scanoss 1.12.2__py3-none-any.whl → 1.43.1__py3-none-any.whl

scanoss/results.py

@@ -0,0 +1,275 @@
+"""
+SPDX-License-Identifier: MIT
+
+  Copyright (c) 2024, SCANOSS
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
+"""
+
+import json
+from typing import Any, Dict, List
+
+from scanoss.utils.abstract_presenter import AbstractPresenter
+
+from .scanossbase import ScanossBase
+
+MATCH_TYPES = ['file', 'snippet']
+STATUSES = ['pending', 'identified']
+
+
+AVAILABLE_FILTER_VALUES = {
+    'match_type': [e for e in MATCH_TYPES],
+    'status': [e for e in STATUSES],
+}
+
+
+ARG_TO_FILTER_MAP = {
+    'match_type': 'id',
+    'status': 'status',
+}
+
+PENDING_IDENTIFICATION_FILTERS = {
+    'match_type': ['file', 'snippet'],
+    'status': ['pending'],
+}
+
+
+class ResultsPresenter(AbstractPresenter):
+    """
+    SCANOSS Results presenter class
+    Handles the presentation of the scan results
+    """
+
+    def __init__(self, results_instance, **kwargs):
+        super().__init__(**kwargs)
+        self.results = results_instance
+
+    def _format_json_output(self) -> str:
+        """
+        Format the output data into a JSON object
+        """
+
+        formatted_data = []
+        for item in self.results.data:
+            formatted_data.append(
+                {
+                    'file': item.get('filename'),
+                    'status': item.get('status', 'N/A'),
+                    'match_type': item['id'],
+                    'matched': item.get('matched', 'N/A'),
+                    'purl': (item.get('purl')[0] if item.get('purl') else 'N/A'),
+                    'license': (item.get('licenses')[0].get('name', 'N/A') if item.get('licenses') else 'N/A'),
+                }
+            )
+        try:
+            return json.dumps({'results': formatted_data, 'total': len(formatted_data)}, indent=2)
+        except Exception as e:
+            self.base.print_stderr(f'ERROR: Problem formatting JSON output: {e}')
+            return ''
+
+    def _format_cyclonedx_output(self) -> str:
+        raise NotImplementedError('CycloneDX output is not implemented')
+
+    def _format_spdxlite_output(self) -> str:
+        raise NotImplementedError('SPDXlite output is not implemented')
+
+    def _format_csv_output(self) -> str:
+        raise NotImplementedError('CSV output is not implemented')
+
+    def _format_raw_output(self) -> str:
+        raise NotImplementedError('Raw output is not implemented')
+
+    def _format_plain_output(self) -> str:
+        """Format the output data into a plain text string
+
+        Returns:
+            str: The formatted output data
+        """
+        if not self.results.data:
+            msg = 'No results to present'
+            return msg
+
+        formatted = ''
+        for item in self.results.data:
+            formatted += f'{self._format_plain_output_item(item)}\n'
+        return formatted
+
+    @staticmethod
+    def _format_plain_output_item(item):
+        purls = item.get('purl', [])
+        licenses = item.get('licenses', [])
+
+        return (
+            f'File: {item.get("filename")}\n'
+            f'Match type: {item.get("id")}\n'
+            f'Status: {item.get("status", "N/A")}\n'
+            f'Matched: {item.get("matched", "N/A")}\n'
+            f'Purl: {purls[0] if purls else "N/A"}\n'
+            f'License: {licenses[0].get("name", "N/A") if licenses else "N/A"}\n'
+        )
+
+
+class Results:
+    """
+    SCANOSS Results class \n
+    Handles the parsing and filtering of the scan results
+    """
+
+    def __init__(  # noqa: PLR0913
+        self,
+        debug: bool = False,
+        trace: bool = False,
+        quiet: bool = False,
+        filepath: str = None,
+        match_type: str = None,
+        status: str = None,
+        output_file: str = None,
+        output_format: str = None,
+    ):
+        """Initialise the Results class
+
+        Args:
+            debug (bool, optional): Debug. Defaults to False.
+            trace (bool, optional): Trace. Defaults to False.
+            quiet (bool, optional): Quiet. Defaults to False.
+            filepath (str, optional): Path to the scan results file. Defaults to None.
+            match_type (str, optional): Comma separated match type filters. Defaults to None.
