fosslight-dependency 3.15.6__py3-none-any.whl → 4.1.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- fosslight_dependency/_analyze_dependency.py +5 -4
- fosslight_dependency/_graph_convertor.py +9 -10
- fosslight_dependency/_package_manager.py +2 -13
- fosslight_dependency/dependency_item.py +103 -0
- fosslight_dependency/package_manager/Android.py +20 -20
- fosslight_dependency/package_manager/Carthage.py +18 -17
- fosslight_dependency/package_manager/Cocoapods.py +26 -22
- fosslight_dependency/package_manager/Go.py +37 -37
- fosslight_dependency/package_manager/Gradle.py +25 -24
- fosslight_dependency/package_manager/Helm.py +19 -18
- fosslight_dependency/package_manager/Maven.py +24 -24
- fosslight_dependency/package_manager/Npm.py +31 -26
- fosslight_dependency/package_manager/Nuget.py +31 -28
- fosslight_dependency/package_manager/Pub.py +28 -28
- fosslight_dependency/package_manager/Pypi.py +24 -21
- fosslight_dependency/package_manager/Swift.py +31 -28
- fosslight_dependency/package_manager/Unity.py +25 -24
- fosslight_dependency/run_dependency_scanner.py +27 -45
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/METADATA +2 -2
- fosslight_dependency-4.1.0.dist-info/RECORD +36 -0
- fosslight_dependency-3.15.6.dist-info/RECORD +0 -35
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/Apache-2.0.txt +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/LICENSE +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/LicenseRef-3rd_party_licenses.txt +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/MIT.txt +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/WHEEL +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/entry_points.txt +0 -0
- {fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/top_level.txt +0 -0
|
@@ -14,6 +14,8 @@ import fosslight_util.constant as constant
|
|
|
14
14
|
import fosslight_dependency.constant as const
|
|
15
15
|
from fosslight_dependency._package_manager import PackageManager
|
|
16
16
|
from fosslight_dependency._package_manager import check_and_run_license_scanner, get_url_to_purl
|
|
17
|
+
from fosslight_dependency.dependency_item import DependencyItem, change_dependson_to_purl
|
|
18
|
+
from fosslight_util.oss_item import OssItem
|
|
17
19
|
|
|
18
20
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
19
21
|
|
|
@@ -279,23 +281,24 @@ class Pypi(PackageManager):
|
|
|
279
281
|
return ret
|
|
280
282
|
|
|
281
283
|
def parse_oss_information(self, f_name):
|
|
282
|
-
|
|
283
|
-
comment = ''
|
|
284
|
+
purl_dict = {}
|
|
284
285
|
try:
|
|
285
286
|
oss_init_name = ''
|
|
286
287
|
with open(f_name, 'r', encoding='utf-8') as json_file:
|
|
287
288
|
json_data = json.load(json_file)
|
|
288
289
|
|
|
289
290
|
for d in json_data:
|
|
291
|
+
dep_item = DependencyItem()
|
|
292
|
+
oss_item = OssItem()
|
|
290
293
|
oss_init_name = d['Name']
|
|
291
294
|
oss_init_name = re.sub(r"[-_.]+", "-", oss_init_name).lower()
|
|
292
|
-
|
|
295
|
+
oss_item.name = f"{self.package_manager_name}:{oss_init_name}"
|
|
293
296
|
license_name = check_UNKNOWN(d['License'])
|
|
294
|
-
homepage = check_UNKNOWN(d['URL'])
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
purl = get_url_to_purl(
|
|
298
|
-
|
|
297
|
+
oss_item.homepage = check_UNKNOWN(d['URL'])
|
|
298
|
+
oss_item.version = d['Version']
|
|
299
|
+
oss_item.download_location = f"{self.dn_url}{oss_init_name}/{oss_item.version}"
|
|
300
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name)
|
|
301
|
+
purl_dict[f'{oss_init_name}({oss_item.version})'] = dep_item.purl
|
|
299
302
|
if license_name is not None:
|
|
300
303
|
license_name = license_name.replace(';', ',')
|
|
301
304
|
else:
|
|
@@ -305,26 +308,26 @@ class Pypi(PackageManager):
|
|
|
305
308
|
license_file_dir)
|
|
306
309
|
if license_name_with_lic_scanner != "":
