PyPI - fosslight-binary - Versions diffs - 4.1.28__tar.gz → 4.1.30__tar.gz - Mend

fosslight-binary 4.1.28tar.gz → 4.1.30tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fosslight_binary
-Version: 4.1.28
+Version: 4.1.30
 Summary: FOSSLight Binary Scanner
 Home-page: https://github.com/fosslight/fosslight_binary_scanner
 Author: LG Electronics

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/requirements.txt RENAMED Viewed

@@ -8,5 +8,5 @@ py-tlsh
 pytz
 XlsxWriter
 PyYAML
-fosslight_util>=1.4.40
+fosslight_util>=1.4.43
 dependency-check

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/setup.py RENAMED Viewed

@@ -33,7 +33,7 @@ if __name__ == "__main__":
     setup(
         name=_PACKAEG_NAME,
-        version='4.1.28',
+        version='4.1.30',
         package_dir={"": "src"},
         packages=find_packages(where='src'),
         description='FOSSLight Binary Scanner',

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/src/fosslight_binary/_binary.py RENAMED Viewed

@@ -139,7 +139,7 @@ class BinaryItem:
         else:
             exclude = _EXCLUDE_TRUE_VALUE if self.exclude else ""
             yield [self.binary_strip_root, '',
-                   '', '', '', '', '', exclude, self.comment]
+                   '', '', '', '', '', exclude, self.comment, '', self.tlsh, self.checksum]
     def set_checksum_tlsh(self):
         self.checksum, self.tlsh, error, msg = get_checksum_and_tlsh(

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/src/fosslight_binary/_help.py RENAMED Viewed

@@ -15,6 +15,7 @@ _HELP_MESSAGE_BINARY = """
         -h\t\t\t\t    Print help message
         -v\t\t\t\t    Print FOSSLight Binary Scanner version
         -s\t\t\t\t    Extract only the binary list in simple mode
+        -e <path>\t\t\t    Path to exclude from analysis (files and directories)
         -o <output_path>\t\t    Output path
         \t\t\t\t    (If you want to generate the specific file name, add the output path with file name.)
         -f <format>\t\t\t    Output file format (excel, csv, opossum, yaml)

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/src/fosslight_binary/_jar_analysis.py RENAMED Viewed

@@ -161,7 +161,7 @@ def get_oss_info_from_pkg_info(pkg_info):
     return oss_name, oss_version
-def analyze_jar_file(path_to_find_bin):
+def analyze_jar_file(path_to_find_bin, path_to_exclude):
     remove_owasp_item = []
     owasp_items = {}
     remove_vulnerability_items = []
@@ -212,6 +212,11 @@ def analyze_jar_file(path_to_find_bin):
             # Even if the oss info is from pom.xml in jar file, the file name will be .jar file.
             # But the oss info from pom.xml could be different from .jar file.
             bin_with_path = val.get("filePath")
+            if any(os.path.commonpath([bin_with_path, exclude_path]) == exclude_path
+                   for exclude_path in path_to_exclude):
+                continue
             if not bin_with_path.endswith('.jar'):
                 bin_with_path = bin_with_path.split('.jar')[0] + '.jar'

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/src/fosslight_binary/binary_analysis.py RENAMED Viewed

