# Getting the Nodes

- Targets are from this though some doesn't have dependency graph: https://docs.google.com/spreadsheets/d/1CBkyMUawShZdeaRSPp3DMu9-HZriGFb9Uy6NE-Ea36k/edit?gid=0#gid=0
- There are some repos that don't have dependency or dependents shown.
  - `samuelmtimbo/unit` doesn't have dependencies shown.
  - some others have no dependents.

## Target Repos

In [42]:
target_repos_csv_filename = "target_repos.csv"
target_repos = [
    "comfyanonymous/ComfyUI",
    "FlowiseAI/Flowise", 
    "jagenjo/litegraph.js", 
    "biolab/orange3",
    "jerosoler/Drawflow",
    "chaiNNer-org/chaiNNer",
    "samuelmtimbo/unit",
    "Ironclad/rivet",
    "wonderworks-software/PyFlow",
    "ianarawjo/ChainForge",
    "flydelabs/flyde",
    "laudspeaker/laudspeaker",
    "google/visualblocks",
    "enso-org/enso",
    "GraphiteEditor/Graphite",
    "node-red/node-red",
    "JacquesLucke/animation_nodes",
    "Nelarius/imnodes"
]

properties = {
    "name": "full_name",
    "starsCount": "stargazers_count",
    "forksCount": "forks",
    "watchersCount": "subscribers_count",
    "createdAt": "created_at",
    "description": "description",
    "githubPage": "html_url",
    "ownedByOrg": "organization",
    "owner": "owner",
    "language": "language"
}

In [1]:
import requests
from pprint import pprint
import base64
from github import Github
import datetime

def get_repo_info_from_full_name(repo_full_name: str, prop: dict) -> dict:
    # get the repo
    g = Github()
    repo_info = g.get_repo(full_name_or_id=repo_full_name)
    
    # get properties
    output = {}
    for key in prop.keys():
        output[key] = getattr(repo_info, prop[key])
        
        # make datetime YYYY-MM-DD
        if key == "createdAt":
            output[key] = output[key].strftime("%Y-%m-%d")
        
        # enclose description with ""
        if key == "description":
            output[key] = "\"" + output[key].replace("\"", "'") + "\""
            
        # make ownedByOrg to "True" or "False"
        if key == "ownedByOrg":
            if output[key] is None:
                output[key] = "False"
            else:
                output[key] = "True"
                
        # make owner to string
        if key == "owner":
            output[key] = output[key].login
        
    return output

def get_repo_info_from_repo(repo_info, prop) -> dict:
    # get properties
    output = {}
    for key in prop.keys():
        output[key] = getattr(repo_info, prop[key])
        
        # make datetime YYYY-MM-DD
        if key == "createdAt":
            output[key] = output[key].strftime("%Y-%m-%d")
        
        # enclose description with ""
        if key == "description" and type(output[key]) is str:
            output[key] = "\"" + output[key].replace("\"", "'") + "\""
            
        # make ownedByOrg to "True" or "False"
        if key == "ownedByOrg":
            if output[key] is None:
                output[key] = "False"
            else:
                output[key] = "True"
                
        # make owner to string
        if key == "owner":
            output[key] = output[key].login
        
    return output

In [33]:
get_repo_info(target_repos[0], properties)

{'name': 'comfyanonymous/ComfyUI',
 'starsCount': 55993,
 'forksCount': 5909,
 'watchersCount': 405,
 'createdAt': '2023-01-17',
 'description': '"The most powerful and modular diffusion model GUI, api and backend with a graph/nodes interface."',
 'githubPage': 'https://github.com/comfyanonymous/ComfyUI',
 'ownedByOrg': 'False',
 'owner': 'comfyanonymous',
 'language': 'Python'}

In [34]:
# write headers
full_file_name = "csv/{}".format(target_repos_csv_filename)
with open(full_file_name, "w") as f:
    for key in properties.keys():
        f.write(key)
        f.write(",")
    f.write("\n")
    
# call and write data
with open(full_file_name, "a") as f:
    for repo in target_repos:
        data = get_repo_info(repo, properties)
        for key in properties.keys():
            f.write(str(data[key]))
            f.write(",")
        f.write("\n")

print("output to file ...", full_file_name)

output to file ... csv/target_repos.csv


## License
- The license are unique and formatted when get, so I can first output all, and then use CQL `MERGE`.

In [22]:
license_filename = "license.csv"

license_properties = {
    "id": "spdx_id",
    "name": "name",
    "url": "url"
}

In [19]:
import requests
from pprint import pprint
import base64
from github import Github
import datetime

def get_license_info(repo_full_name: str, prop: dict) -> dict:
    # get the repo
    g = Github()
    repo_info = g.get_repo(full_name_or_id=repo_full_name)
    
    # get the license
    output = {}
    for key in prop.keys():
        output[key] = getattr(repo_info.license, prop[key])
    
    return output

In [70]:
# write headers
def write_headers(full_filename: str, prop: dict):
    with open(full_file_name, "w") as f:
        for key in prop.keys():
            f.write(key)
            f.write(",")
        f.write("\n")

In [24]:
# call and write data
full_file_name = "csv/{}".format(license_filename)
write_headers(full_file_name, license_properties)

with open(full_file_name, "a") as f:
    for repo in target_repos:
        data = get_license_info(repo, license_properties)
        for key in license_properties.keys():
            f.write(str(data[key]))
            f.write(",")
        f.write("\n")

print("output to file ...", full_file_name)

output to file ... csv/license.csv


## Topic

In [73]:
all_topics = [
 '2d-graphics',
 'ai',
 'ai',
 'animation-nodes',
 'art',
 'artificial-intelligence',
 'blender',
 'blueprints',
 'canvas2d',
 'chatbot',
 'chatgpt',
 'checklist-guides',
 'classification',
 'clustering',
 'compiler',
 'compositor',
 'cpp',
 'customer-engagement',
 'customer-journey',
 'data-mining',
 'data-science',
 'data-visualization',
 'dataflow',
 'dataflow-programming',
 'dataflow-programming',
 'dataflow-programming',
 'decision-trees',
 'design',
 'drawflow',
 'editor',
 'editor',
 'email-marketing',
 'enso',
 'evaluation',
 'finite-state-machine',
 'flow',
 'flow-based',
 'flow-based-programming',
 'flow-based-programming',
 'flow-based-programming',
 'flowchart',
 'framework',
 'functional',
 'functional-programming',
 'gamedev',
 'graalvm',
 'graph',
 'graph-editor',
 'graphic-design',
 'graphics-editor',
 'graphs',
 'growth-eng',
 'hacktoberfest',
 'hybrid',
 'image-generation',
 'image-manipulation',
 'image-processing',
 'imgui',
 'interpreter',
 'javascript',
 'javascript',
 'javascript',
 'javascript',
 'javascript-library',
 'jit',
 'langchain',
 'language',
 'large-language-models',
 'large-language-models',
 'live-programming',
 'llamaindex',
 'llm',
 'llmops',
 'llms',
 'low-code',
 'low-code',
 'machine-learning',
 'modular',
 'nestjs',
 'no-code',
 'nocode',
 'node-editor',
 'node-editor',
 'node-graph',
 'node-graph',
 'node-red',
 'nodebased',
 'nodejs',
 'nodejs',
 'nodes',
 'numpy',
 'omnichannel',
 'onboarding',
 'openai',
 'openai',
 'openjs-foundation',
 'orange',
 'orange3',
 'pandas',
 'photo-editing',
 'photo-editor',
 'plotting',
 'polyglot',
 'procedural',
 'procedural-art',
 'procedural-drawing',
 'product-adoption',
 'programming',
 'programming-language',
 'prompt-engineering',
 'push-notifications',
 'pushnotifications',
 'pyflow',
 'pyside2',
 'python',
 'python',
 'python',
 'pytorch',
 'qt',
 'rag',
 'random-forest',
 'react',
 'react',
 'reactive-programming',
 'reactive-programming',
 'regression',
 'rts',
 'scikit-learn',
 'scipy',
 'setup-wizard',
 'sms-marketing',
 'stable-diffusion',
 'state-machine',
 'state-machines',
 'subgraphs',
 'svg-editor',
 'textual',
 'tool',
 'typescript',
 'typescript',
 'typescript',
 'ui',
 'unit',
 'user-onboarding',
 'vector-editor',
 'visual',
 'visual',
 'visual',
 'visual-programming',
 'visual-programming',
 'visual-programming',
 'visual-programming',
 'visual-programming',
 'visual-programming',
 'visual-programming-editor',
 'visual-programming-language',
 'visual-studio-code',
 'visualization',
 'vscode',
 'vscode-extension',
 'vue',
 'workflow',
 'workflow-automation'
]

topics_properties = {
    "id": "id"
}

topics_filename = "topics.csv"

