scanoss 1.43.0__tar.gz → 1.44.0__tar.gz

{scanoss-1.43.0 → scanoss-1.44.0}/PACKAGE.md

@@ -117,8 +117,8 @@ if __name__ == "__main__":
 ```
 
 ## Scanning URL and API Key
-By Default, scanoss uses the API URL endpoint for SCANOSS OSS KB: https://api.osskb.org/scan/direct.
-This API does not require an API key.
+By Default, scanoss uses the API base URL for SCANOSS OSS KB: https://api.osskb.org.
+The `/scan/direct` endpoint is automatically appended. This API does not require an API key.
 
 These values can be changed from the command line using:
 ```bash

{scanoss-1.43.0/src/scanoss.egg-info → scanoss-1.44.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.43.0
+Version: 1.44.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -156,8 +156,8 @@ if __name__ == "__main__":
 ```
 
 ## Scanning URL and API Key
-By Default, scanoss uses the API URL endpoint for SCANOSS OSS KB: https://api.osskb.org/scan/direct.
-This API does not require an API key.
+By Default, scanoss uses the API base URL for SCANOSS OSS KB: https://api.osskb.org.
+The `/scan/direct` endpoint is automatically appended. This API does not require an API key.
 
 These values can be changed from the command line using:
 ```bash

{scanoss-1.43.0 → scanoss-1.44.0}/src/scanoss/__init__.py

@@ -22,4 +22,4 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
 
-__version__ = '1.43.0'
+__version__ = '1.44.0'

{scanoss-1.43.0 → scanoss-1.44.0}/src/scanoss/cli.py

@@ -186,6 +186,14 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
     )
     p_scan.add_argument('--dep-scope-inc', '-dsi', type=str, help='Include dependencies with declared scopes')
     p_scan.add_argument('--dep-scope-exc', '-dse', type=str, help='Exclude dependencies with declared scopes')
+    p_scan.add_argument(
+        '--no-wfp-output', action='store_true',
+        help='DEPRECATED: Scans no longer generate scanner_output.wfp. Use "fingerprint -o" to create WFP files.'
+    )
+    p_scan.add_argument(
+        '--wfp-output', type=str, metavar='FILE',
+        help='Save fingerprints to specified file during scan'
+    )
 
     # Sub-command: fingerprint
     p_wfp = subparsers.add_parser(
@@ -1072,7 +1080,7 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
     # Global Scan command options
     for p in [p_scan, p_cs]:
         p.add_argument(
-            '--apiurl', type=str, help='SCANOSS API URL (optional - default: https://api.osskb.org/scan/direct)'
+            '--apiurl', type=str, help='SCANOSS API base URL (optional - default: https://api.osskb.org)'
         )
 
     # Global Scan/Fingerprint filter options
@@ -1470,6 +1478,8 @@ def scan(parser, args):  # noqa: PLR0912, PLR0915
         )
         parser.parse_args([args.subparser, '-h'])
         sys.exit(1)
+    if args.no_wfp_output:
+        print_stderr('Warning: --no-wfp-output is deprecated and has no effect. It will be removed in a future version')
     if args.pac and args.proxy:
         print_stderr('Please specify one of --proxy or --pac, not both')
         parser.parse_args([args.subparser, '-h'])
@@ -1595,6 +1605,7 @@ def scan(parser, args):  # noqa: PLR0912, PLR0915
         use_grpc=args.grpc,
         skip_headers=args.skip_headers,
         skip_headers_limit=args.skip_headers_limit,
+        wfp_output=args.wfp_output,
     )
     if args.wfp:
         if not scanner.is_file_or_snippet_scan():

scanoss-1.44.0/src/scanoss/data/build_date.txt

@@ -0,0 +1 @@
+date: 20260122124532, utime: 1769085932

{scanoss-1.43.0 → scanoss-1.44.0}/src/scanoss/scanner.py

@@ -108,6 +108,7 @@ class Scanner(ScanossBase):
         use_grpc: bool = False,
         skip_headers: bool = False,
         skip_headers_limit: int = 0,
+        wfp_output: str = None,
     ):
         """
         Initialise scanning class, including Winnowing, ScanossApi, ThreadedScanning
@@ -119,6 +120,7 @@ class Scanner(ScanossBase):
             skip_extensions = []
         self.scan_output = scan_output
         self.output_format = output_format
+        self.wfp_output = wfp_output
         self.isatty = sys.stderr.isatty()
         self.all_extensions = all_extensions
         self.all_folders = all_folders
@@ -373,6 +375,7 @@ class Scanner(ScanossBase):
             file_count = 0  # count all files fingerprinted
             wfp_file_count = 0  # count number of files in each queue post
             scan_started = False
+            wfp_list = [] if self.wfp_output else None  # Collect WFPs if output file is specified
 
