diff --git a/cyclonedx/generator.py b/cyclonedx/generator.py deleted file mode 100644 index e69de29b..00000000 diff --git a/cyclonedx/model/bom.py b/cyclonedx/model/bom.py index 6510d885..d7a4ac07 100644 --- a/cyclonedx/model/bom.py +++ b/cyclonedx/model/bom.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + import datetime from typing import List from uuid import uuid4 diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py index ec93d526..5cfed9b3 100644 --- a/cyclonedx/model/component.py +++ b/cyclonedx/model/component.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from enum import Enum PURL_TYPE_PREFIX = 'pypi' @@ -28,6 +44,8 @@ class Component: _qualifiers: str _author: str = None + _description: str = None + _license: str = None def __init__(self, name: str, version: str, qualifiers: str = None, component_type: ComponentType = ComponentType.LIBRARY): @@ -39,6 +57,12 @@ def __init__(self, name: str, version: str, qualifiers: str = None, def get_author(self) -> str: return self._author + def get_description(self) -> str: + return self._description + + def get_license(self) -> str: + return self._license + def get_name(self) -> str: return self._name @@ -57,6 +81,12 @@ def get_version(self) -> str: def set_author(self, author: str): self._author = author + def set_description(self, description: str): + self._description = description + + def set_license(self, license_str: str): + self._license = license_str + def __eq__(self, other): return other.get_purl() == self.get_purl() diff --git a/cyclonedx/output/__init__.py b/cyclonedx/output/__init__.py index a2c6ea23..a83e1618 100644 --- a/cyclonedx/output/__init__.py +++ b/cyclonedx/output/__init__.py @@ -1,5 +1,20 @@ -import importlib +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +import importlib from abc import ABC, abstractmethod from enum import Enum diff --git a/cyclonedx/output/json.py b/cyclonedx/output/json.py index 1eb12977..99bda479 100644 --- a/cyclonedx/output/json.py +++ b/cyclonedx/output/json.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + import json from . import BaseOutput diff --git a/cyclonedx/output/schema.py b/cyclonedx/output/schema.py index 26338cfd..03f637ab 100644 --- a/cyclonedx/output/schema.py +++ b/cyclonedx/output/schema.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from abc import ABC diff --git a/cyclonedx/output/xml.py b/cyclonedx/output/xml.py index 04874a26..734e0e11 100644 --- a/cyclonedx/output/xml.py +++ b/cyclonedx/output/xml.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from xml.etree import ElementTree from . import BaseOutput diff --git a/cyclonedx/parser/__init__.py b/cyclonedx/parser/__init__.py index 8e8eb05d..27b65a09 100644 --- a/cyclonedx/parser/__init__.py +++ b/cyclonedx/parser/__init__.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from abc import ABC from typing import List diff --git a/cyclonedx/parser/environment.py b/cyclonedx/parser/environment.py index 7321f37d..8cea45d7 100644 --- a/cyclonedx/parser/environment.py +++ b/cyclonedx/parser/environment.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + import sys if sys.version_info >= (3, 8, 0): @@ -25,8 +41,12 @@ def __init__(self): c = Component(name=i.project_name, version=i.version) i_metadata = self._get_metadata_for_package(i.project_name) + print(i_metadata.keys()) if 'Author' in i_metadata.keys(): - c.set_author(i_metadata.get('Author')) + c.set_author(author=i_metadata.get('Author')) + + if 'License' in i_metadata.keys(): + c.set_license(license_str=i_metadata.get('License')) self._components.append(c) diff --git a/cyclonedx/parser/requirements.py b/cyclonedx/parser/requirements.py index 0d65649c..8950942e 100644 --- a/cyclonedx/parser/requirements.py +++ b/cyclonedx/parser/requirements.py @@ -1,7 +1,22 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + import pkg_resources from . import BaseParser - from ..model.component import Component diff --git a/setup.py b/setup.py index 14e9e80a..6f0d79a3 100644 --- a/setup.py +++ b/setup.py @@ -18,6 +18,7 @@ keywords=["BOM", "SBOM", "SCA", "OWASP"], license="Apache-2.0", classifiers=[ + 'Development Status :: 4 - Beta', 