diff --git a/src/fosslight_dependency/_analyze_dependency.py b/src/fosslight_dependency/_analyze_dependency.py index 9b07f75a..061816f7 100644 --- a/src/fosslight_dependency/_analyze_dependency.py +++ b/src/fosslight_dependency/_analyze_dependency.py @@ -29,6 +29,7 @@ def analyze_dependency(package_manager_name, input_dir, output_dir, pip_activate direct=True): ret = True package_sheet_list = [] + cover_comment = '' if package_manager_name == const.PYPI: package_manager = Pypi(input_dir, output_dir, pip_activate_cmd, pip_deactivate_cmd) @@ -82,9 +83,11 @@ def analyze_dependency(package_manager_name, input_dir, output_dir, pip_activate if ret: logger.warning(f"### Complete to analyze: {package_manager_name}") + if package_manager.cover_comment: + cover_comment = package_manager.cover_comment else: logger.error(f"### Fail to analyze: {package_manager_name}") del package_manager - return ret, package_sheet_list + return ret, package_sheet_list, cover_comment diff --git a/src/fosslight_dependency/_package_manager.py b/src/fosslight_dependency/_package_manager.py index bc03ae26..309ce39d 100644 --- a/src/fosslight_dependency/_package_manager.py +++ b/src/fosslight_dependency/_package_manager.py @@ -50,6 +50,7 @@ def __init__(self, package_manager_name, dn_url, input_dir, output_dir): self.relation_tree = {} self.package_name = '' self.purl_dict = {} + self.cover_comment = '' self.platform = platform.system() self.license_scanner_bin = check_license_scanner(self.platform) diff --git a/src/fosslight_dependency/package_manager/Pypi.py b/src/fosslight_dependency/package_manager/Pypi.py index 840f3507..bd73ecbe 100644 --- a/src/fosslight_dependency/package_manager/Pypi.py +++ b/src/fosslight_dependency/package_manager/Pypi.py @@ -56,6 +56,17 @@ def set_pip_deactivate_cmd(self, pip_deactivate_cmd): def run_plugin(self): ret = True + req_f = 'requirements.txt' + if os.path.exists(req_f): + with open(req_f, encoding='utf8') as rf: + for rf_line in rf.readlines(): + ret_find = rf_line.find('--extra-index-url ') + if ret_find == -1: + ret_find = rf_line.find('--index-url ') + if ret_find == -1: + continue + self.cover_comment += rf_line + if not self.pip_activate_cmd and not self.pip_deactivate_cmd: ret = self.create_virtualenv() diff --git a/src/fosslight_dependency/run_dependency_scanner.py b/src/fosslight_dependency/run_dependency_scanner.py index cca2b0a9..e345c094 100755 --- a/src/fosslight_dependency/run_dependency_scanner.py +++ b/src/fosslight_dependency/run_dependency_scanner.py @@ -175,11 +175,14 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='', pass_key = 'PASS' success_pm = [] fail_pm = [] + cover_comment = '' for pm, manifest_file_name in found_package_manager.items(): if manifest_file_name == pass_key: continue - ret, package_sheet_list = analyze_dependency(pm, input_dir, output_path, pip_activate_cmd, pip_deactivate_cmd, - output_custom_dir, app_name, github_token, manifest_file_name, direct) + ret, package_sheet_list, cover_comment = analyze_dependency(pm, input_dir, output_path, + pip_activate_cmd, pip_deactivate_cmd, + output_custom_dir, app_name, github_token, + manifest_file_name, direct) if ret: success_pm.append(f"{pm} ({', '.join(manifest_file_name)})") sheet_list[_sheet_name].extend(package_sheet_list) @@ -210,6 +213,8 @@ def run_dependency_scanner(package_manager='', input_dir='', output_dir_file='', cover_comment_arr.append("No Package manager detected.") cover.comment = ' / '.join(cover_comment_arr) + if cover_comment: + cover.comment += f', {cover_comment}' output_file_without_ext = os.path.join(output_path, output_file) if format.startswith('spdx'):