diff --git a/.github/workflows/west-commands.yml b/.github/workflows/west-commands.yml index fd11300fb20e..554e58cde05a 100644 --- a/.github/workflows/west-commands.yml +++ b/.github/workflows/west-commands.yml @@ -60,10 +60,24 @@ jobs: - name: Install requirements shell: bash run: | - pip3 install -r nrf/scripts/requirements-west-ncs-sbom.txt - pip3 install -r nrf/scripts/requirements-extra.txt + pip3 install -r nrf/scripts/requirements-fixed.txt - name: Smoke test ncs-loot & ncs-compare shell: bash run: | west ncs-loot -h west ncs-compare -h + - name: Smoke test ncs-sbom + # macOS is not supported by scancode-toolkit(used in ncs-sbom) + if: ${{ matrix.os == 'ubuntu-24.04' || matrix.os == 'windows-latest' }} + shell: bash + run: | + west ncs-sbom -h + + # create a dummy file + echo "/* SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */" > test_file.c + scancode --version + # run ncs-sbom with scancode-toolkit + west ncs-sbom \ + --input-files test_file.c \ + --license-detectors scancode-toolkit \ + --output-html scancode_report.html diff --git a/scripts/requirements-build.txt b/scripts/requirements-build.txt index 32166e6ab58a..6ffb2c4519f6 100644 --- a/scripts/requirements-build.txt +++ b/scripts/requirements-build.txt @@ -1,6 +1,6 @@ cbor2>=5.4.2.post1 clang-format -click==8.1.3 +click>=8.2.0 ecdsa grpcio-tools construct>=2.10.70 diff --git a/scripts/requirements-ci.txt b/scripts/requirements-ci.txt index e02fc4fde64a..db1b0ab6b69c 100644 --- a/scripts/requirements-ci.txt +++ b/scripts/requirements-ci.txt @@ -1,7 +1,7 @@ aenum bitarray chardet -gitlint==0.19.1 +gitlint-core==0.19.1 GitPython jsonschema milksnake diff --git a/scripts/requirements-fixed.txt b/scripts/requirements-fixed.txt index e495f279fbfa..964fa5153923 100644 --- a/scripts/requirements-fixed.txt +++ b/scripts/requirements-fixed.txt @@ -9,14 +9,18 @@ aenum==3.1.16 ; python_version >= "3.12" and python_version < "4.0" anytree==2.12.1 ; python_version >= "3.12" and python_version < "4" appdirs==1.4.4 ; python_version >= "3.12" and python_version < "4.0" +argparse-addons==0.12.0 ; python_version >= "3.12" and python_version < "4.0" arrow==1.2.3 ; python_version >= "3.12" and python_version < "4.0" +asn1crypto==1.5.1 ; python_version >= "3.12" and python_version < "4.0" astroid==3.3.10 ; python_version >= "3.12" and python_version < "4.0" attrs==25.3.0 ; python_version >= "3.12" and python_version < "4.0" -banal==1.0.6 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -beautifulsoup4==4.13.4 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -beautifulsoup4[chardet]==4.13.4 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +banal==1.0.6 ; python_version >= "3.12" and python_version < "4.0" +beartype==0.21.0 ; python_version >= "3.12" and python_version < "4.0" +beautifulsoup4[chardet]==4.13.4 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") binaryornot==0.4.4 ; python_version >= "3.12" and python_version < "4.0" +bincopy==20.1.0 ; python_version >= "3.12" and python_version < "4.0" bitarray==3.6.0 ; python_version >= "3.12" and python_version < "4.0" +bitstring==4.3.1 ; python_version >= "3.12" and python_version < "4.0" boolean-py==4.0 ; python_version >= "3.12" and python_version < "4.0" canopen==2.3.0 ; python_version >= "3.12" and python_version < "4.0" capstone==4.0.2 ; python_version >= "3.12" and python_version < "4.0" @@ -27,114 +31,126 @@ cffi==1.17.1 ; python_version >= "3.12" and python_version < "4.0" chardet==5.2.0 ; python_version >= "3.12" and python_version < "4.0" charset-normalizer==3.4.2 ; python_version >= "3.12" and python_version < "4.0" clang-format==17.0.1 ; python_version >= "3.12" and python_version < "4.0" -click==8.1.3 ; python_version >= "3.12" and python_version < "4.0" +click-command-tree==1.2.0 ; python_version >= "3.12" and python_version < "4.0" +click-option-group==0.5.7 ; python_version >= "3.12" and python_version < "4.0" +click==8.2.1 ; python_version >= "3.12" and python_version < "4.0" cmsis-pack-manager==0.5.2 ; python_version >= "3.12" and python_version < "4.0" colorama==0.4.6 ; python_version >= "3.12" and python_version < "4.0" coloredlogs==15.0.1 ; python_version >= "3.12" and python_version < "4.0" colorlog==6.9.0 ; python_version >= "3.12" and python_version < "4.0" -commoncode==32.0.