scanoss 1.19.6__py3-none-any.whl → 1.20.1__py3-none-any.whl

scanoss/inspection/utils/license_utils.py

@@ -1,61 +1,82 @@
 """
- SPDX-License-Identifier: MIT
-
-   Copyright (c) 2024, SCANOSS
-
-   Permission is hereby granted, free of charge, to any person obtaining a copy
-   of this software and associated documentation files (the "Software"), to deal
-   in the Software without restriction, including without limitation the rights
-   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-   copies of the Software, and to permit persons to whom the Software is
-   furnished to do so, subject to the following conditions:
-
-   The above copyright notice and this permission notice shall be included in
-   all copies or substantial portions of the Software.
-
-   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-   THE SOFTWARE.
+SPDX-License-Identifier: MIT
+
+  Copyright (c) 2024, SCANOSS
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
 """
+
 from ...scanossbase import ScanossBase
 
 DEFAULT_COPYLEFT_LICENSES = {
-    'agpl-3.0-only', 'artistic-1.0', 'artistic-2.0', 'cc-by-sa-4.0', 'cddl-1.0', 'cddl-1.1', 'cecill-2.1',
-    'epl-1.0', 'epl-2.0', 'gfdl-1.1-only', 'gfdl-1.2-only', 'gfdl-1.3-only', 'gpl-1.0-only', 'gpl-2.0-only',
-    'gpl-3.0-only', 'lgpl-2.1-only', 'lgpl-3.0-only', 'mpl-1.1', 'mpl-2.0', 'sleepycat', 'watcom-1.0'
+    'agpl-3.0-only',
+    'artistic-1.0',
+    'artistic-2.0',
+    'cc-by-sa-4.0',
+    'cddl-1.0',
+    'cddl-1.1',
+    'cecill-2.1',
+    'epl-1.0',
+    'epl-2.0',
+    'gfdl-1.1-only',
+    'gfdl-1.2-only',
+    'gfdl-1.3-only',
+    'gpl-1.0-only',
+    'gpl-2.0-only',
+    'gpl-3.0-only',
+    'lgpl-2.1-only',
+    'lgpl-3.0-only',
+    'mpl-1.1',
+    'mpl-2.0',
+    'sleepycat',
+    'watcom-1.0',
 }
 
+
 class LicenseUtil(ScanossBase):
     """
-        A utility class for handling software licenses, particularly copyleft licenses.
+    A utility class for handling software licenses, particularly copyleft licenses.
 
-        This class provides functionality to initialize, manage, and query a set of
-        copyleft licenses. It also offers a method to generate URLs for license information.
+    This class provides functionality to initialize, manage, and query a set of
+    copyleft licenses. It also offers a method to generate URLs for license information.
     """
+
     BASE_SPDX_ORG_URL = 'https://spdx.org/licenses'
     BASE_OSADL_URL = 'https://www.osadl.org/fileadmin/checklists/unreflicenses'
 
-    def __init__(self,debug: bool = False, trace: bool = True, quiet: bool = False):
+    def __init__(self, debug: bool = False, trace: bool = True, quiet: bool = False):
         super().__init__(debug, trace, quiet)
         self.default_copyleft_licenses = set(DEFAULT_COPYLEFT_LICENSES)
         self.copyleft_licenses = set()
 
     def init(self, include: str = None, exclude: str = None, explicit: str = None):
         """
-            Initialize the set of copyleft licenses based on user input.
+        Initialize the set of copyleft licenses based on user input.
 
-            This method allows for customization of the copyleft license set by:
-            - Setting an explicit list of licenses
-            - Including additional licenses to the default set
-            - Excluding specific licenses from the default set
+        This method allows for customization of the copyleft license set by:
+        - Setting an explicit list of licenses
+        - Including additional licenses to the default set
+        - Excluding specific licenses from the default set
 
-            :param include: Comma-separated string of licenses to include
-            :param exclude: Comma-separated string of licenses to exclude
-            :param explicit: Comma-separated string of licenses to use exclusively
+        :param include: Comma-separated string of licenses to include
+        :param exclude: Comma-separated string of licenses to exclude
+        :param explicit: Comma-separated string of licenses to use exclusively
         """
         if self.debug:
             self.print_stderr(f'Include Copyleft licenses: ${include}')
@@ -73,7 +94,7 @@ class LicenseUtil(ScanossBase):
         if include:
             include = include.strip()
         if include:
-            inc =[item.strip().lower() for item in include.split(',')]
+            inc = [item.strip().lower() for item in include.split(',')]
             self.copyleft_licenses.update(inc)
         if exclude:
             exclude = exclude.strip()
@@ -85,23 +106,22 @@ class LicenseUtil(ScanossBase):
 
     def is_copyleft(self, spdxid: str) -> bool:
         """
-           Check if a given license is considered copyleft.
+        Check if a given license is considered copyleft.
 
