fosslight-util 2.0.1__py3-none-any.whl → 2.1.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- fosslight_util/download.py +25 -24
- fosslight_util/oss_item.py +17 -0
- fosslight_util/write_spdx.py +34 -19
- {fosslight_util-2.0.1.dist-info → fosslight_util-2.1.0.dist-info}/METADATA +3 -2
- {fosslight_util-2.0.1.dist-info → fosslight_util-2.1.0.dist-info}/RECORD +9 -9
- {fosslight_util-2.0.1.dist-info → fosslight_util-2.1.0.dist-info}/LICENSE +0 -0
- {fosslight_util-2.0.1.dist-info → fosslight_util-2.1.0.dist-info}/WHEEL +0 -0
- {fosslight_util-2.0.1.dist-info → fosslight_util-2.1.0.dist-info}/entry_points.txt +0 -0
- {fosslight_util-2.0.1.dist-info → fosslight_util-2.1.0.dist-info}/top_level.txt +0 -0
fosslight_util/download.py
CHANGED
|
@@ -10,7 +10,7 @@ import zipfile
|
|
|
10
10
|
import logging
|
|
11
11
|
import argparse
|
|
12
12
|
import shutil
|
|
13
|
-
import
|
|
13
|
+
from git import Repo, GitCommandError
|
|
14
14
|
import bz2
|
|
15
15
|
import contextlib
|
|
16
16
|
from datetime import datetime
|
|
@@ -230,14 +230,10 @@ def get_github_token(git_url):
|
|
|
230
230
|
|
|
231
231
|
|
|
232
232
|
def download_git_clone(git_url, target_dir, checkout_to="", tag="", branch=""):
|
|
233
|
-
ref_to_checkout = decide_checkout(checkout_to, tag, branch)
|
|
234
|
-
msg = ""
|
|
235
233
|
oss_name = get_github_ossname(git_url)
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
if github_token != "":
|
|
240
|
-
callbacks = git.RemoteCallbacks(credentials=git.UserPass("foo", github_token)) # username is not used, so set to dummy
|
|
234
|
+
refs_to_checkout = decide_checkout(checkout_to, tag, branch)
|
|
235
|
+
clone_default_branch_flag = False
|
|
236
|
+
msg = ""
|
|
241
237
|
|
|
242
238
|
try:
|
|
243
239
|
if platform.system() != "Windows":
|
|
@@ -248,9 +244,26 @@ def download_git_clone(git_url, target_dir, checkout_to="", tag="", branch=""):
|
|
|
248
244
|
alarm.start()
|
|
249
245
|
|
|
250
246
|
Path(target_dir).mkdir(parents=True, exist_ok=True)
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
247
|
+
if refs_to_checkout != "":
|
|
248
|
+
try:
