fosslight-dependency 3.15.6__py3-none-any.whl → 4.0.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- fosslight_dependency/_analyze_dependency.py +5 -4
- fosslight_dependency/_graph_convertor.py +9 -10
- fosslight_dependency/_package_manager.py +2 -13
- fosslight_dependency/dependency_item.py +103 -0
- fosslight_dependency/package_manager/Android.py +20 -20
- fosslight_dependency/package_manager/Carthage.py +18 -17
- fosslight_dependency/package_manager/Cocoapods.py +26 -22
- fosslight_dependency/package_manager/Go.py +37 -37
- fosslight_dependency/package_manager/Gradle.py +25 -24
- fosslight_dependency/package_manager/Helm.py +19 -18
- fosslight_dependency/package_manager/Maven.py +24 -24
- fosslight_dependency/package_manager/Npm.py +31 -26
- fosslight_dependency/package_manager/Nuget.py +31 -28
- fosslight_dependency/package_manager/Pub.py +28 -28
- fosslight_dependency/package_manager/Pypi.py +24 -21
- fosslight_dependency/package_manager/Swift.py +31 -28
- fosslight_dependency/package_manager/Unity.py +25 -24
- fosslight_dependency/run_dependency_scanner.py +25 -32
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/METADATA +2 -2
- fosslight_dependency-4.0.0.dist-info/RECORD +36 -0
- fosslight_dependency-3.15.6.dist-info/RECORD +0 -35
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/Apache-2.0.txt +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/LICENSE +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/LicenseRef-3rd_party_licenses.txt +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/MIT.txt +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/WHEEL +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/entry_points.txt +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/top_level.txt +0 -0
|
@@ -14,6 +14,8 @@ import fosslight_util.constant as constant
|
|
|
14
14
|
import fosslight_dependency.constant as const
|
|
15
15
|
from fosslight_dependency._package_manager import PackageManager
|
|
16
16
|
from fosslight_dependency._package_manager import check_and_run_license_scanner, get_url_to_purl
|
|
17
|
+
from fosslight_dependency.dependency_item import DependencyItem, change_dependson_to_purl
|
|
18
|
+
from fosslight_util.oss_item import OssItem
|
|
17
19
|
|
|
18
20
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
19
21
|
|
|
@@ -279,23 +281,24 @@ class Pypi(PackageManager):
|
|
|
279
281
|
return ret
|
|
280
282
|
|
|
281
283
|
def parse_oss_information(self, f_name):
|
|
282
|
-
|
|
283
|
-
comment = ''
|
|
284
|
+
purl_dict = {}
|
|
284
285
|
try:
|
|
285
286
|
oss_init_name = ''
|
|
286
287
|
with open(f_name, 'r', encoding='utf-8') as json_file:
|
|
287
288
|
json_data = json.load(json_file)
|
|
288
289
|
|
|
289
290
|
for d in json_data:
|
|
291
|
+
dep_item = DependencyItem()
|
|
292
|
+
oss_item = OssItem()
|
|
290
293
|
oss_init_name = d['Name']
|
|
291
294
|
oss_init_name = re.sub(r"[-_.]+", "-", oss_init_name).lower()
|
|
292
|
-
|
|
295
|
+
oss_item.name = f"{self.package_manager_name}:{oss_init_name}"
|
|
293
296
|
license_name = check_UNKNOWN(d['License'])
|
|
294
|
-
homepage = check_UNKNOWN(d['URL'])
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
purl = get_url_to_purl(
|
|
298
|
-
|
|
297
|
+
oss_item.homepage = check_UNKNOWN(d['URL'])
|
|
298
|
+
oss_item.version = d['Version']
|
|
299
|
+
oss_item.download_location = f"{self.dn_url}{oss_init_name}/{oss_item.version}"
|
|
300
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name)
|
|
301
|
+
purl_dict[f'{oss_init_name}({oss_item.version})'] = dep_item.purl
|
|
299
302
|
if license_name is not None:
|
|
300
303
|
license_name = license_name.replace(';', ',')
|
|
301
304
|
else:
|
|
@@ -305,26 +308,26 @@ class Pypi(PackageManager):
