scanoss 1.28.3__py3-none-any.whl → 1.30.0__py3-none-any.whl

scanoss/__init__.py

@@ -22,4 +22,4 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
 
-__version__ = '1.28.3'
+__version__ = '1.30.0'

scanoss/cli.py

@@ -25,6 +25,7 @@ SPDX-License-Identifier: MIT
 import argparse
 import os
 import sys
+import traceback
 from dataclasses import asdict
 from pathlib import Path
 from typing import List
@@ -32,6 +33,10 @@ from typing import List
 import pypac
 
 from scanoss.cryptography import Cryptography, create_cryptography_config_from_args
+from scanoss.export.dependency_track import (
+    DependencyTrackExporter,
+    create_dependency_track_exporter_config_from_args,
+)
 from scanoss.inspection.component_summary import ComponentSummary
 from scanoss.inspection.license_summary import LicenseSummary
 from scanoss.scanners.container_scanner import (
@@ -553,13 +558,17 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
     ####### INSPECT: License Summary ######
     # Inspect Sub-command: inspect license summary
     p_license_summary = p_inspect_sub.add_parser(
-        'license-summary', aliases=['lic-summary', 'licsum'], description='Get license summary',
-        help='Get detected license summary from scan results'
+        'license-summary',
+        aliases=['lic-summary', 'licsum'],
+        description='Get license summary',
+        help='Get detected license summary from scan results',
     )
 
     p_component_summary = p_inspect_sub.add_parser(
-        'component-summary', aliases=['comp-summary', 'compsum'], description='Get component summary',
-        help='Get detected component summary from scan results'
+        'component-summary',
+        aliases=['comp-summary', 'compsum'],
+        description='Get component summary',
+        help='Get detected component summary from scan results',
     )
 
     ####### INSPECT: Undeclared components ######
@@ -605,6 +614,36 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
 
     ########################################### END INSPECT SUBCOMMAND ###########################################
 
+    # Sub-command: export
+    p_export = subparsers.add_parser(
+        'export',
+        aliases=['exp'],
+        description=f'Export SBOM files to external platforms: {__version__}',
+        help='Export SBOM files to external platforms',
+    )
+
+    export_sub = p_export.add_subparsers(
+        title='Export Commands',
+        dest='subparsercmd',
+        description='export sub-commands',
+        help='export sub-commands',
+    )
+
+    # Export Sub-command: export dt (Dependency Track)
+    e_dt = export_sub.add_parser(
+        'dt',
+        aliases=['dependency-track'],
+        description='Export SBOM to Dependency Track',
+        help='Upload SBOM files to Dependency Track',
+    )
+    e_dt.add_argument('-i', '--input', type=str, required=True, help='Input SBOM file (CycloneDX JSON format)')
+    e_dt.add_argument('--dt-url', type=str, required=True, help='Dependency Track base URL')
+    e_dt.add_argument('--dt-apikey', type=str, required=True, help='Dependency Track API key')
+    e_dt.add_argument('--dt-projectid', type=str, help='Dependency Track project UUID')
+    e_dt.add_argument('--dt-projectname', type=str, help='Dependency Track project name')
+    e_dt.add_argument('--dt-projectversion', type=str, help='Dependency Track project version')
+    e_dt.set_defaults(func=export_dt)
+
     # Sub-command: folder-scan
     p_folder_scan = subparsers.add_parser(
         'folder-scan',
@@ -858,6 +897,7 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
         p_crypto_algorithms,
         p_crypto_hints,
         p_crypto_versions_in_range,
+        e_dt,
     ]:
         p.add_argument('--debug', '-d', action='store_true', help='Enable debug messages')
         p.add_argument('--trace', '-t', action='store_true', help='Enable trace messages, including API posts')
@@ -871,7 +911,8 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
         parser.print_help()  # No sub command subcommand, print general help
         sys.exit(1)
     elif (
-        args.subparser in ('utils', 'ut', 'component', 'comp', 'inspect', 'insp', 'ins', 'crypto', 'cr')
+        args.subparser
+        in ('utils', 'ut', 'component', 'comp', 'inspect', 'insp', 'ins', 'crypto', 'cr', 'export', 'exp')
     ) and not args.subparsercmd:
         parser.parse_args([args.subparser, '--help'])  # Force utils helps to be displayed
         sys.exit(1)
@@ -1304,6 +1345,7 @@ def convert(parser, args):
     if not success:
         sys.exit(1)
 
