fosslight-dependency 3.15.5__py3-none-any.whl → 4.0.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- fosslight_dependency/_analyze_dependency.py +5 -4
- fosslight_dependency/_graph_convertor.py +67 -0
- fosslight_dependency/_help.py +4 -0
- fosslight_dependency/_package_manager.py +2 -13
- fosslight_dependency/dependency_item.py +103 -0
- fosslight_dependency/package_manager/Android.py +20 -20
- fosslight_dependency/package_manager/Carthage.py +18 -17
- fosslight_dependency/package_manager/Cocoapods.py +26 -22
- fosslight_dependency/package_manager/Go.py +37 -37
- fosslight_dependency/package_manager/Gradle.py +25 -24
- fosslight_dependency/package_manager/Helm.py +19 -18
- fosslight_dependency/package_manager/Maven.py +24 -24
- fosslight_dependency/package_manager/Npm.py +31 -26
- fosslight_dependency/package_manager/Nuget.py +31 -28
- fosslight_dependency/package_manager/Pub.py +28 -28
- fosslight_dependency/package_manager/Pypi.py +24 -21
- fosslight_dependency/package_manager/Swift.py +31 -28
- fosslight_dependency/package_manager/Unity.py +25 -24
- fosslight_dependency/run_dependency_scanner.py +44 -31
- {fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/METADATA +4 -2
- fosslight_dependency-4.0.0.dist-info/RECORD +36 -0
- {fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/WHEEL +1 -1
- fosslight_dependency-3.15.5.dist-info/RECORD +0 -34
- {fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/Apache-2.0.txt +0 -0
- {fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/LICENSE +0 -0
- {fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/LicenseRef-3rd_party_licenses.txt +0 -0
- {fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/MIT.txt +0 -0
- {fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/entry_points.txt +0 -0
- {fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/top_level.txt +0 -0
|
@@ -14,6 +14,8 @@ import fosslight_util.constant as constant
|
|
|
14
14
|
import fosslight_dependency.constant as const
|
|
15
15
|
from fosslight_dependency._package_manager import PackageManager
|
|
16
16
|
from fosslight_dependency._package_manager import check_and_run_license_scanner, get_url_to_purl
|
|
17
|
+
from fosslight_dependency.dependency_item import DependencyItem, change_dependson_to_purl
|
|
18
|
+
from fosslight_util.oss_item import OssItem
|
|
17
19
|
|
|
18
20
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
19
21
|
|
|
@@ -279,23 +281,24 @@ class Pypi(PackageManager):
|
|
|
279
281
|
return ret
|
|
280
282
|
|
|
281
283
|
def parse_oss_information(self, f_name):
|
|
282
|
-
|
|
283
|
-
comment = ''
|
|
284
|
+
purl_dict = {}
|
|
284
285
|
try:
|
|
285
286
|
oss_init_name = ''
|
|
286
287
|
with open(f_name, 'r', encoding='utf-8') as json_file:
|
|
287
288
|
json_data = json.load(json_file)
|
|
288
289
|
|
|
289
290
|
for d in json_data:
|
|
291
|
+
dep_item = DependencyItem()
|
|
292
|
+
oss_item = OssItem()
|
|
290
293
|
oss_init_name = d['Name']
|
|
291
294
|
oss_init_name = re.sub(r"[-_.]+", "-", oss_init_name).lower()
|
|
292
|
-
|
|
295
|
+
oss_item.name = f"{self.package_manager_name}:{oss_init_name}"
|
|
293
296
|
license_name = check_UNKNOWN(d['License'])
|
|
294
|
-
homepage = check_UNKNOWN(d['URL'])
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
purl = get_url_to_purl(
|
|
298
|
-
|
|
297
|
+
oss_item.homepage = check_UNKNOWN(d['URL'])
|
|
298
|
+
oss_item.version = d['Version']
|
|
299
|
+
oss_item.download_location = f"{self.dn_url}{oss_init_name}/{oss_item.version}"
|
|
300
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name)
|
|
301
|
+
purl_dict[f'{oss_init_name}({oss_item.version})'] = dep_item.purl
|
|
299
302
|
if license_name is not None:
|
|
300
303
|
license_name = license_name.replace(';', ',')
|
|
301
304
|
else:
|
|
@@ -305,26 +308,26 @@ class Pypi(PackageManager):
|
|
|
305
308
|
license_file_dir)
|
|
306
309
|
if license_name_with_lic_scanner != "":
|
|
307
310
|
license_name = license_name_with_lic_scanner
|
|
311
|
+
oss_item.license = license_name
|
|
308
312
|
|
|
309
|
-
comment_list = []
|
|
310
|
-
deps_list = []
|
|
311
313
|
if oss_init_name == self.package_name:
|
|
312
|
-
|
|
314
|
+
oss_item.comment = 'root package'
|
|
313
315
|
elif self.direct_dep and len(self.direct_dep_list) > 0:
|
|
314
|
-
if f'{oss_init_name}({
|
|
315
|
-
|
|
316
|
+
if f'{oss_init_name}({oss_item.version})' in self.direct_dep_list:
