fosslight-dependency 3.15.2__tar.gz → 3.15.3__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/PKG-INFO +1 -1
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/setup.py +1 -1
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/_analyze_dependency.py +4 -1
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/_package_manager.py +13 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Android.py +2 -2
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Cocoapods.py +3 -6
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Go.py +3 -6
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Gradle.py +2 -4
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Maven.py +2 -4
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Npm.py +5 -8
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Nuget.py +3 -6
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Pub.py +3 -5
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Pypi.py +14 -6
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Swift.py +3 -6
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/run_dependency_scanner.py +7 -2
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency.egg-info/PKG-INFO +1 -1
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/LICENSE +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/LICENSES/Apache-2.0.txt +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/LICENSES/LicenseRef-3rd_party_licenses.txt +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/LICENSES/MIT.txt +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/MANIFEST.in +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/README.md +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/requirements.txt +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/setup.cfg +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/__init__.py +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/_help.py +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/constant.py +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Carthage.py +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Helm.py +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/Unity.py +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/package_manager/__init__.py +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency.egg-info/SOURCES.txt +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency.egg-info/dependency_links.txt +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency.egg-info/entry_points.txt +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency.egg-info/requires.txt +0 -0
- {fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency.egg-info/top_level.txt +0 -0
|
@@ -29,6 +29,7 @@ def analyze_dependency(package_manager_name, input_dir, output_dir, pip_activate
|
|
|
29
29
|
direct=True):
|
|
30
30
|
ret = True
|
|
31
31
|
package_sheet_list = []
|
|
32
|
+
cover_comment = ''
|
|
32
33
|
|
|
33
34
|
if package_manager_name == const.PYPI:
|
|
34
35
|
package_manager = Pypi(input_dir, output_dir, pip_activate_cmd, pip_deactivate_cmd)
|
|
@@ -82,9 +83,11 @@ def analyze_dependency(package_manager_name, input_dir, output_dir, pip_activate
|
|
|
82
83
|
|
|
83
84
|
if ret:
|
|
84
85
|
logger.warning(f"### Complete to analyze: {package_manager_name}")
|
|
86
|
+
if package_manager.cover_comment:
|
|
87
|
+
cover_comment = package_manager.cover_comment
|
|
85
88
|
else:
|
|
86
89
|
logger.error(f"### Fail to analyze: {package_manager_name}")
|
|
87
90
|
|
|
88
91
|
del package_manager
|
|
89
92
|
|
|
90
|
-
return ret, package_sheet_list
|
|
93
|
+
return ret, package_sheet_list, cover_comment
|
|
@@ -50,6 +50,7 @@ class PackageManager:
|
|
|
50
50
|
self.relation_tree = {}
|
|
51
51
|
self.package_name = ''
|
|
52
52
|
self.purl_dict = {}
|
|
53
|
+
self.cover_comment = ''
|
|
53
54
|
|
|
54
55
|
self.platform = platform.system()
|
|
55
56
|
self.license_scanner_bin = check_license_scanner(self.platform)