In [42]:
def get_repo_topics(repo_full_name: str) -> list:
    # get the repo
    g = Github()
    repo_info = g.get_repo(full_name_or_id=repo_full_name)
    
    # get the topic
    return repo_info.topics

In [43]:
for repo in target_repos:
    all_topics += get_repo_topics(repo)

Request GET /repos/jerosoler/Drawflow failed with 403: rate limit exceeded
Setting next backoff to 2022.880504s


KeyboardInterrupt: 

In [58]:
unique_all_topics = []

# sort the topics and do union
all_topics.sort()

# remove spaces and "-" and then do set again.
# for example: nocode, no-code, no code; keep the nocode, the others are alias
for topic in all_topics:
    temp = topic.replace(" ", "").replace("-", "")
    unique_all_topics.append(temp)
    
unique_all_topics = set(unique_all_topics)

In [76]:
# call and write data
full_file_name = "csv/{}".format(topics_filename)
write_headers(full_file_name, topics_properties)

with open(full_file_name, "a") as f:
    for topic in sorted(unique_all_topics):
        f.write(topic)
        f.write(",")
        f.write("\n")

print("output to file ...", full_file_name)

output to file ... csv/topics.csv


## Dependencies -- Repo and DEPENDS_ON

### Step 1 -- Querying Dependencies Repo
- Do union to all target repos' dependency.

In [91]:
import json

In [90]:
dependency_file_suffix = "-dependencies.json"
dependent_file_suffix = "-dependents.json"

# split by "/" and lower the case
target_repos_info_raw_filename = []
for full_repo_name in target_repos:
    name = full_repo_name.split("/")[1]
    name = name.lower()
    target_repos_info_raw_filename.append(name)

In [141]:
# Prepare a list of dependency repo names then do set()
all_target_repo_dependencies = []

for repo in target_repos_info_raw_filename:
    try:
        with open("raw/{}".format(repo + dependency_file_suffix)) as f:
            raw_repo_dep = json.load(f)
        for dep in range(len(raw_repo_dep["packages"])):
            all_target_repo_dependencies.append(raw_repo_dep["packages"][dep]["name"])
    except OSError as e:
        print(repo, "doesn't exist dependencies graph ... ")

# Do set() to make every dep repo unique
unique_all_target_repo_dependencies = set(all_target_repo_dependencies)
unique_all_target_repo_dependencies = sorted(list(unique_all_target_repo_dependencies))
print("all target repos dependency count        =" , len(all_target_repo_dependencies))
print("unique all target repos dependency count =", len(unique_all_target_repo_dependencies))

# If the dependency starts with npm:, remove it
for index, repo in enumerate(unique_all_target_repo_dependencies):
    if repo.startswith("npm:"):
        unique_all_target_repo_dependencies[index] = repo.replace("npm:", "")

unit doesn't exist dependencies graph ... 
all target repos dependency count        = 22771
unique all target repos dependency count = 6909


In [142]:
for _ in unique_all_target_repo_dependencies:
    print(_)

7zip-bin
@4tw/cypress-drag-drop
@aashutoshrathi/word-wrap
@acuminous/bitsyntax
@adobe/css-tools
@ag-grid-community/client-side-row-model
@ag-grid-community/core
@ag-grid-community/styles
@ag-grid-enterprise/core
@ag-grid-enterprise/range-selection
@ai-sdk/provider
@ai-sdk/provider-utils
@ai-sdk/react
@ai-sdk/solid
@ai-sdk/svelte
@ai-sdk/ui-utils
@ai-sdk/vue
@akryum/tinypool
@algolia/autocomplete-core
@algolia/autocomplete-plugin-algolia-insights
@algolia/autocomplete-preset-algolia
@algolia/autocomplete-shared
@algolia/cache-browser-local-storage
@algolia/cache-common
@algolia/cache-in-memory
@algolia/client-account
@algolia/client-analytics
@algolia/client-common
@algolia/client-personalization
@algolia/client-search
@algolia/events
@algolia/logger-common
@algolia/logger-console
@algolia/requester-browser-xhr
@algolia/requester-common
@algolia/requester-node-http
@algolia/transporter
@alloc/quick-lru
@ampproject/remapping
@angular-devkit/core
@angular-devkit/schematics
@angular-devkit

In [187]:
### DON'T TOUCH

# Write headers
unique_all_target_repo_dependencies_filename = "target_repo_dependencies.csv"
full_file_name = "csv/{}".format(unique_all_target_repo_dependencies_filename)
write_headers(full_file_name, properties)

In [2]:
### DON'T TOUCH

# Keep dependencies full name, because we might also want to create topics and licenses csv.
unique_all_target_repo_dependencies_full_name = []   # only contain those that can be identify, and is written to csv file
unique_all_target_repo_dependencies_failed = {"CannotFind": [], "MultiSuggestion": []}

In [230]:
### DON'T TOUCH

map_target_repo_dependencies_to_full_name = {}

for index, repo in enumerate(sorted(unique_all_target_repo_dependencies)):
    if index == len(unique_all_target_repo_dependencies_full_name):
        break
    map_target_repo_dependencies_to_full_name[repo] = unique_all_target_repo_dependencies_full_name[index]

In [232]:
len(map_target_repo_dependencies_to_full_name)

56

In [276]:
import requests
import json
from github import Github
from github import Auth
from github import GithubException

auth = Auth.Token("YOUR_TOKEN")

g = Github(auth=auth)

In [286]:
from bs4 import BeautifulSoup

def search_pypi(repo_full_name: str):
    """Search pypi and return Repository() obj"""
    global g
    
    # get html
    url = "https://pypi.org/project/"
    page = requests.get(url + repo_full_name)
    
    soup = BeautifulSoup(page.content, 'html.parser')
    
    # parsing
    # <a class="vertical-tabs__tab vertical-tabs__tab--with-icon vertical-tabs__tab--condensed" href="https://github.com/data-exp-lab/yt_libyt" rel="nofollow">
    #    <i aria-hidden="true" class="fas fa-home">
    #    </i>
    #    Homepage
    # </a>
    
    github_url_prefix = "https://github.com/"
    find_all_a = soup.find_all("a")
    candidate = []
    for a in find_all_a:
        if "Homepage" in a.get_text():
            github_url = a.get("href")
            candidate.append(github_url[len(github_url_prefix):])
    candidate = list(set(candidate))
    
    if len(candidate) != 1:
        return None, "MultiSuggestion"
    else:
        repo_info = g.get_repo(full_name_or_id=candidate[0])
        return repo_info, "ok"
    

In [276]:
def search_npm_io(repo_full_name: str):
    """Search npm and return Repository() obj"""
    global g
    
    url = "https://api.npms.io/v2/search"
    query = "?q=" + repo_full_name
    
    # query using npm.io API
    respond = requests.get(url + query)
    search_npm_results = json.loads(respond.content)
    
    # get the first result based on its search, and return GitHub repo full name
    github_url_prefix = "https://github.com/"
    if search_npm_results["total"] > 0:
        try:
            if search_npm_results["results"][0]["package"]["name"] == repo_full_name:
                repo_url = search_npm_results["results"][0]["package"]["links"]["repository"]
                if github_url_prefix in repo_url:
                    temp = repo_url[len(github_url_prefix):].split("/")
                    github_repo_full_name = temp[0] + "/" + temp[1]
                    try:
                        repo_info = g.get_repo(full_name_or_id=github_repo_full_name)
                        return repo_info, "ok"
                    except GithubException as e:
                        if e.status == 404:
                            return None, "CannotFind"
                        else:
                            raise(e)
                    except Exception as e:
                        print(e)
                        return None, "CannotFind"
                else:
                    return None, "CannotFind"
            else:
                return None, "CannotFind"
        except KeyError:
            return None, "CannotFind"
    else:
        return None, "CannotFind"

In [276]:
def scratch_npm_html(repo_full_name):
    """Scratch npm html webpage and return Repository() obj"""
    global g
    
    # get html
    url = "https://www.npmjs.com/package/"
    query = repo_full_name
    page = requests.get(url + query)
    html = page.content.decode("utf-8")
    
    span_open_tag = "<span id=\"repository-link\">"
    span_close_tag = "</span>"
    repo_link_start = html.find(span_open_tag)
    
    if repo_link_start > 0:
        repo_link_end = html.find("</span>", repo_link_start)
        repo_full_name = html[len(span_open_tag) + repo_link_start : repo_link_end]
        repo_full_name = repo_full_name[repo_full_name.find("/") + 1:]
    
    try:
        repo_info = g.get_repo(full_name_or_id=repo_full_name)
        return repo_info, "ok"
    except:
        return None, "CannotFind"
        
    

