scanoss 1.28.2__py3-none-any.whl → 1.29.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- scanoss/__init__.py +1 -1
- scanoss/cli.py +2 -3
- scanoss/cyclonedx.py +4 -4
- scanoss/data/build_date.txt +1 -1
- scanoss/scanoss_settings.py +33 -3
- {scanoss-1.28.2.dist-info → scanoss-1.29.0.dist-info}/METADATA +3 -3
- {scanoss-1.28.2.dist-info → scanoss-1.29.0.dist-info}/RECORD +11 -11
- {scanoss-1.28.2.dist-info → scanoss-1.29.0.dist-info}/WHEEL +0 -0
- {scanoss-1.28.2.dist-info → scanoss-1.29.0.dist-info}/entry_points.txt +0 -0
- {scanoss-1.28.2.dist-info → scanoss-1.29.0.dist-info}/licenses/LICENSE +0 -0
- {scanoss-1.28.2.dist-info → scanoss-1.29.0.dist-info}/top_level.txt +0 -0
scanoss/__init__.py
CHANGED
scanoss/cli.py
CHANGED
|
@@ -1071,9 +1071,8 @@ def scan(parser, args): # noqa: PLR0912, PLR0915
|
|
|
1071
1071
|
'blacklist'
|
|
1072
1072
|
)
|
|
1073
1073
|
else:
|
|
1074
|
-
scan_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
|
|
1075
|
-
|
|
1076
|
-
)
|
|
1074
|
+
scan_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
|
|
1075
|
+
|
|
1077
1076
|
except ScanossSettingsError as e:
|
|
1078
1077
|
print_stderr(f'Error: {e}')
|
|
1079
1078
|
sys.exit(1)
|
scanoss/cyclonedx.py
CHANGED
|
@@ -48,10 +48,10 @@ class CycloneDx(ScanossBase):
|
|
|
48
48
|
self.debug = debug
|
|
49
49
|
self._spdx = SpdxLite(debug=debug)
|
|
50
50
|
|
|
51
|
-
def parse(self, data:
|
|
51
|
+
def parse(self, data: dict): # noqa: PLR0912, PLR0915
|
|
52
52
|
"""
|
|
53
53
|
Parse the given input (raw/plain) JSON string and return CycloneDX summary
|
|
54
|
-
:param data:
|
|
54
|
+
:param data: dict - JSON object
|
|
55
55
|
:return: CycloneDX dictionary, and vulnerability dictionary
|
|
56
56
|
"""
|
|
57
57
|
if not data:
|
|
@@ -170,12 +170,12 @@ class CycloneDx(ScanossBase):
|
|
|
170
170
|
success = self.produce_from_str(f.read(), output_file)
|
|
171
171
|
return success
|
|
172
172
|
|
|
173
|
-
def produce_from_json(self, data:
|
|
173
|
+
def produce_from_json(self, data: dict, output_file: str = None) -> tuple[bool, dict]: # noqa: PLR0912
|
|
174
174
|
"""
|
|
175
175
|
Produce the CycloneDX output from the raw scan results input data
|
|
176
176
|
|
|
177
177
|
Args:
|
|
178
|
-
data (
|
|
178
|
+
data (dict): JSON object
|
|
179
179
|
output_file (str, optional): Output file (optional). Defaults to None.
