scanoss 1.40.0__tar.gz → 1.41.0__tar.gz

{scanoss-1.40.0/src/scanoss.egg-info → scanoss-1.41.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.40.0
+Version: 1.41.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS

{scanoss-1.40.0 → scanoss-1.41.0}/README.md

@@ -135,3 +135,8 @@ Details of major changes to the library can be found in [CHANGELOG.md](CHANGELOG
 
 ## Background
 Details about the Winnowing algorithm used for scanning can be found [here](WINNOWING.md).
+
+## Dataset License Notice
+This application is licensed under the MIT License. In addition, it includes an unmodified copy of the OSADL copyleft license dataset ([osadl-copyleft.json](src/scanoss/data/osadl-copyleft.json)) which is licensed under the [Creative Commons Attribution 4.0 International license (CC-BY-4.0)](https://creativecommons.org/licenses/by/4.0/) by the [Open Source Automation Development Lab (OSADL) eG](https://www.osadl.org/).
+
+**Attribution:** A project by the Open Source Automation Development Lab (OSADL) eG. Original source: [https://www.osadl.org/fileadmin/checklists/copyleft.json](https://www.osadl.org/fileadmin/checklists/copyleft.json)

{scanoss-1.40.0 → scanoss-1.41.0}/src/scanoss/__init__.py

@@ -22,4 +22,4 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
 
-__version__ = '1.40.0'
+__version__ = '1.41.0'

{scanoss-1.40.0 → scanoss-1.41.0}/src/scanoss/cli.py

@@ -35,12 +35,6 @@ import pypac
 from scanoss.cryptography import Cryptography, create_cryptography_config_from_args
 from scanoss.delta import Delta
 from scanoss.export.dependency_track import DependencyTrackExporter
-from scanoss.inspection.dependency_track.project_violation import (
-    DependencyTrackProjectViolationPolicyCheck,
-)
-from scanoss.inspection.raw.component_summary import ComponentSummary
-from scanoss.inspection.raw.license_summary import LicenseSummary
-from scanoss.inspection.raw.match_summary import MatchSummary
 from scanoss.scanners.container_scanner import (
     DEFAULT_SYFT_COMMAND,
     DEFAULT_SYFT_TIMEOUT,
@@ -61,6 +55,7 @@ from . import __version__
 from .components import Components
 from .constants import (
     DEFAULT_API_TIMEOUT,
+    DEFAULT_COPYLEFT_LICENSE_SOURCES,
     DEFAULT_HFH_DEPTH,
     DEFAULT_HFH_MIN_ACCEPTED_SCORE,
     DEFAULT_HFH_RANK_THRESHOLD,
@@ -70,13 +65,20 @@ from .constants import (
     DEFAULT_TIMEOUT,
     MIN_TIMEOUT,
     PYTHON_MAJOR_VERSION,
+    VALID_LICENSE_SOURCES,
 )
 from .csvoutput import CsvOutput
 from .cyclonedx import CycloneDx
 from .filecount import FileCount
 from .gitlabqualityreport import GitLabQualityReport
-from .inspection.raw.copyleft import Copyleft
-from .inspection.raw.undeclared_component import UndeclaredComponent
+from .inspection.policy_check.dependency_track.project_violation import (
+    DependencyTrackProjectViolationPolicyCheck,
+)
+from .inspection.policy_check.scanoss.copyleft import Copyleft
+from .inspection.policy_check.scanoss.undeclared_component import UndeclaredComponent
+from .inspection.summary.component_summary import ComponentSummary
+from .inspection.summary.license_summary import LicenseSummary
+from .inspection.summary.match_summary import MatchSummary
 from .results import Results
 from .scancodedeps import ScancodeDeps
 from .scanner import FAST_WINNOWING, Scanner
@@ -699,6 +701,17 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
         p.add_argument('--exclude', help='Licenses to exclude from analysis (comma-separated list)')
         p.add_argument('--explicit', help='Use only these specific licenses for analysis (comma-separated list)')
 
