scanoss 1.31.4__py3-none-any.whl → 1.31.5__py3-none-any.whl

scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2_grpc.py

@@ -1,14 +1,34 @@
 # Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT!
 """Client and server classes corresponding to protobuf-defined services."""
 import grpc
+import warnings
 
 from scanoss.api.common.v2 import scanoss_common_pb2 as scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2
 from scanoss.api.vulnerabilities.v2 import scanoss_vulnerabilities_pb2 as scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2
 
+GRPC_GENERATED_VERSION = '1.73.1'
+GRPC_VERSION = grpc.__version__
+_version_not_supported = False
+
+try:
+    from grpc._utilities import first_version_is_lower
+    _version_not_supported = first_version_is_lower(GRPC_VERSION, GRPC_GENERATED_VERSION)
+except ImportError:
+    _version_not_supported = True
+
+if _version_not_supported:
+    raise RuntimeError(
+        f'The grpc package installed is at version {GRPC_VERSION},'
+        + f' but the generated code in scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2_grpc.py depends on'
+        + f' grpcio>={GRPC_GENERATED_VERSION}.'
+        + f' Please upgrade your grpc module to grpcio>={GRPC_GENERATED_VERSION}'
+        + f' or downgrade your generated code using grpcio-tools<={GRPC_VERSION}.'
+    )
+
 
 class VulnerabilitiesStub(object):
     """
-    Expose all of the SCANOSS Vulnerability RPCs here
+    Vulnerability Service Definition
     """
 
     def __init__(self, channel):
@@ -21,40 +41,125 @@ class VulnerabilitiesStub(object):
                 '/scanoss.api.vulnerabilities.v2.Vulnerabilities/Echo',
                 request_serializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.EchoRequest.SerializeToString,
                 response_deserializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.EchoResponse.FromString,
-                )
+                _registered_method=True)
         self.GetCpes = channel.unary_unary(
                 '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetCpes',
                 request_serializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityRequest.SerializeToString,
                 response_deserializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.CpeResponse.FromString,
-                )
+                _registered_method=True)
+        self.GetComponentCpes = channel.unary_unary(
+                '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetComponentCpes',
+                request_serializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentRequest.SerializeToString,
+                response_deserializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentCpesResponse.FromString,
+                _registered_method=True)
+        self.GetComponentsCpes = channel.unary_unary(
+                '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetComponentsCpes',
+                request_serializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentsRequest.SerializeToString,
+                response_deserializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentsCpesResponse.FromString,
+                _registered_method=True)
         self.GetVulnerabilities = channel.unary_unary(
                 '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetVulnerabilities',
                 request_serializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityRequest.SerializeToString,
                 response_deserializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityResponse.FromString,
-                )
+                _registered_method=True)
+        self.GetComponentVulnerabilities = channel.unary_unary(
+                '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetComponentVulnerabilities',
+                request_serializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentRequest.SerializeToString,
+                response_deserializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentVulnerabilityResponse.FromString,
+                _registered_method=True)
+        self.GetComponentsVulnerabilities = channel.unary_unary(
+                '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetComponentsVulnerabilities',
+                request_serializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentsRequest.SerializeToString,
+                response_deserializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentsVulnerabilityResponse.FromString,
+                _registered_method=True)
 
 
 class VulnerabilitiesServicer(object):
     """
-    Expose all of the SCANOSS Vulnerability RPCs here
+    Vulnerability Service Definition
     """
 
     def Echo(self, request, context):
-        """Standard echo
+        """
+        Returns the same message that was sent, used for health checks and connectivity testing
         """
         context.set_code(grpc.StatusCode.UNIMPLEMENTED)
         context.set_details('Method not implemented!')
         raise NotImplementedError('Method not implemented!')
 
