PyPI - capycli - Versions diffs - 2.10.0__tar.gz → 2.10.0.dev1__tar.gz - Mend

capycli 2.10.0tar.gz → 2.10.0.dev1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (78) hide show

{capycli-2.10.0 → capycli-2.10.0.dev1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: capycli
-Version: 2.10.0
+Version: 2.10.0.dev1
 Summary: CaPyCli - Clearing Automation Python Command Line Interface for SW360
 License-Expression: MIT
 License-File: License.md
@@ -42,7 +42,7 @@ Description-Content-Type: text/markdown
 # SPDX-License-Identifier: MIT
 -->
-![Header_Image](https://github.com/sw360/capycli/blob/0318f71ba1f9ba177432840717768fccfad1d6da/images/Github-social-capycli.png)
+![Header_Image](images/Github-social-capycli.png)
 # CaPyCli - Clearing Automation Python Command Line Tool for SW360

{capycli-2.10.0 → capycli-2.10.0.dev1}/Readme.md RENAMED Viewed

@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: MIT
 -->
-![Header_Image](https://github.com/sw360/capycli/blob/0318f71ba1f9ba177432840717768fccfad1d6da/images/Github-social-capycli.png)
+![Header_Image](images/Github-social-capycli.png)
 # CaPyCli - Clearing Automation Python Command Line Tool for SW360

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/download_sources.py RENAMED Viewed

@@ -11,7 +11,9 @@ import logging
 import os
 import pathlib
 import re
+import shutil
 import sys
+import tempfile
 from typing import Any, Optional, Tuple
 from urllib.parse import urlparse
@@ -34,8 +36,7 @@ class BomDownloadSources(capycli.common.script_base.ScriptBase):
     Download source files from the URL specified in the SBOM.
     """
-    @staticmethod
-    def get_filename_from_cd(cd: str) -> str:
+    def get_filename_from_cd(self, cd: str) -> str:
         """
         Get filename from content-disposition.
         """
@@ -56,20 +57,18 @@ class BomDownloadSources(capycli.common.script_base.ScriptBase):
         _, extension = os.path.splitext(filename)
         return extension in good_extensions
-    @staticmethod
-    def download_source_file(url: str, source_folder: str, is_binary: bool = False) -> Optional[Tuple[str, str]]:
+    def download_source_file(self, url: str, source_folder: str) -> Optional[Tuple[str, str]]:
         """Download a file from a URL.
         @params:
             url           - Required : url of the file to get uploaded (string)
             source_folder - Required : folder to store the source files (string)
-            is_binary     - Optional : whether the file is a binary file (boolean, default: False)
         """
         print_text("    URL = " + url)
         try:
             response = requests.get(url, allow_redirects=True)
-            filename = BomDownloadSources.get_filename_from_cd(response.headers.get("content-disposition", ""))
+            filename = self.get_filename_from_cd(response.headers.get("content-disposition", ""))
             if not filename:
                 filename_ps = urlparse(url)
                 if filename_ps:
@@ -83,7 +82,7 @@ class BomDownloadSources(capycli.common.script_base.ScriptBase):
             path = os.path.join(source_folder, filename)
             if (response.status_code == requests.codes["ok"]):
                 open(path, "wb").write(response.content)
-                if not is_binary and not BomDownloadSources.is_good_source_file(path):
+                if not BomDownloadSources.is_good_source_file(path):
                     print_yellow("    Downloaded file seems not to be a valid source file!")
                 sha1 = hashlib.sha1(response.content).hexdigest()
                 return (path, sha1)
@@ -188,6 +187,7 @@ class BomDownloadSources(capycli.common.script_base.ScriptBase):
             print("    -source SOURCE        source folder or additional source file")
             print("    -o OUTPUTFILE         output file to write to")
             print("    -v                    be verbose")
+            print("    -bp, --bom-package    create a single zip archive that contains the SBOM and all source files")
             return
         if not args.inputfile:
@@ -209,12 +209,23 @@ class BomDownloadSources(capycli.common.script_base.ScriptBase):
             print_text(" " + str(len(bom.components)) + "components read from SBOM file")
         source_folder = "./"
+        cleanup_temp_dir = False
+        if args.bom_package and not args.source:
+            temp_dir = tempfile.TemporaryDirectory(prefix="capycli_bom_pkg_")
+            source_folder = temp_dir.name
+            cleanup_temp_dir = True
         if args.source:
             source_folder = args.source
         if (not source_folder) or (not os.path.isdir(source_folder)):
             print_red("Target source code folder does not exist!")
             sys.exit(ResultCode.RESULT_COMMAND_ERROR)
+        if args.bom_package:
+            pp = pathlib.Path(args.bom_package)
+            if pp.suffix.lower() != ".zip":
+                print_yellow("Warning: bom package file should have .zip extension")
+                args.bom_package = args.bom_package + ".zip"
         print_text("\nDownloading source files to folder " + source_folder + " ...")
         self.download_sources(bom, source_folder)
@@ -233,4 +244,21 @@ class BomDownloadSources(capycli.common.script_base.ScriptBase):
             if args.verbose:
                 print_text(" " + str(len(bom.components)) + " components written to SBOM file")
+        if args.bom_package:
+            print_text("\nCreating BOM package " + args.bom_package)
+            try:
+                # add SBOM to temp folder
+                sbom_file = os.path.join(source_folder, "sbom.cdx.json")
+                self.update_local_path(bom, sbom_file)
+                SbomWriter.write_to_json(bom, sbom_file, True)
+                shutil.make_archive(
+                    base_name=args.bom_package.rstrip(".zip"),
+                    format="zip",
+                    root_dir=source_folder)
+                if cleanup_temp_dir:
+                    temp_dir.cleanup()
+            except Exception as ex:
+                print_red("Error creating BOM package: " + repr(ex))
+                sys.exit(ResultCode.RESULT_ERROR_WRITING_BOM)
         print("\n")

