scanoss 1.44.0__py3-none-any.whl → 1.45.0__py3-none-any.whl

scanoss/__init__.py

@@ -22,4 +22,4 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
 
-__version__ = '1.44.0'
+__version__ = '1.45.0'

scanoss/cli.py

@@ -195,6 +195,40 @@ def setup_args() -> None:  # noqa: PLR0912, PLR0915
         help='Save fingerprints to specified file during scan'
     )
 
+    # Snippet tuning options
+    p_scan.add_argument(
+        '--min-snippet-hits',
+        type=int,
+        default=None,
+        help='Minimum snippet hits required. A value of 0 defers to server configuration (optional)',
+    )
+    p_scan.add_argument(
+        '--min-snippet-lines',
+        type=int,
+        default=None,
+        help='Minimum snippet lines required. A value of 0 defers to server configuration (optional)',
+    )
+    p_scan.add_argument(
+        '--ranking',
+        type=str,
+        choices=['unset' ,'true', 'false'],
+        default='unset',
+        help='Enable or disable ranking (optional - default: server configuration)',
+    )
+    p_scan.add_argument(
+        '--ranking-threshold',
+        type=int,
+        default=-1,
+        help='Ranking threshold value. Valid range: -1 to 10. A value of -1 defers to server configuration (optional)',
+    )
+    p_scan.add_argument(
+        '--honour-file-exts',
+        type=str,
+        choices=['unset','true', 'false'],
+        default='unset',
+        help='Honour file extensions during scanning. When not set, defers to server configuration (optional)',
+    )
+
     # Sub-command: fingerprint
     p_wfp = subparsers.add_parser(
         'fingerprint',
@@ -1381,11 +1415,11 @@ def wfp(parser, args):
         initialise_empty_file(args.output)
 
     # Load scan settings
-    scan_settings = None
+    scanoss_settings = None
     if not args.skip_settings_file:
-        scan_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
+        scanoss_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
         try:
-            scan_settings.load_json_file(args.settings, args.scan_dir)
+            scanoss_settings.load_json_file(args.settings, args.scan_dir)
         except ScanossSettingsError as e:
             print_stderr(f'Error: {e}')
             sys.exit(1)
@@ -1407,7 +1441,7 @@ def wfp(parser, args):
         skip_md5_ids=args.skip_md5,
         strip_hpsm_ids=args.strip_hpsm,
         strip_snippet_ids=args.strip_snippet,
-        scan_settings=scan_settings,
+        scanoss_settings=scanoss_settings,
         skip_headers=args.skip_headers,
         skip_headers_limit=args.skip_headers_limit,
     )
@@ -1491,20 +1525,20 @@ def scan(parser, args):  # noqa: PLR0912, PLR0915
         print_stderr('ERROR: Cannot specify both --settings and --skip-file-settings options.')
         sys.exit(1)
     # Figure out which settings (if any) to load before processing
-    scan_settings = None
+    scanoss_settings = None
     if not args.skip_settings_file:
-        scan_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
+        scanoss_settings = ScanossSettings(debug=args.debug, trace=args.trace, quiet=args.quiet)
         try:
             if args.identify:
-                scan_settings.load_json_file(args.identify, args.scan_dir).set_file_type('legacy').set_scan_type(
+                scanoss_settings.load_json_file(args.identify, args.scan_dir).set_file_type('legacy').set_scan_type(
                     'identify'
                 )
             elif args.ignore:
-                scan_settings.load_json_file(args.ignore, args.scan_dir).set_file_type('legacy').set_scan_type(
+                scanoss_settings.load_json_file(args.ignore, args.scan_dir).set_file_type('legacy').set_scan_type(
                     'blacklist'
                 )
             else:
-                scan_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
+                scanoss_settings.load_json_file(args.settings, args.scan_dir).set_file_type('new')
 
         except ScanossSettingsError as e:
             print_stderr(f'Error: {e}')
@@ -1600,9 +1634,14 @@ def scan(parser, args):  # noqa: PLR0912, PLR0915
         skip_md5_ids=args.skip_md5,
         strip_hpsm_ids=args.strip_hpsm,
         strip_snippet_ids=args.strip_snippet,
-        scan_settings=scan_settings,
+        scanoss_settings=scanoss_settings,
         req_headers=process_req_headers(args.header),
         use_grpc=args.grpc,
+        min_snippet_hits=args.min_snippet_hits,
+        min_snippet_lines=args.min_snippet_lines,
+        ranking=args.ranking,
+        ranking_threshold=args.ranking_threshold,
+        honour_file_exts=args.honour_file_exts,
         skip_headers=args.skip_headers,
         skip_headers_limit=args.skip_headers_limit,
         wfp_output=args.wfp_output,

scanoss/data/build_date.txt

@@ -1 +1 @@
-date: 20260122124532, utime: 1769085932
+date: 20260202142827, utime: 1770042507

