fosslight-util 1.4.47__py3-none-any.whl → 2.0.0__py3-none-any.whl

fosslight_util/compare_yaml.py

@@ -4,9 +4,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 import logging
-import os
 from fosslight_util.constant import LOGGER_NAME
-from fosslight_util.parsing_yaml import parsing_yml
 
 logger = logging.getLogger(LOGGER_NAME)
 VERSION = 'version'
@@ -14,12 +12,16 @@ LICENSE = 'license'
 NAME = 'name'
 
 
-def compare_yaml(before_file, after_file):
-    before_oss_items, _, _ = parsing_yml(before_file, os.path.dirname(before_file))
-    after_oss_items, _, _ = parsing_yml(after_file, os.path.dirname(after_file))
+def compare_yaml(before_fileitems, after_fileitems):
+    bf_raw = []
+    af_raw = []
+    for bf in before_fileitems:
+        bf_raw.extend(bf.get_print_json())
+    for af in after_fileitems:
+        af_raw.extend(af.get_print_json())
 
-    before_items = get_merged_item(before_oss_items)
-    after_items = get_merged_item(after_oss_items)
+    before_items = get_merged_item(bf_raw)
+    after_items = get_merged_item(af_raw)
 
     new_before = []
     for bi in before_items:
@@ -72,13 +74,18 @@ def compare_yaml(before_file, after_file):
 def get_merged_item(oss_items):
     item_list = []
     for oi in oss_items:
-        if oi.exclude:
+        if oi.get("exclude", None):
             continue
-        item_info = {NAME: oi.name, VERSION: oi.version, LICENSE: oi.license}
+        oi_name = oi.get("name", '')
+        oi_version = oi.get("version", '')
+        oi_license = oi.get("license", '')
+        if not (oi_name and oi_version and oi_license):
+            continue
+        item_info = {NAME: oi_name, VERSION: oi_version, LICENSE: oi_license}
 
-        filtered = next(filter(lambda oss_dict: oss_dict[NAME] == oi.name and oss_dict[VERSION] == oi.version, item_list), None)
+        filtered = next(filter(lambda oss_dict: oss_dict[NAME] == oi_name and oss_dict[VERSION] == oi_version, item_list), None)
         if filtered:
-            filtered[LICENSE].extend(oi.license)
+            filtered[LICENSE].extend(oi_license)
             filtered[LICENSE] = list(set(filtered[LICENSE]))
         else:
             item_list.append(item_info)

fosslight_util/constant.py

@@ -15,6 +15,17 @@ supported_sheet_and_scanner = {'SRC': FL_SOURCE,
                                f'BIN_{FL_BINARY}': FL_BINARY,
                                f'DEP_{FL_DEPENDENCY}': FL_DEPENDENCY}
 
+FOSSLIGHT_SCANNER = 'fosslight_scanner'
+FOSSLIGHT_SOURCE = 'fosslight_source'
+FOSSLIGHT_DEPENDENCY = 'fosslight_dependency'
+FOSSLIGHT_BINARY = 'fosslight_binary'
+
+SHEET_NAME_FOR_SCANNER = {
+    FOSSLIGHT_SOURCE: 'SRC_FL_Source',
+    FOSSLIGHT_BINARY: 'BIN_FL_Binary',
+    FOSSLIGHT_DEPENDENCY: 'DEP_FL_Dependency'
+}
+
 # Github : https://github.com/(owner)/(repo)
 # npm : https://www.npmjs.com/package/(package)/v/(version)
 # npm2 : https://www.npmjs.com/package/@(group)/(package)/v/(version)

fosslight_util/convert_excel_to_yaml.py

@@ -33,7 +33,7 @@ def find_report_file(path_to_find):
     return ""
 