|
|
317
|
+
oss_item.comment = 'direct'
|
|
316
318
|
else:
|
|
317
|
-
|
|
318
|
-
if f'{oss_init_name}({
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
319
|
+
oss_item.comment = 'transitive'
|
|
320
|
+
if f'{oss_init_name}({oss_item.version})' in self.relation_tree:
|
|
321
|
+
dep_item.depends_on_raw = self.relation_tree[f'{oss_init_name}({oss_item.version})']
|
|
322
|
+
|
|
323
|
+
dep_item.oss_items.append(oss_item)
|
|
324
|
+
self.dep_items.append(dep_item)
|
|
323
325
|
|
|
324
326
|
except Exception as ex:
|
|
325
327
|
logger.warning(f"Fail to parse oss information: {oss_init_name}({ex})")
|
|
326
|
-
|
|
327
|
-
|
|
328
|
+
if self.direct_dep:
|
|
329
|
+
self.dep_items = change_dependson_to_purl(purl_dict, self.dep_items)
|
|
330
|
+
return
|
|
328
331
|
|
|
329
332
|
def get_dependencies(self, dependencies, package):
|
|
330
333
|
package_name = 'package_name'
|
|
@@ -12,6 +12,8 @@ import fosslight_dependency.constant as const
|
|
|
12
12
|
from fosslight_dependency._package_manager import PackageManager
|
|
13
13
|
from fosslight_dependency._package_manager import connect_github, get_github_license
|
|
14
14
|
from fosslight_dependency._package_manager import get_url_to_purl
|
|
15
|
+
from fosslight_dependency.dependency_item import DependencyItem, change_dependson_to_purl
|
|
16
|
+
from fosslight_util.oss_item import OssItem
|
|
15
17
|
|
|
16
18
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
17
19
|
|
|
@@ -96,8 +98,8 @@ class Swift(PackageManager):
|
|
|
96
98
|
return ret
|
|
97
99
|
|
|
98
100
|
def parse_oss_information(self, f_name):
|
|
99
|
-
sheet_list = []
|
|
100
101
|
json_ver = 1
|
|
102
|
+
purl_dict = {}
|
|
101
103
|
|
|
102
104
|
with open(f_name, 'r', encoding='utf8') as json_file:
|
|
103
105
|
json_raw = json.load(json_file)
|
|
@@ -109,47 +111,48 @@ class Swift(PackageManager):
|
|
|
109
111
|
json_data = json_raw["pins"]
|
|
110
112
|
else:
|
|
111
113
|
logger.error(f'Not supported Package.resolved version {json_ver}')
|
|
112
|
-
return
|
|
114
|
+
return
|
|
113
115
|
|
|
114
116
|
g = connect_github(self.github_token)
|
|
115
117
|
|
|
116
118
|
for key in json_data:
|
|
119
|
+
dep_item = DependencyItem()
|
|
120
|
+
oss_item = OssItem()
|
|
117
121
|
if json_ver == 1:
|
|
118
122
|
oss_origin_name = key['package']
|
|
119
|
-
homepage = key['repositoryURL']
|
|
123
|
+
oss_item.homepage = key['repositoryURL']
|
|
120
124
|
elif json_ver == 2:
|
|
121
125
|
oss_origin_name = key['identity']
|
|
122
|
-
homepage = key['location']
|
|
126
|
+
oss_item.homepage = key['location']
|
|
123
127
|
|
|
124
|
-
if homepage.endswith('.git'):
|
|
125
|
-
homepage = homepage[:-4]
|
|
128
|
+
if oss_item.homepage.endswith('.git'):
|
|
129
|
+
oss_item.homepage = oss_item.homepage[:-4]
|
|
126
130
|
|
|
127
|
-
|
|
131
|
+
oss_item.name = f"{self.package_manager_name}:{oss_origin_name}"
|
|
128
132
|
|
|
129
|
-
|
|
130
|
-
if
|
|
131
|
-
|
|
133
|
+
oss_item.version = key['state'].get('version', None)
|
|
134
|
+
if oss_item.version is None:
|
|
135
|
+
oss_item.version = key['state'].get('revision', None)
|
|
132
136
|
|
|
133
|
-
|
|
134
|
-
license_name = ''
|
|
137
|
+
oss_item.download_location = oss_item.homepage
|
|
135
138
|
|
|
136
|
-
github_repo = "/".join(homepage.split('/')[-2:])
|
|
137
|
-
purl = get_url_to_purl(
|
|
138
|
-
|
|
139
|
-
|
|
139
|
+
github_repo = "/".join(oss_item.homepage.split('/')[-2:])
|
|
140
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name, github_repo, oss_item.version)
|
|
141
|
+
purl_dict[f'{oss_origin_name}({oss_item.version})'] = dep_item.purl
|
|
142
|
+
oss_item.license = get_github_license(g, github_repo, self.platform, self.license_scanner_bin)
|
|
140
143
|
|
|
141
|
-
comment_list = []
|
|
142
|
-
deps_list = []
|
|
143
144
|
if self.direct_dep and len(self.direct_dep_list) > 0:
|
|
144
145
|
if oss_origin_name in self.direct_dep_list:
|
|
145
|
-
|
|
146
|
+
oss_item.comment = 'direct'
|
|
146
147
|
else:
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
148
|
+
oss_item.comment = 'transitive'
|
|
149
|
+
if f'{oss_origin_name}({oss_item.version})' in self.relation_tree:
|
|
150
|
+
dep_item.depends_on_raw = self.relation_tree[f'{oss_origin_name}({oss_item.version})']
|
|
151
|
+
|
|
152
|
+
dep_item.oss_items.append(oss_item)
|
|
153
|
+
self.dep_items.append(dep_item)
|
|
154
|
+
|
|
155
|