In [276]:
def search_github(repo_full_name: str):
    """Search github and return Repository() obj"""
    global g
    
    # search the repo, sort by stars
    try:
        search_rank0_starcount = -1
        search_rank1_starcount = -1
        for s, search in enumerate(g.search_repositories(query=repo_full_name, sort="stars")):
            if search.full_name.split("/")[1] == repo_full_name:
                if s == 0:
                    search_rank0 = search
                    search_rank0_starcount = search.stargazers_count
                else:
                    search_rank1 = search
                    search_rank1_starcount = search.stargazers_count
                    break

        # pick the one that has largest star count
        # if there are two or more repo, then raise error
        if search_rank0_starcount == -1:
            return None, "CannotFind"

        if search_rank0_starcount <= search_rank1_starcount:
            return None, "MultiSuggestion"

        return search_rank0, "ok"
    except:
        return None, "CannotFind"

In [266]:
def write_to_csv_file(filename : str, row : list):
    with open(filename, "a") as f:
        for elem in row:
            f.write(elem)
            f.write(",")
        f.write("\n")

In [283]:
# Search and write repo results in csv
start_at = 6902
for index, repo in enumerate(sorted(unique_all_target_repo_dependencies)):
    if index < start_at:
        print("* ignoring #", index, repo, " ...")
        continue
    else:
        print("* searching #", index, repo, " ...")
    
    # try npm then try github
    find_in = {
        "npm.io": search_npm_io,
        "npm": scratch_npm_html,
        "github": search_github
    }
    for method in find_in.keys():
        repo_info = find_in[method](repo)
        if repo_info[0] is not None:
            print("    find #", index, repo, " in", method, ":", repo_info)
            break
        
    # if unable to identify in npm and github, then mark it
    if repo_info[0] is None:
        print("    cannot find #", index, repo)
        unique_all_target_repo_dependencies_failed[repo_info[1]].append(repo)
        write_to_csv_file("csv/map_sbom_name_failed.csv", [repo, repo_info[1]])
        continue
    
    # get repo info
    output = get_repo_info(repo_info[0], properties)
    map_target_repo_dependencies_to_full_name[repo] = output["name"]
    write_to_csv_file("csv/map_sbom_name_to_repo_full_name.csv", [repo, output["name"], method])
    
    # just in case (I think it's no use, since there are package not found)
    unique_all_target_repo_dependencies_full_name.append(output["name"])
    
    with open(full_file_name, "a") as f:
        for key in properties.keys():
            f.write(str(output[key]))
            f.write(",")
        f.write("\n")

* ignoring # 0 7zip-bin  ...
* ignoring # 1 @4tw/cypress-drag-drop  ...
* ignoring # 2 @aashutoshrathi/word-wrap  ...
* ignoring # 3 @acuminous/bitsyntax  ...
* ignoring # 4 @adobe/css-tools  ...
* ignoring # 5 @ag-grid-community/client-side-row-model  ...
* ignoring # 6 @ag-grid-community/core  ...
* ignoring # 7 @ag-grid-community/styles  ...
* ignoring # 8 @ag-grid-enterprise/core  ...
* ignoring # 9 @ag-grid-enterprise/range-selection  ...
* ignoring # 10 @ai-sdk/provider  ...
* ignoring # 11 @ai-sdk/provider-utils  ...
* ignoring # 12 @ai-sdk/react  ...
* ignoring # 13 @ai-sdk/solid  ...
* ignoring # 14 @ai-sdk/svelte  ...
* ignoring # 15 @ai-sdk/ui-utils  ...
* ignoring # 16 @ai-sdk/vue  ...
* ignoring # 17 @akryum/tinypool  ...
* ignoring # 18 @algolia/autocomplete-core  ...
* ignoring # 19 @algolia/autocomplete-plugin-algolia-insights  ...
* ignoring # 20 @algolia/autocomplete-preset-algolia  ...
* ignoring # 21 @algolia/autocomplete-shared  ...
* ignoring # 22 @algolia/cache-b

In [269]:
unique_all_target_repo_dependencies_failed

{'CannotFind': ['@atlaskit/analytics-next',
  '@atlaskit/analytics-next-stable-react-context',
  '@atlaskit/banner',
  '@atlaskit/blanket',
  '@atlaskit/button',
  '@atlaskit/checkbox',
  '@atlaskit/codemod-utils',
  '@atlaskit/css-reset',
  '@atlaskit/dropdown-menu',
  '@atlaskit/ds-explorations',
  '@atlaskit/ds-lib',
  '@atlaskit/focus-ring',
  '@atlaskit/form',
  '@atlaskit/icon',
  '@atlaskit/in-product-testing',
  '@atlaskit/inline-dialog',
  '@atlaskit/inline-edit',
  '@atlaskit/interaction-context',
  '@atlaskit/layering',
  '@atlaskit/menu',
  '@atlaskit/modal-dialog',
  '@atlaskit/motion',
  '@atlaskit/platform-feature-flags',
  '@atlaskit/popper',
  '@atlaskit/popup',
  '@atlaskit/portal',
  '@atlaskit/primitives',
  '@atlaskit/range',
  '@atlaskit/select',
  '@atlaskit/side-navigation',
  '@atlaskit/spinner',
  '@atlaskit/tabs',
  '@atlaskit/textarea',
  '@atlaskit/textfield',
  '@atlaskit/theme',
  '@atlaskit/toggle',
  '@atlaskit/tokens',
  '@atlaskit/visually-hidden',
  

In [263]:
# DON'T TOUCH
# creating csv file for mapping sbom name to github repo full name

with open("csv/map_sbom_name_to_repo_full_name.csv", "w") as f:
    # write header
    f.write("sbom_name, repo, \n")

    for key in map_target_repo_dependencies_to_full_name.keys():
        f.write(key)
        f.write(",")
        f.write(map_target_repo_dependencies_to_full_name[key])
        f.write(",\n")
        
# creating csv file for sbom name that failed to match to github repo full name

with open("csv/map_sbom_name_failed.csv", "w") as f:
    # write header
    f.write("sbom_name, problem, \n")
    
    for problem in unique_all_target_repo_dependencies_failed.keys():
        for sbom in unique_all_target_repo_dependencies_failed[problem]:
            f.write(sbom)
            f.write(",")
            f.write(problem)
            f.write(",\n")

### Step 2 -- Map SBOM Name to Repo

- Might need to be careful about how I get the github repo. Some are in PyPI, but it turns out that I can also find it in npm. So match the package manager in sbom file to how I map the github repo.
- See step 3

In [326]:
import pandas as pd

map_sbom_name_to_repo_full_name_raw = pd.read_csv("csv/metastep/map_sbom_name_to_repo_full_name.csv", 
                                              header=0, names=["sbom_name", "repo", "map_by", ""])

# because I map_by is added much more later, so NaN is set to npm
for i, _ in enumerate(map_sbom_name_to_repo_full_name_raw["map_by"]):
    if not isinstance(_, str):
        map_sbom_name_to_repo_full_name_raw.loc[i, "map_by"] = "npm"
        
sbom_name2repo_full_name = {}
for i, row in map_sbom_name_to_repo_full_name_raw.iterrows():
    sbom_name2repo_full_name[row["sbom_name"]] = {"repo": row["repo"], "map_by": row["map_by"], "index": i}
    
sbom_name2repo_full_name

{'7zip-bin': {'repo': 'develar/7zip-bin', 'map_by': 'npm', 'index': 0},
 '@4tw/cypress-drag-drop': {'repo': '4teamwork/cypress-drag-drop',
  'map_by': 'npm',
  'index': 1},
 '@aashutoshrathi/word-wrap': {'repo': 'aashutoshrathi/word-wrap',
  'map_by': 'npm',
  'index': 2},
 '@acuminous/bitsyntax': {'repo': 'acuminous/bitsyntax-js',
  'map_by': 'npm',
  'index': 3},
 '@adobe/css-tools': {'repo': 'adobe/css-tools', 'map_by': 'npm', 'index': 4},
 '@ag-grid-community/client-side-row-model': {'repo': 'ag-grid/ag-grid',
  'map_by': 'npm',
  'index': 5},
 '@ag-grid-community/core': {'repo': 'ag-grid/ag-grid',
  'map_by': 'npm',
  'index': 6},
 '@ag-grid-community/styles': {'repo': 'ag-grid/ag-grid',
  'map_by': 'npm',
  'index': 7},
 '@ag-grid-enterprise/core': {'repo': 'ag-grid/ag-grid',
  'map_by': 'npm',
  'index': 8},
 '@ag-grid-enterprise/range-selection': {'repo': 'ag-grid/ag-grid',
  'map_by': 'npm',
  'index': 9},
 '@ai-sdk/provider': {'repo': 'vercel/ai', 'map_by': 'npm', 'index': 10