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/handle_bom.py RENAMED Viewed

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------------
-# Copyright (c) 2019-2025 Siemens
+# Copyright (c) 2019-24 Siemens
 # All Rights Reserved.
 # Author: thomas.graf@siemens.com
 #
@@ -10,7 +10,6 @@ import sys
 from typing import Any
 import capycli.bom.bom_convert
-import capycli.bom.bom_package
 import capycli.bom.bom_validate
 import capycli.bom.check_bom
 import capycli.bom.check_bom_item_status
@@ -52,7 +51,6 @@ def run_bom_command(args: Any) -> None:
         print("    Merge             merge two bills of material")
         print("    Findsources       determine the source code for SBOM items")
         print("    Validate          validate an SBOM")
-        print("    BomPackage        create a single archive that contains the SBOM and all source and binary files")
         return
     subcommand = args.command[1].lower()
@@ -141,11 +139,5 @@ def run_bom_command(args: Any) -> None:
         app14.run(args)
         return
-    if subcommand == "bompackage":
-        """Validate an SBOM."""
-        app15 = capycli.bom.bom_package.BomPackage()
-        app15.run(args)
-        return
     print_red("Unknown sub-command: ")
     sys.exit(ResultCode.RESULT_COMMAND_ERROR)

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/dependencies/handle_dependencies.py RENAMED Viewed

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------------
-# Copyright (c) 2019-2025 Siemens
+# Copyright (c) 2019-23 Siemens
 # All Rights Reserved.
 # Author: thomas.graf@siemens.com
 #
@@ -14,7 +14,6 @@ import capycli.dependencies.maven_list
 import capycli.dependencies.maven_pom
 import capycli.dependencies.nuget
 import capycli.dependencies.python
-import capycli.dependencies.rust
 from capycli.common.print import print_red
 from capycli.main.result_codes import ResultCode
@@ -35,7 +34,6 @@ def run_dependency_command(args: Any) -> None:
         print("    Javascript        determine dependencies for a JavaScript project")
         print("    MavenPom          determine dependencies for a Java/Maven project using the pom.xml file")
         print("    MavenList         determine dependencies for a Java/Maven project using a Maven command")
-        print("    Rust              determine dependencies for a Rust project")
         return
     subcommand = args.command[1].lower()
@@ -69,11 +67,5 @@ def run_dependency_command(args: Any) -> None:
         app5.run(args)
         return
-    if subcommand == "rust":
-        """Determine Rust components/dependencies for a given project"""
-        app6 = capycli.dependencies.rust.GetRustDependencies()
-        app6.run(args)
-        return
     print_red("Unknown sub-command: " + subcommand)
     sys.exit(ResultCode.RESULT_COMMAND_ERROR)

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/dependencies/python.py RENAMED Viewed

