scanoss 1.27.1__py3-none-any.whl → 1.43.1__py3-none-any.whl

scanoss/inspection/{policy_check.py → policy_check/policy_check.py}

@@ -22,12 +22,12 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
 
-from abc import abstractmethod
+from abc import ABC, abstractmethod
 from enum import Enum
-from typing import Any, Callable, Dict, List
+from typing import Callable, Dict, Generic, List, NamedTuple, TypeVar
 
-from .inspect_base import InspectBase
-from .utils.license_utils import LicenseUtil
+from ...scanossbase import ScanossBase
+from ..utils.license_utils import LicenseUtil
 
 
 class PolicyStatus(Enum):
@@ -35,19 +35,24 @@ class PolicyStatus(Enum):
     Enumeration representing the status of a policy check.
 
     Attributes:
-        SUCCESS (int): Indicates that the policy check passed successfully (value: 0).
-        FAIL (int): Indicates that the policy check failed (value: 1).
-        ERROR (int): Indicates that an error occurred during the policy check (value: 2).
+        POLICY_SUCCESS (int): Indicates that the policy check passed successfully (value: 0).
+        POLICY_FAIL (int): Indicates that the policy check failed (value: 2).
+        ERROR (int): Indicates that an error occurred during the policy check (value: 1).
     """
-
-    SUCCESS = 0
-    FAIL = 1
-    ERROR = 2
+    POLICY_SUCCESS = 0
+    POLICY_FAIL = 2
+    ERROR = 1
 #
 # End of PolicyStatus Class
 #
 
-class PolicyCheck(InspectBase):
+class PolicyOutput(NamedTuple):
+    details: str
+    summary: str
+
+T = TypeVar('T')
+
+class PolicyCheck(ScanossBase, Generic[T], ABC):
     """
     A base class for implementing various software policy checks.
 
@@ -66,22 +71,20 @@ class PolicyCheck(InspectBase):
             debug: bool = False,
             trace: bool = False,
             quiet: bool = False,
-            filepath: str = None,
             format_type: str = None,
             status: str = None,
-            output: str = None,
             name: str = None,
+            output: str = None,
     ):
-        super().__init__(debug, trace, quiet, filepath, output)
+        super().__init__(debug, trace, quiet)
         self.license_util = LicenseUtil()
-        self.filepath = filepath
         self.name = name
         self.format_type = format_type
         self.status = status
-        self.results = self._load_input_file()
+        self.output = output
 
     @abstractmethod
-    def run(self):
+    def run(self)-> tuple[int,PolicyOutput]:
         """
         Execute the policy check process.
 
@@ -92,95 +95,53 @@ class PolicyCheck(InspectBase):
         3. Formatting the results
         4. Saving the output to files if required
 
-        :return: A tuple containing:
+        :return: A named tuple containing two elements:
                  - First element: PolicyStatus enum value (SUCCESS, FAIL, or ERROR)
-                 - Second element: Dictionary containing the inspection results
+                 - Second element: PolicyOutput A tuple containing the policy results.
         """
         pass
 
     @abstractmethod
-    def _json(self, components: list) -> Dict[str, Any]:
+    def _json(self, data: list[T]) -> PolicyOutput:
         """
         Format the policy checks results as JSON.
         This method should be implemented by subclasses to create a Markdown representation
         of the policy check results.
 
-        :param components: List of components to be formatted.
+        :param data: List of data to be formatted.
         :return: A dictionary containing two keys:
-                 - 'details': A JSON-formatted string with the full list of components
+                 - 'results': A JSON-formatted string with the full list of components
                  - 'summary': A string summarizing the number of components found
         """
         pass
 
     @abstractmethod
-    def _markdown(self, components: list) -> Dict[str, Any]:
+    def _markdown(self, data: list[T]) -> PolicyOutput:
         """
         Generate Markdown output for the policy check results.
 
         This method should be implemented by subclasses to create a Markdown representation
         of the policy check results.
 
