def generate_spdx_package(self) -> Package:
"""Generates the SPDX package.
Example of a SPDX package:
PackageName: eduVPN
DataFormat: SPDXRef-1
PackageSupplier: Organization: The Commons Conservancy eduVPN Programme
PackageHomePage: https://eduvpn.org
PackageLicenseDeclared: GPL-3.0+
PackageCopyrightText: 2017, The Commons Conservancy eduVPN Programme
PackageSummary: <text>EduVPN is designed to allow users to connect
securely and encrypted to the Internet from any standard device.
</text>
PackageComment: <text>The package includes the following libraries; see
Relationship information.
</text>
Created: 2017-06-06T09:00:00Z
PackageDownloadLocation: git://github.com/eduVPN/reponame
PackageDownloadLocation: git+https://github.com/eduVPN/reponame.git
PackageDownloadLocation: git+ssh://github.com/eduVPN/reponame.git
Creator: Person: Jane Doe
Returns:
the corresponding package
"""
package = Package(
name=determine_spdx_value(self.name),
spdx_id=f"SPDXRef-{self.id}",
download_location=determine_spdx_value(None),
version=determine_spdx_value(self.version),
file_name=determine_spdx_value(self.name),
supplier=None,
originator=Person(determine_spdx_value(self.author),
determine_spdx_value(self.author_email)),
)
package.check_sum = Algorithm("SHA1", str(NoAssert()))
package.cr_text = NoAssert()
package.homepage = determine_spdx_value(self.url)
package.license_declared = License.from_identifier(
str(determine_spdx_value(self.main_licence)))
package.conc_lics = License.from_identifier(
str(determine_spdx_value(self.licence)))
package.summary = determine_spdx_value(self.description)
package.description = NoAssert()
files = self.get_spdx_files()
if files:
package.files_analyzed = True
for file in files:
package.add_file(file.generate_spdx_file())
package.add_lics_from_file(
License.from_identifier(
str(determine_spdx_value(file.licence))))
_set_package_copyright(file, package)
package.verif_code = determine_spdx_value(
package.calc_verif_code())
else:
# Has to generate a dummy file because of the following rule in SDK:
# - Package must have at least one file
dummy_file = SpdxFile(Path(UNKNOWN), self._package_info.root_dir,
self.main_licence)
package.verif_code = NoAssert()
package.add_file(dummy_file.generate_spdx_file())
package.add_lics_from_file(
License.from_identifier(
str(determine_spdx_value(dummy_file.licence))))
return package
package.name = 'TagWriteTest'
package.version = '1.0'
package.file_name = 'twt.jar'
package.download_location = 'http://www.tagwritetest.test/download'
package.homepage = SPDXNone()
package.verif_code = '4e3211c67a2d28fced849ee1bb76e7391b93feba'
license_set = LicenseConjuction(License.from_identifier('Apache-2.0'),
License.from_identifier('BSD-2-Clause'))
package.conc_lics = license_set
package.license_declared = license_set
package.add_lics_from_file(License.from_identifier('Apache-2.0'))
package.add_lics_from_file(License.from_identifier('BSD-2-Clause'))
package.cr_text = NoAssert()
package.summary = 'Simple package.'
package.description = 'Really simple package.'
package.add_file(testfile1)
package.add_file(testfile2)
doc.package = package
# An extracted license
lic = ExtractedLicense('LicenseRef-1')
lic.text = 'Some non legal legal text..'
doc.add_extr_lic(lic)
file = sys.argv[1]
with codecs.open(file, mode='w', encoding='utf-8') as out:
try:
write_document(doc, out)
except InvalidDocumentError:
package.name = 'TagWriteTest'
package.version = '1.0'
package.file_name = 'twt.jar'
package.download_location = 'http://www.tagwritetest.test/download'
package.homepage = SPDXNone()
package.verif_code = '4e3211c67a2d28fced849ee1bb76e7391b93feba'
license_set = LicenseConjuction(License.from_identifier('Apache-2.0'),
License.from_identifier('BSD-2-Clause'))
package.conc_lics = license_set
package.license_declared = license_set
package.add_lics_from_file(License.from_identifier('Apache-2.0'))
package.add_lics_from_file(License.from_identifier('BSD-2-Clause'))
package.cr_text = NoAssert()
package.summary = 'Simple package.'
package.description = 'Really simple package.'
package.add_file(testfile1)
package.add_file(testfile2)
doc.package = package
# An extracted license
lic = ExtractedLicense('LicenseRef-1')
lic.text = 'Some non legal legal text..'
doc.add_extr_lic(lic)
file = sys.argv[1]
with codecs.open(file, mode='w', encoding='utf-8') as out:
try:
write_document(doc, out)
except InvalidDocumentError:
