diff --git a/pom.xml b/pom.xml
index 82f17013..d6d3c22c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -81,6 +81,11 @@
bridge-method-injector
1.23
+
+ org.springframework.boot
+ spring-boot-starter-test
+ test
+
diff --git a/src/main/java/com/lpvs/LicensePreValidationSystem.java b/src/main/java/com/lpvs/LicensePreValidationSystem.java
index 38f014d7..190b9135 100644
--- a/src/main/java/com/lpvs/LicensePreValidationSystem.java
+++ b/src/main/java/com/lpvs/LicensePreValidationSystem.java
@@ -24,7 +24,7 @@
@EnableAsync
public class LicensePreValidationSystem {
- private int corePoolSize;
+ private final int corePoolSize;
public LicensePreValidationSystem(@Value("${lpvs.cores:8}") int corePoolSize) {
this.corePoolSize = corePoolSize;
diff --git a/src/main/java/com/lpvs/controller/GitHubWebhooksController.java b/src/main/java/com/lpvs/controller/GitHubWebhooksController.java
index d9c719c6..2f0e5aef 100644
--- a/src/main/java/com/lpvs/controller/GitHubWebhooksController.java
+++ b/src/main/java/com/lpvs/controller/GitHubWebhooksController.java
@@ -36,6 +36,7 @@
@RestController
public class GitHubWebhooksController {
+
private String GITHUB_SECRET;
@Autowired
@@ -56,7 +57,7 @@ public void setProps() {
private GitHubService gitHubService;
- private static Logger LOG = LoggerFactory.getLogger(GitHubWebhooksController.class);
+ private static final Logger LOG = LoggerFactory.getLogger(GitHubWebhooksController.class);
private static final String SIGNATURE = "X-Hub-Signature-256";
private static final String SUCCESS = "Success";
diff --git a/src/main/java/com/lpvs/entity/ResponseWrapper.java b/src/main/java/com/lpvs/entity/ResponseWrapper.java
index cd832214..5d3c2a32 100644
--- a/src/main/java/com/lpvs/entity/ResponseWrapper.java
+++ b/src/main/java/com/lpvs/entity/ResponseWrapper.java
@@ -8,7 +8,6 @@
package com.lpvs.entity;
public class ResponseWrapper {
-
private String message;
public ResponseWrapper(String message) {
diff --git a/src/main/java/com/lpvs/entity/enums/PullRequestAction.java b/src/main/java/com/lpvs/entity/enums/PullRequestAction.java
index d153f522..cae57f1d 100644
--- a/src/main/java/com/lpvs/entity/enums/PullRequestAction.java
+++ b/src/main/java/com/lpvs/entity/enums/PullRequestAction.java
@@ -27,8 +27,6 @@ public String getPullRequestAction() {
return type;
}
- private static Logger LOG = LoggerFactory.getLogger(PullRequestAction.class);
-
public static PullRequestAction convertFrom(String action) {
if (action.equals(OPEN.getPullRequestAction())) {
return OPEN;
diff --git a/src/main/java/com/lpvs/service/DetectService.java b/src/main/java/com/lpvs/service/DetectService.java
index 3b209fac..818de4d0 100644
--- a/src/main/java/com/lpvs/service/DetectService.java
+++ b/src/main/java/com/lpvs/service/DetectService.java
@@ -33,7 +33,7 @@ public DetectService(@Value("${scanner:scanoss}") String scannerType,
this.scanossDetectService = scanossDetectService;
}
- private static Logger LOG = LoggerFactory.getLogger(DetectService.class);
+ private static final Logger LOG = LoggerFactory.getLogger(DetectService.class);
@PostConstruct
private void init() {
diff --git a/src/main/java/com/lpvs/service/GitHubService.java b/src/main/java/com/lpvs/service/GitHubService.java
index 69f5e438..e9ae0d94 100644
--- a/src/main/java/com/lpvs/service/GitHubService.java
+++ b/src/main/java/com/lpvs/service/GitHubService.java
@@ -71,7 +71,7 @@ private void checks() throws Exception {
}
}
- private static Logger LOG = LoggerFactory.getLogger(GitHubService.class);
+ private static final Logger LOG = LoggerFactory.getLogger(GitHubService.class);
private static GitHub gitHub;
diff --git a/src/main/java/com/lpvs/service/LicenseService.java b/src/main/java/com/lpvs/service/LicenseService.java
index d9064d20..5406e12c 100644
--- a/src/main/java/com/lpvs/service/LicenseService.java
+++ b/src/main/java/com/lpvs/service/LicenseService.java
@@ -40,7 +40,7 @@ public class LicenseService {
public String licenseFilePath;
public String licenseConflictsSource;
- private static Logger LOG = LoggerFactory.getLogger(LicenseService.class);
+ private static final Logger LOG = LoggerFactory.getLogger(LicenseService.class);
private List licenses;
@@ -184,8 +184,11 @@ public List> findConflicts(WebhookConfig webhookConfig,
for (int i = 0; i < detectedLicensesUnique.size(); i++) {
for (int j = i + 1; j < detectedLicensesUnique.size(); j++) {
for (Conflict licenseConflict : licenseConflicts) {
- Conflict possibleConflict = new Conflict<>(detectedLicensesUnique.toArray()[i].toString(),
- detectedLicensesUnique.toArray()[j].toString());
+ Conflict possibleConflict =
+ new Conflict<>(
+ (String) detectedLicensesUnique.toArray()[i],
+ (String) detectedLicensesUnique.toArray()[j]
+ );
if (licenseConflict.equals(possibleConflict)) {
foundConflicts.add(possibleConflict);
}
@@ -197,8 +200,8 @@ public List> findConflicts(WebhookConfig webhookConfig,
}
public static class Conflict {
- License1 l1;
- License2 l2;
