scanoss 1.27.1__py3-none-any.whl → 1.43.1__py3-none-any.whl

scanoss/components.py

@@ -29,6 +29,9 @@ from typing import List, Optional, TextIO
 
 from pypac.parser import PACFile
 
+from scanoss.cyclonedx import CycloneDx
+from scanoss.utils.file import validate_json_file
+
 from .scanner import Scanner
 from .scanossbase import ScanossBase
 from .scanossgrpc import ScanossGrpc
@@ -52,6 +55,8 @@ class Components(ScanossBase):
         ca_cert: str = None,
         pac: PACFile = None,
         req_headers: dict = None,
+        ignore_cert_errors: bool = False,
+        use_grpc: bool = False,
     ):
         """
         Handle all component style requests
@@ -66,9 +71,13 @@ class Components(ScanossBase):
         :param grpc_proxy: Specific gRPC proxy (optional)
         :param ca_cert: TLS client certificate (optional)
         :param pac: Proxy Auto-Config file (optional)
+        :param req_headers: Additional headers to send with requests (optional)
+        :param ignore_cert_errors: Ignore TLS certificate errors (optional)
+        :param use_grpc: Use gRPC instead of HTTP (optional)
         """
         super().__init__(debug, trace, quiet)
         ver_details = Scanner.version_details()
+        self.use_grpc = use_grpc
         self.grpc_api = ScanossGrpc(
             url=grpc_url,
             debug=debug,
@@ -82,26 +91,41 @@ class Components(ScanossBase):
             grpc_proxy=grpc_proxy,
             timeout=timeout,
             req_headers=req_headers,
+            ignore_cert_errors=ignore_cert_errors,
         )
+        self.cdx = CycloneDx(debug=self.debug)
+
+    def load_comps(self, json_file: Optional[str] = None, purls: Optional[List[str]] = None) -> Optional[dict]:
+        """
+        Load the specified components and return a dictionary
+
+        :param json_file: JSON Components file (optional)
+        :param purls: list pf PURLs (optional)
+        :return: Components Request dictionary or None
+        """
+        return self.load_purls(json_file, purls, 'components')
 
-    def load_purls(self, json_file: Optional[str] = None, purls: Optional[List[str]] = None) -> Optional[dict]:
+    def load_purls(
+        self, json_file: Optional[str] = None, purls: Optional[List[str]] = None, field: str = 'purls'
+    ) -> Optional[dict]:
         """
         Load the specified purls and return a dictionary
 
         :param json_file: JSON PURL file (optional)
         :param purls: list of PURLs (optional)
+        :param field: Name of the dictionary field to store the purls in (default: 'purls')
         :return: PURL Request dictionary or None
         """
         if json_file:
-            if not os.path.isfile(json_file) or not os.access(json_file, os.R_OK):
-                self.print_stderr(f'ERROR: JSON file does not exist, is not a file, or is not readable: {json_file}')
+            result = validate_json_file(json_file)
+            if not result.is_valid:
+                self.print_stderr(f'ERROR: Problem parsing input JSON: {result.error}')
                 return None
-            with open(json_file, 'r') as f:
-                try:
-                    purl_request = json.loads(f.read())
-                except Exception as e:
-                    self.print_stderr(f'ERROR: Problem parsing input JSON: {e}')
-                    return None
+
+            if self.cdx.is_cyclonedx_json(json.dumps(result.data)):
+                purl_request = self.cdx.get_purls_request_from_cdx(result.data, field)
+            else:
+                purl_request = result.data
         elif purls:
             if not all(isinstance(purl, str) for purl in purls):
                 self.print_stderr('ERROR: PURLs must be a list of strings.')
@@ -109,14 +133,14 @@ class Components(ScanossBase):
             parsed_purls = []
             for p in purls:
                 parsed_purls.append({'purl': p})
-            purl_request = {'purls': parsed_purls}
+            purl_request = {field: parsed_purls}
         else:
             self.print_stderr('ERROR: No purls specified to process.')
             return None
-        purl_count = len(purl_request.get('purls', []))
-        self.print_debug(f'Parsed Purls ({purl_count}): {purl_request}')
+        purl_count = len(purl_request.get(field, []))
+        self.print_debug(f'Parsed {field} ({purl_count}): {purl_request}')
         if purl_count == 0:
-            self.print_stderr('ERROR: No PURLs parsed from request.')
+            self.print_stderr(f'ERROR: No {field} parsed from request.')
             return None
         return purl_request
 
@@ -142,8 +166,8 @@ class Components(ScanossBase):
         """
         Open the given filename if requested, otherwise return STDOUT
 
