ospac 0.1.0__py3-none-any.whl

ospac/core/compatibility_matrix.py

@@ -0,0 +1,332 @@
+"""Efficient compatibility matrix storage and retrieval."""
+
+import json
+import os
+from pathlib import Path
+from typing import Dict, List, Optional, Tuple, Set
+from enum import Enum
+
+
+class CompatibilityStatus(Enum):
+    """License compatibility status."""
+    COMPATIBLE = "compatible"
+    INCOMPATIBLE = "incompatible"
+    REVIEW_NEEDED = "review_needed"
+    UNKNOWN = "unknown"
+
+
+class CompatibilityMatrix:
+    """
+    Efficient storage for license compatibility relationships.
+
+    Uses sparse matrix representation to reduce storage size.
+    Only stores non-default relationships (default is "unknown").
+    """
+
+    def __init__(self, data_dir: str = "data/compatibility"):
+        self.data_dir = Path(data_dir)
+        self.data_dir.mkdir(parents=True, exist_ok=True)
+
+        # In-memory caches
+        self._compatibility_cache: Dict[str, Dict[str, str]] = {}
+        self._category_cache: Dict[str, List[str]] = {}
+        self._metadata: Dict = {}
+
+        # File paths
+        self.metadata_file = self.data_dir / "metadata.json"
+        self.categories_file = self.data_dir / "categories.json"
+        self.relationships_dir = self.data_dir / "relationships"
+        self.relationships_dir.mkdir(exist_ok=True)
+
+    def build_from_full_matrix(self, full_matrix_path: str) -> None:
+        """
+        Convert full NxN matrix to efficient sparse format.
+
+        Args:
+            full_matrix_path: Path to full compatibility matrix JSON
+        """
+        print(f"Loading full matrix from {full_matrix_path}...")
+        with open(full_matrix_path, 'r') as f:
+            data = json.load(f)
+
+        compatibility = data.get("compatibility", {})
+
+        # Extract metadata
+        self._metadata = {
+            "version": data.get("version", "1.0"),
+            "generated": data.get("generated"),
+            "total_licenses": len(compatibility),
+            "format": "sparse",
+            "default_status": "unknown"
+        }
+
+        # Categorize licenses based on patterns
+        categories = self._categorize_licenses(list(compatibility.keys()))
+
+        # Save metadata and categories
+        self._save_metadata()
+        self._save_categories(categories)
+
+        # Process and save relationships in chunks
+        self._process_relationships(compatibility, categories)
+
+    def _categorize_licenses(self, license_ids: List[str]) -> Dict[str, List[str]]:
+        """Categorize licenses by family/type for efficient storage."""
+        categories = {
+            "gpl": [],
+            "lgpl": [],
+            "agpl": [],
+            "bsd": [],
+            "mit": [],
+            "apache": [],
+            "cc": [],
+            "public_domain": [],
+            "proprietary": [],
+            "other": []
+        }
+
+        for license_id in license_ids:
+            lid_lower = license_id.lower()
+
+            if "gpl-" in lid_lower and "lgpl" not in lid_lower and "agpl" not in lid_lower:
+                categories["gpl"].append(license_id)
+            elif "lgpl" in lid_lower:
+                categories["lgpl"].append(license_id)
+            elif "agpl" in lid_lower:
+                categories["agpl"].append(license_id)
+            elif "bsd" in lid_lower:
+                categories["bsd"].append(license_id)
+            elif "mit" in lid_lower:
+                categories["mit"].append(license_id)
+            elif "apache" in lid_lower:
+                categories["apache"].append(license_id)
+            elif lid_lower.startswith("cc"):
+                categories["cc"].append(license_id)
+            elif "public" in lid_lower or "unlicense" in lid_lower or lid_lower == "0bsd":
+                categories["public_domain"].append(license_id)
+            elif any(prop in lid_lower for prop in ["proprietary", "commercial", "elastic"]):
+                categories["proprietary"].append(license_id)
+            else:
+                categories["other"].append(license_id)
+
+        # Remove empty categories
+        return {k: v for k, v in categories.items() if v}
+
+    def _process_relationships(self, compatibility: Dict, categories: Dict[str, List[str]]) -> None:
+        """Process and store non-default relationships efficiently."""
