From 63a150379e17acfaa0406621d7d44a6331f48bbb Mon Sep 17 00:00:00 2001 From: "jiyeong.seok" Date: Thu, 16 Jan 2025 19:53:36 +0900 Subject: [PATCH] Distinguish the origin of the pub package Signed-off-by: jiyeong.seok --- requirements.txt | 1 + .../package_manager/Pub.py | 40 ++++++++++--------- 2 files changed, 22 insertions(+), 19 deletions(-) diff --git a/requirements.txt b/requirements.txt index bfc81e8c..c68bb08a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -11,3 +11,4 @@ defusedxml packageurl-python igraph matplotlib +pyaskalono diff --git a/src/fosslight_dependency/package_manager/Pub.py b/src/fosslight_dependency/package_manager/Pub.py index 05936f13..0469f87a 100644 --- a/src/fosslight_dependency/package_manager/Pub.py +++ b/src/fosslight_dependency/package_manager/Pub.py @@ -10,10 +10,11 @@ import shutil import yaml import subprocess +from askalono import identify import fosslight_util.constant as constant import fosslight_dependency.constant as const from fosslight_dependency._package_manager import PackageManager -from fosslight_dependency._package_manager import check_and_run_license_scanner, get_url_to_purl +from fosslight_dependency._package_manager import get_url_to_purl from fosslight_dependency.dependency_item import DependencyItem, change_dependson_to_purl from fosslight_util.oss_item import OssItem @@ -27,6 +28,7 @@ class Pub(PackageManager): input_file_name = 'tmp_flutter_oss_licenses.json' tmp_dir = "fl_dependency_tmp_dir" cur_path = '' + pkg_source_list = {} def __init__(self, input_dir, output_dir): super().__init__(self.package_manager_name, self.dn_url, input_dir, output_dir) @@ -92,6 +94,7 @@ def parse_pub_deps_file(self, rel_json): if dep_key not in self.relation_tree: self.relation_tree[dep_key] = [] self.relation_tree[dep_key].extend(p['dependencies']) + self.pkg_source_list[dep_key] = p['source'] for i in self.relation_tree: tmp_dep = [] @@ -110,10 +113,9 @@ def parse_oss_information(self, f_name): with open(f_name, 'r', encoding='utf8') as pub_file: json_f = json.load(pub_file) - try: - purl_dict = {} - - for json_data in json_f: + purl_dict = {} + for json_data in json_f: + try: dep_item = DependencyItem() oss_item = OssItem() oss_origin_name = json_data['name'] @@ -133,18 +135,9 @@ def parse_oss_information(self, f_name): purl_dict[f'{oss_origin_name}({oss_item.version})'] = dep_item.purl license_txt = json_data['license'] if license_txt is not None: - tmp_license_txt = open(tmp_license_txt_file_name, 'w', encoding='utf-8') - tmp_license_txt.write(license_txt) - tmp_license_txt.close() - - license_name_with_license_scanner = check_and_run_license_scanner(self.platform, - self.license_scanner_bin, - tmp_license_txt_file_name) - - if license_name_with_license_scanner != "": - oss_item.license = license_name_with_license_scanner - else: - oss_item.license = '' + detect_askalono = identify(license_txt) + if detect_askalono.score > 0.7: + oss_item.license = detect_askalono.name if self.direct_dep: if oss_origin_name not in self.total_dep_list: @@ -159,11 +152,20 @@ def parse_oss_information(self, f_name): if f'{oss_origin_name}({oss_item.version})' in self.relation_tree: dep_item.depends_on_raw = self.relation_tree[f'{oss_origin_name}({oss_item.version})'] + if f'{oss_origin_name}({oss_item.version})' in self.pkg_source_list: + pkg_source = self.pkg_source_list[f'{oss_origin_name}({oss_item.version})'] + if pkg_source in ['git', 'path']: + oss_item.download_location = json_data['repository'] + if oss_item.download_location is None: + oss_item.download_location = json_data['homepage'] + if oss_item.download_location is None: + oss_item.download_location = '' + oss_item.comment = pkg_source dep_item.oss_items.append(oss_item) self.dep_items.append(dep_item) - except Exception as e: - logger.error(f"Fail to parse pub oss information: {e}") + except Exception as e: + logger.error(f"Fail to parse pub oss information: {e}") if self.direct_dep: self.dep_items = change_dependson_to_purl(purl_dict, self.dep_items)