|
|
|
305
308
|
license_file_dir)
|
|
306
309
|
if license_name_with_lic_scanner != "":
|
|
307
310
|
license_name = license_name_with_lic_scanner
|
|
311
|
+
oss_item.license = license_name
|
|
308
312
|
|
|
309
|
-
comment_list = []
|
|
310
|
-
deps_list = []
|
|
311
313
|
if oss_init_name == self.package_name:
|
|
312
|
-
|
|
314
|
+
oss_item.comment = 'root package'
|
|
313
315
|
elif self.direct_dep and len(self.direct_dep_list) > 0:
|
|
314
|
-
if f'{oss_init_name}({
|
|
315
|
-
|
|
316
|
+
if f'{oss_init_name}({oss_item.version})' in self.direct_dep_list:
|
|
317
|
+
oss_item.comment = 'direct'
|
|
316
318
|
else:
|
|
317
|
-
|
|
318
|
-
if f'{oss_init_name}({
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
319
|
+
oss_item.comment = 'transitive'
|
|
320
|
+
if f'{oss_init_name}({oss_item.version})' in self.relation_tree:
|
|
321
|
+
dep_item.depends_on_raw = self.relation_tree[f'{oss_init_name}({oss_item.version})']
|
|
322
|
+
|
|
323
|
+
dep_item.oss_items.append(oss_item)
|
|
324
|
+
self.dep_items.append(dep_item)
|
|
323
325
|
|
|
324
326
|
except Exception as ex:
|
|
325
327
|
logger.warning(f"Fail to parse oss information: {oss_init_name}({ex})")
|
|
326
|
-
|
|
327
|
-
|
|
328
|
+
if self.direct_dep:
|
|
329
|
+
self.dep_items = change_dependson_to_purl(purl_dict, self.dep_items)
|
|
330
|
+
return
|
|
328
331
|
|
|
329
332
|
def get_dependencies(self, dependencies, package):
|
|
330
333
|
package_name = 'package_name'
|
|
@@ -12,6 +12,8 @@ import fosslight_dependency.constant as const
|
|
|
12
12
|
from fosslight_dependency._package_manager import PackageManager
|
|
13
13
|
from fosslight_dependency._package_manager import connect_github, get_github_license
|
|
14
14
|
from fosslight_dependency._package_manager import get_url_to_purl
|
|
15
|
+
from fosslight_dependency.dependency_item import DependencyItem, change_dependson_to_purl
|
|
16
|
+
from fosslight_util.oss_item import OssItem
|
|
15
17
|
|
|
16
18
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
17
19
|
|
|
@@ -96,8 +98,8 @@ class Swift(PackageManager):
|
|
|
96
98
|
return ret
|
|
97
99
|
|
|
98
100
|
def parse_oss_information(self, f_name):
|
|
99
|
-
sheet_list = []
|
|
100
101
|
json_ver = 1
|
|
102
|
+
purl_dict = {}
|
|
101
103
|
|
|
102
104
|
with open(f_name, 'r', encoding='utf8') as json_file:
|
|
103
105
|
json_raw = json.load(json_file)
|
|
@@ -109,47 +111,48 @@ class Swift(PackageManager):
|
|
|
109
111
|
json_data = json_raw["pins"]
|
|
110
112
|
else:
|
|
111
113
|
logger.error(f'Not supported Package.resolved version {json_ver}')
|
|
112
|
-
return
|
|
114
|
+
return
|
|
113
115
|
|
|
114
116
|
g = connect_github(self.github_token)
|
|
115
117
|
|
|
116
118
|
for key in json_data:
|
|
119
|
+
dep_item = DependencyItem()
|
|
120
|
+
oss_item = OssItem()
|
|
117
121
|
if json_ver == 1:
|
|
118
122
|
oss_origin_name = key['package']
|
|
119
|
-
homepage = key['repositoryURL']
|
|
123
|
+
oss_item.homepage = key['repositoryURL']
|
|
120
124
|
elif json_ver == 2:
|
|
121
125
|
oss_origin_name = key['identity']
|
|
122
|
-
homepage = key['location']
|
|
126
|
+
oss_item.homepage = key['location']
|
|
123
127
|
|
|
124
|
-
if homepage.endswith('.git'):
|
|
125
|
-
homepage = homepage[:-4]
|
|
128
|
+
if oss_item.homepage.endswith('.git'):
|
|
129
|
+
oss_item.homepage = oss_item.homepage[:-4]
|
|
126
130
|
|
|
127
|
-
|
|
131
|
+
oss_item.name = f"{self.package_manager_name}:{oss_origin_name}"
|
|
128
132
|
|
|
129
|
-
|
|
130
|
-
if
|
|
131
|
-
|
|
133
|
+
oss_item.version = key['state'].get('version', None)
|
|
134
|
+
if oss_item.version is None:
|
|
135
|
+
oss_item.version = key['state'].get('revision', None)
|
