scanoss 1.17.5__tar.gz → 1.18.0__tar.gz

{scanoss-1.17.5/src/scanoss.egg-info → scanoss-1.18.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: scanoss
-Version: 1.17.5
+Version: 1.18.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -26,6 +26,7 @@ Requires-Dist: pypac
 Requires-Dist: pyOpenSSL
 Requires-Dist: google-api-core
 Requires-Dist: importlib_resources
+Requires-Dist: packageurl-python
 Provides-Extra: fast-winnowing
 Requires-Dist: scanoss_winnowing>=0.5.0; extra == "fast-winnowing"
 

{scanoss-1.17.5 → scanoss-1.18.0}/README.md

@@ -39,6 +39,22 @@ To enable dependency scanning, an extra tool is required: scancode-toolkit
 pip3 install -r requirements-scancode.txt
 ```
 
+### Devcontainer Setup
+To simplify the development environment setup, a devcontainer configuration is provided. This allows you to develop inside a containerized environment with all necessary dependencies pre-installed.
+
+To use the devcontainer setup:
+1. Install [Visual Studio Code](https://code.visualstudio.com/).
+2. Install the [Remote - Containers](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers) extension.
+3. Open the project in Visual Studio Code.
+4. Run 
+```bash
+cp .devcontainer/devcontainer.example.json .devcontainer/devcontainer.json
+``` 
+5. Update the `devcontainer.json` file with the desired settings.
+6. When prompted, reopen the project in the container.
+
+This will build the container defined in the `.devcontainer` folder and open a new Visual Studio Code window connected to the container.
+
 ### Package Development
 More details on Python packaging/distribution can be found [here](https://packaging.python.org/overview/), [here](https://packaging.python.org/guides/distributing-packages-using-setuptools/), and [here](https://packaging.python.org/guides/using-testpypi/#using-test-pypi).
 

{scanoss-1.17.5 → scanoss-1.18.0}/setup.cfg

@@ -35,6 +35,7 @@ install_requires =
 	pyOpenSSL
 	google-api-core
 	importlib_resources
+	packageurl-python
 
 [options.extras_require]
 fast_winnowing = 

{scanoss-1.17.5 → scanoss-1.18.0}/src/scanoss/__init__.py

@@ -22,4 +22,4 @@
    THE SOFTWARE.
 """
 
-__version__ = '1.17.5'
+__version__ = "1.18.0"

{scanoss-1.17.5 → scanoss-1.18.0}/src/scanoss/cli.py

@@ -315,6 +315,8 @@ def setup_args() -> None:
 
     # Inspect Sub-command: inspect undeclared
     p_undeclared = p_inspect_sub.add_parser('undeclared', aliases=['un'],description="Inspect for undeclared components", help='Inspect for undeclared components')
+    p_undeclared.add_argument('--sbom-format',required=False ,choices=['legacy', 'settings'],
+                              default="settings",help='Sbom format for status output')
     p_undeclared.set_defaults(func=inspect_undeclared)
 
     for p in [p_copyleft, p_undeclared]:
@@ -858,7 +860,7 @@ def inspect_undeclared(parser, args):
         open(status_output, 'w').close()
     i_undeclared = UndeclaredComponent(debug=args.debug, trace=args.trace, quiet=args.quiet,
                                        filepath=args.input, format_type=args.format,
-                                       status=status_output, output=output)
+                                       status=status_output, output=output, sbom_format=args.sbom_format)
     status, _ = i_undeclared.run()
     sys.exit(status)
 

scanoss-1.18.0/src/scanoss/data/build_date.txt

@@ -0,0 +1 @@
+date: 20241115114610, utime: 1731671170

{scanoss-1.17.5 → scanoss-1.18.0}/src/scanoss/inspection/undeclared_component.py

@@ -32,7 +32,7 @@ class UndeclaredComponent(PolicyCheck):
     """
 
     def __init__(self, debug: bool = False, trace: bool = True, quiet: bool = False, filepath: str = None,
-                 format_type: str = 'json', status: str = None, output: str = None):
+                 format_type: str = 'json', status: str = None, output: str = None, sbom_format: str = 'settings'):
         """
         Initialize the UndeclaredComponent class.