+
if self.direct_dep:
|
|
156
|
+
self.dep_items = change_dependson_to_purl(purl_dict, self.dep_items)
|
|
157
|
+
|
|
158
|
+
return
|
|
@@ -11,6 +11,8 @@ import fosslight_util.constant as constant
|
|
|
11
11
|
import fosslight_dependency.constant as const
|
|
12
12
|
from fosslight_dependency._package_manager import PackageManager
|
|
13
13
|
from fosslight_dependency._package_manager import check_and_run_license_scanner, get_url_to_purl
|
|
14
|
+
from fosslight_dependency.dependency_item import DependencyItem
|
|
15
|
+
from fosslight_util.oss_item import OssItem
|
|
14
16
|
|
|
15
17
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
16
18
|
proprietary_license = 'Proprietary License'
|
|
@@ -33,20 +35,18 @@ class Unity(PackageManager):
|
|
|
33
35
|
self.append_input_package_list_file(self.input_file_name)
|
|
34
36
|
|
|
35
37
|
def parse_oss_information(self, f_name):
|
|
36
|
-
comment = ''
|
|
37
|
-
|
|
38
38
|
with open(f_name, 'r', encoding='utf8') as f:
|
|
39
39
|
f_yml = yaml.safe_load(f)
|
|
40
40
|
resolvedPkg = f_yml['m_ResolvedPackages']
|
|
41
41
|
|
|
42
42
|
try:
|
|
43
|
-
sheet_list = []
|
|
44
|
-
|
|
45
43
|
for pkg_data in resolvedPkg:
|
|
46
|
-
|
|
47
|
-
|
|
44
|
+
dep_item = DependencyItem()
|
|
45
|
+
oss_item = OssItem()
|
|
46
|
+
oss_item.name = pkg_data['name']
|
|
47
|
+
oss_item.version = pkg_data['version']
|
|
48
48
|
|
|
49
|
-
oss_packagecache_dir = os.path.join(self.packageCache_dir, f'{
|
|
49
|
+
oss_packagecache_dir = os.path.join(self.packageCache_dir, f'{oss_item.name}@{oss_item.version}')
|
|
50
50
|
license_f = os.path.join(oss_packagecache_dir, license_md)
|
|
51
51
|
if os.path.isfile(license_f):
|
|
52
52
|
license_name = check_and_run_license_scanner(self.platform,
|
|
@@ -61,6 +61,7 @@ class Unity(PackageManager):
|
|
|
61
61
|
break
|
|
62
62
|
else:
|
|
63
63
|
license_name = proprietary_license
|
|
64
|
+
oss_item.license = license_name
|
|
64
65
|
|
|
65
66
|
third_f = os.path.join(oss_packagecache_dir, third_party_md)
|
|
66
67
|
if os.path.isfile(third_f):
|
|
@@ -71,21 +72,21 @@ class Unity(PackageManager):
|
|
|
71
72
|
tf.write(line)
|
|
72
73
|
tf.flush()
|
|
73
74
|
|
|
74
|
-
homepage = pkg_data['repository']['url']
|
|
75
|
-
if homepage and homepage.startswith('git@'):
|
|
76
|
-
homepage = homepage.replace('git@', 'https://')
|
|
77
|
-
if homepage is None or homepage.startswith(self.unity_internal_url):
|
|
75
|
+
oss_item.homepage = pkg_data['repository']['url']
|
|
76
|
+
if oss_item.homepage and oss_item.homepage.startswith('git@'):
|
|
77
|
+
oss_item.homepage = oss_item.homepage.replace('git@', 'https://')
|
|
78
|
+
if oss_item.homepage is None or oss_item.homepage.startswith(self.unity_internal_url):
|
|
78
79
|
if license_name != proprietary_license:
|
|
79
|
-
homepage = f'{self.mirror_url}{
|
|
80
|
-
if homepage is None:
|
|
81
|
-
homepage = ''
|
|
80
|
+
oss_item.homepage = f'{self.mirror_url}{oss_item.name}'
|
|
81
|
+
if oss_item.homepage is None:
|
|
82
|
+
oss_item.homepage = ''
|
|
82
83
|
|
|
83
|
-
|
|
84
|
-
purl = get_url_to_purl(
|
|
85
|
-
if purl == 'None':
|
|
86
|
-
purl = ''
|
|
87
|
-
if purl != '':
|
|
88
|
-
purl = f'{purl}@{
|
|
84
|
+
oss_item.download_location = oss_item.homepage
|
|
85
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name)
|
|
86
|
+
if dep_item.purl == 'None':
|
|
87
|
+
dep_item.purl = ''
|
|
88
|
+
if dep_item.purl != '':
|
|
89
|
+
dep_item.purl = f'{dep_item.purl}@{oss_item.version}'
|
|
89
90
|
|
|
90
91
|
comment_list = []
|
|
91
92
|
if self.direct_dep:
|
|
@@ -94,10 +95,10 @@ class Unity(PackageManager):
|
|
|
94
95
|
else:
|
|
95
96
|
comment_list.append('transitive')
|
|
96
97
|
|
|
97
|
-
comment = ','.join(comment_list)
|
|
98
|
-
|
|
99
|
-
|
|
98
|
+
oss_item.comment = ','.join(comment_list)
|
|
99
|
+
dep_item.oss_items.append(oss_item)
|
|
100
|
+
self.dep_items.append(dep_item)
|
|
100
101
|
except Exception as e:
|
|
101
102
|
logger.error(f"Fail to parse unity oss information: {e}")
|
|
102
103
|
|
|
103
|
-
return
|
|
104
|
+
return
|
|
@@ -20,7 +20,8 @@ from fosslight_dependency._analyze_dependency import analyze_dependency
|
|
|
20
20
|
from fosslight_util.output_format import check_output_formats, write_output_file
|
|
21
21
|
if platform.system() != 'Windows':
|
|
22
22
|
from fosslight_util.write_spdx import write_spdx
|
|
23
|
-
from fosslight_util.