|
|
@@ -256,6 +257,18 @@ class PackageManager:
|
|
|
256
257
|
except Exception as e:
|
|
257
258
|
logger.warning(f'Fail to parse gradle dependency tree:{e}')
|
|
258
259
|
|
|
260
|
+
def change_dep_to_purl(self, sheet_list):
|
|
261
|
+
for oss_item in sheet_list:
|
|
262
|
+
try:
|
|
263
|
+
if len(oss_item) < 10:
|
|
264
|
+
break
|
|
265
|
+
deps_list = oss_item[9]
|
|
266
|
+
deps_purl = list(filter(None, map(lambda x: self.purl_dict.get(x, ''), deps_list)))
|
|
267
|
+
oss_item[9] = ','.join(deps_purl)
|
|
268
|
+
except Exception as e:
|
|
269
|
+
logger.warning(f'Fail to change depend_on to purl:{e}')
|
|
270
|
+
return sheet_list
|
|
271
|
+
|
|
259
272
|
|
|
260
273
|
def get_url_to_purl(url, pkg_manager, oss_name='', oss_version=''):
|
|
261
274
|
purl_prefix = f'pkg:{pkg_manager}'
|
|
@@ -74,9 +74,9 @@ class Android(PackageManager):
|
|
|
74
74
|
except Exception as e:
|
|
75
75
|
logger.error(f"Fail to find oss scope in dependency tree: {e}")
|
|
76
76
|
comment = ','.join(comment_list)
|
|
77
|
-
deps = ','.join(deps_list)
|
|
78
77
|
|
|
79
78
|
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
|
|
80
|
-
'', '', comment,
|
|
79
|
+
'', '', comment, deps_list])
|
|
80
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
81
81
|
|
|
82
82
|
return sheet_list
|
|
@@ -92,11 +92,8 @@ class Cocoapods(PackageManager):
|
|
|
92
92
|
else:
|
|
93
93
|
comment_list.append('transitive')
|
|
94
94
|
if f'{pod_oss_name_origin}({oss_version})' in self.relation_tree:
|
|
95
|
-
|
|
96
|
-
for ri in self.relation_tree[f'{pod_oss_name_origin}({oss_version})']]
|
|
97
|
-
deps_list.extend(rel_items)
|
|
95
|
+
deps_list.extend(self.relation_tree[f'{pod_oss_name_origin}({oss_version})'])
|
|
98
96
|
comment = ','.join(comment_list)
|
|
99
|
-
deps = ','.join(deps_list)
|
|
100
97
|
|
|
101
98
|
oss_name_report = f'{self.package_manager_name}:{pod_oss_name_origin}'
|
|
102
99
|
pod_oss_name = pod_oss_name_origin
|
|
@@ -138,10 +135,10 @@ class Cocoapods(PackageManager):
|
|
|
138
135
|
logger.warning(f'{pod_oss_name_origin} has different version({pod_oss_version})\
|
|
139
136
|
with spec version({oss_version})')
|
|
140
137
|
sheet_list.append([purl, oss_name_report, pod_oss_version, license_name, dn_loc, homepage,
|
|
141
|
-
'', '', comment,
|
|
138
|
+
'', '', comment, deps_list])
|
|
142
139
|
except Exception as e:
|
|
143
140
|
logger.warning(f"Fail to get {pod_oss_name_origin}:{e}")
|
|
144
|
-
|
|
141
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
145
142
|
return sheet_list
|
|
146
143
|
|
|
147
144
|
def get_oss_in_podspec(self, spec_file_path):
|
|
@@ -111,9 +111,7 @@ class Go(PackageManager):
|
|
|
111
111
|
comment_list.append('direct')
|
|
112
112
|
|
|
113
113
|
if f'{package_path}({oss_version})' in self.relation_tree:
|
|
114
|
-
|
|
115
|
-
for ri in self.relation_tree[f'{package_path}({oss_version})']]
|
|
116
|
-
deps_list.extend(rel_items)
|
|
114
|
+
deps_list.extend(self.relation_tree[f'{package_path}({oss_version})'])
|
|
117
115
|
|
|
118
116
|
homepage_set = []
|
|
119
117
|
homepage = self.dn_url + package_path
|
|
@@ -159,8 +157,7 @@ class Go(PackageManager):
|
|
|
159
157
|
continue
|
|
160
158
|
|
|
161
159
|
comment = ','.join(comment_list)
|
|
162
|
-
deps = ','.join(deps_list)
|
|
163
160
|
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
|
|
164
|
-
'', '', comment,
|
|
165
|
-
|
|
161
|
+
'', '', comment, deps_list])
|
|
162
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
166
163
|
return sheet_list
|
|
@@ -91,11 +91,9 @@ class Gradle(PackageManager):
|
|
|
91
91
|
except Exception as e:
|
|
92
92
|
logger.error(f"Fail to find oss scope in dependency tree: {e}")
|
|
93
93
|
comment = ','.join(comment_list)
|
|
94
|
-
deps = ','.join(deps_list)
|
|
95
|
-
|
|
96
94
|
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
|
|
97
|
-
'', '', comment,
|
|
98
|
-
|
|
95
|
+
'', '', comment, deps_list])