|
|
249
|
+
# gitPython uses the branch argument the same whether you check out to a branch or a tag.
|
|
250
|
+
repo = Repo.clone_from(git_url, target_dir, branch=refs_to_checkout)
|
|
251
|
+
except GitCommandError as error:
|
|
252
|
+
error_msg = error.args[2].decode("utf-8")
|
|
253
|
+
if "Remote branch " + refs_to_checkout + " not found in upstream origin" in error_msg:
|
|
254
|
+
# clone default branch, when non-existent branch or tag entered
|
|
255
|
+
repo = Repo.clone_from(git_url, target_dir)
|
|
256
|
+
clone_default_branch_flag = True
|
|
257
|
+
else:
|
|
258
|
+
repo = Repo.clone_from(git_url, target_dir)
|
|
259
|
+
clone_default_branch_flag = True
|
|
260
|
+
|
|
261
|
+
if refs_to_checkout != tag or clone_default_branch_flag:
|
|
262
|
+
oss_version = repo.active_branch.name
|
|
263
|
+
else:
|
|
264
|
+
oss_version = repo.git.describe('--tags')
|
|
265
|
+
logger.info(f"git checkout: {oss_version}")
|
|
266
|
+
|
|
254
267
|
if platform.system() != "Windows":
|
|
255
268
|
signal.alarm(0)
|
|
256
269
|
else:
|
|
@@ -258,20 +271,8 @@ def download_git_clone(git_url, target_dir, checkout_to="", tag="", branch=""):
|
|
|
258
271
|
except Exception as error:
|
|
259
272
|
logger.warning(f"git clone - failed: {error}")
|
|
260
273
|
msg = str(error)
|
|
261
|
-
return False, msg, oss_name,
|
|
262
|
-
try:
|
|
263
|
-
if ref_to_checkout != "":
|
|
264
|
-
ref_list = [x for x in repo.references]
|
|
265
|
-
ref_to_checkout = get_ref_to_checkout(ref_to_checkout, ref_list)
|
|
266
|
-
logger.info(f"git checkout: {ref_to_checkout}")
|
|
267
|
-
repo.checkout(ref_to_checkout)
|
|
274
|
+
return False, msg, oss_name, refs_to_checkout
|
|
268
275
|
|
|
269
|
-
for prefix_ref in prefix_refs:
|
|
270
|
-
if ref_to_checkout.startswith(prefix_ref):
|
|
271
|
-
oss_version = ref_to_checkout[len(prefix_ref):]
|
|
272
|
-
|
|
273
|
-
except Exception as error:
|
|
274
|
-
logger.warning(f"git checkout to {ref_to_checkout} - failed: {error}")
|
|
275
276
|
return True, msg, oss_name, oss_version
|
|
276
277
|
|
|
277
278
|
|
fosslight_util/oss_item.py
CHANGED
|
@@ -5,6 +5,7 @@
|
|
|
5
5
|
|
|
6
6
|
import logging
|
|
7
7
|
import os
|
|
8
|
+
import hashlib
|
|
8
9
|
from fosslight_util.constant import LOGGER_NAME, FOSSLIGHT_SCANNER
|
|
9
10
|
from fosslight_util.cover import CoverItem
|
|
10
11
|
from typing import List, Dict
|
|
@@ -171,6 +172,22 @@ class FileItem:
|
|
|
171
172
|
return items
|
|
172
173
|
|
|
173
174
|
|
|
175
|
+
def get_checksum_sha1(source_name_or_path) -> str:
|
|
176
|
+
checksum = CHECKSUM_NULL
|
|
177
|
+
try:
|
|
178
|
+
checksum = str(hashlib.sha1(source_name_or_path.encode()).hexdigest())
|
|
179
|
+
except Exception:
|
|
180
|
+
try:
|
|
181
|
+
f = open(source_name_or_path, "rb")
