Skip to content

Commit

Permalink
#291 feat: vcs url for gopkg (#1505)
Browse files Browse the repository at this point in the history
* #291 feat: vcs url for gopkg

Signed-off-by: Anton Baryshnikov <a.baryshnikov@bi.zone>

* add getGoPkgUrl + tests for gopkg with FETCH_LICENSE=1

Signed-off-by: Anton Baryshnikov <a.baryshnikov@bi.zone>

* Typo fix

Signed-off-by: Anton Baryshnikov <a.baryshnikov@bi.zone>

---------

Signed-off-by: Anton Baryshnikov <a.baryshnikov@bi.zone>
  • Loading branch information
CaMoPeZzz authored Dec 24, 2024
1 parent 59e97b7 commit 4b2c943
Show file tree
Hide file tree
Showing 5 changed files with 499 additions and 14 deletions.
1 change: 1 addition & 0 deletions docs/ENV.md
Original file line number Diff line number Diff line change
Expand Up @@ -66,3 +66,4 @@ The following environment variables are available to configure the bom generatio
| SWIFT_COMPILER_ARGS | Full compiler arguments string to use for semantic analysis. Eg: -sdk <path> -F <path> -Xcc -I <path> |
| SWIFT_SDK_ARGS | Swift sdk arguments. Eg: -sdk <path> |
| SWIFT_COMPILER_EXTRA_ARGS | Extra compiler arguments to add to the auto-detected string. Eg: -suppress-warnings -track-system-dependencies |
| GO_FETCH_VCS | Set this variable to `true` or `1` to fetch vcs url from pkg.go.dev. For golang |
85 changes: 73 additions & 12 deletions lib/helpers/utils.js
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,12 @@ export function shouldFetchLicense() {
);
}

export function shouldFetchVCS() {
return (
process.env.GO_FETCH_VCS && ["true", "1"].includes(process.env.GO_FETCH_VCS)
);
}

// Whether license information should be fetched
export const FETCH_LICENSE = shouldFetchLicense();

Expand Down Expand Up @@ -4956,18 +4962,13 @@ export async function getRepoLicense(repoUrl, repoMetadata) {
*/
export async function getGoPkgLicense(repoMetadata) {
const group = repoMetadata.group;
const name = repoMetadata.name;
let pkgUrlPrefix = process.env.GO_PKG_URL || "https://pkg.go.dev/";
if (group && group !== "." && group !== name) {
pkgUrlPrefix = `${pkgUrlPrefix + group}/`;
}
pkgUrlPrefix = `${pkgUrlPrefix + name}?tab=licenses`;
const pkgUrl = `${getGoPkgUrl(repoMetadata)}?tab=licenses`;
// Check the metadata cache first
if (metadata_cache[pkgUrlPrefix]) {
return metadata_cache[pkgUrlPrefix];
if (metadata_cache[pkgUrl]) {
return metadata_cache[pkgUrl];
}
try {
const res = await cdxgenAgent.get(pkgUrlPrefix);
const res = await cdxgenAgent.get(pkgUrl);
if (res?.body) {
const $ = load(res.body);
let licenses = $("#LICENSE > h2").text().trim();
Expand All @@ -4988,11 +4989,11 @@ export async function getGoPkgLicense(repoMetadata) {
} else {
alicense.id = id.trim();
}
alicense["url"] = pkgUrlPrefix;
alicense["url"] = pkgUrl;
licList.push(alicense);
}
}
metadata_cache[pkgUrlPrefix] = licList;
metadata_cache[pkgUrl] = licList;
return licList;
}
} catch (err) {
Expand All @@ -5004,6 +5005,35 @@ export async function getGoPkgLicense(repoMetadata) {
return undefined;
}

/**
* Method to get go pkg vcs url from go.dev site.
*
* @param {String} group Package group
* @param {String} name Package name
*/
async function getGoPkgVCSUrl(group, name) {
const fullName = getGoPkgFullName(group, name);
if (fullName.startsWith("github.com") || fullName.startsWith("gitlab.com")) {
return `https://${fullName}`;
}
const pkgUrl = getGoPkgUrl({ fullName });
if (metadata_cache[pkgUrl]) {
return metadata_cache[pkgUrl];
}
try {
const res = await cdxgenAgent.get(pkgUrl);
if (res?.body) {
const $ = load(res.body);
const vcs = $("div.UnitMeta-repo").children("a").attr("href");
metadata_cache[pkgUrl] = vcs;
return vcs;
}
} catch (err) {
return undefined;
}
return undefined;
}

export async function getGoPkgComponent(group, name, version, hash) {
let license = undefined;
if (shouldFetchLicense()) {
Expand All @@ -5021,7 +5051,11 @@ export async function getGoPkgComponent(group, name, version, hash) {
const purlString = new PackageURL("golang", group, name, version)
.toString()
.replace(/%2F/g, "/");
return {
let vcs = undefined;
if (shouldFetchVCS()) {
vcs = await getGoPkgVCSUrl(group, name);
}
const packageInfo = {
group: group,
name: name,
version: version,
Expand All @@ -5030,6 +5064,33 @@ export async function getGoPkgComponent(group, name, version, hash) {
purl: purlString,
"bom-ref": decodeURIComponent(purlString),
};
if (vcs) {
packageInfo.externalReferences = [{ type: "vcs", url: vcs }];
}
return packageInfo;
}

/**
* Method to get go pkg url (go.dev site).
*
* @param {Object} pkgMetadata pkg metadata
*/
function getGoPkgUrl(pkgMetadata) {
const pkgUrlPrefix = process.env.GO_PKG_URL || "https://pkg.go.dev/";
const fullName =
pkgMetadata.fullName ||
getGoPkgFullName(pkgMetadata.group, pkgMetadata.name);
return pkgUrlPrefix + fullName;
}

/**
* Method to get go pkg full name.
*
* @param {String} group Package group
* @param {String} name Package name
*/
function getGoPkgFullName(group, name) {
return group && group !== "." && group !== name ? `${group}/${name}` : name;
}

/**
Expand Down
Loading

0 comments on commit 4b2c943

Please # to comment.