+            status (str, optional): Comma separated status filters. Defaults to None.
+            output_file (str, optional): Path to the output file. Defaults to None.
+            output_format (str, optional): Output format. Defaults to None.
+        """
+
+        self.base = ScanossBase(debug, trace, quiet)
+        self.data = self._load_and_transform(filepath)
+        self.filters = self._load_filters(match_type=match_type, status=status)
+        self.presenter = ResultsPresenter(
+            self,
+            debug=debug,
+            trace=trace,
+            quiet=quiet,
+            output_file=output_file,
+            output_format=output_format,
+        )
+
+    def load_file(self, file: str) -> Dict[str, Any]:
+        """Load the JSON file
+
+        Args:
+            file (str): Path to the JSON file
+
+        Returns:
+            Dict[str, Any]: The parsed JSON data
+        """
+        with open(file, 'r') as jsonfile:
+            try:
+                return json.load(jsonfile)
+            except Exception as e:
+                self.base.print_stderr(f'ERROR: Problem parsing input JSON: {e}')
+
+    def _load_and_transform(self, file: str) -> List[Dict[str, Any]]:
+        """
+        Load the file and transform the data into a list of dictionaries with the filename and the file data
+        """
+
+        raw_data = self.load_file(file)
+        return self._transform_data(raw_data)
+
+    @staticmethod
+    def _transform_data(data: dict) -> list:
+        """Transform the data into a list of dictionaries with the filename and the file data
+
+        Args:
+            data (dict): The raw data
+
+        Returns:
+            list: The transformed data
+        """
+        result = []
+        for filename, file_data in data.items():
+            if file_data:
+                file_obj = {'filename': filename}
+                file_obj.update(file_data[0])
+                result.append(file_obj)
+        return result
+
+    def _load_filters(self, **kwargs):
+        """Extract and parse the filters
+
+        Returns:
+            dict: Parsed filters
+        """
+        filters = {}
+
+        for key, value in kwargs.items():
+            if value:
+                filters[key] = self._extract_comma_separated_values(value)
+
+        return filters
+
+    @staticmethod
+    def _extract_comma_separated_values(values: str):
+        return [value.strip() for value in values.split(',')]
+
+    def apply_filters(self):
+        """Apply the filters to the data"""
+        filtered_data = []
+        for item in self.data:
+            if self._item_matches_filters(item):
+                filtered_data.append(item)
+        self.data = filtered_data
+
+        return self
+
+    def _item_matches_filters(self, item):
+        for filter_key, filter_values in self.filters.items():
+            if not filter_values:
+                continue
+
+            self._validate_filter_values(filter_key, filter_values)
+
+            item_value = item.get(ARG_TO_FILTER_MAP[filter_key])
+            if isinstance(filter_values, list):
+                if item_value not in filter_values:
+                    return False
+            elif item_value != filter_values:
+                return False
+        return True
+
+    @staticmethod
+    def _validate_filter_values(filter_key: str, filter_value: List[str]):
+        if any(value not in AVAILABLE_FILTER_VALUES.get(filter_key, []) for value in filter_value):
+            valid_values = ', '.join(AVAILABLE_FILTER_VALUES.get(filter_key, []))
+            raise ValueError(
+                f"ERROR: Invalid filter value '{filter_value}' for filter '{filter_key}'. "
+                f'Valid values are: {valid_values}'
+            )
+
+    def get_pending_identifications(self):
+        """Get files with 'pending' status and 'file' or 'snippet' match type"""
+        self.filters = PENDING_IDENTIFICATION_FILTERS
+        self.apply_filters()
+
+        return self
+
+    def has_results(self):
+        return bool(self.data)
+
+    def present(self, output_format: str = None, output_file: str = None):
+        """Present the results in the selected format"""
+        self.presenter.present(output_format=output_format, output_file=output_file)