 
-def convert_excel_to_yaml(oss_report_to_read, output_file, sheet_names=""):
+def convert_excel_to_yaml(oss_report_to_read: str, output_file: str, sheet_names: str = "") -> None:
     _file_extension = ".yaml"
     yaml_dict = {}
 

fosslight_util/correct.py

@@ -7,19 +7,16 @@ import logging
 import os
 import copy
 import re
-from fosslight_util.constant import LOGGER_NAME
+from fosslight_util.constant import LOGGER_NAME, FOSSLIGHT_SOURCE
 from fosslight_util.parsing_yaml import parsing_yml
-import fosslight_util.constant as constant
-from fosslight_util.oss_item import OssItem
 
 logger = logging.getLogger(LOGGER_NAME)
 SBOM_INFO_YAML = r"sbom(-|_)info[\s\S]*.ya?ml"
 
 
-def correct_with_yaml(correct_filepath, path_to_scan, scanner_oss_list):
+def correct_with_yaml(correct_filepath, path_to_scan, scan_item):
     success = True
     msg = ""
-    correct_list = {}
     correct_yaml = ""
     if correct_filepath == "":
         correct_filepath = path_to_scan
@@ -33,101 +30,60 @@ def correct_with_yaml(correct_filepath, path_to_scan, scanner_oss_list):
     if not correct_yaml:
         msg = f"Cannot find sbom-info.yaml in {correct_filepath}."
         success = False
-        return success, msg, correct_list
+        return success, msg, scan_item
 
     rel_path = os.path.relpath(path_to_scan, correct_filepath)
 
-    yaml_oss_list, _, err_msg = parsing_yml(correct_yaml, os.path.dirname(correct_yaml), print_log=True)
-
+    yaml_file_list, _, err_msg = parsing_yml(correct_yaml, os.path.dirname(correct_yaml), print_log=True)
     find_match = False
-    matched_yaml = []
-    for yitem in yaml_oss_list:
-        matched_yaml.append([0]*len(yitem.source_name_or_path))
-
-    for sheet_name, sheet_contents in scanner_oss_list.items():
-        if sheet_name not in constant.supported_sheet_and_scanner.keys():
-            continue
-        correct_contents = copy.deepcopy(sheet_contents)
-        scanner_name = constant.supported_sheet_and_scanner[sheet_name]
-        matched_source_path_with_sbom = []
-        for idx, oss_raw_item in enumerate(sheet_contents):
-            if len(oss_raw_item) < 9:
-                logger.warning(f"sheet list is too short ({len(oss_raw_item)}): {oss_raw_item}")
+    for scanner_name, _ in scan_item.file_items.items():
+        correct_fileitems = []
+        exclude_fileitems = []
+        for yaml_file_item in yaml_file_list:
+            yaml_path_exists = False
+            if yaml_file_item.source_name_or_path == '':
+                if scanner_name == FOSSLIGHT_SOURCE:
+                    correct_item = copy.deepcopy(yaml_file_item)
+                    correct_item.comment = 'Added by sbom-info.yaml'
+                    correct_fileitems.append(correct_item)
                 continue
-            oss_item = OssItem('')
-            oss_item.set_sheet_item(oss_raw_item, scanner_name)
+            for idx, scan_file_item in enumerate(scan_item.file_items[scanner_name]):
+                oss_rel_path = os.path.normpath(os.path.join(rel_path, scan_file_item.source_name_or_path))
+                yi_path = yaml_file_item.source_name_or_path
+                if ((os.path.normpath(yi_path) == os.path.normpath(oss_rel_path)) or
+                   ((os.path.normpath(oss_rel_path).startswith(os.path.normpath(yi_path.rstrip('*')))))):
+                    correct_item = copy.deepcopy(scan_file_item)
+                    correct_item.exclude = yaml_file_item.exclude
+                    correct_item.oss_items = copy.deepcopy(yaml_file_item.oss_items)
+                    correct_item.comment = ''
+                    correct_item.comment = 'Loaded from sbom-info.yaml'
+                    correct_fileitems.append(correct_item)
 