|
|
307
310
|
license_name = license_name_with_lic_scanner
|
|
311
|
+
oss_item.license = license_name
|
|
308
312
|
|
|
309
|
-
comment_list = []
|
|
310
|
-
deps_list = []
|
|
311
313
|
if oss_init_name == self.package_name:
|
|
312
|
-
|
|
314
|
+
oss_item.comment = 'root package'
|
|
313
315
|
elif self.direct_dep and len(self.direct_dep_list) > 0:
|
|
314
|
-
if f'{oss_init_name}({
|
|
315
|
-
|
|
316
|
+
if f'{oss_init_name}({oss_item.version})' in self.direct_dep_list:
|
|
317
|
+
oss_item.comment = 'direct'
|
|
316
318
|
else:
|
|
317
|
-
|
|
318
|
-
if f'{oss_init_name}({
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
319
|
+
oss_item.comment = 'transitive'
|
|
320
|
+
if f'{oss_init_name}({oss_item.version})' in self.relation_tree:
|
|
321
|
+
dep_item.depends_on_raw = self.relation_tree[f'{oss_init_name}({oss_item.version})']
|
|
322
|
+
|
|
323
|
+
dep_item.oss_items.append(oss_item)
|
|
324
|
+
self.dep_items.append(dep_item)
|
|
323
325
|
|
|
324
326
|
except Exception as ex:
|
|
325
327
|
logger.warning(f"Fail to parse oss information: {oss_init_name}({ex})")
|
|
326
|
-
|
|
327
|
-
|
|
328
|
+
if self.direct_dep:
|
|
329
|
+
self.dep_items = change_dependson_to_purl(purl_dict, self.dep_items)
|
|
330
|
+
return
|
|
328
331
|
|
|
329
332
|
def get_dependencies(self, dependencies, package):
|
|
330
333
|
package_name = 'package_name'
|
|
@@ -12,6 +12,8 @@ import fosslight_dependency.constant as const
|
|
|
12
12
|
from fosslight_dependency._package_manager import PackageManager
|
|
13
13
|
from fosslight_dependency._package_manager import connect_github, get_github_license
|
|
14
14
|
from fosslight_dependency._package_manager import get_url_to_purl
|
|
15
|
+
from fosslight_dependency.dependency_item import DependencyItem, change_dependson_to_purl
|
|
16
|
+
from fosslight_util.oss_item import OssItem
|
|
15
17
|
|
|
16
18
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
17
19
|
|
|
@@ -96,8 +98,8 @@ class Swift(PackageManager):
|
|
|
96
98
|
return ret
|
|
97
99
|
|
|
98
100
|
def parse_oss_information(self, f_name):
|
|
99
|
-
sheet_list = []
|
|
100
101
|
json_ver = 1
|
|
102
|
+
purl_dict = {}
|
|
101
103
|
|
|
102
104
|
with open(f_name, 'r', encoding='utf8') as json_file:
|
|
103
105
|
json_raw = json.load(json_file)
|
|
@@ -109,47 +111,48 @@ class Swift(PackageManager):
|
|
|
109
111
|
json_data = json_raw["pins"]
|
|
110
112
|
else:
|
|
111
113
|
logger.error(f'Not supported Package.resolved version {json_ver}')
|
|
112
|
-
return
|
|
114
|
+
return
|
|
113
115
|
|
|
114
116
|
g = connect_github(self.github_token)
|
|
115
117
|
|
|
116
118
|
for key in json_data:
|
|
119
|
+
dep_item = DependencyItem()
|
|
120
|
+
oss_item = OssItem()
|
|
117
121
|
if json_ver == 1:
|
|
118
122
|
oss_origin_name = key['package']
|
|
119
|
-
homepage = key['repositoryURL']
|
|
123
|
+
oss_item.homepage = key['repositoryURL']
|
|
120
124
|
elif json_ver == 2:
|
|
121
125
|
oss_origin_name = key['identity']
|
|
122
|
-
homepage = key['location']
|
|
126
|
+
oss_item.homepage = key['location']
|
|
123
127
|
|
|
124
|
-
if homepage.endswith('.git'):
|
|
125
|
-
homepage = homepage[:-4]
|
|
128
|
+
if oss_item.homepage.endswith('.git'):
|
|
129
|
+
oss_item.homepage = oss_item.homepage[:-4]
|
|
126
130
|
|
|
127
|
-
|
|
131
|
+
oss_item.name = f"{self.package_manager_name}:{oss_origin_name}"
|
|
128
132
|
|
|
129
|
-
|
|
130
|
-
if
|
|
131
|
-
|
|
133
|
+
oss_item.version = key['state'].get('version', None)
|
|
134
|
+
if oss_item.version is None:
|
|
135
|
+
oss_item.version = key['state'].get('revision', None)
|
|
132
136
|
|
|
133
|
-
|
|
134
|
-
license_name = ''
|
|
137
|
+
oss_item.download_location = oss_item.homepage
|
|
135
138
|
|
|
136
|
-
github_repo = "/".join(homepage.split('/')[-2:])
|