-        :param filename:
-        :return:
+        :param filename: filename to open or None to return STDOUT
+        :return: file descriptor or None
         """
         file = sys.stdout
         if filename:
@@ -166,32 +190,6 @@ class Components(ScanossBase):
             self.print_trace(f'Closing file: {filename}')
             file.close()
 
-    def get_crypto_details(self, json_file: str = None, purls: [] = None, output_file: str = None) -> bool:
-        """
-        Retrieve the cryptographic details for the supplied PURLs
-
-        :param json_file: PURL JSON request file (optional)
-        :param purls: PURL request array (optional)
-        :param output_file: output filename (optional). Default: STDOUT
-        :return: True on success, False otherwise
-        """
-        success = False
-        purls_request = self.load_purls(json_file, purls)
-        if purls_request is None or len(purls_request) == 0:
-            return False
-        file = self._open_file_or_sdtout(output_file)
-        if file is None:
-            return False
-        self.print_msg('Sending PURLs to Crypto API for decoration...')
-        response = self.grpc_api.get_crypto_json(purls_request)
-        if response:
-            print(json.dumps(response, indent=2, sort_keys=True), file=file)
-            success = True
-            if output_file:
-                self.print_msg(f'Results written to: {output_file}')
-        self._close_file(output_file, file)
-        return success
-
     def get_vulnerabilities(self, json_file: str = None, purls: [] = None, output_file: str = None) -> bool:
         """
         Retrieve any vulnerabilities related to the given PURLs
@@ -202,14 +200,14 @@ class Components(ScanossBase):
         :return: True on success, False otherwise
         """
         success = False
-        purls_request = self.load_purls(json_file, purls)
+        purls_request = self.load_comps(json_file, purls)
         if purls_request is None or len(purls_request) == 0:
             return False
         file = self._open_file_or_sdtout(output_file)
         if file is None:
             return False
         self.print_msg('Sending PURLs to Vulnerability API for decoration...')
-        response = self.grpc_api.get_vulnerabilities_json(purls_request)
+        response = self.grpc_api.get_vulnerabilities_json(purls_request, use_grpc=self.use_grpc)
         if response:
             print(json.dumps(response, indent=2, sort_keys=True), file=file)
             success = True
@@ -228,14 +226,14 @@ class Components(ScanossBase):
         :return: True on success, False otherwise
         """
         success = False
-        purls_request = self.load_purls(json_file, purls)
+        purls_request = self.load_comps(json_file, purls)
         if purls_request is None or len(purls_request) == 0:
             return False
         file = self._open_file_or_sdtout(output_file)
         if file is None:
             return False
         self.print_msg('Sending PURLs to Semgrep API for decoration...')
-        response = self.grpc_api.get_semgrep_json(purls_request)
+        response = self.grpc_api.get_semgrep_json(purls_request, use_grpc=self.use_grpc)
         if response:
             print(json.dumps(response, indent=2, sort_keys=True), file=file)
             success = True
@@ -285,7 +283,7 @@ class Components(ScanossBase):
         if file is None:
             return False
         self.print_msg('Sending search data to Components API...')
-        response = self.grpc_api.search_components_json(request)
+        response = self.grpc_api.search_components_json(request, use_grpc=self.use_grpc)
         if response:
             print(json.dumps(response, indent=2, sort_keys=True), file=file)
             success = True
@@ -321,7 +319,7 @@ class Components(ScanossBase):
         if file is None:
             return False
         self.print_msg('Sending PURLs to Component Versions API...')
-        response = self.grpc_api.get_component_versions_json(request)
+        response = self.grpc_api.get_component_versions_json(request, use_grpc=self.use_grpc)
         if response:
             print(json.dumps(response, indent=2, sort_keys=True), file=file)
             success = True
@@ -346,7 +344,7 @@ class Components(ScanossBase):
             bool: True on success, False otherwise
         """
         success = False
-        purls_request = self.load_purls(json_file, purls)
+        purls_request = self.load_comps(json_file, purls)
         if purls_request is None or len(purls_request) == 0:
             return False
         file = self._open_file_or_sdtout(output_file)
@@ -354,10 +352,42 @@ class Components(ScanossBase):
             return False
         if origin:
             self.print_msg('Sending PURLs to Geo Provenance Origin API for decoration...')
-            response = self.grpc_api.get_provenance_origin(purls_request)
+            response = self.grpc_api.get_provenance_origin(purls_request, use_grpc=self.use_grpc)
         else:
             self.print_msg('Sending PURLs to Geo Provenance Declared API for decoration...')
-            response = self.grpc_api.get_provenance_json(purls_request)
+            response = self.grpc_api.get_provenance_json(purls_request, use_grpc=self.use_grpc)
+        if response:
+            print(json.dumps(response, indent=2, sort_keys=True), file=file)
+            success = True
+            if output_file:
+                self.print_msg(f'Results written to: {output_file}')
+        self._close_file(output_file, file)
+        return success
+
+    def get_licenses(self, json_file: str = None, purls: [] = None, output_file: str = None) -> bool:
+        """
+        Retrieve the license details for the supplied PURLs
+
+        Args:
+            json_file (str, optional): Input JSON file. Defaults to None.
+            purls (None, optional): PURLs to retrieve license details for. Defaults to None.
+            output_file (str, optional): Output file. Defaults to None.
+
+        Returns:
+            bool: True on success, False otherwise
+        """
+        success = False
+
+        purls_request = self.load_purls(json_file, purls)
+        if not purls_request:
+            return False
+        file = self._open_file_or_sdtout(output_file)
+        if file is None:
+            return False
+
+        # We'll use the new ComponentBatchRequest instead of deprecated PurlRequest for the license api
+        component_batch_request = {'components': purls_request.get('purls')}
+        response = self.grpc_api.get_licenses(component_batch_request, use_grpc=self.use_grpc)
         if response:
             print(json.dumps(response, indent=2, sort_keys=True), file=file)
             success = True

