Move language and project type to techdata

.github/workflows/test.yml

@@ -23,7 +23,7 @@ concurrency:
 # Environment variables shared across all jobs.
 env:
   GOPROXY: direct
-  GO_COMMON_TEST_ARGS: "-v github.com/jfrog/jfrog-cli-security --race --timeout 40m --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }}"
+  GO_COMMON_TEST_ARGS: "-v github.com/jfrog/jfrog-cli-security --race --timeout 40m --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --ci.runId=${{ runner.os }}-sec-test --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }}"
   GRADLE_OPTS: -Dorg.gradle.daemon=false
   CI: true
   JFROG_CLI_LOG_LEVEL: DEBUG
@@ -88,7 +88,7 @@ jobs:
 
       # Test and generate code coverage
       - name: Run tests
-        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --ci.runId=${{ runner.os }}-sec-test -covermode atomic -coverprofile=cover-unit-tests --test.unit
+        run: go test ${{ env.GO_COMMON_TEST_ARGS }} -covermode atomic -coverprofile=cover-unit-tests --test.unit
 
   Audit_Command_Integration_Tests:
     name: "[${{ matrix.os }}] ${{ matrix.suite.name }} Audit Command Integration Tests"
@@ -141,7 +141,7 @@ jobs:
 
       # Test
       - name: Run tests
-        run: go test ${{ env.GO_COMMON_TEST_ARGS }} ${{ matrix.suite.testFlags }} --ci.runId=${{ runner.os }}-sec-test
+        run: go test ${{ env.GO_COMMON_TEST_ARGS }} ${{ matrix.suite.testFlags }}
 
   Artifactory_Integration_Tests:
     name: "[${{ matrix.os }}] Artifactory Integration Tests"
@@ -170,7 +170,7 @@ jobs:
 
       # Test
       - name: Run tests
-        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.artifactory --ci.runId=${{ runner.os }}-sec-test
+        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.artifactory
 
   Xray_Commands_Integration_Tests:
     name: "[${{ matrix.os }}] Xray Commands Integration Tests"
@@ -224,7 +224,7 @@ jobs:
 
       # Test
       - name: Run tests
-        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.xsc --ci.runId=${{ runner.os }}-sec-test
+        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.xsc
 
   Binary_Scan_Command_Integration_Tests:
     name: "[${{ matrix.os }}] Binary Scan Command Integration Tests"
@@ -253,7 +253,7 @@ jobs:
 
       # Test
       - name: Run tests
-        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.scan --ci.runId=${{ runner.os }}-sec-test
+        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.scan
 
   Docker_Scan_Commands_Integration_Tests:
     name: "[${{ matrix.os }}] Docker Scan Commands Integration Tests"
@@ -282,7 +282,7 @@ jobs:
 
       # Test
       - name: Run tests
-        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.dockerScan --ci.runId=${{ runner.os }}-sec-test
+        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.dockerScan
 
   Other_Commands_Integration_Tests:
     name: "[${{ matrix.os }}] Other Commands Integration Tests"
@@ -311,7 +311,7 @@ jobs:
 
       # Test
       - name: Run tests
-        run:  go test ${{ env.GO_COMMON_TEST_ARGS }} --test.curation --test.enrich --ci.runId=${{ runner.os }}-sec-test
+        run:  go test ${{ env.GO_COMMON_TEST_ARGS }} --test.curation --test.enrich
 
   Git_Commands_Integration_Tests:
     name: "[${{ matrix.os }}] Git Commands Integration Tests"
@@ -340,4 +340,4 @@ jobs:
 
       # Test
       - name: Run tests
-        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.git --ci.runId=${{ runner.os }}-sec-test
+        run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.git

commands/curation/curationaudit.go

@@ -756,7 +756,7 @@ func (ca *CurationAuditCommand) SetRepo(tech techutils.Technology) error {
 		return nil
 	}
 
-	resolverParams, err := ca.getRepoParams(techutils.TechToProjectType[tech])
+	resolverParams, err := ca.getRepoParams(tech.GetProjectType())
 	if err != nil {
 		return err
 	}

git_test.go

@@ -115,9 +115,9 @@ func TestGitAuditStaticScaCycloneDx(t *testing.T) {
 	dummyCloneUrl := getDummyGitRepoUrl()
 