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +commoncode==32.3.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") construct==2.10.70 ; python_version >= "3.12" and python_version < "4.0" -container-inspector==33.0.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +container-inspector==33.0.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") coverage==7.6.4 ; python_version >= "3.12" and python_version < "4.0" +crcmod==1.7 ; python_version >= "3.12" and python_version < "4.0" cryptography==45.0.4 ; python_version >= "3.12" and python_version < "4.0" -debian-inspector==31.1.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +debian-inspector==31.1.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +deepmerge==2.0 ; python_version >= "3.12" and python_version < "4.0" deprecated==1.2.14 ; python_version >= "3.12" and python_version < "4.0" dill==0.4.0 ; python_version >= "3.12" and python_version < "4.0" -dockerfile-parse==2.0.1 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +dockerfile-parse==2.0.1 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") docopt==0.6.2 ; python_version >= "3.12" and python_version < "4.0" -dparse2==0.7.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +dparse2==0.7.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") ecdsa==0.19.1 ; python_version >= "3.12" and python_version < "4.0" editdistance==0.8.1 ; python_version >= "3.12" and python_version < "4.0" -extractcode-7z==16.5.210531 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -extractcode-libarchive==3.5.1.210531 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -extractcode[full]==31.0.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -fasteners==0.19 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -fingerprints==1.2.3 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -ftfy==6.3.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +extractcode-7z==16.5.210531 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +extractcode-libarchive==3.5.1.210531 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +extractcode[full]==31.0.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +fasteners==0.19 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +fastjsonschema==2.20.0 ; python_version >= "3.12" and python_version < "4.0" +filelock==3.19.1 ; python_version >= "3.12" and python_version < "4.0" +fingerprints==1.2.3 ; python_version >= "3.12" and python_version < "4.0" +ftfy==6.3.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") gcovr==8.3 ; python_version >= "3.12" and python_version < "4.0" -gemfileparser2==0.9.4 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +gemfileparser2==0.9.4 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") gitdb==4.0.12 ; python_version >= "3.12" and python_version < "4.0" -gitlint-core[trusted-deps]==0.19.1 ; python_version >= "3.12" and python_version < "4.0" -gitlint==0.19.1 ; python_version >= "3.12" and python_version < "4.0" +gitlint-core==0.19.1 ; python_version >= "3.12" and python_version < "4.0" gitpython==3.1.44 ; python_version >= "3.12" and python_version < "4.0" graphviz==0.20.3 ; python_version >= "3.12" and python_version < "4.0" grpcio-tools==1.66.1 ; python_version >= "3.12" and python_version < "4.0" grpcio==1.73.0 ; python_version >= "3.12" and python_version < "4.0" -hidapi==0.14.0.post4 ; python_version >= "3.12" and python_version < "4.0" and platform_system != "Linux" +hexdump==3.3 ; python_version >= "3.12" and python_version < "4.0" +hidapi==0.14.0.post4 ; python_version >= "3.12" and python_version < "4.0" html5lib-modern==1.2 ; python_version >= "3.12" and python_version < "4.0" -html5lib==1.1 