+    # License source filtering
+    for p in [p_inspect_raw_copyleft, p_inspect_legacy_copyleft]:
+        p.add_argument(
+            '-ls', '--license-sources',
+            action='extend',
+            nargs='+',
+            choices=VALID_LICENSE_SOURCES,
+            help=f'Specify which license sources to check for copyleft violations. Each license object in scan results '
+                 f'has a source field indicating its origin. Default: {", ".join(DEFAULT_COPYLEFT_LICENSE_SOURCES)}',
+        )
+
     # Common options for (legacy) copyleft and undeclared component inspection
     for p in [p_inspect_raw_copyleft, p_inspect_raw_undeclared, p_inspect_legacy_copyleft, p_inspect_legacy_undeclared]:
         p.add_argument('-i', '--input', nargs='?', help='Path to scan results file to analyse')
@@ -1752,8 +1765,8 @@ def inspect_copyleft(parser, args):
             include=args.include,  # Additional licenses to check
             exclude=args.exclude,  # Licenses to ignore
             explicit=args.explicit,  # Explicit license list
+            license_sources=args.license_sources,  # License sources to check (list)
         )
-
         # Execute inspection and exit with appropriate status code
         status, _ = i_copyleft.run()
         sys.exit(status)

{scanoss-1.40.0 → scanoss-1.41.0}/src/scanoss/constants.py

@@ -17,3 +17,6 @@ DEFAULT_HFH_RANK_THRESHOLD = 5
 DEFAULT_HFH_DEPTH = 1
 DEFAULT_HFH_RECURSIVE_THRESHOLD = 0.8
 DEFAULT_HFH_MIN_ACCEPTED_SCORE = 0.15
+
+VALID_LICENSE_SOURCES = ['component_declared', 'license_file', 'file_header', 'file_spdx_tag', 'scancode']
+DEFAULT_COPYLEFT_LICENSE_SOURCES = ['component_declared', 'license_file']

