Merge pull request #1044 from thc202/bom-license

Handle missing license in SBOMs
zaproxy · Oct 12, 2023 · 9b70b3e · 9b70b3e
2 parents bac7c4f + 59159ce
commit 9b70b3e
Showing 1 changed file with 32 additions and 11 deletions.
diff --git a/buildSrc/src/main/java/org/zaproxy/gradle/website/WebsiteSbomPageGenerator.java b/buildSrc/src/main/java/org/zaproxy/gradle/website/WebsiteSbomPageGenerator.java
@@ -55,21 +55,11 @@ public static void generate(
                         .sorted(Comparator.comparing(jsonNode -> jsonNode.get("name").asText()))
                         .collect(Collectors.toList());
         for (JsonNode component : sortedComponentsList) {
-            var licenses = (ArrayNode) component.get("licenses");
-            String licensesStr =
-                    StreamSupport.stream(licenses.spliterator(), false)
-                            .map(l -> l.get("license"))
-                            .map(
-                                    l ->
-                                            l.has("id")
-                                                    ? l.get("id").asText()
-                                                    : l.has("name") ? l.get("name").asText() : "")
-                            .collect(Collectors.joining(", "));
             resultComponents.add(
                     new PageFrontMatter.SbomDataComponent(
                             component.get("name").asText(),
                             component.get("version").asText(),
-                            licensesStr));
+                            createLicensesString(component)));
         }
         frontMatter.setSbomData(
                 new PageFrontMatter.SbomData(
@@ -79,4 +69,35 @@ public static void generate(
         frontMatter.writeTo(NOTICE, writer);
         Files.write(outputFile, writer.toString().getBytes(StandardCharsets.UTF_8));
     }
+
+    private static String createLicensesString(JsonNode component) {
+        var licenses = (ArrayNode) component.get("licenses");
+        if (licenses == null) {
+            return "";
+        }
+
+        return StreamSupport.stream(licenses.spliterator(), false)
+                .map(WebsiteSbomPageGenerator::licenseObjectToString)
+                .filter(e -> e != null)
+                .collect(Collectors.joining(", "));
+    }
+
+    private static String licenseObjectToString(JsonNode l) {
+        if (!l.has("license")) {
+            return get(l, "expression");
+        }
+        var license = l.get("license");
+        var id = get(license, "id");
+        if (id != null) {
+            return id;
+        }
+        return get(license, "name");
+    }
+
+    private static String get(JsonNode node, String property) {
+        if (node.has(property)) {
+            return node.get(property).asText();
+        }
+        return null;
+    }
 }