From 4bb6b111fe95c44b8b44059df151ef0cfacb3959 Mon Sep 17 00:00:00 2001 From: anthonyharrison Date: Mon, 30 Jan 2023 12:26:26 +0000 Subject: [PATCH] fix: Linting and format tidy up --- __init__.py | 0 lib4sbom/cyclonedx/cyclonedx_parser.py | 10 ++++++---- lib4sbom/data/file.py | 16 ++++++++++++++-- lib4sbom/data/package.py | 3 ++- lib4sbom/license.py | 2 +- lib4sbom/sbom.py | 12 ++++++------ lib4sbom/spdx/spdx_parser.py | 17 ++++++++++------- requirements.txt | 1 - 8 files changed, 39 insertions(+), 22 deletions(-) delete mode 100644 __init__.py diff --git a/__init__.py b/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/lib4sbom/cyclonedx/cyclonedx_parser.py b/lib4sbom/cyclonedx/cyclonedx_parser.py index 46a78f6..828dc67 100644 --- a/lib4sbom/cyclonedx/cyclonedx_parser.py +++ b/lib4sbom/cyclonedx/cyclonedx_parser.py @@ -3,8 +3,6 @@ import json -import defusedxml.ElementTree as ET - from lib4sbom.data.document import SBOMDocument from lib4sbom.data.package import SBOMPackage from lib4sbom.data.relationship import SBOMRelationship @@ -39,9 +37,13 @@ def parse_cyclonedx_json(self, sbom_file): if "timestamp" in data["metadata"]: cyclonedx_document.set_created(data["metadata"]["timestamp"]) if "tools" in data["metadata"]: - cyclonedx_document.set_creator("tool", data["metadata"]["tools"][0]["name"]) + cyclonedx_document.set_creator( + "tool", data["metadata"]["tools"][0]["name"] + ) if "authors" in data["metadata"]: - cyclonedx_document.set_creator("person", data["metadata"]["authors"]["name"]) + cyclonedx_document.set_creator( + "person", data["metadata"]["authors"]["name"] + ) if "component" in data["metadata"]: cyclonedx_document.set_name(data["metadata"]["component"]["name"]) for d in data["components"]: diff --git a/lib4sbom/data/file.py b/lib4sbom/data/file.py index 0fdfa76..a341823 100644 --- a/lib4sbom/data/file.py +++ b/lib4sbom/data/file.py @@ -28,7 +28,19 @@ def set_id(self, id): def set_filetype(self, type): file_type = type.upper() - if file_type not in ["SOURCE", "BINARY", "ARCHIVE", "APPLICATION", "AUDIO", "IMAGE", "TEXT", "VIDEO", "DOCUMENTATION", "SPDX", "OTHER"]: + if file_type not in [ + "SOURCE", + "BINARY", + "ARCHIVE", + "APPLICATION", + "AUDIO", + "IMAGE", + "TEXT", + "VIDEO", + "DOCUMENTATION", + "SPDX", + "OTHER", + ]: file_type = "OTHER" if "filetype" in self.file: self.file["filetype"].append(file_type) @@ -105,4 +117,4 @@ def copy_file(self, file_info): def _valid_checksum(self, value): # Only allow valid hex or decimal digits - return all (c in string.hexdigits for c in value.lower()) + return all(c in string.hexdigits for c in value.lower()) diff --git a/lib4sbom/data/package.py b/lib4sbom/data/package.py index 7fd7ce8..a4db8b2 100644 --- a/lib4sbom/data/package.py +++ b/lib4sbom/data/package.py @@ -5,6 +5,7 @@ from lib4sbom.license import LicenseScanner + class SBOMPackage: def __init__(self): self.package = {} @@ -139,4 +140,4 @@ def _semantic_version(self, version): def _valid_checksum(self, value): # Only allow valid hex or decimal digits - return all (c in string.hexdigits for c in value.lower()) \ No newline at end of file + return all(c in string.hexdigits for c in value.lower()) diff --git a/lib4sbom/license.py b/lib4sbom/license.py index 4e2bed0..5a753a9 100644 --- a/lib4sbom/license.py +++ b/lib4sbom/license.py @@ -33,7 +33,7 @@ def check_synoymn(self, license, synoymns, value): def