/src/CMake/Source/cmExportSbomGenerator.cxx

Source
/* Distributed under the OSI-approved BSD 3-Clause License.  See accompanying
   file LICENSE.rst or https://cmake.org/licensing for details.  */
#include "cmExportSbomGenerator.h"

#include <array>
#include <map>
#include <set>
#include <string>
#include <utility>
#include <vector>

#include <cm/optional>
#include <cmext/algorithm>

#include "cmArgumentParserTypes.h"
#include "cmFindPackageStack.h"
#include "cmGeneratorExpression.h"
#include "cmGeneratorTarget.h"
#include "cmList.h"
#include "cmMakefile.h"
#include "cmMessageType.h"
#include "cmSbomArguments.h"
#include "cmSbomObject.h"
#include "cmSpdx.h"
#include "cmSpdxSerializer.h"
#include "cmStateTypes.h"
#include "cmStringAlgorithms.h"
#include "cmSystemTools.h"
#include "cmTarget.h"
#include "cmValue.h"

cmSpdxPackage::PurposeId GetPurpose(cmStateEnums::TargetType type)
{
  switch (type) {
    case cmStateEnums::TargetType::EXECUTABLE:
      return cmSpdxPackage::PurposeId::APPLICATION;
    case cmStateEnums::TargetType::STATIC_LIBRARY:
    case cmStateEnums::TargetType::SHARED_LIBRARY:
    case cmStateEnums::TargetType::MODULE_LIBRARY:
    case cmStateEnums::TargetType::OBJECT_LIBRARY:
    case cmStateEnums::TargetType::INTERFACE_LIBRARY:
      return cmSpdxPackage::PurposeId::LIBRARY;
    case cmStateEnums::TargetType::UTILITY:
      return cmSpdxPackage::PurposeId::SOURCE;
    case cmStateEnums::TargetType::GLOBAL_TARGET:
    case cmStateEnums::TargetType::UNKNOWN_LIBRARY:
    default:
      return cmSpdxPackage::PurposeId::ARCHIVE;
  }
}

cmExportSbomGenerator::cmExportSbomGenerator(cmSbomArguments args)
  : PackageName(std::move(args.PackageName))
  , PackageVersion(std::move(args.Version))
  , PackageDescription(std::move(args.Description))
  , PackageWebsite(std::move(args.Website))
  , PackageLicense(std::move(args.License))
  , PackageFormat(args.GetFormat())
{
}

bool cmExportSbomGenerator::GenerateImportFile(std::ostream& os)
{
  return this->GenerateMainFile(os);
}

void cmExportSbomGenerator::WriteSbom(cmSbomDocument& doc,
                                      std::ostream& os) const
{
  switch (this->PackageFormat) {
    case cmSbomArguments::SbomFormat::SPDX_3_0_JSON:
      cmSpdxSerializer{}.WriteSbom(os, cmSbomObject(doc));
      break;
    case cmSbomArguments::SbomFormat::NONE:
      break;
  }
}

bool cmExportSbomGenerator::AddPackageInformation(
  cmSpdxPackage& artifact, std::string const& name,
  cmPackageInformation const& package) const
{
  if (name.empty()) {
    return false;
  }

  cmSpdxOrganization org;
  org.SpdxId = cmStrCat("urn:", name, "#Organization");
  org.Name = name;
  org.CreationInfo = artifact.CreationInfo;
  artifact.OriginatedBy.emplace_back(std::move(org));

  if (package.Description) {
    artifact.Description = *package.Description;
  }

  if (package.Version) {
    artifact.PackageVersion = *package.Version;
  }

  if (package.PackageUrl) {
    artifact.PackageUrl = *package.PackageUrl;
  }

  if (package.License) {
    artifact.CopyrightText = *package.License;
  }

  artifact.BuiltTime = cmSystemTools::GetCurrentDateTime("%FT%TZ");
  cmSpdxExternalRef externalRef;
  externalRef.Locator = cmStrCat("cmake:find_package(", name, ")");
  externalRef.ExternalRefType = "buildSystem";
  return true;
}