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +html5lib==1.1 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") humanfriendly==10.0 ; python_version >= "3.12" and python_version < "4.0" idna==3.10 ; python_version >= "3.12" and python_version < "4.0" imagesize==1.4.1 ; python_version >= "3.12" and python_version < "4.0" -importlib-metadata==8.7.0 ; python_version >= "3.12" and python_version < "4.0" +importlib-metadata==6.8.0 ; python_version >= "3.12" and python_version < "4.0" importlib-resources==6.5.2 ; python_version >= "3.12" and python_version < "4.0" iniconfig==2.1.0 ; python_version >= "3.12" and python_version < "4.0" -intbitset==3.1.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +intbitset==3.1.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") intelhex==2.3.0 ; python_version >= "3.12" and python_version < "4.0" intervaltree==3.1.0 ; python_version >= "3.12" and python_version < "4.0" isort==6.0.1 ; python_version >= "3.12" and python_version < "4.0" -jaraco-functools==4.1.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -javaproperties==0.8.1 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +jaraco-functools==4.1.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +javaproperties==0.8.1 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") jinja2==3.1.6 ; python_version >= "3.12" and python_version < "4.0" jsonschema-specifications==2025.4.1 ; python_version >= "3.12" and python_version < "4.0" jsonschema==4.24.0 ; python_version >= "3.12" and python_version < "4.0" -jsonstreams==0.6.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +jsonstreams==0.6.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") junit2html==31.0.2 ; python_version >= "3.12" and python_version < "4.0" junitparser==4.0.2 ; python_version >= "3.12" and python_version < "4.0" lark==1.2.2 ; python_version >= "3.12" and python_version < "4.0" libusb-package==1.0.26.1 ; python_version >= "3.12" and python_version < "4.0" libusb==1.0.28.post2 ; python_version >= "3.12" and python_version < "4.0" -license-expression==30.3.1 ; python_version >= "3.12" and python_version < "4.0" +libusbsio==2.1.13 ; python_version >= "3.12" and python_version < "4.0" +libuuu==1.5.233 ; python_version >= "3.12" and python_version < "4.0" +license-expression==30.4.4 ; python_version >= "3.12" and python_version < "4.0" lpc-checksum==3.0.0 ; python_version >= "3.12" and python_version < "4.0" lxml==5.4.0 ; python_version >= "3.12" and python_version < "4.0" markupsafe==3.0.2 ; python_version >= "3.12" and python_version < "4.0" matter-idl==1.0.0 ; python_version >= "3.12" and python_version < "4.0" mccabe==0.7.0 ; python_version >= "3.12" and python_version < "4.0" milksnake==0.1.6 ; python_version >= "3.12" and python_version < "4.0" -more-itertools==10.7.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +more-itertools==10.7.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") msgpack==1.0.5 ; python_version >= "3.12" and python_version < "4.0" and platform_system != "Windows" mypy-extensions==1.1.0 ; python_version >= "3.12" and python_version < "4.0" mypy==1.13.0 ; python_version >= "3.12" and python_version < "4.0" natsort==8.4.0 ; python_version >= "3.12" and python_version < "4.0" -normality==2.5.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +normality==2.5.0 ; python_version >= "3.12" and python_version < "4.0" nrf-regtool==9.2.1 ; python_version >= "3.12" and python_version < "4.0" nrfcredstore==1.0.0 ; python_version >= "3.12" and python_version < "4.0" numpy==2.3.0 ; python_version >= "3.12" and python_version < "4.0" -packageurl-python==0.16.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +opencv-python==4.11.0.86 ; python_version >= "3.12" and python_version < "4.0" +oscrypto==1.3.0 ; python_version >= "3.12" and python_version < "4.0" +packageurl-python==0.16.