From b406ac0bfcd26bdc8c88abae8610242beeb66c63 Mon Sep 17 00:00:00 2001
From: Jono Yang <jyang@nexb.com>
Date: Thu, 5 May 2022 17:38:30 -0700
Subject: [PATCH] Handle package_uids for DiscoveredPackages #411

    * Remove create_discovered_packages2 and create_codebase_resources2

Signed-off-by: Jono Yang <jyang@nexb.com>
---
 scanpipe/pipelines/scan_package.py |  4 ++--
 scanpipe/pipes/__init__.py         |  7 +++++++
 scanpipe/pipes/scancode.py         | 12 ++++--------
 3 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/scanpipe/pipelines/scan_package.py b/scanpipe/pipelines/scan_package.py
index 5e0d58f6d..c8b0b9bc8 100644
--- a/scanpipe/pipelines/scan_package.py
+++ b/scanpipe/pipelines/scan_package.py
@@ -118,8 +118,8 @@ def build_inventory_from_scan(self):
         """
         project = self.project
         scanned_codebase = scancode.get_virtual_codebase(project, str(self.scan_output))
-        scancode.create_discovered_packages2(project, scanned_codebase)
-        scancode.create_codebase_resources2(project, scanned_codebase)
+        scancode.create_discovered_packages(project, scanned_codebase)
+        scancode.create_codebase_resources(project, scanned_codebase)
 
     def make_summary_from_scan_results(self):
         """
diff --git a/scanpipe/pipes/__init__.py b/scanpipe/pipes/__init__.py
index 4a2862eaa..65327fb3b 100644
--- a/scanpipe/pipes/__init__.py
+++ b/scanpipe/pipes/__init__.py
@@ -91,6 +91,13 @@ def update_or_create_package(project, package_data, codebase_resource=None):
         else:
             package = DiscoveredPackage.create_from_data(project, package_data)
 
+    # Update package_uids list in package.extra_data
+    package_uid = package_data.get("package_uid")
+    if package_uid:
+        package_uids = package.extra_data.get("package_uids", [])
+        package_uids.append(package_uid)
+        package.update_extra_data({"package_uids": package_uids})
+
     return package
 
 
diff --git a/scanpipe/pipes/scancode.py b/scanpipe/pipes/scancode.py
index 05dadb6a5..7b828cd41 100644
--- a/scanpipe/pipes/scancode.py
+++ b/scanpipe/pipes/scancode.py
@@ -33,12 +33,9 @@
 from django.apps import apps
 from django.conf import settings
 
-import packagedcode
 from commoncode import fileutils
 from commoncode.resource import VirtualCodebase
 from extractcode import api as extractcode_api
-from packagedcode.models import PackageData
-from packageurl import PackageURL
 from scancode import ScancodeError
 from scancode import Scanner
 from scancode import api as scancode_api
@@ -392,11 +389,10 @@ def create_codebase_resources(project, scanned_codebase):
         )
 
         # associate DiscoveredPackage to Resource, if applicable
-        for purl_uid in scanned_resource.for_packages:
-            purl = PackageURL.from_string(purl_uid)
-            # TODO: take package_uid qualifier into consideration
-            package = DiscoveredPackage.objects.filter(type=purl.type, name=purl.name, version=purl.version)
-            package = package[0]
+        for package_uid in scanned_resource.for_packages:
+            package = DiscoveredPackage.objects.get(
+                extra_data__contains={"package_uids": [package_uid]}
+            )
             set_codebase_resource_for_package(
                 codebase_resource=cbr, discovered_package=package
             )