|
132
136
|
|
|
133
|
-
|
|
134
|
-
license_name = ''
|
|
137
|
+
oss_item.download_location = oss_item.homepage
|
|
135
138
|
|
|
136
|
-
github_repo = "/".join(homepage.split('/')[-2:])
|
|
137
|
-
purl = get_url_to_purl(
|
|
138
|
-
|
|
139
|
-
|
|
139
|
+
github_repo = "/".join(oss_item.homepage.split('/')[-2:])
|
|
140
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name, github_repo, oss_item.version)
|
|
141
|
+
purl_dict[f'{oss_origin_name}({oss_item.version})'] = dep_item.purl
|
|
142
|
+
oss_item.license = get_github_license(g, github_repo, self.platform, self.license_scanner_bin)
|
|
140
143
|
|
|
141
|
-
comment_list = []
|
|
142
|
-
deps_list = []
|
|
143
144
|
if self.direct_dep and len(self.direct_dep_list) > 0:
|
|
144
145
|
if oss_origin_name in self.direct_dep_list:
|
|
145
|
-
|
|
146
|
+
oss_item.comment = 'direct'
|
|
146
147
|
else:
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
148
|
+
oss_item.comment = 'transitive'
|
|
149
|
+
if f'{oss_origin_name}({oss_item.version})' in self.relation_tree:
|
|
150
|
+
dep_item.depends_on_raw = self.relation_tree[f'{oss_origin_name}({oss_item.version})']
|
|
151
|
+
|
|
152
|
+
dep_item.oss_items.append(oss_item)
|
|
153
|
+
self.dep_items.append(dep_item)
|
|
154
|
+
|
|
155
|
+
if self.direct_dep:
|
|
156
|
+
self.dep_items = change_dependson_to_purl(purl_dict, self.dep_items)
|
|
157
|
+
|
|
158
|
+
return
|
|
@@ -11,6 +11,8 @@ import fosslight_util.constant as constant
|
|
|
11
11
|
import fosslight_dependency.constant as const
|
|
12
12
|
from fosslight_dependency._package_manager import PackageManager
|
|
13
13
|
from fosslight_dependency._package_manager import check_and_run_license_scanner, get_url_to_purl
|
|
14
|
+
from fosslight_dependency.dependency_item import DependencyItem
|
|
15
|
+
from fosslight_util.oss_item import OssItem
|
|
14
16
|
|
|
15
17
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
16
18
|
proprietary_license = 'Proprietary License'
|
|
@@ -33,20 +35,18 @@ class Unity(PackageManager):
|
|
|
33
35
|
self.append_input_package_list_file(self.input_file_name)
|
|
34
36
|
|
|
35
37
|
def parse_oss_information(self, f_name):
|
|
36
|
-
comment = ''
|
|
37
|
-
|
|
38
38
|
with open(f_name, 'r', encoding='utf8') as f:
|
|
39
39
|
f_yml = yaml.safe_load(f)
|
|
40
40
|
resolvedPkg = f_yml['m_ResolvedPackages']
|
|
41
41
|
|
|
42
42
|
try:
|
|
43
|
-
sheet_list = []
|
|
44
|
-
|
|
45
43
|
for pkg_data in resolvedPkg:
|
|
46
|
-
|
|
47
|
-
|
|
44
|
+
dep_item = DependencyItem()
|
|
45
|
+
oss_item = OssItem()
|
|
46
|
+
oss_item.name = pkg_data['name']
|
|
47
|
+
oss_item.version = pkg_data['version']
|
|
48
48
|
|
|
49
|
-
oss_packagecache_dir = os.path.join(self.packageCache_dir, f'{
|
|
49
|
+
oss_packagecache_dir = os.path.join(self.packageCache_dir, f'{oss_item.name}@{oss_item.version}')
|
|
50
50
|
license_f = os.path.join(oss_packagecache_dir, license_md)
|
|
51
51
|
if os.path.isfile(license_f):
|
|
52
52
|
license_name = check_and_run_license_scanner(self.platform,
|
|
@@ -61,6 +61,7 @@ class Unity(PackageManager):
|
|
|
61
61
|
break
|
|
62
62
|
else:
|
|
63
63
|
license_name = proprietary_license
|
|
64
|
+
oss_item.license = license_name
|
|
64
65
|
|
|
65
66
|
third_f = os.path.join(oss_packagecache_dir, third_party_md)
|
|
66
67
|
if os.path.isfile(third_f):
|
|
@@ -71,21 +72,21 @@ class Unity(PackageManager):
|
|
|
71
72
|
tf.write(line)
|
|
72
73
|
tf.flush()
|
|
73
74
|
|
|
74
|
-
homepage = pkg_data['repository']['url']
|
|
75
|
-
if homepage and homepage.startswith('git@'):
|
|
76
|
-
homepage = homepage.replace('git@', 'https://')
|
|
77
|
-
if homepage is None or homepage.startswith(self.unity_internal_url):
|
|
75
|
+
