diff --git a/src/internal/packager/sbom/catalog.go b/src/internal/packager/sbom/catalog.go
index 550a664f47..e0fee676f6 100755
--- a/src/internal/packager/sbom/catalog.go
+++ b/src/internal/packager/sbom/catalog.go
@@ -236,6 +236,21 @@ func (b *Builder) createFileSBOM(componentSBOM types.ComponentSBOM, component st
}
for pkg := range cat.Enumerate() {
+ containsSource := false
+
+ // See if the source locations for this package contain the file Zarf indexed
+ for _, location := range pkg.Locations.ToSlice() {
+ if location.RealPath == fileSource.Metadata.Path {
+ containsSource = true
+ }
+ }
+
+ // If the locations do not contain the source file (i.e. the package was inside a tarball), add the file source
+ if !containsSource {
+ sourceLocation := source.NewLocation(fileSource.Metadata.Path)
+ pkg.Locations.Add(sourceLocation)
+ }
+
catalog.Add(pkg)
}
diff --git a/src/internal/packager/sbom/viewer/common.js b/src/internal/packager/sbom/viewer/common.js
index b8899688cf..37c63a4e32 100644
--- a/src/internal/packager/sbom/viewer/common.js
+++ b/src/internal/packager/sbom/viewer/common.js
@@ -9,14 +9,14 @@ const mailtoMaintainerReplace = ` | $1`;
document.body.appendChild(artifactsTable);
-function fileList(metadata) {
- if (metadata) {
- const list = (metadata.files || []).map((file) => file.path || '').filter((test) => test);
+function fileList(files, artifactName) {
+ if (files) {
+ const list = (files || []).map((file) => file.path || '').filter((test) => test);
if (list.length > 0) {
flatList = list.sort().join('
');
return `${list.length} files`;
}
}
diff --git a/src/internal/packager/sbom/viewer/compare.js b/src/internal/packager/sbom/viewer/compare.js
index 37a42f15dc..27b462d87e 100644
--- a/src/internal/packager/sbom/viewer/compare.js
+++ b/src/internal/packager/sbom/viewer/compare.js
@@ -87,7 +87,8 @@ function loadDataTable(artifacts, dataTable) {
artifact.type,
artifact.name,
artifact.version,
- fileList(artifact.metadata),
+ fileList(artifact.locations, artifact.name),
+ (artifact.metadata && fileList(artifact.metadata.files, artifact.name)) || '-',
(artifact.metadata && artifact.metadata.description) || '-',
((artifact.metadata && artifact.metadata.maintainer) || '-').replace(
/\u003c(.*)\u003e/,
@@ -98,7 +99,7 @@ function loadDataTable(artifacts, dataTable) {
});
const data = {
- headings: ['Difference', 'Type', 'Name', 'Version', 'Files', 'Notes', 'Maintainer', 'Size'],
+ headings: ['Difference', 'Type', 'Name', 'Version', 'Sources', 'Package Files', 'Notes', 'Maintainer', 'Size'],
data: transformedData
};
diff --git a/src/internal/packager/sbom/viewer/viewer.js b/src/internal/packager/sbom/viewer/viewer.js
index d6b0c8eff6..17475c78d3 100644
--- a/src/internal/packager/sbom/viewer/viewer.js
+++ b/src/internal/packager/sbom/viewer/viewer.js
@@ -15,7 +15,8 @@ function initData() {
artifact.type,
artifact.name,
artifact.version,
- fileList(artifact.metadata),
+ fileList(artifact.locations, artifact.name),
+ (artifact.metadata && fileList(artifact.metadata.files, artifact.name)) || '-',
(artifact.metadata && artifact.metadata.description) || '-',
((artifact.metadata && artifact.metadata.maintainer) || '-').replace(
/\u003c(.*)\u003e/,
@@ -26,7 +27,7 @@ function initData() {
});
const data = {
- headings: ['Type', 'Name', 'Version', 'Files', 'Notes', 'Maintainer', 'Size'],
+ headings: ['Type', 'Name', 'Version', 'Sources', 'Package Files', 'Notes', 'Maintainer', 'Size'],
data: transformedData
};