def load_javas(self, analysis_json, containing_image): pkgs_json = analysis_json.get('package_list', {}).get('pkgs.java', {}).get('base') if not pkgs_json: return [] pkgs = [] for path, pkg_str in list(pkgs_json.items()): pkg_json = json.loads(pkg_str) n = ImagePackage() # primary keys # TODO - some java names have a version in it, need to clean that up n.name = pkg_json.get('name') n.pkg_type = 'java' n.arch = 'N/A' n.pkg_path = path version = None versions_json = {} for k in [ 'maven-version', 'implementation-version', 'specification-version' ]: if not version and pkg_json.get(k, 'N/A') != 'N/A': version = pkg_json.get(k) versions_json[k] = pkg_json.get(k, 'N/A') if version: n.version = version else: n.version = 'N/A' n.image_user_id = containing_image.user_id n.image_id = containing_image.id # other non-PK values n.pkg_path_hash = hashlib.sha256(ensure_bytes(path)).hexdigest() n.distro_name = 'java' n.distro_version = 'N/A' n.like_distro = 'java' n.fullversion = n.version m = pkg_json.get('metadata') m['java_versions'] = versions_json n.metadata_json = m fullname = n.name pomprops = n.get_pom_properties() if pomprops: fullname = "{}:{}".format(pomprops.get('groupId'), pomprops.get('artifactId')) n.normalized_src_pkg = fullname n.src_pkg = fullname pkgs.append(n) return pkgs
def load_pythons(self, analysis_json, containing_image): pkgs_json = analysis_json.get('package_list', {}).get('pkgs.python', {}).get('base') if not pkgs_json: return [] pkgs = [] for path, pkg_str in list(pkgs_json.items()): pkg_json = json.loads(pkg_str) n = ImagePackage() # primary keys n.name = pkg_json.get('name') n.pkg_path = path n.version = pkg_json.get('version') n.pkg_type = 'python' n.arch = 'N/A' n.image_user_id = n.image_user_id n.image_id = n.image_id # other n.pkg_path_hash = hashlib.sha256(ensure_bytes(path)).hexdigest() n.distro_name = 'python' n.distro_version = 'N/A' n.like_distro = 'python' n.fullversion = n.version n.license = pkg_json.get('license') n.origin = pkg_json.get('origin') m = { 'python_distribution_metadata': pkg_json.get('metadata'), 'files': pkg_json.get('files') } n.metadata_json = m fullname = n.name n.normalized_src_pkg = fullname n.src_pkg = fullname pkgs.append(n) return pkgs
def load_javas(self, analysis_json, containing_image): handled_pkgtypes = ['pkgs.java'] pkgs_json = analysis_json.get('package_list', {}).get('pkgs.java', {}).get('base') if not pkgs_json: return [], handled_pkgtypes pkgs = [] for path, pkg_str in list(pkgs_json.items()): pkg_json = json.loads(pkg_str) n = ImagePackage() # primary keys # TODO - some java names have a version in it, need to clean that up n.name = pkg_json.get('name') n.pkg_type = 'java' n.arch = 'N/A' n.pkg_path = path metaversion = None versions_json = {} for k in ['maven-version', 'implementation-version', 'specification-version']: if not metaversion and pkg_json.get(k, 'N/A') != 'N/A': metaversion = pkg_json.get(k) versions_json[k] = pkg_json.get(k, 'N/A') n.image_user_id = containing_image.user_id n.image_id = containing_image.id # other non-PK values n.pkg_path_hash = hashlib.sha256(ensure_bytes(path)).hexdigest() n.distro_name = 'java' n.distro_version = 'N/A' n.like_distro = 'java' m = pkg_json.get('metadata') m['java_versions'] = versions_json n.metadata_json = m fullname = n.name pomprops = n.get_pom_properties() pomversion = None if pomprops: fullname = "{}:{}".format(pomprops.get('groupId'), pomprops.get('artifactId')) pomversion = pomprops.get('version', None) n.normalized_src_pkg = fullname n.src_pkg = fullname # final version decision - try our best to get an accurate version/name pair n.version = 'N/A' if pomversion: n.version = pomversion elif metaversion: n.version = metaversion else: try: patt = re.match(r"(.*)-(([\d]\.)+.*)", n.name) if patt and patt.group(1): n.version = patt.group(2) n.name = patt.group(1) except Exception as err: pass n.fullversion = n.version pkgs.append(n) return pkgs, handled_pkgtypes