PyPI - scanoss - Versions diffs - 1.43.1__tar.gz → 1.45.0__tar.gz - Mend

scanoss 1.43.1tar.gz → 1.45.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (127) hide show

{scanoss-1.43.1 → scanoss-1.45.0}/PACKAGE.md RENAMED Viewed

@@ -117,8 +117,8 @@ if __name__ == "__main__":
 ```
 ## Scanning URL and API Key
-By Default, scanoss uses the API URL endpoint for SCANOSS OSS KB: https://api.osskb.org/scan/direct.
-This API does not require an API key.
+By Default, scanoss uses the API base URL for SCANOSS OSS KB: https://api.osskb.org.
+The `/scan/direct` endpoint is automatically appended. This API does not require an API key.
 These values can be changed from the command line using:
 ```bash

{scanoss-1.43.1/src/scanoss.egg-info → scanoss-1.45.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.43.1
+Version: 1.45.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS
@@ -156,8 +156,8 @@ if __name__ == "__main__":
 ```
 ## Scanning URL and API Key
-By Default, scanoss uses the API URL endpoint for SCANOSS OSS KB: https://api.osskb.org/scan/direct.
-This API does not require an API key.
+By Default, scanoss uses the API base URL for SCANOSS OSS KB: https://api.osskb.org.
+The `/scan/direct` endpoint is automatically appended. This API does not require an API key.
 These values can be changed from the command line using:
 ```bash

{scanoss-1.43.1 → scanoss-1.45.0}/src/scanoss/__init__.py RENAMED Viewed

@@ -22,4 +22,4 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
-__version__ = '1.43.1'
+__version__ = '1.45.0'

