scanoss 1.17.2__py3-none-any.whl → 1.17.4__py3-none-any.whl

scanoss/__init__.py

@@ -22,4 +22,4 @@
    THE SOFTWARE.
 """
 
-__version__ = "1.17.2"
+__version__ = "1.17.4"

scanoss/cli.py

@@ -26,8 +26,9 @@ import os
 from pathlib import Path
 import sys
 import pypac
-from scanoss.inspection.copyleft import Copyleft
-from scanoss.inspection.undeclared_component import UndeclaredComponent
+
+from .inspection.copyleft import Copyleft
+from .inspection.undeclared_component import UndeclaredComponent
 from .threadeddependencies import SCOPE
 from .scanoss_settings import ScanossSettings
 from .scancodedeps import ScancodeDeps

scanoss/data/build_date.txt

@@ -1 +1 @@
-date: 20241104160508, utime: 1730736308
+date: 20241109095319, utime: 1731145999

scanoss/inspection/copyleft.py

@@ -23,7 +23,7 @@
 """
 import json
 from typing import Dict, Any
-from scanoss.inspection.policy_check import PolicyCheck, PolicyStatus
+from .policy_check import PolicyCheck, PolicyStatus
 
 class Copyleft(PolicyCheck):
     """

scanoss/inspection/policy_check.py

@@ -26,8 +26,9 @@ import os.path
 from abc import abstractmethod
 from enum import Enum
 from typing import Callable, List, Dict, Any
-from scanoss.inspection.utils.license_utils import LicenseUtil
-from scanoss.scanossbase import ScanossBase
+from .utils.license_utils import LicenseUtil
+from ..scanossbase import ScanossBase
+
 
 class PolicyStatus(Enum):
     """

scanoss/inspection/undeclared_component.py

@@ -23,7 +23,7 @@
 """
 import json
 from typing import Dict, Any
-from scanoss.inspection.policy_check import PolicyCheck, PolicyStatus
+from .policy_check import PolicyCheck, PolicyStatus
 
 class UndeclaredComponent(PolicyCheck):
     """
@@ -115,7 +115,7 @@ class UndeclaredComponent(PolicyCheck):
             'summary': self._get_summary(components),
         }
 
-    def _generate_sbom_file(self, components: list) -> dict[str, list[dict[str, str]]]:
+    def _generate_sbom_file(self, components: list) -> dict:
         """
          Generate a list of PURLs for the SBOM file.
 

scanoss/inspection/utils/license_utils.py

@@ -21,7 +21,7 @@
    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    THE SOFTWARE.
 """
-from scanoss.scanossbase import ScanossBase
+from ...scanossbase import ScanossBase
 
 DEFAULT_COPYLEFT_LICENSES = {
     'agpl-3.0-only', 'artistic-1.0', 'artistic-2.0', 'cc-by-sa-4.0', 'cddl-1.0', 'cddl-1.1', 'cecill-2.1',

scanoss/scanner.py

@@ -25,6 +25,7 @@ import json
 import os
 import sys
 import datetime
+from typing import Any, Dict, List, Optional
 import importlib_resources
 
 from progress.bar import Bar
@@ -490,66 +491,41 @@ class Scanner(ScanossBase):
                 success = False
         return success
 