 
@@ -43,6 +43,7 @@ class UndeclaredComponent(PolicyCheck):
         :param format_type: Output format ('json' or 'md')
         :param status: Path to save status output
         :param output: Path to save detailed output
+        :param sbom_format: Sbom format for status output (default 'settings')
         """
         super().__init__(debug, trace, quiet, filepath, format_type, status, output,
                          name='Undeclared Components Policy')
@@ -50,6 +51,7 @@ class UndeclaredComponent(PolicyCheck):
         self.format = format
         self.output = output
         self.status = status
+        self.sbom_format = sbom_format
 
     def _get_undeclared_component(self, components: list)-> list or None:
         """
@@ -59,7 +61,7 @@ class UndeclaredComponent(PolicyCheck):
            :return: List of undeclared components
         """
         if components is None:
-            self.print_stderr(f'WARNING: No components provided!')
+            self.print_debug(f'WARNING: No components provided!')
             return None
         undeclared_components = []
         for component in components:
@@ -78,9 +80,14 @@ class UndeclaredComponent(PolicyCheck):
         """
         summary = f'{len(components)} undeclared component(s) were found.\n'
         if len(components) > 0:
+            if self.sbom_format == 'settings':
+                summary += (f'Add the following snippet into your `scanoss.json` file\n'
+                            f'\n```json\n{json.dumps(self._generate_scanoss_file(components), indent=2)}\n```\n')
+                return summary
+
             summary += (f'Add the following snippet into your `sbom.json` file\n'
                         f'\n```json\n{json.dumps(self._generate_sbom_file(components), indent=2)}\n```\n')
-        return summary
+            return summary
 
     def _json(self, components: list) -> Dict[str, Any]:
         """
@@ -115,23 +122,46 @@ class UndeclaredComponent(PolicyCheck):
             'summary': self._get_summary(components),
         }
 
-    def _generate_sbom_file(self, components: list) -> dict:
+    def _get_unique_components(self, components: list) -> list:
         """
-         Generate a list of PURLs for the SBOM file.
+         Generate a list of unique components.
 
          :param components: List of undeclared components
-         :return: SBOM Dictionary with components
+         :return: list of unique components
          """
-
         unique_components = {}
         if components is None:
             self.print_stderr(f'WARNING: No components provided!')
-        else:
-            for component in components:
-                unique_components[component['purl']] = { 'purl': component['purl'] }
+            return []
+
+        for component in components:
+                unique_components[component['purl']] = {'purl': component['purl']}
+        return list(unique_components.values())
+
+    def _generate_scanoss_file(self, components: list) -> dict:
+        """
+         Generate a list of PURLs for the scanoss.json file.
+
+         :param components: List of undeclared components
+         :return: scanoss.json Dictionary
+         """
+        scanoss_settings = {
+            'bom':{
+                'include': self._get_unique_components(components),
+            }
+        }
 
+        return scanoss_settings
+
+    def _generate_sbom_file(self, components: list) -> dict:
+        """
+         Generate a list of PURLs for the SBOM file.
