Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XML serialization fails if not running extracted package #1017

Closed
AugustusKling opened this issue Feb 24, 2024 · 1 comment · Fixed by #1018
Closed

XML serialization fails if not running extracted package #1017

AugustusKling opened this issue Feb 24, 2024 · 1 comment · Fixed by #1018
Labels
bug Something isn't working

Comments

@AugustusKling
Copy link
Contributor

Follow-up to CycloneDX/cyclonedx-node-yarn#13 (comment)

XML serializer is not found unless this library is extracted in the file system. Result is failing XML serialization for example when this library is bundled or the package manager uses a linker that does not create the node_modules folder.

Discussion from referenced issue follows:

CycloneDX's XML serializer cannot find its xmlbuilder2 dependency, at least when bundled as Yarn plugin.

I checked this again and the problem is that the bundler cannot process the require because it does not contain a constant. You could change https://github.com/CycloneDX/cyclonedx-javascript-library/blob/main/libs/universal-node-xml/index.js#L36 from

const possibleStringifier = require(`./stringifiers/${file}`)

to

const possibleStringifier = require(`./stringifiers/xmlbuilder2`)

This defeats the idea of having the list of potential serializers in the possibleStringifiers array but as it only has 1 hard-coded option for now, making the change is an option.

Alternatively, if you want to retain the listing, you could have require calls containing constants but wrap them in functions. Then iterate over this structure and calls the functions to test for presence of serializers.

const possibleStringifiers = [
  // prioritized list of possible implementations
  ['xmlbuilder2', () => require(`./stringifiers/xmlbuilder2`)]
]

...

for (const [serializerName, loaderFunc] of possibleStringifiers) {
  try {
    const possibleStringifier = loaderFunc()
    ....
AugustusKling added a commit to AugustusKling/cyclonedx-javascript-library that referenced this issue Feb 24, 2024
@AugustusKling
Support XML serialization when running in bundles or non-standard
d83dca3 
linkers. CycloneDX#1017

Signed-off-by: Augustus Kling <augustus.kling@gmail.com>
@AugustusKling AugustusKling mentioned this issue Feb 24, 2024
Merged
AugustusKling added a commit to AugustusKling/cyclonedx-javascript-library that referenced this issue Feb 24, 2024
@AugustusKling
Remove newly added JSDoc as CI tools fail to process it. CycloneDX#1017
3e5cb27 
Signed-off-by: Augustus Kling <augustus.kling@gmail.com>
@AugustusKling AugustusKling mentioned this issue Feb 24, 2024
Merged
@jkowalleck jkowalleck linked a pull request Feb 25, 2024 that will close this issue
Support XML serialization when running in bundles or non-standard #1018
Merged
@jkowalleck
Copy link
Member

the solution should be available as off https://github.com/CycloneDX/cyclonedx-javascript-library/releases/tag/v6.3.2

@jkowalleck jkowalleck added the bug Something isn't working label Feb 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
2 participants
@AugustusKling @jkowalleck