Change dependson to purl (#192)

Signed-off-by: jiyeong.seok <[email protected]>

Author: dd-jy

src/fosslight_dependency/_package_manager.py

@@ -189,6 +189,18 @@ def parse_dependency_tree(self, f_name):
         except Exception as e:
             logger.warning(f'Fail to parse gradle dependency tree:{e}')
 
+    def change_dep_to_purl(self, sheet_list):
+        try:
+            for oss_item in sheet_list:
+                if len(oss_item) < 10:
+                    break
+                deps_list = oss_item[9]
+                deps_purl = list(map(lambda x: self.purl_dict.get(x, ''), deps_list))
+                oss_item[9] = ','.join(deps_purl)
+        except Exception as e:
+            logger.warning(f'Fail to change depend_on to purl:{e}')
+        return sheet_list
+
 
 def get_url_to_purl(url, pkg_manager, oss_name='', oss_version=''):
     purl_prefix = f'pkg:{pkg_manager}'

src/fosslight_dependency/package_manager/Android.py

@@ -69,9 +69,7 @@ def parse_oss_information(self, f_name):
                     except Exception as e:
                         logger.error(f"Fail to find oss scope in dependency tree: {e}")
                 comment = ','.join(comment_list)
-                deps = ','.join(deps_list)
-
                 sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
-                                  '', '', comment, deps])
-
+                                  '', '', comment, deps_list])
+        sheet_list = self.change_dep_to_purl(sheet_list)
         return sheet_list

src/fosslight_dependency/package_manager/Cocoapods.py

@@ -92,11 +92,8 @@ def parse_oss_information(self, f_name):
                     else:
                         comment_list.append('transitive')
                     if f'{pod_oss_name_origin}({oss_version})' in self.relation_tree:
-                        rel_items = [f'{self.package_manager_name}:{ri}'
-                                     for ri in self.relation_tree[f'{pod_oss_name_origin}({oss_version})']]
-                        deps_list.extend(rel_items)
+                        deps_list.extend(self.relation_tree[f'{pod_oss_name_origin}({oss_version})'])
                 comment = ','.join(comment_list)
-                deps = ','.join(deps_list)
 
                 oss_name_report = f'{self.package_manager_name}:{pod_oss_name_origin}'
                 pod_oss_name = pod_oss_name_origin
@@ -138,10 +135,10 @@ def parse_oss_information(self, f_name):
                     logger.warning(f'{pod_oss_name_origin} has different version({pod_oss_version})\
                                    with spec version({oss_version})')
                 sheet_list.append([purl, oss_name_report, pod_oss_version, license_name, dn_loc, homepage,
-                                  '', '', comment, deps])
+                                  '', '', comment, deps_list])
             except Exception as e:
                 logger.warning(f"Fail to get {pod_oss_name_origin}:{e}")
-
+        sheet_list = self.change_dep_to_purl(sheet_list)
         return sheet_list
 
     def get_oss_in_podspec(self, spec_file_path):

src/fosslight_dependency/package_manager/Go.py

@@ -101,9 +101,7 @@ def parse_oss_information(self, f_name):
                         comment_list.append('direct')
 
                 if f'{package_path}({oss_version})' in self.relation_tree:
-                    rel_items = [f'{self.package_manager_name}:{ri}'
-                                 for ri in self.relation_tree[f'{package_path}({oss_version})']]
-                    deps_list.extend(rel_items)
+                    deps_list.extend(self.relation_tree[f'{package_path}({oss_version})'])
 
                 homepage_set = []
                 homepage = self.dn_url + package_path
@@ -149,8 +147,7 @@ def parse_oss_information(self, f_name):
                 continue
 
             comment = ','.join(comment_list)
-            deps = ','.join(deps_list)
             sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
-                              '', '', comment, deps])
-
+                              '', '', comment, deps_list])
+        sheet_list = self.change_dep_to_purl(sheet_list)
         return sheet_list

src/fosslight_dependency/package_manager/Gradle.py

@@ -91,11 +91,9 @@ def parse_oss_information(self, f_name):
                 except Exception as e:
                     logger.error(f"Fail to find oss scope in dependency tree: {e}")
             comment = ','.join(comment_list)
-            deps = ','.join(deps_list)
-
             sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
-                              '', '', comment, deps])
-
+                              '', '', comment, deps_list])
+        sheet_list = self.change_dep_to_purl(sheet_list)
         return sheet_list
 