scanoss/constants.py

@@ -13,4 +13,10 @@ DEFAULT_URL2 = 'https://api.scanoss.com'  # default premium service URL
 
 DEFAULT_API_TIMEOUT = 600
 
-DEFAULT_HFH_RANK_THRESHOLD = 5
+DEFAULT_HFH_RANK_THRESHOLD = 5
+DEFAULT_HFH_DEPTH = 1
+DEFAULT_HFH_RECURSIVE_THRESHOLD = 0.8
+DEFAULT_HFH_MIN_ACCEPTED_SCORE = 0.15
+
+VALID_LICENSE_SOURCES = ['component_declared', 'license_file', 'file_header', 'file_spdx_tag', 'scancode']
+DEFAULT_COPYLEFT_LICENSE_SOURCES = ['component_declared', 'license_file']

scanoss/cryptography.py

@@ -2,6 +2,7 @@ import json
 from dataclasses import dataclass
 from typing import Dict, List, Optional
 
+from scanoss.cyclonedx import CycloneDx
 from scanoss.scanossbase import ScanossBase
 from scanoss.scanossgrpc import ScanossGrpc
 from scanoss.utils.abstract_presenter import AbstractPresenter
@@ -18,14 +19,47 @@ MIN_SPLIT_PARTS = 2
 @dataclass
 class CryptographyConfig:
     purl: List[str]
+    debug: bool = False
+    header: Optional[str] = None
     input_file: Optional[str] = None
     output_file: Optional[str] = None
-    header: Optional[str] = None
-    debug: bool = False
-    trace: bool = False
     quiet: bool = False
+    trace: bool = False
+    use_grpc: bool = False
     with_range: bool = False
 