scanoss/data/scanoss-settings-schema.json

@@ -139,6 +139,100 @@
               }
             }
           }
+        },
+        "file_snippet": {
+          "type": "object",
+          "description": "File snippet scanning configuration",
+          "properties": {
+            "proxy": {
+              "type": "object",
+              "description": "Proxy configuration for file snippet requests",
+              "properties": {
+                "host": {
+                  "type": "string",
+                  "description": "Proxy host URL"
+                }
+              }
+            },
+            "http_config": {
+              "type": "object",
+              "description": "HTTP configuration for file snippet requests",
+              "properties": {
+                "base_uri": {
+                  "type": "string",
+                  "description": "Base URI for file snippet API requests"
+                },
+                "ignore_cert_errors": {
+                  "type": "boolean",
+                  "description": "Whether to ignore certificate errors"
+                }
+              }
+            },
+            "ranking_enabled": {
+              "type": ["boolean", "null"],
+              "description": "Enable/disable ranking",
+              "default": null
+            },
+            "ranking_threshold": {
+              "type": ["integer", "null"],
+              "description": "Ranking threshold value. A value of -1 defers to server configuration",
+              "minimum": -1,
+              "maximum": 99,
+              "default": 0
+            },
+            "min_snippet_hits": {
+              "type": "integer",
+              "description": "Minimum snippet hits required",
+              "minimum": 0,
+              "default": 0
+            },
+            "min_snippet_lines": {
+              "type": "integer",
+              "description": "Minimum snippet lines required",
+              "minimum": 0,
+              "default": 0
+            },
+            "honour_file_exts": {
+              "type": ["boolean", "null"],
+              "description": "Ignores file extensions. When not set, defers to server configuration.",
+              "default": true
+            },
+            "dependency_analysis": {
+              "type": "boolean",
+              "description": "Enable dependency analysis"
+            },
+            "skip_headers": {
+              "type": "boolean",
+              "description": "Skip license headers, comments and imports at the beginning of files",
+              "default": false
+            },
+            "skip_headers_limit": {
+              "type": "integer",
+              "description": "Maximum number of lines to skip when filtering headers",
+              "default": 0
+            }
+          }
+        },
+        "hpfm": {
+          "type": "object",
+          "description": "HPFM (High Precision Folder Matching) configuration",
+          "properties": {
+            "ranking_enabled": {
+              "type": "boolean",
+              "description": "Enable ranking for HPFM"
+            },
+            "ranking_threshold": {
+              "type": ["integer", "null"],
+              "description": "Ranking threshold value. A value of -1 defers to server configuration",
+              "minimum": -1,
+              "maximum": 99,
+              "default": 0
+            }
+          }
+        },
+        "container": {
+          "type": "object",
+          "description": "Container scanning configuration"
         }
       }
     },