oss_item.homepage = pkg_data['repository']['url']
|
|
76
|
+
if oss_item.homepage and oss_item.homepage.startswith('git@'):
|
|
77
|
+
oss_item.homepage = oss_item.homepage.replace('git@', 'https://')
|
|
78
|
+
if oss_item.homepage is None or oss_item.homepage.startswith(self.unity_internal_url):
|
|
78
79
|
if license_name != proprietary_license:
|
|
79
|
-
homepage = f'{self.mirror_url}{
|
|
80
|
-
if homepage is None:
|
|
81
|
-
homepage = ''
|
|
80
|
+
oss_item.homepage = f'{self.mirror_url}{oss_item.name}'
|
|
81
|
+
if oss_item.homepage is None:
|
|
82
|
+
oss_item.homepage = ''
|
|
82
83
|
|
|
83
|
-
|
|
84
|
-
purl = get_url_to_purl(
|
|
85
|
-
if purl == 'None':
|
|
86
|
-
purl = ''
|
|
87
|
-
if purl != '':
|
|
88
|
-
purl = f'{purl}@{
|
|
84
|
+
oss_item.download_location = oss_item.homepage
|
|
85
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name)
|
|
86
|
+
if dep_item.purl == 'None':
|
|
87
|
+
dep_item.purl = ''
|
|
88
|
+
if dep_item.purl != '':
|
|
89
|
+
dep_item.purl = f'{dep_item.purl}@{oss_item.version}'
|
|
89
90
|
|
|
90
91
|
comment_list = []
|
|
91
92
|
if self.direct_dep:
|
|
@@ -94,10 +95,10 @@ class Unity(PackageManager):
|
|
|
94
95
|
else:
|
|
95
96
|
comment_list.append('transitive')
|
|
96
97
|
|
|
97
|
-
comment = ','.join(comment_list)
|
|
98
|
-
|
|
99
|
-
|
|
98
|
+
oss_item.comment = ','.join(comment_list)
|
|
99
|
+
dep_item.oss_items.append(oss_item)
|
|
100
|
+
self.dep_items.append(dep_item)
|
|
100
101
|
except Exception as e:
|
|
101
102
|
logger.error(f"Fail to parse unity oss information: {e}")
|
|
102
103
|
|
|
103
|
-
return
|
|
104
|
+
return
|
|
@@ -20,7 +20,7 @@ from fosslight_dependency._analyze_dependency import analyze_dependency
|
|
|
20
20
|
from fosslight_util.output_format import check_output_formats, write_output_file
|
|
21
21
|
if platform.system() != 'Windows':
|
|
22
22
|
from fosslight_util.write_spdx import write_spdx
|
|
23
|
-
from fosslight_util.
|
|
23
|
+
from fosslight_util.oss_item import ScannerItem
|
|
24
24
|
from fosslight_dependency._graph_convertor import GraphConvertor
|
|
25
25
|
|
|
26
26
|
# Package Name
|
|
@@ -98,10 +98,9 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
98
98
|
global logger
|
|
99
99
|
|
|
100
100
|
ret = True
|
|
101
|
-
sheet_list = {}
|
|
102
|
-
sheet_list[_sheet_name] = []
|
|
103
101
|
_json_ext = ".json"
|
|
104
102
|
_start_time = datetime.now().strftime('%y%m%d_%H%M')
|
|
103
|
+
scan_item = ScannerItem(_PKG_NAME, _start_time)
|
|
105
104
|
|
|
106
105
|
success, msg, output_path, output_files, output_extensions = check_output_formats(output_dir_file, formats, CUSTOMIZED_FORMAT)
|
|
107
106
|
if success:
|
|
@@ -151,7 +150,7 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
151
150
|
|
|
152
151
|
if not success:
|
|
153
152
|
logger.error(msg)
|
|
154
|
-
return False,
|
|
153
|
+
return False, scan_item
|
|
155
154
|
|
|
156
155
|
autodetect = True
|
|
157
156
|
if package_manager:
|
|
@@ -162,7 +161,7 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
162
161
|
logger.error(f"You entered the unsupported package manager({package_manager}).")
|
|
163
162
|
logger.error("Please enter the supported package manager({0}) with '-m' option."
|
|
164
163
|
.format(", ".join(support_packagemanager)))
|
|
165
|
-
return False,
|
|
164
|
+
return False, scan_item
|
|
166
165
|
|
|
167
166
|
if input_dir:
|
|
168
167
|
if os.path.isdir(input_dir):
|
|
@@ -171,10 +170,11 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
171
170
|
else:
|
|
172
171
|
logger.error(f"You entered the wrong input path({input_dir}) to run the script.")
|
|
173
172
|
logger.error("Please enter the existed input path with '-p' option.")
