From 6a7646ff544f677d501faff0653d7a05530b8c85 Mon Sep 17 00:00:00 2001 From: Emery Hemingway Date: Thu, 30 May 2024 19:13:31 +0300 Subject: [PATCH] Replace Nimble with CycloneDX --- Tupfile | 3 +- default.nix | 32 +-- sbom.json | 637 +++++++++++++++++++++++++++++++++++++++++ syndicate_utils.nimble | 67 ++++- 4 files changed, 712 insertions(+), 27 deletions(-) create mode 100644 sbom.json diff --git a/Tupfile b/Tupfile index eaaeaaf..18138ee 100644 --- a/Tupfile +++ b/Tupfile @@ -1,3 +1,2 @@ include_rules -: |> !nim_lk |> {lockfile} -: {lockfile} |> !nim_cfg |> | ./ +: sbom.json |> !sbom-to-nix |> | ./ diff --git a/default.nix b/default.nix index eb3bbc9..9b922a8 100644 --- a/default.nix +++ b/default.nix @@ -2,20 +2,18 @@ pkgs ? import { }, }: with pkgs; - -buildNimPackage { - pname = "syndicate_utils"; - version = "unstable"; - - src = if lib.inNixShell then null else lib.cleanSource ./.; - - buildInputs = [ - postgresql.out - sqlite - libxml2 - libxslt - openssl - ]; - - lockFile = ./lock.json; -} +let + buildNimSbom = pkgs.callPackage (import ) { }; +in +buildNimSbom ./sbom.json ( + final: prev: { + src = if lib.inNixShell then null else lib.cleanSource ./.; + buildInputs = [ + postgresql.out + sqlite + libxml2 + libxslt + openssl + ]; + } +) diff --git a/sbom.json b/sbom.json new file mode 100644 index 0000000..cb4ad9e --- /dev/null +++ b/sbom.json @@ -0,0 +1,637 @@ +{ + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "metadata": { + "component": { + "type": "application", + "bom-ref": "pkg:nim/syndicate_utils", + "name": "syndicate_utils", + "description": "Utilites for Syndicated Actors and Synit", + "version": "20240523", + "authors": [ + { + "name": "Emery Hemingway" + } + ], + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "properties": [ + { + "name": "nim:skipExt", + "value": "nim" + }, + { + "name": "nim:bin:postgre-actor", + "value": "postgre_actor" + }, + { + "name": "nim:bin:xslt-actor", + "value": "xslt_actor" + }, + { + "name": "nim:bin:preserve-process-environment", + "value": "preserve_process_environment" + }, + { + "name": "nim:bin:mintsturdyref", + "value": "mintsturdyref" + }, + { + "name": "nim:bin:msg", + "value": "msg" + }, + { + "name": "nim:bin:rofi-script-actor", + "value": "rofi_script_actor" + }, + { + "name": "nim:bin:syndesizer", + "value": "syndesizer" + }, + { + "name": "nim:bin:http-client", + "value": "http_client" + }, + { + "name": "nim:bin:mount-actor", + "value": "mount_actor" + }, + { + "name": "nim:bin:syndump", + "value": "syndump" + }, + { + "name": "nim:srcDir", + "value": "src" + }, + { + "name": "nim:backend", + "value": "c" + } + ] + } + }, + "components": [ + { + "type": "library", + "bom-ref": "pkg:nim/syndicate", + "name": "syndicate", + "version": "20240522", + "externalReferences": [ + { + "url": "https://git.syndicate-lang.org/ehmry/syndicate-nim/archive/3a4dc1f13392830b587138199643d30fdbec8541.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://git.syndicate-lang.org/ehmry/syndicate-nim.git", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/aixbd9di4671hm3bg92xsxwhqp4mbs1g-source" + }, + { + "name": "nix:fod:rev", + "value": "7ab4611824b676157523f2618e7893d5ac99e4f2" + }, + { + "name": "nix:fod:sha256", + "value": "0i53g3578h84gp2lbwx1mddhyh8jrpzdq9h70psqndlgqcg62d59" + }, + { + "name": "nix:fod:url", + "value": "https://git.syndicate-lang.org/ehmry/syndicate-nim/archive/7ab4611824b676157523f2618e7893d5ac99e4f2.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "20240522" + }, + { + "name": "nix:fod:srcDir", + "value": "src" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/preserves", + "name": "preserves", + "version": "20240523", + "externalReferences": [ + { + "url": "https://git.syndicate-lang.org/ehmry/preserves-nim/archive/1fee87590940761e288cf9ab3c7270832403b719.