PyPI - scanoss - Versions diffs - 1.20.6__py3-none-any.whl → 1.23.0__py3-none-any.whl - Mend

scanoss 1.20.6py3-none-any.whl → 1.23.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (50) hide show

protoc_gen_swagger/options/annotations_pb2.py +9 -12
protoc_gen_swagger/options/annotations_pb2_grpc.py +1 -1
protoc_gen_swagger/options/openapiv2_pb2.py +96 -98
protoc_gen_swagger/options/openapiv2_pb2_grpc.py +1 -1
scanoss/__init__.py +1 -1
scanoss/api/common/v2/scanoss_common_pb2.py +20 -18
scanoss/api/common/v2/scanoss_common_pb2_grpc.py +1 -1
scanoss/api/components/v2/scanoss_components_pb2.py +38 -48
scanoss/api/components/v2/scanoss_components_pb2_grpc.py +96 -142
scanoss/api/cryptography/v2/scanoss_cryptography_pb2.py +42 -22
scanoss/api/cryptography/v2/scanoss_cryptography_pb2_grpc.py +185 -75
scanoss/api/dependencies/v2/scanoss_dependencies_pb2.py +32 -30
scanoss/api/dependencies/v2/scanoss_dependencies_pb2_grpc.py +83 -75
scanoss/api/geoprovenance/v2/scanoss_geoprovenance_pb2.py +49 -0
scanoss/api/geoprovenance/v2/scanoss_geoprovenance_pb2_grpc.py +142 -0
scanoss/api/scanning/v2/scanoss_scanning_pb2.py +20 -10
scanoss/api/scanning/v2/scanoss_scanning_pb2_grpc.py +70 -40
scanoss/api/semgrep/v2/scanoss_semgrep_pb2.py +18 -22
scanoss/api/semgrep/v2/scanoss_semgrep_pb2_grpc.py +49 -71
scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2.py +27 -37
scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2_grpc.py +72 -109
scanoss/cli.py +393 -84
scanoss/components.py +21 -11
scanoss/constants.py +12 -0
scanoss/data/build_date.txt +1 -1
scanoss/file_filters.py +272 -57
scanoss/results.py +92 -109
scanoss/scanners/__init__.py +23 -0
scanoss/scanners/container_scanner.py +474 -0
scanoss/scanners/folder_hasher.py +302 -0
scanoss/scanners/scanner_config.py +73 -0
scanoss/scanners/scanner_hfh.py +173 -0
scanoss/scanoss_settings.py +9 -5
scanoss/scanossbase.py +9 -3
scanoss/scanossgrpc.py +143 -18
scanoss/threadedscanning.py +6 -6
scanoss/utils/abstract_presenter.py +103 -0
scanoss/utils/crc64.py +96 -0
scanoss/utils/simhash.py +198 -0
{scanoss-1.20.6.dist-info → scanoss-1.23.0.dist-info}/METADATA +2 -1
scanoss-1.23.0.dist-info/RECORD +83 -0
{scanoss-1.20.6.dist-info → scanoss-1.23.0.dist-info}/WHEEL +1 -1
scanoss/api/provenance/v2/scanoss_provenance_pb2.py +0 -42
scanoss/api/provenance/v2/scanoss_provenance_pb2_grpc.py +0 -108
scanoss-1.20.6.dist-info/RECORD +0 -74
/scanoss/api/{provenance → geoprovenance}/__init__.py +0 -0
/scanoss/api/{provenance → geoprovenance}/v2/__init__.py +0 -0
{scanoss-1.20.6.dist-info → scanoss-1.23.0.dist-info}/entry_points.txt +0 -0
{scanoss-1.20.6.dist-info → scanoss-1.23.0.dist-info}/licenses/LICENSE +0 -0
{scanoss-1.20.6.dist-info → scanoss-1.23.0.dist-info}/top_level.txt +0 -0

scanoss/cli.py CHANGED Viewed

@@ -25,13 +25,37 @@ SPDX-License-Identifier: MIT
 import argparse
 import os
 import sys
+from dataclasses import asdict
 from pathlib import Path
+from typing import List
 import pypac
-from typing import List
+from scanoss.scanners.container_scanner import (
+    DEFAULT_SYFT_COMMAND,
+    DEFAULT_SYFT_TIMEOUT,
+    ContainerScanner,
+    create_container_scanner_config_from_args,
+)
+from scanoss.scanners.folder_hasher import (
+    FolderHasher,
+    create_folder_hasher_config_from_args,
+)
+from scanoss.scanossgrpc import (