@@ -779,8 +779,7 @@ class GetPythonDependencies(capycli.common.script_base.ScriptBase):
         return sbom
-    @staticmethod
-    def check_meta_data(sbom: Bom, verbose: bool) -> bool:
+    def check_meta_data(self, sbom: Bom) -> bool:
         """
         Check whether all required meta-data is available.
@@ -791,37 +790,37 @@ class GetPythonDependencies(capycli.common.script_base.ScriptBase):
             bool: True if all required meta-data is available; otherwise False.
         """
-        if verbose:
+        if self.verbose:
             print_text("\nChecking meta-data:")
         result = True
         cxcomp: Component
         for cxcomp in sbom.components:
-            if verbose:
+            if self.verbose:
                 print_text(f"  {cxcomp.name}, {cxcomp.version}")
             if not cxcomp.purl:
                 result = False
-                if verbose:
+                if self.verbose:
                     print_yellow("    package-url missing")
             homepage = CycloneDxSupport.get_ext_ref_website(cxcomp)
             if not homepage:
                 result = False
-                if verbose:
+                if self.verbose:
                     print_yellow("    Homepage missing")
             if not cxcomp.licenses:
-                if verbose:
+                if self.verbose:
                     LOG.debug("    License missing")
             elif len(cxcomp.licenses) == 0:
-                if verbose:
+                if self.verbose:
                     LOG.debug("    License missing")
             src_url = CycloneDxSupport.get_ext_ref_source_url(cxcomp)
             if not src_url:
                 result = False
-                if verbose:
+                if self.verbose:
                     print_yellow("    Source code URL missing")
         return result
@@ -885,7 +884,7 @@ class GetPythonDependencies(capycli.common.script_base.ScriptBase):
             print_text("Formatting package list...")
             sbom = self.convert_package_list(package_list, args.search_meta_data, args.package_source)
-        GetPythonDependencies.check_meta_data(sbom, self.verbose)
+        self.check_meta_data(sbom)
         if self.verbose:
             print()

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/main/options.py RENAMED Viewed

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------------
-# Copyright (c) 2019-2025 Siemens
+# Copyright (c) 2019-25 Siemens
 # All Rights Reserved.
 # Author: thomas.graf@siemens.com
 #
@@ -49,7 +49,6 @@ class CommandlineSupport():
         Merge             merge two bills of material
         Findsources       determine the source code for SBOM items
         Validate          validate an SBOM
-        BomPackage        create a single archive that contains the SBOM and all source and binary files
     mapping
         ToHtml            create a HTML page showing the mapping result
@@ -426,6 +425,14 @@ class CommandlineSupport():
             help="copy the project with the given id and the update it",
         )
+        # used by BomDownloadSources
+        self.parser.add_argument(
+            "-bp",
+            "--bom-package",
+            dest="bom_package",
+            help="create a single zip archive that contains the SBOM and all source files",
+        )
     def read_config(self, filename: str = "", config_string: str = "") -> Dict[str, Any]:
         """
         Read configuration from string or config file.

{capycli-2.10.0 → capycli-2.10.0.dev1}/pyproject.toml RENAMED Viewed

@@ -3,7 +3,7 @@
 [project]
 name = "capycli"
-version = "2.10.0"
+version = "2.10.0.dev1"
 description = "CaPyCli - Clearing Automation Python Command Line Interface for SW360"
 readme="Readme.md"
 requires-python = ">=3.11,<3.15"

