PyPI - scanoss - Versions diffs - 1.14.0__tar.gz → 1.16.0__tar.gz - Mend

scanoss 1.14.0tar.gz → 1.16.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (68) hide show

{scanoss-1.14.0/src/scanoss.egg-info → scanoss-1.16.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: scanoss
-Version: 1.14.0
+Version: 1.16.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS

{scanoss-1.14.0 → scanoss-1.16.0}/src/scanoss/__init__.py RENAMED Viewed

@@ -22,4 +22,4 @@
    THE SOFTWARE.
 """
-__version__ = '1.14.0'
+__version__ = "1.16.0"

{scanoss-1.14.0 → scanoss-1.16.0}/src/scanoss/cli.py RENAMED Viewed

@@ -23,12 +23,17 @@
 """
 import argparse
 import os
+from pathlib import Path
 import sys
+from array import array
 import pypac
+from .threadeddependencies import SCOPE
 from .scanner import Scanner
+from .scanoss_settings import ScanossSettings
 from .scancodedeps import ScancodeDeps
+from .scanner import FAST_WINNOWING, Scanner
 from .scantype import ScanType
 from .filecount import FileCount
 from .cyclonedx import CycloneDx
@@ -37,6 +42,7 @@ from .csvoutput import CsvOutput
 from .components import Components
 from . import __version__
 from .scanner import FAST_WINNOWING
+from .results import Results
 def print_stderr(*args, **kwargs):
@@ -100,6 +106,15 @@ def setup_args() -> None:
                         help='Scancode command and path if required (optional - default scancode).')
     p_scan.add_argument('--sc-timeout', type=int, default=600,
                         help='Timeout (in seconds) for scancode to complete (optional - default 600)')
+    p_scan.add_argument('--dep-scope', '-ds', type=SCOPE, help='Filter dependencies by scope - default all (options: dev/prod)')
+    p_scan.add_argument('--dep-scope-inc', '-dsi', type=str,help='Include dependencies with declared scopes')
+    p_scan.add_argument('--dep-scope-exc', '-dse', type=str, help='Exclude dependencies with declared scopes')
+    p_scan.add_argument(
+        '--settings',
+        type=str,
+        help='Settings file to use for scanning (optional - default scanoss.json)',
+    )
     # Sub-command: fingerprint
     p_wfp = subparsers.add_parser('fingerprint', aliases=['fp', 'wfp'],
@@ -243,6 +258,47 @@ def setup_args() -> None:
     p_p_proxy.add_argument('--url', required=False, type=str, default="https://api.osskb.org",
                            help='URL to test (default: https://api.osskb.org).')
+    p_results = subparsers.add_parser(
+        'results',
+        aliases=['res'],
+        description=f"SCANOSS Results commands: {__version__}",
+        help='Process scan results',
+    )
+    p_results.add_argument(
+        'filepath',
+        metavar='FILEPATH',
+        type=str,
+        nargs='?',
+        help='Path to the file containing the results',
+    )
+    p_results.add_argument(
+        '--match-type',
+        '-mt',
+        help='Filter results by match type (comma-separated, e.g., file,snippet)',
+    )
+    p_results.add_argument(
+        '--status',
+        '-s',
+        help='Filter results by file status (comma-separated, e.g., pending, identified)',
+    )
+    p_results.add_argument(
+        '--has-pending',
+        action='store_true',
+        help='Filter results to only include files with pending status',
+    )
+    p_results.add_argument(
+        '--output',
+        '-o',
+        help='Output result file',
+    )
+    p_results.add_argument(
+        '--format',
+        '-f',
+        choices=['json', 'plain'],
+        help='Output format (default: plain)',
+    )
+    p_results.set_defaults(func=results)
     # Global Scan command options
     for p in [p_scan]:
         p.add_argument('--apiurl', type=str,
@@ -288,7 +344,7 @@ def setup_args() -> None:
     # Help/Trace command options
     for p in [p_scan, p_wfp, p_dep, p_fc, p_cnv, p_c_loc, p_c_dwnld, p_p_proxy, c_crypto, c_vulns, c_search,
-              c_versions, c_semgrep]:
+              c_versions, c_semgrep, p_results]:
         p.add_argument('--debug', '-d', action='store_true', help='Enable debug messages')
         p.add_argument('--trace', '-t', action='store_true', help='Enable trace messages, including API posts')
         p.add_argument('--quiet', '-q', action='store_true', help='Enable quiet mode')
@@ -446,42 +502,70 @@ def scan(parser, args):
         args: Namespace
             Parsed arguments
     """
-    if not args.scan_dir and not args.wfp and not args.stdin and not args.dep and not args.files:
