scanoss 1.20.4__tar.gz → 1.20.6__tar.gz

{scanoss-1.20.4/src/scanoss.egg-info → scanoss-1.20.6}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.2
+Metadata-Version: 2.4
 Name: scanoss
-Version: 1.20.4
+Version: 1.20.6
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -31,6 +31,7 @@ Requires-Dist: pathspec
 Requires-Dist: jsonschema
 Provides-Extra: fast-winnowing
 Requires-Dist: scanoss_winnowing>=0.5.0; extra == "fast-winnowing"
+Dynamic: license-file
 
 # SCANOSS Python Package
 The SCANOSS python package provides a simple easy to consume library for interacting with SCANOSS APIs/Engine.

{scanoss-1.20.4 → scanoss-1.20.6}/src/scanoss/__init__.py

@@ -22,4 +22,4 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
 
-__version__ = '1.20.4'
+__version__ = '1.20.6'

{scanoss-1.20.4 → scanoss-1.20.6}/src/scanoss/cli.py

@@ -28,6 +28,7 @@ import sys
 from pathlib import Path
 
 import pypac
+from typing import List
 
 from . import __version__
 from .components import Components
@@ -50,6 +51,7 @@ DEFAULT_TIMEOUT = 180
 MIN_TIMEOUT_VALUE = 5
 DEFAULT_RETRY = 5
 PYTHON3_OR_LATER = 3
+HEADER_PARTS_COUNT = 2
 
 def print_stderr(*args, **kwargs):
     """
@@ -567,6 +569,12 @@ def setup_args() -> None:  # noqa: PLR0915
             help='GRPC Proxy URL to use for connections (optional). '
             'Can also use the environment variable "grcp_proxy=<ip>:<port>"',
         )
+        p.add_argument(
+            '--header','-hdr',
+            action='append',  # This allows multiple -H flags
+            type=str,
+            help='Headers to be sent on request (e.g., -hdr "Name: Value") - can be used multiple times'
+        )
 
     # Help/Trace command options
     for p in [
@@ -605,7 +613,6 @@ def setup_args() -> None:  # noqa: PLR0915
         sys.exit(1)
     args.func(parser, args)  # Execute the function associated with the sub-command
 
-
 def ver(*_):
     """
     Run the "ver" sub-command
@@ -903,6 +910,7 @@ def scan(parser, args): # noqa: PLR0912, PLR0915
         strip_hpsm_ids=args.strip_hpsm,
         strip_snippet_ids=args.strip_snippet,
         scan_settings=scan_settings,
+        req_headers= process_req_headers(args.header),
     )
     if args.wfp:
         if not scanner.is_file_or_snippet_scan():
@@ -1228,6 +1236,7 @@ def comp_crypto(parser, args):
         print_stderr(f'Error: Certificate file does not exist: {args.ca_cert}.')
         sys.exit(1)
     pac_file = get_pac_file(args.pac)
+
     comps = Components(
         debug=args.debug,
         trace=args.trace,
@@ -1239,6 +1248,7 @@ def comp_crypto(parser, args):
         grpc_proxy=args.grpc_proxy,
         pac=pac_file,
         timeout=args.timeout,
+        req_headers= process_req_headers(args.header),
     )
     if not comps.get_crypto_details(args.input, args.purl, args.output):
         sys.exit(1)
@@ -1273,6 +1283,7 @@ def comp_vulns(parser, args):
         grpc_proxy=args.grpc_proxy,
         pac=pac_file,
         timeout=args.timeout,
+        req_headers=process_req_headers(args.header),
     )
     if not comps.get_vulnerabilities(args.input, args.purl, args.output):
         sys.exit(1)
@@ -1307,6 +1318,7 @@ def comp_semgrep(parser, args):
         grpc_proxy=args.grpc_proxy,
         pac=pac_file,
         timeout=args.timeout,
+        req_headers=process_req_headers(args.header),
     )
     if not comps.get_semgrep_details(args.input, args.purl, args.output):
         sys.exit(1)
@@ -1344,6 +1356,7 @@ def comp_search(parser, args):
         grpc_proxy=args.grpc_proxy,
         pac=pac_file,
         timeout=args.timeout,
+        req_headers=process_req_headers(args.header),
     )
     if not comps.search_components(
         args.output,
@@ -1388,6 +1401,7 @@ def comp_versions(parser, args):
         grpc_proxy=args.grpc_proxy,
         pac=pac_file,
         timeout=args.timeout,
+        req_headers=process_req_headers(args.header),
     )
     if not comps.get_component_versions(args.output, json_file=args.input, purl=args.purl, limit=args.limit):
         sys.exit(1)
@@ -1412,7 +1426,7 @@ def comp_provenance(parser, args):
     pac_file = get_pac_file(args.pac)
     comps = Components(debug=args.debug, trace=args.trace, quiet=args.quiet, grpc_url=args.api2url, api_key=args.key,
                        ca_cert=args.ca_cert, proxy=args.proxy, grpc_proxy=args.grpc_proxy, pac=pac_file,
-                       timeout=args.timeout)
+                       timeout=args.timeout, req_headers=process_req_headers(args.header))
     if not comps.get_provenance_details(args.input, args.purl, args.output):
         sys.exit(1)
 