'Intended Audience :: Developers', 'Intended Audience :: Information Technology', 'Intended Audience :: Legal Industry', @@ -26,7 +27,10 @@ 'Topic :: Software Development', 'Topic :: System :: Software Distribution', 'License :: OSI Approved :: Apache Software License', - 'Programming Language :: Python :: 3' + 'Programming Language :: Python :: 3.6', + 'Programming Language :: Python :: 3.7', + 'Programming Language :: Python :: 3.8', + 'Programming Language :: Python :: 3.9' ], packages=find_packages(), python_requires='>=3.6', diff --git a/tests/base.py b/tests/base.py index 0f4ae1e0..880fc6d7 100644 --- a/tests/base.py +++ b/tests/base.py @@ -1,8 +1,23 @@ -import xml.etree.ElementTree -from unittest import TestCase +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 import json +import xml.etree.ElementTree from datetime import datetime, timezone +from unittest import TestCase from uuid import uuid4 from xml.dom import minidom diff --git a/tests/test_bom.py b/tests/test_bom.py index d746d058..7c7695da 100644 --- a/tests/test_bom.py +++ b/tests/test_bom.py @@ -1,6 +1,21 @@ -from unittest import TestCase +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 import os +from unittest import TestCase from cyclonedx.model.bom import Bom from cyclonedx.model.component import Component diff --git a/tests/test_component.py b/tests/test_component.py index ba7b7645..99d1f4c5 100644 --- a/tests/test_component.py +++ b/tests/test_component.py @@ -1,8 +1,25 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from unittest import TestCase -from cyclonedx.model.component import Component from packageurl import PackageURL +from cyclonedx.model.component import Component + class TestComponent(TestCase): _component: Component diff --git a/tests/test_e2e_environment.py b/tests/test_e2e_environment.py index 9a619da2..1b7904b8 100644 --- a/tests/test_e2e_environment.py +++ b/tests/test_e2e_environment.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + import json from unittest import TestCase from xml.etree import ElementTree diff --git a/tests/test_output_generic.py b/tests/test_output_generic.py index 60e6eab0..74eb671b 100644 --- a/tests/test_output_generic.py +++ b/tests/test_output_generic.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from unittest import TestCase from cyclonedx.output import get_instance, OutputFormat, SchemaVersion diff --git a/tests/test_output_json.py b/tests/test_output_json.py index 5b2f43aa..7feb0bdb 100644 --- a/tests/test_output_json.py +++ b/tests/test_output_json.py @@ -1,10 +1,26 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from os.path import dirname, join -from tests.base import BaseJsonTestCase from cyclonedx.model.bom import Bom from cyclonedx.model.component import Component from cyclonedx.output import get_instance, OutputFormat, SchemaVersion from cyclonedx.output.json import JsonV1Dot3, JsonV1Dot2 +from tests.base import BaseJsonTestCase class TestOutputJson(BaseJsonTestCase): diff --git a/tests/test_output_xml.py b/tests/test_output_xml.py index 7d7b4aba..663639df 100644 --- a/tests/test_output_xml.py +++ b/tests/test_output_xml.py @@ -1,10 +1,25 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from os.path import dirname, join from cyclonedx.model.bom import Bom from cyclonedx.model.component import Component from cyclonedx.output import get_instance, SchemaVersion from cyclonedx.output.xml import XmlV1Dot3, XmlV1Dot2, XmlV1Dot1, XmlV1Dot0, Xml - from tests.base import BaseXmlTestCase diff --git a/tests/test_parser_environment.py b/tests/test_parser_environment.py index b8887d52..02c210e0 100644 --- a/tests/test_parser_environment.py +++ b/tests/test_parser_environment.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + from unittest import TestCase from cyclonedx.parser.environment import EnvironmentParser diff --git a/tests/test_parser_requirements.py b/tests/test_parser_requirements.py index 7ee2515d..dfb67fad 100644 --- a/tests/test_parser_requirements.py +++ b/tests/test_parser_requirements.py @@ -1,3 +1,19 @@ +# encoding: utf-8 + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 + import os from unittest import TestCase