+
 ################################ INSPECT handlers ################################
 def inspect_copyleft(parser, args):
     """
@@ -1381,16 +1423,17 @@ def inspect_undeclared(parser, args):
     status, _ = i_undeclared.run()
     sys.exit(status)
 
+
 def inspect_license_summary(parser, args):
     """
-       Run the "inspect" sub-command
-       Parameters
-       ----------
-           parser: ArgumentParser
-               command line parser object
-           args: Namespace
-               Parsed arguments
-       """
+    Run the "inspect" sub-command
+    Parameters
+    ----------
+        parser: ArgumentParser
+            command line parser object
+        args: Namespace
+            Parsed arguments
+    """
     if args.input is None:
         print_stderr('Please specify an input file to inspect')
         parser.parse_args([args.subparser, args.subparsercmd, '-h'])
@@ -1412,16 +1455,17 @@ def inspect_license_summary(parser, args):
     )
     i_license_summary.run()
 
+
 def inspect_component_summary(parser, args):
     """
-       Run the "inspect" sub-command
-       Parameters
-       ----------
-           parser: ArgumentParser
-               command line parser object
-           args: Namespace
-               Parsed arguments
-       """
+    Run the "inspect" sub-command
+    Parameters
+    ----------
+        parser: ArgumentParser
+            command line parser object
+        args: Namespace
+            Parsed arguments
+    """
     if args.input is None:
         print_stderr('Please specify an input file to inspect')
         parser.parse_args([args.subparser, args.subparsercmd, '-h'])
@@ -1440,8 +1484,42 @@ def inspect_component_summary(parser, args):
     )
     i_component_summary.run()
 
+
 ################################ End inspect handlers ################################
 
+
+def export_dt(parser, args):
+    """
+    Run the "export dt" sub-command
+    Parameters
+    ----------
+        parser: ArgumentParser
+            command line parser object
+        args: Namespace
+            Parsed arguments
+    """
+
+    try:
+        config = create_dependency_track_exporter_config_from_args(args)
+        dt_exporter = DependencyTrackExporter(
+            config=config,
+            debug=args.debug,
+            trace=args.trace,
+            quiet=args.quiet,
+        )
+
+        success = dt_exporter.upload_sbom(args.input)
+
+        if not success:
+            sys.exit(1)
+
+    except Exception as e:
+        print_stderr(f'ERROR: {e}')
+        if args.debug:
+            traceback.print_exc()
+        sys.exit(1)
+
+
 def utils_certloc(*_):
     """
     Run the "utils certloc" sub-command

scanoss/cyclonedx.py

@@ -28,6 +28,9 @@ import os.path
 import sys
 import uuid
 
+from cyclonedx.schema import SchemaVersion
+from cyclonedx.validation.json import JsonValidator
+
 from . import __version__
 from .scanossbase import ScanossBase
 from .spdxlite import SpdxLite
@@ -48,10 +51,10 @@ class CycloneDx(ScanossBase):
         self.debug = debug
         self._spdx = SpdxLite(debug=debug)
 
-    def parse(self, data: json):  # noqa: PLR0912, PLR0915
+    def parse(self, data: dict):  # noqa: PLR0912, PLR0915
         """
         Parse the given input (raw/plain) JSON string and return CycloneDX summary
-        :param data: json - JSON object
+        :param data: dict - JSON object
         :return: CycloneDX dictionary, and vulnerability dictionary
         """
         if not data:
@@ -170,12 +173,12 @@ class CycloneDx(ScanossBase):
             success = self.produce_from_str(f.read(), output_file)
         return success
 
-    def produce_from_json(self, data: json, output_file: str = None) -> tuple[bool, json]:  # noqa: PLR0912
+    def produce_from_json(self, data: dict, output_file: str = None) -> tuple[bool, dict]:  # noqa: PLR0912
         """
         Produce the CycloneDX output from the raw scan results input data
 
         Args:
-            data (json): JSON object
+            data (dict): JSON object
             output_file (str, optional): Output file (optional). Defaults to None.
 