capycli-2.10.0/capycli/bom/bom_package.py DELETED Viewed

@@ -1,215 +0,0 @@
-# -------------------------------------------------------------------------------
-# Copyright (c) 2025 Siemens
-# All Rights Reserved.
-# Author: thomas.graf@siemens.com
-#
-# SPDX-License-Identifier: MIT
-# -------------------------------------------------------------------------------
-import logging
-import os
-import pathlib
-import posixpath
-import shutil
-import sys
-import tempfile
-from typing import Any
-from cyclonedx.model import ExternalReference, ExternalReferenceType, HashAlgorithm, HashType, XsUri
-from cyclonedx.model.bom import Bom
-import capycli.common.script_base
-from capycli.bom.download_sources import BomDownloadSources
-from capycli.common.capycli_bom_support import CaPyCliBom, CycloneDxSupport, SbomWriter
-from capycli.common.print import print_red, print_text, print_yellow
-from capycli.common.script_support import ScriptSupport
-from capycli.main.result_codes import ResultCode
-LOG = capycli.get_logger(__name__)
-class BomPackage(capycli.common.script_base.ScriptBase):
-    """
-    Create a single zip archive that contains the SBOM and all source and binary files.
-    The archive shoukd have the following structure:
-    sbom.cdx.json
-    +--- binaries
-    |    +--- 77100a62c2e6f04b53977b9f541044d7d722693d
-    |    |    `--- some-binary.jar
-    |    +--- 8031352b2bb0a49e67818bf04c027aa92e645d5c
-    |    |    `--- another-binary.jar
-    |    `--- (... more ...)
-    `--- sources
-        +--- 6bb10559db88828dac3627de26974035a5dd4ddb
-        |    `--- some-sources.jar
-        +--- 4d44e4edc4a7fb39f09b95b09f560a15976fa1ba
-        |    `--- another-sources.jar
-        `--- (... more ...)
-    """
-    def download_files(self, sbom: Bom, target_folder: str) -> None:
-        """Download source and binary files for all items of the SBOM.
-        @params:
-            bom           - Required : the bill of materials (BOM) (list)
-            target_folder - Required : folder to store the source files (string)
-        """
-        for component in sbom.components:
-            item_name = ScriptSupport.get_full_name_from_component(component)
-            print_text("  " + item_name)
-            # download source file
-            source_url = CycloneDxSupport.get_ext_ref_source_url(component)
-            if source_url:
-                result = BomDownloadSources.download_source_file(source_url._uri, target_folder)
-            else:
-                result = None
-                print_red("    No source URL specified!")
-            if result is not None:
-                (path, sha1) = result
-                # move file to appropriate location
-                filename = pathlib.Path(path).name
-                targetsha = os.path.join(target_folder, "sources", sha1)
-                os.makedirs(targetsha, exist_ok=True)
-                target = os.path.join(targetsha, filename)
-                shutil.move(path, target)
-                # update SBOM
-                new = False
-                ext_ref = CycloneDxSupport.get_ext_ref(
-                    component, ExternalReferenceType.DISTRIBUTION, CaPyCliBom.SOURCE_FILE_COMMENT)
-                file_uri = posixpath.join("sources", sha1, filename)
-                if not file_uri.startswith("file://"):
-                    file_uri = "file:///" + file_uri
-                if not ext_ref:
-                    ext_ref = ExternalReference(
-                        type=ExternalReferenceType.DISTRIBUTION,
-                        comment=CaPyCliBom.SOURCE_FILE_COMMENT,
-                        url=XsUri(file_uri))
-                    new = True
-                else:
-                    ext_ref.url = XsUri(file_uri)
-                ext_ref.hashes.add(HashType(
-                    alg=HashAlgorithm.SHA_1,
-                    content=sha1))
-                if new:
-                    component.external_references.add(ext_ref)
-            # download binary file
-            binary_url = CycloneDxSupport.get_ext_ref_binary_url(component)
-            if binary_url:
-                result = BomDownloadSources.download_source_file(binary_url._uri, target_folder, is_binary=True)
-            else:
-                result = None
-                print_yellow("    No binary URL specified!")
-            if result is not None:
-                (path, sha1) = result
-                # move file to appropriate location
-                filename = pathlib.Path(path).name
-                targetsha = os.path.join(target_folder, "binaries", sha1)
-                os.makedirs(targetsha, exist_ok=True)
-                target = os.path.join(targetsha, filename)
-                shutil.move(path, target)
-                # update SBOM
-                new = False
-                ext_ref = CycloneDxSupport.get_ext_ref(
-                    component, ExternalReferenceType.DISTRIBUTION, CaPyCliBom.BINARY_FILE_COMMENT)
-                file_uri = posixpath.join("binaries", sha1, filename)
-                if not file_uri.startswith("file://"):
-                    file_uri = "file:///" + file_uri
-                if not ext_ref:
-                    ext_ref = ExternalReference(
-                        type=ExternalReferenceType.DISTRIBUTION,
-                        comment=CaPyCliBom.BINARY_FILE_COMMENT,
-                        url=XsUri(file_uri))
-                    new = True
-                else:
-                    ext_ref.url = XsUri(file_uri)
-                ext_ref.hashes.add(HashType(
-                    alg=HashAlgorithm.SHA_1,
-                    content=sha1))
-                if new:
-                    component.external_references.add(ext_ref)
-    def run(self, args: Any) -> None:
-        """Main method
-        @params:
-            args - command line arguments
-        """
-        if args.debug:
-            global LOG
-            LOG = capycli.get_logger(__name__)
-        else:
-            # suppress (debug) log output from requests and urllib
-            logging.getLogger("requests").setLevel(logging.WARNING)
-            logging.getLogger("urllib3").setLevel(logging.WARNING)
-            logging.getLogger("urllib3.connectionpool").setLevel(logging.WARNING)
-        print_text(
-            "\n" + capycli.get_app_signature() +
-            " - create a single zip archive that contains the SBOM and all source and binary files\n")
-        if args.help:
-            print("usage: capycli bom bompackage -i bom.json")
-            print("")
-            print("optional arguments:")
-            print("    -h, --help            show this help message and exit")
-            print("    -i INPUTFILE,         input SBOM file to read from (JSON)")
-            print("    -o OUTPUT ARCHIVE,    path of the output zip archive")
-            print("    -v                    be verbose")
-            return
-        if not args.inputfile:
-            print_red("No input file specified!")
-            sys.exit(ResultCode.RESULT_COMMAND_ERROR)
-        if not os.path.isfile(args.inputfile):
-            print_red("Input file not found!")
-            sys.exit(ResultCode.RESULT_FILE_NOT_FOUND)
-        if not args.outputfile:
-            print_red("No output file specified!")
-            sys.exit(ResultCode.RESULT_COMMAND_ERROR)
-        print_text("Loading SBOM file " + args.inputfile)
-        try:
-            bom = CaPyCliBom.read_sbom(args.inputfile)
-        except Exception as ex:
-            print_red("Error reading input SBOM file: " + repr(ex))
-            sys.exit(ResultCode.RESULT_ERROR_READING_BOM)
-        if args.verbose:
-            print_text(" " + str(len(bom.components)) + "components read from SBOM file")
-        temp_dir = tempfile.TemporaryDirectory(prefix="capycli_bom_pkg_")
-        target_folder = temp_dir.name
-        pp = pathlib.Path(args.outputfile)
-        if pp.suffix.lower() != ".zip":
-            print_yellow("Warning: bom package file should have .zip extension")
-            args.bom_package = args.outputfile + ".zip"
-        print_text("\nDownloading files to folder " + target_folder + " ...")
-        self.download_files(bom, target_folder)
-        print_text("\nCreating BOM package " + args.outputfile)
-        try:
-            # add SBOM to temp folder
-            sbom_file = os.path.join(target_folder, "sbom.cdx.json")
-            SbomWriter.write_to_json(bom, sbom_file, True)
-            shutil.make_archive(
-                base_name=args.outputfile.rstrip(".zip"),
-                format="zip",
-                root_dir=target_folder)
-            temp_dir.cleanup()
-        except Exception as ex:
-            print_red("Error creating BOM package: " + repr(ex))
-            sys.exit(ResultCode.RESULT_ERROR_WRITING_BOM)
-        print("\n")