|
|
182
|
+
byte = f.read()
|
|
183
|
+
checksum = str(hashlib.sha1(byte).hexdigest())
|
|
184
|
+
f.close()
|
|
185
|
+
except Exception as ex:
|
|
186
|
+
_logger.info(f"(Error) Get_checksum: {ex}")
|
|
187
|
+
|
|
188
|
+
return checksum
|
|
189
|
+
|
|
190
|
+
|
|
174
191
|
def invalid(cmd):
|
|
175
192
|
_logger.info('[{}] is invalid'.format(cmd))
|
|
176
193
|
|
fosslight_util/write_spdx.py
CHANGED
|
@@ -8,31 +8,36 @@ import uuid
|
|
|
8
8
|
import logging
|
|
9
9
|
import re
|
|
10
10
|
from pathlib import Path
|
|
11
|
-
from spdx_tools.common.spdx_licensing import spdx_licensing
|
|
12
|
-
from spdx_tools.spdx.model import (
|
|
13
|
-
Actor,
|
|
14
|
-
ActorType,
|
|
15
|
-
Checksum,
|
|
16
|
-
ChecksumAlgorithm,
|
|
17
|
-
CreationInfo,
|
|
18
|
-
Document,
|
|
19
|
-
File,
|
|
20
|
-
Package,
|
|
21
|
-
Relationship,
|
|
22
|
-
RelationshipType,
|
|
23
|
-
SpdxNoAssertion,
|
|
24
|
-
SpdxNone
|
|
25
|
-
)
|
|
26
|
-
from spdx_tools.spdx.validation.document_validator import validate_full_spdx_document
|
|
27
|
-
from spdx_tools.spdx.writer.write_anything import write_file
|
|
28
11
|
from datetime import datetime
|
|
29
12
|
from fosslight_util.spdx_licenses import get_spdx_licenses_json, get_license_from_nick
|
|
30
13
|
from fosslight_util.constant import (LOGGER_NAME, FOSSLIGHT_DEPENDENCY, FOSSLIGHT_SCANNER,
|
|
31
14
|
FOSSLIGHT_BINARY, FOSSLIGHT_SOURCE)
|
|
15
|
+
from fosslight_util.oss_item import CHECKSUM_NULL, get_checksum_sha1
|
|
32
16
|
import traceback
|
|
33
17
|
|
|
34
18
|
logger = logging.getLogger(LOGGER_NAME)
|
|
35
19
|
|
|
20
|
+
try:
|
|
21
|
+
from spdx_tools.common.spdx_licensing import spdx_licensing
|
|
22
|
+
from spdx_tools.spdx.model import (
|
|
23
|
+
Actor,
|
|
24
|
+
ActorType,
|
|
25
|
+
Checksum,
|
|
26
|
+
ChecksumAlgorithm,
|
|
27
|
+
CreationInfo,
|
|
28
|
+
Document,
|
|
29
|
+
File,
|
|
30
|
+
Package,
|
|
31
|
+
Relationship,
|
|
32
|
+
RelationshipType,
|
|
33
|
+
SpdxNoAssertion,
|
|
34
|
+
SpdxNone
|
|
35
|
+
)
|
|
36
|
+
from spdx_tools.spdx.validation.document_validator import validate_full_spdx_document
|
|
37
|
+
from spdx_tools.spdx.writer.write_anything import write_file
|
|
38
|
+
except Exception:
|
|
39
|
+
logger.info('No import spdx-tools')
|
|
40
|
+
|
|
36
41
|
|
|
37
42
|
def get_license_list_version():
|
|
38
43
|
version = 'N/A'
|
|
@@ -81,12 +86,21 @@ def write_spdx(output_file_without_ext, output_extension, scan_item, spdx_versio
|
|
|
81
86
|
for file_item in file_items:
|
|
82
87
|
file = '' # file의 license, copyright은 oss item에서 append
|
|
83
88
|
if scanner_name in [FOSSLIGHT_BINARY, FOSSLIGHT_SOURCE]:
|
|
89
|
+
if file_item.exclude:
|
|
90
|
+
continue
|
|
91
|
+
if file_item.checksum == CHECKSUM_NULL:
|
|
92
|
+