-        print_stderr('Please specify a file/folder, files (--files), fingerprint (--wfp), dependency (--dep), or STDIN (--stdin)')
+    if (
+        not args.scan_dir
+        and not args.wfp
+        and not args.stdin
+        and not args.dep
+        and not args.files
+    ):
+        print_stderr(
+            'Please specify a file/folder, files (--files), fingerprint (--wfp), dependency (--dep), or STDIN (--stdin)'
+        )
         parser.parse_args([args.subparser, '-h'])
         exit(1)
     if args.pac and args.proxy:
         print_stderr('Please specify one of --proxy or --pac, not both')
         parser.parse_args([args.subparser, '-h'])
         exit(1)
-    scan_type: str = None
-    sbom_path: str = None
+    if args.identify and args.settings:
+        print_stderr(f'ERROR: Cannot specify both --identify and --settings options.')
+        exit(1)
+    def is_valid_file(file_path: str) -> bool:
+        if not os.path.exists(file_path) or not os.path.isfile(file_path):
+            print_stderr(f'Specified file does not exist or is not a file: {file_path}')
+            return False
+        if not Scanner.valid_json_file(file_path):
+            return False
+        return True
+    scan_settings = ScanossSettings(
+        debug=args.debug, trace=args.trace, quiet=args.quiet
+    )
     if args.identify:
-        sbom_path = args.identify
-        scan_type = 'identify'
-        if not os.path.exists(sbom_path) or not os.path.isfile(sbom_path):
-            print_stderr(f'Specified --identify file does not exist or is not a file: {sbom_path}')
-            exit(1)
-        if not Scanner.valid_json_file(sbom_path):   # Make sure it's a valid JSON file
+        if not is_valid_file(args.identify) or args.ignore:
             exit(1)
-        if args.ignore:
-            print_stderr(f'Warning: Specified --identify and --ignore options. Skipping ignore.')
+        scan_settings.load_json_file(args.identify).set_file_type(
+            'legacy'
+        ).set_scan_type('identify')
     elif args.ignore:
-        sbom_path = args.ignore
-        scan_type = 'blacklist'
-        if not os.path.exists(sbom_path) or not os.path.isfile(sbom_path):
-            print_stderr(f'Specified --ignore file does not exist or is not a file: {sbom_path}')
+        if not is_valid_file(args.ignore):
             exit(1)
-        if not Scanner.valid_json_file(sbom_path):   # Make sure it's a valid JSON file
+        scan_settings.load_json_file(args.ignore).set_file_type('legacy').set_scan_type(
+            'blacklist'
+        )
+    elif args.settings:
+        if not is_valid_file(args.settings):
             exit(1)
+        scan_settings.load_json_file(args.settings).set_file_type('new').set_scan_type(
+            'identify'
+        )
     if args.dep:
         if not os.path.exists(args.dep) or not os.path.isfile(args.dep):
-            print_stderr(f'Specified --dep file does not exist or is not a file: {args.dep}')
+            print_stderr(
+                f'Specified --dep file does not exist or is not a file: {args.dep}'
+            )
             exit(1)
         if not Scanner.valid_json_file(args.dep):  # Make sure it's a valid JSON file
             exit(1)
     if args.strip_hpsm and not args.hpsm and not args.quiet:
-        print_stderr(f'Warning: --strip-hpsm option supplied without enabling HPSM (--hpsm). Ignoring.')
+        print_stderr(
+            f'Warning: --strip-hpsm option supplied without enabling HPSM (--hpsm). Ignoring.'
+        )
     scan_output: str = None
     if args.output:
@@ -520,37 +604,72 @@ def scan(parser, args):
             print_stderr(f'Using flags {flags}...')
     elif not args.quiet:
         if args.timeout < 5:
-            print_stderr(f'POST timeout (--timeout) too small: {args.timeout}. Reverting to default.')
+            print_stderr(
+                f'POST timeout (--timeout) too small: {args.timeout}. Reverting to default.'
+            )
         if args.retry < 0:
-            print_stderr(f'POST retry (--retry) too small: {args.retry}. Reverting to default.')
+            print_stderr(
+                f'POST retry (--retry) too small: {args.retry}. Reverting to default.'
+            )
-    if not os.access(os.getcwd(), os.W_OK):  # Make sure the current directory is writable. If not disable saving WFP
+    if not os.access(
+        os.getcwd(), os.W_OK
