From dba915e1d28b108fe9126703d2f69f9c95e1fabc Mon Sep 17 00:00:00 2001 From: DmitriyLewen Date: Thu, 6 Jun 2024 15:29:01 +0600 Subject: [PATCH 1/2] fix(bom): check srcName + srcVersion before take info from pkg --- pkg/sbom/io/decode.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkg/sbom/io/decode.go b/pkg/sbom/io/decode.go index e4df3bee8489..2ef98af5cea6 100644 --- a/pkg/sbom/io/decode.go +++ b/pkg/sbom/io/decode.go @@ -2,6 +2,7 @@ package io import ( "errors" + "fmt" "slices" "sort" "strconv" @@ -200,6 +201,9 @@ func (m *Decoder) decodeLibrary(c *core.Component) (*ftypes.Package, error) { pkg.Name = m.pkgName(pkg, c) pkg.ID = dependency.ID(p.LangType(), pkg.Name, p.Version) // Re-generate ID with the updated name + if pkg.Name == "bsdutils" { + fmt.Println() + } var err error for _, prop := range c.Properties { switch prop.Name { @@ -271,6 +275,11 @@ func (m *Decoder) fillSrcPkg(c *core.Component, pkg *ftypes.Package) { } m.parseSrcVersion(pkg, c.SrcVersion) + // Source info was added from component or properties + if pkg.SrcName != "" && pkg.SrcVersion != "" { + return + } + // Fill source package information for components in third-party SBOMs . if pkg.SrcName == "" { pkg.SrcName = pkg.Name From b442097d4051e2254e6436483de493b481adcf30 Mon Sep 17 00:00:00 2001 From: DmitriyLewen Date: Thu, 6 Jun 2024 15:57:32 +0600 Subject: [PATCH 2/2] refactor: remove debug fmt --- pkg/sbom/io/decode.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/pkg/sbom/io/decode.go b/pkg/sbom/io/decode.go index 2ef98af5cea6..917684962d20 100644 --- a/pkg/sbom/io/decode.go +++ b/pkg/sbom/io/decode.go @@ -2,7 +2,6 @@ package io import ( "errors" - "fmt" "slices" "sort" "strconv" @@ -201,9 +200,6 @@ func (m *Decoder) decodeLibrary(c *core.Component) (*ftypes.Package, error) { pkg.Name = m.pkgName(pkg, c) pkg.ID = dependency.ID(p.LangType(), pkg.Name, p.Version) // Re-generate ID with the updated name - if pkg.Name == "bsdutils" { - fmt.Println() - } var err error for _, prop := range c.Properties { switch prop.Name {