Skip to content

Commit 163cd1c

Browse files
committed
feat: shorter purls
Signed-off-by: Jan Kowalleck <[email protected]>
1 parent 10a86c2 commit 163cd1c

File tree

5 files changed

+46
-41
lines changed

5 files changed

+46
-41
lines changed

HISTORY.md

+5
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,15 @@ All notable changes to this project will be documented in this file.
44

55
## unreleased
66

7+
* Changed
8+
* PackageUrl(PURL) in JSON and XML results are as short as possible, but still precise. (via [#285])
9+
* Misc
10+
* Raised dependency `@cyclonedx/cyclonedx-library@^1.4.0`, was `@^1.0.0`. (via [#285])
711
* Build
812
* Use _TypeScript_ `v4.8.2` now, was `v4.7.4`. (via [#284])
913

1014
[#284]: https://github.com/CycloneDX/cyclonedx-webpack-plugin/pull/284
15+
[#285]: https://github.com/CycloneDX/cyclonedx-webpack-plugin/pull/285
1116

1217
## 3.0.1 - 2022-06-25
1318

package-lock.json

+7-7
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@
3333
"node": ">=14"
3434
},
3535
"dependencies": {
36-
"@cyclonedx/cyclonedx-library": "^1.0.0",
36+
"@cyclonedx/cyclonedx-library": "^1.4.0",
3737
"read-pkg-up": "^7.0.0",
3838
"xmlbuilder2": "^3.0.2"
3939
},

src/plugin.ts

+6-6
Original file line numberDiff line numberDiff line change
@@ -146,11 +146,11 @@ export class CycloneDxWebpackPlugin {
146146
}
147147

148148
const logger = compilation.getLogger(pluginName)
149-
const cdxExternalReferenceFactory = new CDX.Factories.FromPackageJson.ExternalReferenceFactory()
149+
const cdxExternalReferenceFactory = new CDX.Factories.FromNodePackageJson.ExternalReferenceFactory()
150150
const cdxLicenseFactory = new CDX.Factories.LicenseFactory()
151-
const cdxPurlFactory = new CDX.Factories.PackageUrlFactory('npm')
152-
const cdxToolBuilder = new CDX.Builders.FromPackageJson.ToolBuilder(cdxExternalReferenceFactory)
153-
const cdxComponentBuilder = new CDX.Builders.FromPackageJson.ComponentBuilder(cdxExternalReferenceFactory, cdxLicenseFactory)
151+
const cdxPurlFactory = new CDX.Factories.FromNodePackageJson.PackageUrlFactory('npm')
152+
const cdxToolBuilder = new CDX.Builders.FromNodePackageJson.ToolBuilder(cdxExternalReferenceFactory)
153+
const cdxComponentBuilder = new CDX.Builders.FromNodePackageJson.ComponentBuilder(cdxExternalReferenceFactory, cdxLicenseFactory)
154154

155155
const bom = new CDX.Models.Bom()
156156
bom.metadata.component = this.#makeRootComponent(compilation.compiler.context, cdxComponentBuilder)
@@ -231,7 +231,7 @@ export class CycloneDxWebpackPlugin {
231231
)
232232
}
233233

234-
#makeRootComponent (cwd: string, builder: CDX.Builders.FromPackageJson.ComponentBuilder): CDX.Models.Component | undefined {
234+
#makeRootComponent (cwd: string, builder: CDX.Builders.FromNodePackageJson.ComponentBuilder): CDX.Models.Component | undefined {
235235
const thisPackage = this.rootComponentAutodetect
236236
? readPackageUpSync({ cwd, normalize: false })
237237
: { packageJson: { name: this.rootComponentName, version: this.rootComponentVersion } }
@@ -242,7 +242,7 @@ export class CycloneDxWebpackPlugin {
242242

243243
#finalizeBom (
244244
bom: CDX.Models.Bom,
245-
cdxToolBuilder: CDX.Builders.FromPackageJson.ToolBuilder,
245+
cdxToolBuilder: CDX.Builders.FromNodePackageJson.ToolBuilder,
246246
cdxPurlFactory: CDX.Factories.PackageUrlFactory
247247
): void {
248248
bom.metadata.timestamp = this.reproducibleResults

tests/integration/__snapshots__/index.test.js.snap

+27-27
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)