+    ScanossGrpc,
+    ScanossGrpcError,
+    create_grpc_config_from_args,
+)
 from . import __version__
 from .components import Components
+from .constants import (
+    DEFAULT_POST_SIZE,
+    DEFAULT_RETRY,
+    DEFAULT_TIMEOUT,
+    MIN_TIMEOUT,
+    PYTHON_MAJOR_VERSION,
+)
 from .csvoutput import CsvOutput
 from .cyclonedx import CycloneDx
 from .filecount import FileCount
@@ -40,19 +64,17 @@ from .inspection.undeclared_component import UndeclaredComponent
 from .results import Results
 from .scancodedeps import ScancodeDeps
 from .scanner import FAST_WINNOWING, Scanner
+from .scanners.scanner_config import create_scanner_config_from_args
+from .scanners.scanner_hfh import ScannerHFH
 from .scanoss_settings import ScanossSettings, ScanossSettingsError
 from .scantype import ScanType
 from .spdxlite import SpdxLite
 from .threadeddependencies import SCOPE
 from .utils.file import validate_json_file
-DEFAULT_POST_SIZE = 32
-DEFAULT_TIMEOUT = 180
-MIN_TIMEOUT_VALUE = 5
-DEFAULT_RETRY = 5
-PYTHON3_OR_LATER = 3
 HEADER_PARTS_COUNT = 2
 def print_stderr(*args, **kwargs):
     """
     Print the given message to STDERR
@@ -60,7 +82,7 @@ def print_stderr(*args, **kwargs):
     print(*args, file=sys.stderr, **kwargs)
-def setup_args() -> None:  # noqa: PLR0915
+def setup_args() -> None:  # noqa: PLR0912, PLR0915
     """
     Setup all the command line arguments for processing
     """
@@ -95,14 +117,6 @@ def setup_args() -> None:  # noqa: PLR0915
     p_scan.add_argument('--files', '-e', type=str, nargs='*', help='List of files to scan.')
     p_scan.add_argument('--identify', '-i', type=str, help='Scan and identify components in SBOM file')
     p_scan.add_argument('--ignore', '-n', type=str, help='Ignore components specified in the SBOM file')
-    p_scan.add_argument('--output', '-o', type=str, help='Output result file name (optional - default stdout).')
-    p_scan.add_argument(
-        '--format',
-        '-f',
-        type=str,
-        choices=['plain', 'cyclonedx', 'spdxlite', 'csv'],
-        help='Result output format (optional - default: plain)',
-    )
     p_scan.add_argument(
         '--threads', '-T', type=int, default=5, help='Number of threads to use while scanning (optional - default 5)'
     )
@@ -132,15 +146,17 @@ def setup_args() -> None:  # noqa: PLR0915
         help='Timeout (in seconds) for API communication (optional - default 180)',
     )
     p_scan.add_argument(
-        '--retry', '-R', type=int, default=DEFAULT_RETRY,
-        help='Retry limit for API communication (optional - default 5)'
+        '--retry',
+        '-R',
+        type=int,
+        default=DEFAULT_RETRY,
+        help='Retry limit for API communication (optional - default 5)',
     )
     p_scan.add_argument('--no-wfp-output', action='store_true', help='Skip WFP file generation')
     p_scan.add_argument('--dependencies', '-D', action='store_true', help='Add Dependency scanning')
     p_scan.add_argument('--dependencies-only', action='store_true', help='Run Dependency scanning only')
     p_scan.add_argument(
-        '--sc-command', type=str,
-        help='Scancode command and path if required (optional - default scancode).'
+        '--sc-command', type=str, help='Scancode command and path if required (optional - default scancode).'