if os.path.exists(file_item.source_name_or_path):
|
|
93
|
+
file_item.checksum = get_checksum_sha1(file_item.source_name_or_path)
|
|
94
|
+
if file_item.checksum == CHECKSUM_NULL:
|
|
95
|
+
logger.info(f'Failed to get checksum, Skip: {file_item.source_name_or_path}')
|
|
96
|
+
continue
|
|
84
97
|
file_id += 1
|
|
85
98
|
file = File(name=file_item.source_name_or_path,
|
|
86
99
|
spdx_id=f'SPDXRef-File{file_id}',
|
|
87
100
|
checksums=[Checksum(ChecksumAlgorithm.SHA1, file_item.checksum)])
|
|
88
101
|
file_license = []
|
|
89
102
|
file_copyright = []
|
|
103
|
+
file_comment = []
|
|
90
104
|
for oss_item in file_item.oss_items:
|
|
91
105
|
oss_licenses = []
|
|
92
106
|
declared_oss_licenses = []
|
|
@@ -100,6 +114,7 @@ def write_spdx(output_file_without_ext, output_extension, scan_item, spdx_versio
|
|
|
100
114
|
except Exception:
|
|
101
115
|
logger.debug(f'No spdx license name: {oi}')
|
|
102
116
|
lic_comment.append(oi)
|
|
117
|
+
file_comment.append(oi)
|
|
103
118
|
if oss_licenses:
|
|
104
119
|
file_license.extend(oss_licenses)
|
|
105
120
|
if oss_item.copyright != '':
|
|
@@ -157,8 +172,8 @@ def write_spdx(output_file_without_ext, output_extension, scan_item, spdx_versio
|
|
|
157
172
|
file.license_info_in_file = file_license
|
|
158
173
|
if file_copyright:
|
|
159
174
|
file.copyright_text = '\n'.join(file_copyright)
|
|
160
|
-
if
|
|
161
|
-
file.license_comment = ' '.join(
|
|
175
|
+
if file_comment:
|
|
176
|
+
file.license_comment = ' '.join(file_comment)
|
|
162
177
|
doc.files.append(file)
|
|
163
178
|
|
|
164
179
|
if len(doc.packages) > 0:
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: fosslight-util
|
|
3
|
-
Version: 2.0
|
|
3
|
+
Version: 2.1.0
|
|
4
4
|
Summary: FOSSLight Util
|
|
5
5
|
Home-page: https://github.com/fosslight/fosslight_util
|
|
6
6
|
Author: LG Electronics
|
|
@@ -26,14 +26,15 @@ Requires-Dist: coloredlogs
|
|
|
26
26
|
Requires-Dist: python3-wget
|
|
27
27
|
Requires-Dist: beautifulsoup4
|
|
28
28
|
Requires-Dist: jsonmerge
|
|
29
|
-
Requires-Dist: spdx-tools
|
|
30
29
|
Requires-Dist: setuptools>=65.5.1
|
|
31
30
|
Requires-Dist: npm
|
|
32
31
|
Requires-Dist: requests
|
|
32
|
+
Requires-Dist: GitPython
|
|
33
33
|
Requires-Dist: numpy; python_version < "3.8"
|
|
34
34
|
Requires-Dist: numpy>=1.22.2; python_version >= "3.8"
|
|
35
35
|
Requires-Dist: pygit2==1.6.1; python_version < "3.7"
|
|
36
36
|
Requires-Dist: pygit2>=1.10.1; python_version >= "3.7"
|
|
37
|
+
Requires-Dist: spdx-tools>=0.8.2; sys_platform != "win32"
|
|
37
38
|
|
|
38
39
|
<!--
|
|
39
40
|
Copyright (c) 2021 LG Electronics
|
|
@@ -5,9 +5,9 @@ fosslight_util/constant.py,sha256=Ig3ACm9_QirE4389Wt-IfxOqRkVOUjqGnX1B05z2Byo,21
|
|
|
5
5
|
fosslight_util/convert_excel_to_yaml.py,sha256=OJ11av4bsoxnVS15aa2aX-X3zGYUZW6M3118TPtHHTc,2323