 	// Create policy and watch for the git repo so we will also get violations (unknown = all vulnerabilities will be reported as violations)
-	policyName, cleanUpPolicy := securityTestUtils.CreateTestSecurityPolicy(t, "git-repo-ignore-rule-policy", utils.Unknown, true, false)
+	policyName, cleanUpPolicy := securityTestUtils.CreateTestSecurityPolicy(t, "git-repo-static-sca-policy", utils.Unknown, true, false)
 	defer cleanUpPolicy()
-	watchName, cleanUpWatch := securityTestUtils.CreateWatchOnGitResources(t, policyName, "git-repo-ignore-rule-watch", xscutils.GetGitRepoUrlKey(dummyCloneUrl))
+	watchName, cleanUpWatch := securityTestUtils.CreateWatchOnGitResources(t, policyName, "git-repo-static-sca-watch", xscutils.GetGitRepoUrlKey(dummyCloneUrl))
 	defer cleanUpWatch()
 
 	// Run the audit command with git repo and verify violations are reported to the platform.

jas/common.go

@@ -490,7 +490,7 @@ func GetAnalyzerManagerXscEnvVars(newFlow bool, msi string, gitRepoUrl, projectK
 	}
 	technology := technologies[0]
 	envVars[JfPackageManagerEnvVariable] = technology.String()
-	envVars[JfLanguageEnvVariable] = string(techutils.TechnologyToLanguage(technology))
+	envVars[JfLanguageEnvVariable] = string(technology.GetLanguage())
 	return envVars
 
 }

sca/bom/buildinfo/technologies/cocoapods/cocoapods.go

@@ -219,7 +219,7 @@ func BuildDependencyTree(params technologies.BuildInfoBomGeneratorParams) (depen
 	}
 	versionMap[packageName] = VersionForMainModule
 	rootNode := &xrayUtils.GraphNode{
-		Id:    techutils.Cocoapods.GetPackageTypeId() + packageInfo,
+		Id:    techutils.Cocoapods.GetXrayPackageTypeId() + packageInfo,
 		Nodes: []*xrayUtils.GraphNode{},
 	}
 	// Parse the dependencies into Xray dependency tree format
@@ -235,12 +235,12 @@ func parsePodDependenciesList(currNode *xrayUtils.GraphNode, dependenciesGraph m
 		return
 	}
 	uniqueDepsSet.Add(currNode.Id)
-	pkgName := strings.Split(strings.TrimPrefix(currNode.Id, techutils.Cocoapods.GetPackageTypeId()), ":")[0]
+	pkgName := strings.Split(strings.TrimPrefix(currNode.Id, techutils.Cocoapods.GetXrayPackageTypeId()), ":")[0]
 	currDepChildren := dependenciesGraph[pkgName]
 	for _, childName := range currDepChildren {
 		fullChildName := fmt.Sprintf("%s:%s", childName, versionMap[childName])
 		childNode := &xrayUtils.GraphNode{
-			Id:     techutils.Cocoapods.GetPackageTypeId() + fullChildName,
+			Id:     techutils.Cocoapods.GetXrayPackageTypeId() + fullChildName,
 			Nodes:  []*xrayUtils.GraphNode{},
 			Parent: currNode,
 		}

sca/bom/buildinfo/technologies/cocoapods/cocoapods_test.go

@@ -35,14 +35,14 @@ func TestBuildCocoapodsDependencyList(t *testing.T) {
 	packageName := filepath.Base(currentDir)
 	packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule)
 	expectedUniqueDeps := []string{
-		techutils.Cocoapods.GetPackageTypeId() + "AppAuth:1.7.5",
-		techutils.Cocoapods.GetPackageTypeId() + "AppAuth/Core:1.7.5",
-		techutils.Cocoapods.GetPackageTypeId() + "AppAuth/ExternalUserAgent:1.7.5",
-		techutils.Cocoapods.GetPackageTypeId() + "GoogleSignIn:6.2.4",
-		techutils.Cocoapods.GetPackageTypeId() + "GTMAppAuth:1.3.1",
-		techutils.Cocoapods.GetPackageTypeId() + "GTMSessionFetcher/Core:2.3.0",
-		techutils.Cocoapods.GetPackageTypeId() + "nanopb:0.3.0",
-		techutils.Cocoapods.GetPackageTypeId() + packageInfo,
+		techutils.Cocoapods.GetXrayPackageTypeId() + "AppAuth:1.7.5",
+		techutils.Cocoapods.GetXrayPackageTypeId() + "AppAuth/Core:1.7.5",
+		techutils.Cocoapods.GetXrayPackageTypeId() + "AppAuth/ExternalUserAgent:1.7.5",
+		techutils.Cocoapods.GetXrayPackageTypeId() + "GoogleSignIn:6.2.4",
+		techutils.Cocoapods.GetXrayPackageTypeId() + "GTMAppAuth:1.3.1",
+		techutils.Cocoapods.GetXrayPackageTypeId() + "GTMSessionFetcher/Core:2.3.0",
+		techutils.Cocoapods.GetXrayPackageTypeId() + "nanopb:0.3.0",
+		techutils.Cocoapods.GetXrayPackageTypeId() + packageInfo,
 	}
 
 	auditBasicParams := technologies.BuildInfoBomGeneratorParams{ServerDetails: server}
@@ -51,7 +51,7 @@ func TestBuildCocoapodsDependencyList(t *testing.T) {
 	assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected")
 	assert.NotEmpty(t, rootNode)
 