{scanoss-1.43.1 → scanoss-1.45.0}/src/scanoss/cli.py RENAMED Viewed

@@ -190,6 +190,44 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
         '--no-wfp-output', action='store_true',
         help='DEPRECATED: Scans no longer generate scanner_output.wfp. Use "fingerprint -o" to create WFP files.'
     )
+    p_scan.add_argument(
+        '--wfp-output', type=str, metavar='FILE',
+        help='Save fingerprints to specified file during scan'
+    )
+    # Snippet tuning options
+    p_scan.add_argument(
+        '--min-snippet-hits',
+        type=int,
+        default=None,
+        help='Minimum snippet hits required. A value of 0 defers to server configuration (optional)',
+    )
+    p_scan.add_argument(
+        '--min-snippet-lines',
+        type=int,
+        default=None,
+        help='Minimum snippet lines required. A value of 0 defers to server configuration (optional)',
+    )
+    p_scan.add_argument(
+        '--ranking',
+        type=str,
+        choices=['unset' ,'true', 'false'],
+        default='unset',
+        help='Enable or disable ranking (optional - default: server configuration)',
+    )
+    p_scan.add_argument(
+        '--ranking-threshold',
+        type=int,
+        default=-1,
+        help='Ranking threshold value. Valid range: -1 to 10. A value of -1 defers to server configuration (optional)',
+    )
+    p_scan.add_argument(
+        '--honour-file-exts',
+        type=str,
+        choices=['unset','true', 'false'],
+        default='unset',
+        help='Honour file extensions during scanning. When not set, defers to server configuration (optional)',
+    )
     # Sub-command: fingerprint
     p_wfp = subparsers.add_parser(
@@ -1076,7 +1114,7 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
     # Global Scan command options
     for p in [p_scan, p_cs]:
         p.add_argument(
-            '--apiurl', type=str, help='SCANOSS API URL (optional - default: https://api.osskb.org/scan/direct)'
+            '--apiurl', type=str, help='SCANOSS API base URL (optional - default: https://api.osskb.org)'
         )
     # Global Scan/Fingerprint filter options
@@ -1377,11 +1415,11 @@ def wfp(parser, args):
         initialise_empty_file(args.output)
     # Load scan settings
-    scan_settings = None
+    scanoss_settings = None
     if not args.skip_settings_file:
-        scan_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
+        scanoss_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
         try:
-            scan_settings.load_json_file(args.settings, args.scan_dir)
+            scanoss_settings.load_json_file(args.settings, args.scan_dir)
         except ScanossSettingsError as e:
             print_stderr(f'Error: {e}')
             sys.exit(1)
@@ -1403,7 +1441,7 @@ def wfp(parser, args):
         skip_md5_ids=args.skip_md5,
         strip_hpsm_ids=args.strip_hpsm,
         strip_snippet_ids=args.strip_snippet,
-        scan_settings=scan_settings,
+        scanoss_settings=scanoss_settings,
         skip_headers=args.skip_headers,
         skip_headers_limit=args.skip_headers_limit,
     )
@@ -1487,20 +1525,20 @@ def scan(parser, args):  # noqa: PLR0912, PLR0915
         print_stderr('ERROR: Cannot specify both --settings and --skip-file-settings options.')
         sys.exit(1)
     # Figure out which settings (if any) to load before processing
-    scan_settings = None
+    scanoss_settings = None
     if not args.skip_settings_file:
-        scan_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
+        scanoss_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
         try:
             if args.identify:
-                scan_settings.load_json_file(args.identify, args.scan_dir).set_file_type('legacy').set_scan_type(
+                scanoss_settings.load_json_file(args.identify, args.scan_dir).set_file_type('legacy').set_scan_type(
                     'identify'
                 )
             elif args.ignore:
-                scan_settings.load_json_file(args.ignore, args.scan_dir).set_file_type('legacy').set_scan_type(
+                scanoss_settings.load_json_file(args.ignore, args.scan_dir).set_file_type('legacy').set_scan_type(
                     'blacklist'
                 )
             else:
-                scan_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
+                scanoss_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
         except ScanossSettingsError as e:
             print_stderr(f'Error: {e}')
@@ -1596,11 +1634,17 @@ def scan(parser, args):  # noqa: PLR0912, PLR0915
         skip_md5_ids=args.skip_md5,
         strip_hpsm_ids=args.strip_hpsm,
         strip_snippet_ids=args.strip_snippet,
-        scan_settings=scan_settings,
+        scanoss_settings=scanoss_settings,
         req_headers=process_req_headers(args.header),
         use_grpc=args.grpc,
+        min_snippet_hits=args.min_snippet_hits,
+        min_snippet_lines=args.min_snippet_lines,
+        ranking=args.ranking,
+        ranking_threshold=args.ranking_threshold,
+        honour_file_exts=args.honour_file_exts,
         skip_headers=args.skip_headers,
         skip_headers_limit=args.skip_headers_limit,
+        wfp_output=args.wfp_output,
     )
     if args.wfp:
         if not scanner.is_file_or_snippet_scan():

scanoss-1.45.0/src/scanoss/data/build_date.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ date: 20260202142827, utime: 1770042507

{scanoss-1.43.1 → scanoss-1.45.0}/src/scanoss/data/scanoss-settings-schema.json RENAMED Viewed