cmSpdxCreationInfo cmExportSbomGenerator::GenerateCreationInfo() const
{
  cmSpdxCreationInfo ci;
  ci.SpdxId = "_:Build#CreationInfo";
  ci.Created = cmSystemTools::GetCurrentDateTime("%FT%TZ");
  ci.CreatedBy = { "https://gitlab.kitware.com/cmake/cmake" };
  ci.Comment = "This SBOM was generated from the CMakeLists.txt File";
  ci.SpecVersion = "3.0.1";
  return ci;
}

cmSpdxDocument cmExportSbomGenerator::GenerateSbom(
  cmSpdxCreationInfo const* ci) const
{
  cmSpdxDocument proj;
  proj.Name = PackageName;
  proj.SpdxId = cmStrCat("urn:", PackageName, "#SPDXDocument");
  proj.ProfileConformance = { "core", "software" };
  proj.CreationInfo = ci;

  if (!this->PackageDescription.empty()) {
    proj.Description = this->PackageDescription;
  }

  if (!this->PackageLicense.empty()) {
    proj.DataLicense = this->PackageLicense;
  }

  return proj;
}

cmSpdxPackage cmExportSbomGenerator::GenerateImportTarget(
  cmSpdxCreationInfo const* ci, cmGeneratorTarget const* target) const
{
  cmSpdxPackage package;
  package.SpdxId = cmStrCat("urn:", target->GetName(), "#Package");
  package.Name = target->GetName();
  package.PrimaryPurpose = GetPurpose(target->GetType());
  package.CreationInfo = ci;

  if (!this->PackageVersion.empty()) {
    package.PackageVersion = this->PackageVersion;
  }

  if (!this->PackageWebsite.empty()) {
    package.Homepage = this->PackageWebsite;
  }

  if (!this->PackageUrl.empty()) {
    package.DownloadLocation = this->PackageUrl;
  }

  return package;
}

void cmExportSbomGenerator::GenerateLinkProperties(
  cmSbomDocument& doc, cmSpdxDocument* project, cmSpdxCreationInfo const* ci,
  std::string const& libraries, TargetProperties const& current,
  std::vector<TargetProperties> const& allTargets) const
{
  auto itProp = current.Properties.find(libraries);
  if (itProp == current.Properties.end()) {
    return;
  }

  std::map<std::string, std::vector<std::string>> allowList = { { "LINK_ONLY",
                                                                  {} } };
  std::string interfaceLinkLibraries;
  if (!cmGeneratorExpression::ForbidGeneratorExpressions(
        current.Target, itProp->first, itProp->second, interfaceLinkLibraries,
        allowList)) {
    return;
  }

  auto makeRel = [&](char const* id, char const* desc) {
    cmSpdxRelationship r;
    r.SpdxId = cmStrCat("urn:", id, "#Relationship");
    r.RelationshipType = cmSpdxRelationship::RelationshipTypeId::DEPENDS_ON;
    r.Description = desc;
    r.From = current.Package;
    r.CreationInfo = ci;
    return r;
  };

  auto linkLibraries = makeRel("Static", "Linked Libraries");
  auto linkRequires = makeRel("Dynamic", "Required Runtime Libraries");
  auto buildRequires = makeRel("Shared", "Required Build-Time Libraries");

  auto addArtifact =
    [&](std::string const& name) -> std::pair<bool, cmSpdxPackage const*> {
    auto it = this->LinkTargets.find(name);
    if (it != this->LinkTargets.end()) {
      LinkInfo const& linkInfo = it->second;
      if (linkInfo.Package.empty()) {
        for (auto const& t : allTargets) {
          if (t.Target->GetName() == linkInfo.Component) {
            return { true, t.Package };
          }
        }
      }
      std::string pkgName =
        cmStrCat(linkInfo.Package, ":", linkInfo.Component);
      cmSpdxPackage pkg;
      pkg.Name = pkgName;
      pkg.SpdxId = cmStrCat("urn:", pkgName, "#Package");
      pkg.CreationInfo = ci;
      if (!linkInfo.Package.empty()) {
        auto const& pkgIt = this->Requirements.find(linkInfo.Package);
        if (pkgIt != this->Requirements.end() &&
            pkgIt->second.Components.count(linkInfo.Component) > 0) {
          this->AddPackageInformation(pkg, pkgIt->first, pkgIt->second);
        }
      }
      return { true, insert_back(project->Elements, std::move(pkg)) };
    }