+        print("Processing compatibility relationships...")
+
+        # Statistics
+        total_relationships = 0
+        stored_relationships = 0
+
+        # Process by category to create smaller files
+        for category, licenses in categories.items():
+            category_relationships = {}
+
+            for license_id in licenses:
+                if license_id not in compatibility:
+                    continue
+
+                license_compat = compatibility[license_id]
+
+                # Only store non-default relationships
+                non_default = {
+                    target: status
+                    for target, status in license_compat.items()
+                    if status and status != "unknown"
+                }
+
+                if non_default:
+                    category_relationships[license_id] = non_default
+                    stored_relationships += len(non_default)
+
+                total_relationships += len(license_compat)
+
+            # Save category relationships
+            if category_relationships:
+                category_file = self.relationships_dir / f"{category}.json"
+                with open(category_file, 'w') as f:
+                    json.dump(category_relationships, f, indent=2)
+                print(f"  Saved {category}: {len(category_relationships)} licenses")
+
+        compression_ratio = (1 - stored_relationships / total_relationships) * 100 if total_relationships > 0 else 0
+        print(f"\nCompression: {stored_relationships}/{total_relationships} relationships stored")
+        print(f"Space saved: {compression_ratio:.1f}%")
+
+    def _save_metadata(self) -> None:
+        """Save metadata to file."""
+        with open(self.metadata_file, 'w') as f:
+            json.dump(self._metadata, f, indent=2)
+
+    def _save_categories(self, categories: Dict[str, List[str]]) -> None:
+        """Save license categories to file."""
+        with open(self.categories_file, 'w') as f:
+            json.dump(categories, f, indent=2)
+
+    def load(self) -> None:
+        """Load sparse matrix data into memory."""
+        # Load metadata
+        if self.metadata_file.exists():
+            with open(self.metadata_file, 'r') as f:
+                self._metadata = json.load(f)
+
+        # Load categories
+        if self.categories_file.exists():
+            with open(self.categories_file, 'r') as f:
+                self._category_cache = json.load(f)
+
+        # Load relationships on demand (lazy loading)
+        self._compatibility_cache = {}
+
+    def get_compatibility(self, license1: str, license2: str) -> str:
+        """
+        Get compatibility status between two licenses.
+
+        Args:
+            license1: First license ID
+            license2: Second license ID
+
+        Returns:
+            Compatibility status
+        """
+        # Check cache first
+        if license1 in self._compatibility_cache:
+            if license2 in self._compatibility_cache[license1]:
+                return self._compatibility_cache[license1][license2]
+
+        # Load from file if needed
+        status = self._load_relationship(license1, license2)
+
+        # Cache the result
+        if license1 not in self._compatibility_cache:
+            self._compatibility_cache[license1] = {}
+        self._compatibility_cache[license1][license2] = status
+
+        return status
+
+    def _load_relationship(self, license1: str, license2: str) -> str:
+        """Load specific relationship from file."""
+        # Find category for license1
+        category = self._find_category(license1)
+        if not category:
+            return self._metadata.get("default_status", "unknown")
+
+        # Load category file if not cached
+        category_file = self.relationships_dir / f"{category}.json"
+        if not category_file.exists():
+            return self._metadata.get("default_status", "unknown")
+
+        with open(category_file, 'r') as f:
+            relationships = json.load(f)
+
+        # Get relationship
+        if license1 in relationships:
+            rel = relationships[license1].get(license2)
+            # Handle dict format (with static/dynamic/distribution keys)
+            if isinstance(rel, dict):
+                # Return overall compatibility based on static linking (most restrictive)