@@ -1456,6 +1470,31 @@ def results(parser, args):
         results.apply_filters().present()
 
 
+def process_req_headers(headers_array: List[str]) -> dict:
+    """
+    Process a list of header strings in the format "Name: Value" into a dictionary.
+
+    Args:
+        headers_array (list): List of header strings from command line args
+
+    Returns:
+        dict: Dictionary of header name-value pairs
+    """
+    # Check if headers_array is empty
+    if not headers_array:
+        # Array is empty
+        return {}
+
+    dict_headers = {}
+    for header_str in headers_array:
+        # Split each "Name: Value" header
+        parts = header_str.split(":", 1)
+        if len(parts) == HEADER_PARTS_COUNT:
+            name = parts[0].strip()
+            value = parts[1].strip()
+            dict_headers[name] = value
+    return dict_headers
+
 def main():
     """
     Run the ScanOSS CLI

{scanoss-1.20.4 → scanoss-1.20.6}/src/scanoss/components.py

@@ -25,7 +25,7 @@ SPDX-License-Identifier: MIT
 import json
 import os
 import sys
-from typing import TextIO, Optional, List
+from typing import List, Optional, TextIO
 
 from pypac.parser import PACFile
 
@@ -39,7 +39,7 @@ class Components(ScanossBase):
     Class for Component functionality
     """
 
-    def __init__(
+    def __init__( # noqa: PLR0913, PLR0915
         self,
         debug: bool = False,
         trace: bool = False,
@@ -51,6 +51,7 @@ class Components(ScanossBase):
         grpc_proxy: str = None,
         ca_cert: str = None,
         pac: PACFile = None,
+        req_headers: dict = None,
     ):
         """
         Handle all component style requests
@@ -80,6 +81,7 @@ class Components(ScanossBase):
             pac=pac,
             grpc_proxy=grpc_proxy,
             timeout=timeout,
+            req_headers=req_headers,
         )
 
     def load_purls(self, json_file: Optional[str] = None, purls: Optional[List[str]] = None) -> Optional[dict]:
@@ -242,7 +244,7 @@ class Components(ScanossBase):
         self._close_file(output_file, file)
         return success
 
-    def search_components(
+    def search_components( # noqa: PLR0913, PLR0915
         self,
         output_file: str = None,
         json_file: str = None,

scanoss-1.20.6/src/scanoss/data/build_date.txt

@@ -0,0 +1 @@
+date: 20250320002157, utime: 1742430117

{scanoss-1.20.4 → scanoss-1.20.6}/src/scanoss/scanner.py

@@ -69,7 +69,7 @@ class Scanner(ScanossBase):
     Handle the scanning of files, snippets and dependencies
     """
 
