fosslight-util 2.0.1__tar.gz → 2.0.2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/PKG-INFO +1 -1
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/requirements.txt +3 -2
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/setup.py +1 -1
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/download.py +25 -24
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/write_spdx.py +25 -19
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util.egg-info/PKG-INFO +1 -1
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util.egg-info/requires.txt +4 -1
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/LICENSE +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/MANIFEST.in +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/README.md +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/setup.cfg +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/__init__.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/_get_downloadable_url.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/compare_yaml.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/constant.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/convert_excel_to_yaml.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/correct.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/cover.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/help.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/oss_item.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/output_format.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/parsing_yaml.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/read_excel.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/resources/frequentLicenselist.json +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/resources/frequent_license_nick_list.json +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/resources/licenses.json +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/set_log.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/spdx_licenses.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/timer_thread.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/write_excel.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/write_opossum.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/write_scancodejson.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/write_txt.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/write_yaml.py +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util.egg-info/SOURCES.txt +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util.egg-info/dependency_links.txt +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util.egg-info/entry_points.txt +0 -0
- {fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util.egg-info/top_level.txt +0 -0
|
@@ -8,9 +8,10 @@ coloredlogs
|
|
|
8
8
|
python3-wget
|
|
9
9
|
beautifulsoup4
|
|
10
10
|
jsonmerge
|
|
11
|
-
spdx-tools
|
|
11
|
+
spdx-tools>=0.8.2;sys_platform!="win32"
|
|
12
12
|
setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
|
|
13
13
|
numpy; python_version < '3.8'
|
|
14
14
|
numpy>=1.22.2; python_version >= '3.8'
|
|
15
15
|
npm
|
|
16
|
-
requests
|
|
16
|
+
requests
|
|
17
|
+
GitPython
|
|
@@ -10,7 +10,7 @@ import zipfile
|
|
|
10
10
|
import logging
|
|
11
11
|
import argparse
|
|
12
12
|
import shutil
|
|
13
|
-
import
|
|
13
|
+
from git import Repo, GitCommandError
|
|
14
14
|
import bz2
|
|
15
15
|
import contextlib
|
|
16
16
|
from datetime import datetime
|
|
@@ -230,14 +230,10 @@ def get_github_token(git_url):
|
|
|
230
230
|
|
|
231
231
|
|
|
232
232
|
def download_git_clone(git_url, target_dir, checkout_to="", tag="", branch=""):
|
|
233
|
-
ref_to_checkout = decide_checkout(checkout_to, tag, branch)
|
|
234
|
-
msg = ""
|
|
235
233
|
oss_name = get_github_ossname(git_url)
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
if github_token != "":
|
|
240
|
-
callbacks = git.RemoteCallbacks(credentials=git.UserPass("foo", github_token)) # username is not used, so set to dummy
|
|
234
|
+
refs_to_checkout = decide_checkout(checkout_to, tag, branch)
|
|
235
|
+
clone_default_branch_flag = False
|
|
236
|
+
msg = ""
|
|
241
237
|
|
|
242
238
|
try:
|
|
243
239
|
if platform.system() != "Windows":
|
|
@@ -248,9 +244,26 @@ def download_git_clone(git_url, target_dir, checkout_to="", tag="", branch=""):
|
|
|
248
244
|
alarm.start()
|
|
249
245
|
|
|
250
246
|
Path(target_dir).mkdir(parents=True, exist_ok=True)
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
247
|
+
if refs_to_checkout != "":
|
|
248
|
+
try:
