Skip to content

Commit 3f03aca

Browse files
dd-jydd-jy
committed
Download with latest if version not exists
Signed-off-by: 석지영/책임연구원/SW공학(연)Open Source TP <[email protected]>
1 parent c96eec2 commit 3f03aca

File tree

1 file changed

+74
-8
lines changed

1 file changed

+74
-8
lines changed

src/fosslight_util/_get_downloadable_url.py

Lines changed: 74 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,43 @@
1313
logger = logging.getLogger(constant.LOGGER_NAME)
1414

1515

16+
def version_exists(pkg_type, origin_name, version):
17+
try:
18+
if pkg_type in ['npm', 'npm2']:
19+
r = requests.get(f"https://registry.npmjs.org/{origin_name}", timeout=5)
20+
if r.status_code == 200:
21+
data = r.json()
22+
return version in data.get('versions', {})
23+
elif pkg_type == 'pypi':
24+
r = requests.get(f"https://pypi.org/pypi/{origin_name}/{version}/json", timeout=5)
25+
return r.status_code == 200
26+
elif pkg_type == 'maven':
27+
r = requests.get(f'https://api.deps.dev/v3alpha/systems/maven/packages/{origin_name}', timeout=5)
28+
if r.status_code == 200:
29+
versions = r.json().get('versions', [])
30+
for vobj in versions:
31+
vkey = vobj.get('versionKey') or {}
32+
if vkey.get('version') == version:
33+
return True
34+
return False
35+
elif pkg_type == 'pub':
36+
r = requests.get(f'https://pub.dev/api/packages/{origin_name}', timeout=5)
37+
if r.status_code == 200:
38+
versions = r.json().get('versions', [])
39+
return any(v.get('version') == version for v in versions if isinstance(v, dict))
40+
elif pkg_type == 'go':
41+
if not version.startswith('v'):
42+
version = f'v{version}'
43+
r = requests.get(f'https://proxy.golang.org/{origin_name}/@v/list', timeout=5)
44+
if r.status_code == 200:
45+
listed = r.text.splitlines()
46+
return version in listed
47+
except Exception as e:
48+
logger.info(f'version_exists check failed ({pkg_type}:{origin_name}:{version}) {e}')
49+
return True
50+
return False
51+
52+
1653
def extract_name_version_from_link(link, checkout_version):
1754
oss_name = ""
1855
oss_version = ""
@@ -52,14 +89,36 @@ def extract_name_version_from_link(link, checkout_version):
5289
oss_version = match.group(2)
5390
except Exception as ex:
5491
logger.info(f"extract_name_version_from_link {key}:{ex}")
55-
if oss_name and (not oss_version):
56-
if checkout_version:
57-
oss_version = checkout_version
58-
elif key in ["pypi", "maven", "npm", "npm2", "pub", "go"]:
59-
oss_version = get_latest_package_version(link, key, origin_name)
92+
if oss_name:
93+
# Priority: 1) detected oss_version 2) checkout_version 3) latest
94+
need_latest = False
95+
96+
if not oss_version and checkout_version:
97+
oss_version = checkout_version.strip()
98+
if key in ["pypi", "maven", "npm", "npm2", "pub", "go"]:
99+
if oss_version:
100+
try:
101+
if not version_exists(key, origin_name, oss_version):
102+
logger.info(f'Version {oss_version} not found for {oss_name}; will attempt latest fallback')
103+
need_latest = True
104+
except Exception as _e:
105+
logger.info(f'Version validation failed ({oss_name}:{oss_version}) {_e}; will attempt latest fallback')
106+
need_latest = True
107+
else:
108+
need_latest = True
109+
if need_latest:
110+
latest_ver = get_latest_package_version(link, key, origin_name)
111+
if latest_ver:
112+
if oss_version and latest_ver != oss_version:
113+
logger.info(f'Fallback to latest version {latest_ver} (previous invalid: {oss_version})')
114+
elif not oss_version:
115+
logger.info(f'Using latest version {latest_ver} (no version detected)')
116+
oss_version = latest_ver
60117
if oss_version:
61-
link = get_new_link_with_version(link, key, origin_name, oss_version)
62-
logger.info(f'Try to download with the latest version:{link}')
118+
try:
119+
link = get_new_link_with_version(link, key, origin_name, oss_version)
120+
except Exception as _e:
121+
logger.info(f'Failed to build versioned link for {oss_name}:{oss_version} {_e}')
63122
matched = True
64123
break
65124
if not matched:
@@ -78,6 +137,8 @@ def get_new_link_with_version(link, pkg_type, oss_name, oss_version):
78137
elif pkg_type == "pub":
79138
link = f'https://pub.dev/packages/{oss_name}/versions/{oss_version}'
80139
elif pkg_type == "go":
140+
if not oss_version.startswith('v'):
141+
oss_version = f'v{oss_version}'
81142
link = f'https://pkg.go.dev/{oss_name}@{oss_version}'
82143
elif pkg_type == "cargo":
83144
link = f'https://crates.io/crates/{oss_name}/{oss_version}'
@@ -97,7 +158,10 @@ def get_latest_package_version(link, pkg_type, oss_name):
97158
elif pkg_type == 'maven':
98159
maven_response = requests.get(f'https://api.deps.dev/v3alpha/systems/maven/packages/{oss_name}')
99160
if maven_response.status_code == 200:
100-
find_version = maven_response.json().get('versions')[-1].get('versionKey').get('version')
161+
versions = maven_response.json().get('versions', [])
162+
if versions:
163+
cand = max(versions, key=lambda v: v.get('publishedAt', ''))
164+
find_version = cand.get('versionKey', {}).get('version', '')
101165
elif pkg_type == 'pub':
102166
pub_response = requests.get(f'https://pub.dev/api/packages/{oss_name}')
103167
if pub_response.status_code == 200:
@@ -106,6 +170,8 @@ def get_latest_package_version(link, pkg_type, oss_name):
106170
go_response = requests.get(f'https://proxy.golang.org/{oss_name}/@latest')
107171
if go_response.status_code == 200:
108172
find_version = go_response.json().get('Version')
173+
if find_version.startswith('v'):
174+
find_version = find_version[1:]
109175
except Exception as e:
110176
logger.info(f'Fail to get latest package version({link}:{e})')
111177
return find_version

0 commit comments

Comments
 (0)