diff --git a/Makefile b/Makefile index d3e8c7b8..64abdc54 100644 --- a/Makefile +++ b/Makefile @@ -134,7 +134,7 @@ test: ${ACTIVATE} DJANGO_SETTINGS_MODULE=purldb_project.settings ${PYTHON_EXE} -m pytest -vvs packagedb/tests/test_throttling.py ${ACTIVATE} DJANGO_SETTINGS_MODULE=matchcode_project.settings ${PYTHON_EXE} -m pytest -vvs matchcode_pipeline ${ACTIVATE} ${PYTHON_EXE} -m pytest -vvs matchcode-toolkit --ignore matchcode-toolkit/src/matchcode_toolkit/pipelines - ${ACTIVATE} ${PYTHON_EXE} -m pytest -vvs purldb-toolkit + ${ACTIVATE} ${PYTHON_EXE} -m pytest -vvs purldb-toolkit/ shell: ${MANAGE} shell diff --git a/configure b/configure index 4aa1c129..5c3359b2 100755 --- a/configure +++ b/configure @@ -30,15 +30,15 @@ CLI_ARGS=$1 CUSTOM_PACKAGES="" # Requirement arguments passed to pip and used by default or with --dev. -REQUIREMENTS="$CUSTOM_PACKAGES --editable matchcode-toolkit --editable purldb-toolkit --editable . --constraint requirements.txt" -DEV_REQUIREMENTS="$CUSTOM_PACKAGES --editable matchcode-toolkit --editable purldb-toolkit --editable .[testing] --constraint requirements.txt --constraint requirements-dev.txt" -DOCS_REQUIREMENTS="$CUSTOM_PACKAGES --editable matchcode-toolkit --editable purldb-toolkit --editable .[docs] --constraint requirements.txt" +REQUIREMENTS="$CUSTOM_PACKAGES --editable matchcode-toolkit/ --editable purldb-toolkit/ --editable . --constraint requirements.txt" +DEV_REQUIREMENTS="$CUSTOM_PACKAGES --editable matchcode-toolkit/ --editable purldb-toolkit/[testing] --editable .[testing] --constraint requirements.txt --constraint requirements-dev.txt" +DOCS_REQUIREMENTS="$CUSTOM_PACKAGES --editable matchcode-toolkit/ --editable purldb-toolkit/ --editable .[docs] --constraint requirements.txt" # where we create a virtualenv VIRTUALENV_DIR=venv # Cleanable files and directories to delete with the --clean option -CLEANABLE="build dist venv .cache .eggs matchcode-toolkit/build matchcode-toolkit/dist matchcode-toolkit/.eggs" +CLEANABLE="build dist venv .cache .eggs matchcode-toolkit/build matchcode-toolkit/dist matchcode-toolkit/.eggs purldb-toolkit/build purldb-toolkit/dist" # extra arguments passed to pip PIP_EXTRA_ARGS=" " @@ -131,6 +131,7 @@ install_packages() { # be reinstalled a second time and reused from the virtualenv and this # speeds up the installation. # We always have the PEP517 build dependencies installed already. + "$CFG_BIN_DIR/pip" install flot "$CFG_BIN_DIR/pip" install \ --upgrade \ diff --git a/minecode/tests/testfiles/directories/find-ls-expected.json b/minecode/tests/testfiles/directories/find-ls-expected.json index 42fb8219..492d54e3 100644 --- a/minecode/tests/testfiles/directories/find-ls-expected.json +++ b/minecode/tests/testfiles/directories/find-ls-expected.json @@ -31,63 +31,63 @@ "path":"groovy/2.4.6/distribution/apache-groovy-binary-2.4.6.zip", "type":"f", "size":36461535, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/distribution/apache-groovy-binary-2.4.6.zip.asc", "type":"f", "size":473, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/distribution/apache-groovy-binary-2.4.6.zip.md5", "type":"f", "size":65, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/distribution/apache-groovy-docs-2.4.6.zip", "type":"f", "size":14763401, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/distribution/apache-groovy-docs-2.4.6.zip.asc", "type":"f", "size":473, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/distribution/apache-groovy-docs-2.4.6.zip.md5", "type":"f", "size":63, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/distribution/apache-groovy-sdk-2.4.6.zip", "type":"f", "size":58195864, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/distribution/apache-groovy-sdk-2.4.6.zip.asc", "type":"f", "size":473, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/distribution/apache-groovy-sdk-2.4.6.zip.md5", "type":"f", "size":62, - "date":"2023-02", + "date":"2024-02", "target":null }, { @@ -108,14 +108,14 @@ "path":"groovy/2.4.6/sources/apache-groovy-src-2.4.6.zip.asc", "type":"f", "size":473, - "date":"2023-02", + "date":"2024-02", "target":null }, { "path":"groovy/2.4.6/sources/apache-groovy-src-2.4.6.zip.md5", "type":"f", "size":62, - "date":"2023-02", + "date":"2024-02", "target":null }, { diff --git a/purldb-toolkit/CHANGELOG.rst b/purldb-toolkit/CHANGELOG.rst new file mode 100644 index 00000000..949085d4 --- /dev/null +++ b/purldb-toolkit/CHANGELOG.rst @@ -0,0 +1,8 @@ +Changelog +========= + +v0.1.0 +------------ + +- Initial release + diff --git a/purldb-toolkit/CODE_OF_CONDUCT.rst b/purldb-toolkit/CODE_OF_CONDUCT.rst new file mode 100644 index 00000000..590ba198 --- /dev/null +++ b/purldb-toolkit/CODE_OF_CONDUCT.rst @@ -0,0 +1,86 @@ +Contributor Covenant Code of Conduct +==================================== + +Our Pledge +---------- + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our +project and our community a harassment-free experience for everyone, +regardless of age, body size, disability, ethnicity, gender identity and +expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, religion, or sexual identity and +orientation. + +Our Standards +------------- + +Examples of behavior that contributes to creating a positive environment +include: + +- Using welcoming and inclusive language +- Being respectful of differing viewpoints and experiences +- Gracefully accepting constructive criticism +- Focusing on what is best for the community +- Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +- The use of sexualized language or imagery and unwelcome sexual + attention or advances +- Trolling, insulting/derogatory comments, and personal or political + attacks +- Public or private harassment +- Publishing others’ private information, such as a physical or + electronic address, without explicit permission +- Other conduct which could reasonably be considered inappropriate in a + professional setting + +Our Responsibilities +-------------------- + +Project maintainers are responsible for clarifying the standards of +acceptable behavior and are expected to take appropriate and fair +corrective action in response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, +or reject comments, commits, code, wiki edits, issues, and other +contributions that are not aligned to this Code of Conduct, or to ban +temporarily or permanently any contributor for other behaviors that they +deem inappropriate, threatening, offensive, or harmful. + +Scope +----- + +This Code of Conduct applies both within project spaces and in public +spaces when an individual is representing the project or its community. +Examples of representing a project or community include using an +official project e-mail address, posting via an official social media +account, or acting as an appointed representative at an online or +offline event. Representation of a project may be further defined and +clarified by project maintainers. + +Enforcement +----------- + +Instances of abusive, harassing, or otherwise unacceptable behavior may +be reported by contacting the project team at pombredanne@gmail.com +or on the Gitter chat channel at https://gitter.im/aboutcode-org/discuss . +All complaints will be reviewed and investigated and will result in a +response that is deemed necessary and appropriate to the circumstances. +The project team is obligated to maintain confidentiality with regard to +the reporter of an incident. Further details of specific enforcement +policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in +good faith may face temporary or permanent repercussions as determined +by other members of the project’s leadership. + +Attribution +----------- + +This Code of Conduct is adapted from the `Contributor Covenant`_ , +version 1.4, available at +https://www.contributor-covenant.org/version/1/4/code-of-conduct.html + +.. _Contributor Covenant: https://www.contributor-covenant.org diff --git a/purldb-toolkit/NOTICE b/purldb-toolkit/NOTICE new file mode 100644 index 00000000..480e2970 --- /dev/null +++ b/purldb-toolkit/NOTICE @@ -0,0 +1,12 @@ +# +# Copyright (c) nexB Inc. and others. All rights reserved. +# purldb is a trademark of nexB Inc. +# SPDX-License-Identifier: Apache-2.0 AND CC-BY-SA-4.0 +# purldb software is licensed under the Apache License version 2.0. +# purldb data is licensed collectively under CC-BY-SA-4.0. +# See https://www.apache.org/licenses/LICENSE-2.0 for the license text. +# See https://creativecommons.org/licenses/by-sa/4.0/legalcode for the license text. +# +# See https://github.com/nexB/purldb for support or download. +# See https://aboutcode.org for more information about nexB OSS projects. +# diff --git a/purldb-toolkit/README.rst b/purldb-toolkit/README.rst index bc21d228..4ac94a98 100644 --- a/purldb-toolkit/README.rst +++ b/purldb-toolkit/README.rst @@ -1,14 +1,135 @@ -PurlDB toolkit +purldb-toolkit ============== -[To come.] +purldb-toolkit is command line utility and library to use the PurlDB, its API and various related libraries. + +The ``purlcli`` command acts as a client to the PurlDB REST API end point(s) to expose PURL services. +It serves both as a tool, as a library and as an example on how to use the services programmatically. + + Installation ------------ -[To come.] + pip install purldb-toolkit Usage ----- -[To come.] +Use this command to get basic help:: + + $ purlcli --help + Usage: purlcli [OPTIONS] COMMAND [ARGS]... + + Return information from a PURL. + + Options: + --help Show this message and exit. + + Commands: + metadata Given one or more PURLs, for each PURL, return a mapping of... + urls Given one or more PURLs, for each PURL, return a list of all... + validate Check the syntax of one or more PURLs. + versions Given one or more PURLs, return a list of all known versions... + + +And the following subcommands: + +- Validate a PURL:: + + $ purlcli validate --help + Usage: purlcli validate [OPTIONS] + + Check the syntax of one or more PURLs. + + Options: + --purl TEXT PackageURL or PURL. + --output FILENAME Write validation output as JSON to FILE. [required] + --file FILENAME Read a list of PURLs from a FILE, one per line. + --help Show this message and exit. + + +- Collect package versions for a PURL:: + + $ purlcli versions --help + Usage: purlcli versions [OPTIONS] + + Given one or more PURLs, return a list of all known versions for each PURL. + + Version information is not needed in submitted PURLs and if included will be + removed before processing. + + Options: + --purl TEXT PackageURL or PURL. + --output FILENAME Write versions output as JSON to FILE. [required] + --file FILENAME Read a list of PURLs from a FILE, one per line. + --help Show this message and exit. + + +- Collect package metadata for a PURL:: + + $ purlcli metadata --help + Usage: purlcli metadata [OPTIONS] + + Given one or more PURLs, for each PURL, return a mapping of metadata fetched + from the fetchcode package.py info() function. + + Options: + --purl TEXT PackageURL or PURL. + --output FILENAME Write meta output as JSON to FILE. [required] + --file FILENAME Read a list of PURLs from a FILE, one per line. + --unique Return data only for unique PURLs. + --help Show this message and exit. + + +- Collect package URLs for a PURL:: + + $ purlcli urls --help + Usage: purlcli urls [OPTIONS] + + Given one or more PURLs, for each PURL, return a list of all known URLs + fetched from the packageurl-python purl2url.py code. + + Options: + --purl TEXT PackageURL or PURL. + --output FILENAME Write urls output as JSON to FILE. [required] + --file FILENAME Read a list of PURLs from a FILE, one per line. + --unique Return data only for unique PURLs. + --head Validate each URL's existence with a head request. + --help Show this message and exit. + + +Funding +------- + +This project was funded through the NGI Assure Fund https://nlnet.nl/assure, a +fund established by NLnet https://nlnet.nl/ with financial support from the +European Commission's Next Generation Internet programme, under the aegis of DG +Communications Networks, Content and Technology under grant agreement No 957073. + +This project is also funded through grants from the Google Summer of Code +program, continuing support and sponsoring from nexB Inc. and generous +donations from multiple sponsors. + + +License +------- + +Copyright (c) nexB Inc. and others. All rights reserved. + +purldb is a trademark of nexB Inc. + +SPDX-License-Identifier: Apache-2.0 AND CC-BY-SA-4.0 + +purldb software is licensed under the Apache License version 2.0. + +purldb data is licensed collectively under CC-BY-SA-4.0. + +See https://www.apache.org/licenses/LICENSE-2.0 for the license text. + +See https://creativecommons.org/licenses/by-sa/4.0/legalcode for the license text. + +See https://github.com/nexB/purldb for support or download. + +See https://aboutcode.org for more information about nexB OSS projects. + diff --git a/purldb-toolkit/apache-2.0.LICENSE b/purldb-toolkit/apache-2.0.LICENSE new file mode 100644 index 00000000..261eeb9e --- /dev/null +++ b/purldb-toolkit/apache-2.0.LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/purldb-toolkit/cc-by-sa-4.0.LICENSE b/purldb-toolkit/cc-by-sa-4.0.LICENSE new file mode 100644 index 00000000..e04b480f --- /dev/null +++ b/purldb-toolkit/cc-by-sa-4.0.LICENSE @@ -0,0 +1,427 @@ +Attribution-ShareAlike 4.0 International + +======================================================================= + +Creative Commons Corporation ("Creative Commons") is not a law firm and +does not provide legal services or legal advice. Distribution of +Creative Commons public licenses does not create a lawyer-client or +other relationship. Creative Commons makes its licenses and related +information available on an "as-is" basis. Creative Commons gives no +warranties regarding its licenses, any material licensed under their +terms and conditions, or any related information. Creative Commons +disclaims all liability for damages resulting from their use to the +fullest extent possible. + +Using Creative Commons Public Licenses + +Creative Commons public licenses provide a standard set of terms and +conditions that creators and other rights holders may use to share +original works of authorship and other material subject to copyright +and certain other rights specified in the public license below. The +following considerations are for informational purposes only, are not +exhaustive, and do not form part of our licenses. + + Considerations for licensors: Our public licenses are + intended for use by those authorized to give the public + permission to use material in ways otherwise restricted by + copyright and certain other rights. Our licenses are + irrevocable. Licensors should read and understand the terms + and conditions of the license they choose before applying it. + Licensors should also secure all rights necessary before + applying our licenses so that the public can reuse the + material as expected. Licensors should clearly mark any + material not subject to the license. This includes other CC- + licensed material, or material used under an exception or + limitation to copyright. More considerations for licensors: + wiki.creativecommons.org/Considerations_for_licensors + + Considerations for the public: By using one of our public + licenses, a licensor grants the public permission to use the + licensed material under specified terms and conditions. If + the licensor's permission is not necessary for any reason--for + example, because of any applicable exception or limitation to + copyright--then that use is not regulated by the license. Our + licenses grant only permissions under copyright and certain + other rights that a licensor has authority to grant. Use of + the licensed material may still be restricted for other + reasons, including because others have copyright or other + rights in the material. A licensor may make special requests, + such as asking that all changes be marked or described. + Although not required by our licenses, you are encouraged to + respect those requests where reasonable. More considerations + for the public: + wiki.creativecommons.org/Considerations_for_licensees + +======================================================================= + +Creative Commons Attribution-ShareAlike 4.0 International Public +License + +By exercising the Licensed Rights (defined below), You accept and agree +to be bound