scanoss-1.41.0/src/scanoss/data/build_date.txt

@@ -0,0 +1 @@
+date: 20251117160705, utime: 1763395625

scanoss-1.41.0/src/scanoss/data/osadl-copyleft.json

@@ -0,0 +1,133 @@
+{
+    "title": "OSADL Open Source License Obligations Checklist (https:\/\/www.osadl.org\/Checklists)",
+    "license": "Creative Commons Attribution 4.0 International license (CC-BY-4.0)",
+    "attribution": "A project by the Open Source Automation Development Lab (OSADL) eG. For further information about the project see the description at www.osadl.org\/checklists.",
+    "copyright": "(C) 2017 - 2024 Open Source Automation Development Lab (OSADL) eG and contributors, info@osadl.org",
+    "disclaimer": "The checklists and particularly the copyleft data have been assembled with maximum diligence and care; however, the authors do not warrant nor can be held liable in any way for its correctness, usefulness, merchantibility or fitness for a particular purpose as far as permissible by applicable law. Anyone who uses the information does this on his or her sole responsibility. For any individual legal advice, it is recommended to contact a lawyer.",
+    "timeformat": "%Y-%m-%dT%H:%M:%S%z",
+    "timestamp": "2025-10-30T11:23:00+0000",
+    "copyleft": 
+    {
+        "0BSD": "No",
+        "AFL-2.0": "No",
+        "AFL-2.1": "No",
+        "AFL-3.0": "No",
+        "AGPL-3.0-only": "Yes",
+        "AGPL-3.0-or-later": "Yes",
+        "Apache-1.0": "No",
+        "Apache-1.1": "No",
+        "Apache-2.0": "No",
+        "APSL-2.0": "Yes (restricted)",
+        "Artistic-1.0": "No",
+        "Artistic-1.0-Perl": "No",
+        "Artistic-2.0": "No",
+        "Bitstream-Vera": "No",
+        "blessing": "No",
+        "BlueOak-1.0.0": "No",
+        "BSD-1-Clause": "No",
+        "BSD-2-Clause": "No",
+        "BSD-2-Clause-Patent": "No",
+        "BSD-3-Clause": "No",
+        "BSD-3-Clause-Open-MPI": "No",
+        "BSD-4-Clause": "No",
+        "BSD-4-Clause-UC": "No",
+        "BSD-4.3TAHOE": "No",
+        "BSD-Source-Code": "No",
+        "BSL-1.0": "No",
+        "bzip2-1.0.5": "No",
+        "bzip2-1.0.6": "No",
+        "CC-BY-2.5": "No",
+        "CC-BY-3.0": "No",
+        "CDDL-1.0": "Yes (restricted)",
+        "CDDL-1.1": "Yes (restricted)",
+        "CPL-1.0": "Yes",
+        "curl": "No",
+        "ECL-1.0": "No",
+        "ECL-2.0": "No",
+        "EFL-2.0": "No",
+        "EPL-1.0": "Yes",
+        "EPL-2.0": "Yes (restricted)",
+        "EUPL-1.1": "Yes",
+        "EUPL-1.2": "Yes",
+        "FSFAP": "No",
+        "FSFUL": "No",
+        "FSFULLR": "No",
+        "FSFULLRWD": "No",
+        "FTL": "No",
+        "GPL-1.0-only": "Yes",
+        "GPL-1.0-or-later": "Yes",
+        "GPL-2.0-only": "Yes",
+        "GPL-2.0-only WITH Classpath-exception-2.0": "Yes (restricted)",
+        "GPL-2.0-or-later": "Yes",
+        "GPL-3.0-only": "Yes",
+        "GPL-3.0-or-later": "Yes",
+        "HPND": "No",
+        "IBM-pibs": "No",
+        "ICU": "No",
+        "IJG": "No",
+        "ImageMagick": "No",
+        "Info-ZIP": "No",
+        "IPL-1.0": "Yes",
+        "ISC": "No",
+        "JasPer-2.0": "No",
+        "LGPL-2.0-only": "Yes (restricted)",
+        "LGPL-2.0-or-later": "Yes (restricted)",
+        "LGPL-2.1-only": "Yes (restricted)",
+        "LGPL-2.1-or-later": "Yes (restricted)",
+        "LGPL-3.0-only": "Yes (restricted)",
+        "LGPL-3.0-or-later": "Yes (restricted)",
+        "Libpng": "No",
+        "libpng-2.0": "No",
+        "libtiff": "No",
+        "LicenseRef-scancode-bsla-no-advert": "No",
+        "LicenseRef-scancode-info-zip-2003-05": "No",
+        "LicenseRef-scancode-ppp": "No",
+        "Minpack": "No",
+        "MirOS": "No",
+        "MIT": "No",
+        "MIT-0": "No",
+        "MIT-CMU": "No",
+        "MPL-1.1": "Yes (restricted)",
+        "MPL-2.0": "Yes (restricted)",
+        "MPL-2.0-no-copyleft-exception": "Yes (restricted)",
+        "MS-PL": "Questionable",
+        "MS-RL": "Yes (restricted)",
+        "NBPL-1.0": "No",
+        "NCSA": "No",
+        "NTP": "No",
+        "OFL-1.1": "Yes (restricted)",
+        "OGC-1.0": "No",
+        "OLDAP-2.8": "No",
+        "OpenSSL": "Questionable",
+        "OSL-3.0": "Yes",
+        "PHP-3.01": "No",
+        "PostgreSQL": "No",
+        "PSF-2.0": "No",
+        "Python-2.0": "No",
+        "Qhull": "No",
+        "RSA-MD": "No",
+        "Saxpath": "No",
+        "SGI-B-2.0": "No",
+        "Sleepycat": "Yes",
+        "SMLNJ": "No",
+        "Spencer-86": "No",
+        "SSH-OpenSSH": "No",
+        "SSH-short": "No",
+        "SunPro": "No",
+        "Ubuntu-font-1.0": "Yes (restricted)",
+        "Unicode-3.0": "No",
+        "Unicode-DFS-2015": "No",
+        "Unicode-DFS-2016": "No",
+        "Unlicense": "No",
+        "UPL-1.0": "No",
+        "W3C": "No",
+        "W3C-19980720": "No",
+        "W3C-20150513": "No",
+        "WTFPL": "No",
+        "X11": "No",
+        "XFree86-1.1": "No",
+        "Zlib": "No",
+        "zlib-acknowledgement": "No",
+        "ZPL-2.0": "No"
+    }
+}

