Class: Pbom::Generator

Inherits:
Object
  • Object
show all
Defined in:
lib/pbom.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(input_path: '.', output_path: '.') ⇒ Generator

Returns a new instance of Generator.



13
14
15
16
17
 
# File 'lib/pbom.rb', line 13

def initialize(input_path: '.', output_path: '.')
  @input_path = input_path
  @output_path = output_path
  @packages = []
end

Instance Attribute Details

#input_pathObject (readonly)

Returns the value of attribute input_path.



11
12
13
 
# File 'lib/pbom.rb', line 11

def input_path
  @input_path
end

#output_pathObject (readonly)

Returns the value of attribute output_path.



11
12
13
 
# File 'lib/pbom.rb', line 11

def output_path
  @output_path
end

#packagesObject (readonly)

Returns the value of attribute packages.



11
12
13
 
# File 'lib/pbom.rb', line 11

def packages
  @packages
end

Instance Method Details

#generateObject 



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
# File 'lib/pbom.rb', line 19

def generate
  generate_sbom

  load_purls

  generate_references_bib
  puts ""
  puts "PBOM generated at #{output_path}"
  puts "  - #{packages.count} unique packages found"
  puts "  - sbom.json"
  puts "  - references.bib"
  puts 
  puts "To cite all packages in your research, add the following to your LaTeX document:"
  puts
  puts generate_cite_list
  puts
end

#generate_cite_listObject 



64
65
66
 
# File 'lib/pbom.rb', line 64

def generate_cite_list
  packages.map(&:to_cite).join(", ")
end

#generate_references_bibObject 



56
57
58
59
60
61
62
 
# File 'lib/pbom.rb', line 56

def generate_references_bib
  File.open("#{output_path}/references.bib", "w") do |f|
    packages.each do |package|
      f.puts package.generate_bib_entry
    end
  end
end

#generate_sbomObject 



48
49
50
 
# File 'lib/pbom.rb', line 48

def generate_sbom
  `syft scan #{input_path} -o spdx-json=#{output_path}/sbom.json > /dev/null 2>&1`
end

#load_purlsObject 



37
38
39
40
41
42
43
44
45
46
 
# File 'lib/pbom.rb', line 37

def load_purls
  load_sbom['packages'].map do |artifact|
    next if artifact.nil? || artifact['externalRefs'].nil?
    purl = artifact['externalRefs'].find { |ref| ref['referenceType'] == 'purl' }&.fetch('referenceLocator', nil)
    if purl
      next if @packages.any? { |pkg| pkg.matches?(purl) }
      @packages << Package.new(purl) 
    end
  end
end

#load_sbomObject 



52
53
54
 
# File 'lib/pbom.rb', line 52

def load_sbom
  JSON.parse(File.read("#{output_path}/sbom.json"))
end