[FEATURE] Support for all input formats when running `jake ddt` or `jake iq`

sonatype-nexus-community / jake

Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.

https://jake.readthedocs.io/

Apache License 2.0

111 stars 24 forks source link

[FEATURE] Support for all input formats when running `jake ddt` or `jake iq` #104

Closed madpah closed 1 year ago

madpah commented 2 years ago

jake is built upon cyclonedx-python which supports consuming dependencies in multiple forms:

Current Python Environment (jake ddt already supports this)
requirements.txt
Pipfile.lock
poetry.lock
Output from conda list
Output from conda list --json

This feature will delivery the ability to consume dependencies from all of the above formats when running either jake ddt or jake iq.

cc @bhamail / @DarthHater

sanzoghenzo commented 1 year ago

Hi, forgive me if I'm being that guy, but... are there any update on this? :wink:

I took a very quick look at the source code, it seems that it's a matter of changing the parser initialization using the same code as the SbomCommand._get_parser medhod - or even better turn that method into a function that accepts input type and input source, so it can be simplified and reused.

Obviously the two arguments needs to be ported to the other commands.

Am I missing something?