|
137
|
-
purl = get_url_to_purl(
|
|
138
|
-
|
|
139
|
-
|
|
139
|
+
github_repo = "/".join(oss_item.homepage.split('/')[-2:])
|
|
140
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name, github_repo, oss_item.version)
|
|
141
|
+
purl_dict[f'{oss_origin_name}({oss_item.version})'] = dep_item.purl
|
|
142
|
+
oss_item.license = get_github_license(g, github_repo, self.platform, self.license_scanner_bin)
|
|
140
143
|
|
|
141
|
-
comment_list = []
|
|
142
|
-
deps_list = []
|
|
143
144
|
if self.direct_dep and len(self.direct_dep_list) > 0:
|
|
144
145
|
if oss_origin_name in self.direct_dep_list:
|
|
145
|
-
|
|
146
|
+
oss_item.comment = 'direct'
|
|
146
147
|
else:
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
148
|
+
oss_item.comment = 'transitive'
|
|
149
|
+
if f'{oss_origin_name}({oss_item.version})' in self.relation_tree:
|
|
150
|
+
dep_item.depends_on_raw = self.relation_tree[f'{oss_origin_name}({oss_item.version})']
|
|
151
|
+
|
|
152
|
+
dep_item.oss_items.append(oss_item)
|
|
153
|
+
self.dep_items.append(dep_item)
|
|
154
|
+
|
|
155
|
+
if self.direct_dep:
|
|
156
|
+
self.dep_items = change_dependson_to_purl(purl_dict, self.dep_items)
|
|
157
|
+
|
|
158
|
+
return
|
|
@@ -11,6 +11,8 @@ import fosslight_util.constant as constant
|
|
|
11
11
|
import fosslight_dependency.constant as const
|
|
12
12
|
from fosslight_dependency._package_manager import PackageManager
|
|
13
13
|
from fosslight_dependency._package_manager import check_and_run_license_scanner, get_url_to_purl
|
|
14
|
+
from fosslight_dependency.dependency_item import DependencyItem
|
|
15
|
+
from fosslight_util.oss_item import OssItem
|
|
14
16
|
|
|
15
17
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
16
18
|
proprietary_license = 'Proprietary License'
|
|
@@ -33,20 +35,18 @@ class Unity(PackageManager):
|
|
|
33
35
|
self.append_input_package_list_file(self.input_file_name)
|
|
34
36
|
|
|
35
37
|
def parse_oss_information(self, f_name):
|
|
36
|
-
comment = ''
|
|
37
|
-
|
|
38
38
|
with open(f_name, 'r', encoding='utf8') as f:
|
|
39
39
|
f_yml = yaml.safe_load(f)
|
|
40
40
|
resolvedPkg = f_yml['m_ResolvedPackages']
|
|
41
41
|
|
|
42
42
|
try:
|
|
43
|
-
sheet_list = []
|
|
44
|
-
|
|
45
43
|
for pkg_data in resolvedPkg:
|
|
46
|
-
|
|
47
|
-
|
|
44
|
+
dep_item = DependencyItem()
|
|
45
|
+
oss_item = OssItem()
|
|
46
|
+
oss_item.name = pkg_data['name']
|
|
47
|
+
oss_item.version = pkg_data['version']
|
|
48
48
|
|
|
49
|
-
oss_packagecache_dir = os.path.join(self.packageCache_dir, f'{
|
|
49
|
+
oss_packagecache_dir = os.path.join(self.packageCache_dir, f'{oss_item.name}@{oss_item.version}')
|
|
50
50
|
license_f = os.path.join(oss_packagecache_dir, license_md)
|
|
51
51
|
if os.path.isfile(license_f):
|
|
52
52
|
license_name = check_and_run_license_scanner(self.platform,
|
|
@@ -61,6 +61,7 @@ class Unity(PackageManager):
|
|
|
61
61
|
break
|
|
62
62
|
else:
|
|
63
63
|
license_name = proprietary_license
|
|
64
|
+
oss_item.license = license_name
|
|
64
65
|
|
|
65
66
|
third_f = os.path.join(oss_packagecache_dir, third_party_md)
|
|
66
67
|
if os.path.isfile(third_f):
|
|
@@ -71,21 +72,21 @@ class Unity(PackageManager):
|
|
|
71
72
|
tf.write(line)
|
|
72
73
|
tf.flush()
|
|
73
74
|
|
|
74
|
-
homepage = pkg_data['repository']['url']
|
|
75
|
-
if homepage and homepage.startswith('git@'):
|
|
76
|
-
homepage = homepage.replace('git@', 'https://')
|
|
77
|
-
if homepage is None or homepage.startswith(self.unity_internal_url):
|
|
75
|
+
oss_item.homepage = pkg_data['repository']['url']
|
|
76
|
+
if oss_item.homepage and oss_item.homepage.startswith('git@'):
|
|
77
|
+
oss_item.homepage = oss_item.homepage.replace('git@', 'https://')
|
|
78
|
+
if oss_item.homepage is None or oss_item.homepage.startswith(self.unity_internal_url):
