Skip to content

Plugfest-in-a-box 1.2.2 Pre-Release #235

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
amandanitta wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Plugfest-in-a-box 1.2.2 Pre-Release #235

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
85b0c92
Fix compare
JorWo Dec 21, 2023
9c28e21
Update changelog
JorWo Dec 21, 2023
6b789ef
Merge pull request #233 from SoftwareDesignLab/dev-fixCompare
amandanitta Dec 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 29 additions & 33 deletions core/src/main/java/org/nvip/plugfest/tooling/differ/DiffReport.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@
import org.nvip.plugfest.tooling.differ.conflicts.SBOMConflictType;
import org.nvip.plugfest.tooling.sbom.Component;
import org.nvip.plugfest.tooling.sbom.SBOM;
import org.nvip.plugfest.tooling.sbom.uids.PURL;

import java.util.*;

Expand Down Expand Up @@ -77,7 +76,7 @@ public void setMetadataSimilarity(int similarity) {
* @param similarity similarity amount
*/
public void setComponentSimilarity(int similarity) {
this.metadataSimilarity = similarity;
this.componentSimilarity = similarity;
}

/**
Expand Down Expand Up @@ -153,13 +152,10 @@ public DiffReport(String targetUID, SBOM targetSBOM){
*/
public void compare(String otherUID, SBOM otherSBOM) {

int similarity = 0;

ConflictBody body = new ConflictBody();
// Compare SBOM level differences
compareSBOMs(otherSBOM, body);
// Compare Component level Differences

body.setComponentSimilarity(compareComponents(otherSBOM.getAllComponents(), body));

// Add similarity to report
Expand Down Expand Up @@ -248,8 +244,8 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
continue;

// add to target map
targetComponentMap.put(targetComponent.getName(), targetComponent);
targetComponentNames.add(targetComponent.getName());
targetComponentMap.put(targetComponent.toString(), targetComponent);
targetComponentNames.add(targetComponent.toString());
}

// Check to see if all other components are in target
Expand All @@ -259,16 +255,16 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
continue;

// add to other map
otherComponentNames.add(otherComponent.getName());
otherComponentNames.add(otherComponent.toString());

// Check to see if target SBOM contains the other component
if (!targetComponentMap.containsKey(otherComponent.getName())) {
if (!targetComponentNames.contains(otherComponent.toString())) {
// target doesn't contain other component
ComponentConflict conflict = new ComponentConflict(null, otherComponent);
componentConflicts.add(conflict);
} else {
// Compare the two
ComponentConflict conflict = new ComponentConflict(targetComponentMap.get(otherComponent.getName()), otherComponent);
ComponentConflict conflict = new ComponentConflict(targetComponentMap.get(otherComponent.toString()), otherComponent);

// add new conflict to existing conflict
if (conflict.getConflictTypes().size() > 0)
Expand All @@ -280,10 +276,10 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
}

// Check to see if target SBOM contains the other component
for (String targetComponent : targetComponentNames) {
if (!otherComponentNames.contains(targetComponent)) {
for (String targetComponentName : targetComponentNames) {
if (!otherComponentNames.contains(targetComponentName)) {
// other doesn't contain target component
ComponentConflict conflict = new ComponentConflict(targetComponentMap.get(targetComponent), null);
ComponentConflict conflict = new ComponentConflict(targetComponentMap.get(targetComponentName), null);
componentConflicts.add(conflict);
}