|
|
6
6
|
fosslight_util/correct.py,sha256=3iUipan8ZX8sbyIIGAPtMkAGvZ4YucjeJwx1K1Bx_z4,3897
|
|
7
7
|
fosslight_util/cover.py,sha256=qqqKzxqFwKimal764FaugRUBcHWdeKt8af6xeK0mH8E,2040
|
|
8
|
-
fosslight_util/download.py,sha256=
|
|
8
|
+
fosslight_util/download.py,sha256=y2WYHUjAUH5kTTDtPrAop9sD1QDWTiGgFdUbNocIuH0,15070
|
|
9
9
|
fosslight_util/help.py,sha256=M3_XahUkP794US9Q0NS6ujmGvrFFnKBHsTU95Fg1KpA,2181
|
|
10
|
-
fosslight_util/oss_item.py,sha256=
|
|
10
|
+
fosslight_util/oss_item.py,sha256=8W2HlwqGH3l1iPPdvycrRYKsBSBpqAkqYyYtBVPgMtY,6868
|
|
11
11
|
fosslight_util/output_format.py,sha256=je3oVrDDnA160jIkFGpCHlG9Fc4YDlkQGwor2LFSmb0,8173
|
|
12
12
|
fosslight_util/parsing_yaml.py,sha256=2zx_N5lMkXT1dRmfJMpzlrru-y_2F_CkVbGlba6vQpU,5380
|
|
13
13
|
fosslight_util/read_excel.py,sha256=-QvrdxaNqYOpIm1H7ZqIEh5NLvFPymZo6BAOZcQmQug,5263
|
|
@@ -17,15 +17,15 @@ fosslight_util/timer_thread.py,sha256=5VbZENQPD-N0NUmzEktqGr6Am-e7vxD79K05mmr29g
|
|
|
17
17
|
fosslight_util/write_excel.py,sha256=G0fIslbWoOtWZCJxbBGLCpUKbhmwrrqhI5PHwRw8_44,9931
|
|
18
18
|
fosslight_util/write_opossum.py,sha256=ltmo6SkugKWdAYupeCqwE4-3lua0GwLpix1XqFC-tT8,11678
|
|
19
19
|
fosslight_util/write_scancodejson.py,sha256=81n7cWNYoyIKE_V4Kx5YtL2CgjMPIjoKdnSU3inkpJY,2163
|
|
20
|
-
fosslight_util/write_spdx.py,sha256=
|
|
20
|
+
fosslight_util/write_spdx.py,sha256=Ov9jBlfVrkWIymcfAxbupUxDZKfCOZZGOPZ4v-x230M,12108
|
|
21
21
|
fosslight_util/write_txt.py,sha256=BEFjYBppqk1CITx-fUN4vfvKv0XCs1GXWtc2Iu-etU4,629
|
|
22
22
|
fosslight_util/write_yaml.py,sha256=QlEKoIPQsEaYERfbP53TeKgnllYzhLQWm5wYjnWtVjE,3238
|
|
23
23
|
fosslight_util/resources/frequentLicenselist.json,sha256=GUhzK6tu7ok10fekOnmVmUgIGRC-acGABZKTNKfDyYA,4776157
|
|
24
24
|
fosslight_util/resources/frequent_license_nick_list.json,sha256=ryU2C_6ZxHbz90_sUN9OvI9GXkCMLu7oGcmd9W79YYo,5005
|
|
25
25
|
fosslight_util/resources/licenses.json,sha256=mK55z-bhY7Mjpj2KsO1crKGGL-X3F6MBFQJ0zLlx010,240843
|
|
26
|
-
fosslight_util-2.0.
|
|
27
|
-
fosslight_util-2.0.
|
|
28
|
-
fosslight_util-2.0.
|
|
29
|
-
fosslight_util-2.0.
|
|
30
|
-
fosslight_util-2.0.
|
|
31
|
-
fosslight_util-2.0.
|
|
26
|
+
fosslight_util-2.1.0.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
27
|
+
fosslight_util-2.1.0.dist-info/METADATA,sha256=8Ir3V_wALc0pYZMyeE48wBMFSE1CcOA28-HkPoeKMm4,6431
|
|
28
|
+
fosslight_util-2.1.0.dist-info/WHEEL,sha256=eOLhNAGa2EW3wWl_TU484h7q1UNgy0JXjjoqKoxAAQc,92
|
|
29
|
+
fosslight_util-2.1.0.dist-info/entry_points.txt,sha256=bzXX5i7HZ13V8BLKvtu_9KO3ZjtRypH-XszOXT6I3bU,69
|
|
30
|
+
fosslight_util-2.1.0.dist-info/top_level.txt,sha256=2qyYWGLakgBRy4BqoBNt-I5C29tBr_e93e5e1pbuTGA,15
|
|
31
|
+
fosslight_util-2.1.0.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|