scanoss/scan_settings_builder.py

@@ -0,0 +1,311 @@
+"""
+SPDX-License-Identifier: MIT
+
+  Copyright (c) 2025, SCANOSS
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy
+  of this software and associated documentation files (the "Software"), to deal
+  in the Software without restriction, including without limitation the rights
+  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+  copies of the Software, and to permit persons to whom the Software is
+  furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+  THE SOFTWARE.
+"""
+
+from typing import TYPE_CHECKING, Optional
+
+from .scanossbase import ScanossBase
+
+if TYPE_CHECKING:
+    from .scanoss_settings import ScanossSettings
+
+MAX_RANKING_THRESHOLD = 10
+
+
+class ScanSettingsBuilder(ScanossBase):
+    """Builder class for merging CLI arguments with scanoss.json settings file values.
+
+    This class implements an API for merging scan configuration
+    from multiple sources with the following priority order:
+     1. settings.file_snippet section in scanoss.json (highest priority)
+     2. settings section in scanoss.json (middle priority)
+     3. CLI arguments (lowest priority - used as fallback)
+
+    Attributes:
+        proxy: Merged proxy host URL
+        url: Merged API base URL
+        ignore_cert_errors: Whether to ignore SSL certificate errors
+        min_snippet_hits: Minimum snippet hits required for matching
+        min_snippet_lines: Minimum snippet lines required for matching
+        honour_file_exts: Whether to honour file extensions during scanning
+        ranking: Whether ranking is enabled
+        ranking_threshold: Ranking threshold value
+    """
+
+    def __init__(
+        self,
+        scanoss_settings: 'ScanossSettings | None',
+        debug: bool = False,
+        trace: bool = False,
+        quiet: bool = False,
+    ):
+        """Initialize the builder with optional scanoss settings.
+
+        Args:
+            scanoss_settings: ScanossSettings instance loaded from scanoss.json,
+                              or None if no settings file is available.
+            debug: Enable debug output
+            trace: Enable trace output
+            quiet: Enable quiet mode
+        """
+        super().__init__(debug=debug, trace=trace, quiet=quiet)
+        self.scanoss_settings = scanoss_settings
+        # Merged values
+        self.proxy: Optional[str] = None
+        self.url: Optional[str] = None
+        self.ignore_cert_errors: bool = False
+        self.min_snippet_hits: Optional[int] = None
+        self.min_snippet_lines: Optional[int] = None
+        self.honour_file_exts: Optional[any] = None
+        self.ranking: Optional[any] = None
+        self.ranking_threshold: Optional[int] = None
+
+    def with_proxy(self, cli_value: str = None) -> 'ScanSettingsBuilder':
+        """Set proxy host with priority: file_snippet.proxy.host > settings.proxy.host > CLI.
+
+        Args:
+            cli_value: Proxy host from CLI argument (e.g., 'http://proxy:8080')
+
+        Returns:
+            Self for method chaining
+        """
+        self.proxy = self._merge_with_priority(
+            cli_value,
+            self._get_proxy_host(self._get_file_snippet_proxy()),
+            self._get_proxy_host(self._get_root_proxy())
+        )
+        return self
+
+    def with_url(self, cli_value: str = None) -> 'ScanSettingsBuilder':
+        """Set API base URL with priority: file_snippet.http_config.base_uri > settings.http_config.base_uri > CLI.
+
+        Args:
+            cli_value: API base URL from CLI argument (e.g., 'https://api.scanoss.com')
+
+        Returns:
+            Self for method chaining
+        """
+        self.url = self._merge_with_priority(
+            cli_value,
+            self._get_file_snippet_http_config_value('base_uri'),
+            self._get_http_config_value('base_uri')
+        )
+        return self
+
+    def with_ignore_cert_errors(self, cli_value: bool = False) -> 'ScanSettingsBuilder':
+        """Set ignore_cert_errors with priority: CLI True > file_snippet > settings > False.
+
+        Note: CLI value only takes effect if True (flag present). False means
+        the flag was not provided, so settings file values are checked.
+
+        Args:
+            cli_value: Whether to ignore SSL certificate errors from CLI flag
+
+        Returns:
+            Self for method chaining
+        """
+        result = self._merge_with_priority(
+            cli_value if cli_value else None,
+            self._get_file_snippet_http_config_value('ignore_cert_errors'),
+            self._get_http_config_value('ignore_cert_errors')
+        )
+        self.ignore_cert_errors = result if result is not None else False
+        return self
+
+    def with_min_snippet_hits(self, cli_value: int = None) -> 'ScanSettingsBuilder':
+        """Set minimum snippet hits with priority: settings.file_snippet.min_snippet_hits > CLI.
+
+        Minimum allowed value is 0. Values below 0 will be clamped and logged.
+
+        Args:
+            cli_value: Minimum snippet hits from CLI argument
+
+        Returns:
+            Self for method chaining
+        """
+        self.min_snippet_hits = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('min_snippet_hits')
+        )
+        if self.min_snippet_hits is not None and self.min_snippet_hits < 0:
+            self.print_msg(
+                f'WARNING: min-snippet-hits value {self.min_snippet_hits} is below minimum allowed (0). '
+                f'Setting to 0.'
+            )
+            self.min_snippet_hits = 0
+        return self
+
+    def with_min_snippet_lines(self, cli_value: int = None) -> 'ScanSettingsBuilder':
+        """Set minimum snippet lines with priority: settings.file_snippet.min_snippet_lines > CLI.
+
+        Minimum allowed value is 0. Values below 0 will be clamped and logged.
+
+        Args:
+            cli_value: Minimum snippet lines from CLI argument
+
+        Returns:
+            Self for method chaining
+        """
+        self.min_snippet_lines = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('min_snippet_lines')
+        )
+        if self.min_snippet_lines is not None and self.min_snippet_lines < 0:
+            self.print_msg(
+                f'WARNING: min-snippet-lines value {self.min_snippet_lines} is below minimum allowed (0). '
+                f'Setting to 0.'
+            )
+            self.min_snippet_lines = 0
+        return self
+
+    def with_honour_file_exts(self, cli_value: str = None) -> 'ScanSettingsBuilder':
+        """Set honour_file_exts with priority: settings.file_snippet.honour_file_exts > CLI.
+
+        Args:
+            cli_value: String 'true', 'false', or 'unset' from CLI argument
+
+        Returns:
+            Self for method chaining
+        """
+        self.honour_file_exts = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('honour_file_exts')
+        )
+        ## Convert to boolean
+        if self.honour_file_exts is not None and self.honour_file_exts!= 'unset':
+            self.honour_file_exts = self._str_to_bool(self.honour_file_exts)
+        return self
+
+    def with_ranking(self, cli_value: str = None) -> 'ScanSettingsBuilder':
+        """Set ranking enabled with priority: settings.file_snippet.ranking_enabled > CLI.
+
+        Args:
+            cli_value: String 'true', 'false', or 'unset' from CLI argument
+
+        Returns:
+            Self for method chaining
+        """
+        self.ranking = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('ranking_enabled')
+        )
+        if self.ranking is not None and self.ranking != 'unset':
+            self.ranking = self._str_to_bool(self.ranking)
+        return self
+
+    def with_ranking_threshold(self, cli_value: int = None) -> 'ScanSettingsBuilder':
+        """Set ranking threshold with priority: settings.file_snippet.ranking_threshold > CLI.
+
+        Valid range is -1 to 10. Values outside this range will be clamped and logged.
+
+        Args:
+            cli_value: Ranking threshold from CLI argument
+
+        Returns:
+            Self for method chaining
+        """
+        self.ranking_threshold = self._merge_cli_with_settings(
+            cli_value,
+            self._get_file_snippet_setting('ranking_threshold')
+        )
+        if self.ranking_threshold is not None:
+            if self.ranking_threshold > MAX_RANKING_THRESHOLD:
+                self.print_msg(
+                    f'WARNING: ranking-threshold value {self.ranking_threshold} exceeds maximum allowed '
+                    f'({MAX_RANKING_THRESHOLD}). Setting to {MAX_RANKING_THRESHOLD}.'
+                )
+                self.ranking_threshold = MAX_RANKING_THRESHOLD
+            elif self.ranking_threshold < -1:
+                self.print_msg(
+                    f'WARNING: ranking-threshold value {self.ranking_threshold} is below minimum allowed (-1). '
+                    f'Setting to -1.'
+                )
+                self.ranking_threshold = -1
+        return self
+
+    # Private helper methods
+    @staticmethod
+    def _merge_with_priority(cli_value, file_snippet_value, root_value):
+        """Merge with priority: file_snippet > root settings > CLI"""
+        if file_snippet_value is not None:
+            return file_snippet_value
+        if root_value is not None:
+            return root_value
+        return cli_value
+
+    @staticmethod
+    def _merge_cli_with_settings(cli_value, settings_value):
+        """Merge CLI value with settings, with settings taking priority over CLI.
+
+        Returns settings_value if not None, otherwise falls back to cli_value.
+        """
+        if settings_value is not None:
+            return settings_value
+        return cli_value
+
+
+    @staticmethod
+    def _str_to_bool(value: str) -> Optional[bool]:
+        """Convert string 'true'/'false' to boolean."""
+        if value is None:
+            return None
+        if isinstance(value, bool):
+            return value
+        return value.lower() == 'true'
+
+    # Methods to extract values from scanoss_settings
+    def _get_file_snippet_setting(self, key: str):
+        """Get a setting from the file_snippet section."""
+        if not self.scanoss_settings:
+            return None
+        return self.scanoss_settings.get_file_snippet_settings().get(key)
+
+    def _get_file_snippet_proxy(self):
+        """Get proxy config from file_snippet section."""
+        return self.scanoss_settings.get_file_snippet_proxy() if self.scanoss_settings else None
+
+    def _get_root_proxy(self):
+        """Get proxy config from root settings section."""
+        return self.scanoss_settings.get_proxy() if self.scanoss_settings else None
+
+    @staticmethod
+    def _get_proxy_host(proxy_config) -> Optional[str]:
+        """Extract host from proxy configuration dict."""
+        if proxy_config is None:
+            return None
+        host = proxy_config.get('host')
+        return host if host else None
+
+    def _get_http_config_value(self, key: str):
+        """Extract a value from http_config dict."""
+        if not self.scanoss_settings:
+            return None
+        config = self.scanoss_settings.get_http_config()
+        return config.get(key) if config else None
+
+    def _get_file_snippet_http_config_value(self, key: str):
+        """Extract a value from file_snippet http_config dict."""
+        if not self.scanoss_settings:
+            return None
+        config = self.scanoss_settings.get_file_snippet_http_config()
+        return config.get(key) if config else None