+    ):  # Make sure the current directory is writable. If not disable saving WFP
         print_stderr(f'Warning: Current directory is not writable: {os.getcwd()}')
         args.no_wfp_output = True
     if args.ca_cert and not os.path.exists(args.ca_cert):
         print_stderr(f'Error: Certificate file does not exist: {args.ca_cert}.')
         exit(1)
     pac_file = get_pac_file(args.pac)
-    scan_options = get_scan_options(args)   # Figure out what scanning options we have
-    scanner = Scanner(debug=args.debug, trace=args.trace, quiet=args.quiet, api_key=args.key, url=args.apiurl,
-                      sbom_path=sbom_path, scan_type=scan_type, scan_output=scan_output, output_format=output_format,
-                      flags=flags, nb_threads=args.threads, post_size=args.post_size,
-                      timeout=args.timeout, no_wfp_file=args.no_wfp_output, all_extensions=args.all_extensions,
-                      all_folders=args.all_folders, hidden_files_folders=args.all_hidden,
-                      scan_options=scan_options, sc_timeout=args.sc_timeout, sc_command=args.sc_command,
-                      grpc_url=args.api2url, obfuscate=args.obfuscate,
-                      ignore_cert_errors=args.ignore_cert_errors, proxy=args.proxy, grpc_proxy=args.grpc_proxy,
-                      pac=pac_file, ca_cert=args.ca_cert, retry=args.retry, hpsm=args.hpsm,
-                      skip_size=args.skip_size, skip_extensions=args.skip_extension, skip_folders=args.skip_folder,
-                      skip_md5_ids=args.skip_md5, strip_hpsm_ids=args.strip_hpsm, strip_snippet_ids=args.strip_snippet
-                      )
+    scan_options = get_scan_options(args)  # Figure out what scanning options we have
+    scanner = Scanner(
+        debug=args.debug,
+        trace=args.trace,
+        quiet=args.quiet,
+        api_key=args.key,
+        url=args.apiurl,
+        scan_output=scan_output,
+        output_format=output_format,
+        flags=flags,
+        nb_threads=args.threads,
+        post_size=args.post_size,
+        timeout=args.timeout,
+        no_wfp_file=args.no_wfp_output,
+        all_extensions=args.all_extensions,
+        all_folders=args.all_folders,
+        hidden_files_folders=args.all_hidden,
+        scan_options=scan_options,
+        sc_timeout=args.sc_timeout,
+        sc_command=args.sc_command,
+        grpc_url=args.api2url,
+        obfuscate=args.obfuscate,
+        ignore_cert_errors=args.ignore_cert_errors,
+        proxy=args.proxy,
+        grpc_proxy=args.grpc_proxy,
+        pac=pac_file,
+        ca_cert=args.ca_cert,
+        retry=args.retry,
+        hpsm=args.hpsm,
+        skip_size=args.skip_size,
+        skip_extensions=args.skip_extension,
+        skip_folders=args.skip_folder,
+        skip_md5_ids=args.skip_md5,
+        strip_hpsm_ids=args.strip_hpsm,
+        strip_snippet_ids=args.strip_snippet,
+        scan_settings=scan_settings
+    )
     if args.wfp:
         if not scanner.is_file_or_snippet_scan():
-            print_stderr(f'Error: Cannot specify WFP scanning if file/snippet options are disabled ({scan_options})')
+            print_stderr(
+                f'Error: Cannot specify WFP scanning if file/snippet options are disabled ({scan_options})'
+            )
             exit(1)
         if scanner.is_dependency_scan() and not args.dep:
-            print_stderr(f'Error: Cannot specify WFP & Dependency scanning without a dependency file (--dep)')
+            print_stderr(
+                f'Error: Cannot specify WFP & Dependency scanning without a dependency file (--dep)'
+            )
             exit(1)
         scanner.scan_wfp_with_options(args.wfp, args.dep)
     elif args.stdin:
@@ -558,26 +677,37 @@ def scan(parser, args):
         if not scanner.scan_contents(args.stdin, contents):
             exit(1)
     elif args.files:
-        if not scanner.scan_files_with_options(args.files, args.dep, scanner.winnowing.file_map):
+        if not scanner.scan_files_with_options(
+            args.files, args.dep, scanner.winnowing.file_map
+        ):
             exit(1)
     elif args.scan_dir:
         if not os.path.exists(args.scan_dir):
-            print_stderr(f'Error: File or folder specified does not exist: {args.scan_dir}.')
+            print_stderr(
+                f'Error: File or folder specified does not exist: {args.scan_dir}.'
+            )
             exit(1)
