Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow searching by CPE and provide CPE information #1149

Merged
merged 9 commits into from
Jan 17, 2025
Merged

Allow searching by CPE and provide CPE information #1149

merged 9 commits into from
Jan 17, 2025

Conversation

ctron
Copy link
Contributor

@ctron ctron commented Jan 16, 2025
edited
Loading

  • Handle the case of multiple CPEs and PURLs
  • Refactor away from a global, singleton instance
  • Fix an issue with nodes which aren't packages
  • Allow searching for CPEs with the analysis graph
  • Allow querying the database for SBOMs by CPE
  • Add more unit tests

Closes #1137

@ctron ctron added the enhancement New feature or request label Jan 16, 2025
JimFuller-RedHat
JimFuller-RedHat approved these changes Jan 16, 2025
View reviewed changes
Copy link
Collaborator

@JimFuller-RedHat JimFuller-RedHat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a big update - some of it concerned with much better code layout and I appreciate you taking the time/effort to clean up my crappy code ;) ... otherwise everything makes sense LGTM ... I would rather get this in so I can test at scale to make sure (before we do a new release).

@ctron ctron force-pushed the feature/cpe_ref_1 branch 2 times, most recently from fbcc8dc to 7634f28 Compare January 16, 2025 13:42
@ctron ctron force-pushed the feature/cpe_ref_1 branch from 7afe830 to 7f36cdf Compare January 17, 2025 08:02
@ctron ctron marked this pull request as ready for review January 17, 2025 10:35
@ctron
Copy link
Contributor Author

ctron commented Jan 17, 2025

@chirino I think this PR might also partially close #1151, as it ingests the pedigree information.

@ctron ctron added this pull request to the merge queue Jan 17, 2025
@ctron ctron removed this pull request from the merge queue due to a manual request Jan 17, 2025
@ctron ctron added this pull request to the merge queue Jan 17, 2025
@ctron ctron removed this pull request from the merge queue due to a manual request Jan 17, 2025
@ctron ctron added this pull request to the merge queue Jan 17, 2025
@ctron ctron removed this pull request from the merge queue due to a manual request Jan 17, 2025
JimFuller-RedHat
JimFuller-RedHat approved these changes Jan 17, 2025
View reviewed changes
Copy link
Collaborator

@JimFuller-RedHat JimFuller-RedHat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes the code clearer, better perforrming and glad to see CPE surfaced up ... oh and thx for fixing global graph ... I still do not know what my rationale was but glad to see it back in the service LGTM

jcrossley3
jcrossley3 reviewed Jan 17, 2025
View reviewed changes
modules/fundamental/src/test/common.rs
@@ -1,3 +1,4 @@
use trustify_module_analysis::service::AnalysisService;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've had other reasons for wanting to move analysis beneath fundamental, fwiw

@ctron ctron added this pull request to the merge queue Jan 17, 2025
Merged via the queue into trustification:main with commit c7be980 Jan 17, 2025
3 checks passed
@ctron ctron deleted the feature/cpe_ref_1 branch January 17, 2025 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jcrossley3 jcrossley3 jcrossley3 left review comments

@JimFuller-RedHat JimFuller-RedHat JimFuller-RedHat approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
Trustify
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Denote cpe/pURL aliases on a single component from CYCLONEDX
3 participants
@ctron @jcrossley3 @JimFuller-RedHat