From 0b58f828d293fee1378accfbf9684dda8f4a0e2b Mon Sep 17 00:00:00 2001 From: Jiyeong Seok <50347670+dd-jy@users.noreply.github.com> Date: Fri, 26 Apr 2024 11:28:13 +0900 Subject: [PATCH] Change dependson to purl (#192) Signed-off-by: jiyeong.seok --- src/fosslight_dependency/_package_manager.py | 12 ++++++++++++ src/fosslight_dependency/package_manager/Android.py | 6 ++---- .../package_manager/Cocoapods.py | 9 +++------ src/fosslight_dependency/package_manager/Go.py | 9 +++------ src/fosslight_dependency/package_manager/Gradle.py | 6 ++---- src/fosslight_dependency/package_manager/Maven.py | 6 ++---- src/fosslight_dependency/package_manager/Npm.py | 13 ++++++------- src/fosslight_dependency/package_manager/Nuget.py | 9 +++------ src/fosslight_dependency/package_manager/Pub.py | 9 +++------ src/fosslight_dependency/package_manager/Pypi.py | 9 +++------ src/fosslight_dependency/package_manager/Swift.py | 9 +++------ 11 files changed, 42 insertions(+), 55 deletions(-) diff --git a/src/fosslight_dependency/_package_manager.py b/src/fosslight_dependency/_package_manager.py index d9f7e283..6f65eb10 100644 --- a/src/fosslight_dependency/_package_manager.py +++ b/src/fosslight_dependency/_package_manager.py @@ -189,6 +189,18 @@ def parse_dependency_tree(self, f_name): except Exception as e: logger.warning(f'Fail to parse gradle dependency tree:{e}') + def change_dep_to_purl(self, sheet_list): + try: + for oss_item in sheet_list: + if len(oss_item) < 10: + break + deps_list = oss_item[9] + deps_purl = list(map(lambda x: self.purl_dict.get(x, ''), deps_list)) + oss_item[9] = ','.join(deps_purl) + except Exception as e: + logger.warning(f'Fail to change depend_on to purl:{e}') + return sheet_list + def get_url_to_purl(url, pkg_manager, oss_name='', oss_version=''): purl_prefix = f'pkg:{pkg_manager}' diff --git a/src/fosslight_dependency/package_manager/Android.py b/src/fosslight_dependency/package_manager/Android.py index 31cf6677..11a656a9 100644 --- a/src/fosslight_dependency/package_manager/Android.py +++ b/src/fosslight_dependency/package_manager/Android.py @@ -69,9 +69,7 @@ def parse_oss_information(self, f_name): except Exception as e: logger.error(f"Fail to find oss scope in dependency tree: {e}") comment = ','.join(comment_list) - deps = ','.join(deps_list) - sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, - '', '', comment, deps]) - + '', '', comment, deps_list]) + sheet_list = self.change_dep_to_purl(sheet_list) return sheet_list diff --git a/src/fosslight_dependency/package_manager/Cocoapods.py b/src/fosslight_dependency/package_manager/Cocoapods.py index 56d3af37..a976db20 100644 --- a/src/fosslight_dependency/package_manager/Cocoapods.py +++ b/src/fosslight_dependency/package_manager/Cocoapods.py @@ -92,11 +92,8 @@ def parse_oss_information(self, f_name): else: comment_list.append('transitive') if f'{pod_oss_name_origin}({oss_version})' in self.relation_tree: - rel_items = [f'{self.package_manager_name}:{ri}' - for ri in self.relation_tree[f'{pod_oss_name_origin}({oss_version})']] - deps_list.extend(rel_items) + deps_list.extend(self.relation_tree[f'{pod_oss_name_origin}({oss_version})']) comment = ','.join(comment_list) - deps = ','.join(deps_list) oss_name_report = f'{self.package_manager_name}:{pod_oss_name_origin}' pod_oss_name = pod_oss_name_origin @@ -138,10 +135,10 @@ def parse_oss_information(self, f_name): logger.warning(f'{pod_oss_name_origin} has different version({pod_oss_version})\ with spec version({oss_version})') sheet_list.append([purl, oss_name_report, pod_oss_version, license_name, dn_loc, homepage, - '', '', comment, deps]) + '', '', comment, deps_list]) except Exception as e: logger.warning(f"Fail to get {pod_oss_name_origin}:{e}") - + sheet_list = self.change_dep_to_purl(sheet_list) return sheet_list def get_oss_in_podspec(self, spec_file_path): diff --git a/src/fosslight_dependency/package_manager/Go.py