         if os.path.isdir(args.scan_dir):
-            if not scanner.scan_folder_with_options(args.scan_dir, args.dep, scanner.winnowing.file_map):
+            if not scanner.scan_folder_with_options(args.scan_dir, args.dep, scanner.winnowing.file_map,
+                                                    args.dep_scope, args.dep_scope_inc, args.dep_scope_exc):
                 exit(1)
         elif os.path.isfile(args.scan_dir):
-            if not scanner.scan_file_with_options(args.scan_dir, args.dep, scanner.winnowing.file_map):
+            if not scanner.scan_file_with_options(args.scan_dir, args.dep, scanner.winnowing.file_map,
+                                                  args.dep_scope, args.dep_scope_inc, args.dep_scope_exc):
                 exit(1)
         else:
-            print_stderr(f'Error: Path specified is neither a file or a folder: {args.scan_dir}.')
+            print_stderr(
+                f'Error: Path specified is neither a file or a folder: {args.scan_dir}.'
+            )
             exit(1)
     elif args.dep:
         if not args.dependencies_only:
-            print_stderr(f'Error: No file or folder specified to scan. Please add --dependencies-only to decorate dependency file only.')
+            print_stderr(
+                f'Error: No file or folder specified to scan. Please add --dependencies-only to decorate dependency file only.'
+            )
             exit(1)
-        if not scanner.scan_folder_with_options(".", args.dep, scanner.winnowing.file_map):
+        if not scanner.scan_folder_with_options(".", args.dep, scanner.winnowing.file_map,args.dep_scope,
+                                                args.dep_scope_inc, args.dep_scope_exc):
             exit(1)
     else:
         print_stderr('No action found to process')
@@ -664,10 +794,11 @@ def utils_cert_download(_, args):
     :param _: ignore/unused
     :param args: Parsed arguments
     """
-    from urllib.parse import urlparse
     import socket
-    from OpenSSL import SSL, crypto
     import traceback
+    from urllib.parse import urlparse
+    from OpenSSL import SSL, crypto
     file = sys.stdout
     if args.output:
@@ -878,6 +1009,46 @@ def comp_versions(parser, args):
         exit(1)
+def results(parser, args):
+    """
+    Run the "results" sub-command
+    Parameters
+    ----------
+        parser: ArgumentParser
+            command line parser object
+        args: Namespace
+            Parsed arguments
+    """
+    if not args.filepath:
+        print_stderr('ERROR: Please specify a file containing the results')
+        parser.parse_args([args.subparser, "-h"])
+        exit(1)
+    file_path = Path(args.filepath).resolve()
+    if not file_path.is_file():
+        print_stderr(f"The specified file {args.filepath} does not exist")
+        exit(1)
+    results = Results(
+        debug=args.debug,
+        trace=args.trace,
+        quiet=args.quiet,
+        filepath=file_path,
+        match_type=args.match_type,
+        status=args.status,
+        output_file=args.output,
+        output_format=args.format,
+    )
+    if args.has_pending:
+        results.get_pending_identifications().present()
+        if results.has_results():
+            exit(1)
+    else:
+        results.apply_filters().present()
 def main():
     """
     Run the ScanOSS CLI

{scanoss-1.14.0 → scanoss-1.16.0}/src/scanoss/cyclonedx.py RENAMED Viewed

@@ -25,6 +25,9 @@ import json
 import os.path
 import sys
 import uuid
+import datetime
+from . import __version__
 from .scanossbase import ScanossBase
 from .spdxlite import SpdxLite
@@ -186,6 +189,16 @@ class CycloneDx(ScanossBase):
             'specVersion': '1.4',
             'serialNumber': f'urn:uuid:{uuid.uuid4()}',
             'version': 1,
+            'metadata': {
+                'timestamp': datetime.datetime.now(datetime.timezone.utc).strftime("%Y-%m-%dT%H:%M:%SZ"),
+                'tools': [
+                    {
+                        'vendor': 'SCANOSS',
+                        'name': 'scanoss-py',
+                        'version': __version__,
+                    }
+                ]
+            },
             'components': [],
             'vulnerabilities': []
         }

scanoss-1.16.0/src/scanoss/data/build_date.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ date: 20241010135530, utime: 1728568530

scanoss 1.14.0__tar.gz → 1.16.0__tar.gz

scanoss 1.14.0tar.gz → 1.16.0tar.gz