Skip to content

Commit

Permalink
prep demo
Browse files Browse the repository at this point in the history
Signed-off-by: Jan Kowalleck <[email protected]>
  • Loading branch information
jkowalleck committed Nov 12, 2022
1 parent f4411da commit 2983707
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 4 deletions.
3 changes: 1 addition & 2 deletions HISTORY.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,9 @@ All notable changes to this project will be documented in this file.
* Misc
* Added test for flattened results (via [#312])

[#312]: https://github.com/CycloneDX/cyclonedx-node-npm/pull/312

[#306]: https://github.com/CycloneDX/cyclonedx-node-npm/issues/306
[#309]: https://github.com/CycloneDX/cyclonedx-node-npm/pull/309
[#312]: https://github.com/CycloneDX/cyclonedx-node-npm/pull/312

## 1.6.0 - 2022-11-12

Expand Down
3 changes: 2 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -83,9 +83,10 @@ Options:
(can be set multiple times)
(choices: "dev", "optional", "peer", default: "dev" if the NODE_ENV environment variable is set to "production", otherwise empty)
--flatten-components Whether to flatten the components.
Enabling this feature means the actual nesting of node packages is not represented in the SBOM result.
Enabling this feature means the actual nesting of node packages is not represented in the SBOM result, which causes a massive information loss.
(default: false)
--deduplicate-components Whether to artificially de-duplicate the node packages.
Enabling this feature means the actual multiple/parallel installed instances of a packages are displayed as one component, which causes a massive information loss.
Enabling this feature implies option "--flatten-components=true"
(default: false)
--short-PURLs Omit all qualifiers from PackageURLs.
Expand Down
10 changes: 10 additions & 0 deletions demo/gen-boms.sh
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,16 @@ do
--output-format "$format" \
--output-file "$result_dir/flat/bom.$spec.$format" \
"$package"

echo ">>> $result_dir $spec $format deduplicated"
mkdir -p "$result_dir/deduplicated"
node -- "$BIN_CDX_N" \
--deduplicate-components \
--spec-version "$spec" \
--output-reproducible \
--output-format "$format" \
--output-file "$result_dir/deduplicated/bom.$spec.$format" \
"$package"
done
done
done
3 changes: 2 additions & 1 deletion src/cli.ts
Original file line number Diff line number Diff line change
Expand Up @@ -87,12 +87,13 @@ function makeCommand (process: NodeJS.Process): Command {
new Option(
'--flatten-components',
'Whether to flatten the components.\n' +
'Enabling this feature means the actual nesting of node packages is not represented in the SBOM result.'
'Enabling this feature means the actual nesting of node packages is not represented in the SBOM result, which causes a massive information loss.'
).default(false)
).addOption(
new Option(
'--deduplicate-components',
'Whether to artificially de-duplicate the node packages.\n' +
'Enabling this feature means the actual multiple/parallel installed instances of a packages are displayed as one component, which causes a massive information loss.\n' +
'Enabling this feature implies option "--flatten-components=true"'
).default(false)
).addOption(
Expand Down

0 comments on commit 2983707

Please sign in to comment.