CycloneDX · cerrussell · Dec 10, 2024 · Dec 11, 2024 · Dec 11, 2024 · Dec 15, 2024
@@ -22,26 +22,30 @@ jobs:
     steps:
 
       - uses: actions/checkout@v4
-
-      - name: Set up pnpm
-        uses: pnpm/action-setup@v4
+        with:
+          path: cdxgen_src
 
       -  name: cdxgen, custom-json-diff installs
          shell: bash
          env:
            SHELL: bash
          run: |
            rm -rf original_snapshots new_snapshots src_repos
+           cd cdxgen_src
+           corepack enable pnpm
            cdxgen_tarball=$(pnpm pack | tail -1)
            npm install -g "$cdxgen_tarball"
-           git clone https://github.com/appthreat/cdxgen-samples.git original_snapshots
+           cd ..
            python3.12 -m venv .venv
-           source .venv/bin/activate && pip install -r test/diff/requirements.txt
+           source .venv/bin/activate && pip install -r cdxgen_src/test/diff/requirements.txt
+           git clone https://github.com/appthreat/cdxgen-samples.git original_snapshots
+           cd original_snapshots
+           git checkout feature/expand_snapshots_3
 
       - name: Generate scripts
         run: |
           source .venv/bin/activate
-          python test/diff/generate.py
+          python cdxgen_src/test/diff/generate.py
 
       - name: Upload shell scripts generated as artifact
         uses: actions/upload-artifact@v4
@@ -65,7 +69,7 @@ jobs:
       - name: Test BOMs
         run: |
           source .venv/bin/activate
-          python test/diff/diff_tests.py --migrate-legacy
+          python cdxgen_src/test/diff/diff_tests.py --migrate-legacy
           if test -f new_snapshots/diffs.json; then
             echo "status=FAILED" >> "$GITHUB_ENV"
           fi

@@ -5618,6 +5618,9 @@ export function mergeDependencies(
     }
     if (adep["dependsOn"]) {
       for (const eachDepends of adep["dependsOn"]) {
+        if (!eachDepends){
+          continue
+        }
         if (parentRef) {
           if (eachDepends.toLowerCase() !== parentRef.toLowerCase()) {
             deps_map[adep.ref].add(eachDepends);
@@ -5630,6 +5633,9 @@ export function mergeDependencies(
     if (adep["provides"]) {
       providesFound = true;
       for (const eachProvides of adep["provides"]) {
+        if (!eachProvides){
+          continue
+        }
         if (
           parentRef &&
           eachProvides.toLowerCase() !== parentRef.toLowerCase()

@@ -18,14 +18,14 @@ def build_args():
     parser.add_argument(
         '--repo-csv',
         type=Path,
-        default='test/diff/repos.csv',
+        default='cdxgen_src/test/diff/repos.csv',
         help='Path to sources.csv',
         dest='repo_csv'
     )
     parser.add_argument(
         '--clone-dir',
         type=Path,
-        default=Path(f'{os.getenv("GITHUB_WORKSPACE")}/src_repos'),
+        default=f'{os.getenv("GITHUB_WORKSPACE")}/src_repos',
         help='Path to src_repos',
         dest='clone_dir'
     )
@@ -460,7 +460,7 @@ def run_pre_builds(repo_data, output_dir, debug_cmds, sdkman_sh):
     [
         cmds.extend(row['pre_build_cmd'].split(';'))
         for row in repo_data
-        if row['pre_build_cmd']
+        if row['pre_build_cmd'] and row['pre_build_cmd'].startswith('sdk use ')
     ]
     cmds = [cmd.lstrip().rstrip() for cmd in cmds]
     cmds = set(cmds)

@@ -12,4 +12,12 @@ jazzer,https://github.com/CodeIntelligenceTesting/jazzer.git,java8,8,,bazelisk,7
 tinydb,https://github.com/msiemens/tinydb.git,python,"3.9.20,3.10.15,3.11.10,3.12.7","pyproject.toml,poetry.lock",poetry,,,poetry install,,10644a0e07ad180c5b756aba272ee6b0dbd12df8
 funcy,https://github.com/Suor/funcy.git,python,"3.9.20,3.10.15",setup.py,pip,,rm test_requirements.txt,python setup.py install,,859056d039adea75c1c3550286437ce0b612fe92
 numpy,https://github.com/numpy/numpy.git,python-c,"3.9.20,3.10.15,3.11.10,3.12.7","setup.py,pyproject.toml",pip,,git submodule update --init,,,93fdebfcb4bc4cd53c959ccd0117a612d5f13f1a
-requests,https://github.com/psf/requests.git,python,"3.9.20,3.10.15,3.11.10,3.12.7","setup.py",,,,pip install .,,23540c93cac97c763fe59e843a08fa2825aa80fd
+requests,https://github.com/psf/requests.git,python,"3.9.20,3.10.15,3.11.10,3.12.7","setup.py",,,,pip install .,,23540c93cac97c763fe59e843a08fa2825aa80fd
+libretube,https://github.com/libre-tube/LibreTube.git,java17,,gradle.kts,gradle,,,,GRADLE_ARGS='clean assembleDebug -PjavacRelease=17' ANDROID_HOME=~/.android/android_sdk,bd855037be3127ba908a8e0f7763d6196961b7c4
+symfony,https://github.com/symfony/symfony.git,php,,,,,,,,95c43e38811a159c82112a13e631ee7121b83e54
+dependabot,https://github.com/dependabot/dependabot-core.git,ruby,,,,,,,,e1024fb85f0d9e3396feaab33ee44941bb6cc68a
+ng-select,https://github.com/ng-select/ng-select.git,typescript,,,yarn,,,corepack enable yarn;yarn install,,ba14f813135e6f910e2c39114e53ba291b943742
+ngx-bootstrap,https://github.com/valor-software/ngx-bootstrap.git,typescript,,,npm,,,npm install .,,c31c3caf63011743d4ce1adb185cf319a37fcc79
+plate,https://github.com/udecode/plate.git,typescript,,,yarn,,rm -rf templates,corepack enable yarn;yarn install,,24a683100edb6357fc45f043b29533e579ad1e19
+chartdb,https://github.com/chartdb/chartdb.git,typescript,,,npm,,,npm install .,,2b6b73326155f18d6d56779c0657a3506e2d2cde
+