    cmSpdxPackage pkg;
    pkg.SpdxId = cmStrCat("urn:", name, "#Package");
    pkg.Name = name;
    pkg.CreationInfo = ci;
    return { false, insert_back(project->Elements, std::move(pkg)) };
  };

  auto handleDependencies = [&](std::vector<std::string> const& names,
                                cmSpdxRelationship& internalDeps,
                                cmSpdxRelationship& externalDeps) {
    for (auto const& n : names) {
      auto res = addArtifact(n);
      if (!res.second) {
        continue;
      }

      if (res.first) {
        internalDeps.To.push_back(res.second);
      } else {
        externalDeps.To.push_back(res.second);
      }
    }
  };

  handleDependencies(allowList["LINK_ONLY"], linkLibraries, linkRequires);
  handleDependencies(cmList{ interfaceLinkLibraries }, linkLibraries,
                     buildRequires);

  if (!linkLibraries.To.empty()) {
    insert_back(doc.Graph, std::move(linkLibraries));
  }
  if (!linkRequires.To.empty()) {
    insert_back(doc.Graph, std::move(linkRequires));
  }
  if (!buildRequires.To.empty()) {
    insert_back(doc.Graph, std::move(buildRequires));
  }
}

bool cmExportSbomGenerator::GenerateProperties(
  cmSbomDocument& doc, cmSpdxDocument* proj, cmSpdxCreationInfo const* ci,
  TargetProperties const& current,
  std::vector<TargetProperties> const& allTargets) const
{
  this->GenerateLinkProperties(doc, proj, ci, "LINK_LIBRARIES", current,
                               allTargets);
  this->GenerateLinkProperties(doc, proj, ci, "INTERFACE_LINK_LIBRARIES",
                               current, allTargets);
  return true;
}

bool cmExportSbomGenerator::PopulateLinkLibrariesProperty(
  cmGeneratorTarget const* target,
  cmGeneratorExpression::PreprocessContext preprocessRule,
  ImportPropertyMap& properties)
{
  static std::array<std::string, 3> const linkIfaceProps = {
    { "LINK_LIBRARIES", "LINK_LIBRARIES_DIRECT",
      "LINK_LIBRARIES_DIRECT_EXCLUDE" }
  };
  bool hadLINK_LIBRARIES = false;
  for (std::string const& linkIfaceProp : linkIfaceProps) {
    if (cmValue input = target->GetProperty(linkIfaceProp)) {
      std::string prepro =
        cmGeneratorExpression::Preprocess(*input, preprocessRule);
      if (!prepro.empty()) {
        this->ResolveTargetsInGeneratorExpressions(prepro, target,
                                                   ReplaceFreeTargets);
        properties[linkIfaceProp] = prepro;
        hadLINK_LIBRARIES = true;
      }
    }
  }
  return hadLINK_LIBRARIES;
}

bool cmExportSbomGenerator::NoteLinkedTarget(
  cmGeneratorTarget const* target, std::string const& linkedName,
  cmGeneratorTarget const* linkedTarget)
{
  if (cm::contains(this->ExportedTargets, linkedTarget)) {
    this->LinkTargets.emplace(linkedName,
                              LinkInfo{ "", linkedTarget->GetExportName() });
    return true;
  }