scanoss/scanner.py

@@ -39,6 +39,7 @@ from scanoss.file_filters import FileFilters
 from . import __version__
 from .csvoutput import CsvOutput
 from .cyclonedx import CycloneDx
+from .scan_settings_builder import ScanSettingsBuilder
 from .scancodedeps import ScancodeDeps
 from .scanoss_settings import ScanossSettings
 from .scanossapi import ScanossApi
@@ -103,9 +104,14 @@ class Scanner(ScanossBase):
         strip_hpsm_ids=None,
         strip_snippet_ids=None,
         skip_md5_ids=None,
-        scan_settings: 'ScanossSettings | None' = None,
+        scanoss_settings: 'ScanossSettings | None' = None,
         req_headers: dict = None,
         use_grpc: bool = False,
+        min_snippet_hits: int = None,
+        min_snippet_lines: int = None,
+        ranking: str = None,
+        ranking_threshold: int = None,
+        honour_file_exts: str = None,
         skip_headers: bool = False,
         skip_headers_limit: int = 0,
         wfp_output: str = None,
@@ -132,8 +138,20 @@ class Scanner(ScanossBase):
         self.skip_size = skip_size
         self.skip_extensions = skip_extensions
         self.req_headers = req_headers
+        self.scanoss_settings = scanoss_settings
         ver_details = Scanner.version_details()
 
+        # Get settings values for skip_headers options
+        file_snippet_settings = scanoss_settings.get_file_snippet_settings() if scanoss_settings else {}
+        settings_skip_headers = file_snippet_settings.get('skip_headers')
+        settings_skip_headers_limit = file_snippet_settings.get('skip_headers_limit')
+
+        # Merge CLI values with settings (scanoss.json takes priority over CLI)
+        skip_headers = Scanner._merge_cli_with_settings(skip_headers, settings_skip_headers)
+        skip_headers_limit = Scanner._merge_cli_with_settings(
+            skip_headers_limit, settings_skip_headers_limit)
+        self.print_debug(f'Skip headers {skip_headers} with limit: {skip_headers_limit}')
+
         self.winnowing = Winnowing(
             debug=debug,
             trace=trace,
@@ -148,21 +166,40 @@ class Scanner(ScanossBase):
             skip_headers=skip_headers,
             skip_headers_limit=skip_headers_limit,
         )
+
+        # Build merged settings using builder pattern
+        scan_settings = (ScanSettingsBuilder(scanoss_settings, debug=debug, trace=trace, quiet=quiet)
+            .with_proxy(proxy)
+            .with_url(url)
+            .with_ignore_cert_errors(ignore_cert_errors)
+            .with_min_snippet_hits(min_snippet_hits)
+            .with_min_snippet_lines(min_snippet_lines)
+            .with_honour_file_exts(honour_file_exts)
+            .with_ranking(ranking)
+            .with_ranking_threshold(ranking_threshold))
+
+        self.print_debug(f'Scan settings:  {scan_settings}')
+
         self.scanoss_api = ScanossApi(
             debug=debug,
             trace=trace,
             quiet=quiet,
             api_key=api_key,
-            url=url,
+            url=scan_settings.url,
             flags=flags,
             timeout=timeout,
             ver_details=ver_details,
-            ignore_cert_errors=ignore_cert_errors,
-            proxy=proxy,
+            ignore_cert_errors=scan_settings.ignore_cert_errors,
+            proxy=scan_settings.proxy,
             ca_cert=ca_cert,
             pac=pac,
             retry=retry,
-            req_headers= self.req_headers,
+            req_headers=self.req_headers,
+            min_snippet_hits=scan_settings.min_snippet_hits,
+            min_snippet_lines=scan_settings.min_snippet_lines,
+            honour_file_exts=scan_settings.honour_file_exts,
+            ranking=scan_settings.ranking,
+            ranking_threshold=scan_settings.ranking_threshold,
         )
         sc_deps = ScancodeDeps(debug=debug, quiet=quiet, trace=trace, timeout=sc_timeout, sc_command=sc_command)
         grpc_api = ScanossGrpc(
@@ -193,19 +230,32 @@ class Scanner(ScanossBase):
         if self._skip_snippets:
             self.max_post_size = 8 * 1024  # 8k Max post size if we're skipping snippets
 
-        self.scan_settings = scan_settings
         self.post_processor = (
-            ScanPostProcessor(scan_settings, debug=debug, trace=trace, quiet=quiet) if scan_settings else None
+            ScanPostProcessor(scanoss_settings, debug=debug, trace=trace, quiet=quiet) if scan_settings else None
         )
         self._maybe_set_api_sbom()
 
     def _maybe_set_api_sbom(self):
-        if not self.scan_settings:
+        if not self.scanoss_settings:
             return
-        sbom = self.scan_settings.get_sbom()
+        sbom = self.scanoss_settings.get_sbom()
         if sbom:
             self.scanoss_api.set_sbom(sbom)
 
