Exemple #1
0
def parse(location):
    """
    Return a Nuget package from a nuspec file at location.
    Return None if this is not a parsable nuspec.
    """
    nuspec = parse_nuspec(location)
    if not nuspec:
        return
    asserted_license = models.AssertedLicense(url=nuspec.get('licenseUrl'))

    authors = [models.Party(
        name=nuspec.get('authors'))] if nuspec.get('authors') else []
    owners = [models.Party(
        name=nuspec.get('owners'))] if nuspec.get('owners') else []

    package = NugetPackage(
        location=location,
        name=nuspec.get('id'),
        version=nuspec.get('version'),
        summary=nuspec.get('title'),
        description=nuspec.get('description'),
        homepage_url=nuspec.get('projectUrl'),
        authors=authors,
        owners=owners,
        asserted_licenses=[asserted_license],
        copyrights=[nuspec.get('copyright')],
    )
    return package
def licensing_mapper(licenses, package):
    """
    Update package licensing and return package.
    Licensing data structure has evolved over time and is a tad messy.
    https://getcomposer.org/doc/04-schema.md#license
    licenses is either:
    - a string with:
     - an SPDX id or expression {  "license": "(LGPL-2.1 or GPL-3.0+)" }
    - array:
        "license": [
           "LGPL-2.1",
           "GPL-3.0+"
        ]
        """
    if not licenses:
        return package

    if isinstance(licenses, basestring):
        package.asserted_licenses.append(
            models.AssertedLicense(license=licenses))
    elif isinstance(licenses, list):
        """
        "license": [
               "LGPL-2.1",
               "GPL-3.0+"
            ]
        """
        for lic in licenses:
            if isinstance(lic, basestring):
                package.asserted_licenses.append(
                    models.AssertedLicense(license=lic))
            else:
                # use the bare repr
                if lic:
                    package.asserted_licenses.append(
                        models.AssertedLicense(license=repr(lic)))

    else:
        # use the bare repr
        package.asserted_licenses.append(
            models.AssertedLicense(license=repr(licenses)))

    return package
Exemple #3
0
def parse(location):
    """
    Parse a pom file at location and return a Package or None.
    """
    if not location.endswith('pom.xml') or location.endswith('.pom'):
        return

    pom = parse_pom(location)

    def get_val(key):
        val = pom.get(key)
        if not val:
            return
        if isinstance(val, list) and len(val) == 1:
            return val[0]
        else:
            return u'\n'.join(val)

    group_artifact = ':'.join([get_val('maven_component_group_id'), get_val('maven_component_artifact_id')])

    # FIXME: the way we collect nested tags is entirely WRONG, especially for licenses
    # attempt to align licenses for now
    licenses = izip_longest(
        pom['maven_license'],
        pom['maven_license_url'],
        pom['maven_license_comments'],
    )
    licenses = [models.AssertedLicense(license=lic, url=url, notice=comments)
                for lic, url, comments in licenses]

    authors = izip_longest(
        pom['maven_developer_name'],
        pom['maven_developer_email'],
    )
    authors = [models.Party(type=models.party_person, name=name, email=email) for name, email in authors]

    orgs = izip_longest(
        pom['maven_organization_name'],
        pom['maven_organization_url'],
    )
    orgs = [models.Party(type=models.party_org, name=name, url=url) for name, url in orgs]

    package = MavenJar(
        location=location,
        name=group_artifact,
        # FIXME: this is not right: name and identifier should be storable
        summary=get_val('maven_project_name'),
        version=get_val('maven_component_version'),
        homepage_url=get_val('maven_project_url'),
        description=get_val('maven_project_description'),
        asserted_licenses=licenses,
        authors=authors,
        owners=orgs,
    )
    return package
Exemple #4
0
def licensing_mapper(licenses, package):
    """
    Update package licensing and return package.
    Licensing data structure has evolved over time and is a tad messy.
    https://docs.npmjs.com/files/package.json#license
    licenses is either:
    - a string with:
     - an SPDX id or expression { "license" : "(ISC OR GPL-3.0)" }
     - some license name or id
     - "SEE LICENSE IN <filename>"
    - (Deprecated) an array or a list of arrays of type, url.
    """
    if not licenses:
        return package