+                static = rel.get("static_linking", "unknown")
+                if static == "compatible":
+                    return "compatible"
+                elif static == "incompatible":
+                    return "incompatible"
+                elif static == "review_required":
+                    return "review_needed"
+                return static
+            # Handle string format
+            elif isinstance(rel, str):
+                return rel
+            else:
+                return self._metadata.get("default_status", "unknown")
+
+        return self._metadata.get("default_status", "unknown")
+
+    def _find_category(self, license_id: str) -> Optional[str]:
+        """Find which category a license belongs to."""
+        for category, licenses in self._category_cache.items():
+            if license_id in licenses:
+                return category
+        return None
+
+    def get_compatible_licenses(self, license_id: str) -> List[str]:
+        """Get all licenses compatible with the given license."""
+        compatible = []
+
+        # Load all relationships for this license
+        category = self._find_category(license_id)
+        if category:
+            category_file = self.relationships_dir / f"{category}.json"
+            if category_file.exists():
+                with open(category_file, 'r') as f:
+                    relationships = json.load(f)
+
+                if license_id in relationships:
+                    for target, status in relationships[license_id].items():
+                        # Handle dict format
+                        if isinstance(status, dict):
+                            if status.get("static_linking") == "compatible":
+                                compatible.append(target)
+                        # Handle string format
+                        elif status == CompatibilityStatus.COMPATIBLE.value:
+                            compatible.append(target)
+
+        return sorted(compatible)
+
+    def get_incompatible_licenses(self, license_id: str) -> List[str]:
+        """Get all licenses incompatible with the given license."""
+        incompatible = []
+
+        # Load all relationships for this license
+        category = self._find_category(license_id)
+        if category:
+            category_file = self.relationships_dir / f"{category}.json"
+            if category_file.exists():
+                with open(category_file, 'r') as f:
+                    relationships = json.load(f)
+
+                if license_id in relationships:
+                    for target, status in relationships[license_id].items():
+                        if status == CompatibilityStatus.INCOMPATIBLE.value:
+                            incompatible.append(target)
+
+        return sorted(incompatible)
+
+    def export_full_matrix(self, output_path: str) -> None:
+        """Export back to full matrix format if needed."""
+        print("Exporting to full matrix format...")
+
+        # Load all relationships
+        full_compatibility = {}
+
+        for category_file in self.relationships_dir.glob("*.json"):
+            with open(category_file, 'r') as f:
+                relationships = json.load(f)
+                full_compatibility.update(relationships)
+
+        # Fill in defaults for all license pairs
+        all_licenses = []
+        for licenses in self._category_cache.values():
+            all_licenses.extend(licenses)
+
+        complete_matrix = {}
+        for license1 in all_licenses:
+            complete_matrix[license1] = {}
+            for license2 in all_licenses:
+                if license1 in full_compatibility and license2 in full_compatibility[license1]:
+                    complete_matrix[license1][license2] = full_compatibility[license1][license2]
+                else:
+                    complete_matrix[license1][license2] = self._metadata.get("default_status", "unknown")
+
+        # Save full matrix
+        output_data = {
+            "version": self._metadata.get("version", "1.0"),
+            "generated": self._metadata.get("generated"),
+            "total_licenses": len(all_licenses),
+            "compatibility": complete_matrix
+        }
+
+        with open(output_path, 'w') as f:
+            json.dump(output_data, f, indent=2)
+
+        print(f"Exported full matrix to {output_path}")