-           :param spdxid: The SPDX identifier of the license to check
-           :return: True if the license is copyleft, False otherwise
+        :param spdxid: The SPDX identifier of the license to check
+        :return: True if the license is copyleft, False otherwise
         """
         return spdxid.lower() in self.copyleft_licenses
 
     def get_spdx_url(self, spdxid: str) -> str:
         """
-           Generate the URL for the SPDX page of a license.
+        Generate the URL for the SPDX page of a license.
 
-           :param spdxid: The SPDX identifier of the license
-           :return: The URL of the SPDX page for the given license
+        :param spdxid: The SPDX identifier of the license
+        :return: The URL of the SPDX page for the given license
         """
         return f'{self.BASE_SPDX_ORG_URL}/{spdxid}.html'
 
-
     def get_osadl_url(self, spdxid: str) -> str:
         """
         Generate the URL for the OSADL (Open Source Automation Development Lab) page of a license.
@@ -110,6 +130,8 @@ class LicenseUtil(ScanossBase):
         :return: The URL of the OSADL page for the given license
         """
         return f'{self.BASE_OSADL_URL}/{spdxid}.txt'
+
+
 #
 # End of LicenseUtil Class
 #

scanoss/results.py

@@ -1,25 +1,25 @@
 """
- SPDX-License-Identifier: MIT
-
-   Copyright (c) 2024, SCANOSS
-
-   Permission is hereby granted, free of charge, to any person obtaining a copy
-   of this software and associated documentation files (the "Software"), to deal
-   in the Software without restriction, including without limitation the rights
-   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-   copies of the Software, and to permit persons to whom the Software is
-   furnished to do so, subject to the following conditions:
-
-   The above copyright notice and this permission notice shall be included in
-   all copies or substantial portions of the Software.
-
-   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-   THE SOFTWARE.
+SPDX-License-Identifier: MIT
+
+  Copyright (c) 2024, SCANOSS
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
 """
 
 import json
@@ -27,27 +27,27 @@ from typing import Any, Dict, List
 
 from .scanossbase import ScanossBase
 
-MATCH_TYPES = ["file", "snippet"]
-STATUSES = ["pending", "identified"]
+MATCH_TYPES = ['file', 'snippet']
+STATUSES = ['pending', 'identified']
 
 
 AVAILABLE_FILTER_VALUES = {
-    "match_type": [e for e in MATCH_TYPES],
-    "status": [e for e in STATUSES],
+    'match_type': [e for e in MATCH_TYPES],
+    'status': [e for e in STATUSES],
 }
 
 
 ARG_TO_FILTER_MAP = {
-    "match_type": "id",
-    "status": "status",
+    'match_type': 'id',
+    'status': 'status',
 }
 
 PENDING_IDENTIFICATION_FILTERS = {
-    "match_type": ["file", "snippet"],
-    "status": ["pending"],
+    'match_type': ['file', 'snippet'],
+    'status': ['pending'],
 }
 
-AVAILABLE_OUTPUT_FORMATS = ["json", "plain"]
+AVAILABLE_OUTPUT_FORMATS = ['json', 'plain']
 
 
 class Results(ScanossBase):
@@ -95,11 +95,11 @@ class Results(ScanossBase):
         Returns:
             Dict[str, Any]: The parsed JSON data
         """
-        with open(file, "r") as jsonfile:
+        with open(file, 'r') as jsonfile:
             try:
                 return json.load(jsonfile)
             except Exception as e:
-                self.print_stderr(f"ERROR: Problem parsing input JSON: {e}")
+                self.print_stderr(f'ERROR: Problem parsing input JSON: {e}')
 
     def _load_and_transform(self, file: str) -> List[Dict[str, Any]]:
         """
@@ -143,7 +143,7 @@ class Results(ScanossBase):
 
     @staticmethod
     def _extract_comma_separated_values(values: str):
-        return [value.strip() for value in values.split(",")]
+        return [value.strip() for value in values.split(',')]
 
     def apply_filters(self):
         """Apply the filters to the data"""
@@ -172,14 +172,11 @@ class Results(ScanossBase):
 