-	assert.Equal(t, rootNode[0].Id, techutils.Cocoapods.GetPackageTypeId()+packageInfo)
+	assert.Equal(t, rootNode[0].Id, techutils.Cocoapods.GetXrayPackageTypeId()+packageInfo)
 	assert.Len(t, rootNode[0].Nodes, 2)
 
 	child1 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "nanopb:0.3.0")

sca/bom/buildinfo/technologies/npm/npm.go

@@ -102,9 +102,9 @@ func addIgnoreScriptsFlag(npmArgs []string) []string {
 func parseNpmDependenciesList(dependencies []buildinfo.Dependency, packageInfo *biutils.PackageInfo) (*xrayUtils.GraphNode, []string) {
 	treeMap := make(map[string]xray.DepTreeNode)
 	for _, dependency := range dependencies {
-		dependencyId := techutils.Npm.GetPackageTypeId() + dependency.Id
+		dependencyId := techutils.Npm.GetXrayPackageTypeId() + dependency.Id
 		for _, requestedByNode := range dependency.RequestedBy {
-			parent := techutils.Npm.GetPackageTypeId() + requestedByNode[0]
+			parent := techutils.Npm.GetXrayPackageTypeId() + requestedByNode[0]
 			depTreeNode, ok := treeMap[parent]
 			if ok {
 				depTreeNode.Children = appendUniqueChild(depTreeNode.Children, dependencyId)
@@ -114,7 +114,7 @@ func parseNpmDependenciesList(dependencies []buildinfo.Dependency, packageInfo *
 			treeMap[parent] = depTreeNode
 		}
 	}
-	graph, nodeMapTypes := xray.BuildXrayDependencyTree(treeMap, techutils.Npm.GetPackageTypeId()+packageInfo.BuildInfoModuleId())
+	graph, nodeMapTypes := xray.BuildXrayDependencyTree(treeMap, techutils.Npm.GetXrayPackageTypeId()+packageInfo.BuildInfoModuleId())
 	return graph, maps.Keys(nodeMapTypes)
 }
 

sca/bom/buildinfo/technologies/npm/npm_test.go

@@ -107,7 +107,7 @@ func TestParseNpmDependenciesList(t *testing.T) {
 	}
 	expectedUniqueDeps := []string{xrayDependenciesTree.Id}
 	for _, dep := range dependencies {
-		expectedUniqueDeps = append(expectedUniqueDeps, techutils.Npm.GetPackageTypeId()+dep.Id)
+		expectedUniqueDeps = append(expectedUniqueDeps, techutils.Npm.GetXrayPackageTypeId()+dep.Id)
 	}
 	assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected")
 

sca/bom/buildinfo/technologies/pnpm/pnpm.go

@@ -180,7 +180,7 @@ func createProjectDependenciesTree(project pnpmLsProject) map[string]xray.DepTre
 
 // Return npm://<name>:<version> of a dependency
 func getDependencyId(depName, version string) string {
-	return techutils.Npm.GetPackageTypeId() + depName + ":" + version
+	return techutils.Npm.GetXrayPackageTypeId() + depName + ":" + version
 }
 
 func appendTransitiveDependencies(parent string, dependencies map[string]pnpmLsDependency, result *map[string]xray.DepTreeNode) {

sca/bom/buildinfo/technologies/swift/swift.go

@@ -275,7 +275,7 @@ func BuildDependencyTree(params technologies.BuildInfoBomGeneratorParams) (depen
 	}
 	versionMap[packageName] = VersionForMainModule
 	rootNode := &xrayUtils.GraphNode{
-		Id:    techutils.Swift.GetPackageTypeId() + packageInfo,
+		Id:    techutils.Swift.GetXrayPackageTypeId() + packageInfo,
 		Nodes: []*xrayUtils.GraphNode{},
 	}
 	// Parse the dependencies into Xray dependency tree format
@@ -291,12 +291,12 @@ func parseSwiftDependenciesList(currNode *xrayUtils.GraphNode, dependenciesGraph
 		return
 	}
 	uniqueDepsSet.Add(currNode.Id)
-	pkgName := strings.Split(strings.TrimPrefix(currNode.Id, techutils.Swift.GetPackageTypeId()), ":")[0]
+	pkgName := strings.Split(strings.TrimPrefix(currNode.Id, techutils.Swift.GetXrayPackageTypeId()), ":")[0]
 	currDepChildren := dependenciesGraph[pkgName]
 	for _, childName := range currDepChildren {
 		fullChildName := fmt.Sprintf("%s:%s", childName, versionMap[childName])
 		childNode := &xrayUtils.GraphNode{
-			Id:     techutils.Swift.GetPackageTypeId() + fullChildName,
+			Id:     techutils.Swift.GetXrayPackageTypeId() + fullChildName,
 			Nodes:  []*xrayUtils.GraphNode{},
 			Parent: currNode,
 		}