             to_scan_files = file_filters.get_filtered_files_from_folder(scan_dir)
             for to_scan_file in to_scan_files:
@@ -387,6 +390,8 @@ class Scanner(ScanossBase):
                 if wfp is None or wfp == '':
                     self.print_debug(f'No WFP returned for {to_scan_file}. Skipping.')
                     continue
+                if wfp_list is not None:
+                    wfp_list.append(wfp)
                 file_count += 1
                 if self.threaded_scan:
                     wfp_size = len(wfp.encode('utf-8'))
@@ -420,6 +425,10 @@ class Scanner(ScanossBase):
                 self.threaded_scan.queue_add(scan_block)  # Make sure all files have been submitted
 
         if file_count > 0:
+            if wfp_list is not None:
+                self.print_debug(f'Writing fingerprints to {self.wfp_output}')
+                with open(self.wfp_output, 'w') as f:
+                    f.write(''.join(wfp_list))
             if self.threaded_scan:
                 success = self.__run_scan_threaded(scan_started, file_count)
         else:
@@ -633,6 +642,7 @@ class Scanner(ScanossBase):
             file_count = 0  # count all files fingerprinted
             wfp_file_count = 0  # count number of files in each queue post
             scan_started = False
+            wfp_list = [] if self.wfp_output else None  # Collect WFPs if output file is specified
 
             to_scan_files = file_filters.get_filtered_files_from_files(files)
             for file in to_scan_files:
@@ -646,6 +656,8 @@ class Scanner(ScanossBase):
                 if wfp is None or wfp == '':
                     self.print_debug(f'No WFP returned for {file}. Skipping.')
                     continue
+                if wfp_list is not None:
+                    wfp_list.append(wfp)
                 file_count += 1
                 if self.threaded_scan:
                     wfp_size = len(wfp.encode('utf-8'))
@@ -680,6 +692,10 @@ class Scanner(ScanossBase):
                 self.threaded_scan.queue_add(scan_block)  # Make sure all files have been submitted
 
         if file_count > 0:
+            if wfp_list is not None:
+                self.print_debug(f'Writing fingerprints to {self.wfp_output}')
+                with open(self.wfp_output, 'w') as f:
+                    f.write(''.join(wfp_list))
             if self.threaded_scan:
                 success = self.__run_scan_threaded(scan_started, file_count)
         else:

{scanoss-1.43.0 → scanoss-1.44.0}/src/scanoss/scanossapi.py

@@ -29,6 +29,7 @@ import sys
 import time
 import uuid
 from json.decoder import JSONDecodeError
+from urllib.parse import urlparse, urlunparse
 
 import requests
 import urllib3
@@ -40,8 +41,9 @@ from . import __version__
 from .constants import DEFAULT_TIMEOUT, MIN_TIMEOUT
 from .scanossbase import ScanossBase
 
-DEFAULT_URL = 'https://api.osskb.org/scan/direct'  # default free service URL
-DEFAULT_URL2 = 'https://api.scanoss.com/scan/direct'  # default premium service URL
+DEFAULT_URL = 'https://api.osskb.org'  # default free service base URL
+DEFAULT_URL2 = 'https://api.scanoss.com'  # default premium service base URL
+SCAN_ENDPOINT = '/scan/direct'  # scan endpoint path
 SCANOSS_SCAN_URL = os.environ.get('SCANOSS_SCAN_URL') if os.environ.get('SCANOSS_SCAN_URL') else DEFAULT_URL
 SCANOSS_API_KEY = os.environ.get('SCANOSS_API_KEY') if os.environ.get('SCANOSS_API_KEY') else ''
 
@@ -52,6 +54,33 @@ class ScanossApi(ScanossBase):
     Currently support posting scan requests to the SCANOSS streaming API
     """
 