+    @staticmethod
+    def _merge_cli_with_settings(cli_value, settings_value):
+        """Merge CLI value with settings value (two-level priority: settings > cli).
+
+        Args:
+            cli_value: Value from CLI argument
+            settings_value: Value from scanoss.json file_snippet settings
+        Returns:
+            Merged value with CLI taking priority over settings
+        """
+        if settings_value is not None:
+            return settings_value
+        return cli_value
+
     @staticmethod
     def __count_files_in_wfp_file(wfp_file: str):
         """
@@ -288,7 +338,8 @@ class Scanner(ScanossBase):
         """
         if self.scan_options & ScanType.SCAN_DEPENDENCIES.value:
             return True
-        return False
+        file_snippet_settings = self.scanoss_settings.get_file_snippet_settings() if self.scanoss_settings else {}
+        return file_snippet_settings.get('dependency_analysis', False)
 
     def scan_folder_with_options(  # noqa: PLR0913
         self,
@@ -356,7 +407,7 @@ class Scanner(ScanossBase):
             debug=self.debug,
             trace=self.trace,
             quiet=self.quiet,
-            scanoss_settings=self.scan_settings,
+            scanoss_settings=self.scanoss_settings,
             all_extensions=self.all_extensions,
             all_folders=self.all_folders,
             hidden_files_folders=self.hidden_files_folders,
@@ -624,7 +675,7 @@ class Scanner(ScanossBase):
             debug=self.debug,
             trace=self.trace,
             quiet=self.quiet,
-            scanoss_settings=self.scan_settings,
+            scanoss_settings=self.scanoss_settings,
             all_extensions=self.all_extensions,
             all_folders=self.all_folders,
             hidden_files_folders=self.hidden_files_folders,
@@ -939,7 +990,7 @@ class Scanner(ScanossBase):
             debug=self.debug,
             trace=self.trace,
             quiet=self.quiet,
-            scanoss_settings=self.scan_settings,
+            scanoss_settings=self.scanoss_settings,
             all_extensions=self.all_extensions,
             all_folders=self.all_folders,
             hidden_files_folders=self.hidden_files_folders,

scanoss/scanoss_settings.py

@@ -335,3 +335,99 @@ class ScanossSettings(ScanossBase):
             List: Min and max sizes to skip
         """
         return self.data.get('settings', {}).get('skip', {}).get('sizes', {}).get(operation_type, [])
+
+    def get_file_snippet_settings(self) -> dict:
+        """
+        Get the file_snippet settings section
+        Returns:
+            dict: File snippet settings
+        """
+        return self.data.get('settings', {}).get('file_snippet', {})
+
+    def get_min_snippet_hits(self) -> Optional[int]:
+        """
+        Get the minimum snippet hits required
+        Returns:
+            int or None: Minimum snippet hits, or None if not set
+        """
+        return self.get_file_snippet_settings().get('min_snippet_hits')
+
+    def get_min_snippet_lines(self) -> Optional[int]:
+        """
+        Get the minimum snippet lines required
+        Returns:
+            int or None: Minimum snippet lines, or None if not set
+        """
+        return self.get_file_snippet_settings().get('min_snippet_lines')
+
+    def get_ranking_enabled(self) -> Optional[bool]:
+        """
+        Get whether ranking is enabled
+        Returns:
+            bool or None: True if enabled, False if disabled, None if not set
+        """
+        return self.get_file_snippet_settings().get('ranking_enabled')
+
+    def get_ranking_threshold(self) -> Optional[int]:
+        """
+        Get the ranking threshold value
+        Returns:
+            int or None: Ranking threshold, or None if not set
+        """
+        return self.get_file_snippet_settings().get('ranking_threshold')
+
+    def get_honour_file_exts(self) -> Optional[bool]:
+        """
+        Get whether to honour file extensions
+        Returns:
+            bool or None: True to honour, False to ignore, None if not set
+        """
+        return self.get_file_snippet_settings().get('honour_file_exts')
+
+    def get_skip_headers_limit(self) -> int:
+        """
+        Get the skip headers limit value
+        Returns:
+            int: Skip headers limit, or 0 if not set
+        """
+        return self.get_file_snippet_settings().get('skip_headers_limit', 0)
+
+    def get_skip_headers(self) -> bool:
+        """
+        Get whether to skip headers
+        Returns:
+            bool: True to skip headers, False otherwise (default)
+        """
+        return self.get_file_snippet_settings().get('skip_headers', False)
+
+    def get_proxy(self) -> Optional[dict]:
+        """
+        Get the root-level proxy configuration
+        Returns:
+            dict or None: Proxy configuration with 'host' key, or None if not set
+        """
+        return self.data.get('settings', {}).get('proxy')
+
+    def get_http_config(self) -> Optional[dict]:
+        """
+        Get the root-level http_config configuration
+        Returns:
+            dict or None: HTTP config with 'base_uri' and 'ignore_cert_errors' keys, or None if not set
+        """
+        return self.data.get('settings', {}).get('http_config')
+
+    def get_file_snippet_proxy(self) -> Optional[dict]:
+        """
+        Get the file_snippet-level proxy configuration (takes priority over root)
+        Returns:
+            dict or None: Proxy configuration with 'host' key, or None if not set
+        """
+        return self.get_file_snippet_settings().get('proxy')
+
+    def get_file_snippet_http_config(self) -> Optional[dict]:
+        """
+        Get the file_snippet-level http_config configuration (takes priority over root)
+        Returns:
+            dict or None: HTTP config with 'base_uri' and 'ignore_cert_errors' keys, or None if not set
+        """
+        return self.get_file_snippet_settings().get('http_config')

scanoss/scanossapi.py

@@ -22,13 +22,16 @@ SPDX-License-Identifier: MIT
   THE SOFTWARE.
 """
 
