fosslight-source 2.2.14__tar.gz → 2.2.15__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {fosslight_source-2.2.14/src/fosslight_source.egg-info → fosslight_source-2.2.15}/PKG-INFO +1 -1
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/pyproject.toml +1 -1
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/_scan_item.py +9 -1
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/cli.py +7 -2
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/run_manifest_extractor.py +49 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/run_scancode.py +3 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15/src/fosslight_source.egg-info}/PKG-INFO +1 -1
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/LICENSE +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/MANIFEST.in +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/README.md +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/setup.cfg +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/__init__.py +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/_help.py +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/_license_matched.py +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/_parsing_scancode_file_item.py +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/_parsing_scanoss_file.py +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/run_scanoss.py +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/run_spdx_extractor.py +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/SOURCES.txt +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/dependency_links.txt +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/entry_points.txt +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/requires.txt +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/top_level.txt +0 -0
- {fosslight_source-2.2.14 → fosslight_source-2.2.15}/tests/test_tox.py +0 -0
|
@@ -19,7 +19,15 @@ replace_word = ["-only", "-old-style", "-or-later", "licenseref-scancode-", "lic
|
|
|
19
19
|
_notice_filename = ['licen[cs]e[s]?', 'notice[s]?', 'legal', 'copyright[s]?', 'copying*', 'patent[s]?', 'unlicen[cs]e', 'eula',
|
|
20
20
|
'[a,l]?gpl[-]?[1-3]?[.,-,_]?[0-1]?', 'mit', 'bsd[-]?[0-4]?', 'bsd[-]?[0-4][-]?clause[s]?',
|
|
21
21
|
'apache[-,_]?[1-2]?[.,-,_]?[0-2]?']
|
|
22
|
-
_manifest_filename = [
|
|
22
|
+
_manifest_filename = [
|
|
23
|
+
r'.*\.pom$',
|
|
24
|
+
r'package\.json$',
|
|
25
|
+
r'setup\.py$',
|
|
26
|
+
r'setup\.cfg$',
|
|
27
|
+
r'.*\.podspec$',
|
|
28
|
+
r'Cargo\.toml$',
|
|
29
|
+
r'huggingface_hub_metadata\.json$',
|
|
30
|
+
]
|
|
23
31
|
MAX_LICENSE_LENGTH = 200
|
|
24
32
|
MAX_LICENSE_TOTAL_LENGTH = 600
|
|
25
33
|
SUBSTRING_LICENSE_COMMENT = "Maximum character limit (License)"
|
|
@@ -346,15 +346,18 @@ def merge_results(
|
|
|
346
346
|
scancode_result.append(new_result_item)
|
|
347
347
|
if manifest_licenses:
|
|
348
348
|
for file_name, licenses in manifest_licenses.items():
|
|
349
|
+
valid_licenses = [lic.strip() for lic in licenses if isinstance(lic, str) and lic.strip()]
|
|
350
|
+
if not valid_licenses:
|
|
351
|
+
continue
|
|
349
352
|
if file_name in scancode_result:
|
|
350
353
|
merged_result_item = scancode_result[scancode_result.index(file_name)]
|
|
351
354
|
# overwrite existing detected licenses with manifest-provided licenses
|
|
352
355
|
merged_result_item.licenses = [] # clear existing licenses (setter clears when value falsy)
|
|
353
|
-
merged_result_item.licenses =
|
|
356
|
+
merged_result_item.licenses = valid_licenses
|
|
354
357
|
merged_result_item.is_manifest_file = True
|
|
355
358
|
else:
|
|
356
359
|
new_result_item = SourceItem(file_name)
|
|
357
|
-
new_result_item.licenses =
|
|
360
|
+
new_result_item.licenses = valid_licenses
|
|
358
361
|
new_result_item.is_manifest_file = True
|
|
359
362
|
scancode_result.append(new_result_item)
|
|
360
363
|
|
|
@@ -432,6 +435,8 @@ def run_scanners(
|
|
|
432
435
|
logger, result_log = init_log(os.path.join(output_path, f"fosslight_log_src_{start_time}.txt"),
|
|
433
436
|
True, logging.INFO, logging.DEBUG, PKG_NAME, path_to_scan, path_to_exclude)
|
|
434
437
|
|
|
438
|
+
logger.info(f"Tool Info : {result_log['Tool Info']}")
|
|
439
|
+
|
|
435
440
|
if '.xlsx' not in output_extensions and print_matched_text:
|
|
436
441
|
logger.warning("-m option is only available for excel.")