         Returns:
@@ -296,13 +299,13 @@ class CycloneDx(ScanossBase):
         """
         vuln_id = vuln.get('ID', '') or vuln.get('id', '')
         vuln_cve = vuln.get('CVE', '') or vuln.get('cve', '')
-        
+
         # Skip CPE entries, use CVE if available
         if vuln_id.upper().startswith('CPE:') and vuln_cve:
             vuln_id = vuln_cve
-        
+
         return vuln_id, vuln_cve
-    
+
     def _create_vulnerability_entry(self, vuln_id: str, vuln: dict, vuln_cve: str, purl: str) -> dict:
         """
         Create a new vulnerability entry for CycloneDX format.
@@ -313,61 +316,56 @@ class CycloneDx(ScanossBase):
             'source': {
                 'name': 'NVD' if vuln_source == 'nvd' else 'GitHub Advisories',
                 'url': f'https://nvd.nist.gov/vuln/detail/{vuln_cve}'
-                      if vuln_source == 'nvd'
-                      else f'https://github.com/advisories/{vuln_id}'
+                if vuln_source == 'nvd'
+                else f'https://github.com/advisories/{vuln_id}',
             },
             'ratings': [{'severity': self._sev_lookup(vuln.get('severity', 'unknown').lower())}],
-            'affects': [{'ref': purl}]
+            'affects': [{'ref': purl}],
         }
-    
+
     def append_vulnerabilities(self, cdx_dict: dict, vulnerabilities_data: dict, purl: str) -> dict:
         """
         Append vulnerabilities to an existing CycloneDX dictionary
-        
+
         Args:
             cdx_dict (dict): The existing CycloneDX dictionary
             vulnerabilities_data (dict): The vulnerabilities data from get_vulnerabilities_json
             purl (str): The PURL of the component these vulnerabilities affect
-            
+
         Returns:
             dict: The updated CycloneDX dictionary with vulnerabilities appended
         """
         if not cdx_dict or not vulnerabilities_data:
             return cdx_dict
-            
+
         if 'vulnerabilities' not in cdx_dict:
             cdx_dict['vulnerabilities'] = []
-            
+
         # Extract vulnerabilities from the response
         vulns_list = vulnerabilities_data.get('purls', [])
         if not vulns_list:
             return cdx_dict
-            
+
         vuln_items = vulns_list[0].get('vulnerabilities', [])
-        
+
         for vuln in vuln_items:
             vuln_id, vuln_cve = self._normalize_vulnerability_id(vuln)
-            
+
             # Skip empty IDs or CPE-only entries
             if not vuln_id or vuln_id.upper().startswith('CPE:'):
                 continue
-            
+
             # Check if vulnerability already exists
-            existing_vuln = next(
-                (v for v in cdx_dict['vulnerabilities'] if v.get('id') == vuln_id),
-                None
-            )
-            
+            existing_vuln = next((v for v in cdx_dict['vulnerabilities'] if v.get('id') == vuln_id), None)
+
             if existing_vuln:
                 # Add this PURL to the affects list if not already present
                 if not any(ref.get('ref') == purl for ref in existing_vuln.get('affects', [])):
                     existing_vuln['affects'].append({'ref': purl})
             else:
                 # Create new vulnerability entry
-                cdx_dict['vulnerabilities'].append(
-                    self._create_vulnerability_entry(vuln_id, vuln, vuln_cve, purl)
-                )
-                    
+                cdx_dict['vulnerabilities'].append(self._create_vulnerability_entry(vuln_id, vuln, vuln_cve, purl))
+
         return cdx_dict
 
     @staticmethod
@@ -388,6 +386,25 @@ class CycloneDx(ScanossBase):
             'unknown': 'unknown',
         }.get(value, 'unknown')
 