     @staticmethod
     def _validate_filter_values(filter_key: str, filter_value: List[str]):
-        if any(
-            value not in AVAILABLE_FILTER_VALUES.get(filter_key, [])
-            for value in filter_value
-        ):
-            valid_values = ", ".join(AVAILABLE_FILTER_VALUES.get(filter_key, []))
+        if any(value not in AVAILABLE_FILTER_VALUES.get(filter_key, []) for value in filter_value):
+            valid_values = ', '.join(AVAILABLE_FILTER_VALUES.get(filter_key, []))
             raise Exception(
                 f"ERROR: Invalid filter value '{filter_value}' for filter '{filter_key.value}'. "
-                f"Valid values are: {valid_values}"
+                f'Valid values are: {valid_values}'
             )
 
     def get_pending_identifications(self):
@@ -226,9 +223,7 @@ class Results(ScanossBase):
         Args:
             file (str, optional): Output file. Defaults to None.
         """
-        self.print_to_file_or_stdout(
-            json.dumps(self._format_json_output(), indent=2), file
-        )
+        self.print_to_file_or_stdout(json.dumps(self._format_json_output(), indent=2), file)
 
     def _format_json_output(self):
         """
@@ -240,15 +235,11 @@ class Results(ScanossBase):
             formatted_data.append(
                 {
                     'file': item.get('filename'),
-                    'status': item.get('status', "N/A"),
+                    'status': item.get('status', 'N/A'),
                     'match_type': item['id'],
-                    'matched': item.get('matched', "N/A"),
-                    'purl': (item.get('purl')[0] if item.get('purl') else "N/A"),
-                    'license': (
-                        item.get('licenses')[0].get('name', "N/A")
-                        if item.get('licenses')
-                        else "N/A"
-                    ),
+                    'matched': item.get('matched', 'N/A'),
+                    'purl': (item.get('purl')[0] if item.get('purl') else 'N/A'),
+                    'license': (item.get('licenses')[0].get('name', 'N/A') if item.get('licenses') else 'N/A'),
                 }
             )
         return {'results': formatted_data, 'total': len(formatted_data)}
@@ -263,7 +254,7 @@ class Results(ScanossBase):
             None
         """
         if not self.data:
-            return self.print_stderr("No results to present")
+            return self.print_stderr('No results to present')
         self.print_to_file_or_stdout(self._format_plain_output(), file)
 
     def _present_stdout(self):
@@ -273,7 +264,7 @@ class Results(ScanossBase):
             None
         """
         if not self.data:
-            return self.print_stderr("No results to present")
+            return self.print_stderr('No results to present')
         self.print_to_file_or_stdout(self._format_plain_output())
 
     def _format_plain_output(self):
@@ -281,9 +272,9 @@ class Results(ScanossBase):
         Format the output data into a plain text string
         """
 
-        formatted = ""
+        formatted = ''
         for item in self.data:
-            formatted += f"{self._format_plain_output_item(item)} \n"
+            formatted += f'{self._format_plain_output_item(item)} \n'
         return formatted
 
     @staticmethod
@@ -292,10 +283,10 @@ class Results(ScanossBase):
         licenses = item.get('licenses', [])
 
         return (
-            f"File: {item.get('filename')}\n"
-            f"Match type: {item.get('id')}\n"
-            f"Status: {item.get('status', 'N/A')}\n"
-            f"Matched: {item.get('matched', 'N/A')}\n"
-            f"Purl: {purls[0] if purls else 'N/A'}\n"
-            f"License: {licenses[0].get('name', 'N/A') if licenses else 'N/A'}\n"
+            f'File: {item.get("filename")}\n'
+            f'Match type: {item.get("id")}\n'
+            f'Status: {item.get("status", "N/A")}\n'
+            f'Matched: {item.get("matched", "N/A")}\n'
+            f'Purl: {purls[0] if purls else "N/A"}\n'
+            f'License: {licenses[0].get("name", "N/A") if licenses else "N/A"}\n'
         )

scanoss/scancodedeps.py

@@ -1,25 +1,25 @@
 """
- SPDX-License-Identifier: MIT
+SPDX-License-Identifier: MIT
 
-   Copyright (c) 2021, SCANOSS
+  Copyright (c) 2021, SCANOSS
 
-   Permission is hereby granted, free of charge, to any person obtaining a copy
-   of this software and associated documentation files (the "Software"), to deal
-   in the Software without restriction, including without limitation the rights
-   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-   copies of the Software, and to permit persons to whom the Software is
-   furnished to do so, subject to the following conditions:
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
 
-   The above copyright notice and this permission notice shall be included in
-   all copies or substantial portions of the Software.
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
 