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") packaging==25.0 ; python_version >= "3.12" and python_version < "4.0" -packvers==21.5 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -parameter-expansion-patched==0.3.1 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +packvers==21.5 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +parameter-expansion-patched==0.3.1 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") pathspec==0.12.1 ; python_version >= "3.12" and python_version < "4.0" patool==3.0.3 ; python_version >= "3.12" and python_version < "4.0" -pdfminer-six==20240706 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -pefile==2024.8.26 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +pdfminer-six==20240706 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +pefile==2024.8.26 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") pillow==11.3.0 ; python_version >= "3.12" and python_version < "4.0" -pip-requirements-parser==32.0.1 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -pkg-about==1.3.6 ; python_version >= "3.12" and python_version < "4.0" -pkginfo2==30.0.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +pip-requirements-parser==32.0.1 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +pkg-about==2.0.1 ; python_version >= "3.12" and python_version < "4.0" +pkginfo2==30.0.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") platformdirs==4.3.8 ; python_version >= "3.12" and python_version < "4.0" +plotly==5.23.0 ; python_version >= "3.12" and python_version < "4.0" pluggy==1.6.0 ; python_version >= "3.12" and python_version < "4.0" -plugincode==32.0.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +plugincode==32.0.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") ply==3.11 ; python_version >= "3.12" and python_version < "4.0" polib==1.2.0 ; python_version >= "3.12" and python_version < "4.0" prettytable==3.16.0 ; python_version >= "3.12" and python_version < "4.0" protobuf==5.29.5 ; python_version >= "3.12" and python_version < "4.0" psutil==7.0.0 ; python_version >= "3.12" and python_version < "4.0" -publicsuffix2==2.20191221 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +publicsuffix2==2.20191221 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") py==1.11.0 ; python_version >= "3.12" and python_version < "4.0" -pyahocorasick==2.1.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +pyahocorasick==2.1.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +pyasn1==0.6.1 ; python_version >= "3.12" and python_version < "4.0" pycparser==2.22 ; python_version >= "3.12" and python_version < "4.0" pycryptodome==3.21.0 ; python_version >= "3.12" and python_version < "4.0" pyelftools==0.32 ; python_version >= "3.12" and python_version < "4.0" pygit2==1.17.0 ; python_version >= "3.12" and python_version < "4.0" pygithub==2.6.1 ; python_version >= "3.12" and python_version < "4.0" -pygmars==0.9.0 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +pygmars==1.0.0 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") pygments==2.19.1 ; python_version >= "3.12" and python_version < "4.0" pyjwt[crypto]==2.10.1 ; python_version >= "3.12" and python_version < "4.0" pykwalify==1.8.0 ; python_version >= "3.12" and python_version < "4.0" pylink-square==1.6.0 ; python_version >= "3.12" and python_version < "4.0" pylint==3.3.7 ; python_version >= "3.12" and python_version < "4.0" -pymaven-patch==0.3.2 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +pymaven-patch==0.3.2 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") pynacl==1.5.0 ; python_version >= "3.12" and python_version < "4.0" pyocd==0.35.1 ; python_version >= "3.12" and python_version < "4.0" pyparsing==3.2.3 ; python_version >= "3.12" and python_version < "4.0" @@ -149,7 +165,7 @@ python-magic-bin==0.4.14 ; python_version >= "3.12" and python_version < "4.0" a python-magic==0.4.27 ; python_version >= "3.12" and python_version < "4.0" and sys_platform != "win32" python-stdnum==2.1 ; python_version >= "3.12" and python_version < "4.0" pytz==2025.2 ; python_version >= "3.12" and python_version < "4.0" -pyusb==1.3.1 ; python_version >= "3.12" and python_version < "4.0" +pyusb==1.2.1 ; python_version >= "3.12" and python_version < "4.0" pywin32==306 ; platform_system == "Windows" and platform_python_implementation == "CPython" and python_version >= "3.12" and python_version < "4.0" pyyaml==6.0.2 ; python_version >= "3.12" and python_version < "4.0" qrcode==8.2 ; python_version >= "3.12" and python_version < "4.0" @@ -157,44 +173,55 @@ rdflib==7.1.0 ; python_version >= "3.12" and python_version < "4.0" referencing==0.36.2 ; python_version >= "3.12" and python_version < "4.0" regex==2024.11.6 ; python_version >= "3.12" and python_version < "4.0" requests==2.32.4 ; python_version >= "3.12" and python_version < "4.0" -requests[use-chardet-on-py3]==2.32.4 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +requests[use-chardet-on-py3]==2.32.4 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") reuse==5.0.2 ; python_version >= "3.12" and python_version < "4.0" rpds-py==0.26.0 ; python_version >= "3.12" and python_version < "4.0" -ruamel-yaml-clib==0.2.8 ; platform_python_implementation == "CPython" and python_version < "3.13" and python_version >= "3.12" +ruamel-yaml-clib==0.2.8 ; python_version >= "3.12" and python_version < "4.0" ruamel-yaml==0.18.6 ; python_version >= "3.12" and python_version < "4.0" ruff==0.11.11 ; python_version >= "3.12" and python_version < "4.0" -saneyaml==0.6.1 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -scancode-toolkit[full]==31.2.6 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +saneyaml==0.6.1 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +scancode-toolkit[full]==32.4.1 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +semantic-version==2.10.0 ; python_version >= "3.12" and python_version < "4.0" semver==3.0.4 ; python_version >= "3.12" and python_version < "4.0" +setuptools-scm==9.2.0 ; python_version >= "3.12" and python_version < "4.0" setuptools==80.9.0 ; python_version >= "3.12" and python_version < "4.0" sh==1.14.3 ; python_version >= "3.12" and python_version < "4.0" and sys_platform != "win32" six==1.17.0 ; python_version >= "3.12" and python_version < "4.0" +sly==0.5 ; python_version >= "3.12" and python_version < "4.0" smmap==5.0.2 ; python_version >= "3.12" and python_version < "4.0" sortedcontainers==2.4.0 ; python_version >= "3.12" and python_version < "4.0" -soupsieve==2.7 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -spdx-tools==0.7.0a3 ; python_version >= "3.12" and python_version < "4.0" +soupsieve==2.7 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +spdx-tools==0.8.2 ; python_version >= "3.12" and python_version < "4.0" sphinx-lint==1.0.0 ; python_version >= "3.12" and python_version < "4.0" +spsdk-mcu-link==0.5.0 ; python_version >= "3.12" and python_version < "4.0" +spsdk-pyocd==0.3.0 ; python_version >= "3.12" and python_version < "4.0" +spsdk==3.3.0 ; python_version >= "3.12" and python_version < "4.0" stringcase==1.2.0 ; python_version >= "3.12" and python_version < "4.0" svada==2.2.0 ; python_version >= "3.12" and python_version < "4.0" +t61codec==1.0.1 ; python_version >= "3.12" and python_version < "4.0" tabulate==0.9.0 ; python_version >= "3.12" and python_version < "4.0" -text-unidecode==1.3 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +tenacity==9.1.2 ; python_version >= "3.12" and python_version < "4.0" +text-unidecode==1.3 ; python_version >= "3.12" and python_version < "4.0" toml==0.10.2 ; python_version >= "3.12" and python_version < "4.0" tomlkit==0.13.3 ; python_version >= "3.12" and python_version < "4.0" tqdm==4.67.1 ; python_version >= "3.12" and python_version < "4.0" -typecode-libmagic==5.39.210531 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -typecode==30.0.2 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" -typecode[full]==30.0.2 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +typecode-libmagic==5.39.210531 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +typecode==30.0.2 