|
|
23
|
+
from fosslight_util.oss_item import ScannerItem
|
|
24
|
+
from fosslight_dependency._graph_convertor import GraphConvertor
|
|
24
25
|
|
|
25
26
|
# Package Name
|
|
26
27
|
_PKG_NAME = "fosslight_dependency"
|
|
@@ -92,14 +93,14 @@ def find_package_manager(input_dir, abs_path_to_exclude=[]):
|
|
|
92
93
|
|
|
93
94
|
def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='', pip_activate_cmd='',
|
|
94
95
|
pip_deactivate_cmd='', output_custom_dir='', app_name=const.default_app_name,
|
|
95
|
-
github_token='', formats=[], direct=True, path_to_exclude=[]
|
|
96
|
+
github_token='', formats=[], direct=True, path_to_exclude=[], graph_path='',
|
|
97
|
+
graph_size=(600, 600)):
|
|
96
98
|
global logger
|
|
97
99
|
|
|
98
100
|
ret = True
|
|
99
|
-
sheet_list = {}
|
|
100
|
-
sheet_list[_sheet_name] = []
|
|
101
101
|
_json_ext = ".json"
|
|
102
102
|
_start_time = datetime.now().strftime('%y%m%d_%H%M')
|
|
103
|
+
scan_item = ScannerItem(_PKG_NAME, _start_time)
|
|
103
104
|
|
|
104
105
|
success, msg, output_path, output_files, output_extensions = check_output_formats(output_dir_file, formats, CUSTOMIZED_FORMAT)
|
|
105
106
|
if success:
|
|
@@ -149,7 +150,7 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
149
150
|
|
|
150
151
|
if not success:
|
|
151
152
|
logger.error(msg)
|
|
152
|
-
return False,
|
|
153
|
+
return False, scan_item
|
|
153
154
|
|
|
154
155
|
autodetect = True
|
|
155
156
|
if package_manager:
|
|
@@ -160,7 +161,7 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
160
161
|
logger.error(f"You entered the unsupported package manager({package_manager}).")
|
|
161
162
|
logger.error("Please enter the supported package manager({0}) with '-m' option."
|
|
162
163
|
.format(", ".join(support_packagemanager)))
|
|
163
|
-
return False,
|
|
164
|
+
return False, scan_item
|
|
164
165
|
|
|
165
166
|
if input_dir:
|
|
166
167
|
if os.path.isdir(input_dir):
|
|
@@ -169,10 +170,11 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
169
170
|
else:
|
|
170
171
|
logger.error(f"You entered the wrong input path({input_dir}) to run the script.")
|
|
171
172
|
logger.error("Please enter the existed input path with '-p' option.")