by the terms and conditions of this Creative Commons +Attribution-ShareAlike 4.0 International Public License ("Public +License"). To the extent this Public License may be interpreted as a +contract, You are granted the Licensed Rights in consideration of Your +acceptance of these terms and conditions, and the Licensor grants You +such rights in consideration of benefits the Licensor receives from +making the Licensed Material available under these terms and +conditions. + + +Section 1 -- Definitions. + + a. Adapted Material means material subject to Copyright and Similar + Rights that is derived from or based upon the Licensed Material + and in which the Licensed Material is translated, altered, + arranged, transformed, or otherwise modified in a manner requiring + permission under the Copyright and Similar Rights held by the + Licensor. For purposes of this Public License, where the Licensed + Material is a musical work, performance, or sound recording, + Adapted Material is always produced where the Licensed Material is + synched in timed relation with a moving image. + + b. Adapter's License means the license You apply to Your Copyright + and Similar Rights in Your contributions to Adapted Material in + accordance with the terms and conditions of this Public License. + + c. BY-SA Compatible License means a license listed at + creativecommons.org/compatiblelicenses, approved by Creative + Commons as essentially the equivalent of this Public License. + + d. Copyright and Similar Rights means copyright and/or similar rights + closely related to copyright including, without limitation, + performance, broadcast, sound recording, and Sui Generis Database + Rights, without regard to how the rights are labeled or + categorized. For purposes of this Public License, the rights + specified in Section 2(b)(1)-(2) are not Copyright and Similar + Rights. + + e. Effective Technological Measures means those measures that, in the + absence of proper authority, may not be circumvented under laws + fulfilling obligations under Article 11 of the WIPO Copyright + Treaty adopted on December 20, 1996, and/or similar international + agreements. + + f. Exceptions and Limitations means fair use, fair dealing, and/or + any other exception or limitation to Copyright and Similar Rights + that applies to Your use of the Licensed Material. + + g. License Elements means the license attributes listed in the name + of a Creative Commons Public License. The License Elements of this + Public License are Attribution and ShareAlike. + + h. Licensed Material means the artistic or literary work, database, + or other material to which the Licensor applied this Public + License. + + i. Licensed Rights means the rights granted to You subject to the + terms and conditions of this Public License, which are limited to + all Copyright and Similar Rights that apply to Your use of the + Licensed Material and that the Licensor has authority to license. + + j. Licensor means the individual(s) or entity(ies) granting rights + under this Public License. + + k. Share means to provide material to the public by any means or + process that requires permission under the Licensed Rights, such + as reproduction, public display, public performance, distribution, + dissemination, communication, or importation, and to make material + available to the public including in ways that members of the + public may access the material from a place and at a time + individually chosen by them. + + l. Sui Generis Database Rights means rights other than copyright + resulting from Directive 96/9/EC of the European Parliament and of + the Council of 11 March 1996 on the legal protection of databases, + as amended and/or succeeded, as well as other essentially + equivalent rights anywhere in the world. + + m. You means the individual or entity exercising the Licensed Rights + under this Public License. Your has a corresponding meaning. + + +Section 2 -- Scope. + + a. License grant. + + 1. Subject to the terms and conditions of this Public License, + the Licensor hereby grants You a worldwide, royalty-free, + non-sublicensable, non-exclusive, irrevocable license to + exercise the Licensed Rights in the Licensed Material to: + + a. reproduce and Share the Licensed Material, in whole or + in part; and + + b. produce, reproduce, and Share Adapted Material. + + 2. Exceptions and Limitations. For the avoidance of doubt, where + Exceptions and Limitations apply to Your use, this Public + License does not apply, and You do not need to comply with + its terms and conditions. + + 3. Term. The term of this Public License is specified in Section + 6(a). + + 4. Media and formats; technical modifications allowed. The + Licensor authorizes You to exercise the Licensed Rights in + all media and formats whether now known or hereafter created, + and to make technical modifications necessary to do so. The + Licensor waives and/or agrees not to assert any right or + authority to forbid You from making technical modifications + necessary to exercise the Licensed Rights, including + technical modifications necessary to circumvent Effective + Technological Measures. For purposes of this Public License, + simply making modifications authorized by this Section 2(a) + (4) never produces Adapted Material. + + 5. Downstream recipients. + + a. Offer from the Licensor -- Licensed Material. Every + recipient of the Licensed Material automatically + receives an