add GetTrimmedPurl()

Author: kerenr-jfrog

utils/formats/cdxutils/cyclonedxutils.go

@@ -382,23 +382,21 @@ func excludeFromDependencies(dependencies *[]cyclonedx.Dependency, components *[
 	if dependencies == nil || len(*dependencies) == 0 || len(excludeComponents) == 0 {
 		return dependencies
 	}
-	excludeRefs := datastructures.MakeSet[string]()
 	excludePurls := datastructures.MakeSet[string]()
 	for _, component := range excludeComponents {
-		excludeRefs.Add(component.BOMRef)
 		excludePurls.Add(techutils.PurlToXrayComponentId(component.PackageURL))
 	}
 	filteredDependencies := []cyclonedx.Dependency{}
 	for _, dep := range *dependencies {
-		if excludeRefs.Exists(techutils.PurlToXrayComponentId(dep.Ref)) {
+		if excludePurls.Exists(GetTrimmedPurl(dep.Ref, components)) {
 			// This dependency is excluded, skip it
 			continue
 		}
 		filteredDep := cyclonedx.Dependency{Ref: dep.Ref}
 		if dep.Dependencies != nil {
 			// Also filter the components from the dependencies of this dependency
 			for _, depRef := range *dep.Dependencies {
-				if !excludeRefs.Exists(depRef) {
+				if !excludePurls.Exists(GetTrimmedPurl(depRef, components)) {
 					if filteredDep.Dependencies == nil {
 						filteredDep.Dependencies = &[]string{}
 					}
@@ -413,6 +411,15 @@ func excludeFromDependencies(dependencies *[]cyclonedx.Dependency, components *[
 	return &filteredDependencies
 }
 
+func GetTrimmedPurl(dep string, components *[]cyclonedx.Component) string {
+	component := SearchComponentByRef(components, dep)
+	if component == nil {
+		// couldn't find component - skipping
+		return ""
+	}
+	return techutils.PurlToXrayComponentId(component.PackageURL)
+}
+
 func AttachLicenseToComponent(component *cyclonedx.Component, license cyclonedx.LicenseChoice) {
 	if component.Licenses == nil {
 		component.Licenses = &cyclonedx.Licenses{}