find_license(self, license): # Search list of licenses to find match - if license in ["NOASSERTION","NONE"]: + if license in ["NOASSERTION", "NONE"]: return license for lic in self.licenses["licenses"]: # Comparisons ignore case of provided license text diff --git a/lib4sbom/sbom.py b/lib4sbom/sbom.py index f7e33a0..91e5494 100644 --- a/lib4sbom/sbom.py +++ b/lib4sbom/sbom.py @@ -50,17 +50,17 @@ def get_sbom(self) -> SBOMData: return self.sbom def get_document(self) -> Dict: - return self.sbom.get("document",{}) + return self.sbom.get("document", {}) def get_files(self) -> List: - file_data = self.sbom.get("files",[]) + file_data = self.sbom.get("files", []) if len(file_data) > 0: # return self.sbom['files' return [x for x in self.sbom["files"].values()] return file_data def get_packages(self) -> List: - package_data = self.sbom.get("packages",[]) + package_data = self.sbom.get("packages", []) if len(package_data) > 0: # return self.sbom['packages'] return [x for x in self.sbom["packages"].values()] @@ -68,10 +68,10 @@ def get_packages(self) -> List: def get_relationships(self) -> List: # return self.sbom['relationships'] - return self.sbom.get("relationships",[]) + return self.sbom.get("relationships", []) def get_version(self) -> str: - return self.sbom.get("version","") + return self.sbom.get("version", "") def get_type(self) -> str: - return self.sbom.get("type","") + return self.sbom.get("type", "") diff --git a/lib4sbom/spdx/spdx_parser.py b/lib4sbom/spdx/spdx_parser.py index 456b6bf..1f44db3 100644 --- a/lib4sbom/spdx/spdx_parser.py +++ b/lib4sbom/spdx/spdx_parser.py @@ -2,11 +2,8 @@ # SPDX-License-Identifier: Apache-2.0 import json -import re -import defusedxml.ElementTree as ET import yaml - from lib4sbom.data.document import SBOMDocument from lib4sbom.data.file import SBOMFile from lib4sbom.data.package import SBOMPackage @@ -75,13 +72,17 @@ def parse_spdx_tag(self, sbom_file): elements[spdx_id] = element_name elif line_elements[0] == "Created": # Capture all data after tag - created = line[len("Created:"):].strip().rstrip("\n") + created = line[len("Created:") :].strip().rstrip("\n") line.find(created) spdx_document.set_created(created) elif line_elements[0] == "Creator": creator_type = line_elements[1] # Capture all data after creator type - creator = line[line.find(creator_type) + len(creator_type) + 1:].strip().rstrip("\n") + creator = ( + line[line.find(creator_type) + len(creator_type) + 1 :] + .strip() + .rstrip("\n") + ) spdx_document.set_creator(creator_type, creator) if line_elements[0] == "FileName": # Is this a new file? @@ -322,7 +323,7 @@ def _parse_spdx_data(self, data): spdx_package.set_type("library") try: # Version info is not mandatory - version = d.get("versionInfo",None) + version = d.get("versionInfo", None) if version is not None: spdx_package.set_version(version) if "supplier" in d: @@ -388,7 +389,9 @@ def _parse_spdx_data(self, data): for d in data["relationships"]: spdx_relationship.initialise() spdx_relationship.set_relationship( - d["spdxElementId"], d["relationshipType"], d["relatedSpdxElement"] + d["spdxElementId"], + d["relationshipType"], + d["relatedSpdxElement"], ) relationships.append(spdx_relationship.get_relationship()) return ( diff --git a/requirements.txt b/requirements.txt index c056404..e8ebd72 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,2 @@ -defusedxml pyyaml>=5.4 semantic_version