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://git.syndicate-lang.org/ehmry/preserves-nim.git", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/mcwpm48hwm9fwdc0v84cjj773gjzjc0a-source" + }, + { + "name": "nix:fod:rev", + "value": "ed065fcc2da71c20a0d5f9972cef2b3261c04727" + }, + { + "name": "nix:fod:sha256", + "value": "1jg67izq09mny3n4gpvr9b0b9sbc1gnr9nxj7l43i36sscnnzxr6" + }, + { + "name": "nix:fod:url", + "value": "https://git.syndicate-lang.org/ehmry/preserves-nim/archive/ed065fcc2da71c20a0d5f9972cef2b3261c04727.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "20240523" + }, + { + "name": "nix:fod:srcDir", + "value": "src" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/sys", + "name": "sys", + "version": "4ef3b624db86e331ba334e705c1aa235d55b05e1", + "externalReferences": [ + { + "url": "https://github.com/ehmry/nim-sys/archive/4ef3b624db86e331ba334e705c1aa235d55b05e1.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://github.com/ehmry/nim-sys.git", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/syhxsjlsdqfap0hk4qp3s6kayk8cqknd-source" + }, + { + "name": "nix:fod:rev", + "value": "4ef3b624db86e331ba334e705c1aa235d55b05e1" + }, + { + "name": "nix:fod:sha256", + "value": "1q4qgw4an4mmmcbx48l6xk1jig1vc8p9cq9dbx39kpnb0890j32q" + }, + { + "name": "nix:fod:url", + "value": "https://github.com/ehmry/nim-sys/archive/4ef3b624db86e331ba334e705c1aa235d55b05e1.tar.gz" + }, + { + "name": "nix:fod:srcDir", + "value": "src" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/taps", + "name": "taps", + "version": "20240405", + "externalReferences": [ + { + "url": "https://git.sr.ht/~ehmry/nim_taps/archive/8c8572cd971d1283e6621006b310993c632da247.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://git.sr.ht/~ehmry/nim_taps", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/6y14ia52kr7jyaa0izx37mlablmq9s65-source" + }, + { + "name": "nix:fod:rev", + "value": "8c8572cd971d1283e6621006b310993c632da247" + }, + { + "name": "nix:fod:sha256", + "value": "1dp166bv9x773jmfqppg5i3v3rilgff013vb11yzwcid9l7s3iy8" + }, + { + "name": "nix:fod:url", + "value": "https://git.sr.ht/~ehmry/nim_taps/archive/8c8572cd971d1283e6621006b310993c632da247.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "20240405" + }, + { + "name": "nix:fod:srcDir", + "value": "src" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/nimcrypto", + "name": "nimcrypto", + "version": "traditional-api", + "externalReferences": [ + { + "url": "https://github.com/cheatfate/nimcrypto/archive/602c5d20c69c76137201b5d41f788f72afb95aa8.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://github.com/cheatfate/nimcrypto", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/zyr8zwh7vaiycn1s4r8cxwc71f2k5l0h-source" + }, + { + "name": "nix:fod:rev", + "value": "602c5d20c69c76137201b5d41f788f72afb95aa8" + }, + { + "name": "nix:fod:sha256", + "value": "1dmdmgb6b9m5f8dyxk781nnd61dsk3hdxqks7idk9ncnpj9fng65" + }, + { + "name": "nix:fod:url", + "value": "https://github.com/cheatfate/nimcrypto/archive/602c5d20c69c76137201b5d41f788f72afb95aa8.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "traditional-api" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/npeg", + "name": "npeg", + "version": "1.2.2", + "externalReferences": [ + { + "url": "https://github.com/zevv/npeg/archive/ec0cc6e64ea4c62d2aa382b176a4838474238f8d.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://github.com/zevv/npeg.git", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/xpn694ibgipj8xak3j4bky6b3k0vp7hh-source" + }, + { + "name": "nix:fod:rev", + "value": "ec0cc6e64ea4c62d2aa382b176a4838474238f8d" + }, + { + "name": "nix:fod:sha256", + "value": "1fi9ls3xl20bmv1ikillxywl96i9al6zmmxrbffx448gbrxs86kg" + }, + { + "name": "nix:fod:url", + "value": "https://github.com/zevv/npeg/archive/ec0cc6e64ea4c62d2aa382b176a4838474238f8d.