Class: Bundler::Sbom::Generator

Inherits:
Object
  • Object
show all
Defined in:
lib/bundler/sbom/generator.rb

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(format: "spdx", without_groups: []) ⇒ Generator

Returns a new instance of Generator.



12
13
14
15
 
# File 'lib/bundler/sbom/generator.rb', line 12

def initialize(format: "spdx", without_groups: [])
  @format = format.to_s.downcase
  @without_groups = without_groups
end

Class Method Details

.from_hash(hash) ⇒ Object 



50
51
52
53
54
55
56
 
# File 'lib/bundler/sbom/generator.rb', line 50

def self.from_hash(hash)
  if hash["bomFormat"] == "CycloneDX"
    CycloneDX.new(hash)
  else
    SPDX.new(hash)
  end
end

.parse_xml(xml_content) ⇒ Object 



39
40
41
42
43
44
45
46
47
48
 
# File 'lib/bundler/sbom/generator.rb', line 39

def self.parse_xml(xml_content)
  doc = REXML::Document.new(xml_content)
  root = doc.root

  if root.name == "bom" && root.namespace.include?("cyclonedx.org")
    CycloneDX.parse_xml(doc)
  else
    raise ArgumentError, "Unsupported XML SBOM: only CycloneDX XML can be read"
  end
end

Instance Method Details

#generateObject 



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/bundler/sbom/generator.rb', line 17

def generate
  lockfile_path = Bundler.default_lockfile
  if !lockfile_path || !lockfile_path.exist?
    Bundler.ui.error "No Gemfile.lock found. Run `bundle install` first."
    raise GemfileLockNotFoundError, "No Gemfile.lock found"
  end

  lockfile = Bundler::LockfileParser.new(lockfile_path.read)
  document_name = File.basename(Dir.pwd)

  gems = get_gems_for_groups(lockfile)
  gem_data = resolve_gem_data(gems)
  direct_dependencies = lockfile.dependencies.keys

  case @format
  when "cyclonedx"
    CycloneDX.generate(gem_data, document_name, direct_dependencies: direct_dependencies)
  else
    SPDX.generate(gem_data, document_name)
  end
end