capycli-2.10.0/capycli/dependencies/rust.py DELETED Viewed

@@ -1,446 +0,0 @@
-# -------------------------------------------------------------------------------
-# Copyright (c) 2025 Siemens
-# All Rights Reserved.
-# Author: thomas.graf@siemens.com
-#
-# SPDX-License-Identifier: MIT
-# -------------------------------------------------------------------------------
-import logging
-import os
-import sys
-import tomllib
-from dataclasses import dataclass
-from typing import Any, Dict, List, Optional
-import requests
-from cyclonedx.contrib.license.factories import LicenseFactory
-from cyclonedx.model import ExternalReference, ExternalReferenceType, Property, XsUri
-from cyclonedx.model.bom import Bom
-from cyclonedx.model.component import Component
-from halo import Halo
-from packageurl import PackageURL
-import capycli.common.script_base
-from capycli import get_logger
-from capycli.bom.findsources import FindSources
-from capycli.common.capycli_bom_support import CaPyCliBom, CycloneDxSupport, SbomCreator, SbomWriter
-from capycli.common.print import print_red, print_text, print_yellow
-from capycli.dependencies.python import GetPythonDependencies
-from capycli.main.result_codes import ResultCode
-LOG = get_logger(__name__)
-@dataclass
-class PackageEntry:
-    """Represents the relevant data of a cargo.toml or cargo.lock entry."""
-    name: str
-    version: str
-    description: str
-    source: str
-    checksum: str
-    dependencies: List[str]
-    added: bool
-class GetRustDependencies(capycli.common.script_base.ScriptBase):
-    """
-    Determine Rust components/dependencies for a given project
-    """
-    def __init__(self) -> None:
-        self.verbose = False
-        self.github_name: str = ""
-        self.github_token: str = ""
-        self.spinner_shape = {
-            "interval": 80,
-            "frames": [
-                "⣾",
-                "⣽",
-                "⣻",
-                "⢿",
-                "⡿",
-                "⣟",
-                "⣯",
-                "⣷"
-            ]
-        }
-    def get_package_meta_info(self, name: str, version: str) -> Optional[Dict[str, Any]]:
-        """
-        Retrieves meta data of the given package from crates.io.
-        :param name: the name of the component.
-        :param version: the version of the component.
-        :type name: string.
-        :type version: string.
-        :return: the PyPi meta data.
-        :rtype: JSON dictionary or None.
-        """
-        url = "https://crates.io/api/v1/crates/" + name + "/" + version
-        if self.verbose:
-            LOG.debug("  Retrieving meta data for " + name + ", " + version)
-        try:
-            response = requests.get(url)
-            if not response.ok:
-                print_yellow(
-                    "  WARNING: no meta data available for package " +
-                    name + ", " + version)
-                return None
-            json = response.json()
-            return json
-        except Exception as ex:
-            print_red(
-                "  ERROR: unable to retrieve meta data for package " +
-                name + ", " + version + ": " + str(ex))
-        return None
-    def add_meta_data_to_bomitem(self, cxcomp: Component) -> None:
-        """
-        Try to lookup meta data for the given item.
-        :param bomitem: a single bill of material item (a single component)
-        :type bomitem: dictionary
-        """
-        version = ""
-        if cxcomp.version:
-            version = cxcomp.version
-        metadata = self.get_package_meta_info(cxcomp.name, version)
-        if not metadata:
-            LOG.debug(f"No metadata found for {cxcomp.name}, {cxcomp.version}")
-            return
-        if metadata:
-            data = metadata.get("version", {})
-            # "repository": "https://github.com/microsoft/windows-rs"
-            repository = data.get("repository", "")
-            if repository:
-                LOG.debug("  got repository")
-                ext_ref = ExternalReference(
-                    type=ExternalReferenceType.VCS,
-                    url=XsUri(repository))
-                cxcomp.external_references.add(ext_ref)
-            homepage = data.get("homepage", "")
-            if homepage == "None":
-                homepage = ""
-            if not homepage and repository:
-                homepage = repository
-            if homepage:
-                LOG.debug("  got website/homepage")
-                ext_ref = ExternalReference(
-                    type=ExternalReferenceType.WEBSITE,
-                    url=XsUri(homepage))
-                cxcomp.external_references.add(ext_ref)
-            # "license": "MIT OR Apache-2.0"
-            license: str = data.get("license", "")
-            if license:
-                license_factory = LicenseFactory()
-                # most Rust components are dual-licensed, MIT OR Apache-2.0
-                if (license.lower() == "mit or apache-2.0") or (license.lower() == "apache-2.0 or mit"):
-                    cxcomp.licenses.add(license_factory.make_with_expression(license))
-                else:
-                    cxcomp.licenses.add(license_factory.make_with_name(license))
-                LOG.debug("  got license")
-            # "checksum": "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc"
-            # "description": "Rust for Windows
-            description = data.get("description", "")
-            if description and not cxcomp.description:
-                cxcomp.description = description
-            # before we use the dl_path information, let's see whether we
-            # have a homepage URL already *and* it is GitHub *and*
-            # we find the matching source code on GitHub
-            source_url = ""