     )
     p_scan.add_argument(
         '--sc-timeout',
@@ -153,18 +169,6 @@ def setup_args() -> None:  # noqa: PLR0915
     )
     p_scan.add_argument('--dep-scope-inc', '-dsi', type=str, help='Include dependencies with declared scopes')
     p_scan.add_argument('--dep-scope-exc', '-dse', type=str, help='Exclude dependencies with declared scopes')
-    p_scan.add_argument(
-        '--settings',
-        '-st',
-        type=str,
-        help='Settings file to use for scanning (optional - default scanoss.json)',
-    )
-    p_scan.add_argument(
-        '--skip-settings-file',
-        '-stf',
-        action='store_true',
-        help='Skip default settings file (scanoss.json) if it exists',
-    )
     # Sub-command: fingerprint
     p_wfp = subparsers.add_parser(
@@ -182,19 +186,6 @@ def setup_args() -> None:  # noqa: PLR0915
         type=str,
         help='Fingerprint the file contents supplied via STDIN (optional)',
     )
-    p_wfp.add_argument('--output', '-o', type=str, help='Output result file name (optional - default stdout).')
-    p_wfp.add_argument(
-        '--settings',
-        '-st',
-        type=str,
-        help='Settings file to use for fingerprinting (optional - default scanoss.json)',
-    )
-    p_wfp.add_argument(
-        '--skip-settings-file',
-        '-stf',
-        action='store_true',
-        help='Skip default settings file (scanoss.json) if it exists',
-    )
     # Sub-command: dependency
     p_dep = subparsers.add_parser(
@@ -203,9 +194,13 @@ def setup_args() -> None:  # noqa: PLR0915
         description=f'Produce dependency file summary: {__version__}',
         help='Scan source code for dependencies, but do not decorate them',
     )
-    p_dep.set_defaults(func=dependency)
-    p_dep.add_argument('scan_dir', metavar='FILE/DIR', type=str, nargs='?', help='A file or folder to scan')
-    p_dep.add_argument('--output', '-o', type=str, help='Output result file name (optional - default stdout).')
+    p_dep.add_argument('scan_loc', metavar='FILE/DIR', type=str, nargs='?', help='A file or folder to scan')
+    p_dep.add_argument(
+        '--container',
+        type=str,
+        help='Container image to scan. Supports yourrepo/yourimage:tag, Docker tar, '
+        'OCI tar, OCI directory, SIF Container, or generic filesystem directory.',
+    )
     p_dep.add_argument(
         '--sc-command', type=str, help='Scancode command and path if required (optional - default scancode).'
     )
@@ -215,6 +210,40 @@ def setup_args() -> None:  # noqa: PLR0915
         default=600,
         help='Timeout (in seconds) for scancode to complete (optional - default 600)',
     )
+    p_dep.set_defaults(func=dependency)
+    # Container scan sub-command
+    p_cs = subparsers.add_parser(
+        'container-scan',
+        aliases=['cs'],
+        description=f'Analyse/scan the given container image: {__version__}',
+        help='Scan container image',
+    )
+    p_cs.add_argument(
+        'scan_loc',
+        metavar='IMAGE',
+        type=str,
+        nargs='?',
+        help=(
+            'Container image to scan. Supports yourrepo/yourimage:tag, Docker tar, '
+            'OCI tar, OCI directory, SIF Container, or generic filesystem directory.'
+        ),
+    )
+    p_cs.add_argument(
+        '--retry',
+        '-R',
+        type=int,
+        default=DEFAULT_RETRY,
+        help='Retry limit for API communication (optional - default 5)',
+    )
+    p_cs.add_argument(
+        '--timeout',
+        '-M',
+        type=int,
+        default=DEFAULT_TIMEOUT,
+        help='Timeout (in seconds) for API communication (optional - default 180)',
+    )
+    p_cs.set_defaults(func=container_scan)
     # Sub-command: file_count
     p_fc = subparsers.add_parser(
@@ -225,7 +254,6 @@ def setup_args() -> None:  # noqa: PLR0915
     )
     p_fc.set_defaults(func=file_count)
     p_fc.add_argument('scan_dir', metavar='DIR', type=str, nargs='?', help='A folder to search')
-    p_fc.add_argument('--output', '-o', type=str, help='Output result file name (optional - default stdout).')
     p_fc.add_argument('--all-hidden', action='store_true', help='Scan all hidden files/folders')
     # Sub-command: convert
@@ -237,7 +265,6 @@ def setup_args() -> None:  # noqa: PLR0915
     )
     p_cnv.set_defaults(func=convert)
     p_cnv.add_argument('--input', '-i', type=str, required=True, help='Input file name')
-    p_cnv.add_argument('--output', '-o', type=str, help='Output result file name (optional - default stdout).')