-    def __finish_scan_threaded(self, file_map: dict = None) -> bool:
-        """
-        Wait for the threaded scans to complete
-        :param file_map: mapping of obfuscated files back into originals
-        :return: True if successful, False otherwise
+    def __finish_scan_threaded(self, file_map: Optional[Dict[Any, Any]] = None) -> bool:
+        """Wait for the threaded scan to complete and process the results
+
+        Args:
+            file_map: Mapping of obfuscated files back to originals
+
+        Returns:
+            bool: True if successful, False otherwise
+
+        Raises:
+            ValueError: If output format is invalid
         """
-        success = True
-        responses = None
+        success: bool = True
+        scan_responses = None
         dep_responses = None
         if self.is_file_or_snippet_scan():
             if not self.threaded_scan.complete():  # Wait for the scans to complete
                 self.print_stderr(f'Warning: Scanning analysis ran into some trouble.')
                 success = False
             self.threaded_scan.complete_bar()
-            responses = self.threaded_scan.responses
+            scan_responses = self.threaded_scan.responses
         if self.is_dependency_scan():
             self.print_msg('Retrieving dependency data...')
             if not self.threaded_deps.complete():
-                self.print_stderr(f'Warning: Dependency analysis ran into some trouble.')
+                self.print_stderr(
+                    f'Warning: Dependency analysis ran into some trouble.'
+                )
                 success = False
             dep_responses = self.threaded_deps.responses
-            # self.print_stderr(f'Dep Data: {dep_responses}')
-        # TODO change to dictionary
-        raw_output = "{\n"
-        # TODO look into merging the two dictionaries. See https://favtutor.com/blogs/merge-dictionaries-python
-        if responses or dep_responses:
-            first = True
-            if responses:
-                for scan_resp in responses:
-                    if scan_resp is not None:
-                        for key, value in scan_resp.items():
-                            if file_map:  # We have a map for obfuscated files. Check if we can revert it
-                                fm = file_map.get(key)
-                                if fm:
-                                    key = fm  # Replace the obfuscated filename
-                            if first:
-                                raw_output += "  \"%s\":%s" % (key, json.dumps(value, indent=2))
-                                first = False
-                            else:
-                                raw_output += ",\n  \"%s\":%s" % (key, json.dumps(value, indent=2))
-                # End for loop
-            if dep_responses:
-                dep_files = dep_responses.get("files")
-                if dep_files and len(dep_files) > 0:
-                    for dep_file in dep_files:
-                        file = dep_file.pop("file", None)
-                        if file is not None:
-                            if first:
-                                raw_output += "  \"%s\":[%s]" % (file, json.dumps(dep_file, indent=2))
-                                first = False
-                            else:
-                                raw_output += ",\n  \"%s\":[%s]" % (file, json.dumps(dep_file, indent=2))
-                    # End for loop
-        raw_output += "\n}"
-        try:
-            raw_results = json.loads(raw_output)
-        except Exception as e:
-            raise Exception(f'ERROR: Problem decoding parsed json: {e}')
 
-        results = self.post_processor.load_results(raw_results).post_process()
+        raw_scan_results = self._merge_scan_results(
+            scan_responses, dep_responses, file_map
+        )
+
+        results = self.post_processor.load_results(raw_scan_results).post_process()
 
         if self.output_format == 'plain':
             self.__log_result(json.dumps(results, indent=2, sort_keys=True))
@@ -567,6 +543,42 @@ class Scanner(ScanossBase):
             success = False
         return success
 
+    def _merge_scan_results(
+        self,
+        scan_responses: Optional[List],
+        dep_responses: Optional[Dict[str,Any]],
+        file_map: Optional[Dict[str, Any]],
+    ) -> Dict[str, Any]:
+        """Merge scan and dependency responses into a single dictionary"""
+        results: Dict[str, Any] = {}
+
+        if scan_responses:
+            for response in scan_responses:
+                if response is not None:
+                    if file_map:
+                        response = self._deobfuscate_filenames(response, file_map)
+                    results.update(response)
+
+        dep_files = dep_responses.get("files", None) if dep_responses else None
+        if dep_files:
+            for dep_file in dep_files:
+                file = dep_file.pop("file", None)
+                if file:
+                    results[file] = dep_file
+
+        return results
+
+    def _deobfuscate_filenames(self, response: dict, file_map: dict) -> dict:
+        """Convert obfuscated filenames back to original names"""
+        deobfuscated = {}
+        for key, value in response.items():
+            deobfuscated_name = file_map.get(key, None)
+            if deobfuscated_name:
+                deobfuscated[deobfuscated_name] = value
+            else:
+                deobfuscated[key] = value
+        return deobfuscated
+
     def scan_file_with_options(self, file: str, deps_file: str = None, file_map: dict = None, dep_scope: SCOPE = None,
                                dep_scope_include: str = None, dep_scope_exclude: str = None) -> bool:
         """