-   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-   THE SOFTWARE.
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
 """
 
 import json
@@ -33,8 +33,17 @@ class ScancodeDeps(ScanossBase):
     """
     SCANOSS dependency scanning class
     """
-    def __init__(self, debug: bool = False, quiet: bool = False, trace: bool = False, output_file: str = None,
-                 scan_output: str = None, timeout: int = 600, sc_command: str = None):
+
+    def __init__(
+        self,
+        debug: bool = False,
+        quiet: bool = False,
+        trace: bool = False,
+        output_file: str = None,
+        scan_output: str = None,
+        timeout: int = 600,
+        sc_command: str = None,
+    ):
         """
         Initialise ScancodeDeps class
         """
@@ -54,12 +63,11 @@ class ScancodeDeps(ScanossBase):
         if not outfile and self.scan_output:
             outfile = self.scan_output
         if outfile:
-            with open(outfile, "a") as rf:
+            with open(outfile, 'a') as rf:
                 rf.write(string + '\n')
         else:
             print(string)
 
-
     def remove_interim_file(self, output_file: str = None):
         """
         Remove the temporary Scancode interim file
@@ -86,7 +94,7 @@ class ScancodeDeps(ScanossBase):
         self.print_debug(f'Processing Scancode results into Dependency data...')
         files = []
         for t in data:
-            if t == 'files':    # Only interested in 'files' details
+            if t == 'files':  # Only interested in 'files' details
                 files_details = data.get(t)
                 if not files_details or files_details == '':
                     continue
@@ -121,7 +129,7 @@ class ScancodeDeps(ScanossBase):
                             dp_data = {'purl': dp}
                             rq = d.get('extracted_requirement')  # scancode format 2.0
                             if not rq or rq == '':
-                                rq = d.get('requirement')        # scancode format 1.0
+                                rq = d.get('requirement')  # scancode format 1.0
                             # skip requirement if it ends with the purl (i.e. exact version) or if it's local (file)
                             if rq and rq != '' and not dp.endswith(rq) and not rq.startswith('file:'):
                                 dp_data['requirement'] = rq
@@ -206,17 +214,32 @@ class ScancodeDeps(ScanossBase):
             output_file = self.output_file
         try:
             open(output_file, 'w').close()
-            self.print_trace(f'About to execute {self.sc_command} -p --only-findings --quiet --json {output_file}'
-                             f' {what_to_scan}')
-            result = subprocess.run([self.sc_command, '-p', '--only-findings', '--quiet', '--strip-root', '--json',
-                                     output_file, what_to_scan],
-                                    cwd=os.getcwd(), stdout=subprocess.PIPE, stderr=subprocess.STDOUT,
-                                    text=True, timeout=self.timeout
-                                    )
+            self.print_trace(
+                f'About to execute {self.sc_command} -p --only-findings --quiet --json {output_file} {what_to_scan}'
+            )
+            result = subprocess.run(
+                [
+                    self.sc_command,
+                    '-p',
+                    '--only-findings',
+                    '--quiet',
+                    '--strip-root',
+                    '--json',
+                    output_file,
+                    what_to_scan,
+                ],
+                cwd=os.getcwd(),
+                stdout=subprocess.PIPE,
+                stderr=subprocess.STDOUT,
+                text=True,
+                timeout=self.timeout,
+            )
             self.print_trace(f'Subprocess return: {result}')
             if result.returncode:
-                self.print_stderr(f'ERROR: Scancode dependency scan of {what_to_scan} failed with exit code'
-                                  f' {result.returncode}:\n{result.stdout}')
+                self.print_stderr(
+                    f'ERROR: Scancode dependency scan of {what_to_scan} failed with exit code'
+                    f' {result.returncode}:\n{result.stdout}'
+                )
                 return False
         except subprocess.TimeoutExpired as e:
             self.print_stderr(f'ERROR: Timed out attempting to run scancode dependency scan on {what_to_scan}: {e}')
@@ -245,21 +268,21 @@ class ScancodeDeps(ScanossBase):
                 self.print_stderr(f'ERROR: Problem loading input JSON: {e}')
         return None
 
-
     @staticmethod
-    def __remove_dep_scope(deps: json)->json:
+    def __remove_dep_scope(deps: json) -> json:
         """
         :param deps: dependencies with scopes
         :return dependencies without scopes
         """
-        files = deps.get("files")
+        files = deps.get('files')
         for file in files:
             if 'purls' in file:
-                purls = file.get("purls")
+                purls = file.get('purls')
                 for purl in purls:
-                    purl.pop("scope",None)
+                    purl.pop('scope', None)
+
+        return {'files': files}
 
-        return {"files": files }
 
 #
 # End of ScancodeDeps Class