@@ -13,7 +13,6 @@ import yaml
 import stat
 from fosslight_util.set_log import init_log
 import fosslight_util.constant as constant
-from fosslight_util.write_txt import write_txt_file
 from fosslight_util.output_format import check_output_format, write_output_file
 from ._binary_dao import get_oss_info_from_db
 from ._binary import BinaryItem
@@ -24,8 +23,8 @@ from fosslight_util.cover import CoverItem
 _PKG_NAME = "fosslight_binary"
 logger = logging.getLogger(constant.LOGGER_NAME)
-_REMOVE_FILE_EXTENSION = ['png', 'gif', 'jpg', 'bmp', 'jpeg', 'qm', 'xlsx', 'pdf', 'ico', 'pptx', 'jfif', 'docx',
-                          'doc', 'whl', 'xls', 'xlsm', 'ppt', 'mp4', 'pyc', 'plist', 'dat', 'json', 'js']
+_REMOVE_FILE_EXTENSION = ['qm', 'xlsx', 'pdf', 'pptx', 'jfif', 'docx', 'doc', 'whl',
+                          'xls', 'xlsm', 'ppt', 'mp4', 'pyc', 'plist', 'dat', 'json', 'js']
 _REMOVE_FILE_COMMAND_RESULT = [
     'data', 'timezone data', 'apple binary property list']
 INCLUDE_FILE_COMMAND_RESULT = ['current ar archive']
@@ -41,13 +40,13 @@ _start_time = ""
 windows = False
 BYTES = 2048
-JAR_VUL_HEADER = {'BIN_FL_Binary': ['ID', 'Source Name or Path', 'OSS Name',
+BIN_EXT_HEADER = {'BIN_FL_Binary': ['ID', 'Binary Path', 'OSS Name',
                                     'OSS Version', 'License', 'Download Location',
                                     'Homepage', 'Copyright Text', 'Exclude',
                                     'Comment', 'Vulnerability Link', 'TLSH', 'SHA1']}
-def init(path_to_find_bin, output_file_name, format):
+def init(path_to_find_bin, output_file_name, format, path_to_exclude=[]):
     global _root_path, logger, _start_time
     _json_ext = ".json"
@@ -69,37 +68,41 @@ def init(path_to_find_bin, output_file_name, format):
         if output_file != "":
             result_report = output_file
-            bin_txt_file = f"{output_file}.txt"
         else:
             if output_extension == _json_ext:
                 result_report = f"fosslight_opossum_bin_{_start_time}"
             else:
                 result_report = f"fosslight_report_bin_{_start_time}"
-            bin_txt_file = f"fosslight_binary_bin_{_start_time}.txt"
         result_report = os.path.join(output_path, result_report)
-        binary_txt_file = os.path.join(output_path, bin_txt_file)
     else:
         logger.error(f"Format error - {msg}")
         sys.exit(1)
     log_file = os.path.join(output_path, f"fosslight_log_bin_{_start_time}.txt")
-    logger, _result_log = init_log(log_file, True, logging.INFO, logging.DEBUG, _PKG_NAME, path_to_find_bin)
+    logger, _result_log = init_log(log_file, True, logging.INFO, logging.DEBUG, _PKG_NAME, path_to_find_bin, path_to_exclude)
     if not success:
         error_occured(error_msg=msg,
                       result_log=_result_log,
                       exit=True)
-    return _result_log, result_report, binary_txt_file, output_extension
+    return _result_log, result_report, output_extension
-def get_file_list(path_to_find):
+def get_file_list(path_to_find, abs_path_to_exclude):
     bin_list = []
     file_cnt = 0
     found_jar = False
     for root, dirs, files in os.walk(path_to_find):
+        if os.path.abspath(root) in abs_path_to_exclude:
+            continue
         for file in files:
+            file_path = os.path.join(root, file)
+            file_abs_path = os.path.abspath(file_path)
+            if any(os.path.commonpath([file_abs_path, exclude_path]) == exclude_path
+                    for exclude_path in abs_path_to_exclude):
+                continue
             file_lower_case = file.lower()
             extension = file_lower_case.split(".")[-1]
@@ -128,21 +131,22 @@ def get_file_list(path_to_find):
 def find_binaries(path_to_find_bin, output_dir, format, dburl="", simple_mode=False,
-                  correct_mode=True, correct_filepath=""):
+                  correct_mode=True, correct_filepath="", path_to_exclude=[]):
-    _result_log, result_report, binary_txt_file, output_extension = init(
-        path_to_find_bin, output_dir, format)
+    _result_log, result_report, output_extension = init(
+        path_to_find_bin, output_dir, format, path_to_exclude)
     total_bin_cnt = 0
     total_file_cnt = 0
     db_loaded_cnt = 0
     success_to_write = False
     writing_msg = ""
-    extended_header = {}
     hide_header = {'TLSH', "SHA1"}
     content_list = []
     result_file = ""
     bin_list = []
+    base_dir_name = os.path.basename(path_to_find_bin)
+    abs_path_to_exclude = [os.path.abspath(os.path.join(base_dir_name, path)) for path in path_to_exclude if path.strip() != ""]
     if not os.path.isdir(path_to_find_bin):
         error_occured(error_msg=f"Can't find the directory : {path_to_find_bin}",
@@ -151,7 +155,7 @@ def find_binaries(path_to_find_bin, output_dir, format, dburl="", simple_mode=Fa
     if not correct_filepath:
         correct_filepath = path_to_find_bin
     try:
-        total_file_cnt, file_list, found_jar = get_file_list(path_to_find_bin)
+        total_file_cnt, file_list, found_jar = get_file_list(path_to_find_bin, abs_path_to_exclude)
         return_list = list(return_bin_only(file_list))
     except Exception as ex:
         error_occured(error_msg=f"Failed to check whether it is binary or not : {ex}",
@@ -163,31 +167,21 @@ def find_binaries(path_to_find_bin, output_dir, format, dburl="", simple_mode=Fa
     else:
         cover = CoverItem(tool_name=_PKG_NAME,
                           start_time=_start_time,
-                          input_path=path_to_find_bin)
+                          input_path=path_to_find_bin,
+                          exclude_path=path_to_exclude)
         try:
             # Run OWASP Dependency-check
             if found_jar:
                 logger.info("Run OWASP Dependency-check to analyze .jar file")
-                owasp_items, vulnerability_items, success = analyze_jar_file(path_to_find_bin)
+                owasp_items, vulnerability_items, success = analyze_jar_file(path_to_find_bin, abs_path_to_exclude)
                 if success:
                     return_list = merge_binary_list(owasp_items, vulnerability_items, return_list)
-                    extended_header = JAR_VUL_HEADER
                 else:
                     logger.warning("Could not find OSS information for some jar files.")
             return_list, db_loaded_cnt = get_oss_info_from_db(return_list, dburl)
             return_list = sorted(return_list, key=lambda row: (row.bin_name))
-            if return_list:
-                str_files = (x.get_print_binary_only() for x in return_list)
-                success, error = write_txt_file(binary_txt_file,
-                                                "Binary\tsha1sum\ttlsh\n" + '\n'.join(str_files))
-                if success:
-                    _result_log["FOSSLight binary.txt"] = binary_txt_file
-                else:
-                    error_occured(error_msg=error, exit=False)
             sheet_list = {}
             for item in return_list:
                 content_list.extend(item.get_oss_report())
@@ -201,10 +195,10 @@ def find_binaries(path_to_find_bin, output_dir, format, dburl="", simple_mode=Fa
                     logger.info("Success to correct with yaml.")
             cover.comment = f"Total number of binaries: {total_bin_cnt} "
             if total_bin_cnt == 0:
-                cover.comment += "(No binaries detected.) "
+                cover.comment += "(No binary detected.) "
             cover.comment += f"/ Total number of files: {total_file_cnt}"
             success_to_write, writing_msg, result_file = write_output_file(result_report, output_extension, sheet_list,
-                                                                           extended_header, hide_header, cover)
+                                                                           BIN_EXT_HEADER, hide_header, cover)
         except Exception as ex:
             error_occured(error_msg=str(ex), exit=False)