|
|
96
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
99
97
|
return sheet_list
|
|
100
98
|
|
|
101
99
|
|
|
@@ -253,9 +253,7 @@ class Maven(PackageManager):
|
|
|
253
253
|
except Exception as e:
|
|
254
254
|
logger.error(f"Fail to find oss scope in dependency tree: {e}")
|
|
255
255
|
comment = ','.join(comment_list)
|
|
256
|
-
deps = ','.join(deps_list)
|
|
257
|
-
|
|
258
256
|
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
|
|
259
|
-
'', '', comment,
|
|
260
|
-
|
|
257
|
+
'', '', comment, deps_list])
|
|
258
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
261
259
|
return sheet_list
|
|
@@ -197,24 +197,21 @@ class Npm(PackageManager):
|
|
|
197
197
|
comment_list.append('transitive')
|
|
198
198
|
|
|
199
199
|
if f'{oss_init_name}({oss_version})' in self.relation_tree:
|
|
200
|
-
|
|
201
|
-
deps_list.extend(rel_items)
|
|
200
|
+
deps_list.extend(self.relation_tree[f'{oss_init_name}({oss_version})'])
|
|
202
201
|
|
|
203
202
|
manifest_file_path = os.path.join(package_path, const.SUPPORT_PACKAE.get(self.package_manager_name))
|
|
204
203
|
multi_license, license_comment, multi_flag = check_multi_license(license_name, manifest_file_path)
|
|
205
204
|
|
|
206
205
|
comment = ','.join(comment_list)
|
|
207
|
-
deps = ','.join(deps_list)
|
|
208
206
|
if multi_flag:
|
|
209
207
|
comment = f'{comment}, {license_comment}'
|
|
210
|
-
|
|
211
|
-
'', '', comment, deps])
|
|
208
|
+
license_name = multi_license
|
|
212
209
|
else:
|
|
213
210
|
license_name = license_name.replace(",", "")
|
|
214
211
|
license_name = check_unknown_license(license_name, manifest_file_path)
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
212
|
+
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
|
|
213
|
+
'', '', comment, deps_list])
|
|
214
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
218
215
|
return sheet_list
|
|
219
216
|
|
|
220
217
|
|
|
@@ -109,17 +109,14 @@ class Nuget(PackageManager):
|
|
|
109
109
|
comment_list.append('transitive')
|
|
110
110
|
|
|
111
111
|
if f'{oss_origin_name}({oss_version})' in self.relation_tree:
|
|
112
|
-
|
|
113
|
-
for ri in self.relation_tree[f'{oss_origin_name}({oss_version})']]
|
|
114
|
-
deps_list.extend(rel_items)
|
|
112
|
+
deps_list.extend(self.relation_tree[f'{oss_origin_name}({oss_version})'])
|
|
115
113
|
|
|
116
114
|
comment = ','.join(comment_list)
|
|
117
|
-
|
|
118
|
-
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, '', '', comment, deps])
|
|
115
|
+
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, '', '', comment, deps_list])
|
|
119
116
|
|
|
120
117
|
except Exception as e:
|
|
121
118
|
logger.warning(f"Failed to parse oss information: {e}")
|
|
122
|
-
|
|
119
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
123
120
|
if os.path.isfile(tmp_license_txt_file_name):
|
|
124
121
|
os.remove(tmp_license_txt_file_name)
|
|
125
122
|
|
|
@@ -155,15 +155,13 @@ class Pub(PackageManager):
|
|
|
155
155
|
comment_list.append('transitive')
|
|
156
156
|
|
|
157
157
|
if f'{oss_origin_name}({oss_version})' in self.relation_tree:
|
|
158
|
-
|
|
159
|
-
for ri in self.relation_tree[f'{oss_origin_name}({oss_version})']]
|
|
160
|
-
deps_list.extend(rel_items)
|
|
158
|
+
deps_list.extend(self.relation_tree[f'{oss_origin_name}({oss_version})'])
|
|
161
159
|
comment = ','.join(comment_list)
|
|
162
|
-
deps = ','.join(deps_list)
|
|
163
160
|
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
|
|
164
|
-
'', '', comment,
|
|
161
|
+
'', '', comment, deps_list])
|
|
165
162
|
except Exception as e:
|
|
166
163
|
logger.error(f"Fail to parse pub oss information: {e}")
|
|
164
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
167
165
|
|
|
168
166
|
if os.path.isfile(tmp_license_txt_file_name):
|
|
169
167
|
os.remove(tmp_license_txt_file_name)
|
|
@@ -56,6 +56,17 @@ class Pypi(PackageManager):
|
|
|
56
56
|
def run_plugin(self):
|
|
57
57
|
ret = True
