Skip to content

feat: add rootComponentVCS configuration #1350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jkowalleck merged 7 commits into from
Jan 10, 2025
Merged

feat: add rootComponentVCS configuration #1350

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
f468750
feat: add rootComponentVCS configuration
jeremylong Jan 8, 2025
cea0d7a
docs: update unreleased changes in history.md
jeremylong Jan 8, 2025
dc82314
fix: update per peer review
jeremylong Jan 9, 2025
b6bf3b5
docs: improve documentation for test
jeremylong Jan 9, 2025
ea974b4
docs: correct history.md
jeremylong Jan 9, 2025
7da1966
fix: suggestion from peer review
jeremylong Jan 9, 2025
7ce6946
backwards compat
jkowalleck Jan 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions HISTORY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,11 @@ All notable changes to this project will be documented in this file.

* Added
* Configuration option for `rootComponentBuildSystem` ([#1344] via [#1349])
* Configuration option for `rootComponentVCS` ([#1344] via [#1350])

[#1344]: https://github.com/CycloneDX/cyclonedx-webpack-plugin/issues/1344
[#1349]: https://github.com/CycloneDX/cyclonedx-webpack-plugin/pull/1349
[#1350]: https://github.com/CycloneDX/cyclonedx-webpack-plugin/pull/1350

## 3.15.1 - 2024-12-03

Expand Down
1 change: 1 addition & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ new CycloneDxWebpackPlugin(options?: object)
| **`rootComponentName`** | optional `{string}` | `undefined` | If `rootComponentAutodetect` is disabled, then this value is assumed as the "name" of the `package.json`. |
| **`rootComponentVersion`** | optional `{string}` | `undefined` | If `rootComponentAutodetect` is disabled, then this value is assumed as the "version" of the `package.json`. |
| **`rootComponentBuildSystem`** | optional `{string}` | `undefined` | Set's the URL for the RootComponent's External References' build-system. |
| **`rootComponentVCS`** | optional `{string}` | `undefined` | If `rootComponentAutodetect` is disabled or the VCS is not defined in the package.json, then this value is used as the URL for the RootComponent's External Referencees' Version Control System. |
| **`collectEvidence`** | `{boolean}` | `false` | Whether to collect (license) evidence and attach them to the resulting SBOM. |

### Example
Expand Down
1 change: 1 addition & 0 deletions examples/simple/webpack.config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ const cycloneDxWebpackPluginOptions = {
rootComponentName: undefined,
rootComponentVersion: undefined,
rootComponentBuildSystem: undefined,
rootComponentVCS: undefined,
collectEvidence: true
}

Expand Down
20 changes: 20 additions & 0 deletions src/plugin.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,11 @@ export interface CycloneDxWebpackPluginOptions {
* See {@link https://cyclonedx.org/docs/1.6/json/#metadata_component_externalReferences}.
*/
rootComponentBuildSystem?: CycloneDxWebpackPlugin['rootComponentBuildSystem']
/**
* Set the externalReference URL for the version control system for the RootComponent.
* See {@link https://cyclonedx.org/docs/1.6/json/#metadata_component_externalReferences}.
*/
rootComponentVCS?: CycloneDxWebpackPlugin['rootComponentVCS']

/**
* Whether to collect (license) evidence and attach them to the resulting SBOM.
Expand Down Expand Up @@ -142,6 +147,7 @@ export class CycloneDxWebpackPlugin {
rootComponentName: CDX.Models.Component['name'] | undefined
rootComponentVersion: CDX.Models.Component['version'] | undefined
rootComponentBuildSystem: CDX.Models.ExternalReference['url'] | undefined
rootComponentVCS: CDX.Models.ExternalReference['url'] | undefined

collectEvidence: boolean

Expand All @@ -157,6 +163,7 @@ export class CycloneDxWebpackPlugin {
rootComponentName = undefined,
rootComponentVersion = undefined,
rootComponentBuildSystem = undefined,
rootComponentVCS = undefined,
collectEvidence = false
}: CycloneDxWebpackPluginOptions = {}) {
this.specVersion = specVersion
Expand All @@ -172,6 +179,7 @@ export class CycloneDxWebpackPlugin {
this.rootComponentName = rootComponentName
this.rootComponentVersion = rootComponentVersion
this.rootComponentBuildSystem = rootComponentBuildSystem
this.rootComponentVCS = rootComponentVCS
this.collectEvidence = collectEvidence
}

Expand Down Expand Up @@ -328,6 +336,18 @@ export class CycloneDxWebpackPlugin {
)
logger.debug('Added rootComponent BuildSystem URL:', this.rootComponentBuildSystem)
}
if (typeof this.rootComponentVCS === 'string' &&
this.rootComponentVCS.length > 0 &&
![...component.externalReferences].some(ref => ref.type === CDX.Enums.ExternalReferenceType.VCS)) {
component.externalReferences.add(
new CDX.Models.ExternalReference(
this.rootComponentVCS,
CDX.Enums.ExternalReferenceType.VCS,
{ comment: 'as declared via cyclonedx-webpack-plugin config "rootComponentVCS"' }
)
)
logger.debug('Added rootComponent VCS URL:', this.rootComponentVCS)
}
}

#makeRootComponent (
Expand Down
Loading