def get_dependencies(pom):
"""
Return a list of Dependent package objects found in a MavenPom `pom` object.
"""
dependencies = []
for scope, deps in pom.dependencies.items():
if TRACE:
logger.debug('parse: dependencies.deps: {}'.format(deps))
if scope:
scope = scope.strip().lower()
if not scope:
# maven default
scope = 'compile'
for (dgroup_id, dartifact_id, dversion), drequired in deps:
if TRACE:
logger.debug('parse: dependencies.deps: {}, {}, {}, {}'.
format(dgroup_id, dartifact_id, dversion, drequired))
# pymaven whart
if dversion == 'latest.release':
dversion = None
dqualifiers = {}
# FIXME: this is missing from the original Pom parser
# classifier = dep.get('classifier')
# if classifier:
# qualifiers['classifier'] = classifier
#
# packaging = dep.get('type')
# if packaging and packaging != 'jar':
# qualifiers['packaging'] = packaging
dep_id = models.PackageURL(
type='maven',
namespace=dgroup_id,
name=dartifact_id,
qualifiers=dqualifiers or None)
# TODO: handle dependency management and pom type
is_runtime = scope in ('runtime', 'compile', 'system', 'provided')
is_optional = bool(scope in ('test',) or not drequired)
if scope not in (('runtime', 'compile', 'system', 'provided', 'test')):
is_runtime = True
dep_pack = models.DependentPackage(
purl=str(dep_id),
requirement=dversion,
scope=scope,
is_runtime=is_runtime,
is_optional=is_optional,
is_resolved=False)
dependencies.append(dep_pack)
return dependencies
def _deps_mapper(deps, package, scope, is_runtime=False, is_optional=False):
"""
Handle deps such as dependencies, devDependencies
return a tuple of (dep type, list of deps)
https://getcomposer.org/doc/04-schema.md#package-links
"""
for ns_name, requirement in deps.items():
ns, _, name = ns_name.rpartition('/')
purl = models.PackageURL(type='composer', namespace=ns, name=name).to_string()
dep = models.DependentPackage(
purl=purl,
extracted_requirement=requirement,
scope=scope,
is_runtime=is_runtime,
is_optional=is_optional)
package.dependencies.append(dep)
return package
def bundle_deps_mapper(bundle_deps, package):
"""
https://docs.npmjs.com/files/package.json#bundleddependencies
"This defines an array of package names that will be bundled
when publishing the package."
"""
for bdep in (bundle_deps or []):
bdep = bdep and bdep.strip()
if not bdep:
continue
ns, name = split_scoped_package_name(bdep)
purl = models.PackageURL(type='npm', namespace=ns, name=name)
dep = models.DependentPackage(purl=purl.to_string(),
scope='bundledDependencies', is_runtime=True,
)
package.dependencies.append(dep)
return package
def parse(cls, location):
rpm_tags = get_rpm_tags(location, include_desc=True)
if TRACE: logger_debug('recognize: rpm_tags', rpm_tags)
if not rpm_tags:
return
name = rpm_tags.name
try:
epoch = rpm_tags.epoch and int(rpm_tags.epoch) or None
except ValueError:
epoch = None
evr = EVR(
version=rpm_tags.version or None,
release=rpm_tags.release or None,
epoch=epoch).to_string()
qualifiers = {}
os = rpm_tags.os
if os and os.lower() != 'linux':
qualifiers['os'] = os
arch = rpm_tags.arch
if arch:
qualifiers['arch'] = arch
source_packages = []
if rpm_tags.source_rpm:
sepoch, sname, sversion, srel, sarch = nevra.from_name(rpm_tags.source_rpm)
src_evr = EVR(sversion, srel, sepoch).to_string()
src_qualifiers = {}
if sarch:
src_qualifiers['arch'] = sarch
src_purl = models.PackageURL(
type=cls.default_package_type,
# TODO: namespace=cls.default_package_namespace,
name=sname,
version=src_evr,
qualifiers=src_qualifiers
).to_string()
if TRACE: logger_debug('recognize: source_rpm', src_purl)
source_packages = [src_purl]
parties = []
# TODO: also use me to craft a namespace!!!
# TODO: assign a namespace to Package URL based on distro names.
# CentOS
# Fedora Project
# OpenMandriva Lx
# openSUSE Tumbleweed
# Red Hat
if rpm_tags.distribution:
parties.append(models.Party(name=rpm_tags.distribution, role='distributor'))
if rpm_tags.vendor:
parties.append(models.Party(name=rpm_tags.vendor, role='vendor'))
description = build_description(summary=rpm_tags.summary, description=rpm_tags.description)
if TRACE:
data = dict(
name=name,
version=evr,
description=description or None,
homepage_url=rpm_tags.url or None,
parties=parties,
declared_license=rpm_tags.license or None,
source_packages=source_packages,
)
logger_debug('recognize: data to create a package:\n', data)
package = models.PackageData(
datasource_id=cls.datasource_id,
type=cls.default_package_type,
# TODO: namespace=cls.default_package_namespace,
name=name,
version=evr,
description=description or None,
homepage_url=rpm_tags.url or None,
parties=parties,
declared_license=rpm_tags.license or None,
source_packages=source_packages,
)
if TRACE:
logger_debug('recognize: created package:\n', package)
yield package
def parse(location):
"""
Return an RpmPackage object for the file at location or None if
the file is not an RPM.
"""
tags = get_rpm_tags(location, include_desc=True)
if TRACE: logger_debug('parse: tags', tags)
if not tags:
return
name = tags.name
try:
epoch = tags.epoch and int(tags.epoch) or None
except ValueError:
epoch = None
evr = EVR(version=tags.version or None,
release=tags.release or None,
epoch=epoch).to_string()
qualifiers = {}
os = tags.os
if os and os.lower() != 'linux':
qualifiers['os'] = os
arch = tags.arch
if arch:
qualifiers['arch'] = arch
source_packages = []
if tags.source_rpm:
src_epoch, src_name, src_version, src_release, src_arch = nevra.from_name(
tags.source_rpm)
src_evr = EVR(src_version, src_release, src_epoch).to_string()
src_qualifiers = {}
if src_arch:
src_qualifiers['arch'] = src_arch
src_purl = models.PackageURL(type=RpmPackage.default_type,
name=src_name,
version=src_evr,
qualifiers=src_qualifiers).to_string()
if TRACE: logger_debug('parse: source_rpm', src_purl)
source_packages = [src_purl]
parties = []
if tags.distribution:
parties.append(models.Party(name=tags.distribution,
role='distributor'))
if tags.vendor:
parties.append(models.Party(name=tags.vendor, role='vendor'))
description = build_description(tags.summary, tags.description)
if TRACE:
data = dict(name=name,
version=evr,
description=description or None,
homepage_url=tags.url or None,
parties=parties,
declared_license=tags.license or None,
source_packages=source_packages)
logger_debug('parse: data to create a package:\n', data)
package = RpmPackage(name=name,
version=evr,
description=description or None,
homepage_url=tags.url or None,
parties=parties,
declared_license=tags.license or None,
source_packages=source_packages)
if TRACE:
logger_debug('parse: created package:\n', package)
return package