|
|
172
|
-
return False,
|
|
173
|
+
return False, scan_item
|
|
173
174
|
else:
|
|
174
175
|
input_dir = os.getcwd()
|
|
175
176
|
os.chdir(input_dir)
|
|
177
|
+
scan_item.set_cover_pathinfo(input_dir, path_to_exclude)
|
|
176
178
|
|
|
177
179
|
found_package_manager = {}
|
|
178
180
|
if autodetect:
|
|
@@ -196,13 +198,13 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
196
198
|
for pm, manifest_file_name in found_package_manager.items():
|
|
197
199
|
if manifest_file_name == pass_key:
|
|
198
200
|
continue
|
|
199
|
-
ret,
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
201
|
+
ret, package_dep_item_list, cover_comment = analyze_dependency(pm, input_dir, output_path,
|
|
202
|
+
pip_activate_cmd, pip_deactivate_cmd,
|
|
203
|
+
output_custom_dir, app_name, github_token,
|
|
204
|
+
manifest_file_name, direct)
|
|
203
205
|
if ret:
|
|
204
206
|
success_pm.append(f"{pm} ({', '.join(manifest_file_name)})")
|
|
205
|
-
|
|
207
|
+
scan_item.append_file_items(package_dep_item_list)
|
|
206
208
|
if pm == const.GRADLE:
|
|
207
209
|
if const.ANDROID in found_package_manager.keys():
|
|
208
210
|
found_package_manager[const.ANDROID] = pass_key
|
|
@@ -215,23 +217,27 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
215
217
|
fail_pm.remove(f"{const.GRADLE} ({', '.join(manifest_file_name)})")
|
|
216
218
|
else:
|
|
217
219
|
fail_pm.append(f"{pm} ({', '.join(manifest_file_name)})")
|
|
218
|
-
|
|
219
|
-
start_time=_start_time,
|
|
220
|
-
input_path=input_dir,
|
|
221
|
-
exclude_path=path_to_exclude)
|
|
222
|
-
cover_comment_arr = []
|
|
220
|
+
|
|
223
221
|
if len(found_package_manager.keys()) > 0:
|
|
224
222
|
if len(success_pm) > 0:
|
|
225
|
-
|
|
223
|
+
scan_item.set_cover_comment(f"Analyzed Package manager: {', '.join(success_pm)}")
|
|
226
224
|
if len(fail_pm) > 0:
|
|
227
225
|
info_msg = 'Check https://fosslight.org/fosslight-guide-en/scanner/3_dependency.html#-prerequisite.'
|
|
228
|
-
|
|
226
|
+
scan_item.set_cover_comment(f"Analysis failed Package manager: {', '.join(fail_pm)} ({info_msg})")
|
|
229
227
|
else:
|
|
230
|
-
|
|
228
|
+
scan_item.set_cover_comment("No Package manager detected.")
|
|
229
|
+
|
|
230
|
+
if ret and graph_path:
|
|
231
|
+
graph_path = os.path.abspath(graph_path)
|
|
232
|
+
try:
|
|
233
|
+
converter = GraphConvertor(scan_item.file_items[_PKG_NAME])
|
|
234
|
+
converter.save(graph_path, graph_size)
|
|
235
|
+
logger.info(f"Output graph image file: {graph_path}")
|
|
236
|
+
except Exception as e:
|
|
237
|
+
logger.error(f'Fail to make graph image: {e}')
|
|
231
238
|
|
|
232
|
-
cover.comment = ' / '.join(cover_comment_arr)
|
|
233
239
|
if cover_comment:
|
|
234
|
-
|
|
240
|
+
scan_item.set_cover_comment(cover_comment)
|
|
235
241
|
|
|
236
242
|
combined_paths_and_files = [os.path.join(output_path, file) for file in output_files]
|
|
237
243
|
results = []
|
|
@@ -239,30 +245,28 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
239
245
|
if formats:
|
|
240
246
|
if formats[i].startswith('spdx'):
|
|
241
247
|
if platform.system() != 'Windows':
|
|
242
|
-
results.append(write_spdx(combined_paths_and_files[i], output_extension,
|
|
248
|
+
results.append(write_spdx(combined_paths_and_files[i], output_extension, scan_item, _PKG_NAME,
|
|
243
249
|
pkg_resources.get_distribution(_PKG_NAME).version, spdx_version=(2, 3)))
|
|
244
250
|
else:
|
|
245
251
|
logger.error('Windows not support spdx format.')
|
|
246
252
|
else:
|
|
247
|
-
results.append(write_output_file(combined_paths_and_files[i], output_extension,
|
|
248
|
-
'', cover))
|
|
253
|
+
results.append(write_output_file(combined_paths_and_files[i], output_extension, scan_item, EXTENDED_HEADER))
|
|
249
254
|
else:
|
|
250
|
-
results.append(write_output_file(combined_paths_and_files[i], output_extension,