+    def is_cyclonedx_json(self, json_string: str) -> bool:
+        """
+        Validate if the given JSON string is a valid CycloneDX JSON string
+        Args:
+            json_string (str): JSON string to validate
+        Returns:
+            bool: True if the JSON string is valid, False otherwise
+        """
+        try:
+            cdx_json_validator = JsonValidator(SchemaVersion.V1_6)
+            json_validation_errors = cdx_json_validator.validate_str(json_string)
+            if json_validation_errors:
+                self.print_stderr(f'ERROR: Problem parsing input JSON: {json_validation_errors}')
+                return False
+            return True
+        except Exception as e:
+            self.print_stderr(f'ERROR: Problem parsing input JSON: {e}')
+            return False
+
 
 #
 # End of CycloneDX Class

scanoss/data/build_date.txt

@@ -1 +1 @@
-date: 20250714165622, utime: 1752512182
+date: 20250722103216, utime: 1753180336

scanoss/export/__init__.py

@@ -0,0 +1,23 @@
+"""
+SPDX-License-Identifier: MIT
+
+  Copyright (c) 2025, SCANOSS
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
+"""

scanoss/export/dependency_track.py

@@ -0,0 +1,221 @@
+"""
+SPDX-License-Identifier: MIT
+
+  Copyright (c) 2025, SCANOSS
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
+"""
+
+import base64
+import json
+import traceback
+from dataclasses import dataclass
+from typing import Optional
+
+import requests
+
+from scanoss.cyclonedx import CycloneDx
+
+from ..scanossbase import ScanossBase
+from ..utils.file import validate_json_file
+
+
+@dataclass
+class DependencyTrackExporterConfig:
+    debug: bool = False
+    trace: bool = False
+    quiet: bool = False
+    dt_url: str = None
+    dt_apikey: str = None
+    dt_projectid: Optional[str] = None
+    dt_projectname: Optional[str] = None
+    dt_projectversion: Optional[str] = None
+
+
+def create_dependency_track_exporter_config_from_args(args) -> DependencyTrackExporterConfig:
+    return DependencyTrackExporterConfig(
+        debug=getattr(args, 'debug', False),
+        trace=getattr(args, 'trace', False),
+        quiet=getattr(args, 'quiet', False),
+        dt_url=getattr(args, 'dt_url', None),
+        dt_apikey=getattr(args, 'dt_apikey', None),
+        dt_projectid=getattr(args, 'dt_projectid', None),
+        dt_projectname=getattr(args, 'dt_projectname', None),
+        dt_projectversion=getattr(args, 'dt_projectversion', None),
+    )
+
+
+class DependencyTrackExporter(ScanossBase):
+    """
+    Class for exporting SBOM files to Dependency Track
+    """
+
+    def __init__(
+        self,
+        config: DependencyTrackExporterConfig,
+        debug: bool = False,
+        trace: bool = False,
+        quiet: bool = False,
+    ):
+        """
+        Initialize DependencyTrackExporter
+
+        Args:
+            config: Configuration parameters for the dependency track exporter
+            debug: Enable debug output
+            trace: Enable trace output
+            quiet: Enable quiet mode
+        """
+        super().__init__(debug=debug, trace=trace, quiet=quiet)
+
+        self.dt_url = config.dt_url.rstrip('/')
+        self.dt_apikey = config.dt_apikey
+        self.dt_projectid = config.dt_projectid
+        self.dt_projectname = config.dt_projectname
+        self.dt_projectversion = config.dt_projectversion
+
+        self._validate_config()
+
+    def _validate_config(self):
+        """
+        Validate that the configuration is valid.
+        """
+        has_id = bool(self.dt_projectid)
+        has_name_version = bool(self.dt_projectname and self.dt_projectversion)
+
+        if not (has_id or has_name_version):
+            raise ValueError('Either --dt-projectid OR (--dt-projectname and --dt-projectversion) must be provided')
+
+        if has_id and has_name_version:
+            self.print_debug('Both DT project ID and name/version provided. Using project ID.')