-            if homepage and FindSources.is_github_repo(homepage):
-                fs = FindSources()
-                fs.github_name = self.github_name
-                fs.github_token = self.github_token
-                # first try to guess the source code URL.
-                # this works for GitHub releases and does no require
-                # rate-limited GitHub API calls
-                source_url = fs.guess_source_code_url(homepage, version=version)
-                if source_url:
-                    ext_ref = ExternalReference(
-                        type=ExternalReferenceType.DISTRIBUTION,
-                        comment=CaPyCliBom.SOURCE_URL_COMMENT,
-                        url=XsUri(source_url))
-                    cxcomp.external_references.add(ext_ref)
-                    LOG.debug("  got GitHub source file url")
-                else:
-                    # ok, guess does not help.
-                    # Lets hope that the GitHub API can help us
-                    # beforer we run into rate-limiting issues
-                    source_url = fs.get_github_source_url(homepage, version=version)
-                    if source_url:
-                        ext_ref = ExternalReference(
-                            type=ExternalReferenceType.DISTRIBUTION,
-                            comment=CaPyCliBom.SOURCE_URL_COMMENT,
-                            url=XsUri(source_url))
-                        cxcomp.external_references.add(ext_ref)
-                        LOG.debug("  got GitHub source file url")
-            # "dl_path": "/api/v1/crates/windows-sys/0.61.2/download"
-            dl_path = data.get("dl_path", "")
-            dl_path = "https://crates.io" + dl_path
-            if not source_url and dl_path:
-                ext_ref = ExternalReference(
-                    type=ExternalReferenceType.DISTRIBUTION,
-                    comment=CaPyCliBom.SOURCE_URL_COMMENT,
-                    url=XsUri(dl_path))
-                cxcomp.external_references.add(ext_ref)
-                LOG.debug("  got dl_path")
-    def read_toml_file(self, filename: str, err_hint: str = "") -> Dict[str, Any]:
-        """
-        Ready a TOML file.
-        Args:
-            filename (str): the filename
-        Returns:
-            dict[str, Any]: dictionary
-        """
-        try:
-            with open(filename, "rb") as f:
-                toml_data = tomllib.load(f)
-            return toml_data
-        except Exception as ex:
-            LOG.debug(f"Does not look like a {err_hint} file: " + repr(ex))
-        return {}
-    def analyze_cargo_toml(self,
-                           filename: str,
-                           packages: list[PackageEntry]) -> None:
-        """
-        Analyze a Cargo.toml file.
-        Args:
-            filename (str): the filename
-        """
-        manifest = self.read_toml_file(filename, "Cargo.toml")
-        # analyze project cargo.toml file(s)
-        if "package" in manifest:
-            pkg = PackageEntry(
-                name=manifest["package"]["name"],
-                version=manifest["package"].get("version", ""),
-                description=manifest["package"].get("description", ""),
-                source="",
-                checksum="",
-                dependencies=[],
-                added=False
-            )
-            packages.append(pkg)
-            print_text(f"    Found package: {pkg.name}, version: {pkg.version}")
-    def analyze_cargo_lock(self, filename: str) -> list[PackageEntry]:
-        """
-        Analyze a Cargo.lock file and return all packages/entries found.
-        """
-        cargo_lock = self.read_toml_file(filename, "Cargo.lock")
-        cargo_lock_version = cargo_lock.get("version", 1)
-        LOG.debug(f"  Cargo.lock version: {cargo_lock_version}")
-        entry_list: List[PackageEntry] = []
-        for package in cargo_lock.get("package", []):
-            pkg = PackageEntry(
-                name=package.get("name", "").strip(),
-                version=package.get("version", "").strip(),
-                description=package.get("description", "").strip(),
-                source=package.get("source", "").strip(),
-                checksum=package.get("checksum", "").strip(),
-                # dependencies=[dep.split(" ")[0] for dep in package.get("dependencies", [])]
-                dependencies=[dep for dep in package.get("dependencies", [])],
-                added=False)
-            LOG.debug(f"  Processing raw entry: {pkg.name}, {pkg.version}")
-            entry_list.append(pkg)
-        return entry_list
-    def find_lock_entry(self, name: str, entries: List[PackageEntry]) -> Optional[PackageEntry]:
-        for entry in entries:
-            if name == entry.name:
-                return entry
-        return None
-    def add_entry(self,
-                  entry: PackageEntry,
-                  entry_list: List[PackageEntry],
-                  all_entries: List[PackageEntry],
-                  is_package: bool) -> None:
-        """Adds an entry and all its dependencies to the final list."""
-        if entry.added:
-            return
-        if not is_package:
-            entry_list.append(entry)
-            entry.added = True
-        else:
-            print_yellow(f"    Ignoring package: {entry.name}, {entry.version}")
-        for dep2 in entry.dependencies:
-            dep_entry = self.find_lock_entry(dep2, all_entries)
-            if dep_entry:
-                if not dep_entry.source:
-                    print_yellow(f"    Ignoring local dependency: {dep_entry.name}, {dep_entry.version}")
-                    continue
-                self.add_entry(dep_entry, entry_list, all_entries, False)
-            else:
-                LOG.warning(f"Dependency {dep2} not found!")
-    def get_lock_file_entries_for_sbom(self,