|
|
174
|
-
return False,
|
|
173
|
+
return False, scan_item
|
|
175
174
|
else:
|
|
176
175
|
input_dir = os.getcwd()
|
|
177
176
|
os.chdir(input_dir)
|
|
177
|
+
scan_item.set_cover_pathinfo(input_dir, path_to_exclude)
|
|
178
178
|
|
|
179
179
|
found_package_manager = {}
|
|
180
180
|
if autodetect:
|
|
@@ -198,13 +198,13 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
198
198
|
for pm, manifest_file_name in found_package_manager.items():
|
|
199
199
|
if manifest_file_name == pass_key:
|
|
200
200
|
continue
|
|
201
|
-
ret,
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
201
|
+
ret, package_dep_item_list, cover_comment = analyze_dependency(pm, input_dir, output_path,
|
|
202
|
+
pip_activate_cmd, pip_deactivate_cmd,
|
|
203
|
+
output_custom_dir, app_name, github_token,
|
|
204
|
+
manifest_file_name, direct)
|
|
205
205
|
if ret:
|
|
206
206
|
success_pm.append(f"{pm} ({', '.join(manifest_file_name)})")
|
|
207
|
-
|
|
207
|
+
scan_item.append_file_items(package_dep_item_list)
|
|
208
208
|
if pm == const.GRADLE:
|
|
209
209
|
if const.ANDROID in found_package_manager.keys():
|
|
210
210
|
found_package_manager[const.ANDROID] = pass_key
|
|
@@ -217,63 +217,56 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
217
217
|
fail_pm.remove(f"{const.GRADLE} ({', '.join(manifest_file_name)})")
|
|
218
218
|
else:
|
|
219
219
|
fail_pm.append(f"{pm} ({', '.join(manifest_file_name)})")
|
|
220
|
-
|
|
221
|
-
start_time=_start_time,
|
|
222
|
-
input_path=input_dir,
|
|
223
|
-
exclude_path=path_to_exclude)
|
|
224
|
-
cover_comment_arr = []
|
|
220
|
+
|
|
225
221
|
if len(found_package_manager.keys()) > 0:
|
|
226
222
|
if len(success_pm) > 0:
|
|
227
|
-
|
|
223
|
+
scan_item.set_cover_comment(f"Analyzed Package manager: {', '.join(success_pm)}")
|
|
228
224
|
if len(fail_pm) > 0:
|
|
229
225
|
info_msg = 'Check https://fosslight.org/fosslight-guide-en/scanner/3_dependency.html#-prerequisite.'
|
|
230
|
-
|
|
226
|
+
scan_item.set_cover_comment(f"Analysis failed Package manager: {', '.join(fail_pm)} ({info_msg})")
|
|
231
227
|
else:
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
cover.comment = ' / '.join(cover_comment_arr)
|
|
235
|
-
if cover_comment:
|
|
236
|
-
cover.comment += f', {cover_comment}'
|
|
228
|
+
scan_item.set_cover_comment("No Package manager detected.")
|
|
237
229
|
|
|
238
230
|
if ret and graph_path:
|
|
239
231
|
graph_path = os.path.abspath(graph_path)
|
|
240
232
|
try:
|
|
241
|
-
converter = GraphConvertor(
|
|
233
|
+
converter = GraphConvertor(scan_item.file_items[_PKG_NAME])
|
|
242
234
|
converter.save(graph_path, graph_size)
|
|
243
235
|
logger.info(f"Output graph image file: {graph_path}")
|
|
244
236
|
except Exception as e:
|
|
245
237
|
logger.error(f'Fail to make graph image: {e}')
|
|
246
238
|
|
|
239
|
+
if cover_comment:
|
|
240
|
+
scan_item.set_cover_comment(cover_comment)
|
|
241
|
+
|
|
247
242
|
combined_paths_and_files = [os.path.join(output_path, file) for file in output_files]
|
|
248
243
|
results = []
|
|
249
244
|
for i, output_extension in enumerate(output_extensions):
|
|
250
245
|
if formats:
|
|
251
246
|
if formats[i].startswith('spdx'):
|
|
252
247
|
if platform.system() != 'Windows':
|
|
253
|
-
results.append(write_spdx(combined_paths_and_files[i], output_extension,
|
|
248
|
+
results.append(write_spdx(combined_paths_and_files[i], output_extension, scan_item, _PKG_NAME,
|
|
254
249
|
pkg_resources.get_distribution(_PKG_NAME).version, spdx_version=(2, 3)))
|
|
255
250
|
else:
|
|
256
251
|
logger.error('Windows not support spdx format.')