@@ -139,6 +139,100 @@
               }
             }
           }
+        },
+        "file_snippet": {
+          "type": "object",
+          "description": "File snippet scanning configuration",
+          "properties": {
+            "proxy": {
+              "type": "object",
+              "description": "Proxy configuration for file snippet requests",
+              "properties": {
+                "host": {
+                  "type": "string",
+                  "description": "Proxy host URL"
+                }
+              }
+            },
+            "http_config": {
+              "type": "object",
+              "description": "HTTP configuration for file snippet requests",
+              "properties": {
+                "base_uri": {
+                  "type": "string",
+                  "description": "Base URI for file snippet API requests"
+                },
+                "ignore_cert_errors": {
+                  "type": "boolean",
+                  "description": "Whether to ignore certificate errors"
+                }
+              }
+            },
+            "ranking_enabled": {
+              "type": ["boolean", "null"],
+              "description": "Enable/disable ranking",
+              "default": null
+            },
+            "ranking_threshold": {
+              "type": ["integer", "null"],
+              "description": "Ranking threshold value. A value of -1 defers to server configuration",
+              "minimum": -1,
+              "maximum": 99,
+              "default": 0
+            },
+            "min_snippet_hits": {
+              "type": "integer",
+              "description": "Minimum snippet hits required",
+              "minimum": 0,
+              "default": 0
+            },
+            "min_snippet_lines": {
+              "type": "integer",
+              "description": "Minimum snippet lines required",
+              "minimum": 0,
+              "default": 0
+            },
+            "honour_file_exts": {
+              "type": ["boolean", "null"],
+              "description": "Ignores file extensions. When not set, defers to server configuration.",
+              "default": true
+            },
+            "dependency_analysis": {
+              "type": "boolean",
+              "description": "Enable dependency analysis"
+            },
+            "skip_headers": {
+              "type": "boolean",
+              "description": "Skip license headers, comments and imports at the beginning of files",
+              "default": false
+            },
+            "skip_headers_limit": {
+              "type": "integer",
+              "description": "Maximum number of lines to skip when filtering headers",
+              "default": 0
+            }
+          }
+        },
+        "hpfm": {
+          "type": "object",
+          "description": "HPFM (High Precision Folder Matching) configuration",
+          "properties": {
+            "ranking_enabled": {
+              "type": "boolean",
+              "description": "Enable ranking for HPFM"
+            },
+            "ranking_threshold": {
+              "type": ["integer", "null"],
+              "description": "Ranking threshold value. A value of -1 defers to server configuration",
+              "minimum": -1,
+              "maximum": 99,
+              "default": 0
+            }
+          }
+        },
+        "container": {
+          "type": "object",
+          "description": "Container scanning configuration"
         }
       }
     },