In [425]:
import json

def get_relationship_from_sbom_file(repo_full_name : str, dep_filename : str):
    """Get relationship from sbom file
    It makes sure raw_json["relationships"][index]["relatedSpdxElement"] is equal to 
    raw_json["packages"][index]["SPDXID"], and then it maps it to sbom name.
    """
    
    output = []
    
    # read json file
    try:
        with open(dep_filename) as f:
            raw = json.load(f)
    except OSError as e:
        print(repo, "doesn't exist dependencies graph ... ")
        return None
    
    # get relationship and package
    relationships = raw["relationships"]
    packages = raw["packages"]
    
    # if not the same, probably should do it manually.
    assert len(relationships) == len(packages), \
           "relationships and packages len not match %d != %d" % (len(relationships), len(packages))
    
    # loop through packages and check package manager, relatedSpdxElement, relationshipType
    for index, rel in enumerate(relationships):
        # make sure the id in relationships and packages matches
        assert rel["relatedSpdxElement"] == packages[index]["SPDXID"], \
               "SpdxID in relationship and package not match"
        
        # # make sure there is only DEPENDS_ON relationship
        # assert rel["relationshipType"] == "DEPENDS_ON", \
        #        "relationship type is not DEPENDS_ON, it is %s" % rel["relationshipType"]
        
        # create dep info
        sbom_repo_relationship = [repo_full_name, "DEPENDS_ON"]
        sbom_name = packages[index]["name"]
        
        if sbom_name.startswith("npm:"):
            sbom_name = sbom_name.replace("npm:", "")
        
        sbom_dep_info = {"sbom_name": sbom_name}
        
        if "licenseConcluded" in packages[index]:
            sbom_dep_info["license"] = packages[index]["licenseConcluded"]
        if "externalRefs" in packages[index]:
            sbom_dep_info["package_manager"] = \
            packages[index]["externalRefs"][0]["referenceLocator"].split("/")[0].replace("pkg:", "")
        
        sbom_repo_relationship.append(sbom_dep_info)
        
        # append to output
        output.append(sbom_repo_relationship)
        
    return output

In [423]:
def record_sbom_name_failed(repo_full_name: str, sbom_name: str, pkg_manager: str):
    """Record failure to map dependency sbom_name"""
    
    map_sbom_name_failed_new_filename = "csv/metastep/map_sbom_name_failed_new.csv"
    
    failed = pd.read_csv(map_sbom_name_failed_new_filename, header=0,
                         names=["repo_full_name", "relationship", "sbom_name", "pkg_manager", ""])
    
    if any(failed["repo_full_name"][failed["sbom_name"] == sbom_name] == repo_full_name):
        print("(", repo_full_name, ",", sbom_name, ") already in failure record")
        return
    
    with open(map_sbom_name_failed_new_filename, "a") as f:
        f.write(repo_full_name)
        f.write(",")
        f.write("DEPENDS_ON,")
        f.write(sbom_name)
        f.write(",")
        f.write(pkg_manager)
        f.write(",\n")
        
    print("writing", sbom_name, "to", map_sbom_name_failed_new_filename)
        
def record_relationship(repo_full_name: str, relationship: str, dependency: str):
    """Reocrd relationship from repo full name to repo full name"""
    
    relationships_filename = "csv/relationships.csv" # subject, relationship, object
    
    with open(relationships_filename, "a") as f:
        f.write(repo_full_name)
        f.write(",")
        f.write(relationship)
        f.write(",")
        f.write(dependency)
        f.write(",\n")
        
    print("writing", repo_full_name, "-", relationship, "->", dependency, "to", relationships_filename)
    

def map_sbom_name_2_repo_full_name(repo_full_name: str, output: list):
    """Map and record to csv file ready for Neo4j
    dependencies are labeled repo, and relationships point repo to repo
    """
    
    # load the mapping
    global sbom_name2repo_full_name
    
    for rel in output:
        sbom_repo = rel[2]
        
        # make sure sbom_name can be mapped to repo_full_name, or else make sure it is record for failure
        if sbom_repo["sbom_name"] not in sbom_name2repo_full_name:
            record_sbom_name_failed(repo_full_name, sbom_repo["sbom_name"], sbom_repo["package_manager"])
            continue
        
        # make sure the package manager and how we get the repo is matched
        if sbom_repo["package_manager"] in sbom_name2repo_full_name[sbom_repo["sbom_name"]]["map_by"]:
            record_relationship(repo_full_name, rel[1], sbom_name2repo_full_name[sbom_repo["sbom_name"]]["repo"])
        else:
            record_sbom_name_failed(repo_full_name, sbom_repo["sbom_name"], sbom_repo["package_manager"])
            print("package manager not match (", repo_full_name, ",", sbom_repo["sbom_name"], ",", sbom_repo["package_manager"], ")")
            
    print("Dealing with #", len(output), "of records done.")

In [418]:
litegraph_dep = get_relationship_from_sbom_file("jagenjo/litegraph.js", "raw/litegraph.js-dependencies.json")
litegraph_dep = map_sbom_name_2_repo_full_name("jagenjo/litegraph.js", litegraph_dep)

writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/litegraph.js - DEPENDS_ON -> babel/babel to csv/relationships.csv
writing jagenjo/

In [420]:
target_repos

['comfyanonymous/ComfyUI',
 'FlowiseAI/Flowise',
 'jagenjo/litegraph.js',
 'biolab/orange3',
 'jerosoler/Drawflow',
 'chaiNNer-org/chaiNNer',
 'samuelmtimbo/unit',
 'Ironclad/rivet',
 'wonderworks-software/PyFlow',
 'ianarawjo/ChainForge',
 'flydelabs/flyde',
 'laudspeaker/laudspeaker',
 'google/visualblocks',
 'enso-org/enso',
 'GraphiteEditor/Graphite',
 'node-red/node-red',
 'JacquesLucke/animation_nodes',
 'Nelarius/imnodes']

In [426]:
dependency_file_suffix = "-dependencies.json"

# split by "/" and lower the case
for full_repo_name in target_repos:
    name = full_repo_name.split("/")[1]
    name = name.lower()
    
    dep_filename = "raw/" + name + dependency_file_suffix
    
    step1 = get_relationship_from_sbom_file(full_repo_name, dep_filename)
    if step1 is None:
        print("************** skipping", full_repo_name, "*************")
        continue
    step2 = map_sbom_name_2_repo_full_name(full_repo_name, step1)
    print("**************", full_repo_name, "is done*************")

writing pillow to csv/metastep/map_sbom_name_failed_new.csv
package manager not match ( comfyanonymous/ComfyUI , pillow , pypi )
writing scipy to csv/metastep/map_sbom_name_failed_new.csv
package manager not match ( comfyanonymous/ComfyUI , scipy , pypi )
writing pyyaml to csv/metastep/map_sbom_name_failed_new.csv
package manager not match ( comfyanonymous/ComfyUI , pyyaml , pypi )
writing tqdm to csv/metastep/map_sbom_name_failed_new.csv
package manager not match ( comfyanonymous/ComfyUI , tqdm , pypi )
writing torch to csv/metastep/map_sbom_name_failed_new.csv
package manager not match ( comfyanonymous/ComfyUI , torch , pypi )
writing torchvision to csv/metastep/map_sbom_name_failed_new.csv
writing aiohttp to csv/metastep/map_sbom_name_failed_new.csv
package manager not match ( comfyanonymous/ComfyUI , aiohttp , pypi )
writing einops to csv/metastep/map_sbom_name_failed_new.csv
package manager not match ( comfyanonymous/ComfyUI , einops , pypi )
writing psutil to csv/metastep/map_sbo

### Step 3 -- Fixing and Getting the Right Source

After Step1 and 2, which is to: 
1. `csv/target_repo_dependencies_raw.csv` has been loaded in Neo4j
2. `csv/relationships.csv` has been loaded in Neo4j
3. Orphan nodes have been removed

We still need:

**We still need to deal with mapping to repo name failure recorded in `csv/metastep/map_sbom_name_failed-1.csv`.**
**Remember to also update `csv/metastep/map_sbom_name_to_repo_full_name.csv` when fixing the failure, they are one-to-one relationship for sbom name to repo full name (github).**
  - First write to independent file and then merge.