-    def __init__(
+    def __init__( # noqa: PLR0913, PLR0915
         self,
         wfp: str = None,
         scan_output: str = None,
@@ -106,6 +106,7 @@ class Scanner(ScanossBase):
         strip_snippet_ids=None,
         skip_md5_ids=None,
         scan_settings: 'ScanossSettings | None' = None,
+        req_headers: dict = None,
     ):
         """
         Initialise scanning class, including Winnowing, ScanossApi, ThreadedScanning
@@ -129,6 +130,7 @@ class Scanner(ScanossBase):
         self.skip_folders = skip_folders
         self.skip_size = skip_size
         self.skip_extensions = skip_extensions
+        self.req_headers = req_headers
         ver_details = Scanner.version_details()
 
         self.winnowing = Winnowing(
@@ -156,6 +158,7 @@ class Scanner(ScanossBase):
             ca_cert=ca_cert,
             pac=pac,
             retry=retry,
+            req_headers= self.req_headers,
         )
         sc_deps = ScancodeDeps(debug=debug, quiet=quiet, trace=trace, timeout=sc_timeout, sc_command=sc_command)
         grpc_api = ScanossGrpc(
@@ -169,6 +172,7 @@ class Scanner(ScanossBase):
             proxy=proxy,
             pac=pac,
             grpc_proxy=grpc_proxy,
+            req_headers=self.req_headers,
         )
         self.threaded_deps = ThreadedDependencies(sc_deps, grpc_api, debug=debug, quiet=quiet, trace=trace)
         self.nb_threads = nb_threads
@@ -302,7 +306,7 @@ class Scanner(ScanossBase):
 
         success = True
         if not scan_dir:
-            raise Exception(f'ERROR: Please specify a folder to scan')
+            raise Exception('ERROR: Please specify a folder to scan')
         if not os.path.exists(scan_dir) or not os.path.isdir(scan_dir):
             raise Exception(f'ERROR: Specified folder does not exist or is not a folder: {scan_dir}')
         if not self.is_file_or_snippet_scan() and not self.is_dependency_scan():
@@ -386,7 +390,8 @@ class Scanner(ScanossBase):
             file_count += 1
             if self.threaded_scan:
                 wfp_size = len(wfp.encode('utf-8'))
-                # If the WFP is bigger than the max post size and we already have something stored in the scan block, add it to the queue
+                # If the WFP is bigger than the max post size and we already have something stored in the scan block,
+                # add it to the queue
                 if scan_block != '' and (wfp_size + scan_size) >= self.max_post_size:
                     self.threaded_scan.queue_add(scan_block)
                     queue_size += 1
@@ -436,7 +441,7 @@ class Scanner(ScanossBase):
         self.threaded_scan.update_bar(create=True, file_count=file_count)
         if not scan_started:
             if not self.threaded_scan.run(wait=False):  # Run the scan but do not wait for it to complete
-                self.print_stderr(f'Warning: Some errors encounted while scanning. Results might be incomplete.')
+                self.print_stderr('Warning: Some errors encounted while scanning. Results might be incomplete.')
                 success = False
         return success
 
@@ -457,14 +462,14 @@ class Scanner(ScanossBase):
         dep_responses = None
         if self.is_file_or_snippet_scan():
             if not self.threaded_scan.complete():  # Wait for the scans to complete
-                self.print_stderr(f'Warning: Scanning analysis ran into some trouble.')
+                self.print_stderr('Warning: Scanning analysis ran into some trouble.')
                 success = False
             self.threaded_scan.complete_bar()
             scan_responses = self.threaded_scan.responses
         if self.is_dependency_scan():
             self.print_msg('Retrieving dependency data...')
             if not self.threaded_deps.complete():
-                self.print_stderr(f'Warning: Dependency analysis ran into some trouble.')
+                self.print_stderr('Warning: Dependency analysis ran into some trouble.')
                 success = False
             dep_responses = self.threaded_deps.responses
 
@@ -546,7 +551,7 @@ class Scanner(ScanossBase):
         """
         success = True
         if not file:
-            raise Exception(f'ERROR: Please specify a file to scan')
+            raise Exception('ERROR: Please specify a file to scan')
         if not os.path.exists(file) or not os.path.isfile(file):
             raise Exception(f'ERROR: Specified file does not exist or is not a file: {file}')
         if not self.is_file_or_snippet_scan() and not self.is_dependency_scan():
@@ -583,7 +588,7 @@ class Scanner(ScanossBase):
         """
         success = True
         if not file:
-            raise Exception(f'ERROR: Please specify a file to scan')
+            raise Exception('ERROR: Please specify a file to scan')
         if not os.path.exists(file) or not os.path.isfile(file):
             raise Exception(f'ERROR: Specified files does not exist or is not a file: {file}')
         self.print_debug(f'Fingerprinting {file}...')
@@ -608,7 +613,7 @@ class Scanner(ScanossBase):
         """
         success = True
         if not files:
-            raise Exception(f'ERROR: Please provide a non-empty list of filenames to scan')
+            raise Exception('ERROR: Please provide a non-empty list of filenames to scan')
 