-                                       all_entries: List[PackageEntry],
-                                       packages: list[PackageEntry]) -> List[PackageEntry]:
-        """Filter lock file entries to get rid of dev, etc. dependencies."""
-        entry_list: List[PackageEntry] = []
-        for package in packages:
-            entry = self.find_lock_entry(package.name, all_entries)
-            if entry:
-                self.add_entry(entry, entry_list, all_entries, True)
-            else:
-                LOG.warning(f"Dependency {package} not found!")
-        return entry_list
-    def sbom_from_cargo_files(self, folder: str, search_meta_data: bool) -> Bom:
-        manifest = self.read_toml_file(os.path.join(folder, "Cargo.toml"))
-        # analyze workspace or single project
-        project_files: list[str] = []
-        if "workspace" in manifest:
-            print_text("Evaluating Cargo workspace...")
-            projects = manifest["workspace"]["members"]
-            for proj in projects:
-                project_files.append(os.path.join(folder, proj, "Cargo.toml"))
-        else:
-            project_files.append(os.path.join(folder, "Cargo.toml"))
-        # analyze project cargo.toml file(s)
-        packages: list[PackageEntry] = []
-        for proj_file in project_files:
-            print_text("  Analyzing project file: " + proj_file)
-            self.analyze_cargo_toml(proj_file, packages)
-        # analyze lock file
-        print_text("  Analyzing lock file...")
-        all_entries = self.analyze_cargo_lock(os.path.join(folder, "Cargo.lock"))
-        entries = self.get_lock_file_entries_for_sbom(all_entries, packages)
-        creator = SbomCreator()
-        sbom = creator.create([], addlicense=True, addprofile=True, addtools=True)
-        if search_meta_data:
-            print_text("\nRetrieving package meta data")
-            if self.verbose:
-                spinner = Halo(text="Retrieving package meta data", spinner=self.spinner_shape)
-                spinner.start()
-        if len(packages) > 0:
-            # add application/package
-            app_comp = Component(
-                name=packages[0].name,
-                version=packages[0].version,
-                description=packages[0].description)
-        for package in entries:
-            if search_meta_data and self.verbose:
-                spinner.text = f"Processing package {package.name}, {package.version}"
-            purl = PackageURL(type="cargo", name=package.name, version=package.version)
-            cxcomp = Component(
-                name=package.name,
-                version=package.version,
-                purl=purl,
-                bom_ref=purl.to_string(),
-                description=package.description)
-            prop = Property(
-                name=CycloneDxSupport.CDX_PROP_LANGUAGE,
-                value="Rust")
-            cxcomp.properties.add(prop)
-            if search_meta_data:
-                self.add_meta_data_to_bomitem(cxcomp)
-            sbom.components.add(cxcomp)
-            sbom.register_dependency(app_comp, [cxcomp])
-            sbom.metadata.component = app_comp
-        if search_meta_data and self.verbose:
-            spinner.succeed('Package meta data processing completed.')
-            spinner.stop()
-        return sbom
-    def run(self, args: Any) -> None:
-        """Main method()"""
-        if args.debug:
-            global LOG
-            LOG = capycli.get_logger(__name__)
-        else:
-            # suppress (debug) log output from requests and urllib
-            logging.getLogger("requests").setLevel(logging.WARNING)
-            logging.getLogger("urllib3").setLevel(logging.WARNING)
-            logging.getLogger("urllib3.connectionpool").setLevel(logging.WARNING)
-        print_text(
-            "        \n" + capycli.get_app_signature() +
-            " - Determine Rust components/dependencies\n")
-        if args.help:
-            print("usage: capycli getdependencies rust [-i INPUTFILE] [-o OUTFILE] [-v] [--search-meta-data]")
-            print("")
-            print("Determine Rust project dependencies")
-            print("")
-            print("optional arguments:")
-            print("    -h, --help                     show this help message and exit")
-            print("    -i FOLDER, --inputfile FOLDER  folder with the rust cargo project")
-            print("    -o OUTFILE, --outfile OUTFILE  output SBOM file")
-            print("    -v, --verbose                  verbose output")
-            print("    --search-meta-data             search for package meta data")
-            print("    -name NAME                     (optional) GitHub name for login")
-            print("    -gt TOKEN                      (optional) GitHub token for login")
-            return
-        if not args.inputfile:
-            print_red("No input folder specified!")
-            sys.exit(ResultCode.RESULT_COMMAND_ERROR)
-        if not os.path.isdir(args.inputfile):
-            print_red("Input folder not found!")
-            sys.exit(ResultCode.RESULT_FILE_NOT_FOUND)
-        if not args.outputfile:
-            print_red("No output SBOM file specified!")
-            sys.exit(ResultCode.RESULT_COMMAND_ERROR)
-        self.verbose = args.verbose
-        self.github_name = args.name
-        self.github_token = args.github_token
-        sbom = self.sbom_from_cargo_files(args.inputfile, args.search_meta_data)
-        GetPythonDependencies.check_meta_data(sbom, self.verbose)
-        if self.verbose:
-            print()
-        print_text("Writing new SBOM to " + args.outputfile)
-        SbomWriter.write_to_json(sbom, args.outputfile, True)
-        print_text(" " + self.get_comp_count_text(sbom) + " items written to file.")
-        print()