In [2]:
import requests
from pprint import pprint
import base64
from github import Github
import datetime

def get_repo_info_from_repo(repo_info, prop) -> dict:
    # get properties
    output = {}
    for key in prop.keys():
        output[key] = getattr(repo_info, prop[key])
        
        # make datetime YYYY-MM-DD
        if key == "createdAt":
            output[key] = output[key].strftime("%Y-%m-%d")
        
        # enclose description with ""
        if key == "description" and type(output[key]) is str:
            output[key] = "\"" + output[key].replace("\"", "'") + "\""
            
        # make ownedByOrg to "True" or "False"
        if key == "ownedByOrg":
            if output[key] is None:
                output[key] = "False"
            else:
                output[key] = "True"
                
        # make owner to string
        if key == "owner":
            output[key] = output[key].login
        
    return output

In [3]:
import requests
import json
from github import Github
from github import Auth
from github import GithubException

auth = Auth.Token("YOUR_TOKEN")

g = Github(auth=auth)

In [146]:
from bs4 import BeautifulSoup

def search_pypi(sbom_name: str):
    """Search pypi and return Repository() obj"""
    global g
    
    # get html
    url = "https://pypi.org/project/"
    page = requests.get(url + sbom_name)
    
    soup = BeautifulSoup(page.content, 'html.parser')
    
    # parsing
    # <a class="vertical-tabs__tab vertical-tabs__tab--with-icon vertical-tabs__tab--condensed" href="https://github.com/data-exp-lab/yt_libyt" rel="nofollow">
    #    <i aria-hidden="true" class="fas fa-home">
    #    </i>
    #    Homepage
    # </a>
    tag_to_find = ["Homepage", "Repository", "Source", "Download"]
    
    github_url_prefix = "https://github.com/"
    find_all_a = soup.find_all("a")
    candidate = []
    for a in find_all_a:
        for tag in tag_to_find:
            if tag in a.get_text():
                url = a.get("href")
                if github_url_prefix in url:
                    # in case urls like owner/repo/tree/master
                    guess_repo_full_name = url[len(github_url_prefix):].split("/")
                    guess_repo_full_name = guess_repo_full_name[0] + "/" + guess_repo_full_name[1]
                    
                    # in case .git is included at the end
                    if guess_repo_full_name[-len(".git"):] == ".git":
                        guess_repo_full_name = guess_repo_full_name[:-len(".git")]
                        
                    candidate.append(guess_repo_full_name)
    candidate = list(set(candidate))
    
    if len(candidate) != 1:
        print("      * more than one suggestions")
        return None, "MultiSuggestion"
    else:
        repo_info = g.get_repo(full_name_or_id=candidate[0])
        return repo_info, "ok"
    

In [114]:
def search_npm_io(sbom_name: str):
    """Search npm and return Repository() obj"""
    global g
    
    url = "https://api.npms.io/v2/search"
    query = "?q=" + sbom_name
    
    # query using npm.io API
    respond = requests.get(url + query)
    search_npm_results = json.loads(respond.content)
    
    # get the first result based on its search, and return GitHub repo full name
    github_url_prefix = "https://github.com/"
    if search_npm_results["total"] > 0:
        try:
            if search_npm_results["results"][0]["package"]["name"] == sbom_name:
                repo_url = search_npm_results["results"][0]["package"]["links"]["repository"]
                if github_url_prefix in repo_url:
                    temp = repo_url[len(github_url_prefix):].split("/")
                    github_repo_full_name = temp[0] + "/" + temp[1]
                    try:
                        repo_info = g.get_repo(full_name_or_id=github_repo_full_name)
                        return repo_info, "ok"
                    except GithubException as e:
                        if e.status == 404:
                            print("      * cannot access '", github_repo_full_name, "'")
                            return None, "CannotFind"
                        else:
                            raise(e)
                    except Exception as e:
                        print(e)
                        return None, "CannotFind"
                else:
                    print("      * repo_url doesn't contain", github_url_prefix)
                    return None, "CannotFind"
            else:
                print("      * sbom_name not match to searched package name")
                return None, "CannotFind"
        except KeyError:
            print("      * First search result doesn't contain 'package' or 'repository'")
            return None, "CannotFind"
    else:
        print("      * npm.io search nothing")
        return None, "CannotFind"

In [148]:
import time

def scratch_npm_html(sbom_name):
    """Scratch npm html webpage and return Repository() obj"""
    global g
    
    # get html
    url = "https://www.npmjs.com/package/"
    query = sbom_name
    time.sleep(2)
    page = requests.get(url + query)
    html = page.content.decode("utf-8")
    
    span_open_tag = "<span id=\"repository-link\">"
    span_close_tag = "</span>"
    repo_link_start = html.find(span_open_tag)
    
    if repo_link_start > 0:
        repo_link_end = html.find("</span>", repo_link_start)
        guess_repo_full_name = html[len(span_open_tag) + repo_link_start : repo_link_end].split("/")
        repo_full_name = guess_repo_full_name[1] + "/" + guess_repo_full_name[2]
    
        try:
            repo_info = g.get_repo(full_name_or_id=repo_full_name)
            return repo_info, "ok"
        except GithubException as e:
            if e.status == 404:
                print("      * cannot access '", repo_full_name, "'")
                return None, "CannotFind"
            else:
                raise(e)
        except:
            raise("Other error or exception occurred.")
    else:
        print("      * Cannot find repository tag")
        return None, "CannotFind"

In [30]:
def search_github_sort_by_stars(sbom_name: str):
    """Search github and pick the most starrred repo, then return Repository() obj"""
    global g
    
    # search the repo, sort by stars
    try:
        search_rank0_starcount = -1
        search_rank1_starcount = -1
        for s, search in enumerate(g.search_repositories(query=sbom_name, sort="stars")):
            if search.full_name.split("/")[1] == sbom_name:
                if s == 0:
                    search_rank0 = search
                    search_rank0_starcount = search.stargazers_count
                else:
                    search_rank1 = search
                    search_rank1_starcount = search.stargazers_count
                    break

        # pick the one that has largest star count
        # if there are two or more repo, then raise error
        if search_rank0_starcount == -1:
            return None, "CannotFind"

        if search_rank0_starcount <= search_rank1_starcount:
            return None, "MultiSuggestion"

        return search_rank0, "ok"
    except:
        return None, "CannotFind"

In [48]:
def search_github(sbom_name):
    """Search github using full repo name, then return Repository() obj"""
    global g
    
    try:
        repo_info = g.get_repo(full_name_or_id=sbom_name)
        return repo_info, "ok"
    except GithubException as e:
        if e.status == 404:
            return None, "CannotFind"

In [34]:
def write_to_csv_file(filename : str, row : list):
    with open(filename, "a") as f:
        for elem in row:
            f.write(str(elem))
            f.write(",")
        f.write("\n")

In [143]:
import pandas as pd

failed_raw = pd.read_csv("csv/metastep/map_sbom_name_failed-1.csv")

# failed_raw["sbom_name"][330] = str("nan")
# type(failed_raw["sbom_name"][330])
for i, row in failed_raw.iterrows():
    if type(row["sbom_name"]) is float:
        print(i, row["sbom_name"])
        failed_raw["sbom_name"][i] = str("nan")

330 nan
410 nan
541 nan
671 nan
1481 nan
1710 nan
1914 nan


You are setting values through chained assignment. Currently this works in certain cases, but when using Copy-on-Write (which will become the default behaviour in pandas 3.0) this will never work to update the original DataFrame or Series, because the intermediate object on which we are setting values will behave as a copy.
A typical example is when you are setting values in a column of a DataFrame, like:

df["col"][row_indexer] = value

Use `df.loc[row_indexer, "col"] = values` instead, to perform the assignment in a single step and ensure this keeps updating the original `df`.

See the caveats in the documentation: https://pandas.pydata.org/pandas-docs/stable/user_guide/indexing.html#returning-a-view-versus-a-copy

  failed_raw["sbom_name"][i] = str("nan")
A value is trying to be set on a copy of a slice from a DataFrame

See the caveats in the documentation: https://pandas.pydata.org/pandas-docs/stable/user_guide/indexing.html#returning-a-view-versus-a-copy
  failed_raw["sbom_name"]

In [None]:
## find missing dependencies based on file "csv/metastep/map_sbom_name_failed-1.csv"
# 1. Write repo to "csv/target_repo_dependencies_raw-1.csv" (Use `write_to_csv_file`)
# 2. Write relationsip to "csv/relationships-1.csv" (Use `write_to_csv_file`)
# 3. Write "csv/metastep/map_sbom_name_to_repo_full_name-1.csv" (Use `write_to_csv_file`)
# 4. If still failed, write to "csv/metastep/map_sbom_name_failed-2.csv"  (Use `write_to_csv_file`)

find_in = {
    "pypi": search_pypi,
    "npm.io": search_npm_io,
    "npm": scratch_npm_html,
    "github": search_github
}

rep_dep_filename = "csv/target_repo_dependencies_raw-1.csv"
relationship_filename = "csv/relationships-1.csv"
map_sbom_to_repo_filename = "csv/metastep/map_sbom_name_to_repo_full_name-1.csv"
still_fail_filename = "csv/metastep/map_sbom_name_failed-2.csv"

start_at = 595
for index, row in failed_raw.iterrows():
    if index < start_at:
        # print("skipping", index, row["repo_full_name"], row["sbom_name"], row["pkg_manager"])
        continue
        