         file_filters = FileFilters(
             debug=self.debug,
@@ -671,7 +676,7 @@ class Scanner(ScanossBase):
                     scan_started = True
                     if not self.threaded_scan.run(wait=False):
                         self.print_stderr(
-                            f'Warning: Some errors encounted while scanning. Results might be incomplete.'
+                            'Warning: Some errors encounted while scanning. Results might be incomplete.'
                         )
                         success = False
 
@@ -704,12 +709,12 @@ class Scanner(ScanossBase):
         """
         success = True
         if not files:
-            raise Exception(f'ERROR: Please specify a list of files to scan')
+            raise Exception('ERROR: Please specify a list of files to scan')
         if not self.is_file_or_snippet_scan():
             raise Exception(f'ERROR: file or snippet scan options have to be set to scan files: {files}')
         if self.is_dependency_scan() or deps_file:
             raise Exception(
-                f'ERROR: The dependency scan option is currently not supported when scanning a list of files'
+                'ERROR: The dependency scan option is currently not supported when scanning a list of files'
             )
         if self.scan_output:
             self.print_msg(f'Writing results to {self.scan_output}...')
@@ -731,9 +736,9 @@ class Scanner(ScanossBase):
         """
         success = True
         if not filename:
-            raise Exception(f'ERROR: Please specify a filename to scan')
+            raise Exception('ERROR: Please specify a filename to scan')
         if not contents:
-            raise Exception(f'ERROR: Please specify a file contents to scan')
+            raise Exception('ERROR: Please specify a file contents to scan')
 
         self.print_debug(f'Fingerprinting {filename}...')
         wfp = self.winnowing.wfp_for_contents(filename, False, contents)
@@ -924,7 +929,7 @@ class Scanner(ScanossBase):
                         scan_started = True
                         if not self.threaded_scan.run(wait=False):
                             self.print_stderr(
-                                f'Warning: Some errors encounted while scanning. Results might be incomplete.'
+                                'Warning: Some errors uncounted while scanning. Results might be incomplete.'
                             )
                             success = False
             # End for loop
@@ -948,7 +953,7 @@ class Scanner(ScanossBase):
         """
         success = True
         if not wfp:
-            raise Exception(f'ERROR: Please specify a WFP to scan')
+            raise Exception('ERROR: Please specify a WFP to scan')
         raw_output = '{\n'
         scan_resp = self.scanoss_api.scan(wfp)
         if scan_resp is not None:
@@ -984,9 +989,9 @@ class Scanner(ScanossBase):
         :return:
         """
         if not filename:
-            raise Exception(f'ERROR: Please specify a filename to scan')
+            raise Exception('ERROR: Please specify a filename to scan')
         if not contents:
-            raise Exception(f'ERROR: Please specify a file contents to scan')
+            raise Exception('ERROR: Please specify a file contents to scan')
 
         self.print_debug(f'Fingerprinting {filename}...')
         wfp = self.winnowing.wfp_for_contents(filename, False, contents)
@@ -1005,7 +1010,7 @@ class Scanner(ScanossBase):
         Fingerprint the specified file
         """
         if not scan_file:
-            raise Exception(f'ERROR: Please specify a file to fingerprint')
+            raise Exception('ERROR: Please specify a file to fingerprint')
         if not os.path.exists(scan_file) or not os.path.isfile(scan_file):
             raise Exception(f'ERROR: Specified file does not exist or is not a file: {scan_file}')
 