|
|
437
442
|
print_matched_text = False
|
{fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/run_manifest_extractor.py
RENAMED
|
@@ -207,6 +207,49 @@ def get_licenses_from_cargo_toml(file_path: str) -> list[str]:
|
|
|
207
207
|
return []
|
|
208
208
|
|
|
209
209
|
|
|
210
|
+
def get_licenses_from_huggingface_metadata(file_path: str) -> list[str]:
|
|
211
|
+
try:
|
|
212
|
+
with open(file_path, 'r', encoding='utf-8') as f:
|
|
213
|
+
data = json.load(f)
|
|
214
|
+
except Exception as ex:
|
|
215
|
+
logger.info(f"Failed to read huggingface_hub_metadata.json {file_path}: {ex}")
|
|
216
|
+
return []
|
|
217
|
+
|
|
218
|
+
if not isinstance(data, dict):
|
|
219
|
+
return []
|
|
220
|
+
|
|
221
|
+
licenses: list[str] = []
|
|
222
|
+
|
|
223
|
+
def append_license(value):
|
|
224
|
+
if isinstance(value, str):
|
|
225
|
+
token = value.strip()
|
|
226
|
+
if token and token not in licenses:
|
|
227
|
+
licenses.append(token)
|
|
228
|
+
elif isinstance(value, list):
|
|
229
|
+
for item in value:
|
|
230
|
+
append_license(item)
|
|
231
|
+
|
|
232
|
+
# Hugging Face model API commonly returns top-level `license`
|
|
233
|
+
append_license(data.get('license'))
|
|
234
|
+
|
|
235
|
+
# Some metadata may include cardData/license variants
|
|
236
|
+
card_data = data.get('cardData')
|
|
237
|
+
if isinstance(card_data, dict):
|
|
238
|
+
append_license(card_data.get('license'))
|
|
239
|
+
append_license(card_data.get('licenses'))
|
|
240
|
+
|
|
241
|
+
# Many Hub API responses expose license only via tags, e.g. "license:apache-2.0".
|
|
242
|
+
tags = data.get('tags')
|
|
243
|
+
if isinstance(tags, list):
|
|
244
|
+
for tag in tags:
|
|
245
|
+
if isinstance(tag, str):
|
|
246
|
+
prefix = 'license:'
|
|
247
|
+
if tag.lower().startswith(prefix):
|
|
248
|
+
append_license(tag[len(prefix):].strip())
|
|
249
|
+
|
|
250
|
+
return licenses
|
|
251
|
+
|
|
252
|
+
|
|
210
253
|
def get_manifest_licenses(file_path: str) -> list[str]:
|
|
211
254
|
if file_path.endswith('.pom'):
|
|
212
255
|
try:
|
|
@@ -247,3 +290,9 @@ def get_manifest_licenses(file_path: str) -> list[str]:
|
|
|
247
290
|
except Exception as ex:
|
|
248
291
|
logger.info(f"Failed to extract license from Cargo.toml {file_path}: {ex}")
|
|
249
292
|
return []
|
|
293
|
+
elif os.path.basename(file_path).lower() == 'huggingface_hub_metadata.json':
|
|
294
|
+
try:
|
|
295
|
+
return get_licenses_from_huggingface_metadata(file_path)
|
|
296
|
+
except Exception as ex:
|
|
297
|
+
logger.info(f"Failed to extract license from huggingface_hub_metadata.json {file_path}: {ex}")
|
|
298
|
+
return []
|
|
@@ -103,6 +103,9 @@ def run_scan(
|
|
|
103
103
|
if not called_by_cli:
|
|
104
104
|
logger, _result_log = init_log(os.path.join(output_path, f"fosslight_log_src_{_start_time}.txt"),
|
|
105
105
|
True, logging.INFO, logging.DEBUG, _PKG_NAME, path_to_scan, path_to_exclude)
|
|
106
|
+
|
|
107
|
+
logger.info(f"Tool Info : {_result_log['Tool Info']}")
|
|
108
|
+
|
|
106
109
|
num_cores = multiprocessing.cpu_count() - 1 if num_cores < 0 else num_cores
|
|
107
110
|
|
|
108
111
|
if os.path.isdir(path_to_scan):
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/_license_matched.py
RENAMED
|
File without changes
|
|
File without changes
|
{fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/_parsing_scanoss_file.py
RENAMED
|
File without changes
|
|
File without changes
|
{fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source/run_spdx_extractor.py
RENAMED
|
File without changes
|
{fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/SOURCES.txt
RENAMED
|
File without changes
|
|
File without changes
|
{fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/entry_points.txt
RENAMED
|
File without changes
|
{fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/requires.txt
RENAMED
|
File without changes
|
{fosslight_source-2.2.14 → fosslight_source-2.2.15}/src/fosslight_source.egg-info/top_level.txt
RENAMED
|
File without changes
|
|
File without changes
|