fosslight-util 2.1.28__tar.gz → 2.1.30__tar.gz

{fosslight_util-2.1.28/src/fosslight_util.egg-info → fosslight_util-2.1.30}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: fosslight_util
-Version: 2.1.28
+Version: 2.1.30
 Summary: FOSSLight Util
 Home-page: https://github.com/fosslight/fosslight_util
 Download-URL: https://github.com/fosslight/fosslight_util
@@ -20,7 +20,6 @@ Requires-Dist: progress
 Requires-Dist: PyYAML
 Requires-Dist: lastversion
 Requires-Dist: coloredlogs
-Requires-Dist: python3-wget
 Requires-Dist: beautifulsoup4
 Requires-Dist: jsonmerge
 Requires-Dist: spdx-tools==0.8.*; sys_platform == "linux"

{fosslight_util-2.1.28 → fosslight_util-2.1.30}/requirements.txt

@@ -5,7 +5,7 @@ progress
 PyYAML
 lastversion
 coloredlogs
-python3-wget
+
 beautifulsoup4
 jsonmerge
 spdx-tools==0.8.*;sys_platform=="linux"

{fosslight_util-2.1.28 → fosslight_util-2.1.30}/setup.py

@@ -14,7 +14,7 @@ with open('requirements.txt', 'r', 'utf-8') as f:
 if __name__ == "__main__":
     setup(
         name='fosslight_util',
-        version='2.1.28',
+        version='2.1.30',
         package_dir={"": "src"},
         packages=find_packages(where='src'),
         description='FOSSLight Util',

{fosslight_util-2.1.28 → fosslight_util-2.1.30}/src/fosslight_util/_get_downloadable_url.py

@@ -499,13 +499,39 @@ def get_download_location_for_maven(link):
 
     try:
         if link.startswith('mvnrepository.com/artifact/'):
-            dn_loc_split = link.replace('mvnrepository.com/', '').split('/')
-            group_id = dn_loc_split[1].replace('.', '/')
-            dn_loc = 'https://repo1.maven.org/maven2/' + group_id + '/' + dn_loc_split[2] + '/' + dn_loc_split[3]
+            parts = link.replace('mvnrepository.com/artifact/', '').split('/')
+            if len(parts) < 2:
+                raise Exception('invalid mvnrepository artifact url')
+            group_raw = parts[0]
+            artifact_id = parts[1]
+            version = parts[2] if len(parts) > 2 and parts[2] else ''
+            group_path = group_raw.replace('.', '/')
+
+            repo_base = f'https://repo1.maven.org/maven2/{group_path}/{artifact_id}'
+            try:
+                urlopen(repo_base)
+                if version:
+                    dn_loc = f'{repo_base}/{version}'
+                else:
+                    new_link = repo_base
+                    ret = True
+                    return ret, new_link
+            except Exception:
+                google_base = f'https://dl.google.com/android/maven2/{group_path}/{artifact_id}'
+                if version:
+                    google_sources = f'{google_base}/{version}/{artifact_id}-{version}-sources.jar'
+                    try:
+                        res_g = urlopen(google_sources)
+                        if res_g.getcode() == 200:
+                            ret = True
+                            return ret, google_sources
+                    except Exception:
+                        pass
+                new_link = google_base
+                ret = True
+                return ret, new_link
 
         elif link.startswith('repo1.maven.org/maven2/'):
-            dn_loc_split = link.replace('repo1.maven.org/maven2/', '').split('/')
-
             if link.endswith('.tar.gz') or link.endswith('.jar') or link.endswith('.tar.xz'):
                 new_link = 'https://' + link
                 ret = True

{fosslight_util-2.1.28 → fosslight_util-2.1.30}/src/fosslight_util/download.py

@@ -4,7 +4,7 @@
 # SPDX-License-Identifier: Apache-2.0
 import os
 import sys
-import wget
+import requests
 import tarfile
 import zipfile
 import logging
@@ -58,6 +58,22 @@ def alarm_handler(signum, frame):
     raise TimeOutException(f'Timeout ({SIGNAL_TIMEOUT} sec)', 1)
 