  if (linkedTarget->IsImported()) {
    using Package = cm::optional<std::pair<std::string, cmPackageInformation>>;
    auto pkgInfo = [](cmTarget* t) -> Package {
      cmFindPackageStack pkgStack = t->GetFindPackageStack();
      if (!pkgStack.Empty()) {
        return std::make_pair(pkgStack.Top().Name, pkgStack.Top().PackageInfo);
      }
      std::string const pkgName =
        t->GetSafeProperty("EXPORT_FIND_PACKAGE_NAME");
      if (pkgName.empty()) {
        return cm::nullopt;
      }
      cmPackageInformation package;
      return std::make_pair(pkgName, package);
    }(linkedTarget->Target);

    if (!pkgInfo) {
      target->Makefile->IssueMessage(
        MessageType::AUTHOR_WARNING,
        cmStrCat("Target \"", target->GetName(),
                 "\" references imported target \"", linkedName,
                 "\" which does not come from any known package."));
      return false;
    }

    std::string const& pkgName = pkgInfo->first;
    auto const& prefix = cmStrCat(pkgName, "::");
    std::string component;
    if (!cmHasPrefix(linkedName, prefix)) {
      component = linkedName;
    } else {
      component = linkedName.substr(prefix.length());
    }
    this->LinkTargets.emplace(linkedName, LinkInfo{ pkgName, component });
    cmPackageInformation& req =
      this->Requirements.insert(std::move(*pkgInfo)).first->second;
    req.Components.emplace(std::move(component));
    return true;
  }

  // Target belongs to another export from this build.
  auto const& exportInfo = this->FindExportInfo(linkedTarget);
  if (exportInfo.Namespaces.size() == 1 && exportInfo.Sets.size() == 1) {
    auto const& linkNamespace = *exportInfo.Namespaces.begin();
    if (!cmHasSuffix(linkNamespace, "::")) {
      target->Makefile->IssueMessage(
        MessageType::AUTHOR_WARNING,
        cmStrCat("Target \"", target->GetName(), "\" references target \"",
                 linkedName,
                 "\", which does not use the standard namespace separator. "
                 "This is not allowed."));
    }

    std::string pkgName{ linkNamespace.data(), linkNamespace.size() - 2 };
    std::string component = linkedTarget->GetExportName();
    if (pkgName == this->GetPackageName()) {
      this->LinkTargets.emplace(linkedName, LinkInfo{ "", component });
    } else {
      this->LinkTargets.emplace(linkedName, LinkInfo{ pkgName, component });
      this->Requirements[pkgName].Components.emplace(std::move(component));
    }
    return true;
  }

  // Target belongs to multiple namespaces or multiple export sets.
  // cmExportFileGenerator::HandleMissingTarget should have complained about
  // this already.
  return false;
}