-        :param components: List of components to be included in the output.
+        :param data: List of data to be included in the output.
         :return: A dictionary representing the Markdown output.
         """
         pass
 
     @abstractmethod
-    def _jira_markdown(self, components: list) -> Dict[str, Any]:
+    def _jira_markdown(self, data: list[T]) -> PolicyOutput:
         """
         Generate Markdown output for the policy check results.
 
         This method should be implemented by subclasses to create a Markdown representation
         of the policy check results.
 
-        :param components: List of components to be included in the output.
+        :param data: List of data to be included in the output.
         :return: A dictionary representing the Markdown output.
         """
         pass
 
-    def generate_table(self, headers, rows, centered_columns=None):
-        """
-        Generate a Markdown table.
-
-        :param headers: List of headers for the table.
-        :param rows: List of rows for the table.
-        :param centered_columns: List of column indices to be centered.
-        :return: A string representing the Markdown table.
-        """
-        col_sep = ' | '
-        centered_column_set = set(centered_columns or [])
-        if headers is None:
-            self.print_stderr('ERROR: Header are no set')
-            return None
-
-        # Decide which separator to use
-        def create_separator(index):
-            if centered_columns is None:
-                return '-'
-            return ':-:' if index in centered_column_set else '-'
-
-        # Build the row separator
-        row_separator = col_sep + col_sep.join(create_separator(index) for index, _ in enumerate(headers)) + col_sep
-        # build table rows
-        table_rows = [col_sep + col_sep.join(headers) + col_sep, row_separator]
-        table_rows.extend(col_sep + col_sep.join(row) + col_sep for row in rows)
-        return '\n'.join(table_rows)
-
-    def generate_jira_table(self, headers, rows, centered_columns=None):
-        col_sep = '*|*'
-        if headers is None:
-            self.print_stderr('ERROR: Header are no set')
-            return None
-
-        table_header = '|*' + col_sep.join(headers) + '*|\n'
-        table = table_header
-        for row in rows:
-            if len(headers) == len(row):
-                table += '|' + '|'.join(row) + '|\n'
-
-        return table
-
-    def _get_formatter(self) -> Callable[[List[dict]], Dict[str, Any]] or None:
+    def _get_formatter(self) -> Callable[[List[dict]], PolicyOutput]:
         """
         Get the appropriate formatter function based on the specified format.
 
@@ -188,7 +149,7 @@ class PolicyCheck(InspectBase):
         """
         valid_format = self._is_valid_format()
         if not valid_format:
-            return None
+            raise ValueError('Invalid format specified')
         # a map of which format function to return
         function_map = {
             'json': self._json,
@@ -208,7 +169,6 @@ class PolicyCheck(InspectBase):
             self.print_stderr(f'Format: {self.format_type}')
             self.print_stderr(f'Status: {self.status}')
             self.print_stderr(f'Output: {self.output}')
-            self.print_stderr(f'Input: {self.filepath}')
 
     def _is_valid_format(self) -> bool:
         """
@@ -224,6 +184,39 @@ class PolicyCheck(InspectBase):
             self.print_stderr(f'ERROR: Invalid format "{self.format_type}". Valid formats are: {valid_formats_str}')
             return False
         return True
+
+    def _generate_formatter_report(self, components: list[Dict]):
+        """
+        Generates a formatted report for a given component based on the defined formatter.
+
+        Parameters:
+            components (List[dict]): A list of dictionaries representing the components to be
+            processed and formatted. Each dictionary contains detailed information that adheres
+            to the format requirements for the specified formatter.
+
+        Returns:
+            Tuple[int, dict]: A tuple where the first element represents the policy status code
+            and the second element is a dictionary containing formatted results information,
+            typically with keys 'details' and 'summary'.
+
+        Raises:
+            KeyError: When a required key is missing from the provided component, causing the
+            formatter to fail.
+            ValueError: If an invalid component is passed and renders unable to process.
+        """
+        # Get a formatter for the output results
+        formatter = self._get_formatter()
+        if formatter is None:
+            return PolicyStatus.ERROR.value, {}
+        # Format the results
+        policy_output = formatter(components)
+        ## Save outputs if required
+        self.print_to_file_or_stdout(policy_output.details, self.output)
+        self.print_to_file_or_stderr(policy_output.summary, self.status)
+        # Check to see if we have policy violations
+        if len(components) > 0:
+            return PolicyStatus.POLICY_FAIL.value, policy_output
+        return PolicyStatus.POLICY_SUCCESS.value, policy_output
 #
 # End of PolicyCheck Class
 #

scanoss/inspection/{copyleft.py → policy_check/scanoss/copyleft.py}

@@ -23,12 +23,31 @@ SPDX-License-Identifier: MIT
 """
 
 import json
-from typing import Any, Dict
+from dataclasses import dataclass
+from typing import Dict, List
 