|
|
78
79
|
if license_name != proprietary_license:
|
|
79
|
-
homepage = f'{self.mirror_url}{
|
|
80
|
-
if homepage is None:
|
|
81
|
-
homepage = ''
|
|
80
|
+
oss_item.homepage = f'{self.mirror_url}{oss_item.name}'
|
|
81
|
+
if oss_item.homepage is None:
|
|
82
|
+
oss_item.homepage = ''
|
|
82
83
|
|
|
83
|
-
|
|
84
|
-
purl = get_url_to_purl(
|
|
85
|
-
if purl == 'None':
|
|
86
|
-
purl = ''
|
|
87
|
-
if purl != '':
|
|
88
|
-
purl = f'{purl}@{
|
|
84
|
+
oss_item.download_location = oss_item.homepage
|
|
85
|
+
dep_item.purl = get_url_to_purl(oss_item.download_location, self.package_manager_name)
|
|
86
|
+
if dep_item.purl == 'None':
|
|
87
|
+
dep_item.purl = ''
|
|
88
|
+
if dep_item.purl != '':
|
|
89
|
+
dep_item.purl = f'{dep_item.purl}@{oss_item.version}'
|
|
89
90
|
|
|
90
91
|
comment_list = []
|
|
91
92
|
if self.direct_dep:
|
|
@@ -94,10 +95,10 @@ class Unity(PackageManager):
|
|
|
94
95
|
else:
|
|
95
96
|
comment_list.append('transitive')
|
|
96
97
|
|
|
97
|
-
comment = ','.join(comment_list)
|
|
98
|
-
|
|
99
|
-
|
|
98
|
+
oss_item.comment = ','.join(comment_list)
|
|
99
|
+
dep_item.oss_items.append(oss_item)
|
|
100
|
+
self.dep_items.append(dep_item)
|
|
100
101
|
except Exception as e:
|
|
101
102
|
logger.error(f"Fail to parse unity oss information: {e}")
|
|
102
103
|
|
|
103
|
-
return
|
|
104
|
+
return
|
|
@@ -17,10 +17,8 @@ from fosslight_util.set_log import init_log
|
|
|
17
17
|
import fosslight_util.constant as constant
|
|
18
18
|
from fosslight_dependency._help import print_help_msg
|
|
19
19
|
from fosslight_dependency._analyze_dependency import analyze_dependency
|
|
20
|
-
from fosslight_util.output_format import
|
|
21
|
-
|
|
22
|
-
from fosslight_util.write_spdx import write_spdx
|
|
23
|
-
from fosslight_util.cover import CoverItem
|
|
20
|
+
from fosslight_util.output_format import check_output_formats_v2, write_output_file
|
|
21
|
+
from fosslight_util.oss_item import ScannerItem
|
|
24
22
|
from fosslight_dependency._graph_convertor import GraphConvertor
|
|
25
23
|
|
|
26
24
|
# Package Name
|
|
@@ -98,12 +96,11 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
98
96
|
global logger
|
|
99
97
|
|
|
100
98
|
ret = True
|
|
101
|
-
sheet_list = {}
|
|
102
|
-
sheet_list[_sheet_name] = []
|
|
103
99
|
_json_ext = ".json"
|
|
104
100
|
_start_time = datetime.now().strftime('%y%m%d_%H%M')
|
|
101
|
+
scan_item = ScannerItem(_PKG_NAME, _start_time)
|
|
105
102
|
|
|
106
|
-
success, msg, output_path, output_files, output_extensions =
|
|
103
|
+
success, msg, output_path, output_files, output_extensions, formats = check_output_formats_v2(output_dir_file, formats)
|
|
107
104
|
if success:
|
|
108
105
|
if output_path == "":
|
|
109
106
|
output_path = os.getcwd()
|
|
@@ -151,7 +148,7 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
151
148
|
|
|
152
149
|
if not success:
|
|
153
150
|
logger.error(msg)
|
|
154
|
-
return False,
|
|
151
|
+
return False, scan_item
|
|
155
152
|
|
|
156
153
|
autodetect = True
|
|
157
154
|
if package_manager:
|
|
@@ -162,7 +159,7 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
162
159
|
logger.error(f"You entered the unsupported package manager({package_manager}).")
|
|
163
160
|
logger.error("Please enter the supported package manager({0}) with '-m' option."
|
|
164
161
|
.format(", ".join(support_packagemanager)))
|
|
165
|
-
return False,
|
|
162
|
+
return False, scan_item
|
|
166
163
|
|
|
167
164
|
if input_dir:
|
|
168
165
|
if os.path.isdir(input_dir):
|
|
@@ -171,10 +168,11 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
171
168
|
else:
|
|
172
169
|
logger.error(f"You entered the wrong input path({input_dir}) to run the script.")
|
|
173
170
|
logger.error("Please enter the existed input path with '-p' option.")