|
|
251
|
-
'', cover))
|
|
255
|
+
results.append(write_output_file(combined_paths_and_files[i], output_extension, scan_item, EXTENDED_HEADER))
|
|
252
256
|
for success_write, err_msg, result_file in results:
|
|
253
257
|
if success_write:
|
|
254
258
|
if result_file:
|
|
255
259
|
logger.info(f"Output file: {result_file}")
|
|
256
260
|
else:
|
|
257
261
|
logger.warning(f"{err_msg}")
|
|
258
|
-
for i in
|
|
259
|
-
logger.info(i
|
|
262
|
+
for i in scan_item.get_cover_comment():
|
|
263
|
+
logger.info(i)
|
|
260
264
|
else:
|
|
261
265
|
ret = False
|
|
262
266
|
logger.error(f"Fail to generate result file. msg:({err_msg})")
|
|
263
267
|
|
|
264
268
|
logger.warning("### FINISH ###")
|
|
265
|
-
return ret,
|
|
269
|
+
return ret, scan_item
|
|
266
270
|
|
|
267
271
|
|
|
268
272
|
def main():
|
|
@@ -276,6 +280,8 @@ def main():
|
|
|
276
280
|
app_name = const.default_app_name
|
|
277
281
|
github_token = ''
|
|
278
282
|
format = ''
|
|
283
|
+
graph_path = ''
|
|
284
|
+
graph_size = (600, 600)
|
|
279
285
|
direct = True
|
|
280
286
|
|
|
281
287
|
parser = argparse.ArgumentParser(add_help=False)
|
|
@@ -291,6 +297,8 @@ def main():
|
|
|
291
297
|
parser.add_argument('-n', '--appname', nargs=1, type=str, required=False)
|
|
292
298
|
parser.add_argument('-t', '--token', nargs=1, type=str, required=False)
|
|
293
299
|
parser.add_argument('-f', '--format', nargs="*", type=str, required=False)
|
|
300
|
+
parser.add_argument('--graph-path', nargs=1, type=str, required=False)
|
|
301
|
+
parser.add_argument('--graph-size', nargs=2, type=int, metavar=("WIDTH", "HEIGHT"), required=False)
|
|
294
302
|
parser.add_argument('--direct', choices=('true', 'false'), default='True', required=False)
|
|
295
303
|
parser.add_argument('--notice', action='store_true', required=False)
|
|
296
304
|
|
|
@@ -324,6 +332,10 @@ def main():
|
|
|
324
332
|
github_token = ''.join(args.token)
|
|
325
333
|
if args.format: # -f option
|
|
326
334
|
format = list(args.format)
|
|
335
|
+
if args.graph_path:
|
|
336
|
+
graph_path = ''.join(args.graph_path)
|
|
337
|
+
if args.graph_size:
|
|
338
|
+
graph_size = args.graph_size
|
|
327
339
|
if args.direct: # --direct option
|
|
328
340
|
if args.direct == 'true':
|
|
329
341
|
direct = True
|
|
@@ -343,7 +355,8 @@ def main():
|
|
|
343
355
|
sys.exit(0)
|
|
344
356
|
|
|
345
357
|
run_dependency_scanner(package_manager, input_dir, output_dir, pip_activate_cmd, pip_deactivate_cmd,
|
|
346
|
-
output_custom_dir, app_name, github_token, format, direct, path_to_exclude
|
|
358
|
+
output_custom_dir, app_name, github_token, format, direct, path_to_exclude,
|
|
359
|
+
graph_path, graph_size)
|
|
347
360
|
|
|
348
361
|
|
|
349
362
|
if __name__ == '__main__':
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: fosslight-dependency
|
|
3
|
-
Version:
|
|
3
|
+
Version: 4.0.0
|
|
4
4
|
Summary: FOSSLight Dependency Scanner
|
|
5
5
|
Home-page: https://github.com/fosslight/fosslight_dependency_scanner
|
|
6
6
|
Author: LG Electronics
|
|
@@ -20,11 +20,13 @@ Requires-Dist: lxml
|
|
|
20
20
|
Requires-Dist: virtualenv
|
|
21
21
|
Requires-Dist: pyyaml
|
|
22
22
|
Requires-Dist: lastversion
|
|
23
|
-
Requires-Dist: fosslight-util
|
|
23
|
+
Requires-Dist: fosslight-util>=2.0.0
|
|
24
24
|
Requires-Dist: PyGithub
|
|
25
25
|
Requires-Dist: requirements-parser
|
|
26
26
|
Requires-Dist: defusedxml
|
|
27
27
|
Requires-Dist: packageurl-python
|
|
28
|
+
Requires-Dist: igraph
|
|
29
|
+
Requires-Dist: matplotlib
|
|
28
30
|
|
|
29
31
|
<!--
|
|
30
32
|
Copyright (c) 2021 LG Electronics
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
fosslight_dependency/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
+
fosslight_dependency/_analyze_dependency.py,sha256=gwdOrwn31sI9Fk5_ZBBbryA1-hCfHdtfqS8QePF7poo,4064