-from .policy_check import PolicyCheck, PolicyStatus
+from scanoss.constants import DEFAULT_COPYLEFT_LICENSE_SOURCES
 
+from ...policy_check.policy_check import PolicyCheck, PolicyOutput, PolicyStatus
+from ...utils.markdown_utils import generate_jira_table, generate_table
+from ...utils.scan_result_processor import ScanResultProcessor
 
-class Copyleft(PolicyCheck):
+
+@dataclass
+class License:
+    spdxid: str
+    copyleft: bool
+    url: str
+    source: str
+
+@dataclass
+class Component:
+    purl: str
+    version: str
+    licenses: List[License]
+    status: str
+
+class Copyleft(PolicyCheck[Component]):
     """
     SCANOSS Copyleft class
     Inspects components for copyleft licenses
@@ -46,9 +65,10 @@ class Copyleft(PolicyCheck):
         include: str = None,
         exclude: str = None,
         explicit: str = None,
+        license_sources: list = None,
     ):
         """
-        Initialize the Copyleft class.
+        Initialise the Copyleft class.
 
         :param debug: Enable debug mode
         :param trace: Enable trace mode (default True)
@@ -60,18 +80,27 @@ class Copyleft(PolicyCheck):
         :param include: Licenses to include in the analysis
         :param exclude: Licenses to exclude from the analysis
         :param explicit: Explicitly defined licenses
+        :param license_sources: List of license sources to check
         """
-        super().__init__(debug, trace, quiet, filepath, format_type, status, output, name='Copyleft Policy')
+        super().__init__(
+            debug, trace, quiet, format_type, status, name='Copyleft Policy', output=output
+        )
         self.license_util.init(include, exclude, explicit)
         self.filepath = filepath
-        self.format = format
         self.output = output
         self.status = status
-        self.include = include
-        self.exclude = exclude
-        self.explicit = explicit
-
-    def _json(self, components: list) -> Dict[str, Any]:
+        self.license_sources = license_sources or DEFAULT_COPYLEFT_LICENSE_SOURCES
+        self.results_processor = ScanResultProcessor(
+            self.debug,
+            self.trace,
+            self.quiet,
+            self.filepath,
+            include,
+            exclude,
+            explicit,
+            self.license_sources)
+
+    def _json(self, components: list[Component]) -> PolicyOutput:
         """
         Format the components with copyleft licenses as JSON.
 
@@ -79,70 +108,71 @@ class Copyleft(PolicyCheck):
         :return: Dictionary with formatted JSON details and summary
         """
         # A component is considered unique by its combination of PURL (Package URL) and license
-        component_licenses = self._group_components_by_license(components)
+        component_licenses = self.results_processor.group_components_by_license(components)
         details = {}
         if len(components) > 0:
             details = {'components': components}
-        return {
-            'details': f'{json.dumps(details, indent=2)}\n',
-            'summary': f'{len(component_licenses)} component(s) with copyleft licenses were found.\n',
-        }
+        return PolicyOutput(
+            details= f'{json.dumps(details, indent=2)}\n',
+            summary= f'{len(component_licenses)} component(s) with copyleft licenses were found.\n',
+        )
 
-    def _markdown(self, components: list) -> Dict[str, Any]:
+    def _markdown(self, components: list[Component]) -> PolicyOutput:
         """
         Format the components with copyleft licenses as Markdown.
 