+
+    def _read_and_validate_sbom(self, input_file: str) -> dict:
+        """
+        Read and validate the SBOM file
+
+        Args:
+            input_file: Path to the SBOM file
+
+        Returns:
+            Parsed SBOM content as dictionary
+
+        Raises:
+            ValueError: If file doesn't exist or is invalid or not a valid CycloneDX SBOM
+        """
+        result = validate_json_file(input_file)
+        if not result.is_valid:
+            raise ValueError(f'Invalid JSON file: {result.error}')
+
+        cdx = CycloneDx(debug=self.debug)
+        if not cdx.is_cyclonedx_json(json.dumps(result.data)):
+            raise ValueError(f'Input file is not a valid CycloneDX SBOM: {input_file}')
+
+        return result.data
+
+    def _encode_sbom(self, sbom_content: dict) -> str:
+        """
+        Encode SBOM content to base64
+
+        Args:
+            sbom_content: SBOM dictionary
+
+        Returns:
+            Base64 encoded string
+        """
+        json_str = json.dumps(sbom_content, separators=(',', ':'))
+        encoded = base64.b64encode(json_str.encode('utf-8')).decode('utf-8')
+        return encoded
+
+    def _build_payload(self, encoded_sbom: str) -> dict:
+        """
+        Build the API payload
+
+        Args:
+            encoded_sbom: Base64 encoded SBOM
+
+        Returns:
+            API payload dictionary
+        """
+        if self.dt_projectid:
+            return {'project': self.dt_projectid, 'bom': encoded_sbom}
+        else:
+            return {
+                'projectName': self.dt_projectname,
+                'projectVersion': self.dt_projectversion,
+                'autoCreate': True,
+                'bom': encoded_sbom,
+            }
+
+    def upload_sbom(self, input_file: str) -> bool:
+        """
+        Upload SBOM file to Dependency Track
+
+        Args:
+            input_file: Path to the SBOM file
+
+        Returns:
+            True if successful, False otherwise
+        """
+        try:
+            self.print_stderr(f'Reading SBOM file: {input_file}')
+            sbom_content = self._read_and_validate_sbom(input_file)
+
+            self.print_debug('Encoding SBOM to base64')
+            encoded_sbom = self._encode_sbom(sbom_content)
+
+            payload = self._build_payload(encoded_sbom)
+
+            url = f'{self.dt_url}/api/v1/bom'
+            headers = {'Content-Type': 'application/json', 'X-Api-Key': self.dt_apikey}
+
+            if self.trace:
+                self.print_trace(f'URL: {url}')
+                self.print_trace(f'Headers: {headers}')
+                self.print_trace(f'Payload keys: {list(payload.keys())}')
+
+            self.print_msg('Uploading SBOM to Dependency Track...')
+            response = requests.put(url, json=payload, headers=headers)
+
+            if response.status_code in [200, 201]:
+                self.print_stderr('SBOM uploaded successfully')
+
+                try:
+                    response_data = response.json()
+                    if 'token' in response_data:
+                        self.print_stderr(f'Upload token: {response_data["token"]}')
+                except json.JSONDecodeError:
+                    pass
+
+                return True
+            else:
+                self.print_stderr(f'Upload failed with status code: {response.status_code}')
+                self.print_stderr(f'Response: {response.text}')
+                return False
+
+        except ValueError as e:
+            self.print_stderr(f'Validation error: {e}')
+            return False
+        except requests.exceptions.RequestException as e:
+            self.print_stderr(f'Request error: {e}')
+            return False
+        except Exception as e:
+            self.print_stderr(f'Unexpected error: {e}')
+            if self.debug:
+                traceback.print_exc()
+            return False