+
+         :param components: List of undeclared components
+         :return: SBOM Dictionary with components
+         """
         sbom = {
-            'components': list(unique_components.values())
+            'components': self._get_unique_components(components),
         }
 
         return sbom

{scanoss-1.17.5 → scanoss-1.18.0}/src/scanoss/scanner.py

@@ -161,12 +161,13 @@ class Scanner(ScanossBase):
         if skip_extensions:  # Append extra file extensions to skip
             self.skip_extensions.extend(skip_extensions)
 
-        if scan_settings:
-            self.scan_settings = scan_settings
-            self.post_processor = ScanPostProcessor(scan_settings, debug=debug, trace=trace, quiet=quiet)
-            self._maybe_set_api_sbom()
+        self.scan_settings = scan_settings
+        self.post_processor = ScanPostProcessor(scan_settings, debug=debug, trace=trace, quiet=quiet) if scan_settings else None
+        self._maybe_set_api_sbom()
 
     def _maybe_set_api_sbom(self):
+        if not self.scan_settings:
+            return
         sbom = self.scan_settings.get_sbom()
         if sbom:
             self.scanoss_api.set_sbom(sbom)
@@ -521,11 +522,12 @@ class Scanner(ScanossBase):
                 success = False
             dep_responses = self.threaded_deps.responses
 
-        raw_scan_results = self._merge_scan_results(
-            scan_responses, dep_responses, file_map
-        )
+        raw_scan_results = self._merge_scan_results(scan_responses, dep_responses, file_map)
 
-        results = self.post_processor.load_results(raw_scan_results).post_process()
+        if self.post_processor:
+            results = self.post_processor.load_results(raw_scan_results).post_process()
+        else:
+            results = raw_scan_results
 
         if self.output_format == 'plain':
             self.__log_result(json.dumps(results, indent=2, sort_keys=True))

{scanoss-1.17.5 → scanoss-1.18.0}/src/scanoss/scanoss_settings.py

@@ -69,15 +69,15 @@ class ScanossSettings(ScanossBase):
         json_file = Path(filepath).resolve()
 
         if not json_file.exists():
-            self.print_stderr(f"Scan settings file not found: {filepath}")
+            self.print_stderr(f'Scan settings file not found: {filepath}')
             self.data = {}
 
-        with open(json_file, "r") as jsonfile:
-            self.print_debug(f"Loading scan settings from: {filepath}")
+        with open(json_file, 'r') as jsonfile:
+            self.print_debug(f'Loading scan settings from: {filepath}')
             try:
                 self.data = json.load(jsonfile)
             except Exception as e:
-                self.print_stderr(f"ERROR: Problem parsing input JSON: {e}")
+                self.print_stderr(f'ERROR: Problem parsing input JSON: {e}')
         return self
 
     def set_file_type(self, file_type: str):
@@ -91,9 +91,7 @@ class ScanossSettings(ScanossBase):
         """
         self.settings_file_type = file_type
         if not self._is_valid_sbom_file:
-            raise Exception(
-                'Invalid scan settings file, missing "components" or "bom")'
-            )
+            raise Exception('Invalid scan settings file, missing "components" or "bom")')
         return self
 
     def set_scan_type(self, scan_type: str):
@@ -111,7 +109,7 @@ class ScanossSettings(ScanossBase):
         Returns:
             bool: True if the file is valid, False otherwise
         """
-        if not self.data.get("components") or not self.data.get("bom"):
+        if not self.data.get('components') or not self.data.get('bom'):
             return False
         return True
 
@@ -122,14 +120,14 @@ class ScanossSettings(ScanossBase):
             dict: If using scanoss.json
             list: If using SBOM.json
         """
-        if self.settings_file_type == "legacy":
+        if self.settings_file_type == 'legacy':
             if isinstance(self.data, list):
                 return self.data
-            elif isinstance(self.data, dict) and self.data.get("components"):
-                return self.data.get("components")
+            elif isinstance(self.data, dict) and self.data.get('components'):
+                return self.data.get('components')
             else:
                 return []
-        return self.data.get("bom", {})
+        return self.data.get('bom', {})
 
     def get_bom_include(self) -> List[BomEntry]:
         """Get the list of components to include in the scan
@@ -137,9 +135,9 @@ class ScanossSettings(ScanossBase):
         Returns:
             list: List of components to include in the scan
