fix(nuget): add nuget dependency extract

src/packagedcode/nuget.py

@@ -12,10 +12,92 @@
 from packagedcode import models
 from packagedcode.utils import build_description
 
+
 """
 Handle NuGet packages and their manifests.
 """
-# TODO: add dependencies
+
+# TODO: Add section to handle dependencies of dependencies
+
+
+def get_dependencies(nuspec):
+    """
+    Return a list of Dependent package objects found in a NuGet `nuspec` object.
+    """
+    dependencies = []
+    try:
+        if "dependencies" in nuspec:
+            if "group" in nuspec["dependencies"]:
+                for group in nuspec["dependencies"]["group"]:
+                    if "dependency" in group:
+                        for dependency in group["dependency"]:
+                            #dependencies.append(dependency)
+                            dpurl = models.PackageURL(
+                            type='nuget',
+                            namespace=None,
+                            name=dependency.get("@id"),
+                            version=dependency.get("@version"),
+                            qualifiers=None
+                        )
+                            dep_pack = models.DependentPackage(
+                            purl=str(dpurl),
+                            extracted_requirement=dependency.get("@version"),
+                            scope="dependency",
+                            is_runtime=False,
+                            is_optional=False,
+                            is_resolved=True,
+                        )
+
+                            dependencies.append(dep_pack)
+
+            if "dependency" in nuspec.get("dependencies"):
+                if "@id" and "@version" in nuspec.get("dependencies").get("dependency"):
+                    dpurl = models.PackageURL(
+                        type='nuget',
+                        namespace=None,
+                        name=nuspec.get("dependencies").get(
+                            "dependency").get("@id"),
+                        version=nuspec.get("dependencies").get(
+                            "dependency").get("@version"),
+                        qualifiers=None
+                    )
+                    dep_pack = models.DependentPackage(
+                        purl=str(dpurl),
+                        extracted_requirement=nuspec.get("dependencies").get(
+                            "dependency").get("@version"),
+                        scope="dependency",
+                        is_runtime=False,
+                        is_optional=False,
+                        is_resolved=True,
+                    )
+
+                    dependencies.append(dep_pack)
+
+                else:
+                    for dependency in nuspec.get("dependencies").get("dependency"):
+                        dpurl = models.PackageURL(
+                            type='nuget',
+                            namespace=None,
+                            name=dependency.get("@id"),
+                            version=dependency.get("@version"),
+                            qualifiers=None
+                        )
+                        dep_pack = models.DependentPackage(
+                            purl=str(dpurl),
+                            extracted_requirement=dependency.get(
+                                "@version"),
+                            scope="dependency",
+                            is_runtime=False,
+                            is_optional=False,
+                            is_resolved=True,
+                        )
+                        dependencies.append(dep_pack)
+
+        return dependencies
+
+    except Exception as e:
+        print(e)
+        return dependencies
 
 
 def get_urls(name, version, **kwargs):
@@ -46,7 +128,7 @@ class NugetNuspecHandler(models.DatafileHandler):
 
     @classmethod
     def parse(cls, location):
-        with open(location , 'rb') as loc:
+        with open(location, 'rb') as loc:
             parsed = xmltodict.parse(loc)
 
         if not parsed:
@@ -62,14 +144,15 @@ def parse(cls, location):
 
         # Summary: A short description of the package for UI display. If omitted, a
         # truncated version of description is used.
-        description = build_description(nuspec.get('summary') , nuspec.get('description'))
+        description = build_description(
+            nuspec.get('summary'), nuspec.get('description'))
 
         # title: A human-friendly title of the package, typically used in UI
         # displays as on nuget.org and the Package Manager in Visual Studio. If not
         # specified, the package ID is used.
         title = nuspec.get('title')
         if title and title != name:
-            description = build_description(nuspec.get('title') , description)
+            description = build_description(nuspec.get('title'), description)
 
         parties = []
         authors = nuspec.get('authors')
@@ -102,7 +185,7 @@ def parse(cls, location):
         # Deprecated and not a license expression, just a URL
         elif 'licenseUrl' in nuspec:
             extracted_license_statement = nuspec.get('licenseUrl')
-
+ 
         yield models.PackageData(
             datasource_id=cls.datasource_id,
             type=cls.default_package_type,
@@ -111,8 +194,10 @@ def parse(cls, location):
             description=description or None,
             homepage_url=nuspec.get('projectUrl') or None,
             parties=parties,
+            dependencies=get_dependencies(nuspec),
             extracted_license_statement=extracted_license_statement,
             copyright=nuspec.get('copyright') or None,
             vcs_url=vcs_url,
             **urls,
         )
+

tests/packagedcode/data/nuget/Castle.Core.nuspec.json.expected

@@ -94,7 +94,108 @@
     "source_packages": [],
     "file_references": [],
     "extra_data": {},
-    "dependencies": [],
+    "dependencies": [
+       {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "1.6.1",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            },
+            {
+              "purl": "pkg:nuget/[email protected]",
+              "extracted_requirement": "4.3.0",
+              "scope": "dependency",
+              "is_runtime": false,
+              "is_optional": false,
+              "is_resolved": true,
+              "resolved_package": {},
+              "extra_data": {}
+            }
+    ],
     "repository_homepage_url": "https://www.nuget.org/packages/Castle.Core/4.2.1",
     "repository_download_url": "https://www.nuget.org/api/v2/package/Castle.Core/4.2.1",
     "api_data_url": "https://api.nuget.org/v3/registration3/castle.core/4.2.1.json",