Expand All @@ -299,8 +295,8 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
switch (ct) {
// todo need better way to handle this
case COMPONENT_NOT_FOUND -> {
targetValue = conflict.getComponentA() == null ? null : conflict.getComponentA().getName();
otherValue = conflict.getComponentB() == null ? null : conflict.getComponentB().getName();
targetValue = conflict.getComponentA() == null ? null : conflict.getComponentA().toString();
otherValue = conflict.getComponentB() == null ? null : conflict.getComponentB().toString();
}
case COMPONENT_VERSION_MISMATCH -> {
targetValue = conflict.getComponentA().getVersion();
Expand All @@ -318,15 +314,15 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
licenseB.removeAll(conflict.getComponentA().getLicenses());
for (String license : licenseA) {
body.addComponentConflict(
conflict.getComponentA().getName(),
conflict.getComponentB().getName(),
conflict.getComponentA().toString(),
conflict.getComponentB().toString(),
new ConflictData(COMPONENT_LICENSE_MISMATCH.name(), license, null)
);
}
for (String license : licenseB) {
body.addComponentConflict(
conflict.getComponentB().getName(),
conflict.getComponentA().getName(),
conflict.getComponentB().toString(),
conflict.getComponentA().toString(),
new ConflictData(COMPONENT_LICENSE_MISMATCH.name(), null, license)
);
}
Expand All @@ -350,15 +346,15 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
cpeB.removeAll(conflict.getComponentA().getCpes());
for (String cpe : cpeA) {
body.addComponentConflict(
conflict.getComponentA().getName(),
conflict.getComponentB().getName(),
conflict.getComponentA().toString(),
conflict.getComponentB().toString(),
new ConflictData(COMPONENT_CPE_MISMATCH.name(), cpe, null)
);
}
for (String cpe : cpeB) {
body.addComponentConflict(
conflict.getComponentB().getName(),
conflict.getComponentA().getName(),
conflict.getComponentB().toString(),
conflict.getComponentA().toString(),
new ConflictData(COMPONENT_CPE_MISMATCH.name(), null, cpe)
);
}
Expand All @@ -374,15 +370,15 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
purlB.removeAll(conflict.getComponentA().getPurls());
for (String purl : purlA) {
body.addComponentConflict(
conflict.getComponentA().getName(),
conflict.getComponentB().getName(),
conflict.getComponentA().toString(),
conflict.getComponentB().toString(),
new ConflictData(COMPONENT_PURL_MISMATCH.name(), purl, null)
);
}
for (String purl : purlB) {
body.addComponentConflict(
conflict.getComponentB().getName(),
conflict.getComponentA().getName(),
conflict.getComponentB().toString(),
conflict.getComponentA().toString(),
new ConflictData(COMPONENT_PURL_MISMATCH.name(), null, purl)
);
}
Expand All @@ -398,15 +394,15 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
swidB.removeAll(conflict.getComponentA().getSwids());
for (String swid : swidA) {
body.addComponentConflict(
conflict.getComponentA().getName(),
conflict.getComponentB().getName(),
conflict.getComponentA().toString(),
conflict.getComponentB().toString(),
new ConflictData(COMPONENT_SWID_MISMATCH.name(), swid, null)
);
}
for (String swid : swidB) {
body.addComponentConflict(
conflict.getComponentB().getName(),
conflict.getComponentA().getName(),
conflict.getComponentB().toString(),
conflict.getComponentA().toString(),
new ConflictData(COMPONENT_SWID_MISMATCH.name(), null, swid)
);
}
Expand All @@ -426,8 +422,8 @@ private int compareComponents(Set<Component> otherComponents, ConflictBody body)
}
}

String targetIdentifier = conflict.getComponentA() == null ? MISSING_TAG : conflict.getComponentA().getName();
String conflictIdentifier = conflict.getComponentB() == null ? MISSING_TAG : conflict.getComponentB().getName();
String targetIdentifier = conflict.getComponentA() == null ? MISSING_TAG : conflict.getComponentA().getUniqueID();
String conflictIdentifier = conflict.getComponentB() == null ? MISSING_TAG : conflict.getComponentB().getUniqueID();

// Skip if keys are null
if(targetIdentifier == null || conflictIdentifier == null)
Expand Down
8 changes: 6 additions & 2 deletions doc/changelog.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,15 @@ and this project adheres to [Semantic Versioning](http://semver.org/).

Beta
---
## [1.2.1] - 2013-11-29
## [1.2.2] - 2023-12-20
### Fixed
- Fixed similarity counts for components in `DiffReport`

## [1.2.1] - 2023-11-29
### Fixed
- If select all was pressed first on compare than it would always compare all sboms even if one was unchecked

## [1.2.0] - 2013-11-28
## [1.2.0] - 2023-11-28
### Added
- `DiffReport` now tracks similarity and difference count for metadata and components
- Download button added to compare and metrics
Expand Down