     def GetCpes(self, request, context):
-        """Get CPEs associated with a PURL
+        """
+        Get CPEs (Common Platform Enumeration) associated with a PURL - legacy endpoint.
+
+        Legacy method for retrieving Common Platform Enumeration identifiers
+        associated with software components. Use GetComponentCpes instead.
+        """
+        context.set_code(grpc.StatusCode.UNIMPLEMENTED)
+        context.set_details('Method not implemented!')
+        raise NotImplementedError('Method not implemented!')
+
+    def GetComponentCpes(self, request, context):
+        """
+        Get CPEs (Common Platform Enumeration) associated with a single software component.
+
+        Returns Common Platform Enumeration identifiers that match the specified component.
+        CPEs are used to identify IT platforms in vulnerability databases and enable
+        vulnerability scanning and assessment.
+
+        See: https://github.com/scanoss/papi/blob/main/protobuf/scanoss/api/vulnerabilities/v2/README.md?tab=readme-ov-file#getcomponentcpes
+        """
+        context.set_code(grpc.StatusCode.UNIMPLEMENTED)
+        context.set_details('Method not implemented!')
+        raise NotImplementedError('Method not implemented!')
+
+    def GetComponentsCpes(self, request, context):
+        """
+        Get CPEs (Common Platform Enumeration) associated with multiple software components.
+
+        Returns Common Platform Enumeration identifiers for multiple components in a single request.
+        CPEs are used to identify IT platforms in vulnerability databases and enable
+        vulnerability scanning and assessment.
+
+        See: https://github.com/scanoss/papi/blob/main/protobuf/scanoss/api/vulnerabilities/v2/README.md?tab=readme-ov-file#getcomponentscpes
         """
         context.set_code(grpc.StatusCode.UNIMPLEMENTED)
         context.set_details('Method not implemented!')
         raise NotImplementedError('Method not implemented!')
 
     def GetVulnerabilities(self, request, context):
-        """Get vulnerability details
+        """
+        Get vulnerability details - legacy endpoint.
+
+        Legacy method for retrieving vulnerability information for software components.
+        Use GetComponentVulnerabilities or GetComponentsVulnerabilities instead.
+        """
+        context.set_code(grpc.StatusCode.UNIMPLEMENTED)
+        context.set_details('Method not implemented!')
+        raise NotImplementedError('Method not implemented!')
+
+    def GetComponentVulnerabilities(self, request, context):
+        """
+        Get vulnerability information for a single software component.
+
+        Analyzes the component and returns known vulnerabilities including CVE details,
+        severity scores, publication dates, and other security metadata.
+        Vulnerability data is sourced from various security databases and feeds.
+
+        See: https://github.com/scanoss/papi/blob/main/protobuf/scanoss/api/vulnerabilities/v2/README.md?tab=readme-ov-file#getcomponentvulnerabilities
+        """
+        context.set_code(grpc.StatusCode.UNIMPLEMENTED)
+        context.set_details('Method not implemented!')
+        raise NotImplementedError('Method not implemented!')
+
+    def GetComponentsVulnerabilities(self, request, context):
+        """
+        Get vulnerability information for multiple software components in a single request.
+
+        Analyzes multiple components and returns known vulnerabilities for each including CVE details,
+        severity scores, publication dates, and other security metadata.
+        Vulnerability data is sourced from various security databases and feeds.
+
+        See: https://github.com/scanoss/papi/blob/main/protobuf/scanoss/api/vulnerabilities/v2/README.md?tab=readme-ov-file#getcomponentsvulnerabilities
         """
         context.set_code(grpc.StatusCode.UNIMPLEMENTED)
         context.set_details('Method not implemented!')
@@ -73,21 +178,42 @@ def add_VulnerabilitiesServicer_to_server(servicer, server):
                     request_deserializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityRequest.FromString,
                     response_serializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.CpeResponse.SerializeToString,
             ),
+            'GetComponentCpes': grpc.unary_unary_rpc_method_handler(
+                    servicer.GetComponentCpes,
+                    request_deserializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentRequest.FromString,
+                    response_serializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentCpesResponse.SerializeToString,
+            ),
+            'GetComponentsCpes': grpc.unary_unary_rpc_method_handler(
+                    servicer.GetComponentsCpes,
+                    request_deserializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentsRequest.FromString,
+                    response_serializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentsCpesResponse.SerializeToString,
+            ),
             'GetVulnerabilities': grpc.unary_unary_rpc_method_handler(
                     servicer.GetVulnerabilities,
                     request_deserializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityRequest.FromString,
                     response_serializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityResponse.SerializeToString,
             ),
+            'GetComponentVulnerabilities': grpc.unary_unary_rpc_method_handler(
+                    servicer.GetComponentVulnerabilities,
+                    request_deserializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentRequest.FromString,
+                    response_serializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentVulnerabilityResponse.SerializeToString,
+            ),
+            'GetComponentsVulnerabilities': grpc.unary_unary_rpc_method_handler(
+                    servicer.GetComponentsVulnerabilities,
+                    request_deserializer=scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentsRequest.FromString,
+                    response_serializer=scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentsVulnerabilityResponse.SerializeToString,
+            ),
     }
     generic_handler = grpc.method_handlers_generic_handler(
             'scanoss.api.vulnerabilities.v2.Vulnerabilities', rpc_method_handlers)
     server.add_generic_rpc_handlers((generic_handler,))
+    server.add_registered_method_handlers('scanoss.api.vulnerabilities.v2.Vulnerabilities', rpc_method_handlers)
 