 
+def is_downloadable(url):
+    try:
+        h = requests.head(url, allow_redirects=True)
+        header = h.headers
+        content_type = header.get('content-type')
+        if 'text/html' in content_type.lower():
+            return False
+        content_disposition = header.get('content-disposition')
+        if content_disposition and 'attachment' in content_disposition.lower():
+            return True
+        return True
+    except Exception as e:
+        logger.warning(f"is_downloadable - failed: {e}")
+        return False
+
+
 def change_src_link_to_https(src_link):
     src_link = src_link.replace("git://", "https://")
     if src_link.endswith(".git"):
@@ -381,25 +397,30 @@ def download_wget(link, target_dir, compressed_only, checkout_to):
             link = new_link
 
         if compressed_only:
+            # Check if link ends with known compression extensions
             for ext in compression_extension:
                 if link.endswith(ext):
                     success = True
                     break
-            if not success:
-                if pkg_type == 'cargo':
-                    success = True
         else:
-            success = True
+            # If get_downloadable_url found a downloadable file, proceed
+            if ret:
+                success = True
+            else:
+                # No downloadable file found in package repositories, verify link is downloadable
+                if not is_downloadable(link):
+                    raise Exception('Not a downloadable link (link:{0})'.format(link))
+                success = True
 
+        # Fallback: verify link is downloadable for compressed_only case
         if not success:
-            raise Exception('Not supported compression type (link:{0})'.format(link))
+            if is_downloadable(link):
+                success = True
+            else:
+                raise Exception('Not a downloadable link (link:{0})'.format(link))
 
         logger.info(f"wget: {link}")
-        if pkg_type == 'cargo':
-            outfile = os.path.join(target_dir, f'{oss_name}.tar.gz')
-            downloaded_file = wget.download(link, out=outfile)
-        else:
-            downloaded_file = wget.download(link, target_dir)
+        downloaded_file = download_file(link, target_dir)
         if platform.system() != "Windows":
             signal.alarm(0)
         else:
@@ -416,6 +437,49 @@ def download_wget(link, target_dir, compressed_only, checkout_to):
     return success, downloaded_file, msg, oss_name, oss_version
 
 
+def download_file(url, target_dir):
+    local_path = ""
+    try:
+        try:
+            h = requests.head(url, allow_redirects=True)
+            final_url = h.url or url
+            headers = h.headers
+        except Exception:
+            final_url = url
+            headers = {}
+
+        with requests.get(final_url, stream=True, allow_redirects=True) as r:
+            r.raise_for_status()
+
+            filename = ""
+            cd = r.headers.get("Content-Disposition") or headers.get("Content-Disposition")
+            if cd:
+                m_star = re.search(r"filename\*=(?:UTF-8'')?([^;\r\n]+)", cd)
+                if m_star:
+                    filename = urllib.parse.unquote(m_star.group(1).strip('"\''))
+                else:
+                    m = re.search(r"filename=([^;\r\n]+)", cd)
+                    if m:
+                        filename = m.group(1).strip('"\'')
+            if not filename:
+                final_for_name = r.url or final_url
+                filename = os.path.basename(urllib.parse.urlparse(final_for_name).path)
+                if not filename:
+                    filename = "downloaded_file"
+            if os.path.isdir(target_dir):
+                local_path = os.path.join(target_dir, filename)
+            else:
+                local_path = target_dir
+
+            with open(local_path, 'wb') as f:
+                for chunk in r.iter_content(chunk_size=8192):
+                    f.write(chunk)
+    except Exception as e:
+        logger.warning(f"download_file - failed: {e}")
+        return None
+    return local_path
+
+
 def extract_compressed_dir(src_dir, target_dir, remove_after_extract=True):
     logger.debug(f"Extract Dir: {src_dir}")
     try:
@@ -450,6 +514,9 @@ def extract_compressed_file(fname, extract_path, remove_after_extract=True, comp
                 decompress_bz2(fname, extract_path)
             elif fname.endswith(".whl"):
                 unzip(fname, extract_path)
+            elif fname.endswith(".crate"):
+                with contextlib.closing(tarfile.open(fname, "r:gz")) as t:
+                    t.extractall(path=extract_path)
             else:
                 is_compressed_file = False
                 if compressed_only:

