Skip to content

Commit 0105603

Browse files
sarafarajnasardisarafarajnasardi
committed
Fix Maven JAR PURL detection for packages without metadata
* Add maven.py module with enhanced JAR detection for Maven packages * Detect Maven JARs via pom.properties files and URL pattern analysis * Convert JAR PURLs to correct Maven format (pkg:jar → pkg:maven) * Add comprehensive test suite covering all detection scenarios * Update scan_codebase and inspect_packages pipelines * Fixes perfmark-api-0.27.0.jar returning incorrect PURL format Resolves #1836 Signed-off-by: Sara Faraj <[email protected]>
1 parent 473c6fe commit 0105603

File tree

4 files changed

+669
-0
lines changed

4 files changed

+669
-0
lines changed

scanpipe/pipelines/inspect_packages.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222

2323
from aboutcode.pipeline import optional_step
2424
from scanpipe.pipelines.scan_codebase import ScanCodebase
25+
from scanpipe.pipes import maven
2526
from scanpipe.pipes import scancode
2627

2728

@@ -50,6 +51,7 @@ def steps(cls):
5051
cls.flag_empty_files,
5152
cls.flag_ignored_resources,
5253
cls.scan_for_application_packages,
54+
cls.fix_maven_jar_packages,
5355
cls.resolve_dependencies,
5456
)
5557

@@ -65,6 +67,10 @@ def scan_for_application_packages(self):
6567
progress_logger=self.log,
6668
)
6769

70+
def fix_maven_jar_packages(self):
71+
"""Fix JAR packages that should be Maven packages based on pom.properties."""
72+
maven.detect_maven_jars_from_pom_properties(self.project, logger_func=self.log)
73+
6874
@optional_step("StaticResolver")
6975
def resolve_dependencies(self):
7076
"""

scanpipe/pipelines/scan_codebase.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222

2323
from scanpipe import pipes
2424
from scanpipe.pipelines import Pipeline
25+
from scanpipe.pipes import maven
2526
from scanpipe.pipes import scancode
2627
from scanpipe.pipes.input import copy_inputs
2728

@@ -44,6 +45,7 @@ def steps(cls):
4445
cls.flag_empty_files,
4546
cls.flag_ignored_resources,
4647
cls.scan_for_application_packages,
48+
cls.fix_maven_jar_packages,
4749
cls.scan_for_files,
4850
cls.collect_and_create_license_detections,
4951
)
@@ -63,6 +65,10 @@ def scan_for_application_packages(self):
6365
"""Scan unknown resources for packages information."""
6466
scancode.scan_for_application_packages(self.project, progress_logger=self.log)
6567

68+
def fix_maven_jar_packages(self):
69+
"""Fix JAR packages that should be Maven packages based on pom.properties."""
70+
maven.detect_maven_jars_from_pom_properties(self.project, logger_func=self.log)
71+
6672
def scan_for_files(self):
6773
"""Scan unknown resources for copyrights, licenses, emails, and urls."""
6874
scancode.scan_for_files(self.project, progress_logger=self.log)

0 commit comments

Comments
 (0)