     p_cnv.add_argument(
         '--format',
         '-f',
@@ -296,8 +323,13 @@ def setup_args() -> None:  # noqa: PLR0915
     c_provenance = comp_sub.add_parser(
         'provenance',
         aliases=['prov', 'prv'],
-        description=f'Show Provenance findings: {__version__}',
-        help='Retrieve provenance for the given components',
+        description=f'Show GEO Provenance findings: {__version__}',
+        help='Retrieve geoprovenance for the given components',
+    )
+    c_provenance.add_argument(
+        '--origin',
+        action='store_true',
+        help='Retrieve geoprovenance using contributors origin (default: declared origin)',
     )
     c_provenance.set_defaults(func=comp_provenance)
@@ -333,9 +365,9 @@ def setup_args() -> None:  # noqa: PLR0915
     for p in [c_crypto, c_vulns, c_semgrep, c_provenance]:
         p.add_argument('--purl', '-p', type=str, nargs='*', help='Package URL - PURL to process.')
         p.add_argument('--input', '-i', type=str, help='Input file name')
     # Common Component sub-command options
     for p in [c_crypto, c_vulns, c_search, c_versions, c_semgrep, c_provenance]:
-        p.add_argument('--output', '-o', type=str, help='Output result file name (optional - default stdout).')
         p.add_argument(
             '--timeout',
             '-M',
@@ -383,7 +415,6 @@ def setup_args() -> None:  # noqa: PLR0915
     p_c_dwnld.add_argument(
         '--port', '-p', required=False, type=int, default=443, help='Server port number (default: 443).'
     )
-    p_c_dwnld.add_argument('--output', '-o', type=str, help='Output result file name (optional - default stdout).')
     # Utils Sub-command: utils pac-proxy
     p_p_proxy = utils_sub.add_parser(
@@ -491,6 +522,114 @@ def setup_args() -> None:  # noqa: PLR0915
     )
     p_undeclared.set_defaults(func=inspect_undeclared)
+    # Sub-command: folder-scan
+    p_folder_scan = subparsers.add_parser(
+        'folder-scan',
+        aliases=['fs'],
+        description=f'Scan the given directory using folder hashing: {__version__}',
+        help='Scan the given directory using folder hashing',
+    )
+    p_folder_scan.add_argument('scan_dir', metavar='FILE/DIR', type=str, nargs='?', help='The root directory to scan')
+    p_folder_scan.add_argument(
+        '--timeout',
+        '-M',
+        type=int,
+        default=600,
+        help='Timeout (in seconds) for API communication (optional - default 600)',
+    )
+    p_folder_scan.add_argument(
+        '--format',
+        '-f',
+        type=str,
+        choices=['json'],
+        default='json',
+        help='Result output format (optional - default: json)',
+    )
+    p_folder_scan.add_argument(
+        '--best-match',
+        '-bm',
+        action='store_true',
+        default=False,
+        help='Enable best match mode (optional - default: False)',
+    )
+    p_folder_scan.add_argument(
+        '--threshold',
+        type=int,
+        choices=range(1, 101),
+        metavar='1-100',
+        default=100,
+        help='Threshold for result matching (optional - default: 100)',
+    )
+    p_folder_scan.set_defaults(func=folder_hashing_scan)
+    # Sub-command: folder-hash
+    p_folder_hash = subparsers.add_parser(
+        'folder-hash',
+        aliases=['fh'],
+        description=f'Produce a folder hash for the given directory: {__version__}',
+        help='Produce a folder hash for the given directory',
+    )
+    p_folder_hash.add_argument('scan_dir', metavar='FILE/DIR', type=str, nargs='?', help='A file or folder to scan')
+    p_folder_hash.add_argument(
+        '--format',
+        '-f',
+        type=str,
+        choices=['json'],
+        default='json',
+        help='Result output format (optional - default: json)',
+    )
+    p_folder_hash.set_defaults(func=folder_hash)
+    # Output options
+    for p in [
+        p_scan,
+        p_cs,
+        p_wfp,
+        p_dep,
+        p_fc,
+        p_cnv,
+        c_crypto,
+        c_vulns,
+        c_search,
+        c_versions,
+        c_semgrep,
+        c_provenance,
+        p_c_dwnld,
+        p_folder_scan,
+        p_folder_hash,
+    ]:
+        p.add_argument('--output', '-o', type=str, help='Output result file name (optional - default stdout).')