-            matched_yi = []
-            if not oss_item.source_name_or_path[0] in matched_source_path_with_sbom:
-                oss_rel_path = os.path.normpath(os.path.join(rel_path, oss_item.source_name_or_path[0]))
-                for y_idx, yi in enumerate(yaml_oss_list):
-                    if not yi.source_name_or_path:
-                        continue
-                    for ys_idx, yi_path in enumerate(yi.source_name_or_path):
-                        yi_item = copy.deepcopy(yi)
-                        if ((os.path.normpath(yi_path) == os.path.normpath(oss_rel_path)) or
-                                ((os.path.normpath(oss_rel_path).startswith(os.path.normpath(yi_path.rstrip('*')))))):
-                            find_match = True
-                            yi_item.source_name_or_path = []
-                            yi_item.source_name_or_path = oss_item.source_name_or_path[0]
-                            matched_source_path_with_sbom.append(oss_item.source_name_or_path[0])
-                            matched_yi.append(yi_item)
-                            matched_yaml[y_idx][ys_idx] = 1
-                if len(matched_yi) > 0:
-                    for matched_yi_item in matched_yi:
-                        matched_oss_item = copy.deepcopy(matched_yi_item)
-                        if matched_oss_item.comment:
-                            matched_oss_item.comment += '/'
-                        matched_oss_item.comment += 'Loaded from sbom-info.yaml'
-                        if sheet_name == 'BIN_FL_Binary':
-                            matched_oss_item.bin_vulnerability = oss_item.bin_vulnerability
-                            matched_oss_item.bin_tlsh = oss_item.bin_tlsh
-                            matched_oss_item.bin_sha1 = oss_item.bin_sha1
-                        matched_oss_array = matched_oss_item.get_print_array(scanner_name)[0]
-                        correct_contents.append(matched_oss_array)
-                    oss_item.exclude = True
-                    if oss_item.comment:
-                        oss_item.comment += '/'
-                    oss_item.comment += 'Excluded by sbom-info.yaml'
-                    correct_contents[idx] = oss_item.get_print_array(scanner_name)[0]
-            else:
-                oss_item.exclude = True
-                if oss_item.comment:
-                    oss_item.comment += '/'
-                oss_item.comment += 'Excluded by sbom-info.yaml'
-                correct_contents[idx] = oss_item.get_print_array(scanner_name)[0]
+                    yaml_path_exists = True
+                    exclude_fileitems.append(idx)
 
-        if sheet_name == 'SRC_FL_Source':
-            for n_idx, ni in enumerate(matched_yaml):
-                y_item = copy.deepcopy(yaml_oss_list[n_idx])
-                all_matched = False
-                if sum(ni) != 0:
-                    not_matched_path = []
-                    for idx, id in enumerate(ni):
-                        if not id:
-                            not_matched_path.append(y_item.source_name_or_path[idx])
-                    y_item.source_name_or_path = []
-                    y_item.source_name_or_path = not_matched_path
-                    if len(not_matched_path) == 0:
-                        all_matched = True
-                if y_item.comment:
-                    y_item.comment += '/'
-                y_item.comment += 'Added by sbom-info.yaml'
-                if not (y_item.source_name_or_path or all_matched):
-                    correct_contents.append(y_item.get_print_array()[0])
-                    continue
-                for y_path in y_item.source_name_or_path:
-                    y_item_i = copy.deepcopy(y_item)
-                    if not os.path.exists(os.path.normpath(os.path.join(correct_filepath, y_path))):
-                        y_item_i.exclude = True
-                    y_item_i.source_name_or_path = []
-                    y_item_i.source_name_or_path = y_path
-                    correct_contents.append(y_item_i.get_print_array()[0])
-        correct_list[sheet_name] = correct_contents
+            if not yaml_path_exists:
+                correct_item = copy.deepcopy(yaml_file_item)
+                if os.path.exists(os.path.normpath(yaml_file_item.source_name_or_path)):
+                    correct_item.comment = 'Loaded from sbom-info.yaml'
+                    correct_fileitems.append(correct_item)
+                else:
+                    if scanner_name == FOSSLIGHT_SOURCE:
+                        correct_item.exclude = True
+                        correct_item.comment = 'Added by sbom-info.yaml'
+                        correct_fileitems.append(correct_item)
+        if correct_fileitems:
+            scan_item.append_file_items(correct_fileitems, scanner_name)
+            find_match = True
+        if exclude_fileitems:
+            exclude_fileitems = list(set(exclude_fileitems))
+            for e_idx in exclude_fileitems:
+                scan_item.file_items[scanner_name][e_idx].exclude = True
+                scan_item.file_items[scanner_name][e_idx].comment = 'Excluded by sbom-info.yaml'
 
