From a3a35343ca187bfa87e2c3a848003f3020f8e641 Mon Sep 17 00:00:00 2001 From: Melba Lopez Date: Wed, 28 Jun 2023 23:39:32 -0500 Subject: [PATCH] Initial commit for addressing Issue #2737 Signed-off-by: Melba Lopez --- .../java/org/dependencytrack/model/Component.java | 14 ++++++++++++++ .../parser/cyclonedx/util/ModelConverter.java | 2 ++ .../tasks/BomUploadProcessingTask.java | 3 +++ 3 files changed, 19 insertions(+) diff --git a/src/main/java/org/dependencytrack/model/Component.java b/src/main/java/org/dependencytrack/model/Component.java index a06542612e..91d60b2ce9 100644 --- a/src/main/java/org/dependencytrack/model/Component.java +++ b/src/main/java/org/dependencytrack/model/Component.java @@ -115,6 +115,12 @@ public enum FetchGroup { @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS, message = "The publisher may only contain printable characters") private String publisher; + @Persistent /**Issue #2373, #2737 */ + @Column(name = "SUPPLIER", jdbcType = "VARCHAR") + @Size(max = 255) + @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS, message = "The supplier may only contain printable characters") + private String supplier; + @Persistent @Column(name = "GROUP", jdbcType = "VARCHAR") @Index(name = "COMPONENT_GROUP_IDX") @@ -382,6 +388,14 @@ public void setPublisher(String publisher) { this.publisher = publisher; } + public String getSupplier() {/**Issue #2373, #2737 */ + return supplier; + } + + public void setSupplier(String supplier) {/**Issue #2373, #2737 */ + this.supplier = supplier; + } + public String getGroup() { return group; } diff --git a/src/main/java/org/dependencytrack/parser/cyclonedx/util/ModelConverter.java b/src/main/java/org/dependencytrack/parser/cyclonedx/util/ModelConverter.java index cde709bdd1..9a9c405ea8 100644 --- a/src/main/java/org/dependencytrack/parser/cyclonedx/util/ModelConverter.java +++ b/src/main/java/org/dependencytrack/parser/cyclonedx/util/ModelConverter.java @@ -104,6 +104,7 @@ public static Component convert(final QueryManager qm, final org.cyclonedx.model component.setAuthor(StringUtils.trimToNull(cycloneDxComponent.getAuthor())); component.setBomRef(StringUtils.trimToNull(cycloneDxComponent.getBomRef())); component.setPublisher(StringUtils.trimToNull(cycloneDxComponent.getPublisher())); + component.setSupplier(StringUtils.trimToNull(cycloneDxComponent.getSupplier()));/**Issue #2373, #2737 */ component.setGroup(StringUtils.trimToNull(cycloneDxComponent.getGroup())); component.setName(StringUtils.trimToNull(cycloneDxComponent.getName())); component.setVersion(StringUtils.trimToNull(cycloneDxComponent.getVersion())); @@ -313,6 +314,7 @@ public static org.cyclonedx.model.Metadata createMetadata(final Project project) cycloneComponent.setBomRef(project.getUuid().toString()); cycloneComponent.setAuthor(StringUtils.trimToNull(project.getAuthor())); cycloneComponent.setPublisher(StringUtils.trimToNull(project.getPublisher())); + cycloneComponent.setSupplier(StringUtils.trimToNull(project.getSupplier()));/**Issue #2373, #2737 */ cycloneComponent.setGroup(StringUtils.trimToNull(project.getGroup())); cycloneComponent.setName(StringUtils.trimToNull(project.getName())); if (StringUtils.trimToNull(project.getVersion()) == null) { diff --git a/src/main/java/org/dependencytrack/tasks/BomUploadProcessingTask.java b/src/main/java/org/dependencytrack/tasks/BomUploadProcessingTask.java index 89702e0102..efaeec72cd 100644 --- a/src/main/java/org/dependencytrack/tasks/BomUploadProcessingTask.java +++ b/src/main/java/org/dependencytrack/tasks/BomUploadProcessingTask.java @@ -109,8 +109,11 @@ public void inform(final Event e) { if (project.getClassifier() == null) { final var classifier = Optional.ofNullable(cycloneDxBom.getMetadata()) .map(org.cyclonedx.model.Metadata::getComponent) + .map(org.cyclonedx.model.Metadata::getSupplier) /**Issue #2373, #2737 */ + .map(org.cyclonedx.model.Metadata::getManufacture) .map(org.cyclonedx.model.Component::getType) .map(org.cyclonedx.model.Component.Type::name) + .map(org.cyclonedx.model.Component::getSupplier) /**Issue #2373, #2737 */ .map(Classifier::valueOf) .orElse(Classifier.APPLICATION); project.setClassifier(classifier);