SERVER-114893 Improve SBOM CPE accuracy for protobuf (#44834)

GitOrigin-RevId: 1c2c314ceff79432e69c4fcaa4d40f610a7e6f7c
2025-12-05 10:50:05 -05:00 · 2025-12-05 10:50:05 -05:00 · 21560647ec
parent 5adc5a22eb
commit 21560647ec
2 changed files with 3 additions and 5 deletions
--- a/buildscripts/sbom/metadata.cdx.json
+++ b/buildscripts/sbom/metadata.cdx.json
@ -1798,7 +1798,7 @@
        }
      ],
      "copyright": "Copyright 2008 Google Inc. Copyright 2023 Google LLC. All rights reserved.",
-      "cpe": "cpe:2.3:a:google:protobuf:{{VERSION}}:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:google:protobuf-cpp:{{VERSION}}:*:*:*:*:*:*:*",
      "purl": "pkg:github/protocolbuffers/protobuf@{{VERSION}}",
      "externalReferences": [
        {
--- a/src/third_party/protobuf/scripts/import.sh
+++ b/src/third_party/protobuf/scripts/import.sh
@ -7,9 +7,7 @@ IFS=$'\n\t'
 set -vx

 NAME=protobuf
-REVISION="v4.25.0"
-# VERSION variable is not used in this script, but is in here for SBOM generation. Should match the official release tag
-VERSION="v25.0"
+VERSION="v4.25.0"

 DEST_DIR=$(git rev-parse --show-toplevel)/src/third_party/protobuf
 PATCH_DIR=$(git rev-parse --show-toplevel)/src/third_party/protobuf/patches
@ -18,7 +16,7 @@ if [[ -d $DEST_DIR/dist ]]; then
    exit 1
 fi

-git clone --branch $REVISION https://github.com/mongodb-forks/protobuf.git $DEST_DIR/dist
+git clone --branch $VERSION https://github.com/mongodb-forks/protobuf.git $DEST_DIR/dist
 pushd $DEST_DIR/dist
 git apply $PATCH_DIR/*.patch
 rm -rf benchmarks