// default = text /// <summary> /// Build a SARIF Result.Location object for the purl package /// </summary> /// <param name="purl">The <see cref="PackageURL"/> to build the location for.</param> /// <returns>Location list with single location object</returns> public static List <Location> BuildPurlLocation(PackageURL purl) { BaseProjectManager?projectManager = ProjectManagerFactory.ConstructPackageManager(purl, null); if (projectManager == null) { Logger.Debug("Cannot determine the package type"); return(new List <Location>()); } return(new List <Location>() { new Location() { PhysicalLocation = new PhysicalLocation() { Address = new Address() { FullyQualifiedName = projectManager.GetPackageAbsoluteUri(purl)?.AbsoluteUri, AbsoluteAddress = PHYSICAL_ADDRESS_FLAG, // Sarif format needs non negative integer Name = purl.ToString() } } } }); }
/// <summary> /// try to resolve the source code for an npm package through different means /// 1) Look at the metadata /// 2) Try searching github /// 3) Try calculating metrics for same name repos /// </summary> /// <param name="package_name"> </param> /// <returns> </returns> public async Task <Dictionary <PackageURL, double> > ResolvePackageLibraryAsync(PackageURL purl) { Logger.Trace("ResolvePackageLibraryAsync({0})", purl); var repoMappings = new Dictionary <PackageURL, double>(); if (purl == null) { return(repoMappings); } var purlNoVersion = new PackageURL(purl.Type, purl.Namespace, purl.Name, null, purl.Qualifiers, purl.Subpath); Logger.Debug("Searching for source code for: {0}", purlNoVersion.ToString()); // Use reflection to find the correct downloader class var projectManager = ProjectManagerFactory.CreateProjectManager(purl, null); if (projectManager != null) { repoMappings = await projectManager.IdentifySourceRepository(purl); if (repoMappings == null || !repoMappings.Any()) { repoMappings = new Dictionary <PackageURL, double>(); Logger.Info("No repositories were found after searching metadata."); } } else { throw new ArgumentException("Invalid Package URL type: {0}", purlNoVersion.Type); } return(repoMappings); }
/// <summary> /// Initializes a new instance of the <see cref="RepoSearch"/> class. /// </summary> /// <param name="projectManagerFactory">The <see cref="ProjectManagerFactory"/> to generate the project managers with.</param> public RepoSearch(ProjectManagerFactory projectManagerFactory) { _projectManagerFactory = projectManagerFactory; }