    # make sure it is DEPENDS_ON relationship
    if row["relationship"] != "DEPENDS_ON":
        print("NotDependsOn#", index, "sbom = ", row["sbom_name"], row["pkg_manager"])
        write_to_csv_file(still_fail_filename, [row["repo_full_name"], row["relationship"], row["sbom_name"], row["pkg_manager"]])
        continue
    
    
    # finding sbom_name's repo based on pkg manager
    repo_info = None, "CannotFind"
    for method in find_in.keys():
        if method in row["pkg_manager"] or row["pkg_manager"] in method:
            repo_info = find_in[method](row["sbom_name"])
            if repo_info[0] is not None:
                break
    
    # output results
    if repo_info[0] is None:
        print("Cannot find #", index, "sbom = ", row["sbom_name"], "(", row["pkg_manager"], ")")
        write_to_csv_file(still_fail_filename, [row["repo_full_name"], row["relationship"], row["sbom_name"], row["pkg_manager"]])
        continue
    else:
        get_repo_info = get_repo_info_from_repo(repo_info[0], properties)
        
        write_to_csv_file(rep_dep_filename, [get_repo_info["name"], get_repo_info["starsCount"], get_repo_info["forksCount"], 
                                             get_repo_info["watchersCount"], get_repo_info["createdAt"], get_repo_info["description"],
                                             get_repo_info["githubPage"], get_repo_info["ownedByOrg"], get_repo_info["owner"], 
                                             get_repo_info["language"]])
        
        write_to_csv_file(relationship_filename, [row["repo_full_name"], row["relationship"], get_repo_info["name"]])
        
        write_to_csv_file(map_sbom_to_repo_filename, [row["sbom_name"], get_repo_info["name"], method])
        
        print("Find        #", index, "sbom = ", row["sbom_name"], "(", row["pkg_manager"], ")", repo_info[0])

      * npm.io search nothing
Find        # 595 sbom =  @chakra-ui/react-children-utils ( npm ) Repository(full_name="chakra-ui/chakra-ui")
      * sbom_name not match to searched package name
Find        # 596 sbom =  @chakra-ui/react-context ( npm ) Repository(full_name="chakra-ui/chakra-ui")
      * npm.io search nothing
Find        # 597 sbom =  @chakra-ui/react-use-focus-effect ( npm ) Repository(full_name="chakra-ui/chakra-ui")
      * npm.io search nothing
Find        # 598 sbom =  @chakra-ui/react-use-focus-on-pointer-down ( npm ) Repository(full_name="chakra-ui/chakra-ui")
      * npm.io search nothing
Find        # 599 sbom =  @chakra-ui/react-use-interval ( npm ) Repository(full_name="chakra-ui/chakra-ui")
      * npm.io search nothing
Find        # 600 sbom =  @chakra-ui/react-use-latest-ref ( npm ) Repository(full_name="chakra-ui/chakra-ui")
      * npm.io search nothing
Find        # 601 sbom =  @chakra-ui/react-use-merge-refs ( npm ) Repository(full_name="chakra-ui/chakr

Following Github server redirection from /repos/js-n/find-root to /repositories/14966421


Find        # 846 sbom =  find-root ( npm ) Repository(full_name="junosuarez/find-root")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 847 sbom =  @types/eslint-scope ( npm )
      * First search result doesn't contain 'package'
Find        # 848 sbom =  @types/express-serve-static-core ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 849 sbom =  @types/history ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 850 sbom =  @types/react-router-dom ( npm )
      * First search result doesn't contain 'package'
Find        # 851 sbom =  @types/send ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 852 sbom =  @types/serve-static ( npm ) Repository(full_name="DefinitelyTyped/Defi

Following Github server redirection from /repos/facebook/flux to /repositories/22046023


Find        # 897 sbom =  flux ( npm ) Repository(full_name="facebookarchive/flux")
      * First search result doesn't contain 'package'
Find        # 898 sbom =  unist-util-generated ( npm ) Repository(full_name="syntax-tree/unist-util-generated")
      * First search result doesn't contain 'package'
Find        # 899 sbom =  @types/hast ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 900 sbom =  @types/tough-cookie ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 901 sbom =  @types/node-fetch ( npm )
      * First search result doesn't contain 'package'
Find        # 902 sbom =  @types/js-cookie ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * npm.io search nothing
      * Cannot find repository tag
Cannot find # 903 sbom =  @atlaskit/platform-feature-flags ( npm )
      * First sea

Following Github server redirection from /repos/ljharb/typed-array-buffer to /repositories/649850465


Find        # 1373 sbom =  typed-array-buffer ( npm ) Repository(full_name="inspect-js/typed-array-buffer")
      * npm.io search nothing
Find        # 1374 sbom =  typed-array-byte-length ( npm ) Repository(full_name="inspect-js/typed-array-byte-length")
      * cannot access ' substack/typedarray '
Find        # 1375 sbom =  typedarray ( npm ) Repository(full_name="es-shims/typedarray")
      * npm.io search nothing
Find        # 1376 sbom =  update-browserslist-db ( npm ) Repository(full_name="browserslist/update-db")
      * First search result doesn't contain 'package'
Find        # 1377 sbom =  use-sync-external-store ( npm ) Repository(full_name="facebook/react")
      * npm.io search nothing
Find        # 1378 sbom =  @csstools/postcss-nested-calc ( npm ) Repository(full_name="csstools/postcss-plugins")
      * npm.io search nothing
Find        # 1379 sbom =  @csstools/postcss-text-decoration-shorthand ( npm ) Repository(full_name="csstools/postcss-plugins")
      * npm.io sear

Following Github server redirection from /repos/js-n/find-root to /repositories/14966421


Find        # 1415 sbom =  find-root ( npm ) Repository(full_name="junosuarez/find-root")
      * npm.io search nothing
Find        # 1416 sbom =  @floating-ui/utils ( npm ) Repository(full_name="floating-ui/floating-ui")
      * First search result doesn't contain 'package'
Find        # 1417 sbom =  @types/send ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1418 sbom =  @types/uuid ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1419 sbom =  @types/long ( npm )
      * First search result doesn't contain 'package'
Find        # 1420 sbom =  @types/serve-static ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1421 sbom =  @types/ws ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * 

Following Github server redirection from /repos/Jam3/glsl-token-inject-block to /repositories/38074197


Find        # 1446 sbom =  glsl-token-inject-block ( npm ) Repository(full_name="Experience-Monks/glsl-token-inject-block")
      * First search result doesn't contain 'package'


Following Github server redirection from /repos/stackgl/glsl-token-properties to /repositories/28726925


Find        # 1447 sbom =  glsl-token-properties ( npm ) Repository(full_name="glslify/glsl-token-properties")
      * First search result doesn't contain 'package'


Following Github server redirection from /repos/stackgl/glsl-token-scope to /repositories/28008671


Find        # 1448 sbom =  glsl-token-scope ( npm ) Repository(full_name="glslify/glsl-token-scope")
      * First search result doesn't contain 'package'


Following Github server redirection from /repos/stackgl/glsl-token-string to /repositories/28727485


Find        # 1449 sbom =  glsl-token-string ( npm ) Repository(full_name="glslify/glsl-token-string")
      * First search result doesn't contain 'package'
      * cannot access ' hughsk/glsl-token-whitespace-trim '
Cannot find # 1450 sbom =  glsl-token-whitespace-trim ( npm )
      * First search result doesn't contain 'package'
Find        # 1451 sbom =  geojson-vt ( npm ) Repository(full_name="mapbox/geojson-vt")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1452 sbom =  @mapbox/geojson-types ( npm )
      * cannot access ' thenativeweb/uuidv4 '
      * cannot access ' thenativeweb/uuidv4 '
Cannot find # 1453 sbom =  uuidv4 ( npm )
      * First search result doesn't contain 'package'
Find        # 1454 sbom =  @types/mdurl ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1455 sbom =  validate.io-number ( npm ) Repository(full_name="validate-io

Following Github server redirection from /repos/dfcreative/has-hover to /repositories/94570982