         """
-        if self.settings_file_type == "legacy":
+        if self.settings_file_type == 'legacy':
             return self._get_bom()
-        return self._get_bom().get("include", [])
+        return self._get_bom().get('include', [])
 
     def get_bom_remove(self) -> List[BomEntry]:
         """Get the list of components to remove from the scan
@@ -147,21 +145,31 @@ class ScanossSettings(ScanossBase):
         Returns:
             list: List of components to remove from the scan
         """
-        if self.settings_file_type == "legacy":
+        if self.settings_file_type == 'legacy':
             return self._get_bom()
-        return self._get_bom().get("remove", [])
+        return self._get_bom().get('remove', [])
+
+    def get_bom_replace(self) -> List[BomEntry]:
+        """Get the list of components to replace in the scan
+
+        Returns:
+            list: List of components to replace in the scan
+        """
+        if self.settings_file_type == 'legacy':
+            return []
+        return self._get_bom().get('replace', [])
 
     def get_sbom(self):
         """Get the SBOM to be sent to the SCANOSS API
 
         Returns:
-            dict: SBOM
+            dict: SBOM request payload
         """
         if not self.data:
             return None
         return {
-            "scan_type": self.scan_type,
-            "assets": json.dumps(self._get_sbom_assets()),
+            'scan_type': self.scan_type,
+            'assets': json.dumps(self._get_sbom_assets()),
         }
 
     def _get_sbom_assets(self):
@@ -170,8 +178,15 @@ class ScanossSettings(ScanossBase):
         Returns:
             List: List of SBOM assets
         """
-        if self.scan_type == "identify":
-            return self.normalize_bom_entries(self.get_bom_include())
+        if self.scan_type == 'identify':
+            include_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_include()))
+            replace_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_replace()))
+            self.print_debug(
+                f"Scan type set to 'identify'. Adding {len(include_bom_entries) + len(replace_bom_entries)} components as context to the scan. \n"
+                f"From Include list: {[entry['purl'] for entry in include_bom_entries]} \n"
+                f"From Replace list: {[entry['purl'] for entry in replace_bom_entries]} \n"
+            )
+            return include_bom_entries + replace_bom_entries
         return self.normalize_bom_entries(self.get_bom_remove())
 
     @staticmethod
@@ -188,7 +203,26 @@ class ScanossSettings(ScanossBase):
         for entry in bom_entries:
             normalized_bom_entries.append(
                 {
-                    "purl": entry.get("purl", ""),
+                    'purl': entry.get('purl', ''),
                 }
             )
         return normalized_bom_entries
+
+    @staticmethod
+    def _remove_duplicates(bom_entries: List[BomEntry]) -> List[BomEntry]:
+        """Remove duplicate BOM entries
+
+        Args:
+            bom_entries (List[Dict]): List of BOM entries
+
+        Returns:
+            List: List of unique BOM entries
+        """
+        already_added = set()
+        unique_entries = []
+        for entry in bom_entries:
+            entry_tuple = tuple(entry.items())
+            if entry_tuple not in already_added:
+                already_added.add(entry_tuple)
+                unique_entries.append(entry)
+        return unique_entries

scanoss-1.18.0/src/scanoss/scanpostprocessor.py

@@ -0,0 +1,283 @@
+"""
+SPDX-License-Identifier: MIT
+
+  Copyright (c) 2024, SCANOSS
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
+"""
+
+from typing import List, Tuple
+
+from packageurl import PackageURL
+from packageurl.contrib import purl2url
+
+from .scanoss_settings import BomEntry, ScanossSettings
+from .scanossbase import ScanossBase
+
+
+class ScanPostProcessor(ScanossBase):
+    """Handles post-processing of the scan results"""
+
+    def __init__(
+        self,
+        scan_settings: ScanossSettings,
+        debug: bool = False,
+        trace: bool = False,
+        quiet: bool = False,
+        results: dict = None,
+    ):
+        """
+        Args:
+            scan_settings (ScanossSettings): Scan settings object
+            debug (bool, optional): Debug mode. Defaults to False.
+            trace (bool, optional): Traces. Defaults to False.
+            quiet (bool, optional): Quiet mode. Defaults to False.
+            results (dict | str, optional): Results to be processed. Defaults to None.
