fix: Linting and format tidy up

lib4sbom/cyclonedx/cyclonedx_parser.py

@@ -3,8 +3,6 @@
 
 import json
 
-import defusedxml.ElementTree as ET
-
 from lib4sbom.data.document import SBOMDocument
 from lib4sbom.data.package import SBOMPackage
 from lib4sbom.data.relationship import SBOMRelationship
@@ -39,9 +37,13 @@ def parse_cyclonedx_json(self, sbom_file):
                 if "timestamp" in data["metadata"]:
                     cyclonedx_document.set_created(data["metadata"]["timestamp"])
                 if "tools" in data["metadata"]:
-                    cyclonedx_document.set_creator("tool", data["metadata"]["tools"][0]["name"])
+                    cyclonedx_document.set_creator(
+                        "tool", data["metadata"]["tools"][0]["name"]
+                    )
                 if "authors" in data["metadata"]:
-                    cyclonedx_document.set_creator("person", data["metadata"]["authors"]["name"])
+                    cyclonedx_document.set_creator(
+                        "person", data["metadata"]["authors"]["name"]
+                    )
                 if "component" in data["metadata"]:
                     cyclonedx_document.set_name(data["metadata"]["component"]["name"])
             for d in data["components"]:

lib4sbom/data/file.py

@@ -28,7 +28,19 @@ def set_id(self, id):
 
     def set_filetype(self, type):
         file_type = type.upper()
-        if file_type not in ["SOURCE", "BINARY", "ARCHIVE", "APPLICATION", "AUDIO", "IMAGE", "TEXT", "VIDEO", "DOCUMENTATION", "SPDX", "OTHER"]:
+        if file_type not in [
+            "SOURCE",
+            "BINARY",
+            "ARCHIVE",
+            "APPLICATION",
+            "AUDIO",
+            "IMAGE",
+            "TEXT",
+            "VIDEO",
+            "DOCUMENTATION",
+            "SPDX",
+            "OTHER",
+        ]:
             file_type = "OTHER"
         if "filetype" in self.file:
             self.file["filetype"].append(file_type)
@@ -105,4 +117,4 @@ def copy_file(self, file_info):
 
     def _valid_checksum(self, value):
         # Only allow valid hex or decimal digits
-        return all (c in string.hexdigits for c in value.lower())
+        return all(c in string.hexdigits for c in value.lower())

lib4sbom/data/package.py

@@ -5,6 +5,7 @@
 
 from lib4sbom.license import LicenseScanner
 
+
 class SBOMPackage:
     def __init__(self):
         self.package = {}
@@ -139,4 +140,4 @@ def _semantic_version(self, version):
 
     def _valid_checksum(self, value):
         # Only allow valid hex or decimal digits
-        return all (c in string.hexdigits for c in value.lower())
+        return all(c in string.hexdigits for c in value.lower())

lib4sbom/license.py

@@ -33,7 +33,7 @@ def check_synoymn(self, license, synoymns, value):
 
     def find_license(self, license):
         # Search list of licenses to find match
-        if license in ["NOASSERTION","NONE"]:
+        if license in ["NOASSERTION", "NONE"]:
             return license
         for lic in self.licenses["licenses"]:
             # Comparisons ignore case of provided license text

lib4sbom/sbom.py

@@ -50,28 +50,28 @@ def get_sbom(self) -> SBOMData:
         return self.sbom
 
     def get_document(self) -> Dict:
-        return self.sbom.get("document",{})
+        return self.sbom.get("document", {})
 
     def get_files(self) -> List:
-        file_data = self.sbom.get("files",[])
+        file_data = self.sbom.get("files", [])
         if len(file_data) > 0:
             # return self.sbom['files'
             return [x for x in self.sbom["files"].values()]
         return file_data
 
     def get_packages(self) -> List:
-        package_data = self.sbom.get("packages",[])
+        package_data = self.sbom.get("packages", [])
         if len(package_data) > 0:
             # return self.sbom['packages']
             return [x for x in self.sbom["packages"].values()]
         return package_data
 
     def get_relationships(self) -> List:
         # return self.sbom['relationships']
-        return self.sbom.get("relationships",[])
+        return self.sbom.get("relationships", [])
 
     def get_version(self) -> str:
-        return self.sbom.get("version","")
+        return self.sbom.get("version", "")
 
     def get_type(self) -> str:
-        return self.sbom.get("type","")
+        return self.sbom.get("type", "")

lib4sbom/spdx/spdx_parser.py

@@ -2,11 +2,8 @@
 # SPDX-License-Identifier: Apache-2.0
 
 import json
-import re
 
-import defusedxml.ElementTree as ET
 import yaml
-
 from lib4sbom.data.document import SBOMDocument
 from lib4sbom.data.file import SBOMFile
 from lib4sbom.data.package import SBOMPackage
@@ -75,13 +72,17 @@ def parse_spdx_tag(self, sbom_file):
                     elements[spdx_id] = element_name
             elif line_elements[0] == "Created":
                 # Capture all data after tag
-                created = line[len("Created:"):].strip().rstrip("\n")
+                created = line[len("Created:") :].strip().rstrip("\n")
                 line.find(created)
                 spdx_document.set_created(created)
             elif line_elements[0] == "Creator":
                 creator_type = line_elements[1]
                 # Capture all data after creator type
-                creator = line[line.find(creator_type) + len(creator_type) + 1:].strip().rstrip("\n")
+                creator = (
+                    line[line.find(creator_type) + len(creator_type) + 1 :]
+                    .strip()
+                    .rstrip("\n")
+                )
                 spdx_document.set_creator(creator_type, creator)
             if line_elements[0] == "FileName":
                 # Is this a new file?
@@ -322,7 +323,7 @@ def _parse_spdx_data(self, data):
                     spdx_package.set_type("library")
                     try:
                         # Version info is not mandatory
-                        version = d.get("versionInfo",None)
+                        version = d.get("versionInfo", None)
                         if version is not None:
                             spdx_package.set_version(version)
                         if "supplier" in d:
@@ -388,7 +389,9 @@ def _parse_spdx_data(self, data):
                 for d in data["relationships"]:
                     spdx_relationship.initialise()
                     spdx_relationship.set_relationship(
-                        d["spdxElementId"], d["relationshipType"], d["relatedSpdxElement"]
+                        d["spdxElementId"],
+                        d["relationshipType"],
+                        d["relatedSpdxElement"],
                     )
                     relationships.append(spdx_relationship.get_relationship())
         return (

requirements.txt

@@ -1,3 +1,2 @@
-defusedxml
 pyyaml>=5.4
 semantic_version