diff --git a/README.md b/README.md index 908e2578..a8f2c1ce 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ Then, import the bundle into your project using `yarn import ...`, or reference it in environment variable [`YARN_PLUGINS`](https://yarnpkg.com/advanced/plugin-tutorial#dynamically-loading-plugins-using-the-yarn_plugins-environment-variable) — like so: ```shell -YARN_PLUGINS=.../bundles/@yarnpkg/plugin-sbom.js yarn sbom --help +YARN_PLUGINS=.../bundles/@yarnpkg/plugin-cyclonedx.js yarn sbom --help ``` ## Usage @@ -53,7 +53,7 @@ Generates CycloneDX SBOM for current workspace. ━━━ Usage ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ -$ yarn CycloneDX make-sbom +$ yarn cyclonedx ━━━ Options ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ diff --git a/package.json b/package.json index 0b08b7f2..50bc00be 100644 --- a/package.json +++ b/package.json @@ -1,8 +1,38 @@ { "private": true, - "name": "yarn-plugin-sbom", + "name": "@cyclonedx/yarn-plugin-cyclonedx", "version": "1.0-dev", "license": "Apache-2.0", + "homepage": "https://github.com/CycloneDX/cyclonedx-node-yarn#readme", + "repository": { + "type": "git", + "url": "git+https://github.com/CycloneDX/cyclonedx-node-yarn.git" + }, + "bugs": { + "url": "https://github.com/CycloneDX/cyclonedx-node-yarn/issues" + }, + "funding": [ + { + "type": "individual", + "url": "https://owasp.org/donate/?reponame=www-project-cyclonedx&title=OWASP+CycloneDX" + } + ], + "contributors": [ + { + "name": "Jan Kowalleck", + "url": "https://github.com/jkowalleck" + }, + { + "name": "Augustus Kling", + "url": "https://github.com/AugustusKling" + } + ], + "maintainers": [ + { + "name": "Jan Kowalleck", + "url": "https://github.com/jkowalleck" + } + ], "main": "./sources/index.ts", "engines": { "yarn": ">=4", @@ -50,7 +80,7 @@ "test:lint": "tsc --noEmit", "test:node": "c8 mocha -p", "cs-fix": "eslint --fix .", - "dogfooding": "YARN_PLUGINS=$PROJECT_CWD/bundles/@yarnpkg/plugin-sbom.js yarn sbom" + "dogfooding": "YARN_PLUGINS=$PROJECT_CWD/bundles/@yarnpkg/plugin-cyclonedx.js yarn cyclonedx" }, "packageManager": "yarn@4.1.0" } diff --git a/sources/index.ts b/sources/index.ts index 7a8b9533..9fba4046 100644 --- a/sources/index.ts +++ b/sources/index.ts @@ -33,8 +33,8 @@ import { generateSBOM, type OutputOptions, OutputStdOut } from './sbom' class SBOMCommand extends BaseCommand { static override readonly paths = [ + ['cyclonedx'], // <-- this is the preferred entry point ['CycloneDX', 'make-sbom'], - ['cyclonedx'], ['sbom'] ] diff --git a/tests/integration/index.test.js b/tests/integration/index.test.js index 5ce1055f..e7e10992 100644 --- a/tests/integration/index.test.js +++ b/tests/integration/index.test.js @@ -44,7 +44,7 @@ const latestCdxSpecVersion = '1.5' suite('integration', () => { const UPDATE_SNAPSHOTS = !!process.env.CYARN_TEST_UPDATE_SNAPSHOTS - const thisYarnPlugin = path.resolve(__dirname, '..', '..', 'bundles', '@yarnpkg', 'plugin-sbom.js') + const thisYarnPlugin = path.resolve(__dirname, '..', '..', 'bundles', '@yarnpkg', 'plugin-cyclonedx.js') suite('make SBOM', () => { testSetups.forEach((testSetup) => { @@ -52,7 +52,7 @@ suite('integration', () => { const expectedOutSnap = path.resolve(__dirname, '_snapshots', `${testSetup}.json.bin`) const makeSBOM = spawnSync( - 'yarn', ['sbom', + 'yarn', ['cyclonedx', '-vvv', '--reproducible', // no intention to test all the spec-versions nor all the output-formats - this would be not our scope. @@ -69,7 +69,7 @@ suite('integration', () => { YARN_PLUGINS: thisYarnPlugin } }) - assert.strictEqual(makeSBOM.status, 0, makeSBOM.stderr.toString()) + assert.strictEqual(makeSBOM.status, 0, makeSBOM.stdout) const actualOutput = makeReproducible('json', makeSBOM.stdout.toString()) diff --git a/yarn.lock b/yarn.lock index 94dc1085..0d0b9adb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -186,6 +186,38 @@ __metadata: languageName: node linkType: hard +"@cyclonedx/yarn-plugin-cyclonedx@workspace:.": + version: 0.0.0-use.local + resolution: "@cyclonedx/yarn-plugin-cyclonedx@workspace:." + dependencies: + "@cyclonedx/cyclonedx-library": "npm:^6.4.0" + "@types/mocha": "npm:^10.0.6" + "@types/node": "npm:ts5.4" + "@typescript-eslint/eslint-plugin": "npm:6.21.0" + "@typescript-eslint/parser": "npm:6.21.0" + "@yarnpkg/builder": "npm:4.0.0" + "@yarnpkg/cli": "npm:^4.1.0" + "@yarnpkg/core": "npm:^4.0.3" + c8: "npm:^9.1.0" + clipanion: "npm:^4.0.0-rc.3" + eslint: "npm:8.57.0" + eslint-config-standard: "npm:^17.1.0" + eslint-config-standard-with-typescript: "npm:43.0.1" + eslint-plugin-header: "npm:3.1.1" + eslint-plugin-import: "npm:2.29.1" + eslint-plugin-jsdoc: "npm:48.2.1" + eslint-plugin-n: "npm:16.6.2" + eslint-plugin-promise: "npm:6.1.1" + eslint-plugin-simple-import-sort: "npm:12.0.0" + mocha: "npm:10.3.0" + npm-run-all2: "npm:^6.1.2" + packageurl-js: "npm:^1.2.1" + rimraf: "npm:^5.0.5" + typescript: "npm:5.4.3" + xmlbuilder2: "npm:^3.1.1" + languageName: unknown + linkType: soft + "@es-joy/jsdoccomment@npm:~0.42.0": version: 0.42.0 resolution: "@es-joy/jsdoccomment@npm:0.42.0" @@ -5885,38 +5917,6 @@ __metadata: languageName: node linkType: hard -"yarn-plugin-sbom@workspace:.": - version: 0.0.0-use.local - resolution: "yarn-plugin-sbom@workspace:." - dependencies: - "@cyclonedx/cyclonedx-library": "npm:^6.4.0" - "@types/mocha": "npm:^10.0.6" - "@types/node": "npm:ts5.4" - "@typescript-eslint/eslint-plugin": "npm:6.21.0" - "@typescript-eslint/parser": "npm:6.21.0" - "@yarnpkg/builder": "npm:4.0.0" - "@yarnpkg/cli": "npm:^4.1.0" - "@yarnpkg/core": "npm:^4.0.3" - c8: "npm:^9.1.0" - clipanion: "npm:^4.0.0-rc.3" - eslint: "npm:8.57.0" - eslint-config-standard: "npm:^17.1.0" - eslint-config-standard-with-typescript: "npm:43.0.1" - eslint-plugin-header: "npm:3.1.1" - eslint-plugin-import: "npm:2.29.1" - eslint-plugin-jsdoc: "npm:48.2.1" - eslint-plugin-n: "npm:16.6.2" - eslint-plugin-promise: "npm:6.1.1" - eslint-plugin-simple-import-sort: "npm:12.0.0" - mocha: "npm:10.3.0" - npm-run-all2: "npm:^6.1.2" - packageurl-js: "npm:^1.2.1" - rimraf: "npm:^5.0.5" - typescript: "npm:5.4.3" - xmlbuilder2: "npm:^3.1.1" - languageName: unknown - linkType: soft - "yocto-queue@npm:^0.1.0": version: 0.1.0 resolution: "yocto-queue@npm:0.1.0"