+        """
+        super().__init__(debug, trace, quiet)
+        self.scan_settings = scan_settings
+        self.results: dict = results
+        self.component_info_map: dict = {}
+
+    def load_results(self, raw_results: dict):
+        """Load the raw results
+
+        Args:
+            raw_results (dict): Raw scan results
+        """
+        self.results = raw_results
+        self._load_component_info()
+        return self
+
+    def _load_component_info(self):
+        """Create a map of component information from scan results for faster lookup"""
+        if not self.results:
+            return
+        for _, result in self.results.items():
+            result = result[0] if isinstance(result, list) else result
+            purls = result.get('purl', [])
+            for purl in purls:
+                self.component_info_map[purl] = result
+
+    def post_process(self):
+        """Post-process the scan results
+
+        Returns:
+            dict: Processed results
+        """
+        self._remove_dismissed_files()
+        self._replace_purls()
+        return self.results
+
+    def _remove_dismissed_files(self):
+        """Remove entries from the results based on files and/or purls specified in the SCANOSS settings file"""
+        to_remove_entries = self.scan_settings.get_bom_remove()
+        if not to_remove_entries:
+            return
+
+        self.results = {
+            result_path: result
+            for result_path, result in self.results.items()
+            if not self._should_remove_result(result_path, result, to_remove_entries)
+        }
+
+    def _replace_purls(self):
+        """Replace purls in the results based on the SCANOSS settings file"""
+        to_replace_entries = self.scan_settings.get_bom_replace()
+        if not to_replace_entries:
+            return
+
+        for result_path, result in self.results.items():
+            result = result[0] if isinstance(result, list) else result
+            should_replace, to_replace_with_purl = self._should_replace_result(result_path, result, to_replace_entries)
+            if should_replace:
+                self.results[result_path] = [self._update_replaced_result(result, to_replace_with_purl)]
+
+    def _update_replaced_result(self, result: dict, to_replace_with_purl: str) -> dict:
+        """
+        Update the result with the new purl and component information if available,
+        otherwise removes the old component information
+
+        Args:
+            result (dict): The result to update
+            to_replace_with_purl (str): The purl to replace with
+
+        Returns:
+            dict: Updated result
+        """
+
+        if self.component_info_map.get(to_replace_with_purl):
+            result.update(self.component_info_map[to_replace_with_purl])
+        else:
+            try:
+                new_component = PackageURL.from_string(to_replace_with_purl).to_dict()
+                new_component_url = purl2url.get_repo_url(to_replace_with_purl)
+            except Exception:
+                self.print_stderr(
+                    f"Error while replacing: Invalid PURL '{to_replace_with_purl}' in settings file. Abort replacing."
+                )
+                return result
+
+            result['component'] = new_component.get('name')
+            result['url'] = new_component_url
+            result['vendor'] = new_component.get('namespace')
+
+            result.pop('licenses', None)
+            result.pop('file', None)
+            result.pop('file_hash', None)
+            result.pop('file_url', None)
+            result.pop('latest', None)
+            result.pop('release_date', None)
+            result.pop('source_hash', None)
+            result.pop('url_hash', None)
+            result.pop('url_stats', None)
+            result.pop('url_stats', None)
+            result.pop('version', None)
+
+        result['purl'] = [to_replace_with_purl]
+
+        return result
+
+    def _should_replace_result(
+        self, result_path: str, result: dict, to_replace_entries: List[BomEntry]
+    ) -> Tuple[bool, str]:
+        """Check if a result should be replaced based on the SCANOSS settings
+
+        Args:
+            result_path (str): Path of the result
+            result (dict): Result to check
+            to_replace_entries (List[BomEntry]): BOM entries to replace from the settings file
+
+        Returns:
+            bool: True if the result should be replaced, False otherwise
+            str: The purl to replace with
+        """
+        result_purls = result.get('purl', [])
