Top Level Namespace

Defined Under Namespace

Classes: Bombuilder

Instance Method Summary collapse

Instance Method Details

#build_bom(gems) ⇒ Object 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'lib/bom_helpers.rb', line 9

def build_bom(gems)
  builder = Nokogiri::XML::Builder.new(:encoding => "UTF-8") do |xml|
    attributes = {"xmlns" => "http://cyclonedx.org/schema/bom/1.1", "version" => "1", "serialNumber" => random_urn_uuid}
    xml.bom(attributes) do
      xml.components {
        gems.each do |gem|
          xml.component("type" => "library") {
            xml.name gem["name"]
            xml.version gem["version"]
            xml.description gem["description"]
            xml.hashes{
              xml.hash_ gem["hash"], :alg => "SHA-256"
            }
            if gem["license_id"]
              xml.licenses {
                xml.license{
                  xml.id gem["license_id"]
                }
              } 
            elsif gem["license_name"]
              xml.licenses {
                xml.license{
                  xml.name gem["license_name"]
                }
              }
            end
            xml.purl gem["purl"]
          }
        end
      }
    end
  end 
  builder.to_xml
end

#get_gem(name, version) ⇒ Object 



44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/bom_helpers.rb', line 44

def get_gem(name, version)
  url = "https://rubygems.org/api/v1/versions/#{name}.json"
  begin
    response = RestClient.get(url)
    body = JSON.parse(response.body)
    body.select {|item| item["number"] == version.to_s}.first
  rescue 
    @logger.warn("#{name} couldn't be fetched")
    return nil
  end
end

#purl(name, version) ⇒ Object 



1
2
3
 
# File 'lib/bom_helpers.rb', line 1

def purl(name, version)
    purl = "pkg:gem/" + name + "@" + version.to_s
end

#random_urn_uuidObject 



5
6
7
 
# File 'lib/bom_helpers.rb', line 5

def random_urn_uuid()
  random_urn_uuid = "urn:uuid:" + SecureRandom.uuid
end