|
|
58
58
|
|
|
59
|
+
req_f = 'requirements.txt'
|
|
60
|
+
if os.path.exists(req_f):
|
|
61
|
+
with open(req_f, encoding='utf8') as rf:
|
|
62
|
+
for rf_line in rf.readlines():
|
|
63
|
+
ret_find = rf_line.find('--extra-index-url ')
|
|
64
|
+
if ret_find == -1:
|
|
65
|
+
ret_find = rf_line.find('--index-url ')
|
|
66
|
+
if ret_find == -1:
|
|
67
|
+
continue
|
|
68
|
+
self.cover_comment += rf_line
|
|
69
|
+
|
|
59
70
|
if not self.pip_activate_cmd and not self.pip_deactivate_cmd:
|
|
60
71
|
ret = self.create_virtualenv()
|
|
61
72
|
|
|
@@ -305,17 +316,14 @@ class Pypi(PackageManager):
|
|
|
305
316
|
else:
|
|
306
317
|
comment_list.append('transitive')
|
|
307
318
|
if f'{oss_init_name}({oss_version})' in self.relation_tree:
|
|
308
|
-
|
|
309
|
-
for ri in self.relation_tree[f'{oss_init_name}({oss_version})']]
|
|
310
|
-
deps_list.extend(rel_items)
|
|
319
|
+
deps_list.extend(self.relation_tree[f'{oss_init_name}({oss_version})'])
|
|
311
320
|
comment = ','.join(comment_list)
|
|
312
|
-
deps = ','.join(deps_list)
|
|
313
321
|
sheet_list.append([purl, oss_name, oss_version,
|
|
314
|
-
license_name, dn_loc, homepage, '', '', comment,
|
|
322
|
+
license_name, dn_loc, homepage, '', '', comment, deps_list])
|
|
315
323
|
|
|
316
324
|
except Exception as ex:
|
|
317
325
|
logger.warning(f"Fail to parse oss information: {oss_init_name}({ex})")
|
|
318
|
-
|
|
326
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
319
327
|
return sheet_list
|
|
320
328
|
|
|
321
329
|
def get_dependencies(self, dependencies, package):
|
|
@@ -147,12 +147,9 @@ class Swift(PackageManager):
|
|
|
147
147
|
comment_list.append('transitive')
|
|
148
148
|
|
|
149
149
|
if f'{oss_origin_name}({oss_version})' in self.relation_tree:
|
|
150
|
-
|
|
151
|
-
for ri in self.relation_tree[f'{oss_origin_name}({oss_version})']]
|
|
152
|
-
deps_list.extend(rel_items)
|
|
150
|
+
deps_list.extend(self.relation_tree[f'{oss_origin_name}({oss_version})'])
|
|
153
151
|
comment = ','.join(comment_list)
|
|
154
|
-
deps = ','.join(deps_list)
|
|
155
152
|
sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
|
|
156
|
-
'', '', comment,
|
|
157
|
-
|
|
153
|
+
'', '', comment, deps_list])
|
|
154
|
+
sheet_list = self.change_dep_to_purl(sheet_list)
|
|
158
155
|
return sheet_list
|
|
@@ -175,11 +175,14 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
175
175
|
pass_key = 'PASS'
|
|
176
176
|
success_pm = []
|
|
177
177
|
fail_pm = []
|
|
178
|
+
cover_comment = ''
|
|
178
179
|
for pm, manifest_file_name in found_package_manager.items():
|
|
179
180
|
if manifest_file_name == pass_key:
|
|
180
181
|
continue
|
|
181
|
-
ret, package_sheet_list = analyze_dependency(pm, input_dir, output_path,
|
|
182
|
-
|
|
182
|
+
ret, package_sheet_list, cover_comment = analyze_dependency(pm, input_dir, output_path,
|
|
183
|
+
pip_activate_cmd, pip_deactivate_cmd,
|
|
184
|
+
output_custom_dir, app_name, github_token,
|
|
185
|
+
manifest_file_name, direct)
|
|
183
186
|
if ret:
|
|
184
187
|
success_pm.append(f"{pm} ({', '.join(manifest_file_name)})")
|
|
185
188
|
sheet_list[_sheet_name].extend(package_sheet_list)
|
|
@@ -210,6 +213,8 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
210
213
|
cover_comment_arr.append("No Package manager detected.")
|
|
211
214
|
|
|
212
215
|
cover.comment = ' / '.join(cover_comment_arr)
|
|
216
|
+
if cover_comment:
|
|
217
|
+
cover.comment += f', {cover_comment}'
|
|
213
218
|
|
|
214
219
|
output_file_without_ext = os.path.join(output_path, output_file)
|
|
215
220
|
if format.startswith('spdx'):
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/__init__.py
RENAMED
|
File without changes
|
{fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/_help.py
RENAMED
|
File without changes
|
{fosslight_dependency-3.15.2 → fosslight_dependency-3.15.3}/src/fosslight_dependency/constant.py
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|