         :param components: List of components with copyleft licenses
         :return: Dictionary with formatted Markdown details and summary
         """
-        # A component is considered unique by its combination of PURL (Package URL) and license
-        component_licenses = self._group_components_by_license(components)
-        headers = ['Component', 'License', 'URL', 'Copyleft']
-        centered_columns = [1, 4]
-        rows: [[]] = []
-        for comp_lic_item in component_licenses:
-                row = [
-                    comp_lic_item['purl'],
-                    comp_lic_item['spdxid'],
-                    comp_lic_item['url'],
-                    'YES' if comp_lic_item['copyleft'] else 'NO',
-                ]
-                rows.append(row)
-            # End license loop
-        # End component loop
-        return {
-            'details': f'### Copyleft licenses\n{self.generate_table(headers, rows, centered_columns)}\n',
-            'summary': f'{len(component_licenses)} component(s) with copyleft licenses were found.\n',
-        }
+        return self._md_summary_generator(components, generate_table)
 
-    def _jira_markdown(self, components: list) -> Dict[str, Any]:
+    def _jira_markdown(self, components: list[Component]) -> PolicyOutput:
         """
         Format the components with copyleft licenses as Markdown.
 
         :param components: List of components with copyleft licenses
         :return: Dictionary with formatted Markdown details and summary
         """
+        return self._md_summary_generator(components, generate_jira_table)
+
+    def _md_summary_generator(self, components: list[Component], table_generator) -> PolicyOutput:
+        """
+        Generates a Markdown summary for components with a focus on copyleft licenses.
+
+        This function processes a list of components and groups them by their licenses.
+        For each group, the components are mapped with their license data and a tabular representation is created.
+        The generated Markdown summary includes a detailed table and a summary overview.
+
+        Parameters:
+        components: list[Component]
+            A list of Component objects to process for generating the summary.
+        table_generator
+            A callable function to generate tabular data for components.
+
+        Returns:
+            PolicyOutput
+        """
         # A component is considered unique by its combination of PURL (Package URL) and license
-        component_licenses = self._group_components_by_license(components)
+        component_licenses = self.results_processor.group_components_by_license(components)
         headers = ['Component', 'License', 'URL', 'Copyleft']
         centered_columns = [1, 4]
-        rows: [[]] = []
+        rows = []
         for comp_lic_item in component_licenses:
-                row = [
-                    comp_lic_item['purl'],
-                    comp_lic_item['spdxid'],
-                    comp_lic_item['url'],
-                    'YES' if comp_lic_item['copyleft'] else 'NO',
-                ]
-                rows.append(row)
-            # End license loop
+            row = [
+                comp_lic_item['purl'],
+                comp_lic_item['spdxid'],
+                comp_lic_item['url'],
+                'YES' if comp_lic_item['copyleft'] else 'NO',
+            ]
+            rows.append(row)
+        # End license loop
         # End component loop
-        return {
-            'details': f'{self.generate_jira_table(headers, rows, centered_columns)}',
-            'summary': f'{len(component_licenses)} component(s) with copyleft licenses were found.\n',
-        }
+        return PolicyOutput(
+            details= f'### Copyleft Licenses\n{table_generator(headers, rows, centered_columns)}',
+            summary= f'{len(component_licenses)} component(s) with copyleft licenses were found.\n',
+        )
 
-    def _filter_components_with_copyleft_licenses(self, components: list) -> list:
+    def _get_components_with_copyleft_licenses(self, components: list) -> list[Dict]:
         """
         Filter the components list to include only those with copyleft licenses.
 
@@ -179,14 +209,13 @@ class Copyleft(PolicyCheck):
 
         :return: A list of processed components with license data, or `None` if `self.results` is not set.
         """
-        if self.results is None:
+        if self.results_processor.get_results() is None:
             return None
-
         components: dict = {}
         # Extract component and license data from file and dependency results. Both helpers mutate `components`
-        self._get_components_data(self.results, components)
-        self._get_dependencies_data(self.results, components)
-        return self._convert_components_to_list(components)
+        self.results_processor.get_components_data(components)
+        self.results_processor.get_dependencies_data(components)
+        return self.results_processor.convert_components_to_list(components)
 