Coverage Report

Created: 2026-03-12 06:35

Line	Count	Source
1		/* Distributed under the OSI-approved BSD 3-Clause License. See accompanying
2		file LICENSE.rst or https://cmake.org/licensing for details. */
3		#include "cmExportSbomGenerator.h"
4
5		#include <array>
6		#include <map>
7		#include <set>
8		#include <string>
9		#include <utility>
10		#include <vector>
11
12		#include <cm/optional>
13		#include <cmext/algorithm>
14
15		#include "cmArgumentParserTypes.h"
16		#include "cmFindPackageStack.h"
17		#include "cmGeneratorExpression.h"
18		#include "cmGeneratorTarget.h"
19		#include "cmList.h"
20		#include "cmMakefile.h"
21		#include "cmMessageType.h"
22		#include "cmSbomArguments.h"
23		#include "cmSbomObject.h"
24		#include "cmSpdx.h"
25		#include "cmSpdxSerializer.h"
26		#include "cmStateTypes.h"
27		#include "cmStringAlgorithms.h"
28		#include "cmSystemTools.h"
29		#include "cmTarget.h"
30		#include "cmValue.h"
31
32		cmSpdxPackage::PurposeId GetPurpose(cmStateEnums::TargetType type)
33	0	{
34	0	switch (type) {
35	0	case cmStateEnums::TargetType::EXECUTABLE:
36	0	return cmSpdxPackage::PurposeId::APPLICATION;
37	0	case cmStateEnums::TargetType::STATIC_LIBRARY:
38	0	case cmStateEnums::TargetType::SHARED_LIBRARY:
39	0	case cmStateEnums::TargetType::MODULE_LIBRARY:
40	0	case cmStateEnums::TargetType::OBJECT_LIBRARY:
41	0	case cmStateEnums::TargetType::INTERFACE_LIBRARY:
42	0	return cmSpdxPackage::PurposeId::LIBRARY;
43	0	case cmStateEnums::TargetType::UTILITY:
44	0	return cmSpdxPackage::PurposeId::SOURCE;
45	0	case cmStateEnums::TargetType::GLOBAL_TARGET:
46	0	case cmStateEnums::TargetType::UNKNOWN_LIBRARY:
47	0	default:
48	0	return cmSpdxPackage::PurposeId::ARCHIVE;
49	0	}
50	0	}
51
52		cmExportSbomGenerator::cmExportSbomGenerator(cmSbomArguments args)
53	0	: PackageName(std::move(args.PackageName))
54	0	, PackageVersion(std::move(args.Version))
55	0	, PackageDescription(std::move(args.Description))
56	0	, PackageWebsite(std::move(args.Website))
57	0	, PackageLicense(std::move(args.License))
58	0	, PackageFormat(args.GetFormat())
59	0	{
60	0	}
61
62		bool cmExportSbomGenerator::GenerateImportFile(std::ostream& os)
63	0	{
64	0	return this->GenerateMainFile(os);
65	0	}
66
67		void cmExportSbomGenerator::WriteSbom(cmSbomDocument& doc,
68		std::ostream& os) const
69	0	{
70	0	switch (this->PackageFormat) {
71	0	case cmSbomArguments::SbomFormat::SPDX_3_0_JSON:
72	0	cmSpdxSerializer{}.WriteSbom(os, cmSbomObject(doc));
73	0	break;
74	0	case cmSbomArguments::SbomFormat::NONE:
75	0	break;
76	0	}
77	0	}
78
79		bool cmExportSbomGenerator::AddPackageInformation(
80		cmSpdxPackage& artifact, std::string const& name,
81		cmPackageInformation const& package) const
82	0	{
83	0	if (name.empty()) {
84	0	return false;
85	0	}
86
87	0	cmSpdxOrganization org;
88	0	org.SpdxId = cmStrCat("urn:", name, "#Organization");
89	0	org.Name = name;
90	0	org.CreationInfo = artifact.CreationInfo;
91	0	artifact.OriginatedBy.emplace_back(std::move(org));
92
93	0	if (package.Description) {
94	0	artifact.Description = *package.Description;
95	0	}
96
97	0	if (package.Version) {
98	0	artifact.PackageVersion = *package.Version;
99	0	}
100
101	0	if (package.PackageUrl) {
102	0	artifact.PackageUrl = *package.PackageUrl;
103	0	}
104
105	0	if (package.License) {
106	0	artifact.CopyrightText = *package.License;