{scanoss-1.40.0 → scanoss-1.41.0}/src/scanoss/filecount.py

@@ -26,6 +26,7 @@ import csv
 import os
 import pathlib
 import sys
+from contextlib import nullcontext
 
 from progress.spinner import Spinner
 
@@ -105,48 +106,46 @@ class FileCount(ScanossBase):
         """
         success = True
         if not scan_dir:
-            raise Exception(f'ERROR: Please specify a folder to scan')
+            raise Exception('ERROR: Please specify a folder to scan')
         if not os.path.exists(scan_dir) or not os.path.isdir(scan_dir):
             raise Exception(f'ERROR: Specified folder does not exist or is not a folder: {scan_dir}')
 
         self.print_msg(f'Searching {scan_dir} for files to count...')
-        spinner = None
-        if not self.quiet and self.isatty:
-            spinner = Spinner('Searching ')
-        file_types = {}
-        file_count = 0
-        file_size = 0
-        for root, dirs, files in os.walk(scan_dir):
-            self.print_trace(f'U Root: {root}, Dirs: {dirs}, Files {files}')
-            dirs[:] = self.__filter_dirs(dirs)  # Strip out unwanted directories
-            filtered_files = self.__filter_files(files)  # Strip out unwanted files
-            self.print_trace(f'F Root: {root}, Dirs: {dirs}, Files {filtered_files}')
-            for file in filtered_files:  # Cycle through each filtered file
-                path = os.path.join(root, file)
-                f_size = 0
-                try:
-                    f_size = os.stat(path).st_size
-                except Exception as e:
-                    self.print_trace(f'Ignoring missing symlink file: {file} ({e})')  # broken symlink
-                if f_size > 0:  # Ignore broken links and empty files
-                    file_count = file_count + 1
-                    file_size = file_size + f_size
-                    f_suffix = pathlib.Path(file).suffix
-                    if not f_suffix or f_suffix == '':
-                        f_suffix = 'no_suffix'
-                    self.print_trace(f'Counting {path} ({f_suffix} - {f_size})..')
-                    fc = file_types.get(f_suffix)
-                    if not fc:
-                        fc = [1, f_size]
-                    else:
-                        fc[0] = fc[0] + 1
-                        fc[1] = fc[1] + f_size
-                    file_types[f_suffix] = fc
-                    if spinner:
-                        spinner.next()
-        # End for loop
-        if spinner:
-            spinner.finish()
+        spinner_ctx = Spinner('Searching ') if (not self.quiet and self.isatty) else nullcontext()
+
+        with spinner_ctx as spinner:
+            file_types = {}
+            file_count = 0
+            file_size = 0
+            for root, dirs, files in os.walk(scan_dir):
+                self.print_trace(f'U Root: {root}, Dirs: {dirs}, Files {files}')
+                dirs[:] = self.__filter_dirs(dirs)  # Strip out unwanted directories
+                filtered_files = self.__filter_files(files)  # Strip out unwanted files
+                self.print_trace(f'F Root: {root}, Dirs: {dirs}, Files {filtered_files}')
+                for file in filtered_files:  # Cycle through each filtered file
+                    path = os.path.join(root, file)
+                    f_size = 0
+                    try:
+                        f_size = os.stat(path).st_size
+                    except Exception as e:
+                        self.print_trace(f'Ignoring missing symlink file: {file} ({e})')  # broken symlink
+                    if f_size > 0:  # Ignore broken links and empty files
+                        file_count = file_count + 1
+                        file_size = file_size + f_size
+                        f_suffix = pathlib.Path(file).suffix
+                        if not f_suffix or f_suffix == '':
+                            f_suffix = 'no_suffix'
+                        self.print_trace(f'Counting {path} ({f_suffix} - {f_size})..')
+                        fc = file_types.get(f_suffix)
+                        if not fc:
+                            fc = [1, f_size]
+                        else:
+                            fc[0] = fc[0] + 1
+                            fc[1] = fc[1] + f_size
+                        file_types[f_suffix] = fc
+                        if spinner:
+                            spinner.next()
+            # End for loop
         self.print_stderr(f'Found {file_count:,.0f} files with a total size of {file_size / (1 << 20):,.2f} MB.')
         if file_types:
             csv_dict = []

