Skip to content

Commit

Permalink
Create nameless Package w/ deps for lockfile #1850
Browse files Browse the repository at this point in the history
    * Do not create a PURL if a Package does not have a name

Signed-off-by: Jono Yang <jyang@nexb.com>
  • Loading branch information
JonoYang committed Dec 9, 2019
1 parent c05fd11 commit 672e6aa
Show file tree
Hide file tree
Showing 3 changed files with 1,016 additions and 414 deletions.
2 changes: 2 additions & 0 deletions src/packagedcode/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -241,6 +241,8 @@ def purl(self):
"""
Return a compact purl package URL string.
"""
if not self.name:
return
return PackageURL(
self.type, self.namespace, self.name, self.version,
self.qualifiers, self.subpath).to_string()
Expand Down
100 changes: 49 additions & 51 deletions src/packagedcode/phpcomposer.py
Original file line number Diff line number Diff line change
Expand Up @@ -164,8 +164,7 @@ def parse(location):
elif is_phpcomposer_lock(location):
with io.open(location, encoding='utf-8') as loc:
package_data = json.load(loc, object_pairs_hook=OrderedDict)

for package in build_package_from_lock(package_data):
for package in build_packages_from_lock(package_data):
yield package


Expand Down Expand Up @@ -223,7 +222,8 @@ def build_package_from_json(package_data):
('conflict', partial(_deps_mapper, scope='conflict', is_runtime=True, is_optional=True)),
('replace', partial(_deps_mapper, scope='replace', is_runtime=True, is_optional=True)),
('suggest', partial(_deps_mapper, scope='suggest', is_runtime=True, is_optional=True)),

('source', source_mapper),
('dist', dist_mapper)
]

for source, func in field_mappers:
Expand Down Expand Up @@ -284,6 +284,34 @@ def support_mapper(support, package):
return package


def source_mapper(source, package):
"""
Add vcs_url from source tag, if present. Typically only present in
composer.lock
"""
tool = source.get('type')
if not tool:
return package
url = source.get('url')
if not url:
return package
version = source.get('reference')
package.vcs_url = '{tool}+{url}@{version}'.format(**locals())
return package


def dist_mapper(dist, package):
"""
Add download_url from source tag, if present. Typically only present in
composer.lock
"""
url = dist.get('url')
if not url:
return package
package.download_url = url
return package


def vendor_mapper(package):
"""
Vendor is the first part of the name element.
Expand Down Expand Up @@ -356,55 +384,25 @@ def parse_person(persons):
raise ValueError('Incorrect PHP composer persons: %(persons)r' % locals())


def build_package_from_lock(package_data):
def build_dep_package(package, scope, is_runtime, is_optional):
return models.DependentPackage(
purl=package.purl,
scope=scope,
is_runtime=is_runtime,
is_optional=is_optional,
is_resolved=True,
)


def build_packages_from_lock(package_data):
"""
Yield composer Package objects from a package data mapping that originated
from a composer.lock file
"""
packages = package_data.get('packages', []) + package_data.get('packages-dev', [])
for package in packages:
dependencies = []
for dep, req in package.get('require', {}).items():
dependencies.append(
models.DependentPackage(
purl=PackageURL(type='composer', name=dep).to_string(),
scope='require',
requirement=req,
is_runtime=True,
is_optional=False,
is_resolved=True,
)
)

for dep, req in package.get('require-dev', {}).items():
dependencies.append(
models.DependentPackage(
purl=PackageURL(type='composer', name=dep).to_string(),
scope='require-dev',
requirement=req,
is_runtime=False,
is_optional=True,
)
)

parties = []
for author in package.get('authors', []):
parties.append(
models.Party(
name=author.get('name'),
role='author',
email=author.get('email'),
)
)

yield PHPComposerPackage(
name=package.get('name'),
version=package.get('version'),
download_url=package.get('dist', {}).get('url'),
declared_license=package.get('license'),
homepage_url=package.get('homepage'),
description=package.get('description'),
keywords=package.get('keywords'),
dependencies=dependencies,
parties=parties,
)
packages = [build_package_from_json(p) for p in package_data.get('packages', [])]
packages_dev = [build_package_from_json(p) for p in package_data.get('packages-dev', [])]
required_deps = [build_dep_package(p, scope='require', is_runtime=True, is_optional=False) for p in packages]
required_dev_deps = [build_dep_package(p, scope='require-dev', is_runtime=False, is_optional=True) for p in packages_dev]
yield PHPComposerPackage(dependencies=required_deps + required_dev_deps)
for package in packages + packages_dev:
yield package
Loading

0 comments on commit 672e6aa

Please sign in to comment.