+import base64
 import http.client as http_client
+import json
 import logging
 import os
 import sys
 import time
 import uuid
 from json.decoder import JSONDecodeError
+from typing import Optional, Union
 from urllib.parse import urlparse, urlunparse
 
 import requests
@@ -98,6 +101,11 @@ class ScanossApi(ScanossBase):
         pac: PACFile = None,
         retry: int = 5,
         req_headers: dict = None,
+        min_snippet_hits: int = None,
+        min_snippet_lines: int = None,
+        honour_file_exts: Union[bool, str, None] = 'unset',
+        ranking: Union[bool, str, None] = 'unset',
+        ranking_threshold: int = None,
     ):
         """
         Initialise the SCANOSS API
@@ -108,6 +116,11 @@ class ScanossApi(ScanossBase):
         :param debug: Enable debug (default False)
         :param trace: Enable trace (default False)
         :param quiet: Enable quiet mode (default False)
+        :param min_snippet_hits: Minimum snippet hits required (default None)
+        :param min_snippet_lines: Minimum snippet lines required (default None)
+        :param honour_file_exts: Whether to honour file extensions (default 'unset')
+        :param ranking: Enable/disable ranking (default 'unset')
+        :param ranking_threshold: Ranking threshold value (default None)
 
         To set a custom certificate use:
             REQUESTS_CA_BUNDLE=/path/to/cert.pem
@@ -117,6 +130,12 @@ class ScanossApi(ScanossBase):
         """
         super().__init__(debug, trace, quiet)
         self.sbom = None
+        # Scan tuning parameters
+        self.min_snippet_hits = min_snippet_hits
+        self.min_snippet_lines = min_snippet_lines
+        self.honour_file_exts = honour_file_exts
+        self.ranking = ranking
+        self.ranking_threshold = ranking_threshold
         self.scan_format = scan_format if scan_format else 'plain'
         self.flags = flags
         self.timeout = timeout if timeout > MIN_TIMEOUT else DEFAULT_TIMEOUT
@@ -183,6 +202,10 @@ class ScanossApi(ScanossBase):
         scan_files = {'file': ('%s.wfp' % request_id, wfp)}
         headers = self.headers
         headers['x-request-id'] = request_id  # send a unique request id for each post
+        # Add scan settings header if any settings are configured
+        scan_settings_header = self._build_scan_settings_header()
+        if scan_settings_header:
+            headers['scanoss-settings'] = scan_settings_header
         r = None
         retry = 0  # Add some retry logic to cater for timeouts, etc.
         while retry <= self.retry_limit:
@@ -296,6 +319,41 @@ class ScanossApi(ScanossBase):
         self.sbom = sbom
         return self
 
+    def _build_scan_settings_header(self) -> Optional[str]:
+        """
+        Build base64-encoded JSON for x-scanoss-scan-settings header.
+        Only includes parameters that have meaningful (non-"unset") values.
+        Returns:
+            Base64-encoded JSON string, or None if no settings to send
+        """
+        settings = {}
+
+        # min_snippet_hits: 0 = unset, don't send
+        if self.min_snippet_hits is not None and self.min_snippet_hits != 0:
+            settings['min_snippet_hits'] = self.min_snippet_hits
+
+        # min_snippet_lines: 0 = unset, don't send
+        if self.min_snippet_lines is not None and self.min_snippet_lines != 0:
+            settings['min_snippet_lines'] = self.min_snippet_lines
+
+        # honour_file_exts: None = unset, don't send
+        if self.honour_file_exts is not None and self.honour_file_exts != 'unset':
+            settings['honour_file_exts'] = self.honour_file_exts
+
+        # ranking: None = unset, don't send
+        if self.ranking is not None and self.ranking != 'unset':
+            settings['ranking_enabled'] = self.ranking
+
+        # ranking_threshold: -1 = unset, don't send
+        if self.ranking_threshold is not None and self.ranking_threshold != -1:
+            settings['ranking_threshold'] = self.ranking_threshold
+
+        if settings:
+            json_str = json.dumps(settings)
+            self.print_debug(f'Scan settings: {json_str}')
+            return base64.b64encode(json_str.encode()).decode()
+        return None
+
     def load_generic_headers(self, url):
         """
         Adds custom headers from req_headers to the headers collection.

scanoss/scanpostprocessor.py

@@ -80,7 +80,7 @@ class ScanPostProcessor(ScanossBase):
 
     def __init__(
         self,
-        scan_settings: ScanossSettings,
+        scanoss_settings: ScanossSettings,
         debug: bool = False,
         trace: bool = False,
         quiet: bool = False,
@@ -88,14 +88,14 @@ class ScanPostProcessor(ScanossBase):
     ):
         """
         Args:
-            scan_settings (ScanossSettings): Scan settings object
+            scanoss_settings (ScanossSettings): Scanoss settings object
             debug (bool, optional): Debug mode. Defaults to False.
             trace (bool, optional): Traces. Defaults to False.
             quiet (bool, optional): Quiet mode. Defaults to False.
             results (dict | str, optional): Results to be processed. Defaults to None.
         """
         super().__init__(debug, trace, quiet)
-        self.scan_settings = scan_settings
+        self.scanoss_settings = scanoss_settings
         self.results: dict = results
         self.component_info_map: dict = {}
 