     def run(self):
         """
@@ -206,22 +235,9 @@ class Copyleft(PolicyCheck):
         if components is None:
             return PolicyStatus.ERROR.value, {}
         # Get a list of copyleft components if they exist
-        copyleft_components = self._filter_components_with_copyleft_licenses(components)
-        # Get a formatter for the output results
-        formatter = self._get_formatter()
-        if formatter is None:
-            return PolicyStatus.ERROR.value, {}
-        # Format the results
-        results = formatter(copyleft_components)
-        ## Save outputs if required
-        self.print_to_file_or_stdout(results['details'], self.output)
-        self.print_to_file_or_stderr(results['summary'], self.status)
-        # Check to see if we have policy violations
-        if len(copyleft_components) <= 0:
-            return PolicyStatus.FAIL.value, results
-        return PolicyStatus.SUCCESS.value, results
-
-
+        copyleft_components = self._get_components_with_copyleft_licenses(components)
+        # Format the results and save to files if required
+        return self._generate_formatter_report(copyleft_components)
 #
 # End of Copyleft Class
 #

scanoss/inspection/{undeclared_component.py → policy_check/scanoss/undeclared_component.py}

@@ -23,12 +23,28 @@ SPDX-License-Identifier: MIT
 """
 
 import json
-from typing import Any, Dict
+from dataclasses import dataclass
+from typing import List
 
-from .policy_check import PolicyCheck, PolicyStatus
+from ...policy_check.policy_check import PolicyCheck, PolicyOutput, PolicyStatus
+from ...utils.markdown_utils import generate_jira_table, generate_table
+from ...utils.scan_result_processor import ScanResultProcessor
 
 
-class UndeclaredComponent(PolicyCheck):
+@dataclass
+class License:
+    spdxid: str
+    copyleft: bool
+    url: str
+
+@dataclass
+class Component:
+    purl: str
+    version: str
+    licenses: List[License]
+    status: str
+
+class UndeclaredComponent(PolicyCheck[Component]):
     """
     SCANOSS UndeclaredComponent class
     Inspects for undeclared components
@@ -43,7 +59,7 @@ class UndeclaredComponent(PolicyCheck):
         format_type: str = 'json',
         status: str = None,
         output: str = None,
-        sbom_format: str = 'settings',
+        sbom_format: str = 'settings'
     ):
         """
         Initialize the UndeclaredComponent class.
@@ -58,15 +74,16 @@ class UndeclaredComponent(PolicyCheck):
         :param sbom_format: Sbom format for status output (default 'settings')
         """
         super().__init__(
-            debug, trace, quiet, filepath, format_type, status, output, name='Undeclared Components Policy'
+            debug, trace, quiet, format_type, status, name='Undeclared Components Policy', output=output
         )
         self.filepath = filepath
-        self.format = format
         self.output = output
         self.status = status
         self.sbom_format = sbom_format
+        self.results_processor = ScanResultProcessor(self.debug, self.trace, self.quiet, self.filepath)
+
 
-    def _get_undeclared_component(self, components: list) -> list or None:
+    def _get_undeclared_components(self, components: list[Component]) -> list or None:
         """
         Filter the components list to include only undeclared components.
 
@@ -90,7 +107,7 @@ class UndeclaredComponent(PolicyCheck):
         # end component loop
         return undeclared_components
 
-    def _get_jira_summary(self, components: list) -> str:
+    def _get_jira_summary(self, components: list[Component]) -> str:
         """
         Get a summary of the undeclared components.
 
@@ -147,7 +164,7 @@ class UndeclaredComponent(PolicyCheck):
 
         return summary
 
-    def _json(self, components: list) -> Dict[str, Any]:
+    def _json(self, components: list[Component]) -> PolicyOutput:
         """
         Format the undeclared components as JSON.
 