ospac/models/__init__.py

@@ -0,0 +1,12 @@
+"""Data models for OSPAC."""
+
+from ospac.models.license import License
+from ospac.models.policy import Policy
+from ospac.models.compliance import ComplianceResult, PolicyResult
+
+__all__ = [
+    "License",
+    "Policy",
+    "ComplianceResult",
+    "PolicyResult",
+]

ospac/models/compliance.py

@@ -0,0 +1,161 @@
+"""
+Compliance result models.
+"""
+
+from typing import Dict, List, Any, Optional
+from dataclasses import dataclass, field
+from enum import Enum
+
+
+class ComplianceStatus(Enum):
+    """Status of compliance check."""
+
+    COMPLIANT = "compliant"
+    NON_COMPLIANT = "non_compliant"
+    WARNING = "warning"
+    REQUIRES_REVIEW = "requires_review"
+    UNKNOWN = "unknown"
+
+
+class ActionType(Enum):
+    """Action to take based on policy evaluation."""
+
+    ALLOW = "allow"
+    DENY = "deny"
+    FLAG_FOR_REVIEW = "flag_for_review"
+    CONTAMINATE = "contaminate"
+    APPROVE = "approve"
+
+
+@dataclass
+class PolicyResult:
+    """Result of policy evaluation."""
+
+    rule_id: str
+    action: ActionType
+    severity: str = "info"
+    message: Optional[str] = None
+    requirements: List[str] = field(default_factory=list)
+    remediation: Optional[str] = None
+
+    @classmethod
+    def aggregate(cls, results: List["PolicyResult"]) -> "PolicyResult":
+        """Aggregate multiple results into a single result."""
+        if not results:
+            return cls(
+                rule_id="aggregate",
+                action=ActionType.ALLOW,
+                severity="info",
+                message="No policies matched",
+            )
+
+        # Find the highest severity result
+        severity_order = {"error": 3, "warning": 2, "info": 1}
+        highest_severity = max(results, key=lambda r: severity_order.get(r.severity, 0))
+
+        # Determine overall action (most restrictive wins)
+        action_priority = {
+            ActionType.DENY: 5,
+            ActionType.CONTAMINATE: 4,
+            ActionType.FLAG_FOR_REVIEW: 3,
+            ActionType.ALLOW: 2,
+            ActionType.APPROVE: 1,
+        }
+
+        most_restrictive = max(results, key=lambda r: action_priority.get(r.action, 0))
+
+        # Combine all requirements
+        all_requirements = []
+        for result in results:
+            all_requirements.extend(result.requirements)
+
+        return cls(
+            rule_id="aggregate",
+            action=most_restrictive.action,
+            severity=highest_severity.severity,
+            message=f"Evaluated {len(results)} rules",
+            requirements=list(set(all_requirements)),
+        )
+
+
+@dataclass
+class ComplianceResult:
+    """Final compliance result."""
+
+    status: ComplianceStatus
+    licenses_checked: List[str] = field(default_factory=list)
+    violations: List[Dict[str, Any]] = field(default_factory=list)
+    warnings: List[Dict[str, Any]] = field(default_factory=list)
+    obligations: List[str] = field(default_factory=list)
+    required_actions: List[str] = field(default_factory=list)
+    metadata: Dict[str, Any] = field(default_factory=dict)
+
+    @property
+    def is_compliant(self) -> bool:
+        """Check if the result is compliant."""
+        return self.status == ComplianceStatus.COMPLIANT
+
+    @property
+    def needs_review(self) -> bool:
+        """Check if manual review is required."""
+        return self.status == ComplianceStatus.REQUIRES_REVIEW
+
+    def add_violation(self, rule_id: str, message: str, severity: str = "error") -> None:
+        """Add a violation to the result."""
+        self.violations.append({
+            "rule_id": rule_id,
+            "message": message,
+            "severity": severity,
+        })
+        if self.status != ComplianceStatus.NON_COMPLIANT:
+            self.status = ComplianceStatus.NON_COMPLIANT
+
+    def add_warning(self, rule_id: str, message: str) -> None:
+        """Add a warning to the result."""
+        self.warnings.append({
+            "rule_id": rule_id,
+            "message": message,
+            "severity": "warning",
+        })
+        if self.status == ComplianceStatus.COMPLIANT:
+            self.status = ComplianceStatus.WARNING
+
+    @classmethod
+    def from_policy_result(cls, policy_result: PolicyResult) -> "ComplianceResult":
+        """Create a ComplianceResult from a PolicyResult."""
+        result = cls(status=ComplianceStatus.UNKNOWN)
+
+        if policy_result.action == ActionType.DENY:
+            result.status = ComplianceStatus.NON_COMPLIANT
+            if policy_result.message:
+                result.add_violation(policy_result.rule_id, policy_result.message, policy_result.severity)
+
+        elif policy_result.action == ActionType.FLAG_FOR_REVIEW:
+            result.status = ComplianceStatus.REQUIRES_REVIEW
+            if policy_result.message:
+                result.add_warning(policy_result.rule_id, policy_result.message)
+
+        elif policy_result.action in [ActionType.ALLOW, ActionType.APPROVE]:
+            result.status = ComplianceStatus.COMPLIANT
+
+        if policy_result.requirements:
+            result.obligations.extend(policy_result.requirements)
+
+        if policy_result.remediation:
+            result.required_actions.append(policy_result.remediation)
+
+        return result
+
+    def to_dict(self) -> Dict[str, Any]:
+        """Convert to dictionary for serialization."""
+        return {
+            "status": self.status.value,
+            "is_compliant": self.is_compliant,
+            "needs_review": self.needs_review,
+            "licenses_checked": self.licenses_checked,
+            "violations": self.violations,
+            "warnings": self.warnings,
+            "obligations": self.obligations,
+            "required_actions": self.required_actions,
+            "metadata": self.metadata,
+        }

