Fix group vs name in CycloneDX output

RetireJS · Sep 26, 2024 · dfeccaf · dfeccaf
1 parent 43b02c8
commit dfeccaf
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## 1.6.5
+
+### Bugfix
+
+* Fix group vs name for scoped names in CycloneDX output
+
 ## 1.6.4
 
 ### Improvements

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "author": "Erlend Oftedal <[email protected]>",
   "name": "retire-site-scanner",
-  "version": "1.6.4",
+  "version": "1.6.5",
   "license": "Apache-2.0",
   "description": "A scanner for checking a web site using retire.js",
   "main": "dist/index.js",

diff --git a/src/log.ts b/src/log.ts
@@ -72,6 +72,7 @@ type CycloneDXComponent = {
   name: string;
   version: string;
   "bom-ref": string;
+  group?: string;
   purl?: string;
   licenses?: Array<{
     license?: {
@@ -208,10 +209,12 @@ export function convertToCycloneDX(resultToConvert: typeof collectedResults) {
     res.results.forEach((c) => {
       const key = c.component + "@" + c.version;
       const found = components.has(key);
+      const nameParts = c.component.split("/").reverse();
       const comp: CycloneDXComponent = components.get(key) || {
         type: "library",
         "bom-ref": randomUUID(),
-        name: c.component,
+        name: nameParts[0],
+        group: nameParts[1],
         version: c.version,
         purl: generatePURL(c),
         properties: [],