|
|
249
|
+
# gitPython uses the branch argument the same whether you check out to a branch or a tag.
|
|
250
|
+
repo = Repo.clone_from(git_url, target_dir, branch=refs_to_checkout)
|
|
251
|
+
except GitCommandError as error:
|
|
252
|
+
error_msg = error.args[2].decode("utf-8")
|
|
253
|
+
if "Remote branch " + refs_to_checkout + " not found in upstream origin" in error_msg:
|
|
254
|
+
# clone default branch, when non-existent branch or tag entered
|
|
255
|
+
repo = Repo.clone_from(git_url, target_dir)
|
|
256
|
+
clone_default_branch_flag = True
|
|
257
|
+
else:
|
|
258
|
+
repo = Repo.clone_from(git_url, target_dir)
|
|
259
|
+
clone_default_branch_flag = True
|
|
260
|
+
|
|
261
|
+
if refs_to_checkout != tag or clone_default_branch_flag:
|
|
262
|
+
oss_version = repo.active_branch.name
|
|
263
|
+
else:
|
|
264
|
+
oss_version = repo.git.describe('--tags')
|
|
265
|
+
logger.info(f"git checkout: {oss_version}")
|
|
266
|
+
|
|
254
267
|
if platform.system() != "Windows":
|
|
255
268
|
signal.alarm(0)
|
|
256
269
|
else:
|
|
@@ -258,20 +271,8 @@ def download_git_clone(git_url, target_dir, checkout_to="", tag="", branch=""):
|
|
|
258
271
|
except Exception as error:
|
|
259
272
|
logger.warning(f"git clone - failed: {error}")
|
|
260
273
|
msg = str(error)
|
|
261
|
-
return False, msg, oss_name,
|
|
262
|
-
try:
|
|
263
|
-
if ref_to_checkout != "":
|
|
264
|
-
ref_list = [x for x in repo.references]
|
|
265
|
-
ref_to_checkout = get_ref_to_checkout(ref_to_checkout, ref_list)
|
|
266
|
-
logger.info(f"git checkout: {ref_to_checkout}")
|
|
267
|
-
repo.checkout(ref_to_checkout)
|
|
274
|
+
return False, msg, oss_name, refs_to_checkout
|
|
268
275
|
|
|
269
|
-
for prefix_ref in prefix_refs:
|
|
270
|
-
if ref_to_checkout.startswith(prefix_ref):
|
|
271
|
-
oss_version = ref_to_checkout[len(prefix_ref):]
|
|
272
|
-
|
|
273
|
-
except Exception as error:
|
|
274
|
-
logger.warning(f"git checkout to {ref_to_checkout} - failed: {error}")
|
|
275
276
|
return True, msg, oss_name, oss_version
|
|
276
277
|
|
|
277
278
|
|
|
@@ -8,23 +8,6 @@ import uuid
|
|
|
8
8
|
import logging
|
|
9
9
|
import re
|
|
10
10
|
from pathlib import Path
|
|
11
|
-
from spdx_tools.common.spdx_licensing import spdx_licensing
|
|
12
|
-
from spdx_tools.spdx.model import (
|
|
13
|
-
Actor,
|
|
14
|
-
ActorType,
|
|
15
|
-
Checksum,
|
|
16
|
-
ChecksumAlgorithm,
|
|
17
|
-
CreationInfo,
|
|
18
|
-
Document,
|
|
19
|
-
File,
|
|
20
|
-
Package,
|
|
21
|
-
Relationship,
|
|
22
|
-
RelationshipType,
|
|
23
|
-
SpdxNoAssertion,
|
|
24
|
-
SpdxNone
|
|
25
|
-
)
|
|
26
|
-
from spdx_tools.spdx.validation.document_validator import validate_full_spdx_document
|
|
27
|
-
from spdx_tools.spdx.writer.write_anything import write_file
|
|
28
11
|
from datetime import datetime
|
|
29
12
|
from fosslight_util.spdx_licenses import get_spdx_licenses_json, get_license_from_nick
|
|
30
13
|
from fosslight_util.constant import (LOGGER_NAME, FOSSLIGHT_DEPENDENCY, FOSSLIGHT_SCANNER,