|
|
3
|
+
fosslight_dependency/_graph_convertor.py,sha256=D8GwmJfuj9Wg3_DeKRPLGGdyHSLcoU2Q0VzKQbkJG4g,2267
|
|
4
|
+
fosslight_dependency/_help.py,sha256=EG-ojJ3Fyn3iYrd_4mGtyMLMefOqf7_AF21q3-jf2Y8,3258
|
|
5
|
+
fosslight_dependency/_package_manager.py,sha256=_wwyTWSe8fKyMpFZh1BnhjTMAPG-5adhjBLqaxbdjZE,17154
|
|
6
|
+
fosslight_dependency/constant.py,sha256=1mJGu1SYyxVKo0W_pCIt-ANp52E_I5ovXFvpl2OMmjU,1039
|
|
7
|
+
fosslight_dependency/dependency_item.py,sha256=wNLWcsNycf3HQ5Pib2WrMeo2dn0eHCRg20NLcL95Qew,3345
|
|
8
|
+
fosslight_dependency/run_dependency_scanner.py,sha256=aYyMFNpk76L6cKStgnV2aPxACAgsEx676UH48EE9_WU,15859
|
|
9
|
+
fosslight_dependency/LICENSES/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
10
|
+
fosslight_dependency/LICENSES/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
11
|
+
fosslight_dependency/package_manager/Android.py,sha256=0UZFvbLxDIreerK4fR316YPyhUpPliV_kfZulrxkUyo,3218
|
|
12
|
+
fosslight_dependency/package_manager/Carthage.py,sha256=qCHH6bhdowgPR5mS89AQLl_0Z5LRoyMZU4vAVHzPNCM,6390
|
|
13
|
+
fosslight_dependency/package_manager/Cocoapods.py,sha256=k_URV1ekMOU8l_y9_KIp_luu96ZGOl1xLIkH737VREA,8524
|
|
14
|
+
fosslight_dependency/package_manager/Go.py,sha256=O-6DTTRM2EoTpCVmlIPKFy8ZTz64EHTooOAoUimjeyk,6491
|
|
15
|
+
fosslight_dependency/package_manager/Gradle.py,sha256=IYmj9q3XiE_DPKdtll6lyRr98lFuyKWW2qz57X26Fn0,4359
|
|
16
|
+
fosslight_dependency/package_manager/Helm.py,sha256=ucx2Y0tWX37UHIzIGaRyTe7uQ2vlu2nUuO09hOMq9ZU,4223
|
|
17
|
+
fosslight_dependency/package_manager/Maven.py,sha256=JXiP8LwQZ10tf1l0Qgd4fvmv1RcVn52_PiMx6sTpSKo,10329
|
|
18
|
+
fosslight_dependency/package_manager/Npm.py,sha256=hwKC08m05KlHgfQpPX7lnDEJC-A7WKF9OniYW4n9TDM,10638
|
|
19
|
+
fosslight_dependency/package_manager/Nuget.py,sha256=FGD5tV1mTBl3G9mxWWnoMwLZUiSW7VCcHS7FxhCqU1g,9334
|
|
20
|
+
fosslight_dependency/package_manager/Pub.py,sha256=-cotOpPCmLMmLWwP0dF1hQ44CBzConjnDpJ1So0n7lo,9904
|
|
21
|
+
fosslight_dependency/package_manager/Pypi.py,sha256=7eBB5ko4HhRhby5txo9NXZl6td1O_8k11v8R9FwxygU,16254
|
|
22
|
+
fosslight_dependency/package_manager/Swift.py,sha256=Lw5kaubDlKIQjSHC5gZik4WfWBliMx8n6XW2vVPhd84,6700
|
|
23
|
+
fosslight_dependency/package_manager/Unity.py,sha256=LoyWCMa6R3x0VCsTH1EEJ7FQmYsraCDnoHZUHCmYeiU,4708
|
|
24
|
+
fosslight_dependency/package_manager/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
25
|
+
fosslight_dependency/third_party/askalono/askalono.exe,sha256=NyngElHbrg3zLFRVwn6fPDZE_EDAEb1N8tiwWoCm4pQ,4743680
|
|
26
|
+
fosslight_dependency/third_party/askalono/askalono_macos,sha256=cYSNXhAQpkdd8lkgnY5skNeDmU_8DIuP84eFi0OXKkE,5589868
|
|
27
|
+
fosslight_dependency/third_party/nomos/nomossa,sha256=oFF9I-fhug6AVNyFnWeVXwDRin6NWSvk1g7mHBotB3Q,866408
|
|
28
|
+
fosslight_dependency-4.0.0.dist-info/Apache-2.0.txt,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
29
|
+
fosslight_dependency-4.0.0.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
30
|
+
fosslight_dependency-4.0.0.dist-info/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
31
|
+
fosslight_dependency-4.0.0.dist-info/METADATA,sha256=c2dISBev5GNBVXNPy_Og51Lcl7GtfHBU7PcAwftfXVo,4844
|
|
32
|
+
fosslight_dependency-4.0.0.dist-info/MIT.txt,sha256=9cx4CbArgByWvkoEZNqpzbpJgA9TUe2D62rMocQpgfs,1082
|
|
33
|
+
fosslight_dependency-4.0.0.dist-info/WHEEL,sha256=eOLhNAGa2EW3wWl_TU484h7q1UNgy0JXjjoqKoxAAQc,92
|
|
34
|
+
fosslight_dependency-4.0.0.dist-info/entry_points.txt,sha256=e1QZbnCrQvfbwe9L6PxXnkRZMhl-PSo0QyUes0dGjU8,91
|
|
35
|
+
fosslight_dependency-4.0.0.dist-info/top_level.txt,sha256=Jc0V7VcVCH0TEM8ksb8dwroTYz4AmRaQnlr3FB71Hcs,21
|
|
36
|
+
fosslight_dependency-4.0.0.dist-info/RECORD,,
|
|
@@ -1,34 +0,0 @@
|
|
|
1
|
-
fosslight_dependency/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