@@ -155,16 +172,16 @@ class UndeclaredComponent(PolicyCheck):
         :return: Dictionary with formatted JSON details and summary
         """
         # Use component grouped by licenses to generate the summary
-        component_licenses = self._group_components_by_license(components)
+        component_licenses = self.results_processor.group_components_by_license(components)
         details = {}
         if len(components) > 0:
             details = {'components': components}
-        return {
-            'details': f'{json.dumps(details, indent=2)}\n',
-            'summary': self._get_summary(component_licenses),
-        }
+        return PolicyOutput(
+            details=f'{json.dumps(details, indent=2)}\n',
+            summary=self._get_summary(component_licenses)
+        )
 
-    def _markdown(self, components: list) -> Dict[str, Any]:
+    def _markdown(self, components: list[Component]) -> PolicyOutput:
         """
         Format the undeclared components as Markdown.
 
@@ -172,17 +189,17 @@ class UndeclaredComponent(PolicyCheck):
         :return: Dictionary with formatted Markdown details and summary
         """
         headers = ['Component', 'License']
-        rows: [[]] = []
+        rows = []
         # TODO look at using SpdxLite license name lookup method
-        component_licenses = self._group_components_by_license(components)
+        component_licenses = self.results_processor.group_components_by_license(components)
         for component in component_licenses:
             rows.append([component.get('purl'), component.get('spdxid')])
-        return {
-            'details': f'### Undeclared components\n{self.generate_table(headers, rows)}\n',
-            'summary': self._get_summary(component_licenses),
-        }
+        return PolicyOutput(
+            details= f'### Undeclared components\n{generate_table(headers, rows)}\n',
+            summary= self._get_summary(component_licenses),
+        )
 
-    def _jira_markdown(self, components: list) -> Dict[str, Any]:
+    def _jira_markdown(self, components: list) -> PolicyOutput:
         """
         Format the undeclared components as Markdown.
 
@@ -190,15 +207,15 @@ class UndeclaredComponent(PolicyCheck):
         :return: Dictionary with formatted Markdown details and summary
         """
         headers = ['Component', 'License']
-        rows: [[]] = []
+        rows = []
         # TODO look at using SpdxLite license name lookup method
-        component_licenses = self._group_components_by_license(components)
+        component_licenses = self.results_processor.group_components_by_license(components)
         for component in component_licenses:
             rows.append([component.get('purl'), component.get('spdxid')])
-        return {
-            'details': f'{self.generate_jira_table(headers, rows)}',
-            'summary': self._get_jira_summary(component_licenses),
-        }
+        return PolicyOutput(
+            details= f'{generate_jira_table(headers, rows)}',
+            summary= self._get_jira_summary(component_licenses),
+        )
 
     def _get_unique_components(self, components: list) -> list:
         """
@@ -256,13 +273,13 @@ class UndeclaredComponent(PolicyCheck):
 
         :return: A list of processed components with their licenses, or `None` if `self.results` is not set.
         """
-        if self.results is None:
+        if self.results_processor.get_results() is None:
             return None
         components: dict = {}
         # Extract file and snippet components
-        components = self._get_components_data(self.results, components)
+        components = self.results_processor.get_components_data(components)
         # Convert to list and process licenses
-        return self._convert_components_to_list(components)
+        return self.results_processor.convert_components_to_list(components)
 
     def run(self):
         """
@@ -280,24 +297,13 @@ class UndeclaredComponent(PolicyCheck):
         components = self._get_components()
         if components is None:
             return PolicyStatus.ERROR.value, {}
-        # Get undeclared component summary (if any)
-        undeclared_components = self._get_undeclared_component(components)
+        # Get an undeclared component summary (if any)
+        undeclared_components = self._get_undeclared_components(components)
         if undeclared_components is None:
             return PolicyStatus.ERROR.value, {}
         self.print_debug(f'Undeclared components: {undeclared_components}')
-        formatter = self._get_formatter()
-        if formatter is None:
-            return PolicyStatus.ERROR.value, {}
-        results = formatter(undeclared_components)
-        # Output the results
-        self.print_to_file_or_stdout(results['details'], self.output)
-        self.print_to_file_or_stderr(results['summary'], self.status)
-        # Determine if the filter found results or not
-        if len(undeclared_components) <= 0:
-            return PolicyStatus.FAIL.value, results
-        return PolicyStatus.SUCCESS.value, results
-
-
+        # Format the results and save to files if required
+        return self._generate_formatter_report(undeclared_components)
 #
 # End of UndeclaredComponent Class
 #