Skip to content

Commit aef6ff9

Browse files
addaleaxaddaleax
authored
feat(sbom-tools): add CodeQL integration scripts (#325)
Usage (e.g. in mongosh): ``` npx mongodb-sbom-tools fetch-codeql-results \ --sarif-dest=.sbom/codeql.sarif.json \ --dependencies=.sbom/dependencies.json \ --exclude-repos=mongodb-js/kerberos && \ npx mongodb-sbom-tools sarif-to-markdown \ --sarif=.sbom/codeql.sarif.json \ --md=.sbom/codeql.md ```
1 parent 0463e25 commit aef6ff9

File tree

13 files changed

+1024
-13
lines changed

13 files changed

+1024
-13
lines changed

package-lock.json

Lines changed: 255 additions & 12 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/sbom-tools/package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,7 @@
7474
"webpack": "^5.82.0"
7575
},
7676
"dependencies": {
77+
"@octokit/rest": "^20.1.1",
7778
"@pkgjs/nv": "^0.2.1",
7879
"commander": "^10.0.1",
7980
"error-stack-parser": "^2.1.4",

packages/sbom-tools/src/bin.ts

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,10 +2,14 @@ import { program } from 'commander';
22
import { command as generate3rdPartyNotices } from './commands/generate-third-party-notices';
33
import { command as generateVulnerabilityReport } from './commands/generate-vulnerability-report';
44
import { command as scanNodeJs } from './commands/scan-node-js';
5+
import { command as fetchCodeQLResults } from './commands/fetch-codeql-results';
6+
import { command as sarifToMarkdown } from './commands/sarif-to-markdown';
57

68
export function main(argv: string[]): void {
79
program.addCommand(generateVulnerabilityReport);
810
program.addCommand(generate3rdPartyNotices);
911
program.addCommand(scanNodeJs);
12+
program.addCommand(fetchCodeQLResults);
13+
program.addCommand(sarifToMarkdown);
1014
program.parse(argv);
1115
}

0 commit comments

Comments
 (0)