debian-mirror-gitlab/lib/gitlab/ci/reports/sbom/component.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

45 lines
1.1 KiB
Ruby
Raw Normal View History

2022-08-27 11:52:29 +05:30
# frozen_string_literal: true
module Gitlab
module Ci
module Reports
module Sbom
class Component
attr_reader :component_type, :name, :version
2023-01-13 00:05:48 +05:30
def initialize(type:, name:, purl:, version:)
2022-10-11 01:57:18 +05:30
@component_type = type
@name = name
2023-01-13 00:05:48 +05:30
@purl = purl
2022-10-11 01:57:18 +05:30
@version = version
2022-08-27 11:52:29 +05:30
end
2023-01-13 00:05:48 +05:30
def ingestible?
supported_component_type? && supported_purl_type?
end
def purl
return unless @purl
::Sbom::PackageUrl.parse(@purl)
end
private
def supported_component_type?
::Enums::Sbom.component_types.include?(component_type.to_sym)
end
def supported_purl_type?
2023-04-23 21:23:45 +05:30
# the purl type is not required as per the spec: https://cyclonedx.org/docs/1.4/json/#components_items_purl
2023-01-13 00:05:48 +05:30
return true unless purl
2023-04-23 21:23:45 +05:30
# however, if the purl type is provided, it _must be valid_
2023-01-13 00:05:48 +05:30
::Enums::Sbom.purl_types.include?(purl.type.to_sym)
end
2022-08-27 11:52:29 +05:30
end
end
end
end
end