{scanoss-1.28.3.dist-info → scanoss-1.30.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.28.3
+Version: 1.30.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -13,7 +13,7 @@ Classifier: License :: OSI Approved :: MIT License
 Classifier: Operating System :: OS Independent
 Classifier: Development Status :: 5 - Production/Stable
 Classifier: Programming Language :: Python :: 3
-Requires-Python: >=3.7
+Requires-Python: >=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: requests
@@ -30,6 +30,7 @@ Requires-Dist: packageurl-python
 Requires-Dist: pathspec
 Requires-Dist: jsonschema
 Requires-Dist: crc
+Requires-Dist: cyclonedx-python-lib[validation]
 Provides-Extra: fast-winnowing
 Requires-Dist: scanoss_winnowing>=0.5.0; extra == "fast-winnowing"
 Dynamic: license-file
@@ -174,7 +175,7 @@ if __name__ == "__main__":
 ```
 
 ## Requirements
-Python 3.7 or higher.
+Python 3.9 or higher.
 
 ## Source code
 The source for this package can be found [here](https://github.com/scanoss/scanoss.py).

{scanoss-1.28.3.dist-info → scanoss-1.30.0.dist-info}/RECORD

@@ -4,13 +4,13 @@ protoc_gen_swagger/options/annotations_pb2.py,sha256=b25EDD6gssUWnFby9gxgcpLIROT
 protoc_gen_swagger/options/annotations_pb2_grpc.py,sha256=1oboBPFxaTEXt9Aw7EAj8gXHDCNMhZD2VXqocC9l_gk,159
 protoc_gen_swagger/options/openapiv2_pb2.py,sha256=vYElGp8E1vGHszvWqX97zNG9GFJ7u2QcdK9ouq0XdyI,14939
 protoc_gen_swagger/options/openapiv2_pb2_grpc.py,sha256=1oboBPFxaTEXt9Aw7EAj8gXHDCNMhZD2VXqocC9l_gk,159
-scanoss/__init__.py,sha256=nqx8SMTAvRv63TpKnRAEk0-b0K5a5HyGjcehx4-HEuk,1146
-scanoss/cli.py,sha256=3ECRfRo4K01TdNIJ1qRySz5-p8tQi8mAzH2tPPIUuuc,72552
+scanoss/__init__.py,sha256=Y6EsxqgHsge72r1bbXior15XkUCks6uDBkv4qD_q4OQ,1146
+scanoss/cli.py,sha256=RXC-4CnjPFKlO2fi4OV-I4fQZXvQkO9MyzZVzbe9N4g,74777
 scanoss/components.py,sha256=b0R9DdKuXqyQiw5nZZwjQ6NJXBr1U9gyx1RI2FP9ozA,14511
 scanoss/constants.py,sha256=On8mQ-8ardVMHSJ7WOJqeTvGXIOWPLCgUanjE7Wk-wE,351
 scanoss/cryptography.py,sha256=oj5HHgJk1e31dzQfB-5sIVmQVcUJMsP5DUPyP9QpPgQ,9806
 scanoss/csvoutput.py,sha256=qNKRwcChSkgIwLm00kZiVX6iHVQUF4Apl-sMbzJ5Taw,10192
-scanoss/cyclonedx.py,sha256=9T3dFhuKzn4EO4k4IQNz6f3PwW3vdjeUfsEk_a-T-DE,16334
+scanoss/cyclonedx.py,sha256=JeAeuj2KYaN72v_08j7b3ZyVOhjXhOHOW7DE3Byp0Wk,16986
 scanoss/file_filters.py,sha256=2DzyvSVR7We7U36UurtJj3cdQturUjDl8j3OIqmv4Pg,20638
 scanoss/filecount.py,sha256=RZjKQ6M5P_RQg0_PMD2tsRe5Z8f98ke0sxYVjPDN8iQ,6538
 scanoss/results.py,sha256=47ZXXuU2sDjYa5vhtbWTmikit9jHhA0rsYKwkvZFI5w,9252
@@ -57,10 +57,12 @@ scanoss/api/vulnerabilities/__init__.py,sha256=IFrDk_DTJgKSZmmU-nuLXuq_s8sQZlrSC