Find        # 1464 sbom =  has-hover ( npm ) Repository(full_name="dy/has-hover")
      * First search result doesn't contain 'package'
Find        # 1465 sbom =  is-browser ( npm ) Repository(full_name="ForbesLindesay/is-browser")
      * First search result doesn't contain 'package'
Find        # 1466 sbom =  is-iexplorer ( npm ) Repository(full_name="kevva/is-iexplorer")
      * cannot access ' plotly/is-string-blank '
      * cannot access ' plotly/is-string-blank '
Cannot find # 1467 sbom =  is-string-blank ( npm )
      * cannot access ' substack/point-in-polygon '
      * cannot access ' substack/point-in-polygon '
Cannot find # 1468 sbom =  point-in-polygon ( npm )
      * First search result doesn't contain 'package'
Find        # 1469 sbom =  @types/linkify-it ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1470 sbom =  @types/d3-color ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTy

Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1502 sbom =  @smithy/is-array-buffer ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1503 sbom =  @smithy/util-body-length-browser ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1504 sbom =  @smithy/util-buffer-from ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1505 sbom =  @smithy/util-config-provider ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1506 sbom =  @smithy/util-hex-encoding ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1507 sbom =  @smithy/util-uri-escape ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * First search result doesn't contain 'package'
Find        # 1508 sbom =  hasown ( npm ) Repository(full_name="inspect-js/hasOwn")
      * First search result doesn't contain 'package'
Find        # 1509 sbom =  @types/lodash ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1510 sbom =  @smithy/abort-controller ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1511 sbom =  @smithy/config-resolver ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1512 sbom =  @smithy/credential-provider-imds ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1513 sbom =  @smithy/hash-node ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1514 sbom =  @smithy/invalid-dependency ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1515 sbom =  @smithy/middleware-content-length ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1516 sbom =  @smithy/middleware-endpoint ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1517 sbom =  @smithy/middleware-serde ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1518 sbom =  @smithy/middleware-stack ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1519 sbom =  @smithy/node-config-provider ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1520 sbom =  @smithy/property-provider ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1521 sbom =  @smithy/protocol-http ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1522 sbom =  @smithy/querystring-builder ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1523 sbom =  @smithy/querystring-parser ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1524 sbom =  @smithy/service-error-classification ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1525 sbom =  @smithy/shared-ini-file-loader ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1526 sbom =  @smithy/signature-v4 ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1527 sbom =  @smithy/url-parser ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1528 sbom =  @smithy/util-endpoints ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1529 sbom =  @smithy/util-middleware ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1530 sbom =  @smithy/util-retry ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1531 sbom =  @smithy/util-utf8 ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1532 sbom =  @smithy/core ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1533 sbom =  @smithy/middleware-retry ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1534 sbom =  @smithy/node-http-handler ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1535 sbom =  @smithy/util-base64 ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1536 sbom =  @smithy/util-body-length-node ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1537 sbom =  @smithy/util-defaults-mode-browser ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1538 sbom =  @smithy/util-defaults-mode-node ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1539 sbom =  @smithy/util-stream ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
Find        # 1540 sbom =  flask ( pypi ) Repository(full_name="pallets/flask")
Find        # 1541 sbom =  requests ( pypi ) Repository(full_name="psf/requests")
Find        # 1542 sbom =  openai ( pypi ) Repository(full_name="openai/openai-python")
Find        # 1543 sbom =  flask-cors ( pypi ) Repository(full_name="corydolphin/flask-cors")
Find        # 1544 sbom =  anthropic ( pypi ) Repository(full_name="anthropics/anthropic-sdk-python")


Following Github server redirection from /repos/google/generative-ai-python to /repositories/635974055


Find        # 1545 sbom =  google-generativeai ( pypi ) Repository(full_name="google-gemini/generative-ai-python")
Find        # 1546 sbom =  urllib3 ( pypi ) Repository(full_name="urllib3/urllib3")
Find        # 1547 sbom =  mistune ( pypi ) Repository(full_name="lepture/mistune")
Find        # 1548 sbom =  dalaipy ( pypi ) Repository(full_name="wastella/dalaipy")
Cannot find # 1549 sbom =  com.github.ianarawjo/ChainForge ( github )
      * First search result doesn't contain 'package'
Find        # 1550 sbom =  @types/chai ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1551 sbom =  @types/sinon ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1552 sbom =  @types/debug ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1553 sbom =  @types/e

Following Github server redirection from /repos/js-n/find-root to /repositories/14966421


Find        # 1564 sbom =  find-root ( npm ) Repository(full_name="junosuarez/find-root")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1565 sbom =  @types/callsite ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1566 sbom =  @types/find-root ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1567 sbom =  @types/jscodeshift ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1568 sbom =  react-code-blocks ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1569 sbom =  @types/cookie ( npm )
      * First search result doesn't contain 'package'
Find        # 1570 sbom =  array-flatten ( npm ) Repository(full_name="blakeembrey/array-flatten")
      * sbom_name not match to searched package name


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1585 sbom =  @smithy/is-array-buffer ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1586 sbom =  @smithy/util-body-length-node ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1587 sbom =  @smithy/util-buffer-from ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1588 sbom =  @smithy/util-hex-encoding ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1589 sbom =  @smithy/util-uri-escape ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing
Find        # 1590 sbom =  pg-cloudflare ( npm ) Repository(full_name="brianc/node-postgres")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1591 sbom =  @smithy/util-base64 ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1592 sbom =  @smithy/util-utf8 ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * First search result doesn't contain 'package'
Find        # 1593 sbom =  @babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression ( npm ) Repository(full_name="babel/babel")
      * First search result doesn't contain 'package'
Find        # 1594 sbom =  @babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining ( npm ) Repository(full_name="babel/babel")
      * sbom_name not match to searched package name
Find        # 1595 sbom =  @babel/plugin-transform-class-properties ( npm ) Repository(full_name="babel/babel")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1596 sbom =  @types/tough-cookie ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1597 sbom =  @types/whatwg-url ( npm )
      * First search result doesn't contain 'packag

Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1614 sbom =  @smithy/util-body-length-browser ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * First search result doesn't contain 'package'
Find        # 1615 sbom =  @types/jsdom ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1616 sbom =  @smithy/util-config-provider ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1617 sbom =  @smithy/abort-controller ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1618 sbom =  @smithy/config-resolver ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1619 sbom =  @smithy/core ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1620 sbom =  @smithy/credential-provider-imds ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1621 sbom =  @smithy/hash-node ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1622 sbom =  @smithy/invalid-dependency ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1623 sbom =  @smithy/middleware-content-length ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1624 sbom =  @smithy/middleware-endpoint ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1625 sbom =  @smithy/middleware-retry ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1626 sbom =  @smithy/middleware-serde ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1627 sbom =  @smithy/middleware-stack ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1628 sbom =  @smithy/node-config-provider ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1629 sbom =  @smithy/node-http-handler ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1630 sbom =  @smithy/property-provider ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1631 sbom =  @smithy/protocol-http ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1632 sbom =  @smithy/querystring-builder ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1633 sbom =  @smithy/querystring-parser ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1634 sbom =  @smithy/service-error-classification ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1635 sbom =  @smithy/shared-ini-file-loader ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1636 sbom =  @smithy/url-parser ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1637 sbom =  @smithy/util-defaults-mode-browser ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1638 sbom =  @smithy/util-defaults-mode-node ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1639 sbom =  @smithy/util-endpoints ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1640 sbom =  @smithy/util-middleware ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1641 sbom =  @smithy/util-retry ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1642 sbom =  @smithy/util-stream ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * npm.io search nothing


Following Github server redirection from /repos/awslabs/smithy-typescript to /repositories/208319207


Find        # 1643 sbom =  @smithy/signature-v4 ( npm ) Repository(full_name="smithy-lang/smithy-typescript")
      * sbom_name not match to searched package name
      * Cannot find repository tag
Cannot find # 1644 sbom =  @flyde/core ( npm )
      * npm.io search nothing
      * Cannot find repository tag
Cannot find # 1645 sbom =  @flyde/remote-debugger ( npm )
      * npm.io search nothing
      * Cannot find repository tag
Cannot find # 1646 sbom =  @flyde/resolver ( npm )
      * npm.io search nothing
      * Cannot find repository tag
Cannot find # 1647 sbom =  @flyde/runtime ( npm )
      * npm.io search nothing
      * Cannot find repository tag
Cannot find # 1648 sbom =  @flyde/stdlib ( npm )
      * First search result doesn't contain 'package'
Find        # 1649 sbom =  @types/lokijs ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1650 sbom =  eris ( npm ) Repository(full_name="abalabahaha/

Following Github server redirection from /repos/ljharb/typed-array-buffer to /repositories/649850465


Find        # 1737 sbom =  typed-array-buffer ( npm ) Repository(full_name="inspect-js/typed-array-buffer")
      * npm.io search nothing
Find        # 1738 sbom =  typed-array-byte-length ( npm ) Repository(full_name="inspect-js/typed-array-byte-length")
      * First search result doesn't contain 'package'
Find        # 1739 sbom =  array-equal ( npm ) Repository(full_name="sindresorhus/array-equal")
      * First search result doesn't contain 'package'