scanoss/winnowing.py

@@ -29,6 +29,7 @@
 """
 import hashlib
 import pathlib
+import platform
 import re
 
 from crc32c import crc32c
@@ -307,11 +308,15 @@ class Winnowing(ScanossBase):
             return ''
         # Print file line
         content_length = len(contents)
-        wfp_filename = repr(file).strip("'")  # return a utf-8 compatible version of the filename
+        original_filename = file
+        
+        if platform.system() == 'Windows':
+            original_filename = file.replace('\\', '/')
+        wfp_filename = repr(original_filename).strip("'")  # return a utf-8 compatible version of the filename
         if self.obfuscate:  # hide the real size of the file and its name, but keep the suffix
-            wfp_filename = f'{self.ob_count}{pathlib.Path(file).suffix}'
+            wfp_filename = f'{self.ob_count}{pathlib.Path(original_filename).suffix}'
             self.ob_count = self.ob_count + 1
-            self.file_map[wfp_filename] = file  # Save the file name map for later (reverse lookup)
+            self.file_map[wfp_filename] = original_filename  # Save the file name map for later (reverse lookup)
 
         wfp = 'file={0},{1},{2}\n'.format(file_md5, content_length, wfp_filename)
         # We don't process snippets for binaries, or other uninteresting files, or if we're requested to skip
@@ -464,7 +469,7 @@ class Winnowing(ScanossBase):
             crc = self.crc8_byte(crc, buffer[index])
         crc ^= CRC8_MAXIM_DOW_FINAL  # Bitwise OR (XOR) of crc in Maxim Dow Final
         return crc
-    
+
 #
 # End of Winnowing Class
 #

{scanoss-1.17.2.dist-info → scanoss-1.17.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: scanoss
-Version: 1.17.2
+Version: 1.17.4
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS

{scanoss-1.17.2.dist-info → scanoss-1.17.4.dist-info}/RECORD

@@ -4,15 +4,15 @@ protoc_gen_swagger/options/annotations_pb2.py,sha256=b25EDD6gssUWnFby9gxgcpLIROT
 protoc_gen_swagger/options/annotations_pb2_grpc.py,sha256=1oboBPFxaTEXt9Aw7EAj8gXHDCNMhZD2VXqocC9l_gk,159
 protoc_gen_swagger/options/openapiv2_pb2.py,sha256=vYElGp8E1vGHszvWqX97zNG9GFJ7u2QcdK9ouq0XdyI,14939
 protoc_gen_swagger/options/openapiv2_pb2_grpc.py,sha256=1oboBPFxaTEXt9Aw7EAj8gXHDCNMhZD2VXqocC9l_gk,159
-scanoss/__init__.py,sha256=aru_CeXo9ujcKEUaT1zaTFbIBCn_pJNsNzmB2T4ewwU,1163
-scanoss/cli.py,sha256=6NlNf1PHlaWNpsDhXFXvrwdLUFiCHbPypj4eFl4rJ5U,50665
+scanoss/__init__.py,sha256=3jhR_mltPm870L27utBf37tiCtNy516_7MNyf6kVsjQ,1163
+scanoss/cli.py,sha256=LSe8D3whEiDXgVyAtw2dsVqBd9BwQyB6POz4cH7kVf8,50652
 scanoss/components.py,sha256=ZHZ1KA69shxOASZK7USD9yPTITpAc_RXL5q5zpDK23o,12590
 scanoss/csvoutput.py,sha256=hBwr_Fc6mBdOdXgyQcdFrockYH-PJ0jblowlExJ6OPg,9925
 scanoss/cyclonedx.py,sha256=JVBYeR3D-i4yP9cVSyWvm0_7Y8Kr2MC5GxMgRGAf8R0,12585
 scanoss/filecount.py,sha256=o7xb6m387ucnsU4H1OXGzf_AdWsudhAHe49T8uX4Ieo,6660
 scanoss/results.py,sha256=7G33QAYYI9qI61TCzXjSLYXMmg5CDtZS5e2QhnQfE74,9883
 scanoss/scancodedeps.py,sha256=_9d7MAV20-FrET7mF7gW-BZiz2eHrtwudgrEcSX0oZQ,11321
-scanoss/scanner.py,sha256=Boxk0A-AuS0DMB4UYArU0PWZ0yJlK4v1YgdeVnKmJck,52023
+scanoss/scanner.py,sha256=PEWOFFVxPRvT6Wp9CUi30owWQyZNc3Nf-8bRv5X2uuQ,51749
 scanoss/scanoss_settings.py,sha256=QOpBDfu6vYL-K3WxkujPbXWwut1BHWpN2mJTm7yMD9c,6162
 scanoss/scanossapi.py,sha256=TJxPctr-0DTn_26LfM__OAMfntaXzvheFTbdmU-5pnM,11953
 scanoss/scanossbase.py,sha256=zMDRCLbrcoRvYEKQRuZXnBiVY4_Vsplmg_APbB65oaU,3084
@@ -22,7 +22,7 @@ scanoss/scantype.py,sha256=R2-ExLGOrYxaJFtIK2AEo2caD0XrN1zpF5q1qT9Zsyc,1326
 scanoss/spdxlite.py,sha256=REChAWV-6qhp16jc4X2lMb1v7VvYiDH5nN9VDV3fDaQ,15828
 scanoss/threadeddependencies.py,sha256=sOIAjiPTmxybKz2yhT4-ixXBeC4K8UQVq6JQj4e8mLc,9906
 scanoss/threadedscanning.py,sha256=T0tL8W1IEX_hLY5ksrAl_iQqtxT_KbyDhTDHo6a7xFE,9387
-scanoss/winnowing.py,sha256=HzMWRYh1XB4so71br-DUPpV6OlmymDfsnU-EOCCObJM,18734
+scanoss/winnowing.py,sha256=RCe5_EsyZ_iu6HhVTSEDeOw3MdNNlu_8m2Cz7BLl8RM,18926
 scanoss/api/__init__.py,sha256=KlDD87JmyZP-10T-fuJo0_v2zt1gxWfTgs70wjky9xg,1139
 scanoss/api/common/__init__.py,sha256=KlDD87JmyZP-10T-fuJo0_v2zt1gxWfTgs70wjky9xg,1139
 scanoss/api/common/v2/__init__.py,sha256=KlDD87JmyZP-10T-fuJo0_v2zt1gxWfTgs70wjky9xg,1139
@@ -50,19 +50,17 @@ scanoss/api/vulnerabilities/__init__.py,sha256=FLQtiDiv85Q1Chk-sJ9ky9WOV1mulZhEK
 scanoss/api/vulnerabilities/v2/__init__.py,sha256=FLQtiDiv85Q1Chk-sJ9ky9WOV1mulZhEKjiBihlwiaM,1139
 scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2.py,sha256=CFhF80av8tenGvn9AIsGEtRJPuV2dC_syA5JLZb2lDw,5464
 scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2_grpc.py,sha256=HlS4k4Zmx6RIAqaO9I96jD-eyF5yU6Xx04pVm7pdqOg,6864
-scanoss/data/build_date.txt,sha256=oPE2N3MmwjrcnboSRBZJnf0DruUMcoSRdYculyX05aA,40
+scanoss/data/build_date.txt,sha256=HTDHGlgxkIsYjJA8gub-HVdvIYCZTk3IBODvrsSr6o0,40
 scanoss/data/spdx-exceptions.json,sha256=s7UTYxC7jqQXr11YBlIWYCNwN6lRDFTR33Y8rpN_dA4,17953
 scanoss/data/spdx-licenses.json,sha256=A6Z0q82gaTLtnopBfzeIVZjJFxkdRW1g2TuumQc-lII,228794
 scanoss/inspection/__init__.py,sha256=z62680zKq4OmBOugSODvgpSwdsloZL7bvcaMbnx3xgU,1139
-scanoss/inspection/copyleft.py,sha256=B150gqqEvXZXq5toYtmNCKY7M0WkooBUWYiIeu48aek,6581
-scanoss/inspection/policy_check.py,sha256=r4qvY8j5Vz8FflVL1xZxkd7ufX_wLh5ocna6MoTkPWg,14775
-scanoss/inspection/undeclared_component.py,sha256=XUxNz6iaAoeLPPT4XnfeQlvOv-2thmf1MxP3KRmegQE,6853
-scanoss/inspection/utils/license_utils.py,sha256=iln0414t-cfmVktmAd7ANK7oOqpfRUvwRwIgrj-6GJA,5098
-scanoss/inspection/utils/markdown_utils.py,sha256=hCa7rqBvtRoAziz3wj0gbpUOrPJIEi3pTvIUrsZf6qc,808
-scanoss/inspection/utils/result_utils.py,sha256=OJRFznK4WCBMNvgX9kTus5WI5eTKjTXp_kWya7ixCyQ,2938
-scanoss-1.17.2.dist-info/LICENSE,sha256=LLUaXoiyOroIbr5ubAyrxBOwSRLTm35ETO2FmLpy8QQ,1074
-scanoss-1.17.2.dist-info/METADATA,sha256=xdt4go57mXTL7fodzNRcOSC7ywmvFHTW-Hs6F5SWoGc,5936
-scanoss-1.17.2.dist-info/WHEEL,sha256=P9jw-gEje8ByB7_hXoICnHtVCrEwMQh-630tKvQWehc,91
-scanoss-1.17.2.dist-info/entry_points.txt,sha256=Uy28xnaDL5KQ7V77sZD5VLDXPNxYYzSr5tsqtiXVzAs,48
-scanoss-1.17.2.dist-info/top_level.txt,sha256=V11PrQ6Pnrc-nDF9xnisnJ8e6-i7HqSIKVNqduRWcL8,27
-scanoss-1.17.2.dist-info/RECORD,,
+scanoss/inspection/copyleft.py,sha256=dkiLkgNYz7cbIQZCzy6zThiIyHkqrper_xruZ9PQhAI,6563
+scanoss/inspection/policy_check.py,sha256=eo5VfEBwKoDSqIwRi0xwaVLy6EUR29HlH5Bl0Kpvx7I,14752
+scanoss/inspection/undeclared_component.py,sha256=BxFhRrI_b_Ulu7cArm5ySphAXT7DfMmbrrGy121cz14,6808
+scanoss/inspection/utils/license_utils.py,sha256=mIaoVWXMA6shkRQmgmiP2mWchjxX4ex8LWs91Nf6rq4,5093
+scanoss-1.17.4.dist-info/LICENSE,sha256=LLUaXoiyOroIbr5ubAyrxBOwSRLTm35ETO2FmLpy8QQ,1074
+scanoss-1.17.4.dist-info/METADATA,sha256=EaR6VFelUQH-AiXibOmz5UeqNFo5zGW0OhIsO-2CYD0,5936
+scanoss-1.17.4.dist-info/WHEEL,sha256=P9jw-gEje8ByB7_hXoICnHtVCrEwMQh-630tKvQWehc,91
+scanoss-1.17.4.dist-info/entry_points.txt,sha256=Uy28xnaDL5KQ7V77sZD5VLDXPNxYYzSr5tsqtiXVzAs,48
+scanoss-1.17.4.dist-info/top_level.txt,sha256=V11PrQ6Pnrc-nDF9xnisnJ8e6-i7HqSIKVNqduRWcL8,27
+scanoss-1.17.4.dist-info/RECORD,,