ospac/models/license.py

@@ -0,0 +1,82 @@
+"""
+License data model.
+"""
+
+from typing import Dict, List, Optional, Any
+from dataclasses import dataclass, field
+
+
+@dataclass
+class License:
+    """Represents a software license with its properties and requirements."""
+
+    id: str
+    name: str
+    type: str  # permissive, copyleft_weak, copyleft_strong, proprietary
+    spdx_id: Optional[str] = None
+
+    properties: Dict[str, bool] = field(default_factory=dict)
+    requirements: Dict[str, bool] = field(default_factory=dict)
+    compatibility: Dict[str, Dict] = field(default_factory=dict)
+
+    def is_compatible_with(self, other: "License", context: str = "general") -> bool:
+        """Check if this license is compatible with another."""
+        if context not in self.compatibility:
+            context = "general"
+
+        if context in self.compatibility:
+            compat_rules = self.compatibility[context]
+
+            # Check explicit compatible list
+            if "compatible_with" in compat_rules:
+                if other.id in compat_rules["compatible_with"]:
+                    return True
+                if other.type in compat_rules["compatible_with"]:
+                    return True
+
+            # Check explicit incompatible list
+            if "incompatible_with" in compat_rules:
+                if other.id in compat_rules["incompatible_with"]:
+                    return False
+                if other.type in compat_rules["incompatible_with"]:
+                    return False
+
+        # Default: permissive licenses are generally compatible
+        if self.type == "permissive" and other.type == "permissive":
+            return True
+
+        return False
+
+    def get_obligations(self) -> List[str]:
+        """Get all obligations for this license."""
+        obligations = []
+
+        if self.requirements.get("disclose_source"):
+            obligations.append("Disclose source code")
+
+        if self.requirements.get("include_license"):
+            obligations.append("Include license text")
+
+        if self.requirements.get("include_copyright"):
+            obligations.append("Include copyright notice")
+
+        if self.requirements.get("state_changes"):
+            obligations.append("State changes made to the code")
+
+        if self.requirements.get("same_license"):
+            obligations.append("Distribute under same license")
+
+        return obligations
+
+    @classmethod
+    def from_dict(cls, data: Dict[str, Any]) -> "License":
+        """Create a License instance from a dictionary."""
+        return cls(
+            id=data["id"],
+            name=data["name"],
+            type=data["type"],
+            spdx_id=data.get("spdx_id"),
+            properties=data.get("properties", {}),
+            requirements=data.get("requirements", {}),
+            compatibility=data.get("compatibility", {}),
+        )

ospac/models/policy.py

@@ -0,0 +1,97 @@
+"""
+Policy data model.
+"""
+
+from typing import Dict, List, Any, Optional
+from dataclasses import dataclass, field
+
+
+@dataclass
+class Rule:
+    """Represents a single policy rule."""
+
+    id: str
+    description: str
+    when: Dict[str, Any]
+    then: Dict[str, Any]
+    priority: int = 0
+
+    def matches(self, context: Dict[str, Any]) -> bool:
+        """Check if this rule matches the given context."""
+        for key, expected in self.when.items():
+            if key not in context:
+                return False
+
+            actual = context[key]
+            if isinstance(expected, list):
+                if actual not in expected:
+                    return False
+            elif actual != expected:
+                return False
+
+        return True
+
+
+@dataclass
+class Policy:
+    """Represents a compliance policy."""
+
+    name: str
+    version: str
+    rules: List[Rule] = field(default_factory=list)
+    extends: Optional[str] = None
+    decision_tree: Optional[List[Dict]] = None
+    metadata: Dict[str, Any] = field(default_factory=dict)
+
+    def add_rule(self, rule: Rule) -> None:
+        """Add a rule to this policy."""
+        self.rules.append(rule)
+        # Sort by priority
+        self.rules.sort(key=lambda r: r.priority, reverse=True)
+
+    def evaluate(self, context: Dict[str, Any]) -> List[Dict[str, Any]]:
+        """Evaluate this policy against the given context."""
+        results = []
+
+        for rule in self.rules:
+            if rule.matches(context):
+                result = {
+                    "rule_id": rule.id,
+                    "description": rule.description,
+                    "action": rule.then.get("action", "allow"),
+                    "severity": rule.then.get("severity", "info"),
+                    "message": rule.then.get("message", ""),
+                }
+
+                if "requirements" in rule.then:
+                    result["requirements"] = rule.then["requirements"]
+
+                if "remediation" in rule.then:
+                    result["remediation"] = rule.then["remediation"]
+
+                results.append(result)
+
+        return results
+
+    @classmethod
+    def from_dict(cls, data: Dict[str, Any]) -> "Policy":
+        """Create a Policy instance from a dictionary."""
+        rules = []
+        for rule_data in data.get("rules", []):
+            rule = Rule(
+                id=rule_data["id"],
+                description=rule_data.get("description", ""),
+                when=rule_data.get("when", {}),
+                then=rule_data.get("then", {}),
+                priority=rule_data.get("priority", 0),
+            )
+            rules.append(rule)
+
+        return cls(
+            name=data.get("name", "unnamed"),
+            version=data.get("version", "1.0"),
+            rules=rules,
+            extends=data.get("extends"),
+            decision_tree=data.get("decision_tree"),
+            metadata=data.get("metadata", {}),
+        )