offer from the Licensor to exercise the + Licensed Rights under the terms and conditions of this + Public License. + + b. Additional offer from the Licensor -- Adapted Material. + Every recipient of Adapted Material from You + automatically receives an offer from the Licensor to + exercise the Licensed Rights in the Adapted Material + under the conditions of the Adapter's License You apply. + + c. No downstream restrictions. You may not offer or impose + any additional or different terms or conditions on, or + apply any Effective Technological Measures to, the + Licensed Material if doing so restricts exercise of the + Licensed Rights by any recipient of the Licensed + Material. + + 6. No endorsement. Nothing in this Public License constitutes or + may be construed as permission to assert or imply that You + are, or that Your use of the Licensed Material is, connected + with, or sponsored, endorsed, or granted official status by, + the Licensor or others designated to receive attribution as + provided in Section 3(a)(1)(A)(i). + + b. Other rights. + + 1. Moral rights, such as the right of integrity, are not + licensed under this Public License, nor are publicity, + privacy, and/or other similar personality rights; however, to + the extent possible, the Licensor waives and/or agrees not to + assert any such rights held by the Licensor to the limited + extent necessary to allow You to exercise the Licensed + Rights, but not otherwise. + + 2. Patent and trademark rights are not licensed under this + Public License. + + 3. To the extent possible, the Licensor waives any right to + collect royalties from You for the exercise of the Licensed + Rights, whether directly or through a collecting society + under any voluntary or waivable statutory or compulsory + licensing scheme. In all other cases the Licensor expressly + reserves any right to collect such royalties. + + +Section 3 -- License Conditions. + +Your exercise of the Licensed Rights is expressly made subject to the +following conditions. + + a. Attribution. + + 1. If You Share the Licensed Material (including in modified + form), You must: + + a. retain the following if it is supplied by the Licensor + with the Licensed Material: + + i. identification of the creator(s) of the Licensed + Material and any others designated to receive + attribution, in any reasonable manner requested by + the Licensor (including by pseudonym if + designated); + + ii. a copyright notice; + + iii. a notice that refers to this Public License; + + iv. a notice that refers to the disclaimer of + warranties; + + v. a URI or hyperlink to the Licensed Material to the + extent reasonably practicable; + + b. indicate if You modified the Licensed Material and + retain an indication of any previous modifications; and + + c. indicate the Licensed Material is licensed under this + Public License, and include the text of, or the URI or + hyperlink to, this Public License. + + 2. You may satisfy the conditions in Section 3(a)(1) in any + reasonable manner based on the medium, means, and context in + which You Share the Licensed Material. For example, it may be + reasonable to satisfy the conditions by providing a URI or + hyperlink to a resource that includes the required + information. + + 3. If requested by the Licensor, You must remove any of the + information required by Section 3(a)(1)(A) to the extent + reasonably practicable. + + b. ShareAlike. + + In addition to the conditions in Section 3(a), if You Share + Adapted Material You produce, the following conditions also apply. + + 1. The Adapter's License You apply must be a Creative Commons + license with the same License Elements, this version or + later, or a BY-SA Compatible License. + + 2. You must include the text of, or the URI or hyperlink to, the + Adapter's License You apply. You may satisfy this condition + in any reasonable manner based on the medium, means, and + context in which You Share Adapted Material. + + 3. You may not offer or impose any additional or different terms + or conditions on, or apply any Effective Technological + Measures to, Adapted Material that restrict exercise of the + rights granted under the Adapter's License You apply. + + +Section 4 -- Sui Generis Database Rights. + +Where the Licensed Rights include Sui Generis Database Rights that +apply to Your use of the Licensed Material: + + a. for the avoidance of doubt, Section 2(a)(1) grants You the right + to extract, reuse, reproduce, and Share all or a substantial + portion of the contents of the database; + + b. if You include all or a substantial portion of the database + contents in a database in which You have Sui Generis Database + Rights, then the database in which You have Sui Generis Database + Rights (but not its individual contents) is Adapted Material, + + including for purposes of Section 3(b); and + c. You must comply with the conditions in Section 3(a) if You Share + all or a substantial portion of the contents of the database. + +For the avoidance of doubt, this Section 4 supplements and does not +replace Your obligations under this Public License where the Licensed +Rights include other Copyright and Similar Rights. + + +Section 5 -- Disclaimer of Warranties and Limitation of Liability. + + a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE + EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS + AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF + ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, + IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, + WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR + PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, + ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT + KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT + ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. + + b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE + TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, + NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, + INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, + COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR + USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN + ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR + DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR + IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. + + c. The disclaimer of warranties and limitation of liability provided + above shall be interpreted in a manner that, to the extent + possible, most closely approximates an absolute disclaimer and + waiver of all liability. + + +Section 6 -- Term and Termination. + + a. This Public License applies for the term of the Copyright and + Similar Rights licensed here. However, if You fail to comply with + this Public License, then Your rights under this Public License + terminate automatically. + + b. Where Your right to use the Licensed Material has terminated under + Section 6(a), it reinstates: + + 1. automatically as of the date the violation is cured, provided + it is cured within 30 days of Your discovery of the + violation; or + + 2. upon express reinstatement by the Licensor. + + For the avoidance of doubt, this Section 6(b) does not affect any + right the Licensor may have to seek remedies for Your violations + of this Public License. + + c. For the avoidance of doubt, the Licensor may also offer the + Licensed Material under separate terms or conditions or stop + distributing the Licensed Material at any time; however, doing so + will not terminate this Public License. + + d. Sections 1, 5, 6, 7, and 8 survive termination of this Public + License. + + +Section 7 -- Other Terms and Conditions. + + a. The Licensor shall not be bound by any additional or different + terms or conditions communicated by You unless expressly agreed. + + b. Any arrangements, understandings, or agreements regarding the + Licensed Material not stated herein are separate from and + independent of the terms and conditions of this Public License. + + +Section 8 -- Interpretation. + + a. For the avoidance of doubt, this Public License does not, and + shall not be interpreted to, reduce, limit, restrict, or impose + conditions on any use of the Licensed Material that could lawfully + be made without permission under this Public License. + + b. To the extent possible, if any provision of this Public License is + deemed unenforceable, it shall be automatically reformed to the + minimum extent necessary to make it enforceable. If the provision + cannot be reformed, it shall be severed from this Public License + without affecting the enforceability of the remaining terms and + conditions. + + c. No term or condition of this Public License will be waived and no + failure to comply consented to unless expressly agreed to by the + Licensor. + + d. Nothing in this Public License constitutes or may be interpreted + as a limitation upon, or waiver of, any privileges and immunities + that apply to the Licensor or You, including from the legal + processes of any jurisdiction or authority. + + +======================================================================= + +Creative Commons is not a party to its public +licenses. Notwithstanding, Creative Commons may elect to apply one of +its public licenses to material it publishes and in those instances +will be considered the “Licensor.” The text of the Creative Commons +public licenses is dedicated to the public domain under the CC0 Public +Domain Dedication. Except for the limited purpose of indicating that +material is shared under a Creative Commons public license or as +otherwise permitted by the Creative Commons policies published at +creativecommons.org/policies, Creative Commons does not authorize the +use of the trademark "Creative Commons" or any other trademark or logo +of Creative Commons without its prior written consent including, +without limitation, in connection with any unauthorized modifications +to any of its public licenses or any other arrangements, +understandings, or agreements concerning use of licensed material. For +the avoidance of doubt, this paragraph does not form part of the +public licenses. + +Creative Commons may be contacted at creativecommons.org. diff --git a/purldb-toolkit/pyproject.toml b/purldb-toolkit/pyproject.toml index 5e8917eb..9a9f83f8 100644 --- a/purldb-toolkit/pyproject.toml +++ b/purldb-toolkit/pyproject.toml @@ -1,15 +1,130 @@ +[build-system] +requires = [ "flot>=0.7.0" ] +build-backend = "flot.buildapi" + [project] name = "purldb-toolkit" -version = "0.0.1" +version = "0.1.0" +description = "A toolkit and library to use the PurlDB and its API" +readme = "README.rst" +license = { text = "Apache-2.0" } +requires-python = ">=3.7" -[build-system] -requires = ["setuptools == 68.2.2", "wheel", "setuptools_scm[toml] >= 6"] -build-backend = "setuptools.build_meta" +authors = [ + { name = "nexB. Inc. and others", email = "info@aboutcode.org" }, +] + +keywords = [ + "purl", + "Package-URL", + "Git", + "metadata", + "package", + "dependencies", + "open source", + "package", + "sca", + "scan", +] + +classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only", + "Topic :: Software Development", + "Topic :: Utilities", +] + +dependencies = [ + "click >= 6.7, !