fosslight-util 1.4.44__tar.gz → 1.4.46__tar.gz

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fosslight_util
-Version: 1.4.44
+Version: 1.4.46
 Summary: FOSSLight Util
 Home-page: https://github.com/fosslight/fosslight_util
 Author: LG Electronics

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/setup.py

@@ -14,7 +14,7 @@ with open('requirements.txt', 'r', 'utf-8') as f:
 if __name__ == "__main__":
     setup(
         name='fosslight_util',
-        version='1.4.44',
+        version='1.4.46',
         package_dir={"": "src"},
         packages=find_packages(where='src'),
         description='FOSSLight Util',

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util/correct.py

@@ -49,6 +49,7 @@ def correct_with_yaml(correct_filepath, path_to_scan, scanner_oss_list):
             continue
         correct_contents = copy.deepcopy(sheet_contents)
         scanner_name = constant.supported_sheet_and_scanner[sheet_name]
+        matched_source_path_with_sbom = []
         for idx, oss_raw_item in enumerate(sheet_contents):
             if len(oss_raw_item) < 9:
                 logger.warning(f"sheet list is too short ({len(oss_raw_item)}): {oss_raw_item}")
@@ -57,33 +58,39 @@ def correct_with_yaml(correct_filepath, path_to_scan, scanner_oss_list):
             oss_item.set_sheet_item(oss_raw_item, scanner_name)
 
             matched_yi = []
-            oss_rel_path = os.path.normpath(os.path.join(rel_path, oss_item.source_name_or_path[0]))
-            for y_idx, yi in enumerate(yaml_oss_list):
-                if not yi.source_name_or_path:
-                    continue
-                for ys_idx, yi_path in enumerate(yi.source_name_or_path):
-                    yi_item = copy.deepcopy(yi)
-                    if ((os.path.normpath(yi_path) == os.path.normpath(oss_rel_path))
-                       or ((os.path.normpath(oss_rel_path).startswith(os.path.normpath(yi_path.rstrip('*')))))):
-                        find_match = True
-                        yi_item.source_name_or_path = []
-                        yi_item.source_name_or_path = oss_item.source_name_or_path[0]
-                        matched_yi.append(yi_item)
-                        matched_yaml[y_idx][ys_idx] = 1
-            if len(matched_yi) > 0:
-                for matched_yi_item in matched_yi:
-                    matched_oss_item = copy.deepcopy(matched_yi_item)
-                    if matched_oss_item.comment:
-                        matched_oss_item.comment += '/'
-                    matched_oss_item.comment += 'Loaded from sbom-info.yaml'
-
-                    if sheet_name == 'BIN_FL_Binary':
-                        matched_oss_item.bin_vulnerability = oss_item.bin_vulnerability
-                        matched_oss_item.bin_tlsh = oss_item.bin_tlsh
-                        matched_oss_item.bin_sha1 = oss_item.bin_sha1
-
-                    matched_oss_array = matched_oss_item.get_print_array(scanner_name)[0]
-                    correct_contents.append(matched_oss_array)
+            if not oss_item.source_name_or_path[0] in matched_source_path_with_sbom:
+                oss_rel_path = os.path.normpath(os.path.join(rel_path, oss_item.source_name_or_path[0]))
+                for y_idx, yi in enumerate(yaml_oss_list):
+                    if not yi.source_name_or_path:
+                        continue
+                    for ys_idx, yi_path in enumerate(yi.source_name_or_path):
+                        yi_item = copy.deepcopy(yi)
+                        if ((os.path.normpath(yi_path) == os.path.normpath(oss_rel_path)) or
+                                ((os.path.normpath(oss_rel_path).startswith(os.path.normpath(yi_path.rstrip('*')))))):
+                            find_match = True
+                            yi_item.source_name_or_path = []
+                            yi_item.source_name_or_path = oss_item.source_name_or_path[0]
+                            matched_source_path_with_sbom.append(oss_item.source_name_or_path[0])
+                            matched_yi.append(yi_item)
+                            matched_yaml[y_idx][ys_idx] = 1
+                if len(matched_yi) > 0:
+                    for matched_yi_item in matched_yi:
+                        matched_oss_item = copy.deepcopy(matched_yi_item)
+                        if matched_oss_item.comment:
+                            matched_oss_item.comment += '/'
+                        matched_oss_item.comment += 'Loaded from sbom-info.yaml'
+                        if sheet_name == 'BIN_FL_Binary':
+                            matched_oss_item.bin_vulnerability = oss_item.bin_vulnerability
+                            matched_oss_item.bin_tlsh = oss_item.bin_tlsh
+                            matched_oss_item.bin_sha1 = oss_item.bin_sha1
+                        matched_oss_array = matched_oss_item.get_print_array(scanner_name)[0]
+                        correct_contents.append(matched_oss_array)
+                    oss_item.exclude = True
+                    if oss_item.comment:
+                        oss_item.comment += '/'
+                    oss_item.comment += 'Excluded by sbom-info.yaml'
+                    correct_contents[idx] = oss_item.get_print_array(scanner_name)[0]
+            else:
                 oss_item.exclude = True
                 if oss_item.comment:
                     oss_item.comment += '/'