@@ -1026,7 +1031,7 @@ class Scanner(ScanossBase):
         Fingerprint the specified folder producing fingerprints
         """
         if not scan_dir:
-            raise Exception(f'ERROR: Please specify a folder to fingerprint')
+            raise Exception('ERROR: Please specify a folder to fingerprint')
         if not os.path.exists(scan_dir) or not os.path.isdir(scan_dir):
             raise Exception(f'ERROR: Specified folder does not exist or is not a folder: {scan_dir}')
         file_filters = FileFilters(

{scanoss-1.20.4 → scanoss-1.20.6}/src/scanoss/scanossapi.py

@@ -52,7 +52,7 @@ class ScanossApi(ScanossBase):
     Currently support posting scan requests to the SCANOSS streaming API
     """
 
-    def __init__(
+    def __init__(  # noqa: PLR0913, PLR0915
         self,
         scan_format: str = None,
         flags: str = None,
@@ -68,6 +68,7 @@ class ScanossApi(ScanossBase):
         ca_cert: str = None,
         pac: PACFile = None,
         retry: int = 5,
+        req_headers: dict = None,
     ):
         """
         Initialise the SCANOSS API
@@ -86,17 +87,17 @@ class ScanossApi(ScanossBase):
             HTTPS_PROXY='http://<ip>:<port>'
         """
         super().__init__(debug, trace, quiet)
-        self.url = url if url else SCANOSS_SCAN_URL
-        self.api_key = api_key if api_key else SCANOSS_API_KEY
-        if self.api_key and not url and not os.environ.get('SCANOSS_SCAN_URL'):
-            self.url = DEFAULT_URL2  # API key specific and no alternative URL, so use the default premium
+        self.url = url
+        self.api_key = api_key
         self.sbom = None
         self.scan_format = scan_format if scan_format else 'plain'
         self.flags = flags
         self.timeout = timeout if timeout > 5 else 180
         self.retry_limit = retry if retry >= 0 else 5
         self.ignore_cert_errors = ignore_cert_errors
+        self.req_headers = req_headers if req_headers else {}
         self.headers = {}
+
         if ver_details:
             self.headers['x-scanoss-client'] = ver_details
         if self.api_key:
@@ -104,17 +105,24 @@ class ScanossApi(ScanossBase):
             self.headers['x-api-key'] = self.api_key
         self.headers['User-Agent'] = f'scanoss-py/{__version__}'
         self.headers['user-agent'] = f'scanoss-py/{__version__}'
+        self.load_generic_headers()
+
+        self.url = url if url else SCANOSS_SCAN_URL
+        self.api_key = api_key if api_key else SCANOSS_API_KEY
+        if self.api_key and not url and not os.environ.get('SCANOSS_SCAN_URL'):
+            self.url = DEFAULT_URL2  # API key specific and no alternative URL, so use the default premium
+
         if self.trace:
             logging.basicConfig(stream=sys.stderr, level=logging.DEBUG)
             http_client.HTTPConnection.debuglevel = 1
         if pac and not proxy:  # Setup PAC session if requested (and no proxy has been explicitly set)
-            self.print_debug(f'Setting up PAC session...')
+            self.print_debug('Setting up PAC session...')
             self.session = PACSession(pac=pac)
         else:
             self.session = requests.sessions.Session()
         self.verify = None
         if self.ignore_cert_errors:
-            self.print_debug(f'Ignoring cert errors...')
+            self.print_debug('Ignoring cert errors...')
             urllib3.disable_warnings(InsecureRequestWarning)
             self.verify = False
             self.session.verify = False
@@ -261,6 +269,20 @@ class ScanossApi(ScanossBase):
         self.sbom = sbom
         return self
 
+    def load_generic_headers(self):
+        """
+         Adds custom headers from req_headers to the headers collection.
+
+         If x-api-key is present and no URL is configured (directly or via
+         environment), sets URL to the premium endpoint (DEFAULT_URL2).
+         """
+        if self.req_headers:  # Load generic headers
+            for key, value in self.req_headers.items():
+                if key == 'x-api-key': # Set premium URL if x-api-key header is set
+                    if not self.url and not os.environ.get('SCANOSS_SCAN_URL'):
+                        self.url = DEFAULT_URL2  # API key specific and no alternative URL, so use the default premium
+                    self.api_key = value
+                self.headers[key] = value
 
 #
 # End of ScanossApi Class