Following Github server redirection from /repos/studio-b12/array-from to /repositories/35482763


Find        # 1740 sbom =  array-from ( npm ) Repository(full_name="b12-archive/array-from")
      * First search result doesn't contain 'package'
Find        # 1741 sbom =  har-validator ( npm ) Repository(full_name="ahmadnassri/node-har-validator")
      * npm.io search nothing
Find        # 1742 sbom =  es-set-tostringtag ( npm ) Repository(full_name="es-shims/es-set-tostringtag")
      * npm.io search nothing
Find        # 1743 sbom =  safe-array-concat ( npm ) Repository(full_name="ljharb/safe-array-concat")
      * First search result doesn't contain 'package'
Find        # 1744 sbom =  serve-handler ( npm ) Repository(full_name="vercel/serve-handler")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1745 sbom =  @types/keyv ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1746 sbom =  @types/history ( npm )
      * First search result doesn't contain 'package'
Find

Following Github server redirection from /repos/facebook/flux to /repositories/22046023


Find        # 1755 sbom =  flux ( npm ) Repository(full_name="facebookarchive/flux")
      * First search result doesn't contain 'package'
Find        # 1756 sbom =  unist-util-generated ( npm ) Repository(full_name="syntax-tree/unist-util-generated")
      * First search result doesn't contain 'package'
Find        # 1757 sbom =  good-listener ( npm ) Repository(full_name="zenorocha/good-listener")
      * First search result doesn't contain 'package'
Find        # 1758 sbom =  @types/unist ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * sbom_name not match to searched package name
Find        # 1759 sbom =  iterator.prototype ( npm ) Repository(full_name="ljharb/Iterator.prototype")
      * npm.io search nothing
Find        # 1760 sbom =  es-iterator-helpers ( npm ) Repository(full_name="es-shims/iterator-helpers")
      * First search result doesn't contain 'package'
Find        # 1761 sbom =  @docusaurus/plugin-content-docs ( npm ) Repository(full_name="face

Following Github server redirection from /repos/pleerock/class-sanitizer to /repositories/56481887


Find        # 1805 sbom =  class-sanitizer ( npm ) Repository(full_name="typestack/class-sanitizer")
      * npm.io search nothing
Find        # 1806 sbom =  @databricks/sql ( npm ) Repository(full_name="databricks/databricks-sql-nodejs")
      * sbom_name not match to searched package name
Find        # 1807 sbom =  @nestjs/cache-manager ( npm ) Repository(full_name="nestjs/cache-manager")
      * npm.io search nothing
      * cannot access ' laudspeaker/clickhouse-migrations '
Cannot find # 1808 sbom =  @laudspeaker/clickhouse-migrations ( npm )
      * npm.io search nothing
      * cannot access ' julienfdev/nestjs-morgan-logger '
Cannot find # 1809 sbom =  nest-morgan-logger ( npm )
      * sbom_name not match to searched package name
Find        # 1810 sbom =  @babel/plugin-transform-class-properties ( npm ) Repository(full_name="babel/babel")
      * npm.io search nothing
Find        # 1811 sbom =  @humanwhocodes/module-importer ( npm ) Repository(full_name="humanwhocodes/module-

Following Github server redirection from /repos/ljharb/typed-array-buffer to /repositories/649850465


Find        # 1860 sbom =  typed-array-buffer ( npm ) Repository(full_name="inspect-js/typed-array-buffer")
      * npm.io search nothing
Find        # 1861 sbom =  typed-array-byte-length ( npm ) Repository(full_name="inspect-js/typed-array-byte-length")
      * cannot access ' substack/typedarray '
Find        # 1862 sbom =  typedarray ( npm ) Repository(full_name="es-shims/typedarray")
      * First search result doesn't contain 'package'
Find        # 1863 sbom =  unist-util-generated ( npm ) Repository(full_name="syntax-tree/unist-util-generated")
      * First search result doesn't contain 'package'
Find        # 1864 sbom =  use-sync-external-store ( npm ) Repository(full_name="facebook/react")
      * npm.io search nothing
      * Cannot find repository tag
Cannot find # 1865 sbom =  wrap-ansi-cjs ( npm )
      * npm.io search nothing
Find        # 1866 sbom =  @csstools/postcss-nested-calc ( npm ) Repository(full_name="csstools/postcss-plugins")
      * npm.io search nothing
F

Following Github server redirection from /repos/js-n/find-root to /repositories/14966421


Find        # 1899 sbom =  find-root ( npm ) Repository(full_name="junosuarez/find-root")
      * First search result doesn't contain 'package'
Find        # 1900 sbom =  @types/debug ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1901 sbom =  @types/eslint-scope ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1902 sbom =  @types/express-serve-static-core ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1903 sbom =  @types/history ( npm )
      * First search result doesn't contain 'package'
Find        # 1904 sbom =  @types/react-router-dom ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
Find        # 1905 sbom =  @types/send ( npm ) 

Following Github server redirection from /repos/dominictarr/config-chain to /repositories/2301184


Find        # 1967 sbom =  config-chain ( npm ) Repository(full_name="dawsbot/config-chain")
      * First search result doesn't contain 'package'
Find        # 1968 sbom =  @types/mdast ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1969 sbom =  @motionone/dom ( npm )
      * First search result doesn't contain 'package'
Find        # 1970 sbom =  @types/webidl-conversions ( npm ) Repository(full_name="DefinitelyTyped/DefinitelyTyped")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1971 sbom =  @motionone/animation ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1972 sbom =  @motionone/easing ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 1973 sbom =  @motionone/generators ( npm )
      

Following Github server redirection from /repos/dominictarr/config-chain to /repositories/2301184


Find        # 2679 sbom =  config-chain ( npm ) Repository(full_name="dawsbot/config-chain")
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 2680 sbom =  @types/d3-color ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 2681 sbom =  @types/d3-interpolate ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 2682 sbom =  @types/d3-time ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 2683 sbom =  @types/d3-timer ( npm )
      * First search result doesn't contain 'package'
      * Cannot find repository tag
Cannot find # 2684 sbom =  @types/http-cache-semantics ( npm )
      * cannot access ' thenativeweb/boolean '
      * Cannot find repository tag
Cannot find # 2685 sbom =  boolean ( npm )
      * First search result doesn't contain 'package'
      * Can

In [161]:
def merge_mapping(src_list, merge_filename):
    
    output = {}
    
    # Let record overwrite if sbom_name already exist
    for src in src_list:
        raw = pd.read_csv(src)
        
        for index, row in raw.iterrows():
            output[row["sbom_name"]] = {"repo": row["repo"], "map_by": row["map_by"]}
            
    # Write output to csv file
    with open(merge_filename, "w") as f:
        # header
        f.write("sbom_name,repo,map_by,\n")
        
        for sbom_name in output.keys():
            f.write(str(sbom_name))
            f.write(",")
            f.write(output[sbom_name]["repo"])
            f.write(",")
            if isinstance(output[sbom_name]["map_by"], float):
                f.write("npm")
            else:
                f.write(output[sbom_name]["map_by"])
            f.write(",\n")

In [162]:
merge_mapping(["csv/metastep/map_sbom_name_to_repo_full_name.csv", 
               "csv/metastep/map_sbom_name_to_repo_full_name-1.csv"],
              "csv/metastep/map_sbom_name_to_repo_full_name-merged.csv")

### HAS_LICENSE

- Using id to match.

In [80]:
has_license_properties = {
    "repo": "repo",      # repo.full_name
    "license": "spdx_id" # repo.license.spdx_id
}

has_license_filename = "has_license.csv"

In [83]:
full_file_name = "csv/{}".format(has_license_filename)
write_headers(full_file_name, has_license_properties)

with open(full_file_name, "a") as f:
    for repo in target_repos:
        # get the repo
        g = Github()
        repo_info = g.get_repo(full_name_or_id=repo)
        
        f.write(repo)
        f.write(",")
        f.write(repo_info.license.spdx_id)
        f.write(",")
        f.write("\n")

### IN_TOPIC

- Using id to match

In [85]:
in_topic_properties = {
    "repo": "repo", 
    "topic": "topic"
}

in_topic_filename = "in_topic.csv"

In [86]:
full_file_name = "csv/{}".format(in_topic_filename)
write_headers(full_file_name, in_topic_properties)

with open(full_file_name, "a") as f:
    for repo in target_repos:
        # get the repo and topics
        g = Github()
        repo_info = g.get_repo(full_name_or_id=repo)
        topics = repo_info.topics
        
        for t in topics:
            temp = t.replace("-", "").replace(" ", "")
            
            f.write(repo)
            f.write(",")
            f.write(temp)
            f.write(",")
            f.write("\n")