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util/download.py

@@ -46,12 +46,14 @@ class Alarm(threading.Thread):
 
 
 class TimeOutException(Exception):
-    pass
+    def __init__(self, message, error_code):
+        super().__init__(message)
+        self.error_code = error_code
 
 
 def alarm_handler(signum, frame):
     logger.warning("download timeout! (%d sec)", SIGNAL_TIMEOUT)
-    raise TimeOutException()
+    raise TimeOutException(f'Timeout ({SIGNAL_TIMEOUT} sec)', 1)
 
 
 def change_src_link_to_https(src_link):
@@ -127,6 +129,7 @@ def cli_download_and_extract(link: str, target_dir: str, log_dir: str, checkout_
 
     success = True
     msg = ""
+    msg_wget = ""
     oss_name = ""
     oss_version = ""
     log_file_name = "fosslight_download_" + \
@@ -156,16 +159,20 @@ def cli_download_and_extract(link: str, target_dir: str, log_dir: str, checkout_
 
                 success, downloaded_file, msg_wget, oss_name, oss_version = download_wget(link, target_dir, compressed_only)
                 if success:
-                    success = extract_compressed_file(downloaded_file, target_dir, True)
+                    success = extract_compressed_file(downloaded_file, target_dir, True, compressed_only)
             # Download from rubygems.org
             elif is_rubygems and shutil.which("gem"):
                 success = gem_download(link, target_dir, checkout_to)
         if msg:
             msg = f'git fail: {msg}'
-            if msg_wget:
-                msg = f'{msg}, wget fail: {msg_wget}'
+            if is_rubygems:
+                msg = f'gem download: {success}'
             else:
-                msg = f'{msg}, wget success'
+                if msg_wget:
+                    msg = f'{msg}, wget fail: {msg_wget}'
+                else:
+                    msg = f'{msg}, wget success'
+
     except Exception as error:
         success = False
         msg = str(error)
@@ -232,13 +239,14 @@ def download_git_clone(git_url, target_dir, checkout_to="", tag="", branch=""):
     if github_token != "":
         callbacks = git.RemoteCallbacks(credentials=git.UserPass("foo", github_token))  # username is not used, so set to dummy
 
-    if platform.system() != "Windows":
-        signal.signal(signal.SIGALRM, alarm_handler)
-        signal.alarm(SIGNAL_TIMEOUT)
-    else:
-        alarm = Alarm(SIGNAL_TIMEOUT)
-        alarm.start()
     try:
+        if platform.system() != "Windows":
+            signal.signal(signal.SIGALRM, alarm_handler)
+            signal.alarm(SIGNAL_TIMEOUT)
+        else:
+            alarm = Alarm(SIGNAL_TIMEOUT)
+            alarm.start()
+
         Path(target_dir).mkdir(parents=True, exist_ok=True)
         repo = git.clone_repository(git_url, target_dir,
                                     bare=False, repository=None,
@@ -273,13 +281,15 @@ def download_wget(link, target_dir, compressed_only):
     oss_name = ""
     oss_version = ""
     downloaded_file = ""
-    if platform.system() != "Windows":
-        signal.signal(signal.SIGALRM, alarm_handler)
-        signal.alarm(SIGNAL_TIMEOUT)
-    else:
-        alarm = Alarm(SIGNAL_TIMEOUT)
-        alarm.start()
+
     try:
+        if platform.system() != "Windows":
+            signal.signal(signal.SIGALRM, alarm_handler)
+            signal.alarm(SIGNAL_TIMEOUT)
+        else:
+            alarm = Alarm(SIGNAL_TIMEOUT)
+            alarm.start()
+
         Path(target_dir).mkdir(parents=True, exist_ok=True)
 
