ossa-scanner 0.1.29__py3-none-any.whl → 0.1.31__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. ossa_scanner/__init__.py +1 -1
  2. ossa_scanner/scanner.py +1 -1
  3. ossa_scanner/utils/package_manager.py +12 -19
  4. {ossa_scanner-0.1.29.dist-info → ossa_scanner-0.1.31.dist-info}/METADATA +1 -1
  5. {ossa_scanner-0.1.29.dist-info → ossa_scanner-0.1.31.dist-info}/RECORD +9 -9
  6. {ossa_scanner-0.1.29.dist-info → ossa_scanner-0.1.31.dist-info}/LICENSE +0 -0
  7. {ossa_scanner-0.1.29.dist-info → ossa_scanner-0.1.31.dist-info}/WHEEL +0 -0
  8. {ossa_scanner-0.1.29.dist-info → ossa_scanner-0.1.31.dist-info}/entry_points.txt +0 -0
  9. {ossa_scanner-0.1.29.dist-info → ossa_scanner-0.1.31.dist-info}/top_level.txt +0 -0
ossa_scanner/__init__.py CHANGED
@@ -1 +1 @@
1
- __version__ = "0.1.29"
1
+ __version__ = "0.1.31"
ossa_scanner/scanner.py CHANGED
@@ -25,7 +25,7 @@ class Scanner:
25
25
  def process_package(self, package):
26
26
  try:
27
27
  print(f"Processing package: {package}")
28
- package_info = get_package_info(self.pm_type, package)
28
+ package_info = get_package_info(self.pm_type, package, self.temp_dir)
29
29
  source_files = download_source(self.pm_type, package, self.temp_dir)
30
30
  self.save_package_report(package, package_info, source_files)
31
31
  except Exception as e:
ossa_scanner/utils/package_manager.py CHANGED
@@ -46,7 +46,7 @@ def list_packages(package_manager):
46
46
  return package_list
47
47
 
48
48
 
49
- def get_package_info(package_manager, package_name):
49
+ def get_package_info(package_manager, package_name, output_dir):
50
50
  if package_manager == 'apt':
51
51
  cmd = ['apt-cache', 'show', package_name]
52
52
  elif package_manager in ['yum', 'dnf']:
@@ -65,7 +65,7 @@ def get_package_info(package_manager, package_name):
65
65
  elif package_manager in ['yum', 'dnf']:
66
66
  return parse_yum_info(output)
67
67
  elif package_manager == 'apt':
68
- return parse_apt_info(output, package_name)
68
+ return parse_apt_info(output, package_name, output_dir)
69
69
  except subprocess.CalledProcessError as e:
70
70
  print(f"Command failed: {e}")
71
71
  return None
@@ -129,7 +129,7 @@ def parse_yum_info(output):
129
129
  info["summary"] = line.split(":", 1)[1].strip()
130
130
  return info
131
131
 
132
- def parse_apt_info(output, package_name):
132
+ def parse_apt_info(output, package_name, output_dir):
133
133
  info = {}
134
134
  lines = output.splitlines()
135
135
  for line in lines:
@@ -141,19 +141,12 @@ def parse_apt_info(output, package_name):
141
141
  info["licenses"] = line.split(":", 1)[1].strip()
142
142
 
143
143
  if "licenses" not in info:
144
- print(package_name, 'not found licenses')
145
- info["licenses"] = apt_get_license_from_source(package_name)
144
+ info["licenses"] = apt_get_license_from_source(package_name, output_dir)
145
+ if info["licenses"]:
146
+ info["licenses"] = extract_spdx_ids(info["licenses"])
147
+ severity = license_classificaton(info["licenses"])
146
148
  else:
147
- print(package_name, 'license found as', info["licenses"])
148
-
149
- # if info["licenses"]:
150
- # info["licenses"] = extract_spdx_ids(info["licenses"])
151
- # severity = license_classificaton(info["licenses"])
152
- # else:
153
-
154
- severity = "Informational"
155
-
156
- print(package_name, info)
149
+ severity = "Informational"
157
150
 
158
151
  # Ensure all keys are present even if data is missing
159
152
  return {
@@ -163,10 +156,10 @@ def parse_apt_info(output, package_name):
163
156
  "severity": severity,
164
157
  }
165
158
 