scanoss/scancodedeps.py

@@ -1,25 +1,25 @@
 """
- SPDX-License-Identifier: MIT
-
-   Copyright (c) 2021, SCANOSS
-
-   Permission is hereby granted, free of charge, to any person obtaining a copy
-   of this software and associated documentation files (the "Software"), to deal
-   in the Software without restriction, including without limitation the rights
-   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-   copies of the Software, and to permit persons to whom the Software is
-   furnished to do so, subject to the following conditions:
-
-   The above copyright notice and this permission notice shall be included in
-   all copies or substantial portions of the Software.
-
-   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-   THE SOFTWARE.
+SPDX-License-Identifier: MIT
+
+  Copyright (c) 2021, SCANOSS
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
 """
 
 import json
@@ -33,8 +33,17 @@ class ScancodeDeps(ScanossBase):
     """
     SCANOSS dependency scanning class
     """
-    def __init__(self, debug: bool = False, quiet: bool = False, trace: bool = False, output_file: str = None,
-                 scan_output: str = None, timeout: int = 600, sc_command: str = None):
+
+    def __init__(
+        self,
+        debug: bool = False,
+        quiet: bool = False,
+        trace: bool = False,
+        output_file: str = None,
+        scan_output: str = None,
+        timeout: int = 600,
+        sc_command: str = None,
+    ):
         """
         Initialise ScancodeDeps class
         """
@@ -54,7 +63,7 @@ class ScancodeDeps(ScanossBase):
         if not outfile and self.scan_output:
             outfile = self.scan_output
         if outfile:
-            with open(outfile, "a") as rf:
+            with open(outfile, 'a') as rf:
                 rf.write(string + '\n')
         else:
             print(string)
@@ -85,7 +94,7 @@ class ScancodeDeps(ScanossBase):
         self.print_debug(f'Processing Scancode results into Dependency data...')
         files = []
         for t in data:
-            if t == 'files':    # Only interested in 'files' details
+            if t == 'files':  # Only interested in 'files' details
                 files_details = data.get(t)
                 if not files_details or files_details == '':
                     continue
@@ -105,32 +114,40 @@ class ScancodeDeps(ScanossBase):
                             continue
                     self.print_debug(f'Path: {f_path}, Packages: {len(f_packages)}')
                     purls = []
+                    scopes = []
                     for pkgs in f_packages:
                         pk_deps = pkgs.get('dependencies')
+
                         if not pk_deps or pk_deps == '':
                             continue
-                        self.print_debug(f'Path: {f_path}, Dependencies: {len(pk_deps)}')
                         for d in pk_deps:
                             dp = d.get('purl')
                             if not dp or dp == '':
                                 continue
+
                             dp = dp.replace('"', '').replace('%22', '')  # remove unwanted quotes on purls
                             dp_data = {'purl': dp}
                             rq = d.get('extracted_requirement')  # scancode format 2.0
                             if not rq or rq == '':
-                                rq = d.get('requirement')        # scancode format 1.0
+                                rq = d.get('requirement')  # scancode format 1.0
                             # skip requirement if it ends with the purl (i.e. exact version) or if it's local (file)
                             if rq and rq != '' and not dp.endswith(rq) and not rq.startswith('file:'):
                                 dp_data['requirement'] = rq
+
+                            # Gets dependency scope
+                            scope = d.get('scope')
+                            if scope and scope != '':
+                                dp_data['scope'] = scope
+
                             purls.append(dp_data)
-                        # self.print_stderr(f'Path: {f_path}, Purls: {purls}')
+                        # end for loop
+
                     if len(purls) > 0:
                         files.append({'file': f_path, 'purls': purls})
                     # End packages
                 # End file details
         # End dependencies json
         deps = {'files': files}
-        # self.print_debug(f'Dep Data: {deps}')
         return deps
 
     def produce_from_file(self, json_file: str = None) -> json:
@@ -179,6 +196,7 @@ class ScancodeDeps(ScanossBase):
             return False
         self.print_msg('Producing summary...')
         deps = self.produce_from_file(output_file)
+        deps = self.__remove_dep_scope(deps)
         self.remove_interim_file(output_file)
         if not deps:
             return False
@@ -196,17 +214,32 @@ class ScancodeDeps(ScanossBase):
             output_file = self.output_file
         try:
             open(output_file, 'w').close()
-            self.print_trace(f'About to execute {self.sc_command} -p --only-findings --quiet --json {output_file}'
-                             f' {what_to_scan}')
-            result = subprocess.run([self.sc_command, '-p', '--only-findings', '--quiet', '--strip-root', '--json',
-                                     output_file, what_to_scan],
-                                    cwd=os.getcwd(), stdout=subprocess.PIPE, stderr=subprocess.STDOUT,
-                                    text=True, timeout=self.timeout
-                                    )
+            self.print_trace(
+                f'About to execute {self.sc_command} -p --only-findings --quiet --json {output_file} {what_to_scan}'
+            )
+            result = subprocess.run(
+                [
+                    self.sc_command,
+                    '-p',
+                    '--only-findings',
+                    '--quiet',
+                    '--strip-root',
+                    '--json',
+                    output_file,
+                    what_to_scan,
+                ],
+                cwd=os.getcwd(),
+                stdout=subprocess.PIPE,
+                stderr=subprocess.STDOUT,
+                text=True,
+                timeout=self.timeout,
+            )
             self.print_trace(f'Subprocess return: {result}')
             if result.returncode:
-                self.print_stderr(f'ERROR: Scancode dependency scan of {what_to_scan} failed with exit code'
-                                  f' {result.returncode}:\n{result.stdout}')
+                self.print_stderr(
+                    f'ERROR: Scancode dependency scan of {what_to_scan} failed with exit code'
+                    f' {result.returncode}:\n{result.stdout}'
+                )
                 return False
         except subprocess.TimeoutExpired as e:
             self.print_stderr(f'ERROR: Timed out attempting to run scancode dependency scan on {what_to_scan}: {e}')
@@ -235,6 +268,22 @@ class ScancodeDeps(ScanossBase):
                 self.print_stderr(f'ERROR: Problem loading input JSON: {e}')
         return None
 
+    @staticmethod
+    def __remove_dep_scope(deps: json) -> json:
+        """
+        :param deps: dependencies with scopes
+        :return dependencies without scopes
+        """
+        files = deps.get('files')
+        for file in files:
+            if 'purls' in file:
+                purls = file.get('purls')
+                for purl in purls:
+                    purl.pop('scope', None)
+
+        return {'files': files}
+
+
 #
 # End of ScancodeDeps Class
 #