 
  # This class is part of an EXPERIMENTAL API.
 class Vulnerabilities(object):
     """
-    Expose all of the SCANOSS Vulnerability RPCs here
+    Vulnerability Service Definition
     """
 
     @staticmethod
@@ -101,11 +227,21 @@ class Vulnerabilities(object):
             wait_for_ready=None,
             timeout=None,
             metadata=None):
-        return grpc.experimental.unary_unary(request, target, '/scanoss.api.vulnerabilities.v2.Vulnerabilities/Echo',
+        return grpc.experimental.unary_unary(
+            request,
+            target,
+            '/scanoss.api.vulnerabilities.v2.Vulnerabilities/Echo',
             scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.EchoRequest.SerializeToString,
             scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.EchoResponse.FromString,
-            options, channel_credentials,
-            insecure, call_credentials, compression, wait_for_ready, timeout, metadata)
+            options,
+            channel_credentials,
+            insecure,
+            call_credentials,
+            compression,
+            wait_for_ready,
+            timeout,
+            metadata,
+            _registered_method=True)
 
     @staticmethod
     def GetCpes(request,
@@ -118,11 +254,75 @@ class Vulnerabilities(object):
             wait_for_ready=None,
             timeout=None,
             metadata=None):
-        return grpc.experimental.unary_unary(request, target, '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetCpes',
+        return grpc.experimental.unary_unary(
+            request,
+            target,
+            '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetCpes',
             scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityRequest.SerializeToString,
             scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.CpeResponse.FromString,
-            options, channel_credentials,
-            insecure, call_credentials, compression, wait_for_ready, timeout, metadata)
+            options,
+            channel_credentials,
+            insecure,
+            call_credentials,
+            compression,
+            wait_for_ready,
+            timeout,
+            metadata,
+            _registered_method=True)
+
+    @staticmethod
+    def GetComponentCpes(request,
+            target,
+            options=(),
+            channel_credentials=None,
+            call_credentials=None,
+            insecure=False,
+            compression=None,
+            wait_for_ready=None,
+            timeout=None,
+            metadata=None):
+        return grpc.experimental.unary_unary(
+            request,
+            target,
+            '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetComponentCpes',
+            scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentRequest.SerializeToString,
+            scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentCpesResponse.FromString,
+            options,
+            channel_credentials,
+            insecure,
+            call_credentials,
+            compression,
+            wait_for_ready,
+            timeout,
+            metadata,
+            _registered_method=True)
+
+    @staticmethod
+    def GetComponentsCpes(request,
+            target,
+            options=(),
+            channel_credentials=None,
+            call_credentials=None,
+            insecure=False,
+            compression=None,
+            wait_for_ready=None,
+            timeout=None,
+            metadata=None):
+        return grpc.experimental.unary_unary(
+            request,
+            target,
+            '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetComponentsCpes',
+            scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentsRequest.SerializeToString,
+            scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentsCpesResponse.FromString,
+            options,
+            channel_credentials,
+            insecure,
+            call_credentials,
+            compression,
+            wait_for_ready,
+            timeout,
+            metadata,
+            _registered_method=True)
 
     @staticmethod
     def GetVulnerabilities(request,
@@ -135,8 +335,72 @@ class Vulnerabilities(object):
             wait_for_ready=None,
             timeout=None,
             metadata=None):
-        return grpc.experimental.unary_unary(request, target, '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetVulnerabilities',
+        return grpc.experimental.unary_unary(
+            request,
+            target,
+            '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetVulnerabilities',
             scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityRequest.SerializeToString,
             scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.VulnerabilityResponse.FromString,
-            options, channel_credentials,
-            insecure, call_credentials, compression, wait_for_ready, timeout, metadata)
+            options,
+            channel_credentials,
+            insecure,
+            call_credentials,
+            compression,
+            wait_for_ready,
+            timeout,
+            metadata,
+            _registered_method=True)
+
+    @staticmethod
+    def GetComponentVulnerabilities(request,
+            target,
+            options=(),
+            channel_credentials=None,
+            call_credentials=None,
+            insecure=False,
+            compression=None,
+            wait_for_ready=None,
+            timeout=None,
+            metadata=None):
+        return grpc.experimental.unary_unary(
+            request,
+            target,
+            '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetComponentVulnerabilities',
+            scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentRequest.SerializeToString,
+            scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentVulnerabilityResponse.FromString,
+            options,
+            channel_credentials,
+            insecure,
+            call_credentials,
+            compression,
+            wait_for_ready,
+            timeout,
+            metadata,
+            _registered_method=True)
+
+    @staticmethod
+    def GetComponentsVulnerabilities(request,
+            target,
+            options=(),
+            channel_credentials=None,
+            call_credentials=None,
+            insecure=False,
+            compression=None,
+            wait_for_ready=None,
+            timeout=None,
+            metadata=None):
+        return grpc.experimental.unary_unary(
+            request,
+            target,
+            '/scanoss.api.vulnerabilities.v2.Vulnerabilities/GetComponentsVulnerabilities',
+            scanoss_dot_api_dot_common_dot_v2_dot_scanoss__common__pb2.ComponentsRequest.SerializeToString,
+            scanoss_dot_api_dot_vulnerabilities_dot_v2_dot_scanoss__vulnerabilities__pb2.ComponentsVulnerabilityResponse.FromString,
+            options,
+            channel_credentials,
+            insecure,
+            call_credentials,
+            compression,
+            wait_for_ready,
+            timeout,
+            metadata,
+            _registered_method=True)