 scanoss/api/vulnerabilities/v2/__init__.py,sha256=IFrDk_DTJgKSZmmU-nuLXuq_s8sQZlrSCHhIDMJT4r0,1122
 scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2.py,sha256=CFhF80av8tenGvn9AIsGEtRJPuV2dC_syA5JLZb2lDw,5464
 scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2_grpc.py,sha256=HlS4k4Zmx6RIAqaO9I96jD-eyF5yU6Xx04pVm7pdqOg,6864
-scanoss/data/build_date.txt,sha256=6EyBDgImxqTYUeVvh7cciY9WPjokbnpPqWrYcC1bsZk,40
+scanoss/data/build_date.txt,sha256=0rK9m6BDqN8Fl_4DclWg16-g7JdJX0fGtb4q381y7Dg,40
 scanoss/data/scanoss-settings-schema.json,sha256=ClkRYAkjAN0Sk704G8BE_Ok006oQ6YnIGmX84CF8h9w,8798
 scanoss/data/spdx-exceptions.json,sha256=s7UTYxC7jqQXr11YBlIWYCNwN6lRDFTR33Y8rpN_dA4,17953
 scanoss/data/spdx-licenses.json,sha256=A6Z0q82gaTLtnopBfzeIVZjJFxkdRW1g2TuumQc-lII,228794
+scanoss/export/__init__.py,sha256=D4C0lWLuNp8k_BjQZEc07WZcUgAvriVwQWOk063b0ZU,1122
+scanoss/export/dependency_track.py,sha256=8jnvNYX8Phit_aMFG43FkuxUvGby_nqW3KwSUfH8OSQ,7458
 scanoss/inspection/__init__.py,sha256=D4C0lWLuNp8k_BjQZEc07WZcUgAvriVwQWOk063b0ZU,1122
 scanoss/inspection/component_summary.py,sha256=h1l3rF6NnoK0wMkS4ib6rDfcza2aqunyoMDbN2lw2G4,4049
 scanoss/inspection/copyleft.py,sha256=ZSA97Vc3o06e66r4SCxwLKjGZOjv6lo92sWbvpzKHvo,9237
@@ -79,9 +81,9 @@ scanoss/utils/abstract_presenter.py,sha256=teiDTxBj5jBMCk2T8i4l1BJPf_u4zBLWrtCTF
 scanoss/utils/crc64.py,sha256=TMrwQimSdE6imhFOUL7oAG6Kxu-8qMpGWMuMg8QpSVs,3169
 scanoss/utils/file.py,sha256=62cA9a17TU9ZvfA3FY5HY4-QOajJeSrc8S6xLA_f-3M,2980
 scanoss/utils/simhash.py,sha256=6iu8DOcecPAY36SZjCOzrrLMT9oIE7-gI6QuYwUQ7B0,5793
-scanoss-1.28.3.dist-info/licenses/LICENSE,sha256=LLUaXoiyOroIbr5ubAyrxBOwSRLTm35ETO2FmLpy8QQ,1074
-scanoss-1.28.3.dist-info/METADATA,sha256=UE_PRuat9H427MmCAD5EbYHuXgiQls1yCkCBV3FQzR0,6060
-scanoss-1.28.3.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-scanoss-1.28.3.dist-info/entry_points.txt,sha256=Uy28xnaDL5KQ7V77sZD5VLDXPNxYYzSr5tsqtiXVzAs,48
-scanoss-1.28.3.dist-info/top_level.txt,sha256=V11PrQ6Pnrc-nDF9xnisnJ8e6-i7HqSIKVNqduRWcL8,27
-scanoss-1.28.3.dist-info/RECORD,,
+scanoss-1.30.0.dist-info/licenses/LICENSE,sha256=LLUaXoiyOroIbr5ubAyrxBOwSRLTm35ETO2FmLpy8QQ,1074
+scanoss-1.30.0.dist-info/METADATA,sha256=usVjgvKzC-kJAJIfZBzoj6KDuoOUm8XaHV3Jo-UYe_c,6108
+scanoss-1.30.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+scanoss-1.30.0.dist-info/entry_points.txt,sha256=Uy28xnaDL5KQ7V77sZD5VLDXPNxYYzSr5tsqtiXVzAs,48
+scanoss-1.30.0.dist-info/top_level.txt,sha256=V11PrQ6Pnrc-nDF9xnisnJ8e6-i7HqSIKVNqduRWcL8,27
+scanoss-1.30.0.dist-info/RECORD,,