Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 0554dfbc8c | |||
| 4734ea3b9b | |||
| d2ffba3269 |
@@ -17,7 +17,7 @@ describe('parseSBOMFromPath', () => {
|
||||
describe('when file does not exist', () => {
|
||||
it('throws an error', async () => {
|
||||
await expect(parseSBOMFromPath('/nonexistent/file.json')).rejects.toThrow(
|
||||
/ENOENT/
|
||||
/SBOM file not found/
|
||||
)
|
||||
})
|
||||
})
|
||||
|
||||
+12
-3
@@ -120950,7 +120950,6 @@ const predicateFromInputs = async (inputs) => {
|
||||
catch {
|
||||
throw new Error(`predicate file not found: ${predicatePath}`);
|
||||
}
|
||||
/* istanbul ignore next */
|
||||
const stat = await promises_default().stat(predicatePath);
|
||||
/* istanbul ignore next */
|
||||
if (stat.size > MAX_PREDICATE_SIZE_BYTES) {
|
||||
@@ -120978,11 +120977,21 @@ const generateProvenancePredicate = async () => {
|
||||
// SBOMs cannot exceed 16MB.
|
||||
const MAX_SBOM_SIZE_BYTES = 16 * 1024 * 1024;
|
||||
const parseSBOMFromPath = async (filePath) => {
|
||||
const fileContent = await promises_default().readFile(filePath, 'utf8');
|
||||
const stats = await promises_default().stat(filePath);
|
||||
let stats;
|
||||
try {
|
||||
stats = await promises_default().stat(filePath);
|
||||
}
|
||||
catch (error) {
|
||||
const err = error;
|
||||
if (err.code === 'ENOENT') {
|
||||
throw new Error('SBOM file not found');
|
||||
}
|
||||
throw error;
|
||||
}
|
||||
if (stats.size > MAX_SBOM_SIZE_BYTES) {
|
||||
throw new Error(`SBOM file exceeds maximum allowed size: ${MAX_SBOM_SIZE_BYTES} bytes`);
|
||||
}
|
||||
const fileContent = await promises_default().readFile(filePath, 'utf8');
|
||||
const sbom = JSON.parse(fileContent);
|
||||
if (checkIsSPDX(sbom)) {
|
||||
return { type: 'spdx', object: sbom };
|
||||
|
||||
Generated
+10
@@ -175,6 +175,7 @@
|
||||
"integrity": "sha512-CGOfOJqWjg2qW/Mb6zNsDm+u5vFQ8DxXfbM09z69p5Z6+mE1ikP2jUXw+j42Pf1XTYED2Rni5f95npYeuwMDQA==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"dependencies": {
|
||||
"@babel/code-frame": "^7.29.0",
|
||||
"@babel/generator": "^7.29.0",
|
||||
@@ -1497,6 +1498,7 @@
|
||||
"resolved": "https://registry.npmjs.org/@octokit/core/-/core-7.0.6.tgz",
|
||||
"integrity": "sha512-DhGl4xMVFGVIyMwswXeyzdL4uXD5OGILGX5N8Y+f6W7LhC1Ze2poSNrkF/fedpVDHEEZ+PHFW0vL14I+mm8K3Q==",
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"dependencies": {
|
||||
"@octokit/auth-token": "^6.0.0",
|
||||
"@octokit/graphql": "^9.0.3",
|
||||
@@ -2365,6 +2367,7 @@
|
||||
"integrity": "sha512-1y/MVSz0NglV1ijHC8OT49mPJ4qhPYjiK08YUQVbIOyu+5k862LKUHFkpKHWu//zmr7hDR2rhwUm6gnCGNmGBQ==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"dependencies": {
|
||||
"@eslint-community/regexpp": "^4.12.2",
|
||||
"@typescript-eslint/scope-manager": "8.55.0",
|
||||
@@ -2404,6 +2407,7 @@
|
||||
"integrity": "sha512-4z2nCSBfVIMnbuu8uinj+f0o4qOeggYJLbjpPHka3KH1om7e+H9yLKTYgksTaHcGco+NClhhY2vyO3HsMH1RGw==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"dependencies": {
|
||||
"@typescript-eslint/scope-manager": "8.55.0",
|
||||
"@typescript-eslint/types": "8.55.0",
|
||||
@@ -2920,6 +2924,7 @@
|
||||
"integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"bin": {
|
||||
"acorn": "bin/acorn"
|
||||
},
|
||||
@@ -3367,6 +3372,7 @@
|
||||
}
|
||||
],
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"dependencies": {
|
||||
"baseline-browser-mapping": "^2.9.0",
|
||||
"caniuse-lite": "^1.0.30001759",
|
||||
@@ -4395,6 +4401,7 @@
|
||||
"integrity": "sha512-LEyamqS7W5HB3ujJyvi0HQK/dtVINZvd5mAAp9eT5S/ujByGjiZLCzPcHVzuXbpJDJF/cxwHlfceVUDZ2lnSTw==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"dependencies": {
|
||||
"@eslint-community/eslint-utils": "^4.8.0",
|
||||
"@eslint-community/regexpp": "^4.12.1",
|
||||
@@ -6090,6 +6097,7 @@
|
||||
"integrity": "sha512-F26gjC0yWN8uAA5m5Ss8ZQf5nDHWGlN/xWZIh8S5SRbsEKBovwZhxGd6LJlbZYxBgCYOtreSUyb8hpXyGC5O4A==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"dependencies": {
|
||||
"@jest/core": "30.2.0",
|
||||
"@jest/types": "30.2.0",
|
||||
@@ -9488,6 +9496,7 @@
|
||||
"integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"peer": true,
|
||||
"engines": {
|
||||
"node": ">=12"
|
||||
},
|
||||
@@ -9799,6 +9808,7 @@
|
||||
"integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==",
|
||||
"dev": true,
|
||||
"license": "Apache-2.0",
|
||||
"peer": true,
|
||||
"bin": {
|
||||
"tsc": "bin/tsc",
|
||||
"tsserver": "bin/tsserver"
|
||||
|
||||
+11
-2
@@ -11,15 +11,24 @@ export type SBOM = {
|
||||
const MAX_SBOM_SIZE_BYTES = 16 * 1024 * 1024
|
||||
|
||||
export const parseSBOMFromPath = async (filePath: string): Promise<SBOM> => {
|
||||
const fileContent = await fs.readFile(filePath, 'utf8')
|
||||
let stats
|
||||
try {
|
||||
stats = await fs.stat(filePath)
|
||||
} catch (error) {
|
||||
const err = error as NodeJS.ErrnoException
|
||||
if (err.code === 'ENOENT') {
|
||||
throw new Error('SBOM file not found')
|
||||
}
|
||||
throw error
|
||||
}
|
||||
|
||||
const stats = await fs.stat(filePath)
|
||||
if (stats.size > MAX_SBOM_SIZE_BYTES) {
|
||||
throw new Error(
|
||||
`SBOM file exceeds maximum allowed size: ${MAX_SBOM_SIZE_BYTES} bytes`
|
||||
)
|
||||
}
|
||||
|
||||
const fileContent = await fs.readFile(filePath, 'utf8')
|
||||
const sbom = JSON.parse(fileContent) as object
|
||||
|
||||
if (checkIsSPDX(sbom)) {
|
||||
|
||||
Reference in New Issue
Block a user