ossa-scanner 0.1.33__py3-none-any.whl → 0.1.35__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. ossa_scanner/__init__.py +1 -1
  2. ossa_scanner/utils/package_manager.py +18 -2
  3. {ossa_scanner-0.1.33.dist-info → ossa_scanner-0.1.35.dist-info}/METADATA +1 -1
  4. {ossa_scanner-0.1.33.dist-info → ossa_scanner-0.1.35.dist-info}/RECORD +8 -8
  5. {ossa_scanner-0.1.33.dist-info → ossa_scanner-0.1.35.dist-info}/LICENSE +0 -0
  6. {ossa_scanner-0.1.33.dist-info → ossa_scanner-0.1.35.dist-info}/WHEEL +0 -0
  7. {ossa_scanner-0.1.33.dist-info → ossa_scanner-0.1.35.dist-info}/entry_points.txt +0 -0
  8. {ossa_scanner-0.1.33.dist-info → ossa_scanner-0.1.35.dist-info}/top_level.txt +0 -0
ossa_scanner/__init__.py CHANGED
@@ -1 +1 @@
1
- __version__ = "0.1.33"
1
+ __version__ = "0.1.35"
ossa_scanner/utils/package_manager.py CHANGED
@@ -158,21 +158,37 @@ def parse_apt_info(output, package_name, output_dir):
158
158
  }
159
159
 
160
160
  def apt_get_license_from_source(package_name, output_dir):
161
+ """Fetches source package and extracts license from debian/copyright."""
162
+ p_hash = hash(package_name) % 10000
163
+ output_dir = os.path.join(output_dir, str(p_hash))
161
164
  try:
162
- subprocess.run(["apt-get", "source", package_name, '-d', output_dir], check=True, capture_output=True, text=True)
163
- source_dirs = [d for d in os.listdir(output_dir) if d.startswith(package_name) and os.path.isdir(d)]
165
+ # Ensure output directory exists
166
+ os.makedirs(output_dir, exist_ok=True)
167
+
168
+ # Run apt-get source inside output_dir
169
+ subprocess.run(["apt-get", "source", package_name], check=True, capture_output=True, text=True, cwd=output_dir)
170
+
171
+ # Find the extracted source directory (since apt-get source doesn't always use package_name directly)
172
+ source_dirs = glob.glob(os.path.join(output_dir, f"{package_name}-*")) # Wildcard match for versioned package dirs
164
173
  if not source_dirs:
165
174
  return "NOASSERTION"
175
+
166
176
  package_dir = source_dirs[0]
167
177
  copyright_file = os.path.join(package_dir, "debian", "copyright")
178
+
179
+ # Extract license information
168
180
  licenses = []
169
181
  if os.path.exists(copyright_file):
170
182
  with open(copyright_file, "r", encoding="utf-8") as f:
171
183
  for line in f:
172
184
  if re.search(r"(?i)license:", line):
173
185
  licenses.append(line.split(":", 1)[1].strip())
186
+
187
+ # Cleanup
174
188
  shutil.rmtree(output_dir, ignore_errors=True)
189
+
175
190
  return ", ".join(set(licenses)) if licenses else "NOASSERTION"
191
+
176
192
  except subprocess.CalledProcessError as e:
177
193
  print(f"Error fetching source package: {e}")
178
194
  return "NOASSERTION"
{ossa_scanner-0.1.33.dist-info → ossa_scanner-0.1.35.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: ossa_scanner
3
- Version: 0.1.33
3
+ Version: 0.1.35
4
4
  Summary: Open Source Software Advisory generator for Core and Base Linux Packages.
5
5
  Home-page: https://github.com/oscarvalenzuelab/ossa_scanner
6
6
  Author: Oscar Valenzuela
{ossa_scanner-0.1.33.dist-info → ossa_scanner-0.1.35.dist-info}/RECORD RENAMED
@@ -1,4 +1,4 @@
1
- ossa_scanner/__init__.py,sha256=gzg6nU6x2Uud0fXG6Kts9v4UFjYEjLGQu5DaW7kU0qc,23
1
+ ossa_scanner/__init__.py,sha256=ABqgofsnbWf7823vTBbZNQ81eKQbWwrVToAU6T3z-6s,23
2
2
  ossa_scanner/cli.py,sha256=sgr8NFpf_Ut84KYFQjOKRxv8CfAMaTPhMo7DbR53lT4,2311
3
3
  ossa_scanner/scanner.py,sha256=P_pouAPLMWUq_tjiwDyBYvs6cnXDs5VHB8305ui2VHI,4802
4
4
  ossa_scanner/uploader.py,sha256=dPbhSLlQcDyHP-6Ugn6BzYGn_VQ1Ik6TWt2138k3REo,1837
@@ -6,11 +6,11 @@ ossa_scanner/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuF
6
6
  ossa_scanner/utils/downloader.py,sha256=AGRhJU9YducTe6mY5-7mZ4fRTFg2tcfz1DS0Nee-wM0,5693
7
7
  ossa_scanner/utils/hash_calculator.py,sha256=LrDKngWOPbizYJWab2sDJDLB4pD_RrI51L0cZt3VjJY,960
8
8
  ossa_scanner/utils/os_detection.py,sha256=35VbUbFklzd7aojgltKf2PxbnVFcpREA7Tri2YI5nfY,417
9
- ossa_scanner/utils/package_manager.py,sha256=i2yO1mQKNThm4T1YGWGTqWX-t8CYEF2dXEPSfDBhEkc,8560
9
+ ossa_scanner/utils/package_manager.py,sha256=yLeflIDHfM3prLLXDm7oA7GGpy5uV0XPBVsfKRFdEBE,9053
10
10
  ossa_scanner/utils/swhid_calculator.py,sha256=7-bO4RglJr-kt5SjUfnlcPZD0k0-s_dveHEjRo-zEMc,1317
11
- ossa_scanner-0.1.33.dist-info/LICENSE,sha256=9slQ_XNiEkio28l90NwihP7a90fCL2GQ6YhcVXTBls4,1064
12
- ossa_scanner-0.1.33.dist-info/METADATA,sha256=Q2vkQNvE_ziOKxCOQJAg5r8vvL9x80R43MZpYqjk2dw,1938
13
- ossa_scanner-0.1.33.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
14
- ossa_scanner-0.1.33.dist-info/entry_points.txt,sha256=UVoAo-wTPxT82g3cfqTs2CmQnazd57TAwhd9VwEKD1c,55
15
- ossa_scanner-0.1.33.dist-info/top_level.txt,sha256=uUp5CvhZfJLapXn9DyUXvgH7QK3uzF2ibH943lWN5Bs,13
16
- ossa_scanner-0.1.33.dist-info/RECORD,,
11
+ ossa_scanner-0.1.35.dist-info/LICENSE,sha256=9slQ_XNiEkio28l90NwihP7a90fCL2GQ6YhcVXTBls4,1064
12
+ ossa_scanner-0.1.35.dist-info/METADATA,sha256=Gs9hHYLoQbCO-MMloS8dxCzmsNEx563wtZ4T4OgNRKM,1938
13
+ ossa_scanner-0.1.35.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
14
+ ossa_scanner-0.1.35.dist-info/entry_points.txt,sha256=UVoAo-wTPxT82g3cfqTs2CmQnazd57TAwhd9VwEKD1c,55
15
+ ossa_scanner-0.1.35.dist-info/top_level.txt,sha256=uUp5CvhZfJLapXn9DyUXvgH7QK3uzF2ibH943lWN5Bs,13
16
+ ossa_scanner-0.1.35.dist-info/RECORD,,