+    def _process_input_file(self) -> dict:
+        """
+        Process and validate the input file, returning the validated purl_request.
+        
+        Returns:
+            dict: The validated purl_request dictionary
+            
+        Raises:
+            ScanossCryptographyError: If the input file is invalid
+        """
+        result = validate_json_file(self.input_file)
+        if not result.is_valid:
+            raise ScanossCryptographyError(
+                f'There was a problem with the purl input file. {result.error}'
+            )
+            
+        cdx = CycloneDx(debug=self.debug)
+        if cdx.is_cyclonedx_json(json.dumps(result.data)):
+            purl_request = cdx.get_purls_request_from_cdx(result.data)
+        else:
+            purl_request = result.data
+        
+        if (
+            not isinstance(purl_request, dict)
+            or 'purls' not in purl_request
+            or not isinstance(purl_request['purls'], list)
+            or not all(isinstance(p, dict) and 'purl' in p for p in purl_request['purls'])
+        ):
+            raise ScanossCryptographyError('The supplied input file is not in the correct PurlRequest format.')
+            
+        return purl_request
+
     def __post_init__(self):
         """
         Validate that the configuration is valid.
@@ -36,46 +70,36 @@ class CryptographyConfig:
                     parts = purl.split('@')
                     if not (len(parts) >= MIN_SPLIT_PARTS and parts[1]):
                         raise ScanossCryptographyError(
-                            f'Invalid PURL format: "{purl}".' f'It must include a version (e.g., pkg:type/name@version)'
+                            f'Invalid PURL format: "{purl}".It must include a version (e.g., pkg:type/name@version)'
                         )
         if self.input_file:
-            input_file_validation = validate_json_file(self.input_file)
-            if not input_file_validation.is_valid:
+            purl_request = self._process_input_file()
+            purls = purl_request['purls']
+            purls_with_requirement = []
+            if self.with_range and any('requirement' not in p for p in purls):
                 raise ScanossCryptographyError(
-                    f'There was a problem with the purl input file. {input_file_validation.error}'
+                    f'One or more PURLs in "{self.input_file}" are missing the "requirement" field.'
                 )
-            if (
-                not isinstance(input_file_validation.data, dict)
-                or 'purls' not in input_file_validation.data
-                or not isinstance(input_file_validation.data['purls'], list)
-                or not all(isinstance(p, dict) and 'purl' in p for p in input_file_validation.data['purls'])
-            ):
-                raise ScanossCryptographyError('The supplied input file is not in the correct PurlRequest format.')
-            purls = input_file_validation.data['purls']
-            purls_with_requirement = []
-            if self.with_range:
-                if any('requirement' not in p for p in purls):
-                    raise ScanossCryptographyError(
-                        f'One or more PURLs in "{self.input_file}" are missing the "requirement" field.'
-                    )
+
+            for purl in purls:
+                if 'requirement' in purl:
+                    purls_with_requirement.append(f'{purl["purl"]}@{purl["requirement"]}')
                 else:
-                    for purl in purls:
-                        purls_with_requirement.append(f'{purl["purl"]}@{purl["requirement"]}')
-            else:
-                purls_with_requirement = purls
+                    purls_with_requirement.append(purl['purl'])
             self.purl = purls_with_requirement
 
 
 def create_cryptography_config_from_args(args) -> CryptographyConfig:
     return CryptographyConfig(
         debug=getattr(args, 'debug', False),
-        trace=getattr(args, 'trace', False),
-        quiet=getattr(args, 'quiet', False),
-        with_range=getattr(args, 'with_range', False),
-        purl=getattr(args, 'purl', []),
+        header=getattr(args, 'header', None),
         input_file=getattr(args, 'input', None),
         output_file=getattr(args, 'output', None),
-        header=getattr(args, 'header', None),
+        purl=getattr(args, 'purl', []),
+        quiet=getattr(args, 'quiet', False),
+        trace=getattr(args, 'trace', False),
+        use_grpc=getattr(args, 'grpc', False),
+        with_range=getattr(args, 'with_range', False),
     )
 
 
@@ -112,7 +136,7 @@ class Cryptography:
 
         self.client = client
         self.config = config
-        self.purls_request = self._build_purls_request()
+        self.components_request = self._build_components_request()
         self.results = None
 
     def get_algorithms(self) -> Optional[Dict]:
@@ -123,15 +147,16 @@ class Cryptography:
             Optional[Dict]: The folder hash response from the gRPC client, or None if an error occurs.
         """
 
-        if not self.purls_request:
+        if not self.components_request or not self.components_request.get('components'):
             raise ScanossCryptographyError('No PURLs supplied. Provide --purl or --input.')
-        self.base.print_stderr(
-            f'Getting cryptographic algorithms for {", ".join([p["purl"] for p in self.purls_request["purls"]])}'
-        )
+        components_str = ', '.join(p['purl'] for p in self.components_request['components'])
+        self.base.print_stderr(f'Getting cryptographic algorithms for {components_str}')
         if self.config.with_range:
-            response = self.client.get_crypto_algorithms_in_range_for_purl(self.purls_request)
+            response = self.client.get_crypto_algorithms_in_range_for_purl(
+                self.components_request, self.config.use_grpc
+            )
         else:
-            response = self.client.get_crypto_algorithms_for_purl(self.purls_request)
+            response = self.client.get_crypto_algorithms_for_purl(self.components_request, self.config.use_grpc)
         if response:
             self.results = response
 
@@ -145,17 +170,17 @@ class Cryptography:
             Optional[Dict]: The encryption hints response from the gRPC client, or None if an error occurs.
         """
 
-        if not self.purls_request:
+        if not self.components_request or not self.components_request.get('components'):
             raise ScanossCryptographyError('No PURLs supplied. Provide --purl or --input.')
         self.base.print_stderr(
             f'Getting encryption hints '
             f'{"in range" if self.config.with_range else ""} '
-            f'for {", ".join([p["purl"] for p in self.purls_request["purls"]])}'
+            f'for {", ".join([p["purl"] for p in self.components_request["components"]])}'
         )
         if self.config.with_range:
-            response = self.client.get_encryption_hints_in_range_for_purl(self.purls_request)
+            response = self.client.get_encryption_hints_in_range_for_purl(self.components_request, self.config.use_grpc)
         else:
-            response = self.client.get_encryption_hints_for_purl(self.purls_request)
+            response = self.client.get_encryption_hints_for_purl(self.components_request, self.config.use_grpc)
         if response:
             self.results = response
 