scanoss/inspection/utils/markdown_utils.py

@@ -1,23 +0,0 @@
-def generate_table(headers, rows, centered_columns=None):
-    """
-     Generate Markdown table
-     :param headers: List of headers
-     :param rows: Rows
-     :param centered_columns: List with centered columns
-     """
-    COL_SEP = ' | '
-    centered_column_set = set(centered_columns or [])
-    def create_separator(header, index):
-        if centered_columns is None:
-            return '-'
-        return ':-:' if index in centered_column_set else '-'
-
-    row_separator = COL_SEP + COL_SEP.join(
-        create_separator(header, index) for index, header in enumerate(headers)
-    ) + COL_SEP
-
-    table_rows = [COL_SEP + COL_SEP.join(headers) + COL_SEP]
-    table_rows.append(row_separator)
-    table_rows.extend(COL_SEP + COL_SEP.join(row) + COL_SEP for row in rows)
-
-    return '\n'.join(table_rows)

scanoss/inspection/utils/result_utils.py

@@ -1,79 +0,0 @@
-from enum import Enum
-from typing import Dict, Any
-
-from scanoss.inspection.utils.license_utils import license_util
-
-
-class ComponentID(Enum):
-    FILE = "file"
-    SNIPPET = "snippet"
-    DEPENDENCY = "dependency"
-
-
-def _append_component(components: Dict[str, Any], new_component: Dict[str, Any]) -> Dict[str, Any]:
-    """
-    Append a new component to the components dictionary.
-
-    This function creates a new entry in the components dictionary for the given component,
-    or updates an existing entry if the component already exists. It also processes the
-    licenses associated with the component.
-
-    :param components: The existing dictionary of components
-    :param new_component: The new component to be added or updated
-    :return: The updated components dictionary
-    """
-    component_key = f"{new_component['purl'][0]}@{new_component['version']}"
-    components[component_key] = {
-        'purl': new_component['purl'][0],
-        'version': new_component['version'],
-        'licenses': {},
-        'status': new_component['status'],
-    }
-
-    # Process licenses for this component
-    for l in new_component['licenses']:
-        spdxid = l['name']
-        components[component_key]['licenses'][spdxid] = {
-            'spdxid': spdxid,
-            'copyleft': license_util.is_copyleft(spdxid),
-            'url': l.get('url')
-        }
-
-    return components
-
-
-def get_components(results: Dict[str, Any]) -> list:
-    """
-        Process the results dictionary to extract and format component information.
-
-        This function iterates through the results dictionary, identifying components from
-        different sources (files, snippets, and dependencies). It consolidates this information
-        into a list of unique components, each with its associated licenses and other details.
-
-        :param results: A dictionary containing the raw results of a component scan
-        :return: A list of dictionaries, each representing a unique component with its details
-    """
-    components = {}
-    for component in results.values():
-        for c in component:
-            if c['id'] in [ComponentID.FILE.value, ComponentID.SNIPPET.value]:
-                component_key = f"{c['purl'][0]}@{c['version']}"
-
-                # Initialize or update the component entry
-                if component_key not in components:
-                    components = _append_component(components, c)
-
-            if c['id'] == ComponentID.DEPENDENCY.value:
-                for d in c['dependencies']:
-                    component_key = f"{d['purl'][0]}@{d['version']}"
-
-                    if component_key not in components:
-                        components = _append_component(components, d)
-                # End of for loop
-            # End if
-        # End if
-    results = list(components.values())
-    for component in results:
-        component['licenses'] = list(component['licenses'].values())
-
-    return results