ossa-scanner 0.1.32__tar.gz → 0.1.34__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/PKG-INFO +1 -1
  2. ossa_scanner-0.1.34/ossa_scanner/__init__.py +1 -0
  3. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/utils/package_manager.py +21 -5
  4. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner.egg-info/PKG-INFO +1 -1
  5. ossa_scanner-0.1.32/ossa_scanner/__init__.py +0 -1
  6. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/LICENSE +0 -0
  7. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/README.md +0 -0
  8. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/cli.py +0 -0
  9. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/scanner.py +0 -0
  10. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/uploader.py +0 -0
  11. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/utils/__init__.py +0 -0
  12. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/utils/downloader.py +0 -0
  13. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/utils/hash_calculator.py +0 -0
  14. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/utils/os_detection.py +0 -0
  15. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/utils/swhid_calculator.py +0 -0
  16. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner.egg-info/SOURCES.txt +0 -0
  17. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner.egg-info/dependency_links.txt +0 -0
  18. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner.egg-info/entry_points.txt +0 -0
  19. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner.egg-info/requires.txt +0 -0
  20. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner.egg-info/top_level.txt +0 -0
  21. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/setup.cfg +0 -0
  22. {ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/setup.py +0 -0
{ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: ossa_scanner
3
- Version: 0.1.32
3
+ Version: 0.1.34
4
4
  Summary: Open Source Software Advisory generator for Core and Base Linux Packages.
5
5
  Home-page: https://github.com/oscarvalenzuelab/ossa_scanner
6
6
  Author: Oscar Valenzuela
ossa_scanner-0.1.34/ossa_scanner/__init__.py ADDED
@@ -0,0 +1 @@
1
+ __version__ = "0.1.34"
{ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner/utils/package_manager.py RENAMED
@@ -142,12 +142,13 @@ def parse_apt_info(output, package_name, output_dir):
142
142
 
143
143
  if "licenses" not in info:
144
144
  info["licenses"] = apt_get_license_from_source(package_name, output_dir)
145
- if info["licenses"]:
145
+ print(package_name, info["licenses"])
146
+ if "licenses" in info:
146
147
  info["licenses"] = extract_spdx_ids(info["licenses"])
147
148
  info["severity"] = license_classificaton(info["licenses"])
148
- else:
149
- info["severity"] = "Informational"
149
+
150
150
  print(package_name, output_dir, info)
151
+
151
152
  # Ensure all keys are present even if data is missing
152
153
  return {
153
154
  "licenses": info.get("licenses", "NOASSERTION"),
@@ -157,21 +158,36 @@ def parse_apt_info(output, package_name, output_dir):
157
158
  }
158
159
 
159
160
  def apt_get_license_from_source(package_name, output_dir):
161
+ """Fetches source package and extracts license from debian/copyright."""
162
+
160
163
  try:
161
- subprocess.run(["apt-get", "source", package_name, '-d', output_dir], check=True, capture_output=True, text=True)
162
- source_dirs = [d for d in os.listdir(output_dir) if d.startswith(package_name) and os.path.isdir(d)]
164
+ # Ensure output directory exists
165
+ os.makedirs(output_dir, exist_ok=True)
166
+
167
+ # Run apt-get source inside output_dir
168
+ subprocess.run(["apt-get", "source", package_name], check=True, capture_output=True, text=True, cwd=output_dir)
169
+
170
+ # Find the extracted source directory (since apt-get source doesn't always use package_name directly)
171
+ source_dirs = glob.glob(os.path.join(output_dir, f"{package_name}-*")) # Wildcard match for versioned package dirs
163
172
  if not source_dirs:
164
173
  return "NOASSERTION"
174
+
165
175
  package_dir = source_dirs[0]
166
176
  copyright_file = os.path.join(package_dir, "debian", "copyright")
177
+
178
+ # Extract license information
167
179
  licenses = []
168
180
  if os.path.exists(copyright_file):
169
181
  with open(copyright_file, "r", encoding="utf-8") as f:
170
182
  for line in f:
171
183
  if re.search(r"(?i)license:", line):
172
184
  licenses.append(line.split(":", 1)[1].strip())
185
+
186
+ # Cleanup
173
187
  shutil.rmtree(output_dir, ignore_errors=True)
188
+
174
189
  return ", ".join(set(licenses)) if licenses else "NOASSERTION"
190
+
175
191
  except subprocess.CalledProcessError as e:
176
192
  print(f"Error fetching source package: {e}")
177
193
  return "NOASSERTION"
{ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/ossa_scanner.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: ossa_scanner
3
- Version: 0.1.32
3
+ Version: 0.1.34
4
4
  Summary: Open Source Software Advisory generator for Core and Base Linux Packages.
5
5
  Home-page: https://github.com/oscarvalenzuelab/ossa_scanner
6
6
  Author: Oscar Valenzuela
ossa_scanner-0.1.32/ossa_scanner/__init__.py DELETED
@@ -1 +0,0 @@
1
- __version__ = "0.1.32"
{ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/LICENSE RENAMED
File without changes
{ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/README.md RENAMED
File without changes
{ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/setup.cfg RENAMED
File without changes
{ossa_scanner-0.1.32 → ossa_scanner-0.1.34}/setup.py RENAMED
File without changes