107	0	}
108
109	0	artifact.BuiltTime = cmSystemTools::GetCurrentDateTime("%FT%TZ");
110	0	cmSpdxExternalRef externalRef;
111	0	externalRef.Locator = cmStrCat("cmake:find_package(", name, ")");
112	0	externalRef.ExternalRefType = "buildSystem";
113	0	return true;
114	0	}
115
116		cmSpdxCreationInfo cmExportSbomGenerator::GenerateCreationInfo() const
117	0	{
118	0	cmSpdxCreationInfo ci;
119	0	ci.SpdxId = "_:Build#CreationInfo";
120	0	ci.Created = cmSystemTools::GetCurrentDateTime("%FT%TZ");
121	0	ci.CreatedBy = { "https://gitlab.kitware.com/cmake/cmake" };
122	0	ci.Comment = "This SBOM was generated from the CMakeLists.txt File";
123	0	ci.SpecVersion = "3.0.1";
124	0	return ci;
125	0	}
126
127		cmSpdxDocument cmExportSbomGenerator::GenerateSbom(
128		cmSpdxCreationInfo const* ci) const
129	0	{
130	0	cmSpdxDocument proj;
131	0	proj.Name = PackageName;
132	0	proj.SpdxId = cmStrCat("urn:", PackageName, "#SPDXDocument");
133	0	proj.ProfileConformance = { "core", "software" };
134	0	proj.CreationInfo = ci;
135
136	0	if (!this->PackageDescription.empty()) {
137	0	proj.Description = this->PackageDescription;
138	0	}
139
140	0	if (!this->PackageLicense.empty()) {
141	0	proj.DataLicense = this->PackageLicense;
142	0	}
143
144	0	return proj;
145	0	}
146
147		cmSpdxPackage cmExportSbomGenerator::GenerateImportTarget(
148		cmSpdxCreationInfo const* ci, cmGeneratorTarget const* target) const
149	0	{
150	0	cmSpdxPackage package;
151	0	package.SpdxId = cmStrCat("urn:", target->GetName(), "#Package");
152	0	package.Name = target->GetName();
153	0	package.PrimaryPurpose = GetPurpose(target->GetType());
154	0	package.CreationInfo = ci;
155
156	0	if (!this->PackageVersion.empty()) {
157	0	package.PackageVersion = this->PackageVersion;
158	0	}
159
160	0	if (!this->PackageWebsite.empty()) {
161	0	package.Homepage = this->PackageWebsite;
162	0	}
163
164	0	if (!this->PackageUrl.empty()) {
165	0	package.DownloadLocation = this->PackageUrl;
166	0	}
167
168	0	return package;
169	0	}
170
171		void cmExportSbomGenerator::GenerateLinkProperties(
172		cmSbomDocument& doc, cmSpdxDocument* project, cmSpdxCreationInfo const* ci,
173		std::string const& libraries, TargetProperties const& current,
174		std::vector<TargetProperties> const& allTargets) const
175	0	{
176	0	auto itProp = current.Properties.find(libraries);
177	0	if (itProp == current.Properties.end()) {
178	0	return;
179	0	}
180
181	0	std::map<std::string, std::vector<std::string>> allowList = { { "LINK_ONLY",
182	0	{} } };
183	0	std::string interfaceLinkLibraries;
184	0	if (!cmGeneratorExpression::ForbidGeneratorExpressions(
185	0	current.Target, itProp->first, itProp->second, interfaceLinkLibraries,
186	0	allowList)) {
187	0	return;
188	0	}
189
190	0	auto makeRel = [&](char const* id, char const* desc) {
191	0	cmSpdxRelationship r;
192	0	r.SpdxId = cmStrCat("urn:", id, "#Relationship");
193	0	r.RelationshipType = cmSpdxRelationship::RelationshipTypeId::DEPENDS_ON;
194	0	r.Description = desc;
195	0	r.From = current.Package;
196	0	r.CreationInfo = ci;
197	0	return r;
198	0	};
199
200	0	auto linkLibraries = makeRel("Static", "Linked Libraries");
201	0	auto linkRequires = makeRel("Dynamic", "Required Runtime Libraries");
202	0	auto buildRequires = makeRel("Shared", "Required Build-Time Libraries");
203
