Examples with PackagistParseResult com.synopsys.integration.detectable.detectables.packagist.model.PackagistParseResult used on opensource projects

Example 1 with PackagistParseResult

use of com.synopsys.integration.detectable.detectables.packagist.model.PackagistParseResult in project synopsys-detect by blackducksoftware.

the class PackagistParser method getDependencyGraphFromProject.

// TODO: Why are we dealing with JsonObjects rather than Gson straight to classes? Is this to avoid TypeAdapters? If so... smh JM-01/2022
public PackagistParseResult getDependencyGraphFromProject(String composerJsonText, String composerLockText) throws MissingExternalIdException {
    LazyExternalIdDependencyGraphBuilder builder = new LazyExternalIdDependencyGraphBuilder();
    JsonObject composerJsonObject = new JsonParser().parse(composerJsonText).getAsJsonObject();
    NameVersion projectNameVersion = parseNameVersionFromJson(composerJsonObject);
    JsonObject composerLockObject = new JsonParser().parse(composerLockText).getAsJsonObject();
    List<PackagistPackage> models = convertJsonToModel(composerLockObject);
    List<NameVersion> rootPackages = parseDependencies(composerJsonObject);
    models.forEach(it -> {
        ExternalId id = externalIdFactory.createNameVersionExternalId(Forge.PACKAGIST, it.getNameVersion().getName(), it.getNameVersion().getVersion());
        LazyId dependencyId = LazyId.fromName(it.getNameVersion().getName());
        builder.setDependencyInfo(dependencyId, it.getNameVersion().getName(), it.getNameVersion().getVersion(), id);
        if (isRootPackage(it.getNameVersion(), rootPackages)) {
            builder.addChildToRoot(dependencyId);
        }
        it.getDependencies().forEach(child -> {
            if (existsInPackages(child, models)) {
                LazyId childId = LazyId.fromName(child.getName());
                builder.addChildWithParent(childId, dependencyId);
            } else {
                logger.warn("Dependency was not found in packages list but found a require that used it: " + child.getName());
            }
        });
    });
    DependencyGraph graph = builder.build();
    CodeLocation codeLocation;
    if (projectNameVersion.getName() == null || projectNameVersion.getVersion() == null) {
        codeLocation = new CodeLocation(graph);
    } else {
        codeLocation = new CodeLocation(graph, externalIdFactory.createNameVersionExternalId(Forge.PACKAGIST, projectNameVersion.getName(), projectNameVersion.getVersion()));
    }
    return new PackagistParseResult(projectNameVersion.getName(), projectNameVersion.getVersion(), codeLocation);
}

Example 2 with PackagistParseResult

use of com.synopsys.integration.detectable.detectables.packagist.model.PackagistParseResult in project synopsys-detect by blackducksoftware.

the class ComposerLockExtractor method extract.

public Extraction extract(File composerJson, File composerLock) {
    try {
        String composerJsonText = FileUtils.readFileToString(composerJson, StandardCharsets.UTF_8);
        String composerLockText = FileUtils.readFileToString(composerLock, StandardCharsets.UTF_8);
        logger.debug(composerJsonText);
        logger.debug(composerLockText);
        PackagistParseResult result = packagistParser.getDependencyGraphFromProject(composerJsonText, composerLockText);
        return new Extraction.Builder().success(result.getCodeLocation()).projectName(result.getProjectName()).projectVersion(result.getProjectVersion()).build();
    } catch (Exception e) {
        return new Extraction.Builder().exception(e).build();
    }
}