@@ -114,10 +114,10 @@ class ScanPostProcessor(ScanossBase):
         if not self.results:
             return
         for _, result in self.results.items():
-            result = result[0] if isinstance(result, list) else result
-            purls = result.get('purl', [])
+            entry = result[0] if isinstance(result, list) else result
+            purls = entry.get('purl', [])
             for purl in purls:
-                self.component_info_map[purl] = result
+                self.component_info_map[purl] = entry
 
     def post_process(self):
         """
@@ -126,7 +126,7 @@ class ScanPostProcessor(ScanossBase):
         Returns:
             dict: Processed results
         """
-        if self.scan_settings.is_legacy():
+        if self.scanoss_settings.is_legacy():
             self.print_stderr(
                 'Legacy settings file detected. Post-processing is not supported for legacy settings file.'
             )
@@ -139,7 +139,7 @@ class ScanPostProcessor(ScanossBase):
         """
         Remove entries from the results based on files and/or purls specified in the SCANOSS settings file
         """
-        to_remove_entries = self.scan_settings.get_bom_remove()
+        to_remove_entries = self.scanoss_settings.get_bom_remove()
         if not to_remove_entries:
             return
         self.results = {
@@ -152,15 +152,15 @@ class ScanPostProcessor(ScanossBase):
         """
         Replace purls in the results based on the SCANOSS settings file
         """
-        to_replace_entries = self.scan_settings.get_bom_replace()
+        to_replace_entries = self.scanoss_settings.get_bom_replace()
         if not to_replace_entries:
             return
 
         for result_path, result in self.results.items():
-            result = result[0] if isinstance(result, list) else result
-            should_replace, to_replace_with_purl = self._should_replace_result(result_path, result, to_replace_entries)
+            entry = result[0] if isinstance(result, list) else result
+            should_replace, to_replace_with_purl = self._should_replace_result(result_path, entry, to_replace_entries)
             if should_replace:
-                self.results[result_path] = [self._update_replaced_result(result, to_replace_with_purl)]
+                self.results[result_path] = [self._update_replaced_result(entry, to_replace_with_purl)]
 
     def _update_replaced_result(self, result: dict, to_replace_with_purl: str) -> dict:
         """

{scanoss-1.44.0.dist-info → scanoss-1.45.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scanoss
-Version: 1.44.0
+Version: 1.45.0
 Summary: Simple Python library to leverage the SCANOSS APIs
 Home-page: https://scanoss.com
 Author: SCANOSS