|
|
174
|
-
return False,
|
|
171
|
+
return False, scan_item
|
|
175
172
|
else:
|
|
176
173
|
input_dir = os.getcwd()
|
|
177
174
|
os.chdir(input_dir)
|
|
175
|
+
scan_item.set_cover_pathinfo(input_dir, path_to_exclude)
|
|
178
176
|
|
|
179
177
|
found_package_manager = {}
|
|
180
178
|
if autodetect:
|
|
@@ -198,13 +196,13 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
198
196
|
for pm, manifest_file_name in found_package_manager.items():
|
|
199
197
|
if manifest_file_name == pass_key:
|
|
200
198
|
continue
|
|
201
|
-
ret,
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
199
|
+
ret, package_dep_item_list, cover_comment = analyze_dependency(pm, input_dir, output_path,
|
|
200
|
+
pip_activate_cmd, pip_deactivate_cmd,
|
|
201
|
+
output_custom_dir, app_name, github_token,
|
|
202
|
+
manifest_file_name, direct)
|
|
205
203
|
if ret:
|
|
206
204
|
success_pm.append(f"{pm} ({', '.join(manifest_file_name)})")
|
|
207
|
-
|
|
205
|
+
scan_item.append_file_items(package_dep_item_list)
|
|
208
206
|
if pm == const.GRADLE:
|
|
209
207
|
if const.ANDROID in found_package_manager.keys():
|
|
210
208
|
found_package_manager[const.ANDROID] = pass_key
|
|
@@ -217,63 +215,47 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='',
|
|
|
217
215
|
fail_pm.remove(f"{const.GRADLE} ({', '.join(manifest_file_name)})")
|
|
218
216
|
else:
|
|
219
217
|
fail_pm.append(f"{pm} ({', '.join(manifest_file_name)})")
|
|
220
|
-
|
|
221
|
-
start_time=_start_time,
|
|
222
|
-
input_path=input_dir,
|
|
223
|
-
exclude_path=path_to_exclude)
|
|
224
|
-
cover_comment_arr = []
|
|
218
|
+
|
|
225
219
|
if len(found_package_manager.keys()) > 0:
|
|
226
220
|
if len(success_pm) > 0:
|
|
227
|
-
|
|
221
|
+
scan_item.set_cover_comment(f"Analyzed Package manager: {', '.join(success_pm)}")
|
|
228
222
|
if len(fail_pm) > 0:
|
|
229
223
|
info_msg = 'Check https://fosslight.org/fosslight-guide-en/scanner/3_dependency.html#-prerequisite.'
|
|
230
|
-
|
|
224
|
+
scan_item.set_cover_comment(f"Analysis failed Package manager: {', '.join(fail_pm)} ({info_msg})")
|
|
231
225
|
else:
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
cover.comment = ' / '.join(cover_comment_arr)
|
|
235
|
-
if cover_comment:
|
|
236
|
-
cover.comment += f', {cover_comment}'
|
|
226
|
+
scan_item.set_cover_comment("No Package manager detected.")
|
|
237
227
|
|
|
238
228
|
if ret and graph_path:
|
|
239
229
|
graph_path = os.path.abspath(graph_path)
|
|
240
230
|
try:
|
|
241
|
-
converter = GraphConvertor(
|
|
231
|
+
converter = GraphConvertor(scan_item.file_items[_PKG_NAME])
|
|
242
232
|
converter.save(graph_path, graph_size)
|
|
243
233
|
logger.info(f"Output graph image file: {graph_path}")
|
|
244
234
|
except Exception as e:
|
|
245
235
|
logger.error(f'Fail to make graph image: {e}')
|
|
246
236
|
|
|
237
|
+
if cover_comment:
|
|
238
|
+
scan_item.set_cover_comment(cover_comment)
|
|
239
|
+
|
|
247
240
|
combined_paths_and_files = [os.path.join(output_path, file) for file in output_files]
|
|
248
241
|
results = []
|
|
249
242
|
for i, output_extension in enumerate(output_extensions):
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
if platform.system() != 'Windows':
|
|
253
|
-
results.append(write_spdx(combined_paths_and_files[i], output_extension, sheet_list, _PKG_NAME,
|
|
254
|
-
pkg_resources.get_distribution(_PKG_NAME).version, spdx_version=(2, 3)))
|
|
255
|
-
else:
|
|
256
|
-
logger.error('Windows not support spdx format.')