         ret, new_link, oss_name, oss_version = get_downloadable_url(link)
@@ -320,14 +330,14 @@ def extract_compressed_dir(src_dir, target_dir, remove_after_extract=True):
     try:
         files_path = [os.path.join(src_dir, x) for x in os.listdir(src_dir)]
         for fname in files_path:
-            extract_compressed_file(fname, target_dir, remove_after_extract)
+            extract_compressed_file(fname, target_dir, remove_after_extract, True)
     except Exception as error:
         logger.debug(f"Extract files in dir - failed: {error}")
         return False
     return True
 
 
-def extract_compressed_file(fname, extract_path, remove_after_extract=True):
+def extract_compressed_file(fname, extract_path, remove_after_extract=True, compressed_only=True):
     success = True
     try:
         is_compressed_file = True
@@ -349,7 +359,8 @@ def extract_compressed_file(fname, extract_path, remove_after_extract=True):
                 decompress_bz2(fname, extract_path)
             else:
                 is_compressed_file = False
-                success = False
+                if compressed_only:
+                    success = False
                 logger.warning(f"Unsupported file extension: {fname}")
 
             if remove_after_extract and is_compressed_file:
@@ -419,11 +430,13 @@ def gem_download(link, target_dir, checkout_to):
         fetch_result = subprocess.check_output(fetch_cmd, universal_newlines=True)
         fetch_result = fetch_result.replace('\n', '').split(' ')[-1]
         downloaded_gem = f"{fetch_result}.gem"
-
-        # gem unpack
-        subprocess.check_output(['gem', 'unpack', downloaded_gem], universal_newlines=True)
-        # move unpacked file to target directory
-        shutil.move(fetch_result, target_dir)
+        if not os.path.isfile(downloaded_gem):
+            success = False
+        else:
+            # gem unpack
+            subprocess.check_output(['gem', 'unpack', downloaded_gem], universal_newlines=True)
+            # move unpacked file to target directory
+            shutil.move(fetch_result, target_dir)
     except Exception as error:
         success = False
         logger.warning(f"gem download - failed: {error}")

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util/oss_item.py

@@ -201,7 +201,7 @@ class OssItem:
 
         json_item["version"] = self.version
         if len(self.source_name_or_path) > 0:
-            json_item["source name or path"] = self.source_name_or_path
+            json_item["source path"] = self.source_name_or_path
         if len(self.license) > 0:
             json_item["license"] = self.license
         if self.download_location != "":
@@ -217,7 +217,7 @@ class OssItem:
         if len(self.depends_on) > 0:
             json_item["depends on"] = self.depends_on
         if self.purl != "":
-            json_item["purl"] = self.purl
+            json_item["package url"] = self.purl
 
         return json_item
 

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util/output_format.py

@@ -56,6 +56,53 @@ def check_output_format(output='', format='', customized_format={}):
     return success, msg, output_path, output_file, output_extension
 