=7.0", + "fetchcode", + "packageurl_python >= 0.13.4", + "requests >= 2.7.0", +] + +urls = { Homepage = "https://github.com/nexB/purldb/tree/main/purldb-toolkit" } + + +[project.optional-dependencies] +docs = [ + "doc8 >= 0.8.1", + "Sphinx == 5.1.0", + "sphinx-autobuild", + "sphinx-copybutton", + "sphinx-reredirects >= 0.1.2", + "sphinx-rtd-dark-mode>=1.3.0", + "sphinx_rtd_theme >= 0.5.1", +] + +testing = [ + "aboutcode-toolkit >= 7.0.2", + "black", + "isort", + "pycodestyle >= 2.8.0", + "pytest >= 6, != 7.0.0", + "pytest-rerunfailures", + "pytest-xdist >= 2", + "twine", + "vendorize >= 0.3.0", + "bump-my-version", +] + + +[tool.bumpversion] +current_version = "0.1.0" +allow_dirty = true + +files = [ + { filename = "pyproject.toml" }, +] + +[project.scripts] +purlcli = "purldb_toolkit.purlcli:purlcli" + +[tool.flot] +includes = [ + "src/**/*", +] +excludes = [ + # Python compiled files + "**/*.py[cod]", + "**/*.egg-info", + # Various junk and temp files + "**/.DS_Store", + "**/*~", + "**/.*.sw[po]", + "**/.ve", + "**/*.bak", + "**/.ipynb_checkpoints", +] + +metadata_files = ["*.LICENSE", "NOTICE", ] +editable_paths = ["src", "tests"] +wheel_path_prefixes_to_strip = ["src"] +sdist_extra_includes = [ + "etc/**/*", + "docs/**/*", + ".github/**/*", + "tests/**/*", + ".gitattributes", + ".gitignore", + "thirdparty/**/*", + "*.LICENSE", + "NOTICE", + "*.ABOUT", + "*.toml", + "*.yml", + "*.rst", + "*.py", +] + +[tool.isort] +force_single_line = "True" +line_length = 88 +sections = "FUTURE,STDLIB,THIRDPARTY,FIRSTPARTY,LOCALFOLDER" +skip = "doc,venv,tmp,thirdparty,build,dist" -[tool.setuptools_scm] -# this is used populated when creating a git archive -# and when there is .git dir and/or there is no git installed -fallback_version = "9999.$Format:%h-%cs$" [tool.pytest.ini_options] norecursedirs = [ diff --git a/purldb-toolkit/setup.cfg b/purldb-toolkit/setup.cfg deleted file mode 100644 index 1d8ff7f1..00000000 --- a/purldb-toolkit/setup.cfg +++ /dev/null @@ -1,66 +0,0 @@ -[metadata] -name = purldb-toolkit -version = 0.0.1 -license = Apache-2.0 - -# description must be on ONE line https://github.com/pypa/setuptools/issues/1390 -description = purldb-toolkit -long_description = file:README.rst -long_description_content_type = text/x-rst -url = https://github.com/nexB/purldb/tree/main/purldb-toolkit - -author = nexB. Inc. and others -author_email = info@aboutcode.org - -classifiers = - Development Status :: 5 - Production/Stable - Intended Audience :: Developers - Programming Language :: Python :: 3 - Programming Language :: Python :: 3 :: Only - Topic :: Software Development - Topic :: Utilities - -keywords = - utilities - -license_files = - apache-2.0.LICENSE - NOTICE - AUTHORS.rst - CHANGELOG.rst - -[options] -package_dir = - =src -packages = find: -include_package_data = true -zip_safe = false - -setup_requires = setuptools_scm[toml] >= 4 - -python_requires = >=3.7 - -install_requires = - click - fetchcode - requests - packageurl-python - -[options.packages.find] -where = src - - -[options.extras_require] -testing = - pytest >= 6, != 7.0.0 - pytest-xdist >= 2 - aboutcode-toolkit >= 6.0.0 - black - -docs = - Sphinx >= 3.3.1 - sphinx-rtd-theme >= 0.5.0 - doc8 >= 0.8.1 - - -[options.entry_points] diff --git a/purldb-toolkit/setup.py b/purldb-toolkit/setup.py deleted file mode 100644 index bac24a43..00000000 --- a/purldb-toolkit/setup.py +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env python - -import setuptools - -if __name__ == "__main__": - setuptools.setup() diff --git a/purldb-toolkit/src/purldb_toolkit/purlcli.py b/purldb-toolkit/src/purldb_toolkit/purlcli.py index 8c50ec18..290f2dd0 100644 --- a/purldb-toolkit/src/purldb_toolkit/purlcli.py +++ b/purldb-toolkit/src/purldb_toolkit/purlcli.py @@ -1,3 +1,12 @@ +# +# Copyright (c) nexB Inc. and others. All rights reserved. +# purldb is a trademark of nexB Inc. +# SPDX-License-Identifier: Apache-2.0 +# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. +# See https://github.com/nexB/purldb for support or download. +# See https://aboutcode.org for more information about nexB OSS projects. +# + import json import re from importlib.metadata import version diff --git a/purldb-toolkit/tests/data/purlcli/expected_metadata_output.json b/purldb-toolkit/tests/data/purlcli/expected_metadata_output.json index 50615f2f..8e87ed86 100644 --- a/purldb-toolkit/tests/data/purlcli/expected_metadata_output.json +++ b/purldb-toolkit/tests/data/purlcli/expected_metadata_output.json @@ -2,7 +2,7 @@ "headers": [ { "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "options": { "command": "metadata", "--purl": [ diff --git a/purldb-toolkit/tests/data/purlcli/expected_metadata_output_unique.json b/purldb-toolkit/tests/data/purlcli/expected_metadata_output_unique.json index 82351af3..8694c373 100644 --- a/purldb-toolkit/tests/data/purlcli/expected_metadata_output_unique.json +++ b/purldb-toolkit/tests/data/purlcli/expected_metadata_output_unique.json @@ -2,7 +2,7 @@ "headers": [ { "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "options": { "command": "metadata", "--purl": [ diff --git