|
|
180
180
|
|
|
181
181
|
Returns:
|
scanoss/data/build_date.txt
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
date:
|
|
1
|
+
date: 20250715073533, utime: 1752564933
|
scanoss/scanoss_settings.py
CHANGED
|
@@ -172,7 +172,7 @@ class ScanossSettings(ScanossBase):
|
|
|
172
172
|
|
|
173
173
|
def _get_bom(self):
|
|
174
174
|
"""
|
|
175
|
-
Get the
|
|
175
|
+
Get the Bill of Materials from the settings file
|
|
176
176
|
Returns:
|
|
177
177
|
dict: If using scanoss.json
|
|
178
178
|
list: If using SBOM.json
|
|
@@ -196,6 +196,17 @@ class ScanossSettings(ScanossBase):
|
|
|
196
196
|
return self._get_bom()
|
|
197
197
|
return self._get_bom().get('include', [])
|
|
198
198
|
|
|
199
|
+
|
|
200
|
+
def get_bom_exclude(self) -> List[BomEntry]:
|
|
201
|
+
"""
|
|
202
|
+
Get the list of components to exclude from the scan
|
|
203
|
+
Returns:
|
|
204
|
+
list: List of components to exclude from the scan
|
|
205
|
+
"""
|
|
206
|
+
if self.settings_file_type == 'legacy':
|
|
207
|
+
return self._get_bom()
|
|
208
|
+
return self._get_bom().get('exclude', [])
|
|
209
|
+
|
|
199
210
|
def get_bom_remove(self) -> List[BomEntry]:
|
|
200
211
|
"""
|
|
201
212
|
Get the list of components to remove from the scan
|
|
@@ -225,8 +236,8 @@ class ScanossSettings(ScanossBase):
|
|
|
225
236
|
if not self.data:
|
|
226
237
|
return None
|
|
227
238
|
return {
|
|
228
|
-
'scan_type': self.scan_type,
|
|
229
239
|
'assets': json.dumps(self._get_sbom_assets()),
|
|
240
|
+
'scan_type': self.scan_type,
|
|
230
241
|
}
|
|
231
242
|
|
|
232
243
|
def _get_sbom_assets(self):
|
|
@@ -235,7 +246,18 @@ class ScanossSettings(ScanossBase):
|
|
|
235
246
|
Returns:
|
|
236
247
|
List: List of SBOM assets
|
|
237
248
|
"""
|
|
238
|
-
|
|
249
|
+
|
|
250
|
+
if self.settings_file_type == 'new':
|
|
251
|
+
if len(self.get_bom_include()):
|
|
252
|
+
self.scan_type = 'identify'
|
|
253
|
+
include_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_include()))
|
|
254
|
+
return {"components": include_bom_entries}
|
|
255
|
+
elif len(self.get_bom_exclude()):
|
|
256
|
+
self.scan_type = 'blacklist'
|
|
257
|
+
exclude_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_exclude()))
|
|
258
|
+
return {"components": exclude_bom_entries}
|
|
259
|
+
|
|
260
|
+
if self.settings_file_type == 'legacy' and self.scan_type == 'identify': # sbom-identify.json
|
|
239
261
|
include_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_include()))
|
|
240
262
|
replace_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_replace()))
|
|
241
263
|
self.print_debug(
|
|
@@ -244,6 +266,14 @@ class ScanossSettings(ScanossBase):
|
|
|
244
266
|
f'From Replace list: {[entry["purl"] for entry in replace_bom_entries]} \n'
|
|
245
267
|
)
|
|
246
268
|
return include_bom_entries + replace_bom_entries
|
|
269
|
+
|
|
270
|
+
if self.settings_file_type == 'legacy' and self.scan_type == 'blacklist': # sbom-identify.json
|
|
271
|
+
exclude_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_exclude()))
|
|
272
|
+
self.print_debug(
|
|
273
|
+
f"Scan type set to 'blacklist'. Adding {len(exclude_bom_entries)} components as context to the scan. \n" # noqa: E501
|
|
274
|
+
f'From Exclude list: {[entry["purl"] for entry in exclude_bom_entries]} \n')
|
|
275
|
+
return exclude_bom_entries
|
|
276
|
+
|
|
247
277
|
return self.normalize_bom_entries(self.get_bom_remove())
|
|
248
278
|
|
|
249
279
|
@staticmethod
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: scanoss
|
|
3
|
-
Version: 1.
|
|
3
|
+
Version: 1.29.0
|
|
4
4
|
Summary: Simple Python library to leverage the SCANOSS APIs
|
|
5
5
|
Home-page: https://scanoss.com
|
|
6
6
|
Author: SCANOSS
|
|
@@ -13,7 +13,7 @@ Classifier: License :: OSI Approved :: MIT License
|
|
|
13
13
|
Classifier: Operating System :: OS Independent
|
|
14
14
|
Classifier: Development Status :: 5 - Production/Stable
|
|
15
15
|
Classifier: Programming Language :: Python :: 3
|
|
16
|
-
Requires-Python: >=3.
|
|
16
|
+
Requires-Python: >=3.9
|
|
17
17
|
Description-Content-Type: text/markdown
|
|
18
18
|
License-File: LICENSE
|
|
19
19
|
Requires-Dist: requests
|
|
@@ -174,7 +174,7 @@ if __name__ == "__main__":
|
|
|
174
174
|
```
|
|
175
175
|
|
|
176
176
|
## Requirements
|
|
177
|
-
Python 3.
|
|
177
|
+
Python 3.9 or higher.
|
|
178
178
|
|
|
179
179
|
## Source code
|
|
180
180
|
The source for this package can be found [here](https://github.com/scanoss/scanoss.py).
|
|
@@ -4,19 +4,19 @@ protoc_gen_swagger/options/annotations_pb2.py,sha256=b25EDD6gssUWnFby9gxgcpLIROT
|
|
|
4
4
|
protoc_gen_swagger/options/annotations_pb2_grpc.py,sha256=1oboBPFxaTEXt9Aw7EAj8gXHDCNMhZD2VXqocC9l_gk,159
|
|
5
5
|
protoc_gen_swagger/options/openapiv2_pb2.py,sha256=vYElGp8E1vGHszvWqX97zNG9GFJ7u2QcdK9ouq0XdyI,14939
|
|
6
6
|
protoc_gen_swagger/options/openapiv2_pb2_grpc.py,sha256=1oboBPFxaTEXt9Aw7EAj8gXHDCNMhZD2VXqocC9l_gk,159
|
|
7
|
-
scanoss/__init__.py,sha256=
|
|
8
|
-
scanoss/cli.py,sha256=
|
|
7
|
+
scanoss/__init__.py,sha256=XTAk-l3ntps3-o54lFtGf416on1_H2KJQix36NTu5fU,1146
|
|
8
|
+
scanoss/cli.py,sha256=3ECRfRo4K01TdNIJ1qRySz5-p8tQi8mAzH2tPPIUuuc,72552
|
|
9
9
|
scanoss/components.py,sha256=b0R9DdKuXqyQiw5nZZwjQ6NJXBr1U9gyx1RI2FP9ozA,14511
|
|
10
10
|
scanoss/constants.py,sha256=On8mQ-8ardVMHSJ7WOJqeTvGXIOWPLCgUanjE7Wk-wE,351
|
|
11
11
|
scanoss/cryptography.py,sha256=oj5HHgJk1e31dzQfB-5sIVmQVcUJMsP5DUPyP9QpPgQ,9806
|
|
12
12
|
scanoss/csvoutput.py,sha256=qNKRwcChSkgIwLm00kZiVX6iHVQUF4Apl-sMbzJ5Taw,10192
|
|
13
|
-
scanoss/cyclonedx.py,sha256=
|
|
13
|
+
scanoss/cyclonedx.py,sha256=eNiji61gTovtdw_OkFA_MNzY7cW2rwBvWC2upaBRpog,16334
|
|
14
14
|
scanoss/file_filters.py,sha256=2DzyvSVR7We7U36UurtJj3cdQturUjDl8j3OIqmv4Pg,20638
|
|
15
15
|
scanoss/filecount.py,sha256=RZjKQ6M5P_RQg0_PMD2tsRe5Z8f98ke0sxYVjPDN8iQ,6538
|
|
16
16
|
scanoss/results.py,sha256=47ZXXuU2sDjYa5vhtbWTmikit9jHhA0rsYKwkvZFI5w,9252
|
|
17
17
|
scanoss/scancodedeps.py,sha256=JbpoGW1POtPMmowzfwa4oh8sSBeeQCqaW9onvc4UFYM,11517
|
|
18
18
|
scanoss/scanner.py,sha256=tS5yR6byhbVliSV0vTC7dkdX9XOhiTi8s9tCkDSObik,45397
|
|
19
|
-
scanoss/scanoss_settings.py,sha256=
|
|
19
|
+
scanoss/scanoss_settings.py,sha256=W8uFQ6uRIqtE-DXXA56bO8I4GsbJ-aA1c84hQ_qBel4,12161
|
|
20
20
|
scanoss/scanossapi.py,sha256=v4D9i9Impa82Enw-5hZ7KLlscDIpaILNbGOMj3MJXqs,13067
|
|
21
21
|
scanoss/scanossbase.py,sha256=Dkpwxa8NH8XN1iRl03NM_Mkvby0JQ4qfvCiiUrJ5ul0,3163
|
|
22
22
|
scanoss/scanossgrpc.py,sha256=uwAp9CzA_t7oMXYo7o81j8kVgn8qSeTjA4b1Jj8hoL0,30011
|
|
@@ -57,7 +57,7 @@ scanoss/api/vulnerabilities/__init__.py,sha256=IFrDk_DTJgKSZmmU-nuLXuq_s8sQZlrSC
|
|
|
57
57
|
scanoss/api/vulnerabilities/v2/__init__.py,sha256=IFrDk_DTJgKSZmmU-nuLXuq_s8sQZlrSCHhIDMJT4r0,1122
|
|
58
58
|
scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2.py,sha256=CFhF80av8tenGvn9AIsGEtRJPuV2dC_syA5JLZb2lDw,5464
|
|
59
59
|
scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2_grpc.py,sha256=HlS4k4Zmx6RIAqaO9I96jD-eyF5yU6Xx04pVm7pdqOg,6864
|
|
60
|
-
scanoss/data/build_date.txt,sha256=
|
|
60
|
+
scanoss/data/build_date.txt,sha256=6Fcsk0phSCVMmiIS65RrexpCmMfwP5QnQfnNFyVFFnw,40
|
|
61
61
|
scanoss/data/scanoss-settings-schema.json,sha256=ClkRYAkjAN0Sk704G8BE_Ok006oQ6YnIGmX84CF8h9w,8798
|
|
62
62
|
scanoss/data/spdx-exceptions.json,sha256=s7UTYxC7jqQXr11YBlIWYCNwN6lRDFTR33Y8rpN_dA4,17953
|
|
63
63
|
scanoss/data/spdx-licenses.json,sha256=A6Z0q82gaTLtnopBfzeIVZjJFxkdRW1g2TuumQc-lII,228794
|
|
@@ -79,9 +79,9 @@ scanoss/utils/abstract_presenter.py,sha256=teiDTxBj5jBMCk2T8i4l1BJPf_u4zBLWrtCTF
|
|
|
79
79
|
scanoss/utils/crc64.py,sha256=TMrwQimSdE6imhFOUL7oAG6Kxu-8qMpGWMuMg8QpSVs,3169
|
|
80
80
|
scanoss/utils/file.py,sha256=62cA9a17TU9ZvfA3FY5HY4-QOajJeSrc8S6xLA_f-3M,2980
|
|
81
81
|
scanoss/utils/simhash.py,sha256=6iu8DOcecPAY36SZjCOzrrLMT9oIE7-gI6QuYwUQ7B0,5793
|
|
82
|
-
scanoss-1.
|
|
83
|
-
scanoss-1.
|
|
84
|
-
scanoss-1.
|
|
85
|
-
scanoss-1.
|
|
86
|
-
scanoss-1.
|
|
87
|
-
scanoss-1.
|
|
82
|
+
scanoss-1.29.0.dist-info/licenses/LICENSE,sha256=LLUaXoiyOroIbr5ubAyrxBOwSRLTm35ETO2FmLpy8QQ,1074
|
|
83
|
+
scanoss-1.29.0.dist-info/METADATA,sha256=9kfYCyVam5BEQ_wn4cTup7DUExwsksphT1jW_R_4M8U,6060
|
|
84
|
+
scanoss-1.29.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
|
|
85
|
+
scanoss-1.29.0.dist-info/entry_points.txt,sha256=Uy28xnaDL5KQ7V77sZD5VLDXPNxYYzSr5tsqtiXVzAs,48
|
|
86
|
+
scanoss-1.29.0.dist-info/top_level.txt,sha256=V11PrQ6Pnrc-nDF9xnisnJ8e6-i7HqSIKVNqduRWcL8,27
|
|
87
|
+
scanoss-1.29.0.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|