|
|
257
252
|
else:
|
|
258
|
-
results.append(write_output_file(combined_paths_and_files[i], output_extension,
|
|
259
|
-
'', cover))
|
|
253
|
+
results.append(write_output_file(combined_paths_and_files[i], output_extension, scan_item, EXTENDED_HEADER))
|
|
260
254
|
else:
|
|
261
|
-
results.append(write_output_file(combined_paths_and_files[i], output_extension,
|
|
262
|
-
'', cover))
|
|
255
|
+
results.append(write_output_file(combined_paths_and_files[i], output_extension, scan_item, EXTENDED_HEADER))
|
|
263
256
|
for success_write, err_msg, result_file in results:
|
|
264
257
|
if success_write:
|
|
265
258
|
if result_file:
|
|
266
259
|
logger.info(f"Output file: {result_file}")
|
|
267
260
|
else:
|
|
268
261
|
logger.warning(f"{err_msg}")
|
|
269
|
-
for i in
|
|
270
|
-
logger.info(i
|
|
262
|
+
for i in scan_item.get_cover_comment():
|
|
263
|
+
logger.info(i)
|
|
271
264
|
else:
|
|
272
265
|
ret = False
|
|
273
266
|
logger.error(f"Fail to generate result file. msg:({err_msg})")
|
|
274
267
|
|
|
275
268
|
logger.warning("### FINISH ###")
|
|
276
|
-
return ret,
|
|
269
|
+
return ret, scan_item
|
|
277
270
|
|
|
278
271
|
|
|
279
272
|
def main():
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: fosslight-dependency
|
|
3
|
-
Version:
|
|
3
|
+
Version: 4.0.0
|
|
4
4
|
Summary: FOSSLight Dependency Scanner
|
|
5
5
|
Home-page: https://github.com/fosslight/fosslight_dependency_scanner
|
|
6
6
|
Author: LG Electronics
|
|
@@ -20,7 +20,7 @@ Requires-Dist: lxml
|
|
|
20
20
|
Requires-Dist: virtualenv
|
|
21
21
|
Requires-Dist: pyyaml
|
|
22
22
|
Requires-Dist: lastversion
|
|
23
|
-
Requires-Dist: fosslight-util
|
|
23
|
+
Requires-Dist: fosslight-util>=2.0.0
|
|
24
24
|
Requires-Dist: PyGithub
|
|
25
25
|
Requires-Dist: requirements-parser
|
|
26
26
|
Requires-Dist: defusedxml
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
fosslight_dependency/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
+
fosslight_dependency/_analyze_dependency.py,sha256=gwdOrwn31sI9Fk5_ZBBbryA1-hCfHdtfqS8QePF7poo,4064
|
|
3
|
+
fosslight_dependency/_graph_convertor.py,sha256=D8GwmJfuj9Wg3_DeKRPLGGdyHSLcoU2Q0VzKQbkJG4g,2267
|
|
4
|
+
fosslight_dependency/_help.py,sha256=EG-ojJ3Fyn3iYrd_4mGtyMLMefOqf7_AF21q3-jf2Y8,3258
|
|
5
|
+
fosslight_dependency/_package_manager.py,sha256=_wwyTWSe8fKyMpFZh1BnhjTMAPG-5adhjBLqaxbdjZE,17154
|
|
6
|
+
fosslight_dependency/constant.py,sha256=1mJGu1SYyxVKo0W_pCIt-ANp52E_I5ovXFvpl2OMmjU,1039
|
|
7
|
+
fosslight_dependency/dependency_item.py,sha256=wNLWcsNycf3HQ5Pib2WrMeo2dn0eHCRg20NLcL95Qew,3345
|
|
8
|
+
fosslight_dependency/run_dependency_scanner.py,sha256=aYyMFNpk76L6cKStgnV2aPxACAgsEx676UH48EE9_WU,15859
|
|
9
|
+
fosslight_dependency/LICENSES/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
10
|
+
fosslight_dependency/LICENSES/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
11
|
+
fosslight_dependency/package_manager/Android.py,sha256=0UZFvbLxDIreerK4fR316YPyhUpPliV_kfZulrxkUyo,3218
|
|
12
|
+
fosslight_dependency/package_manager/Carthage.py,sha256=qCHH6bhdowgPR5mS89AQLl_0Z5LRoyMZU4vAVHzPNCM,6390
|
|
13
|
+
fosslight_dependency/package_manager/Cocoapods.py,sha256=k_URV1ekMOU8l_y9_KIp_luu96ZGOl1xLIkH737VREA,8524
|
|
14
|
+
