Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor toml and lock file in cargo parsing using @iarna/toml(#1592) #1595

Merged
merged 4 commits into from
Feb 18, 2025

Conversation

Code-Agitator
Copy link
Contributor

No description provided.

@Code-Agitator Code-Agitator requested a review from prabhu as a code owner January 24, 2025 09:57
// like `libc = 0.2.79`
version = dependencyNode;
} else if (
Object.prototype.toString.call(dependencyNode) === "[object Object]"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we use Object.keys(dependencyNode).length and the existing logic that use instanceOf operator to determine string for consistency?

Object.prototype.toString.call(dependencyNode) === "[object Object]"
) {
// like `libc = { version = "0.2.79", features = ['rustc-dep-of-std'], default-features = false }`
version = dependencyNode["version"];
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need dependencyNode?.version and dependencyNode?.git here or are those values always present?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, the value of dependencyNode always present here. But you're right, using dependencyNode?.version can make the code less prone to exceptions.

// parse `[[package]]`
if (
packageNode &&
Object.prototype.toString.call(packageNode) === "[object Array]"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we use Array.isArray here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, using Array.isArray would indeed be better here.

@prabhu
Copy link
Collaborator

prabhu commented Jan 24, 2025

Looks very good. Just few minor comments.

pkg.repository = { url: pkgRepository };
}
if (pkgLicense) {
pkg.license = pkgLicense;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Repotests is complaining about this line. Any ideas?

@Code-Agitator
Copy link
Contributor Author

@prabhu Thank you so much for taking the time to review my code and provide such feedback.

@prabhu
Copy link
Collaborator

prabhu commented Jan 26, 2025

Looking forward to the updates. Will be a great improvement.

@prabhu
Copy link
Collaborator

prabhu commented Jan 28, 2025

@Code-Agitator Any chance we can get this completed this week?

@Code-Agitator
Copy link
Contributor Author

@Code-Agitator Any chance we can get this completed this week?

Almost done!I will be back from the public holiday next week, will commit my last changes asap😁

@Code-Agitator Code-Agitator force-pushed the refactor/cargo-toml branch 4 times, most recently from 6ba6cb6 to dee8078 Compare February 7, 2025 07:51
@Code-Agitator
Copy link
Contributor Author

@prabhu I have already completed my work. This PR is now ready for your review. Thank you for your time and feedback!🌹

@prabhu prabhu force-pushed the refactor/cargo-toml branch from dee8078 to 1c252e4 Compare February 13, 2025 12:55
@prabhu
Copy link
Collaborator

prabhu commented Feb 13, 2025

@Code-Agitator Some test failures. https://github.com/CycloneDX/cdxgen/actions/runs/13308250298/job/37164145740#step:106:3518

/home/runner/work/cdxgen/cdxgen/node_modules/.pnpm/@iarna+toml@2.2.5/node_modules/@iarna/toml/lib/toml-parser.js:541
        throw this.error(new TomlError('Unexpected character, expected "inf", "+inf" or "-inf"'))
                         ^

TomlError: Unexpected character, expected "inf", "+inf" or "-inf" at row 8, col 9, pos 108:
7: [invalid-section]
8> key = invalid-value
           ^
9: 


    at TOMLParser.parseInf2 (/home/runner/work/cdxgen/cdxgen/node_modules/.pnpm/@iarna+toml@2.2.5/node_modules/@iarna/toml/lib/toml-parser.js:541:26)
    at TOMLParser.runOne (/home/runner/work/cdxgen/cdxgen/node_modules/.pnpm/@iarna+toml@2.2.5/node_modules/@iarna/toml/lib/parser.js:64:30)
    at TOMLParser.parse (/home/runner/work/cdxgen/cdxgen/node_modules/.pnpm/@iarna+toml@2.2.5/node_modules/@iarna/toml/lib/parser.js:45:22)
    at Object.parseString [as parse] (/home/runner/work/cdxgen/cdxgen/node_modules/.pnpm/@iarna+toml@2.2.5/node_modules/@iarna/toml/parse-string.js:13:12)
    at parseCargoTomlData (file:///home/runner/work/cdxgen/cdxgen/lib/helpers/utils.js:7574:26)
    at createRustBom (file:///home/runner/work/cdxgen/cdxgen/lib/cli/index.js:4023:25)
    at async createBom (file:///home/runner/work/cdxgen/cdxgen/lib/cli/index.js:7222:12)
    at async file:///home/runner/work/cdxgen/cdxgen/bin/cdxgen.js:731:20 {
  fromTOML: true,
  wrapped: null,
  line: 7,
  col: 8,
  pos: 108
}

Node.js v23.7.0

Any ideas how we can fix this? I had rebased and force pushed to this branch, so you may have to clone again to fix it.

@prabhu
Copy link
Collaborator

prabhu commented Feb 14, 2025

Shall I take over this?

Code-Agitator and others added 3 commits February 18, 2025 16:13

Verified

This commit was signed with the committer’s verified signature.
prabhu prabhu
…oneDX#1592)

Signed-off-by: Lizhe Lv <agitatorlv@gmail.com>

Verified

This commit was signed with the committer’s verified signature.
prabhu prabhu
Signed-off-by: Lizhe Lv <agitatorlv@gmail.com>
lint

Verified

This commit was signed with the committer’s verified signature.
prabhu prabhu
Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
@prabhu prabhu force-pushed the refactor/cargo-toml branch from 6ac09f3 to 510b49b Compare February 18, 2025 16:14
Bug fix

Verified

This commit was signed with the committer’s verified signature.
prabhu prabhu
Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
@prabhu
Copy link
Collaborator

prabhu commented Feb 18, 2025

Hopefully, this is now ready to be merged.

@prabhu prabhu merged commit 290be6e into CycloneDX:master Feb 18, 2025
29 checks passed
@Code-Agitator
Copy link
Contributor Author

Hopefully, this is now ready to be merged.

Oh, I’m sorry! I’ve been a bit busy lately. It looks like you’ve already taken care of things—thanks for your work!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants