PyPI - scanoss - Versions diffs - 1.28.2__tar.gz → 1.29.0__tar.gz - Mend

scanoss 1.28.2tar.gz → 1.29.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (100) hide show

{scanoss-1.28.2 → scanoss-1.29.0}/PACKAGE.md RENAMED Viewed

@@ -138,7 +138,7 @@ if __name__ == "__main__":
 ```
 ## Requirements
-Python 3.7 or higher.
+Python 3.9 or higher.
 ## Source code
 The source for this package can be found [here](https://github.com/scanoss/scanoss.py).

{scanoss-1.28.2/src/scanoss.egg-info → scanoss-1.29.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.28.2
+Version: 1.29.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -13,7 +13,7 @@ Classifier: License :: OSI Approved :: MIT License
 Classifier: Operating System :: OS Independent
 Classifier: Development Status :: 5 - Production/Stable
 Classifier: Programming Language :: Python :: 3
-Requires-Python: >=3.7
+Requires-Python: >=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: requests
@@ -174,7 +174,7 @@ if __name__ == "__main__":
 ```
 ## Requirements
-Python 3.7 or higher.
+Python 3.9 or higher.
 ## Source code
 The source for this package can be found [here](https://github.com/scanoss/scanoss.py).

{scanoss-1.28.2 → scanoss-1.29.0}/README.md RENAMED Viewed

@@ -24,7 +24,7 @@ To leverage the CLI from within a container, please look at [GHCR.md](GHCR.md).
 Before starting with development of this project, please read our [CONTRIBUTING](CONTRIBUTING.md) and [CODE OF CONDUCT](CODE_OF_CONDUCT.md).
 ### Requirements
-Python 3.7 or higher.
+Python 3.9 or higher.
 The dependencies can be found in the [requirements.txt](requirements.txt) and [requirements-dev.txt](requirements-dev.txt) files.

{scanoss-1.28.2 → scanoss-1.29.0}/pyproject.toml RENAMED Viewed

@@ -6,8 +6,8 @@ build-backend = "setuptools.build_meta"
 # Enable pycodestyle (E), pyflakes (F), isort (I), pylint (PL)
 select = ["E", "F", "I", "PL"]
 line-length = 120
-# Assume Python 3.7+
-target-version = "py37"
+# Assume Python 3.9+
+target-version = "py39"
 exclude = [
     "tests/*",
     "test_*.py",

{scanoss-1.28.2 → scanoss-1.29.0}/setup.cfg RENAMED Viewed

@@ -23,7 +23,7 @@ packages = find_namespace:
 package_dir =
 	= src
 include_package_data = True
-python_requires = >=3.7
+python_requires = >=3.9
 install_requires =
 	requests
 	crc32c>=2.2

{scanoss-1.28.2 → scanoss-1.29.0}/src/scanoss/__init__.py RENAMED Viewed

@@ -22,4 +22,4 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
-__version__ = '1.28.2'
+__version__ = '1.29.0'

{scanoss-1.28.2 → scanoss-1.29.0}/src/scanoss/cli.py RENAMED Viewed

@@ -1071,9 +1071,8 @@ def scan(parser, args):  # noqa: PLR0912, PLR0915
                     'blacklist'
                 )
             else:
-                scan_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new').set_scan_type(
-                    'identify'
-                )
+                scan_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
         except ScanossSettingsError as e:
             print_stderr(f'Error: {e}')
             sys.exit(1)

{scanoss-1.28.2 → scanoss-1.29.0}/src/scanoss/cyclonedx.py RENAMED Viewed

@@ -48,10 +48,10 @@ class CycloneDx(ScanossBase):
         self.debug = debug
         self._spdx = SpdxLite(debug=debug)
-    def parse(self, data: json):  # noqa: PLR0912, PLR0915
+    def parse(self, data: dict):  # noqa: PLR0912, PLR0915
         """
         Parse the given input (raw/plain) JSON string and return CycloneDX summary
-        :param data: json - JSON object
+        :param data: dict - JSON object
         :return: CycloneDX dictionary, and vulnerability dictionary
         """
         if not data:
@@ -170,12 +170,12 @@ class CycloneDx(ScanossBase):
             success = self.produce_from_str(f.read(), output_file)
         return success
-    def produce_from_json(self, data: json, output_file: str = None) -> tuple[bool, json]:  # noqa: PLR0912
+    def produce_from_json(self, data: dict, output_file: str = None) -> tuple[bool, dict]:  # noqa: PLR0912
         """
         Produce the CycloneDX output from the raw scan results input data
         Args:
-            data (json): JSON object
+            data (dict): JSON object
             output_file (str, optional): Output file (optional). Defaults to None.
         Returns:

scanoss-1.29.0/src/scanoss/data/build_date.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ date: 20250715073533, utime: 1752564933

{scanoss-1.28.2 → scanoss-1.29.0}/src/scanoss/scanoss_settings.py RENAMED Viewed

@@ -172,7 +172,7 @@ class ScanossSettings(ScanossBase):
     def _get_bom(self):
         """
-        Get the Billing of Materials from the settings file
+        Get the Bill of Materials from the settings file
         Returns:
             dict: If using scanoss.json
             list: If using SBOM.json
@@ -196,6 +196,17 @@ class ScanossSettings(ScanossBase):
             return self._get_bom()
         return self._get_bom().get('include', [])
+    def get_bom_exclude(self) -> List[BomEntry]:
+        """
+        Get the list of components to exclude from the scan
+        Returns:
+            list: List of components to exclude from the scan
+        """
+        if self.settings_file_type == 'legacy':
+            return self._get_bom()
+        return self._get_bom().get('exclude', [])
     def get_bom_remove(self) -> List[BomEntry]:
         """
         Get the list of components to remove from the scan
@@ -225,8 +236,8 @@ class ScanossSettings(ScanossBase):
         if not self.data:
             return None
         return {
-            'scan_type': self.scan_type,
             'assets': json.dumps(self._get_sbom_assets()),
+            'scan_type': self.scan_type,
         }
     def _get_sbom_assets(self):
@@ -235,7 +246,18 @@ class ScanossSettings(ScanossBase):
         Returns:
             List: List of SBOM assets
         """
-        if self.scan_type == 'identify':
+        if self.settings_file_type == 'new':
+            if len(self.get_bom_include()):
+                self.scan_type = 'identify'
+                include_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_include()))
+                return {"components": include_bom_entries}
+            elif len(self.get_bom_exclude()):
+                self.scan_type = 'blacklist'
+                exclude_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_exclude()))
+                return {"components": exclude_bom_entries}
+        if self.settings_file_type == 'legacy' and self.scan_type == 'identify':            # sbom-identify.json
             include_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_include()))
             replace_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_replace()))
             self.print_debug(
@@ -244,6 +266,14 @@ class ScanossSettings(ScanossBase):
                 f'From Replace list: {[entry["purl"] for entry in replace_bom_entries]} \n'
             )
             return include_bom_entries + replace_bom_entries
+        if self.settings_file_type == 'legacy' and self.scan_type == 'blacklist':            # sbom-identify.json
+            exclude_bom_entries = self._remove_duplicates(self.normalize_bom_entries(self.get_bom_exclude()))
+            self.print_debug(
+                f"Scan type set to 'blacklist'. Adding {len(exclude_bom_entries)} components as context to the scan. \n"  # noqa: E501
+                f'From Exclude list: {[entry["purl"] for entry in exclude_bom_entries]} \n')
+            return exclude_bom_entries
         return self.normalize_bom_entries(self.get_bom_remove())
     @staticmethod

{scanoss-1.28.2 → scanoss-1.29.0/src/scanoss.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.28.2
+Version: 1.29.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -13,7 +13,7 @@ Classifier: License :: OSI Approved :: MIT License
 Classifier: Operating System :: OS Independent
 Classifier: Development Status :: 5 - Production/Stable
 Classifier: Programming Language :: Python :: 3
-Requires-Python: >=3.7
+Requires-Python: >=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: requests
@@ -174,7 +174,7 @@ if __name__ == "__main__":
 ```
 ## Requirements
-Python 3.7 or higher.
+Python 3.9 or higher.
 ## Source code
 The source for this package can be found [here](https://github.com/scanoss/scanoss.py).