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "1.2.2" + }, + { + "name": "nix:fod:srcDir", + "value": "src" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/bigints", + "name": "bigints", + "version": "20231006", + "externalReferences": [ + { + "url": "https://github.com/ehmry/nim-bigints/archive/86ea14d31eea9275e1408ca34e6bfe9c99989a96.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://github.com/ehmry/nim-bigints.git", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/jvrm392g8adfsgf36prgwkbyd7vh5jsw-source" + }, + { + "name": "nix:fod:rev", + "value": "86ea14d31eea9275e1408ca34e6bfe9c99989a96" + }, + { + "name": "nix:fod:sha256", + "value": "15pcpmnk1bnw3k8769rjzcpg00nahyrypwbxs88jnwr4aczp99j4" + }, + { + "name": "nix:fod:url", + "value": "https://github.com/ehmry/nim-bigints/archive/86ea14d31eea9275e1408ca34e6bfe9c99989a96.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "20231006" + }, + { + "name": "nix:fod:srcDir", + "value": "src" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/cps", + "name": "cps", + "version": "0.10.4", + "externalReferences": [ + { + "url": "https://github.com/nim-works/cps/archive/2a4d771a715ba45cfba3a82fa625ae7ad6591c8b.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://github.com/nim-works/cps", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/m9vpcf3dq6z2h1xpi1vlw0ycxp91s5p7-source" + }, + { + "name": "nix:fod:rev", + "value": "2a4d771a715ba45cfba3a82fa625ae7ad6591c8b" + }, + { + "name": "nix:fod:sha256", + "value": "0c62k5wpq9z9mn8cd4rm8jjc4z0xmnak4piyj5dsfbyj6sbdw2bf" + }, + { + "name": "nix:fod:url", + "value": "https://github.com/nim-works/cps/archive/2a4d771a715ba45cfba3a82fa625ae7ad6591c8b.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "0.10.4" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/stew", + "name": "stew", + "version": "3c91b8694e15137a81ec7db37c6c58194ec94a6a", + "externalReferences": [ + { + "url": "https://github.com/status-im/nim-stew/archive/3c91b8694e15137a81ec7db37c6c58194ec94a6a.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://github.com/status-im/nim-stew", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/mqg8qzsbcc8xqabq2yzvlhvcyqypk72c-source" + }, + { + "name": "nix:fod:rev", + "value": "3c91b8694e15137a81ec7db37c6c58194ec94a6a" + }, + { + "name": "nix:fod:sha256", + "value": "17lfhfxp5nxvld78xa83p258y80ks5jb4n53152cdr57xk86y07w" + }, + { + "name": "nix:fod:url", + "value": "https://github.com/status-im/nim-stew/archive/3c91b8694e15137a81ec7db37c6c58194ec94a6a.tar.gz" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/getdns", + "name": "getdns", + "version": "20230806", + "externalReferences": [ + { + "url": "https://git.sr.ht/~ehmry/getdns-nim/archive/e4ae0992ed7c5540e6d498f3074d06c8f454a0b6.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://git.sr.ht/~ehmry/getdns-nim", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/j8i20k9aarzppg4p234449140nnnaycq-source" + }, + { + "name": "nix:fod:rev", + "value": "e4ae0992ed7c5540e6d498f3074d06c8f454a0b6" + }, + { + "name": "nix:fod:sha256", + "value": "1dp53gndr6d9s9601dd5ipkiq94j53hlx46mxv8gpr8nd98bqysg" + }, + { + "name": "nix:fod:url", + "value": "https://git.sr.ht/~ehmry/getdns-nim/archive/e4ae0992ed7c5540e6d498f3074d06c8f454a0b6.