    if isinstance(licenses, basestring):
        package.asserted_licenses.append(
            models.AssertedLicense(license=licenses))

    elif isinstance(licenses, dict):
        """
         "license": {
            "type": "MIT",
            "url": "http://github.com/kriskowal/q/raw/master/LICENSE"
          }
        """
        package.asserted_licenses.append(
            models.AssertedLicense(license=licenses.get('type'),
                                   url=licenses.get('url')))

    elif isinstance(licenses, list):
        """
        "licenses": ["type": "Apache License, Version 2.0",
                      "url": "http://www.apache.org/licenses/LICENSE-2.0" } ]
        or
        "licenses": ["MIT"],
        """
        # TODO: handle multiple values
        for lic in licenses:
            if isinstance(lic, basestring):
                package.asserted_licenses.append(
                    models.AssertedLicense(license=lic))
            elif isinstance(lic, dict):
                package.asserted_licenses.append(
                    models.AssertedLicense(license=lic.get('type'),
                                           url=lic.get('url')))
            else:
                # use the bare repr
                if lic:
                    package.asserted_licenses.append(
                        models.AssertedLicense(license=repr(lic)))

    else:
        # use the bare repr
        package.asserted_licenses.append(
            models.AssertedLicense(license=repr(licenses)))

    return package
Exemple #5
0
def parse(location):
    """
    Return an RpmPackage object for the file at location or None if the file is
    not an RPM.
    """
    infos = info(location, include_desc=True)
    logger_debug('parse: infos', infos)
    if not infos:
        return

    epoch = int(infos.epoch) if infos.epoch else None

    asserted_licenses = []
    if infos.license:
        asserted_licenses = [models.AssertedLicense(license=infos.license)]

    related_packages = []
    if infos.source_rpm:
        epoch, name, version, release, _arch = nevra.from_name(
            infos.source_rpm)
        evr = EVR(version, release, epoch)
        related_packages = [
            RPMRelatedPackage(name=name,
                              version=evr,
                              payload_type=models.payload_src)
        ]

    package = RpmPackage(summary=infos.summary,
                         description=infos.description,
                         name=infos.name,
                         version=EVR(version=infos.version,
                                     release=infos.release,
                                     epoch=epoch or None),
                         homepage_url=infos.url,
                         distributors=[models.Party(name=infos.distribution)],
                         vendors=[models.Party(name=infos.vendor)],
                         asserted_licenses=asserted_licenses,
                         related_packages=related_packages)
    return package
Exemple #6
0
def licensing_mapper(licenses, package):
    """
    Update package licensing and return package.
    Licensing data structure has evolved over time and is a tad messy.
    https://getcomposer.org/doc/04-schema.md#license
    licenses is either:
    - a string with:
     - an SPDX id or expression {  "license": "(LGPL-2.1 or GPL-3.0+)" }
    - array:
        "license": [
           "LGPL-2.1",
           "GPL-3.0+"
        ]
        """
    if not licenses:
        return package

    if isinstance(licenses, list):
        # For a package, when there is a choice between licenses
        # ("disjunctive license"), multiple can be specified as array.
        """
        "license": [
               "LGPL-2.1",
               "GPL-3.0+"
            ]
        """
        # build a proper license expression
        lics = [l.strip() for l in licenses if l and l.strip()]
        lics = ' OR '.join(lics)

    elif not isinstance(licenses, basestring):
        lics = repr(licenses)
    else:
        lics = licenses

    package.asserted_licenses.append(models.AssertedLicense(license=lics))
    return package
Exemple #7
0
def parse(location):
    """
    Parse a pom file at location and return a Package or None.
    """
    mavenpom = _get_mavenpom(location, check_is_pom=True)
    if not mavenpom:
        return

    pom = mavenpom.to_dict()

    licenses = []
    for lic in pom['licenses']:
        licenses.append(
            models.AssertedLicense(license=lic['name'],
                                   url=lic['url'],
                                   notice=lic['comments']))

