def get_dependencies(pom): """ Return a list of Dependent package objects found in a MavenPom `pom` object. """ dependencies = [] for scope, deps in pom.dependencies.items(): if TRACE: logger.debug('parse: dependencies.deps: {}'.format(deps)) if scope: scope = scope.strip().lower() if not scope: # maven default scope = 'compile' for (dgroup_id, dartifact_id, dversion), drequired in deps: if TRACE: logger.debug('parse: dependencies.deps: {}, {}, {}, {}'. format(dgroup_id, dartifact_id, dversion, drequired)) # pymaven whart if dversion == 'latest.release': dversion = None dqualifiers = {} # FIXME: this is missing from the original Pom parser # classifier = dep.get('classifier') # if classifier: # qualifiers['classifier'] = classifier # # packaging = dep.get('type') # if packaging and packaging != 'jar': # qualifiers['packaging'] = packaging dep_id = models.PackageURL( type='maven', namespace=dgroup_id, name=dartifact_id, qualifiers=dqualifiers or None) # TODO: handle dependency management and pom type is_runtime = scope in ('runtime', 'compile', 'system', 'provided') is_optional = bool(scope in ('test',) or not drequired) if scope not in (('runtime', 'compile', 'system', 'provided', 'test')): is_runtime = True dep_pack = models.DependentPackage( purl=str(dep_id), requirement=dversion, scope=scope, is_runtime=is_runtime, is_optional=is_optional, is_resolved=False) dependencies.append(dep_pack) return dependencies
def _deps_mapper(deps, package, scope, is_runtime=False, is_optional=False): """ Handle deps such as dependencies, devDependencies return a tuple of (dep type, list of deps) https://getcomposer.org/doc/04-schema.md#package-links """ for ns_name, requirement in deps.items(): ns, _, name = ns_name.rpartition('/') purl = models.PackageURL(type='composer', namespace=ns, name=name).to_string() dep = models.DependentPackage( purl=purl, extracted_requirement=requirement, scope=scope, is_runtime=is_runtime, is_optional=is_optional) package.dependencies.append(dep) return package
def bundle_deps_mapper(bundle_deps, package): """ https://docs.npmjs.com/files/package.json#bundleddependencies "This defines an array of package names that will be bundled when publishing the package." """ for bdep in (bundle_deps or []): bdep = bdep and bdep.strip() if not bdep: continue ns, name = split_scoped_package_name(bdep) purl = models.PackageURL(type='npm', namespace=ns, name=name) dep = models.DependentPackage(purl=purl.to_string(), scope='bundledDependencies', is_runtime=True, ) package.dependencies.append(dep) return package
def parse(cls, location): rpm_tags = get_rpm_tags(location, include_desc=True) if TRACE: logger_debug('recognize: rpm_tags', rpm_tags) if not rpm_tags: return name = rpm_tags.name try: epoch = rpm_tags.epoch and int(rpm_tags.epoch) or None except ValueError: epoch = None evr = EVR( version=rpm_tags.version or None, release=rpm_tags.release or None, epoch=epoch).to_string() qualifiers = {} os = rpm_tags.os if os and os.lower() != 'linux': qualifiers['os'] = os arch = rpm_tags.arch if arch: qualifiers['arch'] = arch source_packages = [] if rpm_tags.source_rpm: sepoch, sname, sversion, srel, sarch = nevra.from_name(rpm_tags.source_rpm) src_evr = EVR(sversion, srel, sepoch).to_string() src_qualifiers = {} if sarch: src_qualifiers['arch'] = sarch src_purl = models.PackageURL( type=cls.default_package_type, # TODO: namespace=cls.default_package_namespace, name=sname, version=src_evr, qualifiers=src_qualifiers ).to_string() if TRACE: logger_debug('recognize: source_rpm', src_purl) source_packages = [src_purl] parties = [] # TODO: also use me to craft a namespace!!! # TODO: assign a namespace to Package URL based on distro names. # CentOS # Fedora Project # OpenMandriva Lx # openSUSE Tumbleweed # Red Hat if rpm_tags.distribution: parties.append(models.Party(name=rpm_tags.distribution, role='distributor')) if rpm_tags.vendor: parties.append(models.Party(name=rpm_tags.vendor, role='vendor')) description = build_description(summary=rpm_tags.summary, description=rpm_tags.description) if TRACE: data = dict( name=name, version=evr, description=description or None, homepage_url=rpm_tags.url or None, parties=parties, declared_license=rpm_tags.license or None, source_packages=source_packages, ) logger_debug('recognize: data to create a package:\n', data) package = models.PackageData( datasource_id=cls.datasource_id, type=cls.default_package_type, # TODO: namespace=cls.default_package_namespace, name=name, version=evr, description=description or None, homepage_url=rpm_tags.url or None, parties=parties, declared_license=rpm_tags.license or None, source_packages=source_packages, ) if TRACE: logger_debug('recognize: created package:\n', package) yield package
def parse(location): """ Return an RpmPackage object for the file at location or None if the file is not an RPM. """ tags = get_rpm_tags(location, include_desc=True) if TRACE: logger_debug('parse: tags', tags) if not tags: return name = tags.name try: epoch = tags.epoch and int(tags.epoch) or None except ValueError: epoch = None evr = EVR(version=tags.version or None, release=tags.release or None, epoch=epoch).to_string() qualifiers = {} os = tags.os if os and os.lower() != 'linux': qualifiers['os'] = os arch = tags.arch if arch: qualifiers['arch'] = arch source_packages = [] if tags.source_rpm: src_epoch, src_name, src_version, src_release, src_arch = nevra.from_name( tags.source_rpm) src_evr = EVR(src_version, src_release, src_epoch).to_string() src_qualifiers = {} if src_arch: src_qualifiers['arch'] = src_arch src_purl = models.PackageURL(type=RpmPackage.default_type, name=src_name, version=src_evr, qualifiers=src_qualifiers).to_string() if TRACE: logger_debug('parse: source_rpm', src_purl) source_packages = [src_purl] parties = [] if tags.distribution: parties.append(models.Party(name=tags.distribution, role='distributor')) if tags.vendor: parties.append(models.Party(name=tags.vendor, role='vendor')) description = build_description(tags.summary, tags.description) if TRACE: data = dict(name=name, version=evr, description=description or None, homepage_url=tags.url or None, parties=parties, declared_license=tags.license or None, source_packages=source_packages) logger_debug('parse: data to create a package:\n', data) package = RpmPackage(name=name, version=evr, description=description or None, homepage_url=tags.url or None, parties=parties, declared_license=tags.license or None, source_packages=source_packages) if TRACE: logger_debug('parse: created package:\n', package) return package