Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adds components.properties filtering in bom #373

Draft
wants to merge 4 commits into
base: master
Choose a base branch
from
Draft

Adds components.properties filtering in bom #373

Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a76c3b9
Adds components.properties filtering in bom
timmyteo Nov 14, 2024
8b3ebde
Null Handling
timmyteo Nov 14, 2024
78b44b6
Proper null handling
timmyteo Nov 14, 2024
e829f8c
Simplify Code. Add regular expression matching.
timmyteo Nov 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions depscan/cli.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -432,10 +432,43 @@ def export_bom(bom_data, pkg_vulnerabilities, vdr_file):
# Update the tools section
if isinstance(tools, dict):
bom_data = summarise_tools(tools, metadata, bom_data)
if bom_data.get("components"):
bom_data = remove_extra_properties(bom_data)
bom_data["vulnerabilities"] = pkg_vulnerabilities
json_dump(vdr_file, bom_data, error_msg=f"Unable to generate VDR file at {vdr_file}", log=LOG)


def remove_extra_properties(bom_data):
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@timmyteo Could we refactor this to simplify?

exclude_properties = {"Namespaces", "ImportedModules"}
for i, component in enumerate(bom_data["components"]):
    if properties := component.get("properties"):
         bom_data["components"][i]["properties"] = [p for p in properties if p.get("name") not in exclude_properties]
return bom_data

@prabhu Do we want to make the excluded or allowed properties an optional argument for this function?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Optional argument sounds good. Support for regex or startswith since blint uses "internal:" prefix

new_components = []
exclude_properties = {"Namespaces", "ImportedModules"}

for component in bom_data["components"]:
new_properties = []
new_component = {}

for key, value in component.items():
new_component |= {key: value}

if component.get("properties"):
for prop in component["properties"]:
new_property = {}
keep_property = True
for key, value in prop.items():
if value not in exclude_properties:
new_property |= {key: value}
else:
keep_property = False
if keep_property == True:
new_properties.append(new_property)

new_component["properties"] = new_properties

new_components.append(new_component)

bom_data["components"] = new_components
return bom_data


def set_project_types(args, src_dir):
"""
Detects the project types and perform the right type of scan
Expand Down