{scanoss-1.40.0 → scanoss-1.41.0}/src/scanoss/gitlabqualityreport.py

@@ -74,16 +74,21 @@ class GitLabQualityReport(ScanossBase):
         Initialise the GitLabCodeQuality class
         """
         super().__init__(debug, trace, quiet)
+        self.print_trace(f"GitLabQualityReport initialized with debug={debug}, trace={trace}, quiet={quiet}")
 
 
     def _get_code_quality(self, file_name: str, result: dict) -> CodeQuality or None:
+        self.print_trace(f"_get_code_quality called for file: {file_name}")
+        self.print_trace(f"Processing result: {result}")
+
         if not result.get('file_hash'):
             self.print_debug(f"Warning: no hash found for result: {result}")
             return None
 
         if result.get('id') == 'file':
+            self.print_debug(f"Processing file match for: {file_name}")
             description = f"File match found in: {file_name}"
-            return CodeQuality(
+            code_quality = CodeQuality(
                 description=description,
                 check_name=file_name,
                 fingerprint=result.get('file_hash'),
@@ -95,17 +100,21 @@ class GitLabQualityReport(ScanossBase):
                     )
                 )
             )
+            self.print_trace(f"Created file CodeQuality object: {code_quality}")
+            return code_quality
 
         if not result.get('lines'):
             self.print_debug(f"Warning: No lines found for result: {result}")
             return None
         lines = scanoss_scan_results_utils.get_lines(result.get('lines'))
+        self.print_trace(f"Extracted lines: {lines}")
         if len(lines) == 0:
             self.print_debug(f"Warning: empty lines for result: {result}")
             return None
         end_line = lines[len(lines) - 1] if len(lines) > 1 else lines[0]
         description = f"Snippet found in: {file_name} - lines {lines[0]}-{end_line}"
-        return CodeQuality(
+        self.print_debug(f"Processing snippet match for: {file_name}, lines: {lines[0]}-{end_line}")
+        code_quality = CodeQuality(
             description=description,
             check_name=file_name,
             fingerprint=result.get('file_hash'),
@@ -117,35 +126,47 @@ class GitLabQualityReport(ScanossBase):
                 )
             )
         )
+        self.print_trace(f"Created snippet CodeQuality object: {code_quality}")
+        return code_quality
 
     def _write_output(self, data: list[CodeQuality], output_file: str = None) -> bool:
         """Write the Gitlab Code Quality Report to output."""
+        self.print_trace(f"_write_output called with {len(data)} items, output_file: {output_file}")
         try:
             json_data = [item.to_dict() for item in data]
+            self.print_trace(f"JSON data: {json_data}")
             file = open(output_file, 'w') if output_file else sys.stdout
             print(json.dumps(json_data, indent=2), file=file)
             if output_file:
                 file.close()
+                self.print_debug(f"Wrote output to file: {output_file}")
+            else:
+                self.print_debug("Wrote output to 'stdout'")
             return True
         except Exception as e:
             self.print_stderr(f'Error writing output: {str(e)}')
             return False
 