scanoss/cli.py

@@ -796,9 +796,9 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
     p_inspect_dt_project_violation.add_argument(
         '--format', '-f',
         required=False,
-        choices=['json', 'md'],
+        choices=['json', 'md', 'jira_md'],
         default='json',
-        help='Output format: json (default) or md (Markdown)'
+        help='Output format: json (default), md (Markdown) or jira_md (JIRA Markdown)'
     )
     p_inspect_dt_project_violation.add_argument(
         '--timeout', '-M',

scanoss/data/build_date.txt

@@ -1 +1 @@
-date: 20250820161348, utime: 1755706428
+date: 20250827093647, utime: 1756287407

scanoss/inspection/dependency_track/project_violation.py

@@ -34,7 +34,6 @@ PROCESSING_RETRY_DELAY = 5  # seconds
 DEFAULT_TIME_OUT = 300.0
 MILLISECONDS_TO_SECONDS = 1000
 
-
 """
 Dependency Track project violation policy check implementation.
 
@@ -43,6 +42,7 @@ It retrieves, processes, and formats policy violations from a Dependency Track i
 for a specific project.
 """
 
+
 class ResolvedLicenseDict(TypedDict):
     """TypedDict for resolved license information from Dependency Track."""
     uuid: str
@@ -125,7 +125,7 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
     This class handles retrieving, processing, and formatting policy violations
     from a Dependency Track instance for a specific project.
     """
-    
+
     def __init__(  # noqa: PLR0913
             self,
             debug: bool = False,
@@ -161,13 +161,13 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
             timeout: Timeout for processing in seconds (default: 300)
         """
         super().__init__(debug, trace, quiet, format_type, status, 'dependency-track', output)
-        self.url = url
         self.api_key = api_key
         self.project_id = project_id
         self.project_name = project_name
         self.project_version = project_version
         self.upload_token = upload_token
         self.timeout = timeout
+        self.url = url.strip().rstrip('/') if url else None
         self.dep_track_service = DependencyTrackService(self.api_key, self.url, debug=debug, trace=trace, quiet=quiet)
 
     def _json(self, project_violations: list[PolicyViolationDict]) -> Dict[str, Any]:
@@ -230,7 +230,7 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
         if not dt_project:
             self.print_stderr('Warning: No project details supplied. Returning False.')
             return False
-        
+
         # Safely extract and normalise timestamp values to numeric types
         def _safe_timestamp(field, value=None, default=0) -> float:
             """Convert timestamp value to float, handling string/numeric types safely."""
@@ -241,7 +241,7 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
             except (ValueError, TypeError):
                 self.print_stderr(f'Warning: Invalid timestamp for {field}, value: {value}, using default: {default}')
                 return float(default)
-        
+
         last_import = _safe_timestamp('lastBomImport', dt_project.get('lastBomImport'), 0)
         last_vulnerability_analysis = _safe_timestamp('lastVulnerabilityAnalysis',
                                                       dt_project.get('lastVulnerabilityAnalysis'), 0
@@ -372,7 +372,7 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
         """
         type_priority = {'SECURITY': 3, 'LICENSE': 2, 'OTHER': 1}
         return sorted(
-            violations, 
+            violations,
             key=lambda x: -type_priority.get(x.get('type', 'OTHER'), 1)
         )
 