a/purldb-toolkit/tests/data/purlcli/expected_urls_output.json b/purldb-toolkit/tests/data/purlcli/expected_urls_output.json index 52bef2c1..7089f5bb 100644 --- a/purldb-toolkit/tests/data/purlcli/expected_urls_output.json +++ b/purldb-toolkit/tests/data/purlcli/expected_urls_output.json @@ -2,7 +2,7 @@ "headers": [ { "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "options": { "command": "urls", "--purl": [ diff --git a/purldb-toolkit/tests/data/purlcli/expected_urls_output_head.json b/purldb-toolkit/tests/data/purlcli/expected_urls_output_head.json index 8d163d35..37bab6c0 100644 --- a/purldb-toolkit/tests/data/purlcli/expected_urls_output_head.json +++ b/purldb-toolkit/tests/data/purlcli/expected_urls_output_head.json @@ -2,7 +2,7 @@ "headers": [ { "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "options": { "command": "urls", "--purl": [ diff --git a/purldb-toolkit/tests/test_purlcli.py b/purldb-toolkit/tests/test_purlcli.py index 712f22f8..257cced5 100644 --- a/purldb-toolkit/tests/test_purlcli.py +++ b/purldb-toolkit/tests/test_purlcli.py @@ -1,3 +1,12 @@ +# +# Copyright (c) nexB Inc. and others. All rights reserved. +# purldb is a trademark of nexB Inc. +# SPDX-License-Identifier: Apache-2.0 +# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. +# See https://github.com/nexB/purldb for support or download. +# See https://aboutcode.org for more information about nexB OSS projects. +# + import json import os from collections import OrderedDict @@ -175,7 +184,7 @@ def test_metadata_cli_duplicate_input_sources(self): "--purl", "pkg:pypi/minecode", "--file", - "purldb-toolkit/tests/data/purlcli/metadata_input_purls.txt", + test_env.get_test_loc("purlcli/metadata_input_purls.txt"), "--output", "-", ] @@ -206,7 +215,7 @@ def test_metadata_cli_no_input_sources(self): "headers": [ { "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "options": { "command": "metadata", "--purl": ["pkg:pypi/fetchcode"], @@ -397,7 +406,7 @@ def test_metadata_cli_no_input_sources(self): }, "purls": ["pkg:gem/bundler-sass"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [ "'pkg:gem/bundler-sass' not supported with `metadata` command" ], @@ -420,7 +429,7 @@ def test_metadata_cli_no_input_sources(self): }, "purls": ["pkg:rubygems/bundler-sass"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [], } ], @@ -478,7 +487,7 @@ def test_metadata_cli_no_input_sources(self): }, "purls": ["pkg:nginx/nginx"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [ "'pkg:nginx/nginx' not supported with `metadata` command" ], @@ -501,7 +510,7 @@ def test_metadata_cli_no_input_sources(self): }, "purls": ["pkg:pypi/zzzzz"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [ "'pkg:pypi/zzzzz' does not exist in the upstream repo", ], @@ -524,7 +533,7 @@ def test_metadata_cli_no_input_sources(self): }, "purls": ["pkg:pypi/?fetchcode"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": ["'pkg:pypi/?fetchcode' not valid"], } ], @@ -545,7 +554,7 @@ def test_metadata_cli_no_input_sources(self): }, "purls": ["zzzzz"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": ["'zzzzz' not valid"], } ], @@ -672,7 +681,7 @@ def test_normalize_purl(self, test_input, expected): "pkg:pypi/fetchcode@0.2.0", ], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [ "'pkg:gem/bundler-sass' not supported with `metadata` command" ], @@ -725,7 +734,7 @@ def test_construct_headers(self, test_input, expected): "pkg:pypi/fetchcode@0.2.0", ], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [ "input PURL: 'pkg:pypi/fetchcode@0.1.0' normalized to 'pkg:pypi/fetchcode'", "input PURL: 'pkg:pypi/fetchcode@0.2.0' normalized to 'pkg:pypi/fetchcode'", @@ -982,7 +991,7 @@ def test_urls_cli_duplicate_input_sources(self): "--purl", "pkg:pypi/minecode", "--file", - "purldb-toolkit/tests/data/purlcli/metadata_input_purls.txt", + test_env.get_test_loc("purlcli/metadata_input_purls.txt"), "--output", "-", ] @@ -1013,7 +1022,7 @@ def test_urls_cli_no_input_sources(self): "headers": [ { "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "options": { "command": "urls", "--purl": ["pkg:pypi/fetchcode"], @@ -1060,7 +1069,7 @@ def test_urls_cli_no_input_sources(self): "headers": [ { "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "options": { "command": "urls", "--purl": ["pkg:pypi/fetchcode@10.0.0"], @@ -1091,7 +1100,7 @@ def test_urls_cli_no_input_sources(self): }, "purls": ["pkg:gem/bundler-sass"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [], } ], @@ -1136,7 +1145,7 @@ def test_urls_cli_no_input_sources(self): }, "purls": ["pkg:rubygems/bundler-sass"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [], } ], @@ -1181,7 +1190,7 @@ def test_urls_cli_no_input_sources(self): }, "purls": ["pkg:nginx/nginx"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [ "'pkg:nginx/nginx' not supported with `urls` command" ], @@ -1204,7 +1213,7 @@ def test_urls_cli_no_input_sources(self): }, "purls": ["pkg:pypi/zzzzz"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": [ "'pkg:pypi/zzzzz' does not exist in the upstream repo", ], @@ -1227,7 +1236,7 @@ def test_urls_cli_no_input_sources(self): }, "purls": ["pkg:pypi/?fetchcode"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": ["'pkg:pypi/?fetchcode' not valid"], } ], @@ -1248,7 +1257,7 @@ def test_urls_cli_no_input_sources(self): }, "purls": ["zzzzz"], "tool_name": "purlcli", - "tool_version": "0.0.1", + "tool_version": "0.1.0", "warnings": ["'zzzzz' not valid"], } ],