     def _produce_from_json(self, data: dict, output_file: str = None) -> bool:
+        self.print_trace(f"_produce_from_json called with output_file: {output_file}")
+        self.print_debug(f"Processing {len(data)} files from JSON data")
         code_quality = []
         for file_name, results in data.items():
+            self.print_trace(f"Processing file: {file_name} with {len(results)} results")
             for result in results:
                 if not result.get('id'):
                     self.print_debug(f"Warning: No ID found for result: {result}")
                     continue
                 if result.get('id') != 'snippet' and result.get('id') != 'file':
-                    self.print_debug(f"Skipping non-snippet/file match: {result}")
+                    self.print_debug(f"Skipping non-snippet/file match: {file_name}, id: '{result['id']}'")
                     continue
                 code_quality_item = self._get_code_quality(file_name, result)
                 if code_quality_item:
                     code_quality.append(code_quality_item)
+                    self.print_trace(f"Added code quality item for {file_name}")
                 else:
                     self.print_debug(f"Warning: No Code Quality found for result: {result}")
+        self.print_debug(f"Generated {len(code_quality)} code quality items")
         self._write_output(data=code_quality,output_file=output_file)
         return True
 
@@ -156,11 +177,15 @@ class GitLabQualityReport(ScanossBase):
         :param output_file: Output file (optional)
         :return: True if successful, False otherwise
         """
+        self.print_trace(f"_produce_from_str called with output_file: {output_file}")
         if not json_str:
             self.print_stderr('ERROR: No JSON string provided to parse.')
             return False
+        self.print_debug(f"Parsing JSON string of length: {len(json_str)}")
         try:
             data = json.loads(json_str)
+            self.print_debug("Successfully parsed JSON data")
+            self.print_trace(f"Parsed data structure: {type(data)}")
         except Exception as e:
             self.print_stderr(f'ERROR: Problem parsing input JSON: {e}')
             return False
@@ -174,12 +199,16 @@ class GitLabQualityReport(ScanossBase):
         :param output_file:
         :return: True if successful, False otherwise
         """
+        self.print_trace(f"produce_from_file called with json_file: {json_file}, output_file: {output_file}")
+        self.print_debug(f"Input JSON file: {json_file}, output_file: {output_file}")
         if not json_file:
             self.print_stderr('ERROR: No JSON file provided to parse.')
             return False
         if not os.path.isfile(json_file):
             self.print_stderr(f'ERROR: JSON file does not exist or is not a file: {json_file}')
             return False
+        self.print_debug(f"Reading JSON file: {json_file}")
         with open(json_file, 'r') as f:
-            success = self._produce_from_str(f.read(), output_file)
+            json_content = f.read()
+            success = self._produce_from_str(json_content, output_file)
         return success

{scanoss-1.40.0/src/scanoss/inspection → scanoss-1.41.0/src/scanoss/inspection/policy_check}/dependency_track/project_violation.py

@@ -26,9 +26,9 @@ import time
 from datetime import datetime
 from typing import Any, Dict, List, Optional, TypedDict
 
-from ...services.dependency_track_service import DependencyTrackService
-from ..policy_check import PolicyCheck, PolicyStatus
-from ..utils.markdown_utils import generate_jira_table, generate_table
+from ....services.dependency_track_service import DependencyTrackService
+from ...utils.markdown_utils import generate_jira_table, generate_table
+from ..policy_check import PolicyCheck, PolicyOutput, PolicyStatus
 
 # Constants
 PROCESSING_RETRY_DELAY = 5  # seconds
@@ -171,7 +171,7 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
         self.url = url.strip().rstrip('/') if url else None
         self.dep_track_service = DependencyTrackService(self.api_key, self.url, debug=debug, trace=trace, quiet=quiet)
 
-    def _json(self, project_violations: list[PolicyViolationDict]) -> Dict[str, Any]:
+    def _json(self, project_violations: list[PolicyViolationDict]) -> PolicyOutput:
         """
         Format project violations as JSON.
         