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") +typecode[full]==30.0.2 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") typing-extensions==4.14.1 ; python_version >= "3.12" and python_version < "4.0" unidiff==0.7.5 ; python_version >= "3.12" and python_version < "4.0" +uritools==5.0.0 ; python_version >= "3.12" and python_version < "4.0" urllib3==2.5.0 ; python_version >= "3.12" and python_version < "4.0" -urlpy==0.5 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +urlpy==0.5 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") vermin==1.6.0 ; python_version >= "3.12" and python_version < "4.0" +wasmtime==24.0.0 ; python_version >= "3.12" and python_version < "4.0" wcwidth==0.2.13 ; python_version >= "3.12" and python_version < "4.0" -webencodings==0.5.1 ; python_version >= "3.12" and python_version < "4.0" and platform_machine == "x86_64" +webencodings==0.5.1 ; python_version >= "3.12" and python_version < "4.0" and (platform_machine == "x86_64" or platform_machine == "AMD64") west==1.4.0 ; python_version >= "3.12" and python_version < "4.0" wget==3.2 ; python_version >= "3.12" and python_version < "4.0" windows-curses==2.4.0 ; python_version >= "3.12" and python_version < "4.0" and sys_platform == "win32" wrapt==1.17.2 ; python_version >= "3.12" and python_version < "4.0" +x690==1.0.0.post2+nordic ; python_version >= "3.12" and python_version < "4.0" xmltodict==0.14.2 ; python_version >= "3.12" and python_version < "4.0" yamllint==1.35.1 ; python_version >= "3.12" and python_version < "4.0" zcbor==0.8.1 ; python_version >= "3.12" and python_version < "4.0" diff --git a/scripts/requirements-west-ncs-sbom.txt b/scripts/requirements-west-ncs-sbom.txt index fc77e2600db6..eeb8a96f8566 100644 --- a/scripts/requirements-west-ncs-sbom.txt +++ b/scripts/requirements-west-ncs-sbom.txt @@ -1,2 +1,4 @@ jinja2 -scancode-toolkit[full]==31.2.6 ; platform_machine == "x86_64" +scancode-toolkit[full]==32.4.1 ; platform_machine == "x86_64" or platform_machine == "AMD64" +fingerprints==1.2.3 +normality==2.5.0 diff --git a/scripts/west_commands/sbom/scancode_toolkit_detector.py b/scripts/west_commands/sbom/scancode_toolkit_detector.py index 3819d9844234..b6bab6cd6769 100644 --- a/scripts/west_commands/sbom/scancode_toolkit_detector.py +++ b/scripts/west_commands/sbom/scancode_toolkit_detector.py @@ -67,9 +67,9 @@ def detect(data: Data, optional: bool): current = result['files'][0] if 'licenses' in current: - licenses = result['files'][0]['licenses'] + licenses = current['licenses'] elif 'license_detections' in current: - licenses = result['files'][0]['license_detections'] + licenses = current['license_detections'] else: print('No license information for {}'.format(current['path'])) continue @@ -81,11 +81,25 @@ def detect(data: Data, optional: bool): friendly_id = i['spdx_license_key'] elif 'key' in i and i['key'] != '': friendly_id = i['key'] + elif 'license_expression_spdx' in i and i['license_expression_spdx'] != '': + friendly_id = i['license_expression_spdx'] + elif 'license_expression' in i and i['license_expression'] != '': + friendly_id = i['license_expression'] id = friendly_id.upper() - if id in ('UNKNOWN-SPDX', 'LICENSEREF-SCANCODE-UNKNOWN-SPDX'): - friendly_id = re.sub(r'SPDX-License-Identifier:', '', i['matched_text'], - flags=re.I).strip() - id = friendly_id.upper() + if id in ('UNKNOWN-SPDX', 'LICENSEREF-SCANCODE-UNKNOWN-SPDX') or id == '': + matched_text = None + if 'matched_text' in i: + matched_text = i['matched_text'] + elif 'matches' in i and isinstance(i['matches'], list): + matched_text = next((match.get('matched_text') + for match in i['matches'] + if match.get('matched_text') is not None), None) + if matched_text: + friendly_id = re.sub(r'SPDX-License-Identifier:', '', matched_text, + flags=re.I).strip() + friendly_id = friendly_id.rstrip('*/').strip() + friendly_id = friendly_id.lstrip('/*').strip() + id = friendly_id.upper() if id == '': log.wrn(f'Invalid response from scancode-toolkit, file: {file.file_path}') continue