204	0	auto addArtifact =
205	0	[&](std::string const& name) -> std::pair<bool, cmSpdxPackage const*> {
206	0	auto it = this->LinkTargets.find(name);
207	0	if (it != this->LinkTargets.end()) {
208	0	LinkInfo const& linkInfo = it->second;
209	0	if (linkInfo.Package.empty()) {
210	0	for (auto const& t : allTargets) {
211	0	if (t.Target->GetName() == linkInfo.Component) {
212	0	return { true, t.Package };
213	0	}
214	0	}
215	0	}
216	0	std::string pkgName =
217	0	cmStrCat(linkInfo.Package, ":", linkInfo.Component);
218	0	cmSpdxPackage pkg;
219	0	pkg.Name = pkgName;
220	0	pkg.SpdxId = cmStrCat("urn:", pkgName, "#Package");
221	0	pkg.CreationInfo = ci;
222	0	if (!linkInfo.Package.empty()) {
223	0	auto const& pkgIt = this->Requirements.find(linkInfo.Package);
224	0	if (pkgIt != this->Requirements.end() &&
225	0	pkgIt->second.Components.count(linkInfo.Component) > 0) {
226	0	this->AddPackageInformation(pkg, pkgIt->first, pkgIt->second);
227	0	}
228	0	}
229	0	return { true, insert_back(project->Elements, std::move(pkg)) };
230	0	}
231
232	0	cmSpdxPackage pkg;
233	0	pkg.SpdxId = cmStrCat("urn:", name, "#Package");
234	0	pkg.Name = name;
235	0	pkg.CreationInfo = ci;
236	0	return { false, insert_back(project->Elements, std::move(pkg)) };
237	0	};
238
239	0	auto handleDependencies = [&](std::vector<std::string> const& names,
240	0	cmSpdxRelationship& internalDeps,
241	0	cmSpdxRelationship& externalDeps) {
242	0	for (auto const& n : names) {
243	0	auto res = addArtifact(n);
244	0	if (!res.second) {
245	0	continue;
246	0	}
247
248	0	if (res.first) {
249	0	internalDeps.To.push_back(res.second);
250	0	} else {
251	0	externalDeps.To.push_back(res.second);
252	0	}
253	0	}
254	0	};
255
256	0	handleDependencies(allowList["LINK_ONLY"], linkLibraries, linkRequires);
257	0	handleDependencies(cmList{ interfaceLinkLibraries }, linkLibraries,
258	0	buildRequires);
259
260	0	if (!linkLibraries.To.empty()) {
261	0	insert_back(doc.Graph, std::move(linkLibraries));
262	0	}
263	0	if (!linkRequires.To.empty()) {
264	0	insert_back(doc.Graph, std::move(linkRequires));
265	0	}
266	0	if (!buildRequires.To.empty()) {
267	0	insert_back(doc.Graph, std::move(buildRequires));
268	0	}
269	0	}
270
271		bool cmExportSbomGenerator::GenerateProperties(
272		cmSbomDocument& doc, cmSpdxDocument* proj, cmSpdxCreationInfo const* ci,
273		TargetProperties const& current,
274		std::vector<TargetProperties> const& allTargets) const
275	0	{
276	0	this->GenerateLinkProperties(doc, proj, ci, "LINK_LIBRARIES", current,
277	0	allTargets);
278	0	this->GenerateLinkProperties(doc, proj, ci, "INTERFACE_LINK_LIBRARIES",
279	0	current, allTargets);
280	0	return true;
281	0	}
282
283		bool cmExportSbomGenerator::PopulateLinkLibrariesProperty(
284		cmGeneratorTarget const* target,
285		cmGeneratorExpression::PreprocessContext preprocessRule,
286		ImportPropertyMap& properties)
287	0	{
288	0	static std::array<std::string, 3> const linkIfaceProps = {
289	0	{ "LINK_LIBRARIES", "LINK_LIBRARIES_DIRECT",
290	0	"LINK_LIBRARIES_DIRECT_EXCLUDE" }
291	0	};
292	0	bool hadLINK_LIBRARIES = false;
293	0	for (std::string const& linkIfaceProp : linkIfaceProps) {
294	0	if (cmValue input = target->GetProperty(linkIfaceProp)) {
295	0	std::string prepro =
296	0	cmGeneratorExpression::Preprocess(*input, preprocessRule);
297	0	if (!prepro.empty()) {
