@@ -49,6 +49,7 @@ def correct_with_yaml(correct_filepath, path_to_scan, scanner_oss_list):
4949 continue
5050 correct_contents = copy .deepcopy (sheet_contents )
5151 scanner_name = constant .supported_sheet_and_scanner [sheet_name ]
52+ matched_source_path_with_sbom = []
5253 for idx , oss_raw_item in enumerate (sheet_contents ):
5354 if len (oss_raw_item ) < 9 :
5455 logger .warning (f"sheet list is too short ({ len (oss_raw_item )} { oss_raw_item } )
@@ -57,33 +58,39 @@ def correct_with_yaml(correct_filepath, path_to_scan, scanner_oss_list):
5758 oss_item .set_sheet_item (oss_raw_item , scanner_name )
5859
5960 matched_yi = []
60- oss_rel_path = os .path .normpath (os .path .join (rel_path , oss_item .source_name_or_path [0 ]))
61- for y_idx , yi in enumerate (yaml_oss_list ):
62- if not yi .source_name_or_path :
63- continue
64- for ys_idx , yi_path in enumerate (yi .source_name_or_path ):
65- yi_item = copy .deepcopy (yi )
66- if ((os .path .normpath (yi_path ) == os .path .normpath (oss_rel_path ))
67- or ((os .path .normpath (oss_rel_path ).startswith (os .path .normpath (yi_path .rstrip ('*' )))))):
68- find_match = True
69- yi_item .source_name_or_path = []
70- yi_item .source_name_or_path = oss_item .source_name_or_path [0 ]
71- matched_yi .append (yi_item )
72- matched_yaml [y_idx ][ys_idx ] = 1
73- if len (matched_yi ) > 0 :
74- for matched_yi_item in matched_yi :
75- matched_oss_item = copy .deepcopy (matched_yi_item )
76- if matched_oss_item .comment :
77- matched_oss_item .comment += '/'
78- matched_oss_item .comment += 'Loaded from sbom-info.yaml'
79-
80- if sheet_name == 'BIN_FL_Binary' :
81- matched_oss_item .bin_vulnerability = oss_item .bin_vulnerability
82- matched_oss_item .bin_tlsh = oss_item .bin_tlsh
83- matched_oss_item .bin_sha1 = oss_item .bin_sha1
84-
85- matched_oss_array = matched_oss_item .get_print_array (scanner_name )[0 ]
86- correct_contents .append (matched_oss_array )
61+ if not oss_item .source_name_or_path [0 ] in matched_source_path_with_sbom :
62+ oss_rel_path = os .path .normpath (os .path .join (rel_path , oss_item .source_name_or_path [0 ]))
63+ for y_idx , yi in enumerate (yaml_oss_list ):
64+ if not yi .source_name_or_path :
65+ continue
66+ for ys_idx , yi_path in enumerate (yi .source_name_or_path ):
67+ yi_item = copy .deepcopy (yi )
68+ if ((os .path .normpath (yi_path ) == os .path .normpath (oss_rel_path )) or
69+ ((os .path .normpath (oss_rel_path ).startswith (os .path .normpath (yi_path .rstrip ('*' )))))):
70+ find_match = True
71+ yi_item .source_name_or_path = []
72+ yi_item .source_name_or_path = oss_item .source_name_or_path [0 ]
73+ matched_source_path_with_sbom .append (oss_item .source_name_or_path [0 ])
74+ matched_yi .append (yi_item )
75+ matched_yaml [y_idx ][ys_idx ] = 1
76+ if len (matched_yi ) > 0 :
77+ for matched_yi_item in matched_yi :
78+ matched_oss_item = copy .deepcopy (matched_yi_item )
79+ if matched_oss_item .comment :
80+ matched_oss_item .comment += '/'
81+ matched_oss_item .comment += 'Loaded from sbom-info.yaml'
82+ if sheet_name == 'BIN_FL_Binary' :
83+ matched_oss_item .bin_vulnerability = oss_item .bin_vulnerability
84+ matched_oss_item .bin_tlsh = oss_item .bin_tlsh
85+ matched_oss_item .bin_sha1 = oss_item .bin_sha1
86+ matched_oss_array = matched_oss_item .get_print_array (scanner_name )[0 ]
87+ correct_contents .append (matched_oss_array )
88+ oss_item .exclude = True
89+ if oss_item .comment :
90+ oss_item .comment += '/'
91+ oss_item .comment += 'Excluded by sbom-info.yaml'
92+ correct_contents [idx ] = oss_item .get_print_array (scanner_name )[0 ]
93+ else :
8794 oss_item .exclude = True
8895 if oss_item .comment :
8996 oss_item .comment += '/'
0 commit comments