+    # Format options
+    for p in [p_scan, p_cs]:
+        choices = ['plain', 'cyclonedx', 'spdxlite', 'csv']
+        if p is p_cs:
+            choices.append('raw')
+        p.add_argument(
+            '--format',
+            '-f',
+            type=str,
+            choices=choices,
+            default='plain',
+            help='Result output format (optional - default: plain)',
+        )
+    # Scanoss settings options
+    for p in [p_folder_scan, p_scan, p_wfp, p_folder_hash]:
+        p.add_argument(
+            '--settings',
+            '-st',
+            type=str,
+            help='Settings file to use for scanning (optional - default scanoss.json)',
+        )
+        p.add_argument(
+            '--skip-settings-file',
+            '-stf',
+            action='store_true',
+            help='Skip default settings file (scanoss.json) if it exists',
+        )
     for p in [p_copyleft, p_undeclared]:
         p.add_argument('-i', '--input', nargs='?', help='Path to results file')
         p.add_argument(
@@ -505,7 +644,7 @@ def setup_args() -> None:  # noqa: PLR0915
         p.add_argument('-s', '--status', type=str, help='Save summary data into Markdown file')
     # Global Scan command options
-    for p in [p_scan]:
+    for p in [p_scan, p_cs]:
         p.add_argument(
             '--apiurl', type=str, help='SCANOSS API URL (optional - default: https://api.osskb.org/scan/direct)'
         )
@@ -514,9 +653,9 @@ def setup_args() -> None:  # noqa: PLR0915
     # Global Scan/Fingerprint filter options
     for p in [p_scan, p_wfp]:
         p.add_argument('--obfuscate', action='store_true', help='Obfuscate fingerprints')
-        p.add_argument('--all-extensions', action='store_true', help='Fingerprint all file extensions')
-        p.add_argument('--all-folders', action='store_true', help='Fingerprint all folders')
-        p.add_argument('--all-hidden', action='store_true', help='Fingerprint all hidden files/folders')
+        p.add_argument('--all-extensions', action='store_true', help='Fingerprint all file extensions/types...')
+        p.add_argument('--all-folders', action='store_true', help='Fingerprint all folders...')
+        p.add_argument('--all-hidden', action='store_true', help='Fingerprint all hidden files/folders...')
         p.add_argument('--hpsm', '-H', action='store_true', help='Use High Precision Snippet Matching algorithm.')
         p.add_argument('--skip-snippets', '-S', action='store_true', help='Skip the generation of snippets')
         p.add_argument('--skip-extension', '-E', type=str, action='append', help='File Extension to skip.')
@@ -533,7 +672,17 @@ def setup_args() -> None:  # noqa: PLR0915
         p.add_argument('--strip-snippet', '-N', type=str, action='append', help='Strip Snippet ID string from WFP.')
     # Global Scan/GRPC options
-    for p in [p_scan, c_crypto, c_vulns, c_search, c_versions, c_semgrep, c_provenance]:
+    for p in [
+        p_scan,
+        c_crypto,
+        c_vulns,
+        c_search,
+        c_versions,
+        c_semgrep,
+        c_provenance,
+        p_folder_scan,
+        p_cs,
+    ]:
         p.add_argument(
             '--key', '-k', type=str, help='SCANOSS API Key token (optional - not required for default OSSKB URL)'
         )
@@ -559,7 +708,7 @@ def setup_args() -> None:  # noqa: PLR0915
         )
     # Global GRPC options
-    for p in [p_scan, c_crypto, c_vulns, c_search, c_versions, c_semgrep, c_provenance]:
+    for p in [p_scan, c_crypto, c_vulns, c_search, c_versions, c_semgrep, c_provenance, p_folder_scan, p_cs]:
         p.add_argument(
             '--api2url', type=str, help='SCANOSS gRPC API 2.0 URL (optional - default: https://api.osskb.org)'
         )
@@ -570,10 +719,26 @@ def setup_args() -> None:  # noqa: PLR0915
             'Can also use the environment variable "grcp_proxy=<ip>:<port>"',
         )
         p.add_argument(
-            '--header','-hdr',
+            '--header',
+            '-hdr',