 

src/fosslight_dependency/package_manager/Maven.py

@@ -253,9 +253,7 @@ def parse_oss_information(self, f_name):
                 except Exception as e:
                     logger.error(f"Fail to find oss scope in dependency tree: {e}")
             comment = ','.join(comment_list)
-            deps = ','.join(deps_list)
-
             sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
-                              '', '', comment, deps])
-
+                              '', '', comment, deps_list])
+        sheet_list = self.change_dep_to_purl(sheet_list)
         return sheet_list

src/fosslight_dependency/package_manager/Npm.py

@@ -197,24 +197,23 @@ def parse_oss_information(self, f_name):
                     comment_list.append('transitive')
 
                 if f'{oss_init_name}({oss_version})' in self.relation_tree:
-                    rel_items = [f'npm:{ri}' for ri in self.relation_tree[f'{oss_init_name}({oss_version})']]
-                    deps_list.extend(rel_items)
+                    deps_list.extend(self.relation_tree[f'{oss_init_name}({oss_version})'])
 
             manifest_file_path = os.path.join(package_path, const.SUPPORT_PACKAE.get(self.package_manager_name))
             multi_license, license_comment, multi_flag = check_multi_license(license_name, manifest_file_path)
 
             comment = ','.join(comment_list)
-            deps = ','.join(deps_list)
             if multi_flag:
                 comment = f'{comment}, {license_comment}'
-                sheet_list.append([purl, oss_name, oss_version, multi_license, dn_loc, homepage,
-                                  '', '', comment, deps])
+                license_name = multi_license
             else:
                 license_name = license_name.replace(",", "")
                 license_name = check_unknown_license(license_name, manifest_file_path)
-                sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
-                                  '', '', comment, deps])
 
+            sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
+                              '', '', comment, deps_list])
+
+        sheet_list = self.change_dep_to_purl(sheet_list)
         return sheet_list
 
 

src/fosslight_dependency/package_manager/Nuget.py

@@ -109,17 +109,14 @@ def parse_oss_information(self, f_name):
                         comment_list.append('transitive')
 
                     if f'{oss_origin_name}({oss_version})' in self.relation_tree:
-                        rel_items = [f'{self.package_manager_name}:{ri}'
-                                     for ri in self.relation_tree[f'{oss_origin_name}({oss_version})']]
-                        deps_list.extend(rel_items)
+                        deps_list.extend(self.relation_tree[f'{oss_origin_name}({oss_version})'])
 
                 comment = ','.join(comment_list)
-                deps = ','.join(deps_list)
-                sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, '', '', comment, deps])
+                sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage, '', '', comment, deps_list])
 
             except Exception as e:
                 logger.warning(f"Failed to parse oss information: {e}")
-
+        sheet_list = self.change_dep_to_purl(sheet_list)
         if os.path.isfile(tmp_license_txt_file_name):
             os.remove(tmp_license_txt_file_name)
 

src/fosslight_dependency/package_manager/Pub.py

@@ -155,16 +155,13 @@ def parse_oss_information(self, f_name):
                             comment_list.append('transitive')
 
                     if f'{oss_origin_name}({oss_version})' in self.relation_tree:
-                        rel_items = [f'{self.package_manager_name}:{ri}'
-                                     for ri in self.relation_tree[f'{oss_origin_name}({oss_version})']]
-                        deps_list.extend(rel_items)
+                        deps_list.extend(self.relation_tree[f'{oss_origin_name}({oss_version})'])
                 comment = ','.join(comment_list)
-                deps = ','.join(deps_list)
                 sheet_list.append([purl, oss_name, oss_version, license_name, dn_loc, homepage,
-                                  '', '', comment, deps])
+                                  '', '', comment, deps_list])
         except Exception as e:
             logger.error(f"Fail to parse pub oss information: {e}")
-
+        sheet_list = self.change_dep_to_purl(sheet_list)
         if os.path.isfile(tmp_license_txt_file_name):
             os.remove(tmp_license_txt_file_name)
 

src/fosslight_dependency/package_manager/Pypi.py

@@ -305,17 +305,14 @@ def parse_oss_information(self, f_name):
                     else:
                         comment_list.append('transitive')
                     if f'{oss_init_name}({oss_version})' in self.relation_tree:
-                        rel_items = [f'{self.package_manager_name}:{ri}'
-                                     for ri in self.relation_tree[f'{oss_init_name}({oss_version})']]
-                        deps_list.extend(rel_items)
+                        deps_list.extend(self.relation_tree[f'{oss_init_name}({oss_version})'])
                 comment = ','.join(comment_list)
-                deps = ','.join(deps_list)
                 sheet_list.append([purl, oss_name, oss_version,
-                                   license_name, dn_loc, homepage, '', '', comment, deps])
+                                   license_name, dn_loc, homepage, '', '', comment, deps_list])
 
         except Exception as ex:
             logger.warning(f"Fail to parse oss information: {oss_init_name}({ex})")
-
+        sheet_list = self.change_dep_to_purl(sheet_list)
         return sheet_list
 
     def get_dependencies(self, dependencies, package):