+    def normalize_api_url(self, url: str) -> str:
+        """
+        Normalize API URL to ensure it's a base URL with the scan endpoint appended.
+
+        If the URL contains a path component (e.g., /scan/direct), a warning is emitted
+        and the path is stripped to use only the base URL.
+
+        :param url: Input URL (can be base URL or full endpoint URL)
+        :return: Normalized URL with /scan/direct endpoint
+        """
+        if not url:
+            return url
+
+        url = url.strip()
+        parsed = urlparse(url)
+
+        if parsed.path and parsed.path != '/':
+            self.print_stderr(
+                f"Warning: URL '{url}' contains path '{parsed.path}'. "
+                f"Using base URL only: '{parsed.scheme}://{parsed.netloc}'"
+            )
+            base_url = urlunparse((parsed.scheme, parsed.netloc, '', '', '', ''))
+        else:
+            base_url = url.rstrip('/')
+
+        return f'{base_url}{SCAN_ENDPOINT}'
+
     def __init__(  # noqa: PLR0912, PLR0913, PLR0915
         self,
         scan_format: str = None,
@@ -74,7 +103,7 @@ class ScanossApi(ScanossBase):
         Initialise the SCANOSS API
         :param scan_format: Scan format (default plain)
         :param flags: Scanning flags (default None)
-        :param url: API URL (default https://api.osskb.org/scan/direct)
+        :param url: API base URL (default https://api.osskb.org). The /scan/direct endpoint is automatically appended.
         :param api_key: API Key (default None)
         :param debug: Enable debug (default False)
         :param trace: Enable trace (default False)
@@ -95,11 +124,11 @@ class ScanossApi(ScanossBase):
         self.ignore_cert_errors = ignore_cert_errors
         self.req_headers = req_headers if req_headers else {}
         self.headers = {}
-        # Set the correct URL/API key combination
-        self.url = url if url else SCANOSS_SCAN_URL
+        base_url = url if url else SCANOSS_SCAN_URL
         self.api_key = api_key if api_key else SCANOSS_API_KEY
         if self.api_key and not url and not os.environ.get('SCANOSS_SCAN_URL'):
-            self.url = DEFAULT_URL2  # API key specific and no alternative URL, so use the default premium
+            base_url = DEFAULT_URL2
+        self.url = self.normalize_api_url(base_url)
         if ver_details:
             self.headers['x-scanoss-client'] = ver_details
         if self.api_key:
@@ -113,7 +142,7 @@ class ScanossApi(ScanossBase):
         if self.trace:
             logging.basicConfig(stream=sys.stderr, level=logging.DEBUG)
             http_client.HTTPConnection.debuglevel = 1
-        if pac and not proxy:  # Setup PAC session if requested (and no proxy has been explicitly set)
+        if pac and not proxy:
             self.print_debug('Setting up PAC session...')
             self.session = PACSession(pac=pac)
         else:
@@ -269,19 +298,21 @@ class ScanossApi(ScanossBase):
 
     def load_generic_headers(self, url):
         """
-         Adds custom headers from req_headers to the headers collection.
+        Adds custom headers from req_headers to the headers collection.
 
-         If x-api-key is present and no URL is configured (directly or via
-         environment), sets URL to the premium endpoint (DEFAULT_URL2).
-         """
+        If x-api-key is present and no URL is configured (directly or via
+        environment), sets URL to the premium endpoint (DEFAULT_URL2).
+        """
         if self.req_headers:  # Load generic headers
             for key, value in self.req_headers.items():
-                if key == 'x-api-key': # Set premium URL if x-api-key header is set
+                if key == 'x-api-key':  # Set premium URL if x-api-key header is set
                     if not url and not os.environ.get('SCANOSS_SCAN_URL'):
-                        self.url = DEFAULT_URL2  # API key specific and no alternative URL, so use the default premium
+                        # API key specific and no alternative URL, so use the default premium
+                        self.url = self.normalize_api_url(DEFAULT_URL2)
                     self.api_key = value
                 self.headers[key] = value
 
+
 #
 # End of ScanossApi Class
 #

{scanoss-1.43.0 → scanoss-1.44.0/src/scanoss.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.43.0
+Version: 1.44.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -156,8 +156,8 @@ if __name__ == "__main__":
 ```
 
 ## Scanning URL and API Key
-By Default, scanoss uses the API URL endpoint for SCANOSS OSS KB: https://api.osskb.org/scan/direct.
-This API does not require an API key.
+By Default, scanoss uses the API base URL for SCANOSS OSS KB: https://api.osskb.org.
+The `/scan/direct` endpoint is automatically appended. This API does not require an API key.
 
 These values can be changed from the command line using:
 ```bash

scanoss-1.43.0/src/scanoss/data/build_date.txt

@@ -1 +0,0 @@
-date: 20260105093002, utime: 1767605402