 
+def check_output_formats(output='', formats=[], customized_format={}):
+    success = True
+    msg = ''
+    output_path = ''
+    output_files = []
+    output_extensions = []
+
+    if customized_format:
+        support_format = customized_format
+    else:
+        support_format = SUPPORT_FORMAT
+
+    if formats:
+        # If -f option exist
+        formats = [format.lower() for format in formats]
+        for format in formats:
+            if format not in list(support_format.keys()):
+                success = False
+                msg = 'Enter the supported format with -f option: ' + ', '.join(list(support_format.keys()))
+            else:
+                output_extensions.append(support_format[format])
+
+    if success:
+        if output != '':
+            basename_extension = ''
+            if not os.path.isdir(output):
+                output_path = os.path.dirname(output)
+
+                basename = os.path.basename(output)
+                basename_file, basename_extension = os.path.splitext(basename)
+            if basename_extension:
+                if formats:
+                    if basename_extension not in output_extensions:
+                        success = False
+                        msg = f"The format of output file(-o:'{output}') should be in the format list(-f:'{formats}')."
+                else:
+                    if basename_extension not in support_format.values():
+                        success = False
+                        msg = 'Enter the supported file extension: ' + ', '.join(list(support_format.values()))
+                    output_extensions.append(basename_extension)
+                output_files = [basename_file for _ in range(len(output_extensions))]
+            else:
+                output_path = output
+
+    return success, msg, output_path, output_files, output_extensions
+
+
 def write_output_file(output_file_without_ext, file_extension, sheet_list, extended_header={}, hide_header={}, cover=""):
     success = True
     msg = ''

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util/parsing_yaml.py

@@ -101,7 +101,8 @@ def set_value_switch(oss, key, value, yaml_file=""):
         oss.download_location = value
     elif key in ['license', 'license text']:
         oss.license = value
-    elif key in ['file name or path', 'source name or path', 'file', 'binary name']:
+    elif key in ['file name or path', 'source name or path', 'source path',
+                 'file', 'binary name', 'binary path']:
         oss.source_name_or_path = value
     elif key in ['copyright text', 'copyright']:
         oss.copyright = value

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util/read_excel.py

@@ -66,7 +66,9 @@ def read_oss_report(excel_file: str, sheet_names: str = "") -> List[OssItem]:
             _item_idx = {
                 "ID": IDX_CANNOT_FOUND,
                 "Source Name or Path": IDX_CANNOT_FOUND,
+                "Source Path": IDX_CANNOT_FOUND,
                 "Binary Name": IDX_CANNOT_FOUND,
+                "Binary Path": IDX_CANNOT_FOUND,
                 "OSS Name": IDX_CANNOT_FOUND,
                 "OSS Version": IDX_CANNOT_FOUND,
                 "License": IDX_CANNOT_FOUND,

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util/write_excel.py

@@ -15,15 +15,15 @@ import fosslight_util.constant as constant
 from jsonmerge import merge
 from fosslight_util.cover import CoverItem
 
-_HEADER = {'BIN (': ['ID', 'Binary Name', 'Source Code Path',
+_HEADER = {'BIN (': ['ID', 'Binary Path', 'Source Code Path',
                      'NOTICE.html', 'OSS Name', 'OSS Version',
                      'License', 'Download Location', 'Homepage',
                      'Copyright Text', 'Exclude', 'Comment'],
-           'SRC': ['ID', 'Source Name or Path', 'OSS Name',
+           'SRC': ['ID', 'Source Path', 'OSS Name',
                    'OSS Version', 'License',  'Download Location',
                    'Homepage', 'Copyright Text', 'Exclude',
                    'Comment'],
-           'BIN': ['ID', 'Binary Name', 'OSS Name', 'OSS Version',
+           'BIN': ['ID', 'Binary Path', 'OSS Name', 'OSS Version',
                    'License', 'Download Location', 'Homepage',
                    'Copyright Text', 'Exclude', 'Comment']}
 _OUTPUT_FILE_PREFIX = "FOSSLight-Report_"

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util/write_yaml.py

@@ -93,7 +93,7 @@ def create_yaml_with_ossitem(item, yaml_dict):
            oss_info.get('homepage', '') == item.homepage and \
            oss_info.get('download location', '') == item.download_location and \
            oss_info.get('exclude', False) == item.exclude:
-            oss_info.get('source name or path', []).extend(item.source_name_or_path)
+            oss_info.get('source path', []).extend(item.source_name_or_path)
             oss_info.pop('comment', None)
             merged = True
             break

{fosslight_util-1.4.44 → fosslight_util-1.4.46}/src/fosslight_util.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fosslight-util
-Version: 1.4.44
+Version: 1.4.46
 Summary: FOSSLight Util
 Home-page: https://github.com/fosslight/fosslight_util
 Author: LG Electronics