     if not find_match:
         success = False
         err_msg = 'No match items in sbom-info.yaml'
-        return success, err_msg, yaml_oss_list
+        return success, err_msg, scan_item
 
-    return success, msg, correct_list
+    return success, msg, scan_item

fosslight_util/cover.py

@@ -9,16 +9,31 @@ from fosslight_util.help import print_package_version
 
 
 class CoverItem:
-    tool_name_key = "Tool name"
-    tool_version_key = "Tool version"
+    tool_name_key = "Tool information"
     start_time_key = "Start time"
     python_ver_key = "Python version"
     analyzed_path_key = "Analyzed path"
     excluded_path_key = "Excluded path"
     comment_key = "Comment"
 
-    def __init__(self, tool_name="", start_time="", input_path="", comment="", exclude_path=[]):
-        self.tool_name = tool_name
+    PKG_NAMES = [
+        "fosslight_scanner",
+        "fosslight_source",
+        "fosslight_dependency",
+        "fosslight_binary"
+    ]
+
+    def __init__(self, tool_name="", start_time="", input_path="", comment="", exclude_path=[], simple_mode=True):
+        if simple_mode:
+            self.tool_name = f'{tool_name} v{print_package_version(tool_name, "", False)}'
+        else:
+            first_pkg = f'{self.PKG_NAMES[0]} v{print_package_version(self.PKG_NAMES[0], "", False)}'
+            remaining_pkgs = ", ".join([
+                f'{pkg_name} v{print_package_version(pkg_name, "", False)}'
+                for pkg_name in self.PKG_NAMES[1:]
+            ])
+            self.tool_name = f'{first_pkg} ({remaining_pkgs})'
+
         if start_time:
             date, time = start_time.split('_')
             self.start_time = f'{date}, {time[0:2]}:{time[2:4]}'
@@ -28,7 +43,6 @@ class CoverItem:
         self.exclude_path = ", ".join(exclude_path)
         self.comment = comment
 
-        self.tool_version = print_package_version(self.tool_name, "", False)
         self.python_version = f'{sys.version_info.major}.{sys.version_info.minor}'
 
     def __del__(self):
@@ -37,7 +51,6 @@ class CoverItem:
     def get_print_json(self):
         json_item = {}
         json_item[self.tool_name_key] = self.tool_name
-        json_item[self.tool_version_key] = self.tool_version
         json_item[self.start_time_key] = self.start_time
         json_item[self.python_ver_key] = self.python_version
         json_item[self.analyzed_path_key] = self.input_path

fosslight_util/help.py

@@ -35,12 +35,11 @@ _HELP_MESSAGE_DOWNLOAD = """
 
 
 class PrintHelpMsg():
-    message_suffix = ""
 
-    def __init__(self, value):
+    def __init__(self, value: str = ""):
         self.message_suffix = value
 
-    def print_help_msg(self, exitopt):
+    def print_help_msg(self, exitopt: bool) -> None:
         print(_HELP_MESSAGE_COMMON)
         print(self.message_suffix)
 
@@ -48,7 +47,7 @@ class PrintHelpMsg():
             sys.exit()
 
 
-def print_package_version(pkg_name, msg="", exitopt=True):
+def print_package_version(pkg_name: str, msg: str = "", exitopt: bool = True) -> str:
     if msg == "":
         msg = f"{pkg_name} Version:"
     cur_version = pkg_resources.get_distribution(pkg_name).version