-
-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathcomponent.ts
147 lines (131 loc) · 4.63 KB
/
component.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
/*!
This file is part of CycloneDX JavaScript Library.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
SPDX-License-Identifier: Apache-2.0
Copyright (c) OWASP Foundation. All Rights Reserved.
*/
import { PackageURL } from 'packageurl-js'
import { CPE, isCPE } from '../types'
import { ComponentScope, ComponentType } from '../enums'
import { BomRef, BomRefRepository } from './bomRef'
import { HashRepository } from './hash'
import { OrganizationalEntity } from './organizationalEntity'
import { ExternalReferenceRepository } from './externalReference'
import { LicenseRepository } from './license'
import { SWID } from './swid'
import { Comparable, SortableSet } from '../helpers/sortableSet'
import { treeIterator } from '../helpers/tree'
interface OptionalProperties {
bomRef?: BomRef['value']
author?: Component['author']
copyright?: Component['copyright']
description?: Component['description']
externalReferences?: Component['externalReferences']
group?: Component['group']
hashes?: Component['hashes']
licenses?: Component['licenses']
publisher?: Component['publisher']
purl?: Component['purl']
scope?: Component['scope']
supplier?: Component['supplier']
swid?: Component['swid']
version?: Component['version']
dependencies?: Component['dependencies']
components?: Component['components']
cpe?: Component['cpe']
}
export class Component implements Comparable {
type: ComponentType
name: string
author?: string
copyright?: string
description?: string
externalReferences: ExternalReferenceRepository
group?: string
hashes: HashRepository
licenses: LicenseRepository
publisher?: string
purl?: PackageURL
scope?: ComponentScope
supplier?: OrganizationalEntity
swid?: SWID
version?: string
dependencies: BomRefRepository
components: ComponentRepository
/** @see bomRef */
readonly #bomRef: BomRef
/** @see cpe */
#cpe?: CPE
/**
* @throws {TypeError} if {@see op.cpe} is neither {@see CPE} nor {@see undefined}
*/
constructor (type: ComponentType, name: string, op: OptionalProperties = {}) {
this.#bomRef = new BomRef(op.bomRef)
this.type = type
this.name = name
this.supplier = op.supplier
this.author = op.author
this.copyright = op.copyright
this.externalReferences = op.externalReferences ?? new ExternalReferenceRepository()
this.group = op.group
this.hashes = op.hashes ?? new HashRepository()
this.licenses = op.licenses ?? new LicenseRepository()
this.publisher = op.publisher
this.purl = op.purl
this.scope = op.scope
this.swid = op.swid
this.version = op.version
this.description = op.description
this.dependencies = op.dependencies ?? new BomRefRepository()
this.components = op.components ?? new ComponentRepository()
this.cpe = op.cpe
}
get bomRef (): BomRef {
return this.#bomRef
}
get cpe (): CPE | undefined {
return this.#cpe
}
/**
* @throws {TypeError} if value is neither {@see CPE} nor {@see undefined}
*/
set cpe (value: CPE | undefined) {
if (value !== undefined && !isCPE(value)) {
throw new TypeError('Not CPE nor undefined')
}
this.#cpe = value
}
compare (other: Component): number {
// The purpose of this method is not to test for equality, but have deterministic comparability.
const bomRefCompare = this.bomRef.compare(other.bomRef)
if (bomRefCompare !== 0) {
return bomRefCompare
}
if (this.purl !== undefined && other.purl !== undefined) {
return this.purl.toString().localeCompare(other.purl.toString())
}
if (this.#cpe !== undefined && other.#cpe !== undefined) {
return this.#cpe.toString().localeCompare(other.#cpe.toString())
}
/* eslint-disable-next-line @typescript-eslint/strict-boolean-expressions -- run compares in weighted order */
return (this.group ?? '').localeCompare(other.group ?? '') ||
this.name.localeCompare(other.name) ||
(this.version ?? '').localeCompare(other.version ?? '')
}
}
export class ComponentRepository extends SortableSet<Component> {
* [treeIterator] (): Generator<Component> {
for (const component of this) {
yield component
yield * component.components[treeIterator]()
}
}
}