Skip to content

Commit 09af961

Browse files
tdrueztdruez
authored
Associate resolved packages with their source codebase resource #1140 (#1141)
Signed-off-by: tdruez <tdruez@nexb.com>
1 parent 4c8eb37 commit 09af961

File tree

6 files changed

+24
-5
lines changed

6 files changed

+24
-5
lines changed

CHANGELOG.rst

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,12 @@
11
Changelog
22
=========
33

4+
v34.3.0 (unreleased)
5+
--------------------
6+
7+
- Associate resolved packages with their source codebase resource.
8+
https://github.com/nexB/scancode.io/issues/1140
9+
410
v34.2.0 (2024-03-28)
511
--------------------
612

scanpipe/pipes/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -192,7 +192,7 @@ def update_or_create_package(project, package_data, codebase_resources=None):
192192
else:
193193
package = DiscoveredPackage.create_from_data(project, package_data)
194194

195-
if codebase_resources:
195+
if package and codebase_resources:
196196
package.add_resources(codebase_resources)
197197

198198
return package

scanpipe/pipes/resolve.py

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -58,10 +58,12 @@ def get_packages(project, package_registry, manifest_resources, model=None):
5858

5959
for resource in manifest_resources:
6060
if packages := get_packages_from_manifest(resource.location, package_registry):
61+
for package_data in packages:
62+
package_data["codebase_resources"] = [resource]
6163
resolved_packages.extend(packages)
6264
else:
6365
project.add_error(
64-
description="No packages could be resolved for",
66+
description="No packages could be resolved",
6567
model=model,
6668
resource=resource,
6769
)
@@ -80,7 +82,8 @@ def create_packages_and_dependencies(project, packages, resolved=False):
8082
for package_data in packages:
8183
package_data = set_license_expression(package_data)
8284
dependencies = package_data.pop("dependencies", [])
83-
update_or_create_package(project, package_data)
85+
codebase_resources = package_data.pop("codebase_resources", [])
86+
update_or_create_package(project, package_data, codebase_resources)
8487

8588
for dependency_data in dependencies:
8689
if resolved:

scanpipe/tests/pipes/test_pipes.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,9 @@ def test_scanpipe_pipes_update_or_create_package(self):
116116
self.assertIn(package2, resource1.discovered_packages.all())
117117
self.assertIn(package2, resource2.discovered_packages.all())
118118

119+
# Make sure the following does not raise an exception
120+
self.assertIsNone(pipes.update_or_create_package(p1, {}, [resource1]))
121+
119122
def test_scanpipe_pipes_update_or_create_package_codebase_resources(self):
120123
p1 = Project.objects.create(name="Analysis")
121124
resource1 = make_resource_file(project=p1, path="filename.ext")

scanpipe/tests/pipes/test_resolve.py

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -196,7 +196,10 @@ def test_scanpipe_resolve_get_packages_from_sbom(self):
196196
resources,
197197
)
198198
self.assertEqual(1, len(packages))
199-
self.assertEqual("toml", packages[0]["name"])
199+
package = packages[0]
200+
self.assertEqual("toml", package["name"])
201+
resource1 = project1.codebaseresources.get(name="toml.spdx.json")
202+
self.assertEqual([resource1], package.get("codebase_resources"))
200203

201204
def test_scanpipe_resolve_create_packages_and_dependencies(self):
202205
project1 = Project.objects.create(name="Analysis")
@@ -214,3 +217,7 @@ def test_scanpipe_resolve_create_packages_and_dependencies(self):
214217
resolve.create_packages_and_dependencies(project1, packages)
215218
self.assertEqual(1, project1.discoveredpackages.count())
216219
self.assertEqual(0, project1.discovereddependencies.count())
220+
221+
resource1 = project1.codebaseresources.get(name="toml.spdx.json")
222+
package = project1.discoveredpackages.get()
223+
self.assertEqual(resource1, package.codebase_resources.get())

scanpipe/tests/test_pipelines.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -915,7 +915,7 @@ def test_scanpipe_resolve_dependencies_pipeline_integration_empty_manifest(self)
915915
self.assertEqual(1, project1.projectmessages.count())
916916
message = project1.projectmessages.get()
917917
self.assertEqual("get_packages_from_manifest", message.model)
918-
expected = "No packages could be resolved for"
918+
expected = "No packages could be resolved"
919919
self.assertIn(expected, message.description)
920920

921921
def test_scanpipe_resolve_dependencies_pipeline_integration_misc(self):

0 commit comments

Comments
 (0)