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "20230806" + }, + { + "name": "nix:fod:srcDir", + "value": "src" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:nim/solo5_dispatcher", + "name": "solo5_dispatcher", + "version": "20240522", + "externalReferences": [ + { + "url": "https://git.sr.ht/~ehmry/solo5_dispatcher/archive/cc64ef99416b22b12e4a076d33de9e25a163e57d.tar.gz", + "type": "source-distribution" + }, + { + "url": "https://git.sr.ht/~ehmry/solo5_dispatcher", + "type": "vcs" + } + ], + "properties": [ + { + "name": "nix:fod:method", + "value": "fetchzip" + }, + { + "name": "nix:fod:path", + "value": "/nix/store/4jj467pg4hs6warhksb8nsxn9ykz8c7c-source" + }, + { + "name": "nix:fod:rev", + "value": "cc64ef99416b22b12e4a076d33de9e25a163e57d" + }, + { + "name": "nix:fod:sha256", + "value": "1v9i9fqgx1g76yrmz2xwj9mxfwbjfpar6dsyygr68fv9031cqxq7" + }, + { + "name": "nix:fod:url", + "value": "https://git.sr.ht/~ehmry/solo5_dispatcher/archive/cc64ef99416b22b12e4a076d33de9e25a163e57d.tar.gz" + }, + { + "name": "nix:fod:ref", + "value": "20240522" + }, + { + "name": "nix:fod:srcDir", + "value": "pkg" + } + ] + } + ], + "dependencies": [ + { + "ref": "pkg:nim/syndicate_utils", + "dependsOn": [ + "pkg:nim/syndicate" + ] + }, + { + "ref": "pkg:nim/syndicate", + "dependsOn": [ + "pkg:nim/nimcrypto", + "pkg:nim/preserves", + "pkg:nim/sys", + "pkg:nim/taps" + ] + }, + { + "ref": "pkg:nim/preserves", + "dependsOn": [ + "pkg:nim/npeg", + "pkg:nim/bigints" + ] + }, + { + "ref": "pkg:nim/sys", + "dependsOn": [ + "pkg:nim/cps", + "pkg:nim/stew" + ] + }, + { + "ref": "pkg:nim/taps", + "dependsOn": [ + "pkg:nim/getdns", + "pkg:nim/sys", + "pkg:nim/cps", + "pkg:nim/solo5_dispatcher" + ] + }, + { + "ref": "pkg:nim/nimcrypto", + "dependsOn": [] + }, + { + "ref": "pkg:nim/npeg", + "dependsOn": [] + }, + { + "ref": "pkg:nim/bigints", + "dependsOn": [] + }, + { + "ref": "pkg:nim/cps", + "dependsOn": [] + }, + { + "ref": "pkg:nim/stew", + "dependsOn": [] + }, + { + "ref": "pkg:nim/getdns", + "dependsOn": [] + }, + { + "ref": "pkg:nim/solo5_dispatcher", + "dependsOn": [ + "pkg:nim/cps" + ] + } + ] +} diff --git a/syndicate_utils.nimble b/syndicate_utils.nimble index 4105a1e..cd2582c 100644 --- a/syndicate_utils.nimble +++ b/syndicate_utils.nimble @@ -1,10 +1,61 @@ -# auto-update-version +# Emulate Nimble from CycloneDX data at sbom.json. -version = "20240523" -author = "Emery Hemingway" -description = "Utilites for Syndicated Actors and Synit" -license = "unlicense" -srcDir = "src" -bin = @["http_client", "mintsturdyref", "mount_actor", "msg", "postgre_actor", "preserve_process_environment", "rofi_script_actor", "sqlite_actor", "syndesizer", "syndump", "xslt_actor"] +import std/json -requires "https://git.syndicate-lang.org/ehmry/syndicate-nim.git >= 20240522" +proc lookupComponent(sbom: JsonNode; bomRef: string): JsonNode = + for c in sbom{"components"}.getElems.items: + if c{"bom-ref"}.getStr == bomRef: + return c + result = newJNull() + +let + sbom = "sbom.json".readFile.parseJson + comp = sbom{"metadata", "component"} + bomRef = comp{"bom-ref"}.getStr + +version = comp{"version"}.getStr +author = comp{"authors"}[0]{"name"}.getStr +description = comp{"description"}.getStr +license = comp{"licenses"}[0]{"license", "id"}.getStr + +for prop in comp{"properties"}.getElems.items: + let (key, val) = (prop{"name"}.getStr, prop{"value"}.getStr) + case key + of "nim:skipDirs:": + add(skipDirs, val) + of "nim:skipFiles:": + add(skipFiles, val) + of "nim:skipExt": + add(skipExt, val) + of "nim:installDirs": + add(installDirs, val) + of "nim:installFiles": + add(installFiles, val) + of "nim:installExt": + add(installExt, val) + of "nim:binDir": + add(binDir, val) + of "nim:srcDir": + add(srcDir, val) + of "nim:backend": + add(backend, val) + else: + if key.startsWith "nim:bin:": + namedBin[key[9..key.high]] = val + +for depend in sbom{"dependencies"}.items: + if depend{"ref"}.getStr == bomRef: + for depRef in depend{"dependsOn"}.items: + let dep = sbom.lookupComponent(depRef.getStr) + var spec = dep{"name"}.getStr + for extRef in dep{"externalReferences"}.elems: + if extRef{"type"}.getStr == "vcs": + spec = extRef{"url"}.getStr + break + let ver = dep{"version"}.getStr + if ver != "": + if ver.allCharsInSet {'0'..'9', '.'}: spec.add " == " + else: spec.add '#' + spec.add ver + requires spec + break