fosslight_dependency/package_manager/Go.py,sha256=O-6DTTRM2EoTpCVmlIPKFy8ZTz64EHTooOAoUimjeyk,6491
|
|
15
|
+
fosslight_dependency/package_manager/Gradle.py,sha256=IYmj9q3XiE_DPKdtll6lyRr98lFuyKWW2qz57X26Fn0,4359
|
|
16
|
+
fosslight_dependency/package_manager/Helm.py,sha256=ucx2Y0tWX37UHIzIGaRyTe7uQ2vlu2nUuO09hOMq9ZU,4223
|
|
17
|
+
fosslight_dependency/package_manager/Maven.py,sha256=JXiP8LwQZ10tf1l0Qgd4fvmv1RcVn52_PiMx6sTpSKo,10329
|
|
18
|
+
fosslight_dependency/package_manager/Npm.py,sha256=hwKC08m05KlHgfQpPX7lnDEJC-A7WKF9OniYW4n9TDM,10638
|
|
19
|
+
fosslight_dependency/package_manager/Nuget.py,sha256=FGD5tV1mTBl3G9mxWWnoMwLZUiSW7VCcHS7FxhCqU1g,9334
|
|
20
|
+
fosslight_dependency/package_manager/Pub.py,sha256=-cotOpPCmLMmLWwP0dF1hQ44CBzConjnDpJ1So0n7lo,9904
|
|
21
|
+
fosslight_dependency/package_manager/Pypi.py,sha256=7eBB5ko4HhRhby5txo9NXZl6td1O_8k11v8R9FwxygU,16254
|
|
22
|
+
fosslight_dependency/package_manager/Swift.py,sha256=Lw5kaubDlKIQjSHC5gZik4WfWBliMx8n6XW2vVPhd84,6700
|
|
23
|
+
fosslight_dependency/package_manager/Unity.py,sha256=LoyWCMa6R3x0VCsTH1EEJ7FQmYsraCDnoHZUHCmYeiU,4708
|
|
24
|
+
fosslight_dependency/package_manager/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
25
|
+
fosslight_dependency/third_party/askalono/askalono.exe,sha256=NyngElHbrg3zLFRVwn6fPDZE_EDAEb1N8tiwWoCm4pQ,4743680
|
|
26
|
+
fosslight_dependency/third_party/askalono/askalono_macos,sha256=cYSNXhAQpkdd8lkgnY5skNeDmU_8DIuP84eFi0OXKkE,5589868
|
|
27
|
+
fosslight_dependency/third_party/nomos/nomossa,sha256=oFF9I-fhug6AVNyFnWeVXwDRin6NWSvk1g7mHBotB3Q,866408
|
|
28
|
+
fosslight_dependency-4.0.0.dist-info/Apache-2.0.txt,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
29
|
+
fosslight_dependency-4.0.0.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
30
|
+
fosslight_dependency-4.0.0.dist-info/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
31
|
+
fosslight_dependency-4.0.0.dist-info/METADATA,sha256=c2dISBev5GNBVXNPy_Og51Lcl7GtfHBU7PcAwftfXVo,4844
|
|
32
|
+
fosslight_dependency-4.0.0.dist-info/MIT.txt,sha256=9cx4CbArgByWvkoEZNqpzbpJgA9TUe2D62rMocQpgfs,1082
|
|
33
|
+
fosslight_dependency-4.0.0.dist-info/WHEEL,sha256=eOLhNAGa2EW3wWl_TU484h7q1UNgy0JXjjoqKoxAAQc,92
|
|
34
|
+
fosslight_dependency-4.0.0.dist-info/entry_points.txt,sha256=e1QZbnCrQvfbwe9L6PxXnkRZMhl-PSo0QyUes0dGjU8,91
|
|
35
|
+
fosslight_dependency-4.0.0.dist-info/top_level.txt,sha256=Jc0V7VcVCH0TEM8ksb8dwroTYz4AmRaQnlr3FB71Hcs,21
|
|
36
|
+
fosslight_dependency-4.0.0.dist-info/RECORD,,
|
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
fosslight_dependency/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
fosslight_dependency/_analyze_dependency.py,sha256=5xR9EQxeI1u57Gp8Tw0YEhCc6T7kckTJ60h40mLGsEU,4010
|
|
3
|
-
fosslight_dependency/_graph_convertor.py,sha256=jbbPOuINAkv6Gwr2BQU3gDAK8UBCB_R_0H5n7WjOjKo,2399
|
|
4
|
-
fosslight_dependency/_help.py,sha256=EG-ojJ3Fyn3iYrd_4mGtyMLMefOqf7_AF21q3-jf2Y8,3258
|
|
5
|
-
fosslight_dependency/_package_manager.py,sha256=YM-jFwRpHxjUScbefBQYn16DVPLNzGi8h3HL3oT56cM,17614
|
|
6
|
-
fosslight_dependency/constant.py,sha256=1mJGu1SYyxVKo0W_pCIt-ANp52E_I5ovXFvpl2OMmjU,1039
|
|
7
|
-
fosslight_dependency/run_dependency_scanner.py,sha256=fAaGV8e62nQmdkbDras27TQ6goq0rx0bAozmPqxaC5I,16140