@@ -169,42 +194,51 @@ class Cryptography:
             Optional[Dict]: The versions in range response from the gRPC client, or None if an error occurs.
         """
 
-        if not self.purls_request:
+        if not self.components_request or not self.components_request.get('components'):
             raise ScanossCryptographyError('No PURLs supplied. Provide --purl or --input.')
 
-        self.base.print_stderr(
-            f'Getting versions in range for {", ".join([p["purl"] for p in self.purls_request["purls"]])}'
-        )
+        components_str = ', '.join(p['purl'] for p in self.components_request['components'])
+        self.base.print_stderr(f'Getting versions in range for {components_str}')
 
-        response = self.client.get_versions_in_range_for_purl(self.purls_request)
+        response = self.client.get_versions_in_range_for_purl(self.components_request, self.config.use_grpc)
         if response:
             self.results = response
 
         return self.results
 
-    def _build_purls_request(
+    def _build_components_request(
         self,
     ) -> Optional[dict]:
         """
         Load the specified purls from a JSON file or a list of PURLs and return a dictionary
 
-        Args:
-            json_file (Optional[str], optional): The JSON file containing the PURLs. Defaults to None.
-            purls (Optional[List[str]], optional): The list of PURLs. Defaults to None.
-
         Returns:
             Optional[dict]: The dictionary containing the PURLs
         """
         return {
-            'purls': [
+            'components': [
                 {
-                    'purl': p,
-                    'requirement': self._extract_version_from_purl(p),
+                    'purl': self._remove_version_from_purl(purl),
+                    'requirement': self._extract_version_from_purl(purl),
                 }
-                for p in self.config.purl
+                for purl in self.config.purl
             ]
         }
 
+    def _remove_version_from_purl(self, purl: str) -> str:
+        """
+        Remove version from purl
+
+        Args:
+            purl (str): The purl string to remove the version from
+
+        Returns:
+            str: The purl string without the version
+        """
+        if '@' not in purl:
+            return purl
+        return purl.split('@')[0]
+
     def _extract_version_from_purl(self, purl: str) -> str:
         """
         Extract version from purl

scanoss/csvoutput.py

@@ -21,11 +21,10 @@ SPDX-License-Identifier: MIT
   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
   THE SOFTWARE.
 """
-
+import csv
 import json
 import os.path
 import sys
-import csv
 
 from .scanossbase import ScanossBase
 
@@ -44,16 +43,20 @@ class CsvOutput(ScanossBase):
         self.output_file = output_file
         self.debug = debug
 
-    def parse(self, data: json):
+    # TODO Refactor (fails linter)
+    def parse(self, data: json): #noqa PLR0912, PLR0915
         """
         Parse the given input (raw/plain) JSON string and return CSV summary
         :param data: json - JSON object
         :return: CSV dictionary
         """
-        if not data:
+        if data is None:
             self.print_stderr('ERROR: No JSON data provided to parse.')
             return None
-        self.print_debug(f'Processing raw results into CSV format...')
+        if len(data) == 0:
+            self.print_msg('Warning: Empty scan results provided. Returning empty CSV list.')
+            return []
+        self.print_debug('Processing raw results into CSV format...')
         csv_dict = []
         row_id = 1
         for f in data:
@@ -92,7 +95,8 @@ class CsvOutput(ScanossBase):
                             detected['licenses'] = ''
                         else:
                             detected['licenses'] = ';'.join(dc)
-                        # inventory_id,path,usage,detected_component,detected_license,detected_version,detected_latest,purl
+                        # inventory_id,path,usage,detected_component,detected_license,
+                        # detected_version,detected_latest,purl
                         csv_dict.append(
                             {
                                 'inventory_id': row_id,
@@ -183,9 +187,11 @@ class CsvOutput(ScanossBase):
         :return: True if successful, False otherwise
         """
         csv_data = self.parse(data)
-        if not csv_data:
+        if csv_data is None:
             self.print_stderr('ERROR: No CSV data returned for the JSON string provided.')
             return False
+        if len(csv_data) == 0:
+            self.print_msg('Warning: Empty scan results - generating CSV with headers only.')
         # Header row/column details
         fields = [
             'inventory_id',