|
|
257
|
-
else:
|
|
258
|
-
results.append(write_output_file(combined_paths_and_files[i], output_extension, sheet_list, EXTENDED_HEADER,
|
|
259
|
-
'', cover))
|
|
260
|
-
else:
|
|
261
|
-
results.append(write_output_file(combined_paths_and_files[i], output_extension, sheet_list, EXTENDED_HEADER,
|
|
262
|
-
'', cover))
|
|
243
|
+
results.append(write_output_file(combined_paths_and_files[i], output_extension, scan_item,
|
|
244
|
+
EXTENDED_HEADER, '', formats[i]))
|
|
263
245
|
for success_write, err_msg, result_file in results:
|
|
264
246
|
if success_write:
|
|
265
247
|
if result_file:
|
|
266
248
|
logger.info(f"Output file: {result_file}")
|
|
267
249
|
else:
|
|
268
250
|
logger.warning(f"{err_msg}")
|
|
269
|
-
for i in
|
|
270
|
-
logger.info(i
|
|
251
|
+
for i in scan_item.get_cover_comment():
|
|
252
|
+
logger.info(i)
|
|
271
253
|
else:
|
|
272
254
|
ret = False
|
|
273
255
|
logger.error(f"Fail to generate result file. msg:({err_msg})")
|
|
274
256
|
|
|
275
257
|
logger.warning("### FINISH ###")
|
|
276
|
-
return ret,
|
|
258
|
+
return ret, scan_item
|
|
277
259
|
|
|
278
260
|
|
|
279
261
|
def main():
|
|
@@ -286,7 +268,7 @@ def main():
|
|
|
286
268
|
output_custom_dir = ''
|
|
287
269
|
app_name = const.default_app_name
|
|
288
270
|
github_token = ''
|
|
289
|
-
format =
|
|
271
|
+
format = []
|
|
290
272
|
graph_path = ''
|
|
291
273
|
graph_size = (600, 600)
|
|
292
274
|
direct = True
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: fosslight-dependency
|
|
3
|
-
Version:
|
|
3
|
+
Version: 4.1.0
|
|
4
4
|
Summary: FOSSLight Dependency Scanner
|
|
5
5
|
Home-page: https://github.com/fosslight/fosslight_dependency_scanner
|
|
6
6
|
Author: LG Electronics
|
|
@@ -20,7 +20,7 @@ Requires-Dist: lxml
|
|
|
20
20
|
Requires-Dist: virtualenv
|
|
21
21
|
Requires-Dist: pyyaml
|
|
22
22
|
Requires-Dist: lastversion
|
|
23
|
-
Requires-Dist: fosslight-util
|
|
23
|
+
Requires-Dist: fosslight-util>=2.1.0
|
|
24
24
|
Requires-Dist: PyGithub
|
|
25
25
|
Requires-Dist: requirements-parser
|
|
26
26
|
Requires-Dist: defusedxml
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
fosslight_dependency/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
+
fosslight_dependency/_analyze_dependency.py,sha256=gwdOrwn31sI9Fk5_ZBBbryA1-hCfHdtfqS8QePF7poo,4064
|
|
3
|
+
fosslight_dependency/_graph_convertor.py,sha256=D8GwmJfuj9Wg3_DeKRPLGGdyHSLcoU2Q0VzKQbkJG4g,2267
|
|
4
|
+
fosslight_dependency/_help.py,sha256=EG-ojJ3Fyn3iYrd_4mGtyMLMefOqf7_AF21q3-jf2Y8,3258
|
|
5
|
+
fosslight_dependency/_package_manager.py,sha256=_wwyTWSe8fKyMpFZh1BnhjTMAPG-5adhjBLqaxbdjZE,17154
|
|
6
|
+
fosslight_dependency/constant.py,sha256=1mJGu1SYyxVKo0W_pCIt-ANp52E_I5ovXFvpl2OMmjU,1039
|
|
7
|
+
fosslight_dependency/dependency_item.py,sha256=wNLWcsNycf3HQ5Pib2WrMeo2dn0eHCRg20NLcL95Qew,3345
|
|
8
|
+
fosslight_dependency/run_dependency_scanner.py,sha256=K5H_GavKDF_ISIEKBX7Z5awwSDzY1X4pZtLOOZITxbg,15221
|
|
9
|
+
fosslight_dependency/LICENSES/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
10
|
+
fosslight_dependency/LICENSES/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
11
|
+
fosslight_dependency/package_manager/Android.py,sha256=0UZFvbLxDIreerK4fR316YPyhUpPliV_kfZulrxkUyo,3218
|
|
12
|
+
fosslight_dependency/package_manager/Carthage.py,sha256=qCHH6bhdowgPR5mS89AQLl_0Z5LRoyMZU4vAVHzPNCM,6390
|
|
13
