Skip to content

Commit 70327bc

Browse files
committed
fix: json flatten and merge dep graph
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
1 parent de53cf8 commit 70327bc

17 files changed

Lines changed: 162 additions & 30 deletions

cyclonedx/output/json.py

Lines changed: 17 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -38,10 +38,10 @@
3838
from . import BaseOutput, BomRefDiscriminator
3939

4040
if TYPE_CHECKING: # pragma: no cover
41-
from ..model.bom import Bom
41+
from ..model.bom import Bom, BomRef
4242

4343

44-
class _BomDependencyGraphFlattener:
44+
class _BomDependencyGraphFlatMerger:
4545
"""
4646
!!! THIS CLASS IS INTERNAL.
4747
Everything might change without any notice.
@@ -53,7 +53,7 @@ def __init__(self, bom: 'Bom'):
5353
self._deps = self._bom._dependencies
5454

5555
def __enter__(self) -> None:
56-
self.flatten()
56+
self.flatten_merge()
5757

5858
def __exit__(self, exc_type: Any, exc_val: Any, exc_tb: Any) -> None:
5959
self.reset()
@@ -64,10 +64,20 @@ def reset(self) -> None:
6464
# Just access the internal field directly!
6565
self._bom._dependencies = self._deps
6666

67-
def flatten(self) -> None:
68-
self._bom.dependencies = chain.from_iterable(
67+
def flatten_merge(self) -> None:
68+
self._bom.dependencies = self.__merge_deps(chain.from_iterable(
6969
self.__flatten_dep(dep) for dep in self._deps
70-
)
70+
))
71+
72+
@staticmethod
73+
def __merge_deps(deps: Iterable[Dependency]) -> Iterable[Dependency]:
74+
merged: dict[BomRef, Dependency] = {}
75+
for dep in deps:
76+
if m := merged.get(dep.ref):
77+
m.dependencies.update(dep.dependencies)
78+
else:
79+
merged[dep.ref] = Dependency(dep.ref, dep.dependencies)
80+
return merged.values()
7181

7282
@staticmethod
7383
def __flatten_dep(dep: Dependency) -> Iterable[Dependency]:
@@ -116,7 +126,7 @@ def generate(self, force_regeneration: bool = False) -> None:
116126
bom.validate()
117127
# utilize contrib.dependency.flatten() somewhere here
118128
with BomRefDiscriminator.from_bom(bom):
119-
with _BomDependencyGraphFlattener(bom):
129+
with _BomDependencyGraphFlatMerger(bom):
120130
bom_json: dict[str, Any] = json_loads(
121131
bom.as_json( # type:ignore[attr-defined]
122132
view_=_view))

tests/_data/models.py

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1612,16 +1612,29 @@ def get_bom_for_issue941_nested_dependencies_irreversible_migrate() -> Bom:
16121612
)
16131613
bom.components.add(component2)
16141614

1615+
component3 = Component(
1616+
type=ComponentType.LIBRARY,
1617+
name='some-other-library',
1618+
bom_ref='some-library3'
1619+
)
1620+
bom.components.add(component3)
1621+
16151622
bom.dependencies.add(
16161623
Dependency(
16171624
root_component.bom_ref,
16181625
dependencies=[
16191626
Dependency(
16201627
component1.bom_ref,
16211628
dependencies=[
1622-
Dependency(component2.bom_ref)
1629+
Dependency(component2.bom_ref),
16231630
]
1624-
)
1631+
),
1632+
Dependency(
1633+
component2.bom_ref,
1634+
dependencies=[
1635+
Dependency(component3.bom_ref)
1636+
]
1637+
),
16251638
]
16261639
)
16271640
)

tests/_data/snapshots/get_bom_for_issue941_nested_dependencies_irreversible_migrate-1.0.xml.bin

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,5 +11,10 @@
1111
<version/>
1212
<modified>false</modified>
1313
</component>
14+
<component type="library">
15+
<name>some-other-library</name>
16+
<version/>
17+
<modified>false</modified>
18+
</component>
1419
</components>
1520
</bom>

tests/_data/snapshots/get_bom_for_issue941_nested_dependencies_irreversible_migrate-1.1.xml.bin

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,5 +9,9 @@
99
<name>some-library</name>
1010
<version/>
1111
</component>
12+
<component type="library" bom-ref="some-library3">
13+
<name>some-other-library</name>
14+
<version/>
15+
</component>
1216
</components>
1317
</bom>

tests/_data/snapshots/get_bom_for_issue941_nested_dependencies_irreversible_migrate-1.2.json.bin