             action='append',  # This allows multiple -H flags
             type=str,
-            help='Headers to be sent on request (e.g., -hdr "Name: Value") - can be used multiple times'
+            help='Headers to be sent on request (e.g., -hdr "Name: Value") - can be used multiple times',
+        )
+    # Syft options
+    for p in [p_cs, p_dep]:
+        p.add_argument(
+            '--syft-command',
+            type=str,
+            help='Syft command and path if required (optional - default syft).',
+            default=DEFAULT_SYFT_COMMAND,
+        )
+        p.add_argument(
+            '--syft-timeout',
+            type=int,
+            default=DEFAULT_SYFT_TIMEOUT,
+            help='Timeout (in seconds) for syft to complete (optional - default 600)',
         )
     # Help/Trace command options
@@ -594,7 +759,10 @@ def setup_args() -> None:  # noqa: PLR0915
         p_results,
         p_undeclared,
         p_copyleft,
-        c_provenance
+        c_provenance,
+        p_folder_scan,
+        p_folder_hash,
+        p_cs,
     ]:
         p.add_argument('--debug', '-d', action='store_true', help='Enable debug messages')
         p.add_argument('--trace', '-t', action='store_true', help='Enable trace messages, including API posts')
@@ -607,12 +775,12 @@ def setup_args() -> None:  # noqa: PLR0915
     if not args.subparser:
         parser.print_help()  # No sub command subcommand, print general help
         sys.exit(1)
-    elif (
-        args.subparser in {'utils', 'ut', 'component', 'comp', 'inspect', 'insp', 'ins'} and not args.subparsercmd):
+    elif (args.subparser in ('utils', 'ut', 'component', 'comp', 'inspect', 'insp', 'ins')) and not args.subparsercmd:
         parser.parse_args([args.subparser, '--help'])  # Force utils helps to be displayed
         sys.exit(1)
     args.func(parser, args)  # Execute the function associated with the sub-command
 def ver(*_):
     """
     Run the "ver" sub-command
@@ -691,7 +859,7 @@ def wfp(parser, args):
     if not args.skip_settings_file:
         scan_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
         try:
-            scan_settings.load_json_file(args.settings)
+            scan_settings.load_json_file(args.settings, args.scan_dir)
         except ScanossSettingsError as e:
             print_stderr(f'Error: {e}')
             sys.exit(1)
@@ -766,7 +934,7 @@ def get_scan_options(args):
     return scan_options
-def scan(parser, args): # noqa: PLR0912, PLR0915
+def scan(parser, args):  # noqa: PLR0912, PLR0915
     """
     Run the "scan" sub-command
     Parameters
@@ -861,7 +1029,7 @@ def scan(parser, args): # noqa: PLR0912, PLR0915
         if flags:
             print_stderr(f'Using flags {flags}...')
     elif not args.quiet:
-        if args.timeout < MIN_TIMEOUT_VALUE:
+        if args.timeout < MIN_TIMEOUT:
             print_stderr(f'POST timeout (--timeout) too small: {args.timeout}. Reverting to default.')
         if args.retry < 0:
             print_stderr(f'POST retry (--retry) too small: {args.retry}. Reverting to default.')
@@ -910,7 +1078,7 @@ def scan(parser, args): # noqa: PLR0912, PLR0915
         strip_hpsm_ids=args.strip_hpsm,
         strip_snippet_ids=args.strip_snippet,
         scan_settings=scan_settings,
-        req_headers= process_req_headers(args.header),
+        req_headers=process_req_headers(args.header),
     )
     if args.wfp:
         if not scanner.is_file_or_snippet_scan():
@@ -980,12 +1148,18 @@ def dependency(parser, args):
         args: Namespace
             Parsed arguments
     """
-    if not args.scan_dir:
-        print_stderr('Please specify a file/folder')
+    if not args.scan_loc and not args.container:
+        print_stderr('Please specify a file/folder or container image')
         parser.parse_args([args.subparser, '-h'])
         sys.exit(1)
-    if not os.path.exists(args.scan_dir):
-        print_stderr(f'Error: File or folder specified does not exist: {args.scan_dir}.')