sca/bom/buildinfo/technologies/swift/swift_test.go

@@ -33,15 +33,15 @@ func TestBuildSwiftDependencyList(t *testing.T) {
 	assert.NoError(t, err)
 	packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule)
 	expectedUniqueDeps := []string{
-		techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-algorithms:1.2.0",
-		techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-numerics:1.0.2",
-		techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-nio-http2:1.19.0",
-		techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-atomics:1.2.0",
-		techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-collections:1.1.4",
-		techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-system:1.4.0",
-		techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-http-types:1.0.2",
-		techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-nio:2.76.1",
-		techutils.Swift.GetPackageTypeId() + packageInfo,
+		techutils.Swift.GetXrayPackageTypeId() + "github.com/apple/swift-algorithms:1.2.0",
+		techutils.Swift.GetXrayPackageTypeId() + "github.com/apple/swift-numerics:1.0.2",
+		techutils.Swift.GetXrayPackageTypeId() + "github.com/apple/swift-nio-http2:1.19.0",
+		techutils.Swift.GetXrayPackageTypeId() + "github.com/apple/swift-atomics:1.2.0",
+		techutils.Swift.GetXrayPackageTypeId() + "github.com/apple/swift-collections:1.1.4",
+		techutils.Swift.GetXrayPackageTypeId() + "github.com/apple/swift-system:1.4.0",
+		techutils.Swift.GetXrayPackageTypeId() + "github.com/apple/swift-http-types:1.0.2",
+		techutils.Swift.GetXrayPackageTypeId() + "github.com/apple/swift-nio:2.76.1",
+		techutils.Swift.GetXrayPackageTypeId() + packageInfo,
 	}
 
 	params := technologies.BuildInfoBomGeneratorParams{ServerDetails: server}
@@ -50,7 +50,7 @@ func TestBuildSwiftDependencyList(t *testing.T) {
 	assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected")
 	assert.NotEmpty(t, rootNode)
 
-	assert.Equal(t, rootNode[0].Id, techutils.Swift.GetPackageTypeId()+packageInfo)
+	assert.Equal(t, rootNode[0].Id, techutils.Swift.GetXrayPackageTypeId()+packageInfo)
 	assert.Len(t, rootNode[0].Nodes, 11)
 
 	child1 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "github.com/apple/swift-algorithms:1.2.0")

sca/bom/buildinfo/technologies/yarn/yarn.go

@@ -235,5 +235,5 @@ func getXrayDependencyId(yarnDependency *bibuildutils.YarnDependency) (string, e
 	if err != nil {
 		return "", err
 	}
-	return techutils.Npm.GetPackageTypeId() + dependencyName + ":" + yarnDependency.Details.Version, nil
+	return techutils.Npm.GetXrayPackageTypeId() + dependencyName + ":" + yarnDependency.Details.Version, nil
 }

sca/bom/buildinfo/technologies/yarn/yarn_test.go

@@ -20,7 +20,7 @@ import (
 )
 
 func TestParseYarnDependenciesMap(t *testing.T) {
-	npmId := techutils.Npm.GetPackageTypeId()
+	npmId := techutils.Npm.GetXrayPackageTypeId()
 