+        for to_replace_entry in to_replace_entries:
+            to_replace_path = to_replace_entry.get('path')
+            to_replace_purl = to_replace_entry.get('purl')
+            to_replace_with = to_replace_entry.get('replace_with')
+
+            if not to_replace_path and not to_replace_purl or not to_replace_with:
+                continue
+
+            if (
+                self._is_full_match(result_path, result_purls, to_replace_entry)
+                or (not to_replace_path and to_replace_purl in result_purls)
+                or (not to_replace_purl and to_replace_path == result_path)
+            ):
+                self._print_message(result_path, result_purls, to_replace_entry, 'Replacing')
+                return True, to_replace_with
+
+        return False, None
+
+    def _should_remove_result(self, result_path: str, result: dict, to_remove_entries: List[BomEntry]) -> bool:
+        """Check if a result should be removed based on the SCANOSS settings"""
+        result = result[0] if isinstance(result, list) else result
+        result_purls = result.get('purl', [])
+
+        for to_remove_entry in to_remove_entries:
+            to_remove_path = to_remove_entry.get('path')
+            to_remove_purl = to_remove_entry.get('purl')
+
+            if not to_remove_path and not to_remove_purl:
+                continue
+
+            if (
+                self._is_full_match(result_path, result_purls, to_remove_entry)
+                or (not to_remove_path and to_remove_purl in result_purls)
+                or (not to_remove_purl and to_remove_path == result_path)
+            ):
+                self._print_message(result_path, result_purls, to_remove_entry, 'Removing')
+                return True
+
+        return False
+
+    def _print_message(
+        self,
+        result_path: str,
+        result_purls: List[str],
+        bom_entry: BomEntry,
+        action: str,
+    ) -> None:
+        """Print a message about replacing or removing a result"""
+        message = (
+            f"{self._get_match_type_message(result_path, result_purls, bom_entry, action)} \n"
+            f"Details:\n"
+            f"  - PURLs: {', '.join(result_purls)}\n"
+            f"  - Path: '{result_path}'\n"
+        )
+
+        if action == 'Replacing':
+            message += f" - {action} with '{bom_entry.get('replace_with')}'"
+
+        self.print_debug(message)
+
+    def _get_match_type_message(
+        self,
+        result_path: str,
+        result_purls: List[str],
+        bom_entry: BomEntry,
+        action: str,
+    ) -> str:
+        """Compose message based on match type
+
+        Args:
+            result_path (str): Path of the scan result
+            result_purls (List[str]): Purls of the scan result
+            bom_entry (BomEntry): BOM entry to compare with
+            action (str): Post processing action being performed
+
+        Returns:
+            str: The message to be printed
+        """
+        if bom_entry.get('path') and bom_entry.get('purl'):
+            message = f"{action} '{result_path}'. Full match found."
+        elif bom_entry.get('purl'):
+            message = f"{action} '{result_path}'. Found PURL match."
+        else:
+            message = f"{action} '{result_path}'. Found path match."
+
+        return message
+
+    def _is_full_match(
+        self,
+        result_path: str,
+        result_purls: List[str],
+        bom_entry: BomEntry,
+    ) -> bool:
+        """Check if path and purl matches fully with the bom entry
+
+        Args:
+            result_path (str): Scan result path
+            result_purls (List[str]): Scan result purls
+            bom_entry (BomEntry): BOM entry to compare with
+
+        Returns:
+            bool: True if the path and purl match, False otherwise
+        """
+
+        if not result_purls:
+            return False
+
+        return bool(
+            (bom_entry.get('purl') and bom_entry.get('path'))
+            and (bom_entry.get('path') == result_path)
+            and (bom_entry.get('purl') in result_purls)
+        )

{scanoss-1.17.5 → scanoss-1.18.0/src/scanoss.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: scanoss
-Version: 1.17.5
+Version: 1.18.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -26,6 +26,7 @@ Requires-Dist: pypac
 Requires-Dist: pyOpenSSL
 Requires-Dist: google-api-core
 Requires-Dist: importlib_resources
+Requires-Dist: packageurl-python
 Provides-Extra: fast-winnowing
 Requires-Dist: scanoss_winnowing>=0.5.0; extra == "fast-winnowing"