|
+
fosslight_dependency/package_manager/Cocoapods.py,sha256=k_URV1ekMOU8l_y9_KIp_luu96ZGOl1xLIkH737VREA,8524
|
|
14
|
+
fosslight_dependency/package_manager/Go.py,sha256=O-6DTTRM2EoTpCVmlIPKFy8ZTz64EHTooOAoUimjeyk,6491
|
|
15
|
+
fosslight_dependency/package_manager/Gradle.py,sha256=IYmj9q3XiE_DPKdtll6lyRr98lFuyKWW2qz57X26Fn0,4359
|
|
16
|
+
fosslight_dependency/package_manager/Helm.py,sha256=ucx2Y0tWX37UHIzIGaRyTe7uQ2vlu2nUuO09hOMq9ZU,4223
|
|
17
|
+
fosslight_dependency/package_manager/Maven.py,sha256=JXiP8LwQZ10tf1l0Qgd4fvmv1RcVn52_PiMx6sTpSKo,10329
|
|
18
|
+
fosslight_dependency/package_manager/Npm.py,sha256=hwKC08m05KlHgfQpPX7lnDEJC-A7WKF9OniYW4n9TDM,10638
|
|
19
|
+
fosslight_dependency/package_manager/Nuget.py,sha256=FGD5tV1mTBl3G9mxWWnoMwLZUiSW7VCcHS7FxhCqU1g,9334
|
|
20
|
+
fosslight_dependency/package_manager/Pub.py,sha256=-cotOpPCmLMmLWwP0dF1hQ44CBzConjnDpJ1So0n7lo,9904
|
|
21
|
+
fosslight_dependency/package_manager/Pypi.py,sha256=7eBB5ko4HhRhby5txo9NXZl6td1O_8k11v8R9FwxygU,16254
|
|
22
|
+
fosslight_dependency/package_manager/Swift.py,sha256=Lw5kaubDlKIQjSHC5gZik4WfWBliMx8n6XW2vVPhd84,6700
|
|
23
|
+
fosslight_dependency/package_manager/Unity.py,sha256=LoyWCMa6R3x0VCsTH1EEJ7FQmYsraCDnoHZUHCmYeiU,4708
|
|
24
|
+
fosslight_dependency/package_manager/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
25
|
+
fosslight_dependency/third_party/askalono/askalono.exe,sha256=NyngElHbrg3zLFRVwn6fPDZE_EDAEb1N8tiwWoCm4pQ,4743680
|
|
26
|
+
fosslight_dependency/third_party/askalono/askalono_macos,sha256=cYSNXhAQpkdd8lkgnY5skNeDmU_8DIuP84eFi0OXKkE,5589868
|
|
27
|
+
fosslight_dependency/third_party/nomos/nomossa,sha256=oFF9I-fhug6AVNyFnWeVXwDRin6NWSvk1g7mHBotB3Q,866408
|
|
28
|
+
fosslight_dependency-4.1.0.dist-info/Apache-2.0.txt,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
29
|
+
fosslight_dependency-4.1.0.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
30
|
+
fosslight_dependency-4.1.0.dist-info/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
31
|
+
fosslight_dependency-4.1.0.dist-info/METADATA,sha256=1w54Oi2kfKgJtT1fjB4w_sHTEsvLVd39Rxn8PpkZMtQ,4844
|
|
32
|
+
fosslight_dependency-4.1.0.dist-info/MIT.txt,sha256=9cx4CbArgByWvkoEZNqpzbpJgA9TUe2D62rMocQpgfs,1082
|
|
33
|
+
fosslight_dependency-4.1.0.dist-info/WHEEL,sha256=eOLhNAGa2EW3wWl_TU484h7q1UNgy0JXjjoqKoxAAQc,92
|
|
34
|
+
fosslight_dependency-4.1.0.dist-info/entry_points.txt,sha256=e1QZbnCrQvfbwe9L6PxXnkRZMhl-PSo0QyUes0dGjU8,91
|
|
35
|
+
fosslight_dependency-4.1.0.dist-info/top_level.txt,sha256=Jc0V7VcVCH0TEM8ksb8dwroTYz4AmRaQnlr3FB71Hcs,21
|
|
36
|
+
fosslight_dependency-4.1.0.dist-info/RECORD,,
|
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
fosslight_dependency/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
2
|
-
fosslight_dependency/_analyze_dependency.py,sha256=5xR9EQxeI1u57Gp8Tw0YEhCc6T7kckTJ60h40mLGsEU,4010
|
|
3
|
-
fosslight_dependency/_graph_convertor.py,sha256=jbbPOuINAkv6Gwr2BQU3gDAK8UBCB_R_0H5n7WjOjKo,2399
|
|
4
|
-
fosslight_dependency/_help.py,sha256=EG-ojJ3Fyn3iYrd_4mGtyMLMefOqf7_AF21q3-jf2Y8,3258
|
|
5
|
-
fosslight_dependency/_package_manager.py,sha256=YM-jFwRpHxjUScbefBQYn16DVPLNzGi8h3HL3oT56cM,17614
|
|
6
|
-
fosslight_dependency/constant.py,sha256=1mJGu1SYyxVKo0W_pCIt-ANp52E_I5ovXFvpl2OMmjU,1039
|
|
7
|
-
fosslight_dependency/run_dependency_scanner.py,sha256=fAaGV8e62nQmdkbDras27TQ6goq0rx0bAozmPqxaC5I,16140