 	testCases := []struct {
 		name               string

tests/testdata/output/dockerscan/docker_simple_json.json

@@ -4,7 +4,7 @@
       "severity": "Critical",
       "impactedPackageName": "debian:bookworm:libssl3",
       "impactedPackageVersion": "3.0.13-1~deb12u1",
-      "impactedPackageType": "Debian",
+      "impactedPackageType": "deb",
       "components": [
         {
           "name": "sha256__f21c087a3964a446bce1aa4e3ec7cf82020dd77ad14f1cf4ea49cbb32eda1595.tar",
@@ -60,7 +60,7 @@
       "severity": "Critical",
       "impactedPackageName": "debian:bookworm:openssl",
       "impactedPackageVersion": "3.0.13-1~deb12u1",
-      "impactedPackageType": "Debian",
+      "impactedPackageType": "deb",
       "components": [
         {
           "name": "sha256__f21c087a3964a446bce1aa4e3ec7cf82020dd77ad14f1cf4ea49cbb32eda1595.tar",
@@ -118,7 +118,7 @@
       "severity": "Unknown",
       "impactedPackageName": "debian:bookworm:libssl3",
       "impactedPackageVersion": "3.0.13-1~deb12u1",
-      "impactedPackageType": "Debian",
+      "impactedPackageType": "deb",
       "components": [
         {
           "name": "sha256__f21c087a3964a446bce1aa4e3ec7cf82020dd77ad14f1cf4ea49cbb32eda1595.tar",
@@ -186,7 +186,7 @@
       "severity": "Unknown",
       "impactedPackageName": "debian:bookworm:libssl3",
       "impactedPackageVersion": "3.0.13-1~deb12u1",
-      "impactedPackageType": "Debian",
+      "impactedPackageType": "deb",
       "components": [
         {
           "name": "sha256__f21c087a3964a446bce1aa4e3ec7cf82020dd77ad14f1cf4ea49cbb32eda1595.tar",

utils/artifactory/artifactoryutils.go

@@ -45,7 +45,7 @@ func GetResolutionRepoIfExists(tech techutils.Technology) (details *ArtifactoryD
 
 // Searches for the configuration file based on the technology type. If found, it extracts the resolver repository from it.
 func getArtifactoryRepositoryConfig(tech techutils.Technology) (repoConfig *project.RepositoryConfig, err error) {
-	configFilePath, exists, err := project.GetProjectConfFilePath(techutils.TechToProjectType[tech])
+	configFilePath, exists, err := project.GetProjectConfFilePath(tech.GetProjectType())
 	if err != nil {
 		err = fmt.Errorf("failed while searching for %s.yaml config file: %s", tech.String(), err.Error())
 		return
@@ -54,7 +54,7 @@ func getArtifactoryRepositoryConfig(tech techutils.Technology) (repoConfig *proj
 		// Nuget and Dotnet are identified similarly in the detection process. To prevent redundancy, Dotnet is filtered out earlier in the process, focusing solely on detecting Nuget.
 		// Consequently, it becomes necessary to verify the presence of dotnet.yaml when Nuget detection occurs.
 		if tech == techutils.Nuget {
-			configFilePath, exists, err = project.GetProjectConfFilePath(techutils.TechToProjectType[techutils.Dotnet])
+			configFilePath, exists, err = project.GetProjectConfFilePath(techutils.Dotnet.GetProjectType())
 			if err != nil {
 				err = fmt.Errorf("failed while searching for %s.yaml config file: %s", tech.String(), err.Error())
 				return

utils/results/common.go

@@ -616,7 +616,7 @@ func GetUniqueKey(vulnerableDependency, vulnerableVersion, xrayID string, fixVer
 // Found use of a badCode inside the node_modules from a different package, report applicable.
 func shouldDisqualifyEvidence(components map[string]services.Component, evidenceFilePath string) (disqualify bool) {
 	for key := range components {
-		if !strings.HasPrefix(key, techutils.Npm.GetPackageTypeId()) {
+		if !strings.HasPrefix(key, techutils.Npm.GetXrayPackageTypeId()) {
 			return
 		}
 		dependencyName, _, _ := techutils.SplitComponentIdRaw(key)
@@ -906,12 +906,23 @@ func CreateScaComponentFromXrayCompId(xrayImpactedPackageId string, properties .
 		Type:       cyclonedx.ComponentTypeLibrary,
 		Name:       compName,
 		Version:    compVersion,
-		PackageURL: techutils.ToPackageUrl(compName, compVersion, techutils.ToCdxPackageType(compType)),
+		PackageURL: techutils.ToPackageUrl(compName, compVersion, techutils.XrayPackageTypeToCdxPackageType(compType)),
 	}
 	component.Properties = cdxutils.AppendProperties(component.Properties, properties...)
 	return
 }
 
+func FormalTechOrCdxCompType(cdxCompType string, pretty bool) string {
+	if !pretty {
+		return cdxCompType
+	}
+	tech := techutils.CdxPackageTypeToTechnology(cdxCompType)
+	if tech != techutils.NoTech {
+		return tech.ToFormal()
+	}
+	return cdxCompType
+}
+
 func CreateScaComponentFromBinaryNode(node *xrayUtils.BinaryGraphNode) (component cyclonedx.Component) {
 	// Create the component
 	component = CreateScaComponentFromXrayCompId(node.Id)