|
|
8
|
-
fosslight_dependency/LICENSES/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
9
|
-
fosslight_dependency/LICENSES/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
10
|
-
fosslight_dependency/package_manager/Android.py,sha256=9vO3JDRAV2-ZGfjk4sGSqY05nszulwGwehvf7saNIMY,3178
|
|
11
|
-
fosslight_dependency/package_manager/Carthage.py,sha256=OZL0ssKvN6pze0VohZ-kMeM-g-V7f5VqumpEh3o3t-U,6106
|
|
12
|
-
fosslight_dependency/package_manager/Cocoapods.py,sha256=dfXwillepl5LSST2P8q_IgorKW8weza1EKZWbe3tbUE,8333
|
|
13
|
-
fosslight_dependency/package_manager/Go.py,sha256=pbhYWs6ZsU77m0LIobx0pGXbF9c19fADyTG8ZoDJkWI,6272
|
|
14
|
-
fosslight_dependency/package_manager/Gradle.py,sha256=EQAGF_ohu2uB1uqk3itdO9vGhS5nKyPlomlbwbcVvYE,4203
|
|
15
|
-
fosslight_dependency/package_manager/Helm.py,sha256=FjzQilY3GJyX8thwMGY_Rr12kw-dbehxVk6jIJNb2-M,4024
|
|
16
|
-
fosslight_dependency/package_manager/Maven.py,sha256=-cS3DSFARE9rR0XtBVGvCv6JkmYYRjLtRAmn4TeIY1M,10282
|
|
17
|
-
fosslight_dependency/package_manager/Npm.py,sha256=uuIS0lC8LpKTs8A0fG4mhJfpGno_hMugGW8ss5M_mMI,10395
|
|
18
|
-
fosslight_dependency/package_manager/Nuget.py,sha256=j1zdLykGA6HcvGtdn8Kz1AZZmvK7iKxUERKWBNCfSp0,8948
|
|
19
|
-
fosslight_dependency/package_manager/Pub.py,sha256=7HlvFu7HXaSDF1_VjFUAM1O4pz1DutbNwNzmzldyLbA,9763
|
|
20
|
-
fosslight_dependency/package_manager/Pypi.py,sha256=hqhvsHwRqcM8bDUNJ6u8LTtEnMSUsRmVLllXZ793w_w,16046
|
|
21
|
-
fosslight_dependency/package_manager/Swift.py,sha256=9r19lSmpFjeOsYcBkvMhgFfFZ4pL4j32YvCFLWWc8Fs,6489
|
|
22
|
-
fosslight_dependency/package_manager/Unity.py,sha256=vGWtAHNtSkU8PxqKhoJNFFcUmNM2NJGRLwBmzeA21Sg,4353
|
|
23
|
-
fosslight_dependency/package_manager/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
24
|
-
fosslight_dependency/third_party/askalono/askalono.exe,sha256=NyngElHbrg3zLFRVwn6fPDZE_EDAEb1N8tiwWoCm4pQ,4743680
|
|
25
|
-
fosslight_dependency/third_party/askalono/askalono_macos,sha256=cYSNXhAQpkdd8lkgnY5skNeDmU_8DIuP84eFi0OXKkE,5589868
|
|
26
|
-
fosslight_dependency/third_party/nomos/nomossa,sha256=oFF9I-fhug6AVNyFnWeVXwDRin6NWSvk1g7mHBotB3Q,866408
|
|
27
|
-
fosslight_dependency-3.15.6.dist-info/Apache-2.0.txt,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
28
|
-
fosslight_dependency-3.15.6.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
29
|
-
fosslight_dependency-3.15.6.dist-info/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
30
|
-
fosslight_dependency-3.15.6.dist-info/METADATA,sha256=UMEQtl1y8gxN5HWTF3g4RJYaEk7hTjrwU9n6UX-l5ko,4846
|
|
31
|
-
fosslight_dependency-3.15.6.dist-info/MIT.txt,sha256=9cx4CbArgByWvkoEZNqpzbpJgA9TUe2D62rMocQpgfs,1082
|
|
32
|
-
fosslight_dependency-3.15.6.dist-info/WHEEL,sha256=eOLhNAGa2EW3wWl_TU484h7q1UNgy0JXjjoqKoxAAQc,92
|
|
33
|
-
fosslight_dependency-3.15.6.dist-info/entry_points.txt,sha256=e1QZbnCrQvfbwe9L6PxXnkRZMhl-PSo0QyUes0dGjU8,91
|
|
34
|
-
fosslight_dependency-3.15.6.dist-info/top_level.txt,sha256=Jc0V7VcVCH0TEM8ksb8dwroTYz4AmRaQnlr3FB71Hcs,21
|
|
35
|
-
fosslight_dependency-3.15.6.dist-info/RECORD,,
|
{fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/Apache-2.0.txt
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.0.0.dist-info}/top_level.txt
RENAMED
|
File without changes
|