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,12 +11,19 @@
1111
"name": "some-library",
1212
"type": "library",
1313
"version": ""
14+
},
15+
{
16+
"bom-ref": "some-library3",
17+
"name": "some-other-library",
18+
"type": "library",
19+
"version": ""
1420
}
1521
],
1622
"dependencies": [
1723
{
1824
"dependsOn": [
19-
"some-library1"
25+
"some-library1",
26+
"some-library2"
2027
],
2128
"ref": "myApp"
2229
},
@@ -27,10 +34,13 @@
2734
"ref": "some-library1"
2835
},
2936
{
30-
"ref": "some-library1"
37+
"dependsOn": [
38+
"some-library3"
39+
],
40+
"ref": "some-library2"
3141
},
3242
{
33-
"ref": "some-library2"
43+
"ref": "some-library3"
3444
}
3545
],
3646
"metadata": {

tests/_data/snapshots/get_bom_for_issue941_nested_dependencies_irreversible_migrate-1.2.xml.bin

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,14 +16,22 @@
1616
<name>some-library</name>
1717
<version/>
1818
</component>
19+
<component type="library" bom-ref="some-library3">
20+
<name>some-other-library</name>
21+
<version/>
22+
</component>
1923
</components>
2024
<dependencies>
2125
<dependency ref="myApp">
2226
<dependency ref="some-library1">
2327
<dependency ref="some-library2"/>
2428
</dependency>
29+
<dependency ref="some-library2">
30+
<dependency ref="some-library3"/>
31+
</dependency>
2532
</dependency>
2633
<dependency ref="some-library1"/>
2734
<dependency ref="some-library2"/>
35+
<dependency ref="some-library3"/>
2836
</dependencies>
2937
</bom>

tests/_data/snapshots/get_bom_for_issue941_nested_dependencies_irreversible_migrate-1.3.json.bin

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,12 +11,19 @@
1111
"name": "some-library",
1212
"type": "library",
1313
"version": ""
14+
},
15+
{
16+
"bom-ref": "some-library3",
17+
"name": "some-other-library",
18+
"type": "library",
19+
"version": ""
1420
}
1521
],
1622
"dependencies": [
1723
{
1824
"dependsOn": [
19-
"some-library1"
25+
"some-library1",
26+
"some-library2"
2027
],
2128
"ref": "myApp"
2229
},
@@ -27,10 +34,13 @@
2734
"ref": "some-library1"
2835
},
2936
{
30-
"ref": "some-library1"
37+
"dependsOn": [
38+
"some-library3"
39+
],
40+
"ref": "some-library2"
3141
},
3242
{
33-
"ref": "some-library2"
43+
"ref": "some-library3"
3444
}
3545
],
3646
"metadata": {

tests/_data/snapshots/get_bom_for_issue941_nested_dependencies_irreversible_migrate-1.3.xml.bin

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,14 +16,22 @@
1616
<name>some-library</name>
1717
<version/>
1818
</component>
19+
<component type="library" bom-ref="some-library3">
20+
<name>some-other-library</name>
21+
<version/>
22+
</component>
1923
</components>
2024
<dependencies>
2125
<dependency ref="myApp">
2226
<dependency ref="some-library1">
2327
<dependency ref="some-library2"/>
2428
</dependency>
29+
<dependency ref="some-library2">
30+
<dependency ref="some-library3"/>
31+
</dependency>
2532
</dependency>
2633
<dependency ref="some-library1"/>
2734
<dependency ref="some-library2"/>
35+
<dependency ref="some-library3"/>
2836
</dependencies>
2937
</bom>

tests/_data/snapshots/get_bom_for_issue941_nested_dependencies_irreversible_migrate-1.4.json.bin

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -9,12 +9,18 @@
99
"bom-ref": "some-library2",
1010
"name": "some-library",
1111
"type": "library"
12+
},
13+
{
14+
"bom-ref": "some-library3",
15+
"name": "some-other-library",
16+
"type": "library"
1217
}
1318
],
1419
"dependencies": [
1520
{
1621
"dependsOn": [
17-
"some-library1"
22+
"some-library1",
23+
"some-library2"
1824
],
1925
"ref": "myApp"
2026
},
@@ -25,10 +31,13 @@
2531
"ref": "some-library1"
2632
},
2733
{
28-
"ref": "some-library1"
34+
"dependsOn": [
35+
"some-library3"
36+
],
37+
"ref": "some-library2"
2938
},
3039
{
31-
"ref": "some-library2"
40+
"ref": "some-library3"
3241
}
3342
],
3443
"metadata": {

tests/_data/snapshots/get_bom_for_issue941_nested_dependencies_irreversible_migrate-1.4.xml.bin

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,14 +13,21 @@
1313
<component type="library" bom-ref="some-library2">
1414
<name>some-library</name>
1515
</component>
16+
<component type="library" bom-ref="some-library3">
17+
<name>some-other-library</name>
18+
</component>
1619
</components>
1720
<dependencies>
1821
<dependency ref="myApp">
1922
<dependency ref="some-library1">
2023
<dependency ref="some-library2"/>
2124
</dependency>
25+
<dependency ref="some-library2">
26+
<dependency ref="some-library3"/>
27+
</dependency>
2228
</dependency>
2329
<dependency ref="some-library1"/>
2430
<dependency ref="some-library2"/>
31+
<dependency ref="some-library3"/>
2532
</dependencies>
2633
</bom>

0 commit comments

Comments
 (0)