-
-
Notifications
You must be signed in to change notification settings - Fork 93
fix: make pep621 license detections type-aware #920
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 4 commits
Commits
Show all changes
11 commits
Select commit
Hold shift + click to select a range
e048980
Fix: update pep621 logic and add unit tests
manavgup d5eb743
removed implementation of PEP639, removed raise, and updated test file
manavgup 90b85af
fix(pep621): Only handle dict license values, skip others silently
manavgup 0faa6da
improved documentation in pep621.py, moved test_pep621.py to integrat…
manavgup 06a22c7
Added missing docs
manavgup c2d0830
Update pep621.py
jkowalleck acbffb4
fixed bandit and linting issues.
manavgup 107864e
tests
jkowalleck 5ec1314
tests
jkowalleck dedf64d
tests
jkowalleck 0f4a2b2
tests
jkowalleck File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| # This file is part of CycloneDX Python | ||
| # SPDX-License-Identifier: Apache-2.0 | ||
| # Copyright (c) OWASP Foundation. All Rights Reserved. | ||
|
|
||
| import os | ||
| import tempfile | ||
| import unittest | ||
|
|
||
| from cyclonedx.factory.license import LicenseFactory | ||
| from cyclonedx.model.license import DisjunctiveLicense, LicenseAcknowledgement | ||
|
|
||
| from cyclonedx_py._internal.utils.pep621 import project2licenses | ||
|
|
||
|
|
||
| class TestUtilsPEP621(unittest.TestCase): | ||
|
|
||
| def test_license_dict_text_pep621(self) -> None: | ||
| lfac = LicenseFactory() | ||
| fpath = tempfile.mktemp() | ||
| project = { | ||
| 'name': 'testpkg', | ||
| 'license': {'text': 'This is the license text.'}, | ||
| } | ||
| licenses = list(project2licenses(project, lfac, fpath=fpath)) | ||
| self.assertEqual(len(licenses), 1) | ||
| lic = licenses[0] | ||
| self.assertIsInstance(lic, DisjunctiveLicense) | ||
| self.assertIsNone(lic.id) | ||
| self.assertEqual(lic.text.content, 'This is the license text.') | ||
| self.assertEqual(lic.acknowledgement, LicenseAcknowledgement.DECLARED) | ||
|
|
||
| def test_license_dict_file_pep621(self) -> None: | ||
| lfac = LicenseFactory() | ||
| with tempfile.NamedTemporaryFile('w+', delete=True) as tf: | ||
| tf.write('File license text') | ||
| tf.flush() | ||
| project = { | ||
| 'name': 'testpkg', | ||
| 'license': {'file': os.path.basename(tf.name)}, | ||
| } | ||
| # fpath should be the file path so dirname(fpath) resolves to the correct directory | ||
| licenses = list(project2licenses(project, lfac, fpath=tf.name)) | ||
|
|
||
| self.assertEqual(len(licenses), 1) | ||
| lic = licenses[0] | ||
| self.assertIsInstance(lic, DisjunctiveLicense) | ||
| self.assertIsNotNone(lic.text.content) | ||
| self.assertEqual(lic.acknowledgement, LicenseAcknowledgement.DECLARED) | ||
|
|
||
| def test_license_non_dict_pep621(self) -> None: | ||
| lfac = LicenseFactory() | ||
| fpath = tempfile.mktemp() | ||
|
|
||
| # Test with string license (should be silently skipped) | ||
| project = { | ||
| 'name': 'testpkg', | ||
| 'license': 'MIT', | ||
| } | ||
| licenses = list(project2licenses(project, lfac, fpath=fpath)) | ||
| self.assertEqual(len(licenses), 0) | ||
|
|
||
| # Test with None license (should be silently skipped) | ||
| project = { | ||
| 'name': 'testpkg', | ||
| 'license': None, | ||
| } | ||
| licenses = list(project2licenses(project, lfac, fpath=fpath)) | ||
| self.assertEqual(len(licenses), 0) | ||
|
|
||
| # Test with list license (should be silently skipped) | ||
| project = { | ||
| 'name': 'testpkg', | ||
| 'license': ['MIT', 'Apache-2.0'], | ||
| } | ||
| licenses = list(project2licenses(project, lfac, fpath=fpath)) | ||
| self.assertEqual(len(licenses), 0) |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.