fosslight_dependency/_analyze_dependency.py,sha256=5xR9EQxeI1u57Gp8Tw0YEhCc6T7kckTJ60h40mLGsEU,4010
|
|
3
|
-
fosslight_dependency/_help.py,sha256=j7d-SlarBNfTW4cHoHoGb5mu-NoNpZ4f5l7Kw99rLzA,2906
|
|
4
|
-
fosslight_dependency/_package_manager.py,sha256=YM-jFwRpHxjUScbefBQYn16DVPLNzGi8h3HL3oT56cM,17614
|
|
5
|
-
fosslight_dependency/constant.py,sha256=1mJGu1SYyxVKo0W_pCIt-ANp52E_I5ovXFvpl2OMmjU,1039
|
|
6
|
-
fosslight_dependency/run_dependency_scanner.py,sha256=LMaUlFl_-qVhCmAaOSvYy2IUi0snrSVoWIGxR4YAi-g,15240
|
|
7
|
-
fosslight_dependency/LICENSES/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
8
|
-
fosslight_dependency/LICENSES/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
9
|
-
fosslight_dependency/package_manager/Android.py,sha256=9vO3JDRAV2-ZGfjk4sGSqY05nszulwGwehvf7saNIMY,3178
|
|
10
|
-
fosslight_dependency/package_manager/Carthage.py,sha256=OZL0ssKvN6pze0VohZ-kMeM-g-V7f5VqumpEh3o3t-U,6106
|
|
11
|
-
fosslight_dependency/package_manager/Cocoapods.py,sha256=SgWG1wdprNKxBiCPvMfS2yDiPqz-ZgUK2T8C3SI3JcI,8337
|
|
12
|
-
fosslight_dependency/package_manager/Go.py,sha256=pbhYWs6ZsU77m0LIobx0pGXbF9c19fADyTG8ZoDJkWI,6272
|
|
13
|
-
fosslight_dependency/package_manager/Gradle.py,sha256=EQAGF_ohu2uB1uqk3itdO9vGhS5nKyPlomlbwbcVvYE,4203
|
|
14
|
-
fosslight_dependency/package_manager/Helm.py,sha256=FjzQilY3GJyX8thwMGY_Rr12kw-dbehxVk6jIJNb2-M,4024
|
|
15
|
-
fosslight_dependency/package_manager/Maven.py,sha256=-cS3DSFARE9rR0XtBVGvCv6JkmYYRjLtRAmn4TeIY1M,10282
|
|
16
|
-
fosslight_dependency/package_manager/Npm.py,sha256=uuIS0lC8LpKTs8A0fG4mhJfpGno_hMugGW8ss5M_mMI,10395
|
|
17
|
-
fosslight_dependency/package_manager/Nuget.py,sha256=j1zdLykGA6HcvGtdn8Kz1AZZmvK7iKxUERKWBNCfSp0,8948
|
|
18
|
-
fosslight_dependency/package_manager/Pub.py,sha256=7HlvFu7HXaSDF1_VjFUAM1O4pz1DutbNwNzmzldyLbA,9763
|
|
19
|
-
fosslight_dependency/package_manager/Pypi.py,sha256=hqhvsHwRqcM8bDUNJ6u8LTtEnMSUsRmVLllXZ793w_w,16046
|
|
20
|
-
fosslight_dependency/package_manager/Swift.py,sha256=9r19lSmpFjeOsYcBkvMhgFfFZ4pL4j32YvCFLWWc8Fs,6489
|
|
21
|
-
fosslight_dependency/package_manager/Unity.py,sha256=vGWtAHNtSkU8PxqKhoJNFFcUmNM2NJGRLwBmzeA21Sg,4353
|
|
22
|
-
fosslight_dependency/package_manager/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
23
|
-
fosslight_dependency/third_party/askalono/askalono.exe,sha256=NyngElHbrg3zLFRVwn6fPDZE_EDAEb1N8tiwWoCm4pQ,4743680
|
|
24
|
-
fosslight_dependency/third_party/askalono/askalono_macos,sha256=cYSNXhAQpkdd8lkgnY5skNeDmU_8DIuP84eFi0OXKkE,5589868
|
|
25
|
-
fosslight_dependency/third_party/nomos/nomossa,sha256=oFF9I-fhug6AVNyFnWeVXwDRin6NWSvk1g7mHBotB3Q,866408
|
|
26
|
-
fosslight_dependency-3.15.5.dist-info/Apache-2.0.txt,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
27
|
-
fosslight_dependency-3.15.5.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
28
|
-
fosslight_dependency-3.15.5.dist-info/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
29
|
-
fosslight_dependency-3.15.5.dist-info/METADATA,sha256=nAaxfZdJDlqV2cBCCaWRmo_DZXtVY0C8LHtP9B7LuGM,4799
|
|
30
|
-
fosslight_dependency-3.15.5.dist-info/MIT.txt,sha256=9cx4CbArgByWvkoEZNqpzbpJgA9TUe2D62rMocQpgfs,1082
|
|
31
|
-
fosslight_dependency-3.15.5.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
|
|
32
|
-
fosslight_dependency-3.15.5.dist-info/entry_points.txt,sha256=e1QZbnCrQvfbwe9L6PxXnkRZMhl-PSo0QyUes0dGjU8,91
|
|
33
|
-
fosslight_dependency-3.15.5.dist-info/top_level.txt,sha256=Jc0V7VcVCH0TEM8ksb8dwroTYz4AmRaQnlr3FB71Hcs,21
|
|
34
|
-
fosslight_dependency-3.15.5.dist-info/RECORD,,
|
{fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/Apache-2.0.txt
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{fosslight_dependency-3.15.5.dist-info → fosslight_dependency-4.0.0.dist-info}/top_level.txt
RENAMED
|
File without changes
|