|
|
8
|
-
fosslight_dependency/LICENSES/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
9
|
-
fosslight_dependency/LICENSES/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
10
|
-
fosslight_dependency/package_manager/Android.py,sha256=9vO3JDRAV2-ZGfjk4sGSqY05nszulwGwehvf7saNIMY,3178
|
|
11
|
-
fosslight_dependency/package_manager/Carthage.py,sha256=OZL0ssKvN6pze0VohZ-kMeM-g-V7f5VqumpEh3o3t-U,6106
|
|
12
|
-
fosslight_dependency/package_manager/Cocoapods.py,sha256=dfXwillepl5LSST2P8q_IgorKW8weza1EKZWbe3tbUE,8333
|
|
13
|
-
fosslight_dependency/package_manager/Go.py,sha256=pbhYWs6ZsU77m0LIobx0pGXbF9c19fADyTG8ZoDJkWI,6272
|
|
14
|
-
fosslight_dependency/package_manager/Gradle.py,sha256=EQAGF_ohu2uB1uqk3itdO9vGhS5nKyPlomlbwbcVvYE,4203
|
|
15
|
-
fosslight_dependency/package_manager/Helm.py,sha256=FjzQilY3GJyX8thwMGY_Rr12kw-dbehxVk6jIJNb2-M,4024
|
|
16
|
-
fosslight_dependency/package_manager/Maven.py,sha256=-cS3DSFARE9rR0XtBVGvCv6JkmYYRjLtRAmn4TeIY1M,10282
|
|
17
|
-
fosslight_dependency/package_manager/Npm.py,sha256=uuIS0lC8LpKTs8A0fG4mhJfpGno_hMugGW8ss5M_mMI,10395
|
|
18
|
-
fosslight_dependency/package_manager/Nuget.py,sha256=j1zdLykGA6HcvGtdn8Kz1AZZmvK7iKxUERKWBNCfSp0,8948
|
|
19
|
-
fosslight_dependency/package_manager/Pub.py,sha256=7HlvFu7HXaSDF1_VjFUAM1O4pz1DutbNwNzmzldyLbA,9763
|
|
20
|
-
fosslight_dependency/package_manager/Pypi.py,sha256=hqhvsHwRqcM8bDUNJ6u8LTtEnMSUsRmVLllXZ793w_w,16046
|
|
21
|
-
fosslight_dependency/package_manager/Swift.py,sha256=9r19lSmpFjeOsYcBkvMhgFfFZ4pL4j32YvCFLWWc8Fs,6489
|
|
22
|
-
fosslight_dependency/package_manager/Unity.py,sha256=vGWtAHNtSkU8PxqKhoJNFFcUmNM2NJGRLwBmzeA21Sg,4353
|
|
23
|
-
fosslight_dependency/package_manager/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
24
|
-
fosslight_dependency/third_party/askalono/askalono.exe,sha256=NyngElHbrg3zLFRVwn6fPDZE_EDAEb1N8tiwWoCm4pQ,4743680
|
|
25
|
-
fosslight_dependency/third_party/askalono/askalono_macos,sha256=cYSNXhAQpkdd8lkgnY5skNeDmU_8DIuP84eFi0OXKkE,5589868
|
|
26
|
-
fosslight_dependency/third_party/nomos/nomossa,sha256=oFF9I-fhug6AVNyFnWeVXwDRin6NWSvk1g7mHBotB3Q,866408
|
|
27
|
-
fosslight_dependency-3.15.6.dist-info/Apache-2.0.txt,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
28
|
-
fosslight_dependency-3.15.6.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
29
|
-
fosslight_dependency-3.15.6.dist-info/LicenseRef-3rd_party_licenses.txt,sha256=EcsFt7aE1rp3OXAdJgmXayfOZdpRdBMcmRnyoqWMCsw,95687
|
|
30
|
-
fosslight_dependency-3.15.6.dist-info/METADATA,sha256=UMEQtl1y8gxN5HWTF3g4RJYaEk7hTjrwU9n6UX-l5ko,4846
|
|
31
|
-
fosslight_dependency-3.15.6.dist-info/MIT.txt,sha256=9cx4CbArgByWvkoEZNqpzbpJgA9TUe2D62rMocQpgfs,1082
|
|
32
|
-
fosslight_dependency-3.15.6.dist-info/WHEEL,sha256=eOLhNAGa2EW3wWl_TU484h7q1UNgy0JXjjoqKoxAAQc,92
|
|
33
|
-
fosslight_dependency-3.15.6.dist-info/entry_points.txt,sha256=e1QZbnCrQvfbwe9L6PxXnkRZMhl-PSo0QyUes0dGjU8,91
|
|
34
|
-
fosslight_dependency-3.15.6.dist-info/top_level.txt,sha256=Jc0V7VcVCH0TEM8ksb8dwroTYz4AmRaQnlr3FB71Hcs,21
|
|
35
|
-
fosslight_dependency-3.15.6.dist-info/RECORD,,
|
{fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/Apache-2.0.txt
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
{fosslight_dependency-3.15.6.dist-info → fosslight_dependency-4.1.0.dist-info}/top_level.txt
RENAMED
|
File without changes
|