b/src/fosslight_dependency/package_manager/Go.py index 0990dbfd..d3108ac6 100644 --- a/src/fosslight_dependency/package_manager/Go.py +++ b/src/fosslight_dependency/package_manager/Go.py @@ -101,9 +101,7 @@ def parse_oss_information(self, f_name): comment_list.append('direct') if f'{package_path}({oss_version})' in self.relation_tree: - rel_items = [f'{self.package_manager_name}:{ri}' - for ri in self.relation_tree[f'{package_path}({oss_version})']] - deps_list.extend(rel_items) + deps_list.extend(self.relation_tree[f'{package_path}({oss_version})']) homepage_set = [] homepage = self.dn_url + package_path @@ -149,8 +147,7 @@ def parse_oss_information(self, f_name): continue comment = ','.join(comment_list) - deps = ','.join(deps_list) sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, - '', '', comment, deps]) - + '', '', comment, deps_list]) + sheet_list = self.change_dep_to_purl(sheet_list) return sheet_list diff --git a/src/fosslight_dependency/package_manager/Gradle.py b/src/fosslight_dependency/package_manager/Gradle.py index f7e14b1e..1cc5bc5f 100644 --- a/src/fosslight_dependency/package_manager/Gradle.py +++ b/src/fosslight_dependency/package_manager/Gradle.py @@ -91,11 +91,9 @@ def parse_oss_information(self, f_name): except Exception as e: logger.error(f"Fail to find oss scope in dependency tree: {e}") comment = ','.join(comment_list) - deps = ','.join(deps_list) - sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, - '', '', comment, deps]) - + '', '', comment, deps_list]) + sheet_list = self.change_dep_to_purl(sheet_list) return sheet_list diff --git a/src/fosslight_dependency/package_manager/Maven.py b/src/fosslight_dependency/package_manager/Maven.py index d9686aaa..a8ef2862 100644 --- a/src/fosslight_dependency/package_manager/Maven.py +++ b/src/fosslight_dependency/package_manager/Maven.py @@ -253,9 +253,7 @@ def parse_oss_information(self, f_name): except Exception as e: logger.error(f"Fail to find oss scope in dependency tree: {e}") comment = ','.join(comment_list) - deps = ','.join(deps_list) - sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, - '', '', comment, deps]) - + '', '', comment, deps_list]) + sheet_list = self.change_dep_to_purl(sheet_list) return sheet_list diff --git a/src/fosslight_dependency/package_manager/Npm.py b/src/fosslight_dependency/package_manager/Npm.py index 96e4bc1e..43812cbf 100644 --- a/src/fosslight_dependency/package_manager/Npm.py +++ b/src/fosslight_dependency/package_manager/Npm.py @@ -197,24 +197,23 @@ def parse_oss_information(self, f_name): comment_list.append('transitive') if f'{oss_init_name}({oss_version})' in self.relation_tree: - rel_items = [f'npm:{ri}' for ri in self.relation_tree[f'{oss_init_name}({oss_version})']] - deps_list.extend(rel_items) + deps_list.extend(self.relation_tree[f'{oss_init_name}({oss_version})']) manifest_file_path = os.path.join(package_path, const.SUPPORT_PACKAE.get(self.package_manager_name)) multi_license, license_comment, multi_flag = check_multi_license(license_name, manifest_file_path) comment = ','.join(comment_list) - deps = ','.join(deps_list) if multi_flag: comment = f'{comment}, {license_comment}' - sheet_list.append([purl, oss_name, oss_version, multi_license, dn_loc, homepage, - '', '', comment, deps]) + license_name = multi_license else: license_name = license_name.replace(",", "") license_name = check_unknown_license(license_name, manifest_file_path) - sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, - '', '', comment, deps]) + sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, + '', '', comment, deps_list]) + + sheet_list = self.change_dep_to_purl(sheet_list) return sheet_list diff --git a/src/fosslight_dependency/package_manager/Nuget.py b/src/fosslight_dependency/package_manager/Nuget.py index 654ace31..8d123c33 100644 --- a/src/fosslight_dependency/package_manager/Nuget.py +++ b/src/fosslight_dependency/package_manager/Nuget.py @@ -109,17 +109,14 @@ def parse_oss_information(self, f_name): comment_list.append('transitive') if f'{oss_origin_name}({oss_version})' in self.relation_tree: - rel_items = [f'{self.package_manager_name}:{ri}' - for ri in self.relation_tree[f'{oss_origin_name}({oss_version})']] - deps_list.extend(rel_items) + deps_list.extend(self.relation_tree[f'{oss_origin_name}({oss_version})']) comment = ','.join(comment_list) - deps = ','.join(deps_list) - sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, '', '', comment, deps]) + sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, '', '', comment, deps_list]) except Exception as e: logger.warning(f"Failed to parse oss information: {e}") - + sheet_list = self.change_dep_to_purl(sheet_list) if os.path.isfile(tmp_license_txt_file_name): os.remove(tmp_license_txt_file_name) diff --git a/src/fosslight_dependency/package_manager/Pub.py b/src/fosslight_dependency/package_manager/Pub.py index 5c462b4b..beb29ce8 100644 --- a/src/fosslight_dependency/package_manager/Pub.py +++ b/src/fosslight_dependency/package_manager/Pub.py @@ -155,16 +155,13 @@ def parse_oss_information(self, f_name): comment_list.append('transitive') if f'{oss_origin_name}({oss_version})' in self.relation_tree: - rel_items = [f'{self.package_manager_name}:{ri}' - for ri in self.relation_tree[f'{oss_origin_name}({oss_version})']] - deps_list.extend(rel_items) + deps_list.extend(self.relation_tree[f'{oss_origin_name}({oss_version})']) comment = ','.join(comment_list) - deps = ','.join(deps_list) sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, - '', '', comment, deps]) + '', '', comment, deps_list]) except Exception as e: logger.error(f"Fail to parse pub oss information: {e}") - + sheet_list = self.change_dep_to_purl(sheet_list) if os.path.isfile(tmp_license_txt_file_name): os.remove(tmp_license_txt_file_name) diff --git a/src/fosslight_dependency/package_manager/Pypi.py b/src/fosslight_dependency/package_manager/Pypi.py index c77dc494..840f3507 100644 --- a/src/fosslight_dependency/package_manager/Pypi.py +++ b/src/fosslight_dependency/package_manager/Pypi.py @@ -305,17 +305,14 @@ def parse_oss_information(self, f_name): else: comment_list.append('transitive') if f'{oss_init_name}({oss_version})' in self.relation_tree: - rel_items = [f'{self.package_manager_name}:{ri}' - for ri in self.relation_tree[f'{oss_init_name}({oss_version})']] - deps_list.extend(rel_items) + deps_list.extend(self.relation_tree[f'{oss_init_name}({oss_version})']) comment = ','.join(comment_list) - deps = ','.join(deps_list) sheet_list.append([purl, oss_name, oss_version, - license_name, dn_loc, homepage, '', '', comment, deps]) + license_name, dn_loc, homepage, '', '', comment, deps_list]) except Exception as ex: logger.warning(f"Fail to parse oss information: {oss_init_name}({ex})") - + sheet_list = self.change_dep_to_purl(sheet_list) return sheet_list def get_dependencies(self, dependencies, package): diff --git a/src/fosslight_dependency/package_manager/Swift.py b/src/fosslight_dependency/package_manager/Swift.py index 7198a3ac..7754a102 100644 --- a/src/fosslight_dependency/package_manager/Swift.py +++ b/src/fosslight_dependency/package_manager/Swift.py @@ -147,12 +147,9 @@ def parse_oss_information(self, f_name): comment_list.append('transitive') if f'{oss_origin_name}({oss_version})' in self.relation_tree: - rel_items = [f'{self.package_manager_name}:{ri}' - for ri in self.relation_tree[f'{oss_origin_name}({oss_version})']] - deps_list.extend(rel_items) + deps_list.extend(self.relation_tree[f'{oss_origin_name}({oss_version})']) comment = ','.join(comment_list) - deps = ','.join(deps_list) sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, - '', '', comment, deps]) - + '', '', comment, deps_list]) + sheet_list = self.change_dep_to_purl(sheet_list) return sheet_list