166
- def apt_get_license_from_source(package_name):
159
+ def apt_get_license_from_source(package_name, output_dir):
167
160
  try:
168
- subprocess.run(["apt-get", "source", package_name], check=True, capture_output=True, text=True)
169
- source_dirs = [d for d in os.listdir() if d.startswith(package_name) and os.path.isdir(d)]
161
+ subprocess.run(["apt-get", "source", package_name, '-d', output_dir], check=True, capture_output=True, text=True)
162
+ source_dirs = [d for d in os.listdir(output_dir) if d.startswith(package_name) and os.path.isdir(d)]
170
163
  if not source_dirs:
171
164
  return "NOASSERTION"
172
165
  package_dir = source_dirs[0]
@@ -177,7 +170,7 @@ def apt_get_license_from_source(package_name):
177
170
  for line in f:
178
171
  if re.search(r"(?i)license:", line):
179
172
  licenses.append(line.split(":", 1)[1].strip())
180
- shutil.rmtree(package_dir, ignore_errors=True)
173
+ shutil.rmtree(output_dir, ignore_errors=True)
181
174
  return ", ".join(set(licenses)) if licenses else "NOASSERTION"
182
175
  except subprocess.CalledProcessError as e:
183
176
  print(f"Error fetching source package: {e}")
{ossa_scanner-0.1.29.dist-info → ossa_scanner-0.1.31.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: ossa_scanner
3
- Version: 0.1.29
3
+ Version: 0.1.31
4
4
  Summary: Open Source Software Advisory generator for Core and Base Linux Packages.
5
5
  Home-page: https://github.com/oscarvalenzuelab/ossa_scanner
6
6
  Author: Oscar Valenzuela
{ossa_scanner-0.1.29.dist-info → ossa_scanner-0.1.31.dist-info}/RECORD RENAMED
@@ -1,16 +1,16 @@
1
- ossa_scanner/__init__.py,sha256=A-lFHZ4YpCrWZ6nw3tlt_yurFJ00mInm3gR6hz51Eww,23
1
+ ossa_scanner/__init__.py,sha256=i-fDEsQ0iAiPKXFaj9eERDqcxl3BqNnavaCEqpNxmVI,23
2
2
  ossa_scanner/cli.py,sha256=sgr8NFpf_Ut84KYFQjOKRxv8CfAMaTPhMo7DbR53lT4,2311
3
- ossa_scanner/scanner.py,sha256=Zmk-Qr8jDoPdCXLkospp2NUgYl7Sdhx_Rhraltxd2u8,4787
3
+ ossa_scanner/scanner.py,sha256=P_pouAPLMWUq_tjiwDyBYvs6cnXDs5VHB8305ui2VHI,4802
4
4
  ossa_scanner/uploader.py,sha256=dPbhSLlQcDyHP-6Ugn6BzYGn_VQ1Ik6TWt2138k3REo,1837
5
5
  ossa_scanner/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
6
6
  ossa_scanner/utils/downloader.py,sha256=AGRhJU9YducTe6mY5-7mZ4fRTFg2tcfz1DS0Nee-wM0,5693
7
7
  ossa_scanner/utils/hash_calculator.py,sha256=LrDKngWOPbizYJWab2sDJDLB4pD_RrI51L0cZt3VjJY,960
8
8
  ossa_scanner/utils/os_detection.py,sha256=35VbUbFklzd7aojgltKf2PxbnVFcpREA7Tri2YI5nfY,417
9
- ossa_scanner/utils/package_manager.py,sha256=3MypwpwmE94nd1d72yQkwAeF8WLB8z9wTCYoX4PPzl0,8561
9
+ ossa_scanner/utils/package_manager.py,sha256=E3MmVIieBUHdt4wm_2w1DDvj1-UoHDft9WMpjd4HSBI,8479
10
10
  ossa_scanner/utils/swhid_calculator.py,sha256=7-bO4RglJr-kt5SjUfnlcPZD0k0-s_dveHEjRo-zEMc,1317
11
- ossa_scanner-0.1.29.dist-info/LICENSE,sha256=9slQ_XNiEkio28l90NwihP7a90fCL2GQ6YhcVXTBls4,1064
12
- ossa_scanner-0.1.29.dist-info/METADATA,sha256=eyyLV2tjnS32xBRH3_Gfp_Jdx1WiDZuDcGh3OrsXy-o,1938
13
- ossa_scanner-0.1.29.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
14
- ossa_scanner-0.1.29.dist-info/entry_points.txt,sha256=UVoAo-wTPxT82g3cfqTs2CmQnazd57TAwhd9VwEKD1c,55
15
- ossa_scanner-0.1.29.dist-info/top_level.txt,sha256=uUp5CvhZfJLapXn9DyUXvgH7QK3uzF2ibH943lWN5Bs,13
16
- ossa_scanner-0.1.29.dist-info/RECORD,,
11
+ ossa_scanner-0.1.31.dist-info/LICENSE,sha256=9slQ_XNiEkio28l90NwihP7a90fCL2GQ6YhcVXTBls4,1064
12
+ ossa_scanner-0.1.31.dist-info/METADATA,sha256=j8ISVXSb5G-ZmooWsBN6jRuD0bUXhFsEDeGBNt7Ti5M,1938
13
+ ossa_scanner-0.1.31.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
14
+ ossa_scanner-0.1.31.dist-info/entry_points.txt,sha256=UVoAo-wTPxT82g3cfqTs2CmQnazd57TAwhd9VwEKD1c,55
15
+ ossa_scanner-0.1.31.dist-info/top_level.txt,sha256=uUp5CvhZfJLapXn9DyUXvgH7QK3uzF2ibH943lWN5Bs,13
16
+ ossa_scanner-0.1.31.dist-info/RECORD,,