+    # Workaround to return syft scan results converted to our dependency output format
+    if args.container:
+        args.scan_loc = args.container
+        return container_scan(parser, args, only_interim_results=True)
+    if not os.path.exists(args.scan_loc):
+        print_stderr(f'Error: File or folder specified does not exist: {args.scan_loc}.')
         sys.exit(1)
     scan_output: str = None
     if args.output:
@@ -995,7 +1169,7 @@ def dependency(parser, args):
     sc_deps = ScancodeDeps(
         debug=args.debug, quiet=args.quiet, trace=args.trace, sc_command=args.sc_command, timeout=args.sc_timeout
     )
-    if not sc_deps.get_dependencies(what_to_scan=args.scan_dir, result_output=scan_output):
+    if not sc_deps.get_dependencies(what_to_scan=args.scan_loc, result_output=scan_output):
         sys.exit(1)
@@ -1122,7 +1296,7 @@ def utils_certloc(*_):
     print(f'CA Cert File: {certifi.where()}')
-def utils_cert_download(_, args): # pylint: disable=PLR0912 # noqa: PLR0912
+def utils_cert_download(_, args):  # pylint: disable=PLR0912 # noqa: PLR0912
     """
     Run the "utils cert-download" sub-command
     :param _: ignore/unused
@@ -1149,13 +1323,14 @@ def utils_cert_download(_, args): # pylint: disable=PLR0912 # noqa: PLR0912
         certs = conn.get_peer_cert_chain()
         for index, cert in enumerate(certs):
             cert_components = dict(cert.get_subject().get_components())
-            if sys.version_info[0] >= PYTHON3_OR_LATER:
+            if sys.version_info[0] >= PYTHON_MAJOR_VERSION:
                 cn = cert_components.get(b'CN')
             else:
+                # Fallback for Python versions less than PYTHON_MAJOR_VERSION
                 cn = cert_components.get('CN')
             if not args.quiet:
                 print_stderr(f'Certificate {index} - CN: {cn}')
-            if sys.version_info[0] >= PYTHON3_OR_LATER:
+            if sys.version_info[0] >= PYTHON_MAJOR_VERSION:
                 print(
                     (crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8')).strip(), file=file
                 )  # Print the downloaded PEM certificate
@@ -1204,7 +1379,7 @@ def get_pac_file(pac: str):
         if pac == 'auto':
             pac_file = pypac.get_pac()  # try to determine the PAC file
         elif pac.startswith('file://'):
-            pac_local = pac.strip('file://')
+            pac_local = pac[7:]  # Remove 'file://' prefix (7 characters)
             if not os.path.exists(pac_local):
                 print_stderr(f'Error: PAC file does not exist: {pac_local}.')
                 sys.exit(1)
@@ -1248,7 +1423,7 @@ def comp_crypto(parser, args):
         grpc_proxy=args.grpc_proxy,
         pac=pac_file,
         timeout=args.timeout,
-        req_headers= process_req_headers(args.header),
+        req_headers=process_req_headers(args.header),
     )
     if not comps.get_crypto_details(args.input, args.purl, args.output):
         sys.exit(1)
@@ -1406,9 +1581,10 @@ def comp_versions(parser, args):
     if not comps.get_component_versions(args.output, json_file=args.input, purl=args.purl, limit=args.limit):
         sys.exit(1)
 def comp_provenance(parser, args):
     """
-    Run the "component semgrep" sub-command
+    Run the "component provenance" sub-command
     Parameters
     ----------
         parser: ArgumentParser
@@ -1424,12 +1600,23 @@ def comp_provenance(parser, args):
         print_stderr(f'Error: Certificate file does not exist: {args.ca_cert}.')
         sys.exit(1)
     pac_file = get_pac_file(args.pac)
-    comps = Components(debug=args.debug, trace=args.trace, quiet=args.quiet, grpc_url=args.api2url, api_key=args.key,
-                       ca_cert=args.ca_cert, proxy=args.proxy, grpc_proxy=args.grpc_proxy, pac=pac_file,
-                       timeout=args.timeout, req_headers=process_req_headers(args.header))
-    if not comps.get_provenance_details(args.input, args.purl, args.output):
+    comps = Components(
+        debug=args.debug,
+        trace=args.trace,
+        quiet=args.quiet,
+        grpc_url=args.api2url,
+        api_key=args.key,
+        ca_cert=args.ca_cert,
+        proxy=args.proxy,
+        grpc_proxy=args.grpc_proxy,
+        pac=pac_file,
+        timeout=args.timeout,
+        req_headers=process_req_headers(args.header),
+    )
+    if not comps.get_provenance_details(args.input, args.purl, args.output, args.origin):
         sys.exit(1)
 def results(parser, args):
     """
     Run the "results" sub-command
@@ -1488,13 +1675,135 @@ def process_req_headers(headers_array: List[str]) -> dict:
     dict_headers = {}
