RHEcosystemAppEng · zvigrinberg · Mar 7, 2024 · Mar 7, 2024 · Mar 7, 2024 · Mar 7, 2024
diff --git a/src/cli.js b/src/cli.js
@@ -3,6 +3,7 @@
 import exhort from './index.js'
 import { hideBin } from 'yargs/helpers'
 import yargs from 'yargs'
+import * as path from "path";
 
 // command for component analysis take manifest type and content
 const component = {
@@ -116,10 +117,11 @@
 
 // parse and invoke the command
 yargs(hideBin(process.argv))
-	.usage('Usage: $0 {component|stack|validate-token}')
+	.usage(`Usage: ${process.argv[0].includes("node") ?  path.parse(process.argv[1]).base : path.parse(process.argv[0]).base} {component|stack|validate-token}`)
 	.command(stack)
 	.command(component)
 	.command(validateToken)
+	.scriptName('')
 	.version(false)
 	.demandCommand(1)
 	.parse()
diff --git a/src/providers/java_maven.js b/src/providers/java_maven.js
@@ -1,10 +1,10 @@
 import {XMLParser} from 'fast-xml-parser'
 import {execSync} from "node:child_process"
 import fs from 'node:fs'
 import {getCustomPath,handleSpacesInPath} from "../tools.js";
 import os from 'node:os'
 import path from 'node:path'
 import Sbom from '../sbom.js'
 import {PackageURL} from 'packageurl-js'
 import {EOL} from 'os'

@@ -259,7 +259,7 @@
 	let dependencies = getDependencies(tmpEffectivePom)
 		.filter(d => !(dependencyIn(d, ignored)) && !(dependencyInExcludingVersion(d, ignored)))
 	let sbom = new Sbom();
-	let rootDependency = getRootFromPom(targetPom);
+	let rootDependency = getRootFromPom(tmpEffectivePom,targetPom);
 	let purlRoot = toPurl(rootDependency.groupId, rootDependency.artifactId, rootDependency.version)
 	sbom.addRoot(purlRoot)
 	let rootComponent = sbom.getRoot();
@@ -282,16 +282,31 @@
 
 /**
  *
- * @param pom.xml manifest path
+ * @param effectivePomManifest effective pom manifest path
+ * @param originalManifest pom.xml manifest path
  * @return {Dependency} returns the root dependency for the pom
  * @private
  */
-function getRootFromPom(manifest) {
+function getRootFromPom(effectivePomManifest) {
 
 	let parser = new XMLParser()
-	let buf = fs.readFileSync(manifest)
-	let pomStruct = parser.parse(buf.toString())
-	let pomRoot = pomStruct['project'];
+	let buf = fs.readFileSync(effectivePomManifest)
+	let effectivePomStruct = parser.parse(buf.toString())
+	let pomRoot
+	if(effectivePomStruct['project']) {
+		pomRoot = effectivePomStruct['project']
+	}
+	// if there is no project root tag, then it's a multi module/submodules aggregator parent POM
+	else
+	{
+		for (let proj of effectivePomStruct['projects']['project']) {
+			// need to choose the aggregate POM and not one of the modules.
+			if(proj.packaging && proj.packaging === 'pom'  ) {
+				pomRoot = proj
+			}
+		}
+
+	}
 	/** @type Dependency */
 	let rootDependency = {
 		groupId: pomRoot['groupId'],

diff --git a/src/providers/javascript_npm.js b/src/providers/javascript_npm.js
@@ -45,6 +45,7 @@ export default { isSupported, provideComponent, provideStack, npmInteractions }
  * @private
  */
 const ecosystem = 'npm'
+const defaultVersion = 'v0.0.0'
 
 /**
  * @param {string} manifestName - the subject manifest name-type
@@ -123,6 +124,9 @@ function getSBOM(manifest, opts = {}, includeTransitive) {
 	let depsObject = JSON.parse(npmOutput);
 	let rootName = depsObject["name"]
 	let rootVersion = depsObject["version"]
+	if(!rootVersion) {
+		rootVersion = defaultVersion
+	}
 	let mainComponent = toPurl(rootName,rootVersion);
 
 	let sbom = new Sbom();

diff --git a/test/it/end-to-end.js b/test/it/end-to-end.js
@@ -135,10 +135,11 @@ suite('Integration Tests', () => {
 // 		// process.env["EXHORT_PYTHON_VIRTUAL_ENV"] = "true"
 // 		// process.env["EXHORT_PYTHON_INSTALL_BEST_EFFORTS"] = "true"
 // 		// process.env["MATCH_MANIFEST_VERSIONS"] = "false"
-// 		let pomPath = `/home/zgrinber/git/exhort-javascript-api/test/providers/tst_manifests/golang/go_mod_no_ignore/go.mod`
+// 		// let pomPath = `/tmp/070324/package.json`
+// 		let pomPath = `/tmp/artifact-without-version-or-group/sbom-json-traversor/pom.xml`
 // 		// let pomPath = `/home/zgrinber/git/tracing-demos-and-examples/tracing-parent/pom.xml`
 // 		let providedDataForStack;
-// 		providedDataForStack = await index.stackAnalysis(pomPath, false,opts);
+// 		providedDataForStack = await index.componentAnalysis("pom.xml", fs.readFileSync(pomPath),{} ,pomPath);
 // 		// console.log(JSON.stringify(providedDataForStack,null , 4))
 // 		// fs.writeFileSync(`/tmp/301123/report.html`,providedDataForStack)
 //