Fixed recursion bug

Author: jasonhills-mongodb

.github/workflows/generate_sbom.yml

@@ -61,8 +61,9 @@ jobs:
         activate-environment: true
         enable-cache: true
 
-    # - name: Install dependencies
-    #   run: uv sync --group sbom
+    - name: Install dependencies
+      run: |
+        uv sync --group generate_sbom
 
     - name: generate_sbom.py
       run: uv run etc/sbom/generate_sbom.py --enable-github-action-token --target=branch --sbom-metadata=etc/sbom/metadata.cdx.json --save-warnings=${{runner.temp}}/warnings.txt

etc/sbom/config.py

@@ -28,7 +28,7 @@
 
 for component in endor_components_remove:
     for prefix in prefixes:
-        endor_components_remove.append(prefix + component)
+        component = prefix + component
 
 # ################ Component Renaming ################
 # Endor does not have syntactically valid PURLs for C/C++ packages.

etc/sbom/generate_sbom.py

@@ -1,10 +1,3 @@
-# /// script
-# dependencies = [
-#    "gitpython",
-#    "pygithub",
-#    "semver",
-# ]
-# ///
 #!/usr/bin/env python3
 """
 Generate a CycloneDX SBOM using scan results from Endor Labs.

pyproject.toml

@@ -53,6 +53,13 @@ make_release = [
     "pygithub>=2.1",
 ]
 
+generate_sbom = [
+    # etc/sbom/*.py
+    "gitpython>=3.1",
+    "pygithub>=2.1",
+    "semver>=3.0.0",
+]
+
 [tool.ruff]
 line-length = 120
 src = [".evergreen", "etc"]