    # FIXME: we are skipping all the organization related fields, roles and the id
    authors = []
    for dev in pom['developers']:
        authors.append(
            models.Party(
                type=models.party_person,
                name=dev['name'],
                email=dev['email'],
                url=dev['url'],
            ))

    # FIXME: we are skipping all the organization related fields and roles
    contributors = []
    for cont in pom['contributors']:
        contributors.append(
            models.Party(
                type=models.party_person,
                name=cont['name'],
                email=cont['email'],
                url=cont['url'],
            ))

    name = pom['organization_name']
    url = pom['organization_url']
    if name or url:
        owners = [models.Party(type=models.party_org, name=name, url=url)]
    else:
        owners = []

    dependencies = OrderedDict()
    for scope, deps in pom['dependencies'].items():
        scoped_deps = dependencies[scope] = []
        for dep in deps:
            scoped_deps.append(
                models.Dependency(
                    name='{group_id}:{artifact_id}'.format(**dep),
                    version_constraint=dep['version'],
                ))

    # FIXME: there are still a lot of other data to map in a Package
    package = MavenJar(
        location=location,
        name='{group_id}:{artifact_id}'.format(**pom),
        version=pom['version'],
        summary=pom['name'],
        description=pom['description'],
        homepage_url=pom['url'],
        asserted_licenses=licenses,
        authors=authors,
        owners=owners,
        contributors=contributors,
        dependencies=dependencies,
    )
    return package
Exemple #8
0
def parse(location=None, text=None, check_is_pom=True, extra_properties=None):
    """
    Return a Package or None.
    Parse a pom file at `location` or using the provided `text` (one or
    the other but not both).
    Check if the location is a POM if `check_is_pom` is True.
    When resolving the POM, use an optional `extra_properties` mapping
    of name/value pairs to resolve properties.
    """
    mavenpom = _get_mavenpom(location, text, check_is_pom, extra_properties)
    if not mavenpom:
        return

    pom = mavenpom.to_dict()

    licenses = []
    for lic in pom['licenses']:
        licenses.append(
            models.AssertedLicense(license=lic['name'],
                                   url=lic['url'],
                                   notice=lic['comments']))

    # FIXME: we are skipping all the organization related fields, roles and the id
    authors = []
    for dev in pom['developers']:
        authors.append(
            models.Party(
                type=models.party_person,
                name=dev['name'],
                email=dev['email'],
                url=dev['url'],
            ))

    # FIXME: we are skipping all the organization related fields and roles
    contributors = []
    for cont in pom['contributors']:
        contributors.append(
            models.Party(
                type=models.party_person,
                name=cont['name'],
                email=cont['email'],
                url=cont['url'],
            ))

    name = pom['organization_name']
    url = pom['organization_url']
    if name or url:
        owners = [models.Party(type=models.party_org, name=name, url=url)]
    else:
        owners = []

    dependencies = OrderedDict()
    for scope, deps in pom['dependencies'].items():
        scoped_deps = dependencies[scope] = []
        for dep in deps:
            scoped_deps.append(
                models.Dependency(
                    name='{group_id}:{artifact_id}'.format(**dep),
                    version_constraint=dep['version'],
                ))

    # FIXME: there are still a lot of other data to map in a Package
    package = MavenPomPackage(
        # FIXME: what is this location about?
        location=location,
        name='{group_id}:{artifact_id}'.format(**pom),
        version=pom['version'],
        summary=pom['name'],
        description=pom['description'],
        homepage_url=pom['url'],
        asserted_licenses=licenses,
        authors=authors,
        owners=owners,
        contributors=contributors,
        dependencies=dependencies,
    )
    return package