fosslight_util-2.1.30/src/fosslight_util/get_pom_license.py

@@ -0,0 +1,120 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+# Copyright (c) 2025 LG Electronics Inc.
+# SPDX-License-Identifier: Apache-2.0
+
+import os
+import logging
+import urllib.request
+from urllib.error import URLError, HTTPError
+from defusedxml.ElementTree import fromstring as xml_fromstring
+import fosslight_util.constant as constant
+
+logger = logging.getLogger(constant.LOGGER_NAME)
+
+
+def get_license_from_pom(group_id: str = None,
+                         artifact_id: str = None,
+                         version: str = None,
+                         pom_path: str = None,
+                         check_parent: bool = True) -> str:
+
+    def build_urls(g, a, v):
+        group_path = g.replace('.', '/')
+        name = f"{a}-{v}.pom"
+        repo1 = f"https://repo1.maven.org/maven2/{group_path}/{a}/{v}/{name}"
+        google = f"https://dl.google.com/android/maven2/{group_path}/{a}/{v}/{name}"
+        return [repo1, google]
+
+    def fetch_pom(g, a, v):
+        for url in build_urls(g, a, v):
+            try:
+                with urllib.request.urlopen(url) as resp:
+                    return resp.read().decode('utf-8')
+            except (HTTPError, URLError):
+                continue
+        return None
+
+    def extract_licenses(root):
+        licenses_elem = root.find('{*}licenses')
+        if licenses_elem is not None:
+            names = []
+            for lic in licenses_elem.findall('{*}license'):
+                name = lic.findtext('{*}name')
+                if name:
+                    names.append(name.replace(',', ''))
+            if names:
+                return ', '.join(names)
+        return None
+
+    def extract_parent_info(root):
+        parent = root.find('{*}parent')
+        if parent is not None:
+            g = parent.findtext('{*}groupId') or parent.findtext('groupId')
+            a = parent.findtext('{*}artifactId') or parent.findtext('artifactId')
+            v = parent.findtext('{*}version') or parent.findtext('version')
+            if g and a and v:
+                return g, a, v
+        return None, None, None
+
+    visited = set()
+
+    def find_license_in_pom_recursive(g, a, v, check_parent_flag):
+        key = (g, a, v)
+        if key in visited:
+            return ''
+        visited.add(key)
+        content = fetch_pom(g, a, v)
+        if not content:
+            return ''
+        try:
+            root = xml_fromstring(content)
+        except Exception:
+            return ''
+        licenses = extract_licenses(root)
+        if licenses:
+            return licenses
+        if not check_parent_flag:
+            return ''
+        pg, pa, pv = extract_parent_info(root)
+        if pg and pa and pv:
+            return find_license_in_pom_recursive(pg, pa, pv, check_parent_flag)
+        return ''
+
+    try:
+        if pom_path:
+            if not os.path.exists(pom_path):
+                logger.warning(f"POM file not found: {pom_path}")
+                return ''
+            try:
+                with open(pom_path, 'r', encoding='utf-8') as f:
+                    content = f.read()
+                xml_start = content.find('<?xml')
+                if xml_start > 0:
+                    content = content[xml_start:]
+                elif xml_start == -1:
+                    root_start = content.find('<project')
+                    if root_start > 0:
+                        content = content[root_start:]
+                root = xml_fromstring(content)
+            except Exception as e:
+                logger.warning(f"Failed to parse POM file {pom_path}: {e}")
+                return ''
+
+            licenses = extract_licenses(root)
+            if licenses:
+                return licenses
+            if not check_parent:
+                return ''
+            pg, pa, pv = extract_parent_info(root)
+            if pg and pa and pv:
+                return find_license_in_pom_recursive(pg, pa, pv, check_parent)
+
+            logger.debug(f"No license info found in local POM: {pom_path}, Retry with remote fetch.")
+
+        if not (group_id and artifact_id and version):
+            return ''
+        return find_license_in_pom_recursive(group_id, artifact_id, version, check_parent)
+    except Exception as e:
+        logger.warning(f"Error getting license from POM: {e}")
+        return ''

{fosslight_util-2.1.28 → fosslight_util-2.1.30/src/fosslight_util.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: fosslight_util
-Version: 2.1.28
+Version: 2.1.30
 Summary: FOSSLight Util
 Home-page: https://github.com/fosslight/fosslight_util
 Download-URL: https://github.com/fosslight/fosslight_util
@@ -20,7 +20,6 @@ Requires-Dist: progress
 Requires-Dist: PyYAML
 Requires-Dist: lastversion
 Requires-Dist: coloredlogs
-Requires-Dist: python3-wget
 Requires-Dist: beautifulsoup4
 Requires-Dist: jsonmerge
 Requires-Dist: spdx-tools==0.8.*; sys_platform == "linux"

{fosslight_util-2.1.28 → fosslight_util-2.1.30}/src/fosslight_util.egg-info/SOURCES.txt

@@ -11,6 +11,7 @@ src/fosslight_util/correct.py
 src/fosslight_util/cover.py
 src/fosslight_util/download.py
 src/fosslight_util/exclude.py
+src/fosslight_util/get_pom_license.py
 src/fosslight_util/help.py
 src/fosslight_util/oss_item.py
 src/fosslight_util/output_format.py

{fosslight_util-2.1.28 → fosslight_util-2.1.30}/src/fosslight_util.egg-info/requires.txt

@@ -5,7 +5,6 @@ progress
 PyYAML
 lastversion
 coloredlogs
-python3-wget
 beautifulsoup4
 jsonmerge
 setuptools>=65.5.1