Support cycloneDx format (#204)

Signed-off-by: jiyeong.seok <[email protected]>

Author: dd-jy

requirements.txt

@@ -15,4 +15,4 @@ numpy>=1.22.2; python_version >= '3.8'
 npm
 requests
 GitPython
-cyclonedx-python-lib==8.5.0
+cyclonedx-python-lib==8.5.*;sys_platform=="linux"

src/fosslight_util/output_format.py

@@ -183,14 +183,15 @@ def write_output_file(output_file_without_ext: str, file_extension: str, scan_it
             success, msg = write_opossum(result_file, scan_item)
         elif format == 'yaml':
             success, msg, _ = write_yaml(result_file, scan_item, False)
-        elif format.startswith('spdx'):
+        elif format.startswith('spdx') or format.startswith('cyclonedx'):
             if platform.system() == 'Windows' or platform.system() == 'Darwin':
                 success = False
                 msg = f'{platform.system()} not support spdx format.'
             else:
-                success, msg, _ = write_spdx(output_file_without_ext, file_extension, scan_item, spdx_version)
-        elif format.startswith('cyclonedx'):
-            success, msg, _ = write_cyclonedx(output_file_without_ext, file_extension, scan_item)
+                if format.startswith('spdx'):
+                    success, msg, _ = write_spdx(output_file_without_ext, file_extension, scan_item, spdx_version)
+                elif format.startswith('cyclonedx'):
+                    success, msg, _ = write_cyclonedx(output_file_without_ext, file_extension, scan_item)
     else:
         if file_extension == '.xlsx':
             success, msg = write_result_to_excel(result_file, scan_item, extended_header, hide_header)

src/fosslight_util/write_cyclonedx.py

@@ -17,22 +17,24 @@
 from fosslight_util.oss_item import CHECKSUM_NULL, get_checksum_sha1
 from packageurl import PackageURL
 import traceback
-from cyclonedx.builder.this import this_component as cdx_lib_component
-from cyclonedx.exception import MissingOptionalDependencyException
-from cyclonedx.factory.license import LicenseFactory
-from cyclonedx.model import XsUri, ExternalReferenceType
-from cyclonedx.model.bom import Bom
-from cyclonedx.model.component import Component, ComponentType, HashAlgorithm, HashType, ExternalReference
-from cyclonedx.model.contact import OrganizationalEntity
-from cyclonedx.output import make_outputter, BaseOutput
-from cyclonedx.output.json import JsonV1Dot6
-from cyclonedx.schema import OutputFormat, SchemaVersion
-from cyclonedx.validation import make_schemabased_validator
-from cyclonedx.validation.json import JsonStrictValidator
-from cyclonedx.output.json import Json as JsonOutputter
-from cyclonedx.output.xml import Xml as XmlOutputter
-from cyclonedx.validation.xml import XmlValidator
-
+try:
+    from cyclonedx.builder.this import this_component as cdx_lib_component
+    from cyclonedx.exception import MissingOptionalDependencyException
+    from cyclonedx.factory.license import LicenseFactory
+    from cyclonedx.model import XsUri, ExternalReferenceType
+    from cyclonedx.model.bom import Bom
+    from cyclonedx.model.component import Component, ComponentType, HashAlgorithm, HashType, ExternalReference
+    from cyclonedx.model.contact import OrganizationalEntity
+    from cyclonedx.output import make_outputter, BaseOutput
+    from cyclonedx.output.json import JsonV1Dot6
+    from cyclonedx.schema import OutputFormat, SchemaVersion
+    from cyclonedx.validation import make_schemabased_validator
+    from cyclonedx.validation.json import JsonStrictValidator
+    from cyclonedx.output.json import Json as JsonOutputter
+    from cyclonedx.output.xml import Xml as XmlOutputter
+    from cyclonedx.validation.xml import XmlValidator
+except Exception:
+    logger.info('No import cyclonedx-python-lib')
 logger = logging.getLogger(LOGGER_NAME)