@@ -181,12 +181,12 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
         Returns:
             Dictionary containing JSON formatted results and summary
         """
-        return {
-            "details": json.dumps(project_violations, indent=2),
-            "summary": f'{len(project_violations)} policy violations were found.\n',
-        }
+        return PolicyOutput(
+            details= json.dumps(project_violations, indent=2),
+            summary= f'{len(project_violations)} policy violations were found.\n',
+        )
 
-    def _markdown(self, project_violations: list[PolicyViolationDict]) -> Dict[str, Any]:
+    def _markdown(self, project_violations: list[PolicyViolationDict]) -> PolicyOutput:
         """
         Format Dependency Track violations to Markdown format.
         
@@ -198,7 +198,7 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
         """
         return self._md_summary_generator(project_violations, generate_table)
 
-    def _jira_markdown(self, data: list[PolicyViolationDict]) -> Dict[str, Any]:
+    def _jira_markdown(self, data: list[PolicyViolationDict]) -> PolicyOutput:
         """
         Format project violations for Jira Markdown.
         
@@ -357,8 +357,7 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
             self.print_stderr(f'Error: Failed to get project uuid from: {dt_project}')
             raise ValueError(f'Error: Project {self.project_name}@{self.project_version} does not have a valid UUID')
 
-    @staticmethod
-    def _sort_project_violations(violations: List[PolicyViolationDict]) -> List[PolicyViolationDict]:
+    def _sort_project_violations(self,violations: List[PolicyViolationDict]) -> List[PolicyViolationDict]:
         """
         Sort project violations by priority.
         
@@ -377,7 +376,7 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
             key=lambda x: -type_priority.get(x.get('type', 'OTHER'), 1)
         )
 
-    def _md_summary_generator(self, project_violations: list[PolicyViolationDict], table_generator):
+    def _md_summary_generator(self, project_violations: list[PolicyViolationDict], table_generator) -> PolicyOutput:
         """
         Generates a Markdown summary of project policy violations.
 
@@ -396,10 +395,10 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
         """
         if project_violations is None:
             self.print_stderr('Warning: No project violations found. Returning empty results.')
-            return {
-                "details": "h3. Dependency Track Project Violations\n\nNo policy violations found.\n",
-                "summary": "0 policy violations were found.\n",
-            }
+            return PolicyOutput(
+                details= "h3. Dependency Track Project Violations\n\nNo policy violations found.\n",
+                summary= "0 policy violations were found.\n",
+            )
         headers = ['State', 'Risk Type', 'Policy Name', 'Component', 'Date']
         c_cols = [0, 1]
         rows: List[List[str]] = []
@@ -424,11 +423,11 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
             ]
             rows.append(row)
         # End for loop
-        return {
-            "details": f'### Dependency Track Project Violations\n{table_generator(headers, rows, c_cols)}\n\n'
+        return PolicyOutput(
+            details= f'### Dependency Track Project Violations\n{table_generator(headers, rows, c_cols)}\n\n'
                        f'View project in Dependency Track [here]({self.url}/projects/{self.project_id}).\n',
-            "summary": f'{len(project_violations)} policy violations were found.\n'
-        }
+            summary= f'{len(project_violations)} policy violations were found.\n'
+        )
 
     def run(self) -> int:
         """
@@ -470,10 +469,11 @@ class DependencyTrackProjectViolationPolicyCheck(PolicyCheck[PolicyViolationDict
             self.print_stderr('Error: Invalid format specified.')
             return PolicyStatus.ERROR.value
         # Format and output data - handle empty results gracefully
-        data = formatter(self._sort_project_violations(dt_project_violations))
-        self.print_to_file_or_stdout(data['details'], self.output)
-        self.print_to_file_or_stderr(data['summary'], self.status)
+        policy_output = formatter(self._sort_project_violations(dt_project_violations))
+        self.print_to_file_or_stdout(policy_output.details, self.output)
+        self.print_to_file_or_stderr(policy_output.summary, self.status)
         # Return appropriate status based on violation count
         if len(dt_project_violations) > 0:
             return PolicyStatus.POLICY_FAIL.value
         return PolicyStatus.POLICY_SUCCESS.value
+