@@ -424,8 +424,9 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
             rows.append(row)
         # End for loop
         return {
-            "details": f'### Dependency Track Project Violations\n{table_generator(headers, rows, c_cols)}\n',
-            "summary": f'{len(project_violations)} policy violations were found.\n',
+            "details": f'### Dependency Track Project Violations\n{table_generator(headers, rows, c_cols)}\n\n'
+                       f'View project in Dependency Track [here]({self.url}/projects/{self.project_id}).\n',
+            "summary": f'{len(project_violations)} policy violations were found.\n'
         }
 
     def run(self) -> int:

scanoss/services/dependency_track_service.py

@@ -41,7 +41,7 @@ class DependencyTrackService(ScanossBase):
         super().__init__(debug=debug, trace=trace, quiet=quiet)
         if not url:
             raise ValueError("Error: Dependency Track URL is required")
-        self.url = url.rstrip('/')
+        self.url = url.strip().rstrip('/')
         if not api_key:
             raise ValueError("Error: Dependency Track API key is required")
         self.api_key = api_key

scanoss/threadeddependencies.py

@@ -22,12 +22,12 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
 
-import threading
-import queue
 import json
-from enum import Enum
-from typing import Dict, Optional, Set
+import queue
+import threading
 from dataclasses import dataclass
+from enum import Enum
+from typing import Dict
 
 from .scancodedeps import ScancodeDeps
 from .scanossbase import ScanossBase
@@ -63,7 +63,7 @@ class ThreadedDependencies(ScanossBase):
     inputs: queue.Queue = queue.Queue()
     output: queue.Queue = queue.Queue()
 
-    def __init__(
+    def __init__(  # noqa: PLR0913
         self,
         sc_deps: ScancodeDeps,
         grpc_api: ScanossGrpc,
@@ -180,13 +180,15 @@ class ThreadedDependencies(ScanossBase):
             return self.filter_dependencies(
                 deps, lambda purl: (exclude and purl not in exclude) or (not exclude and purl in include)
             )
+        return None
 
-    def scan_dependencies(
+    def scan_dependencies(  # noqa: PLR0912
         self, dep_scope: SCOPE = None, dep_scope_include: str = None, dep_scope_exclude: str = None
     ) -> None:
         """
         Scan for dependencies from the given file/dir or from an input file (from the input queue).
         """
+        # TODO refactor to simplify branches based on PLR0912
         current_thread = threading.get_ident()
         self.print_trace(f'Starting dependency worker {current_thread}...')
         try:
@@ -194,18 +196,17 @@ class ThreadedDependencies(ScanossBase):
             deps = None
             if what_to_scan.startswith(DEP_FILE_PREFIX):  # We have a pre-parsed dependency file, load it
                 deps = self.sc_deps.load_from_file(what_to_scan.strip(DEP_FILE_PREFIX))
-            else:  # Search the file/folder for dependency files to parse
-                if not self.sc_deps.run_scan(what_to_scan=what_to_scan):
-                    self._errors = True
-                else:
-                    deps = self.sc_deps.produce_from_file()
-                    if dep_scope is not None:
-                        self.print_debug(f'Filtering {dep_scope.name} dependencies')
-                    if dep_scope_include is not None:
-                        self.print_debug(f"Including dependencies with '{dep_scope_include.split(',')}' scopes")
-                    if dep_scope_exclude is not None:
-                        self.print_debug(f"Excluding dependencies with '{dep_scope_exclude.split(',')}' scopes")
-                    deps = self.filter_dependencies_by_scopes(deps, dep_scope, dep_scope_include, dep_scope_exclude)
+            elif not self.sc_deps.run_scan(what_to_scan=what_to_scan):
+                self._errors = True
+            else:
+                deps = self.sc_deps.produce_from_file()
+                if dep_scope is not None:
+                    self.print_debug(f'Filtering {dep_scope.name} dependencies')
+                if dep_scope_include is not None:
+                    self.print_debug(f"Including dependencies with '{dep_scope_include.split(',')}' scopes")
+                if dep_scope_exclude is not None:
+                    self.print_debug(f"Excluding dependencies with '{dep_scope_exclude.split(',')}' scopes")
+                deps = self.filter_dependencies_by_scopes(deps, dep_scope, dep_scope_include, dep_scope_exclude)
 
             if not self._errors:
                 if deps is None:

{scanoss-1.31.4.dist-info → scanoss-1.31.5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.31.4
+Version: 1.31.5
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -30,6 +30,7 @@ Requires-Dist: packageurl-python
 Requires-Dist: pathspec
 Requires-Dist: jsonschema
 Requires-Dist: crc
+Requires-Dist: protoc-gen-openapiv2
 Requires-Dist: cyclonedx-python-lib[validation]
 Provides-Extra: fast-winnowing
 Requires-Dist: scanoss_winnowing>=0.5.0; extra == "fast-winnowing"