scanoss-1.45.0/src/scanoss/scan_settings_builder.py ADDED Viewed

@@ -0,0 +1,311 @@
+"""
+SPDX-License-Identifier: MIT
+  Copyright (c) 2025, SCANOSS
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
+"""
+from typing import TYPE_CHECKING, Optional
+from .scanossbase import ScanossBase
+if TYPE_CHECKING:
+    from .scanoss_settings import ScanossSettings
+MAX_RANKING_THRESHOLD = 10
+class ScanSettingsBuilder(ScanossBase):
+    """Builder class for merging CLI arguments with scanoss.json settings file values.
+    This class implements an API for merging scan configuration
+    from multiple sources with the following priority order:
+     1. settings.file_snippet section in scanoss.json (highest priority)
+     2. settings section in scanoss.json (middle priority)
+     3. CLI arguments (lowest priority - used as fallback)
+    Attributes:
+        proxy: Merged proxy host URL
+        url: Merged API base URL
+        ignore_cert_errors: Whether to ignore SSL certificate errors
+        min_snippet_hits: Minimum snippet hits required for matching
+        min_snippet_lines: Minimum snippet lines required for matching
+        honour_file_exts: Whether to honour file extensions during scanning
+        ranking: Whether ranking is enabled
+        ranking_threshold: Ranking threshold value
+    """
+    def __init__(
+        self,
+        scanoss_settings: 'ScanossSettings | None',
+        debug: bool = False,
+        trace: bool = False,
+        quiet: bool = False,
+    ):
+        """Initialize the builder with optional scanoss settings.
+        Args:
+            scanoss_settings: ScanossSettings instance loaded from scanoss.json,
+                              or None if no settings file is available.
+            debug: Enable debug output
+            trace: Enable trace output
+            quiet: Enable quiet mode
+        """
+        super().__init__(debug=debug, trace=trace, quiet=quiet)
+        self.scanoss_settings = scanoss_settings
+        # Merged values
+        self.proxy: Optional[str] = None
+        self.url: Optional[str] = None
+        self.ignore_cert_errors: bool = False
+        self.min_snippet_hits: Optional[int] = None
+        self.min_snippet_lines: Optional[int] = None
+        self.honour_file_exts: Optional[any] = None
+        self.ranking: Optional[any] = None
+        self.ranking_threshold: Optional[int] = None
+    def with_proxy(self, cli_value: str = None) -> 'ScanSettingsBuilder':
+        """Set proxy host with priority: file_snippet.proxy.host > settings.proxy.host > CLI.
+        Args:
+            cli_value: Proxy host from CLI argument (e.g., 'http://proxy:8080')
+        Returns:
+            Self for method chaining
+        """
+        self.proxy = self._merge_with_priority(
+            cli_value,
+            self._get_proxy_host(self._get_file_snippet_proxy()),
+            self._get_proxy_host(self._get_root_proxy())
+        )
+        return self
+    def with_url(self, cli_value: str = None) -> 'ScanSettingsBuilder':
+        """Set API base URL with priority: file_snippet.http_config.base_uri > settings.http_config.base_uri > CLI.
+        Args:
+            cli_value: API base URL from CLI argument (e.g., 'https://api.scanoss.com')
+        Returns:
+            Self for method chaining
+        """
+        self.url = self._merge_with_priority(
+            cli_value,
+            self._get_file_snippet_http_config_value('base_uri'),
+            self._get_http_config_value('base_uri')
+        )
+        return self
+    def with_ignore_cert_errors(self, cli_value: bool = False) -> 'ScanSettingsBuilder':
+        """Set ignore_cert_errors with priority: CLI True > file_snippet > settings > False.
+        Note: CLI value only takes effect if True (flag present). False means
+        the flag was not provided, so settings file values are checked.
+        Args:
+            cli_value: Whether to ignore SSL certificate errors from CLI flag
+        Returns:
+            Self for method chaining
+        """
+        result = self._merge_with_priority(
+            cli_value if cli_value else None,
+            self._get_file_snippet_http_config_value('ignore_cert_errors'),
+            self._get_http_config_value('ignore_cert_errors')
+        )
+        self.ignore_cert_errors = result if result is not None else False
+        return self
+    def with_min_snippet_hits(self, cli_value: int = None) -> 'ScanSettingsBuilder':
+        """Set minimum snippet hits with priority: settings.file_snippet.min_snippet_hits > CLI.
+        Minimum allowed value is 0. Values below 0 will be clamped and logged.
+        Args:
+            cli_value: Minimum snippet hits from CLI argument
+        Returns:
+            Self for method chaining
+        """
+        self.min_snippet_hits = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('min_snippet_hits')
+        )
+        if self.min_snippet_hits is not None and self.min_snippet_hits < 0:
+            self.print_msg(
+                f'WARNING: min-snippet-hits value {self.min_snippet_hits} is below minimum allowed (0). '
+                f'Setting to 0.'
+            )
+            self.min_snippet_hits = 0
+        return self
+    def with_min_snippet_lines(self, cli_value: int = None) -> 'ScanSettingsBuilder':
+        """Set minimum snippet lines with priority: settings.file_snippet.min_snippet_lines > CLI.
+        Minimum allowed value is 0. Values below 0 will be clamped and logged.
+        Args:
+            cli_value: Minimum snippet lines from CLI argument
+        Returns:
+            Self for method chaining
