createNameVersionExternalId(Forge.PACKAGIST, projectNameVersion.getName(), projectNameVersion.getVersion()));
}
return new PackagistParseResult(projectNameVersion.getName(), projectNameVersion.getVersion(), codeLocation);
}
use of com.synopsys.integration.detectable.detectables.packagist.model.PackagistPackage in project synopsys-detect by blackducksoftware.
the class PackagistParser method convertJsonToModel.
private List<PackagistPackage> convertJsonToModel(JsonArray packagesProperty) {
List<PackagistPackage> packages = new ArrayList<>();
packagesProperty.forEach(it -> {
if (it.isJsonObject()) {
JsonObject itObject = it.getAsJsonObject();
NameVersion nameVersion = parseNameVersionFromJson(itObject);
List<NameVersion> dependencies = parseDependencies(itObject);
packages.add(new PackagistPackage(nameVersion, dependencies));
}
});
return packages;
}
Aggregations