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/src/fosslight_binary/cli.py RENAMED Viewed

@@ -16,6 +16,7 @@ _PKG_NAME = "fosslight_binary"
 def main():
     global windows
     path_to_find_bin = ""
+    path_to_exclude = []
     output_dir = ""
     format = ""
     db_url = ""
@@ -30,6 +31,7 @@ def main():
     parser.add_argument('-o', '--output', type=str, required=False)
     parser.add_argument('-d', '--dburl', type=str, default='', required=False)
     parser.add_argument('-f', '--format', type=str, required=False)
+    parser.add_argument('-e', '--exclude', nargs="*", required=False, default=[])
     parser.add_argument('--notice', action='store_true', required=False)
     parser.add_argument('--no_correction', action='store_true', required=False)
     parser.add_argument('--correct_fpath', nargs=1, type=str, required=False)
@@ -55,6 +57,9 @@ def main():
     else:
         path_to_find_bin = os.getcwd()
+    if args.exclude:  # -e option
+        path_to_exclude = args.exclude
     if args.output:  # -o option
         output_dir = args.output
@@ -88,7 +93,7 @@ def main():
     timer.setDaemon(True)
     timer.start()
-    find_binaries(path_to_find_bin, output_dir, format, db_url, simple_mode, correct_mode, correct_filepath)
+    find_binaries(path_to_find_bin, output_dir, format, db_url, simple_mode, correct_mode, correct_filepath, path_to_exclude)
 if __name__ == '__main__':

{fosslight_binary-4.1.28 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fosslight-binary
-Version: 4.1.28
+Version: 4.1.30
 Summary: FOSSLight Binary Scanner
 Home-page: https://github.com/fosslight/fosslight_binary_scanner
 Author: LG Electronics