+        """
+        self.min_snippet_lines = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('min_snippet_lines')
+        )
+        if self.min_snippet_lines is not None and self.min_snippet_lines < 0:
+            self.print_msg(
+                f'WARNING: min-snippet-lines value {self.min_snippet_lines} is below minimum allowed (0). '
+                f'Setting to 0.'
+            )
+            self.min_snippet_lines = 0
+        return self
+    def with_honour_file_exts(self, cli_value: str = None) -> 'ScanSettingsBuilder':
+        """Set honour_file_exts with priority: settings.file_snippet.honour_file_exts > CLI.
+        Args:
+            cli_value: String 'true', 'false', or 'unset' from CLI argument
+        Returns:
+            Self for method chaining
+        """
+        self.honour_file_exts = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('honour_file_exts')
+        )
+        ## Convert to boolean
+        if self.honour_file_exts is not None and self.honour_file_exts!= 'unset':
+            self.honour_file_exts = self._str_to_bool(self.honour_file_exts)
+        return self
+    def with_ranking(self, cli_value: str = None) -> 'ScanSettingsBuilder':
+        """Set ranking enabled with priority: settings.file_snippet.ranking_enabled > CLI.
+        Args:
+            cli_value: String 'true', 'false', or 'unset' from CLI argument
+        Returns:
+            Self for method chaining
+        """
+        self.ranking = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('ranking_enabled')
+        )
+        if self.ranking is not None and self.ranking != 'unset':
+            self.ranking = self._str_to_bool(self.ranking)
+        return self
+    def with_ranking_threshold(self, cli_value: int = None) -> 'ScanSettingsBuilder':
+        """Set ranking threshold with priority: settings.file_snippet.ranking_threshold > CLI.
+        Valid range is -1 to 10. Values outside this range will be clamped and logged.
+        Args:
+            cli_value: Ranking threshold from CLI argument
+        Returns:
+            Self for method chaining
+        """
+        self.ranking_threshold = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('ranking_threshold')
+        )
+        if self.ranking_threshold is not None:
+            if self.ranking_threshold > MAX_RANKING_THRESHOLD:
+                self.print_msg(
+                    f'WARNING: ranking-threshold value {self.ranking_threshold} exceeds maximum allowed '
+                    f'({MAX_RANKING_THRESHOLD}). Setting to {MAX_RANKING_THRESHOLD}.'
+                )
+                self.ranking_threshold = MAX_RANKING_THRESHOLD
+            elif self.ranking_threshold < -1:
+                self.print_msg(
+                    f'WARNING: ranking-threshold value {self.ranking_threshold} is below minimum allowed (-1). '
+                    f'Setting to -1.'
+                )
+                self.ranking_threshold = -1
+        return self
+    # Private helper methods
+    @staticmethod
+    def _merge_with_priority(cli_value, file_snippet_value, root_value):
+        """Merge with priority: file_snippet > root settings > CLI"""
+        if file_snippet_value is not None:
+            return file_snippet_value
+        if root_value is not None:
+            return root_value
+        return cli_value
+    @staticmethod
+    def _merge_cli_with_settings(cli_value, settings_value):
+        """Merge CLI value with settings, with settings taking priority over CLI.
+        Returns settings_value if not None, otherwise falls back to cli_value.
+        """
+        if settings_value is not None:
+            return settings_value
+        return cli_value
+    @staticmethod
+    def _str_to_bool(value: str) -> Optional[bool]:
+        """Convert string 'true'/'false' to boolean."""
+        if value is None:
+            return None
+        if isinstance(value, bool):
+            return value
+        return value.lower() == 'true'
+    # Methods to extract values from scanoss_settings
+    def _get_file_snippet_setting(self, key: str):
+        """Get a setting from the file_snippet section."""
+        if not self.scanoss_settings:
+            return None
+        return self.scanoss_settings.get_file_snippet_settings().get(key)
+    def _get_file_snippet_proxy(self):
+        """Get proxy config from file_snippet section."""
+        return self.scanoss_settings.get_file_snippet_proxy() if self.scanoss_settings else None
+    def _get_root_proxy(self):
+        """Get proxy config from root settings section."""
+        return self.scanoss_settings.get_proxy() if self.scanoss_settings else None
+    @staticmethod
+    def _get_proxy_host(proxy_config) -> Optional[str]:
+        """Extract host from proxy configuration dict."""
+        if proxy_config is None:
+            return None
+        host = proxy_config.get('host')
+        return host if host else None
+    def _get_http_config_value(self, key: str):
+        """Extract a value from http_config dict."""
+        if not self.scanoss_settings:
+            return None
+        config = self.scanoss_settings.get_http_config()
+        return config.get(key) if config else None
+    def _get_file_snippet_http_config_value(self, key: str):
+        """Extract a value from file_snippet http_config dict."""
+        if not self.scanoss_settings:
+            return None
+        config = self.scanoss_settings.get_file_snippet_http_config()
+        return config.get(key) if config else None

scanoss 1.43.1__tar.gz → 1.45.0__tar.gz

scanoss 1.43.1tar.gz → 1.45.0tar.gz