|
|
@@ -33,6 +16,27 @@ import traceback
|
|
|
33
16
|
|
|
34
17
|
logger = logging.getLogger(LOGGER_NAME)
|
|
35
18
|
|
|
19
|
+
try:
|
|
20
|
+
from spdx_tools.common.spdx_licensing import spdx_licensing
|
|
21
|
+
from spdx_tools.spdx.model import (
|
|
22
|
+
Actor,
|
|
23
|
+
ActorType,
|
|
24
|
+
Checksum,
|
|
25
|
+
ChecksumAlgorithm,
|
|
26
|
+
CreationInfo,
|
|
27
|
+
Document,
|
|
28
|
+
File,
|
|
29
|
+
Package,
|
|
30
|
+
Relationship,
|
|
31
|
+
RelationshipType,
|
|
32
|
+
SpdxNoAssertion,
|
|
33
|
+
SpdxNone
|
|
34
|
+
)
|
|
35
|
+
from spdx_tools.spdx.validation.document_validator import validate_full_spdx_document
|
|
36
|
+
from spdx_tools.spdx.writer.write_anything import write_file
|
|
37
|
+
except Exception:
|
|
38
|
+
logger.info('No import spdx-tools')
|
|
39
|
+
|
|
36
40
|
|
|
37
41
|
def get_license_list_version():
|
|
38
42
|
version = 'N/A'
|
|
@@ -87,6 +91,7 @@ def write_spdx(output_file_without_ext, output_extension, scan_item, spdx_versio
|
|
|
87
91
|
checksums=[Checksum(ChecksumAlgorithm.SHA1, file_item.checksum)])
|
|
88
92
|
file_license = []
|
|
89
93
|
file_copyright = []
|
|
94
|
+
file_comment = []
|
|
90
95
|
for oss_item in file_item.oss_items:
|
|
91
96
|
oss_licenses = []
|
|
92
97
|
declared_oss_licenses = []
|
|
@@ -100,6 +105,7 @@ def write_spdx(output_file_without_ext, output_extension, scan_item, spdx_versio
|
|
|
100
105
|
except Exception:
|
|
101
106
|
logger.debug(f'No spdx license name: {oi}')
|
|
102
107
|
lic_comment.append(oi)
|
|
108
|
+
file_comment.append(oi)
|
|
103
109
|
if oss_licenses:
|
|
104
110
|
file_license.extend(oss_licenses)
|
|
105
111
|
if oss_item.copyright != '':
|
|
@@ -157,8 +163,8 @@ def write_spdx(output_file_without_ext, output_extension, scan_item, spdx_versio
|
|
|
157
163
|
file.license_info_in_file = file_license
|
|
158
164
|
if file_copyright:
|
|
159
165
|
file.copyright_text = '\n'.join(file_copyright)
|
|
160
|
-
if
|
|
161
|
-
file.license_comment = ' '.join(
|
|
166
|
+
if file_comment:
|
|
167
|
+
file.license_comment = ' '.join(file_comment)
|
|
162
168
|
doc.files.append(file)
|
|
163
169
|
|
|
164
170
|
if len(doc.packages) > 0:
|
|
@@ -8,10 +8,10 @@ coloredlogs
|
|
|
8
8
|
python3-wget
|
|
9
9
|
beautifulsoup4
|
|
10
10
|
jsonmerge
|
|
11
|
-
spdx-tools
|
|
12
11
|
setuptools>=65.5.1
|
|
13
12
|
npm
|
|
14
13
|
requests
|
|
14
|
+
GitPython
|
|
15
15
|
|
|
16
16
|
[:python_version < "3.8"]
|
|
17
17
|
numpy
|
|
@@ -24,3 +24,6 @@ pygit2==1.6.1
|
|
|
24
24
|
|
|
25
25
|
[:python_version>='3.7']
|
|
26
26
|
pygit2>=1.10.1
|
|
27
|
+
|
|
28
|
+
[:sys_platform != "win32"]
|
|
29
|
+
spdx-tools>=0.8.2
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util/resources/frequentLicenselist.json
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{fosslight_util-2.0.1 → fosslight_util-2.0.2}/src/fosslight_util.egg-info/dependency_links.txt
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|