298	0	this->ResolveTargetsInGeneratorExpressions(prepro, target,
299	0	ReplaceFreeTargets);
300	0	properties[linkIfaceProp] = prepro;
301	0	hadLINK_LIBRARIES = true;
302	0	}
303	0	}
304	0	}
305	0	return hadLINK_LIBRARIES;
306	0	}
307
308		bool cmExportSbomGenerator::NoteLinkedTarget(
309		cmGeneratorTarget const* target, std::string const& linkedName,
310		cmGeneratorTarget const* linkedTarget)
311	0	{
312	0	if (cm::contains(this->ExportedTargets, linkedTarget)) {
313	0	this->LinkTargets.emplace(linkedName,
314	0	LinkInfo{ "", linkedTarget->GetExportName() });
315	0	return true;
316	0	}
317
318	0	if (linkedTarget->IsImported()) {
319	0	using Package = cm::optional<std::pair<std::string, cmPackageInformation>>;
320	0	auto pkgInfo = [](cmTarget* t) -> Package {
321	0	cmFindPackageStack pkgStack = t->GetFindPackageStack();
322	0	if (!pkgStack.Empty()) {
323	0	return std::make_pair(pkgStack.Top().Name, pkgStack.Top().PackageInfo);
324	0	}
325	0	std::string const pkgName =
326	0	t->GetSafeProperty("EXPORT_FIND_PACKAGE_NAME");
327	0	if (pkgName.empty()) {
328	0	return cm::nullopt;
329	0	}
330	0	cmPackageInformation package;
331	0	return std::make_pair(pkgName, package);
332	0	}(linkedTarget->Target);
333
334	0	if (!pkgInfo) {
335	0	target->Makefile->IssueMessage(
336	0	MessageType::AUTHOR_WARNING,
337	0	cmStrCat("Target \"", target->GetName(),
338	0	"\" references imported target \"", linkedName,
339	0	"\" which does not come from any known package."));
340	0	return false;
341	0	}
342
343	0	std::string const& pkgName = pkgInfo->first;
344	0	auto const& prefix = cmStrCat(pkgName, "::");
345	0	std::string component;
346	0	if (!cmHasPrefix(linkedName, prefix)) {
347	0	component = linkedName;
348	0	} else {
349	0	component = linkedName.substr(prefix.length());
350	0	}
351	0	this->LinkTargets.emplace(linkedName, LinkInfo{ pkgName, component });
352	0	cmPackageInformation& req =
353	0	this->Requirements.insert(std::move(*pkgInfo)).first->second;
354	0	req.Components.emplace(std::move(component));
355	0	return true;
356	0	}
357
358		// Target belongs to another export from this build.
359	0	auto const& exportInfo = this->FindExportInfo(linkedTarget);
360	0	if (exportInfo.Namespaces.size() == 1 && exportInfo.Sets.size() == 1) {
361	0	auto const& linkNamespace = *exportInfo.Namespaces.begin();
362	0	if (!cmHasSuffix(linkNamespace, "::")) {
363	0	target->Makefile->IssueMessage(
364	0	MessageType::AUTHOR_WARNING,
365	0	cmStrCat("Target \"", target->GetName(), "\" references target \"",
366	0	linkedName,
367	0	"\", which does not use the standard namespace separator. "
368	0	"This is not allowed."));
369	0	}
370
371	0	std::string pkgName{ linkNamespace.data(), linkNamespace.size() - 2 };
372	0	std::string component = linkedTarget->GetExportName();
373	0	if (pkgName == this->GetPackageName()) {
374	0	this->LinkTargets.emplace(linkedName, LinkInfo{ "", component });
375	0	} else {
376	0	this->LinkTargets.emplace(linkedName, LinkInfo{ pkgName, component });
377	0	this->Requirements[pkgName].Components.emplace(std::move(component));
378	0	}
379	0	return true;
380	0	}
381
382		// Target belongs to multiple namespaces or multiple export sets.
383		// cmExportFileGenerator::HandleMissingTarget should have complained about
384		// this already.
385	0	return false;
386	0	}