{scanoss-1.44.0.dist-info → scanoss-1.45.0.dist-info}/RECORD

@@ -6,8 +6,8 @@ protoc_gen_swagger/options/annotations_pb2_grpc.py,sha256=KZOW9Ciio-f9iL42FuLFnS
 protoc_gen_swagger/options/openapiv2_pb2.py,sha256=w0xDs63uyrWGgzRaQZXfJpfI7Jpyvh-i9ay_uzOR-aM,16475
 protoc_gen_swagger/options/openapiv2_pb2.pyi,sha256=hYOV6uQ2yqhP89042_V3GuAsvoBBiXf5CGuYmnFnfv4,54665
 protoc_gen_swagger/options/openapiv2_pb2_grpc.py,sha256=sje9Nh3yE7CHCUWZwtjTgwsKB4GvyGz5vOrGTnRXJfc,917
-scanoss/__init__.py,sha256=3No2Cw4ABjUyCElYDfC2PtdcJhTnDMeJucAwfBpOLiY,1146
-scanoss/cli.py,sha256=Wz5RUETfwfz76KYEnrmVXlkqLRZJWQqm7hzyq2Ou5qQ,104752
+scanoss/__init__.py,sha256=iPkgzK0wSsFjSAwlOzqgAXcFJW65XbmsUg-xi_nfZUo,1146
+scanoss/cli.py,sha256=oSw9-YTxZE90wUP4WECXVQh5Zzl_SGVA8NkcwdU3-4M,106155
 scanoss/components.py,sha256=NFyt_w3aoMotr_ZaFU-ng00_89sruc0kgY7ERnJXkmM,15891
 scanoss/constants.py,sha256=vurzLNIfP_dnRMwOdZsUWvr5XAVuGoj98XZ0yjXNOjQ,632
 scanoss/cryptography.py,sha256=lOoD_dW16ARQxYiYyb5R8S7gx0FqWIsnGkKfsB0nGaU,10627
@@ -20,13 +20,14 @@ scanoss/gitlabqualityreport.py,sha256=_VG0Xoh8wYF3lsXGJvjoj-Ty58OS_-H1Domiq9OpQE
 scanoss/header_filter.py,sha256=-Dqore9coROLMWWw9yP3nz8dpCB7jYAVm842hoRTmeE,21879
 scanoss/osadl.py,sha256=VWalcHpshWxtRDGje2cK32SfFeSBAO62knfSW9pyYqc,4558
 scanoss/results.py,sha256=47ZXXuU2sDjYa5vhtbWTmikit9jHhA0rsYKwkvZFI5w,9252
+scanoss/scan_settings_builder.py,sha256=3AyQXJgBVZLWPyRhptACSB8LoMHdX3BSzRqeaYQIXR8,12143
 scanoss/scancodedeps.py,sha256=JbpoGW1POtPMmowzfwa4oh8sSBeeQCqaW9onvc4UFYM,11517
-scanoss/scanner.py,sha256=_BAc5wpgB545kTEPIapReP3p1KHWvynVs0m1og0n_OA,40643
-scanoss/scanoss_settings.py,sha256=W8uFQ6uRIqtE-DXXA56bO8I4GsbJ-aA1c84hQ_qBel4,12161
-scanoss/scanossapi.py,sha256=B2eZ36ZhpliPANixsl6YtgUfhQ1GQmlmNPwgsZlMtrY,14237
+scanoss/scanner.py,sha256=p2d4mbap5gaY5WVJPMsicZF0pPu9vbokUJcd9GGC77k,43193
+scanoss/scanoss_settings.py,sha256=O0AD0XhXYiQaD2Ym3pmoj0kJrUuEvY9gfsSliDaQ40c,15600
+scanoss/scanossapi.py,sha256=3wN5POEt-Hi3qz_8VFC0JqDw2QHliJ-dJIW8VNZEzc8,16906
 scanoss/scanossbase.py,sha256=tKlHPAi50ZarGaPXsNi1XrowQBynsSqSSst-NuG2ScI,3163
 scanoss/scanossgrpc.py,sha256=9UuVPUjBLUhqim_tSntyoRZW-OAtiz5iP_VjjNr5RPY,41715
-scanoss/scanpostprocessor.py,sha256=-JsThlxrU70r92GHykTMERnicdd-6jmwNsE4PH0MN2o,11063
+scanoss/scanpostprocessor.py,sha256=u6ZfwkSukn8TjeqRj1_IuWNjlUEug1_B36vZNIfUPZk,11081
 scanoss/scantype.py,sha256=gFmyVmKQpHWogN2iCmMj032e_sZo4T92xS3_EH5B3Tc,1310
 scanoss/spdxlite.py,sha256=4JMxmyNmvcL6fjScihk8toWfSuQ-Pj1gzaT3SIn1fXA,29425
 scanoss/threadeddependencies.py,sha256=aN8E43iKS1pWJLJP3xCle5ewlfR5DE2-ljUzI_29Xwk,9851
@@ -67,9 +68,9 @@ scanoss/api/vulnerabilities/__init__.py,sha256=IFrDk_DTJgKSZmmU-nuLXuq_s8sQZlrSC
 scanoss/api/vulnerabilities/v2/__init__.py,sha256=IFrDk_DTJgKSZmmU-nuLXuq_s8sQZlrSCHhIDMJT4r0,1122
 scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2.py,sha256=pmm0MSiXkdf8e4rCIIDRcsNRixR2vGvD1Xak4l-wdwI,16550
 scanoss/api/vulnerabilities/v2/scanoss_vulnerabilities_pb2_grpc.py,sha256=BNxT5kUKQ-mgtOt5QYBM1Qrg5LNDqSpWKpfEZquIlsM,19127
-scanoss/data/build_date.txt,sha256=-EilhGZbNGPTdLc69ZeFfD2jXV0qIeyp-9ACsosCSdY,40
+scanoss/data/build_date.txt,sha256=gyjPVgVGpUWx0EUA2CYrW4yKZV_gBf-3hDut1Va79ME,40
 scanoss/data/osadl-copyleft.json,sha256=O9b2XAfpjQY0TL0fYzO6kwMcp5IwQbF6f_YWbB10MhQ,4761
-scanoss/data/scanoss-settings-schema.json,sha256=ClkRYAkjAN0Sk704G8BE_Ok006oQ6YnIGmX84CF8h9w,8798
+scanoss/data/scanoss-settings-schema.json,sha256=baOwoHm5_JumSOxWYp6COHqnmTR7eO9RxVwf3FAOuJY,12157
 scanoss/data/spdx-exceptions.json,sha256=s7UTYxC7jqQXr11YBlIWYCNwN6lRDFTR33Y8rpN_dA4,17953
 scanoss/data/spdx-licenses.json,sha256=A6Z0q82gaTLtnopBfzeIVZjJFxkdRW1g2TuumQc-lII,228794
 scanoss/export/__init__.py,sha256=D4C0lWLuNp8k_BjQZEc07WZcUgAvriVwQWOk063b0ZU,1122
@@ -102,9 +103,9 @@ scanoss/utils/crc64.py,sha256=TMrwQimSdE6imhFOUL7oAG6Kxu-8qMpGWMuMg8QpSVs,3169
 scanoss/utils/file.py,sha256=62cA9a17TU9ZvfA3FY5HY4-QOajJeSrc8S6xLA_f-3M,2980
 scanoss/utils/scanoss_scan_results_utils.py,sha256=ho9-DKefHFJlVZkw4gXOmMI-mgPIbV9Y2ftkI83fC1k,1727
 scanoss/utils/simhash.py,sha256=6iu8DOcecPAY36SZjCOzrrLMT9oIE7-gI6QuYwUQ7B0,5793
-scanoss-1.44.0.dist-info/licenses/LICENSE,sha256=LLUaXoiyOroIbr5ubAyrxBOwSRLTm35ETO2FmLpy8QQ,1074
-scanoss-1.44.0.dist-info/METADATA,sha256=1g0BAGIWfV_EXUl57GycqeGkVJstd3xlkjyVgBECo-I,6220
-scanoss-1.44.0.dist-info/WHEEL,sha256=qELbo2s1Yzl39ZmrAibXA2jjPLUYfnVhUNTlyF1rq0Y,92
-scanoss-1.44.0.dist-info/entry_points.txt,sha256=Uy28xnaDL5KQ7V77sZD5VLDXPNxYYzSr5tsqtiXVzAs,48
-scanoss-1.44.0.dist-info/top_level.txt,sha256=V11PrQ6Pnrc-nDF9xnisnJ8e6-i7HqSIKVNqduRWcL8,27
-scanoss-1.44.0.dist-info/RECORD,,
+scanoss-1.45.0.dist-info/licenses/LICENSE,sha256=LLUaXoiyOroIbr5ubAyrxBOwSRLTm35ETO2FmLpy8QQ,1074
+scanoss-1.45.0.dist-info/METADATA,sha256=xPca-0CXnZ6JXbrAuZVBY47jk-glQLmhNpATuinZhZk,6220
+scanoss-1.45.0.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+scanoss-1.45.0.dist-info/entry_points.txt,sha256=Uy28xnaDL5KQ7V77sZD5VLDXPNxYYzSr5tsqtiXVzAs,48
+scanoss-1.45.0.dist-info/top_level.txt,sha256=V11PrQ6Pnrc-nDF9xnisnJ8e6-i7HqSIKVNqduRWcL8,27
+scanoss-1.45.0.dist-info/RECORD,,

{scanoss-1.44.0.dist-info → scanoss-1.45.0.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (80.10.1)
+Generator: setuptools (80.10.2)
 Root-Is-Purelib: true
 Tag: py3-none-any