scanoss 1.28.1__tar.gz → 1.28.3__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {scanoss-1.28.1/src/scanoss.egg-info → scanoss-1.28.3}/PKG-INFO +1 -1
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/__init__.py +1 -1
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/cli.py +2 -3
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/cyclonedx.py +2 -0
- scanoss-1.28.3/src/scanoss/data/build_date.txt +1 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanoss_settings.py +33 -3
- {scanoss-1.28.1 → scanoss-1.28.3/src/scanoss.egg-info}/PKG-INFO +1 -1
- scanoss-1.28.1/src/scanoss/data/build_date.txt +0 -1
- {scanoss-1.28.1 → scanoss-1.28.3}/LICENSE +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/PACKAGE.md +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/README.md +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/pyproject.toml +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/setup.cfg +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/protoc_gen_swagger/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/protoc_gen_swagger/options/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/protoc_gen_swagger/options/annotations_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/protoc_gen_swagger/options/annotations_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/protoc_gen_swagger/options/openapiv2_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/protoc_gen_swagger/options/openapiv2_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/common/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/common/v2/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/common/v2/scanoss_common_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/common/v2/scanoss_common_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/components/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/components/v2/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/components/v2/scanoss_components_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/components/v2/scanoss_components_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/cryptography/v2/scanoss_cryptography_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/cryptography/v2/scanoss_cryptography_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/dependencies/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/dependencies/v2/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/dependencies/v2/scanoss_dependencies_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/dependencies/v2/scanoss_dependencies_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/geoprovenance/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/geoprovenance/v2/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/geoprovenance/v2/scanoss_geoprovenance_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/geoprovenance/v2/scanoss_geoprovenance_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/scanning/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/scanning/v2/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/scanning/v2/scanoss_scanning_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/scanning/v2/scanoss_scanning_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/semgrep/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/semgrep/v2/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/semgrep/v2/scanoss_semgrep_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/semgrep/v2/scanoss_semgrep_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/vulnerabilities/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/vulnerabilities/v2/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2_grpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/components.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/constants.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/cryptography.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/csvoutput.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/data/scanoss-settings-schema.json +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/data/spdx-exceptions.json +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/data/spdx-licenses.json +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/file_filters.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/filecount.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/inspection/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/inspection/component_summary.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/inspection/copyleft.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/inspection/inspect_base.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/inspection/license_summary.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/inspection/policy_check.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/inspection/undeclared_component.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/inspection/utils/license_utils.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/results.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scancodedeps.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanner.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanners/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanners/container_scanner.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanners/folder_hasher.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanners/scanner_config.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanners/scanner_hfh.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanossapi.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanossbase.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanossgrpc.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scanpostprocessor.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/scantype.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/spdxlite.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/threadeddependencies.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/threadedscanning.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/utils/__init__.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/utils/abstract_presenter.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/utils/crc64.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/utils/file.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/utils/simhash.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/winnowing.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss.egg-info/SOURCES.txt +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss.egg-info/dependency_links.txt +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss.egg-info/entry_points.txt +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss.egg-info/requires.txt +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss.egg-info/top_level.txt +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/tests/test_csv_output.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/tests/test_file_filters.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/tests/test_policy_inspect.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/tests/test_scan_post_processor.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/tests/test_spdxlite.py +0 -0
- {scanoss-1.28.1 → scanoss-1.28.3}/tests/test_winnowing.py +0 -0
|
@@ -1071,9 +1071,8 @@ def scan(parser, args): # noqa: PLR0912, PLR0915
|
|
|
1071
1071
|
'blacklist'
|
|
1072
1072
|
)
|
|
1073
1073
|
else:
|
|
1074
|
-
scan_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
|
|
1075
|
-
|
|
1076
|
-
)
|
|
1074
|
+
scan_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
|
|
1075
|
+
|
|
1077
1076
|
except ScanossSettingsError as e:
|
|
1078
1077
|
print_stderr(f'Error: {e}')
|
|
1079
1078
|
sys.exit(1)
|
|
@@ -219,6 +219,8 @@ class CycloneDx(ScanossBase):
|
|
|
219
219
|
lic_set = set()
|
|
220
220
|
for lic in licenses: # Get a unique set of licenses
|
|
221
221
|
lc_id = lic.get('id')
|
|
222
|
+
if not lc_id:
|
|
223
|
+
continue
|
|
222
224
|
spdx_id = self._spdx.get_spdx_license_id(lc_id)
|
|
223
225
|
lic_set.add(spdx_id if spdx_id else lc_id)
|
|
224
226
|
for lc_id in lic_set: # Store licenses for later inclusion
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
date: 20250714165622, utime: 1752512182
|
|
@@ -172,7 +172,7 @@ class ScanossSettings(ScanossBase):
|
|
|
172
172
|
|
|
173
173
|
def _get_bom(self):
|
|
174
174
|
"""
|
|
175
|
-
Get the
|
|
175
|
+
Get the Bill of Materials from the settings file
|
|
176
176
|
Returns:
|
|
177
177
|
dict: If using scanoss.json
|
|
178
178
|
list: If using SBOM.json
|
|
@@ -196,6 +196,17 @@ class ScanossSettings(ScanossBase):
|
|
|
196
196
|
return self._get_bom()
|
|
197
197
|
return self._get_bom().get('include', [])
|
|
198
198
|
|
|
199
|
+
|
|
200
|
+
def get_bom_exclude(self) -> List[BomEntry]:
|
|
201
|
+
"""
|
|
202
|
+
Get the list of components to exclude from the scan
|
|
203
|
+
Returns:
|
|
204
|
+
list: List of components to exclude from the scan
|
|
205
|
+
"""
|
|
206
|
+
if self.settings_file_type == 'legacy':
|
|
207
|
+
return self._get_bom()
|
|
208
|
+
return self._get_bom().get('exclude', [])
|
|
209
|
+
|
|
199
210
|
def get_bom_remove(self) -> List[BomEntry]:
|
|
200
211
|
"""
|
|
201
212
|
Get the list of components to remove from the scan
|
|
@@ -225,8 +236,8 @@ class ScanossSettings(ScanossBase):
|
|
|
225
236
|
if not self.data:
|
|
226
237
|
return None
|
|
227
238
|
return {
|
|
228
|
-
'scan_type': self.scan_type,
|
|
229
239
|
'assets': json.dumps(self._get_sbom_assets()),
|
|
240
|
+
'scan_type': self.scan_type,
|
|
230
241
|
}
|
|
231
242
|
|
|
232
243
|
def _get_sbom_assets(self):
|
|
@@ -235,7 +246,18 @@ class ScanossSettings(ScanossBase):
|
|
|
235
246
|
Returns:
|
|
236
247
|
List: List of SBOM assets
|
|
237
248
|
"""
|
|
238
|
-
|
|
249
|
+
|
|
250
|
+
if self.settings_file_type == 'new':
|
|
251
|
+
if len(self.get_bom_include()):
|
|
252
|
+
self.scan_type = 'identify'
|
|
253
|
+
include_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_include()))
|
|
254
|
+
return {"components": include_bom_entries}
|
|
255
|
+
elif len(self.get_bom_exclude()):
|
|
256
|
+
self.scan_type = 'blacklist'
|
|
257
|
+
exclude_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_exclude()))
|
|
258
|
+
return {"components": exclude_bom_entries}
|
|
259
|
+
|
|
260
|
+
if self.settings_file_type == 'legacy' and self.scan_type == 'identify': # sbom-identify.json
|
|
239
261
|
include_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_include()))
|
|
240
262
|
replace_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_replace()))
|
|
241
263
|
self.print_debug(
|
|
@@ -244,6 +266,14 @@ class ScanossSettings(ScanossBase):
|
|
|
244
266
|
f'From Replace list: {[entry["purl"] for entry in replace_bom_entries]} \n'
|
|
245
267
|
)
|
|
246
268
|
return include_bom_entries + replace_bom_entries
|
|
269
|
+
|
|
270
|
+
if self.settings_file_type == 'legacy' and self.scan_type == 'blacklist': # sbom-identify.json
|
|
271
|
+
exclude_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_exclude()))
|
|
272
|
+
self.print_debug(
|
|
273
|
+
f"Scan type set to 'blacklist'. Adding {len(exclude_bom_entries)} components as context to the scan. \n" # noqa: E501
|
|
274
|
+
f'From Exclude list: {[entry["purl"] for entry in exclude_bom_entries]} \n')
|
|
275
|
+
return exclude_bom_entries
|
|
276
|
+
|
|
247
277
|
return self.normalize_bom_entries(self.get_bom_remove())
|
|
248
278
|
|
|
249
279
|
@staticmethod
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
date: 20250710153244, utime: 1752161564
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/components/v2/scanoss_components_pb2_grpc.py
RENAMED
|
File without changes
|
{scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/cryptography/v2/scanoss_cryptography_pb2.py
RENAMED
|
File without changes
|
{scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/cryptography/v2/scanoss_cryptography_pb2_grpc.py
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
{scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/dependencies/v2/scanoss_dependencies_pb2.py
RENAMED
|
File without changes
|
{scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/dependencies/v2/scanoss_dependencies_pb2_grpc.py
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
{scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/geoprovenance/v2/scanoss_geoprovenance_pb2.py
RENAMED
|
File without changes
|
{scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/geoprovenance/v2/scanoss_geoprovenance_pb2_grpc.py
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{scanoss-1.28.1 → scanoss-1.28.3}/src/scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2.py
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|