From d7fc4cc9cf695b17a40896c960f5635953202ea6 Mon Sep 17 00:00:00 2001 From: Ayan Sinha Mahapatra Date: Thu, 14 Nov 2024 17:22:19 +0530 Subject: [PATCH 1/2] Fix package resource assign bug for jar manifests Signed-off-by: Ayan Sinha Mahapatra --- src/packagedcode/maven.py | 11 +- src/packagedcode/models.py | 6 + ...ackson-dataformat-xml-2.13.5-expected.json | 4 +- .../spring-web-5.3.20-jar-expected.json | 321 ++++++++++++++++++ .../spring-web-5.3.20.jar | Bin 0 -> 180 bytes .../META-INF/MANIFEST.MF | 6 + .../META-INF/notice.txt | 6 + .../extracted-jar/hsqldb-2.4.0-expected.json | 16 +- tests/packagedcode/test_maven.py | 9 +- 9 files changed, 369 insertions(+), 10 deletions(-) create mode 100644 tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar-expected.json create mode 100644 tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar/spring-web-5.3.20.jar create mode 100644 tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/MANIFEST.MF create mode 100644 tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/notice.txt diff --git a/src/packagedcode/maven.py b/src/packagedcode/maven.py index c2ad164a199..c3910f213b6 100644 --- a/src/packagedcode/maven.py +++ b/src/packagedcode/maven.py @@ -68,6 +68,9 @@ def assemble(cls, package_data, resource, codebase, package_adder=models.add_to_ yield from models.DatafileHandler.assemble(package_data, resource, codebase) return + if not package_data.purl: + return + datafile_path = resource.path # This order is important as we want pom.xml to be used for package @@ -116,11 +119,11 @@ def assemble(cls, package_data, resource, codebase, package_adder=models.add_to_ parent_resource=parent_resource, ) elif manifests and not pom_xmls: - yield from JavaJarManifestHandlerMixin.assemble(package_data, resource, codebase) + yield from JavaJarManifestHandlerMixin.assemble(package_data, resource, codebase, package_adder) elif pom_xmls and not manifests: - yield from MavenPomXmlHandlerMixin.assemble(package_data, resource, codebase) + yield from MavenPomXmlHandlerMixin.assemble(package_data, resource, codebase, package_adder) else: - yield from models.DatafileHandler.assemble(package_data, resource, codebase) + yield from models.DatafileHandler.assemble(package_data, resource, codebase, package_adder) class JavaJarManifestHandler(MavenBasePackageHandler): @@ -149,7 +152,7 @@ def assign_package_to_resources(cls, package, resource, codebase, package_adder) # we want to root of the jar, two levels up parent = resource.parent(codebase) if parent: - parent = resource.parent(codebase) + parent = parent.parent(codebase) if parent: models.DatafileHandler.assign_package_to_resources( package, diff --git a/src/packagedcode/models.py b/src/packagedcode/models.py index 2224c2d5121..45a2f6d4de6 100644 --- a/src/packagedcode/models.py +++ b/src/packagedcode/models.py @@ -1199,6 +1199,12 @@ def assign_package_to_resources(cls, package, resource, codebase, package_adder= # NOTE: we do not attach files to the Package level. Instead we # update `for_packages` of a codebase resource. package_uid = package.package_uid + if resource.path.endswith("-extract"): + archive_resource_path = resource.path.removesuffix("-extract") + archive_resource = codebase.get_resource(archive_resource_path) + if archive_resource: + package_adder(package_uid, archive_resource, codebase) + if resource and package_uid: package_adder(package_uid, resource, codebase) for res in resource.walk(codebase): diff --git a/tests/packagedcode/data/maven_misc/assemble/jackson-dataformat-xml-2.13.5-expected.json b/tests/packagedcode/data/maven_misc/assemble/jackson-dataformat-xml-2.13.5-expected.json index 969783dfcf1..aacbb9fa2e7 100644 --- a/tests/packagedcode/data/maven_misc/assemble/jackson-dataformat-xml-2.13.5-expected.json +++ b/tests/packagedcode/data/maven_misc/assemble/jackson-dataformat-xml-2.13.5-expected.json @@ -188,7 +188,9 @@ "path": "jackson-dataformat-xml-2.13.5", "type": "directory", "package_data": [], - "for_packages": [], + "for_packages": [ + "pkg:jar/Jackson-dataformat-XML@2.13.5?uuid=fixed-uid-done-for-testing-5642512d1758" + ], "detected_license_expression": null, "detected_license_expression_spdx": null, "license_detections": [], diff --git a/tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar-expected.json b/tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar-expected.json new file mode 100644 index 00000000000..a60e601249c --- /dev/null +++ b/tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar-expected.json @@ -0,0 +1,321 @@ +{ + "packages": [ + { + "type": "jar", + "namespace": null, + "name": "spring-web", + "version": "5.3.20", + "qualifiers": {}, + "subpath": null, + "primary_language": null, + "description": null, + "release_date": null, + "parties": [], + "keywords": [], + "homepage_url": null, + "download_url": null, + "size": null, + "sha1": null, + "md5": null, + "sha256": null, + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "holder": null, + "declared_license_expression": "apache-2.0", + "declared_license_expression_spdx": "Apache-2.0", + "license_detections": [ + { + "license_expression": "apache-2.0", + "license_expression_spdx": "Apache-2.0", + "matches": [ + { + "license_expression": "apache-2.0", + "license_expression_spdx": "Apache-2.0", + "from_file": "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/notice.txt", + "start_line": 4, + "end_line": 6, + "matcher": "2-aho", + "score": 100.0, + "matched_length": 27, + "match_coverage": 100.0, + "rule_relevance": 100, + "rule_identifier": "apache-2.0_701.RULE", + "rule_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/rules/apache-2.0_701.RULE" + } + ], + "detection_log": [], + "identifier": "apache_2_0-dda7c7b6-8825-2c52-d55b-46f66d469baa" + } + ], + "other_license_expression": null, + "other_license_expression_spdx": null, + "other_license_detections": [], + "extracted_license_statement": null, + "notice_text": null, + "source_packages": [], + "is_private": false, + "is_virtual": false, + "extra_data": {}, + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": null, + "package_uid": "pkg:jar/spring-web@5.3.20?uuid=fixed-uid-done-for-testing-5642512d1758", + "datafile_paths": [ + "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/MANIFEST.MF" + ], + "datasource_ids": [ + "java_jar_manifest" + ], + "purl": "pkg:jar/spring-web@5.3.20" + } + ], + "dependencies": [], + "license_detections": [ + { + "identifier": "apache_2_0-dda7c7b6-8825-2c52-d55b-46f66d469baa", + "license_expression": "apache-2.0", + "license_expression_spdx": "Apache-2.0", + "detection_count": 2, + "detection_log": [], + "reference_matches": [ + { + "license_expression": "apache-2.0", + "license_expression_spdx": "Apache-2.0", + "from_file": "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/notice.txt", + "start_line": 4, + "end_line": 6, + "matcher": "2-aho", + "score": 100.0, + "matched_length": 27, + "match_coverage": 100.0, + "rule_relevance": 100, + "rule_identifier": "apache-2.0_701.RULE", + "rule_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/rules/apache-2.0_701.RULE" + } + ] + } + ], + "files": [ + { + "path": "spring-web-5.3.20-jar", + "type": "directory", + "package_data": [], + "for_packages": [], + "detected_license_expression": null, + "detected_license_expression_spdx": null, + "license_detections": [], + "license_clues": [], + "percentage_of_license_text": 0, + "scan_errors": [] + }, + { + "path": "spring-web-5.3.20-jar/spring-web-5.3.20.jar", + "type": "file", + "package_data": [ + { + "type": "jar", + "namespace": null, + "name": null, + "version": null, + "qualifiers": {}, + "subpath": null, + "primary_language": null, + "description": null, + "release_date": null, + "parties": [], + "keywords": [], + "homepage_url": null, + "download_url": null, + "size": null, + "sha1": null, + "md5": null, + "sha256": null, + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "holder": null, + "declared_license_expression": null, + "declared_license_expression_spdx": null, + "license_detections": [], + "other_license_expression": null, + "other_license_expression_spdx": null, + "other_license_detections": [], + "extracted_license_statement": null, + "notice_text": null, + "source_packages": [], + "file_references": [], + "is_private": false, + "is_virtual": false, + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": null, + "datasource_id": "java_jar", + "purl": null + } + ], + "for_packages": [ + "pkg:jar/spring-web@5.3.20?uuid=fixed-uid-done-for-testing-5642512d1758" + ], + "detected_license_expression": null, + "detected_license_expression_spdx": null, + "license_detections": [], + "license_clues": [], + "percentage_of_license_text": 0, + "scan_errors": [] + }, + { + "path": "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract", + "type": "directory", + "package_data": [], + "for_packages": [ + "pkg:jar/spring-web@5.3.20?uuid=fixed-uid-done-for-testing-5642512d1758" + ], + "detected_license_expression": null, + "detected_license_expression_spdx": null, + "license_detections": [], + "license_clues": [], + "percentage_of_license_text": 0, + "scan_errors": [] + }, + { + "path": "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF", + "type": "directory", + "package_data": [], + "for_packages": [ + "pkg:jar/spring-web@5.3.20?uuid=fixed-uid-done-for-testing-5642512d1758" + ], + "detected_license_expression": null, + "detected_license_expression_spdx": null, + "license_detections": [], + "license_clues": [], + "percentage_of_license_text": 0, + "scan_errors": [] + }, + { + "path": "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/MANIFEST.MF", + "type": "file", + "package_data": [ + { + "type": "jar", + "namespace": null, + "name": "spring-web", + "version": "5.3.20", + "qualifiers": {}, + "subpath": null, + "primary_language": null, + "description": "", + "release_date": null, + "parties": [], + "keywords": [], + "homepage_url": null, + "download_url": null, + "size": null, + "sha1": null, + "md5": null, + "sha256": null, + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "holder": null, + "declared_license_expression": "apache-2.0", + "declared_license_expression_spdx": "Apache-2.0", + "license_detections": [ + { + "license_expression": "apache-2.0", + "license_expression_spdx": "Apache-2.0", + "matches": [ + { + "license_expression": "apache-2.0", + "license_expression_spdx": "Apache-2.0", + "from_file": "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/notice.txt", + "start_line": 4, + "end_line": 6, + "matcher": "2-aho", + "score": 100.0, + "matched_length": 27, + "match_coverage": 100.0, + "rule_relevance": 100, + "rule_identifier": "apache-2.0_701.RULE", + "rule_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/rules/apache-2.0_701.RULE" + } + ], + "detection_log": [], + "identifier": "apache_2_0-dda7c7b6-8825-2c52-d55b-46f66d469baa" + } + ], + "other_license_expression": null, + "other_license_expression_spdx": null, + "other_license_detections": [], + "extracted_license_statement": null, + "notice_text": null, + "source_packages": [], + "file_references": [], + "is_private": false, + "is_virtual": false, + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": null, + "datasource_id": "java_jar_manifest", + "purl": "pkg:jar/spring-web@5.3.20" + } + ], + "for_packages": [ + "pkg:jar/spring-web@5.3.20?uuid=fixed-uid-done-for-testing-5642512d1758" + ], + "detected_license_expression": null, + "detected_license_expression_spdx": null, + "license_detections": [], + "license_clues": [], + "percentage_of_license_text": 0, + "scan_errors": [] + }, + { + "path": "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/notice.txt", + "type": "file", + "package_data": [], + "for_packages": [ + "pkg:jar/spring-web@5.3.20?uuid=fixed-uid-done-for-testing-5642512d1758" + ], + "detected_license_expression": "apache-2.0", + "detected_license_expression_spdx": "Apache-2.0", + "license_detections": [ + { + "license_expression": "apache-2.0", + "license_expression_spdx": "Apache-2.0", + "matches": [ + { + "license_expression": "apache-2.0", + "license_expression_spdx": "Apache-2.0", + "from_file": "spring-web-5.3.20-jar/spring-web-5.3.20.jar-extract/META-INF/notice.txt", + "start_line": 4, + "end_line": 6, + "matcher": "2-aho", + "score": 100.0, + "matched_length": 27, + "match_coverage": 100.0, + "rule_relevance": 100, + "rule_identifier": "apache-2.0_701.RULE", + "rule_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/rules/apache-2.0_701.RULE" + } + ], + "detection_log": [], + "identifier": "apache_2_0-dda7c7b6-8825-2c52-d55b-46f66d469baa" + } + ], + "license_clues": [], + "percentage_of_license_text": 71.05, + "scan_errors": [] + } + ] +} \ No newline at end of file diff --git a/tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar/spring-web-5.3.20.jar b/tests/packagedcode/data/maven_misc/assemble/spring-web-5.3.20-jar/spring-web-5.3.20.jar new file mode 100644 index 0000000000000000000000000000000000000000..46ba8b458e9b899fb130668d12db60d1eea34ddb GIT binary patch literal 180 zcmWIWW@Zs#00E=kyhtzuN^mkLF!;KLIO=-(x#@?7@G`Lfcww3j!=)A642&! Date: Tue, 14 Jan 2025 20:30:11 +0530 Subject: [PATCH 2/2] Refactor code using resource.extracted_from function Signed-off-by: Ayan Sinha Mahapatra --- src/packagedcode/models.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/packagedcode/models.py b/src/packagedcode/models.py index 45a2f6d4de6..030f30a34ff 100644 --- a/src/packagedcode/models.py +++ b/src/packagedcode/models.py @@ -1200,8 +1200,7 @@ def assign_package_to_resources(cls, package, resource, codebase, package_adder= # update `for_packages` of a codebase resource. package_uid = package.package_uid if resource.path.endswith("-extract"): - archive_resource_path = resource.path.removesuffix("-extract") - archive_resource = codebase.get_resource(archive_resource_path) + archive_resource = resource.extracted_from(codebase) if archive_resource: package_adder(package_uid, archive_resource, codebase)