     for header_str in headers_array:
         # Split each "Name: Value" header
-        parts = header_str.split(":", 1)
+        parts = header_str.split(':', 1)
         if len(parts) == HEADER_PARTS_COUNT:
             name = parts[0].strip()
             value = parts[1].strip()
             dict_headers[name] = value
     return dict_headers
+def folder_hashing_scan(parser, args):
+    """Run the "folder-scan" sub-command
+    Args:
+        parser (ArgumentParser): command line parser object
+        args (Namespace): Parsed arguments
+    """
+    try:
+        if not args.scan_dir:
+            print_stderr('ERROR: Please specify a directory to scan')
+            parser.parse_args([args.subparser, '-h'])
+            sys.exit(1)
+        if not os.path.exists(args.scan_dir) or not os.path.isdir(args.scan_dir):
+            print_stderr(f'ERROR: The specified directory {args.scan_dir} does not exist')
+            sys.exit(1)
+        scanner_config = create_scanner_config_from_args(args)
+        scanoss_settings = get_scanoss_settings_from_args(args)
+        grpc_config = create_grpc_config_from_args(args)
+        client = ScanossGrpc(**asdict(grpc_config))
+        scanner = ScannerHFH(
+            scan_dir=args.scan_dir,
+            config=scanner_config,
+            client=client,
+            scanoss_settings=scanoss_settings,
+        )
+        scanner.best_match = args.best_match
+        scanner.threshold = args.threshold
+        if scanner.scan():
+            scanner.present(output_file=args.output, output_format=args.format)
+    except ScanossGrpcError as e:
+        print_stderr(f'ERROR: {e}')
+        sys.exit(1)
+def folder_hash(parser, args):
+    """Run the "folder-hash" sub-command
+    Args:
+        parser (ArgumentParser): command line parser object
+        args (Namespace): Parsed arguments
+    """
+    try:
+        if not args.scan_dir:
+            print_stderr('ERROR: Please specify a directory to scan')
+            parser.parse_args([args.subparser, '-h'])
+            sys.exit(1)
+        if not os.path.exists(args.scan_dir) or not os.path.isdir(args.scan_dir):
+            print_stderr(f'ERROR: The specified directory {args.scan_dir} does not exist')
+            sys.exit(1)
+        folder_hasher_config = create_folder_hasher_config_from_args(args)
+        scanoss_settings = get_scanoss_settings_from_args(args)
+        folder_hasher = FolderHasher(
+            scan_dir=args.scan_dir,
+            config=folder_hasher_config,
+            scanoss_settings=scanoss_settings,
+        )
+        folder_hasher.hash_directory(args.scan_dir)
+        folder_hasher.present(output_file=args.output, output_format=args.format)
+    except Exception as e:
+        print_stderr(f'ERROR: {e}')
+        sys.exit(1)
+def container_scan(parser, args, only_interim_results: bool = False):
+    """
+    Run the "container-scan" sub-command
+    Parameters
+    ----------
+        parser: ArgumentParser
+            command line parser object
+        args: Namespace
+            Parsed arguments
+    """
+    if not args.scan_loc:
+        print_stderr(
+            'Please specify a container image, Docker tar, OCI tar, OCI directory, SIF Container, or directory to scan'
+        )
+        parser.parse_args([args.subparser, '-h'])
+        sys.exit(1)
+    try:
+        config = create_container_scanner_config_from_args(args)
+        config.only_interim_results = only_interim_results
+        container_scanner = ContainerScanner(
+            config=config,
+            what_to_scan=args.scan_loc,
+        )
+        container_scanner.scan()
+        if only_interim_results:
+            container_scanner.present(output_file=config.output, output_format='raw')
+        else:
+            container_scanner.decorate_scan_results_with_dependencies()
+            container_scanner.present(output_file=config.output, output_format=config.format)
+    except Exception as e:
+        print_stderr(f'ERROR: {e}')
+        sys.exit(1)
+def get_scanoss_settings_from_args(args):
+    scanoss_settings = None
+    if not args.skip_settings_file:
+        scanoss_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
+        try:
+            scanoss_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new').set_scan_type('identify')
+        except ScanossSettingsError as e:
+            print_stderr(f'Error: {e}')
+            sys.exit(1)
+        return scanoss_settings
 def main():
     """
     Run the ScanOSS CLI

scanoss 1.20.6__py3-none-any.whl → 1.23.0__py3-none-any.whl

scanoss 1.20.6py3-none-any.whl → 1.23.0py3-none-any.whl