{capycli-2.10.0 → capycli-2.10.0.dev1}/License.md RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/__init__.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/__main__.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/__init__.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/bom_convert.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/bom_validate.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/check_bom.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/check_bom_item_status.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/check_granularity.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/create_components.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/csv.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/diff_bom.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/filter_bom.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/findsources.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/html.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/legacy.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/legacy_cx.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/map_bom.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/merge_bom.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/plaintext.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/bom/show_bom.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/__init__.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/capycli_bom_support.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/comparable_version.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/component_cache.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/dependencies_base.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/file_support.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/github_support.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/html_support.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/json_support.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/map_result.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/print.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/purl_service.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/purl_store.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/purl_utils.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/script_base.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/common/script_support.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/data/__init__.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/data/granularity_list.csv RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/dependencies/__init__.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/dependencies/javascript.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/dependencies/maven_list.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/dependencies/maven_pom.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/dependencies/nuget.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/main/__init__.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/main/application.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/main/argument_parser.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/main/cli.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/main/exceptions.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/main/result_codes.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/mapping/handle_mapping.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/mapping/mapping_to_html.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/mapping/mapping_to_xlsx.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/moverview/handle_moverview.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/moverview/moverview_to_html.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/moverview/moverview_to_xlsx.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/__init__.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/check_prerequisites.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/create_bom.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/create_project.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/create_readme.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/find_project.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/get_license_info.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/handle_project.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/show_ecc.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/show_licenses.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/show_project.py RENAMED Viewed

File without changes

{capycli-2.10.0 → capycli-2.10.0.dev1}/capycli/project/show_vulnerabilities.py RENAMED Viewed

File without changes

capycli 2.10.0__tar.gz → 2.10.0.dev1__tar.gz

capycli 2.10.0tar.gz → 2.10.0.dev1tar.gz