+ public License1 l1;
+ public License2 l2;
Conflict(License1 l1, License2 l2) {
this.l1 = l1;
this.l2 = l2;
diff --git a/src/main/java/com/lpvs/service/QueueProcessorService.java b/src/main/java/com/lpvs/service/QueueProcessorService.java
index e8da4c38..fe28fc47 100644
--- a/src/main/java/com/lpvs/service/QueueProcessorService.java
+++ b/src/main/java/com/lpvs/service/QueueProcessorService.java
@@ -23,7 +23,7 @@ public class QueueProcessorService {
private QueueService queueService;
- private static Logger LOG = LoggerFactory.getLogger(QueueProcessorService.class);
+ private static final Logger LOG = LoggerFactory.getLogger(QueueProcessorService.class);
@Autowired
QueueProcessorService(QueueService queueService) {
diff --git a/src/main/java/com/lpvs/service/QueueService.java b/src/main/java/com/lpvs/service/QueueService.java
index ab4bfc4d..541163fe 100644
--- a/src/main/java/com/lpvs/service/QueueService.java
+++ b/src/main/java/com/lpvs/service/QueueService.java
@@ -36,7 +36,7 @@ public QueueService(GitHubService gitHubService,
this.licenseService = licenseService;
}
- private static Logger LOG = LoggerFactory.getLogger(QueueService.class);
+ private static final Logger LOG = LoggerFactory.getLogger(QueueService.class);
private static final BlockingDeque QUEUE = new LinkedBlockingDeque<>();
diff --git a/src/main/java/com/lpvs/service/scanner/scanoss/ScanossDetectService.java b/src/main/java/com/lpvs/service/scanner/scanoss/ScanossDetectService.java
index 26ccc1eb..e9922170 100644
--- a/src/main/java/com/lpvs/service/scanner/scanoss/ScanossDetectService.java
+++ b/src/main/java/com/lpvs/service/scanner/scanoss/ScanossDetectService.java
@@ -19,7 +19,6 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.io.*;
-import java.lang.reflect.Type;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.*;
@@ -33,7 +32,7 @@ public class ScanossDetectService {
@Autowired
private GitHubService gitHubService;
- private static Logger LOG = LoggerFactory.getLogger(ScanossDetectService.class);
+ private static final Logger LOG = LoggerFactory.getLogger(ScanossDetectService.class);
public void runScan(WebhookConfig webhookConfig, String path) throws Exception {
LOG.info("Starting Scanoss scanning");
@@ -81,12 +80,12 @@ public List checkLicenses(WebhookConfig webhookConfig) {
Gson gson = new Gson();
Reader reader = Files.newBufferedReader(Paths.get("RESULTS/" + webhookConfig.getRepositoryName() + "_" + webhookConfig.getHeadCommitSHA() + ".json"));
// convert JSON file to map
- Type mapType = new TypeToken, String>>() {}.getType();
- Map, String> map = gson.fromJson(reader, mapType);
+ Map> map = gson.fromJson(reader,
+ new TypeToken>>() {}.getType());
// parse map entries
long ind = 0L;
- for (Map.Entry, String> entry : map.entrySet()) {
+ for (Map.Entry> entry : map.entrySet()) {
LPVSFile file = new LPVSFile();
file.setId(ind++);
file.setFilePath(entry.getKey().toString());
diff --git a/src/main/java/com/lpvs/util/FileUtil.java b/src/main/java/com/lpvs/util/FileUtil.java
index 04560d46..d71bdfab 100644
--- a/src/main/java/com/lpvs/util/FileUtil.java
+++ b/src/main/java/com/lpvs/util/FileUtil.java
@@ -8,7 +8,6 @@
package com.lpvs.util;
import org.kohsuke.github.GHPullRequestFileDetail;
-import org.kohsuke.github.PagedIterable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.FileSystemUtils;
@@ -19,9 +18,9 @@
import java.io.IOException;
public class FileUtil {
- private static Logger LOG = LoggerFactory.getLogger(FileUtil.class);
+ private static final Logger LOG = LoggerFactory.getLogger(FileUtil.class);
- public static String saveFiles(PagedIterable files, String folder, String headCommitSHA, int deletions) {
+ public static String saveFiles(Iterable files, String folder, String headCommitSHA, int deletions) {
String directoryPath = "Projects/" + folder + "/" + headCommitSHA;
String directoryDeletionPath = "";
diff --git a/src/test/java/com/lpvs/service/GitHubServiceTest.java b/src/test/java/com/lpvs/service/GitHubServiceTest.java
index 9c935bab..2f5bc937 100644
--- a/src/test/java/com/lpvs/service/GitHubServiceTest.java
+++ b/src/test/java/com/lpvs/service/GitHubServiceTest.java
@@ -17,8 +17,10 @@
import org.junit.jupiter.api.Test;
import org.kohsuke.github.*;
import org.mockito.MockedStatic;
+import org.mockito.Mockito;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.test.util.ReflectionTestUtils;
import java.io.IOException;
import java.lang.reflect.Field;
@@ -26,9 +28,11 @@
import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.HashSet;
import java.util.List;
import java.util.Set;
+
import static org.junit.jupiter.api.Assertions.*;
import static org.mockito.Mockito.*;
import static org.mockito.Mockito.verifyNoMoreInteractions;
@@ -1986,4 +1990,60 @@ public void testGetMatchedLinesAsLink_All() {
assertEquals(expected_result, gh_service.getMatchedLinesAsLink(webhookConfig, lpvs_file_1));
}
}
+
+ @Nested
+ class TestCommentResults {
+
+ final String GH_LOGIN = "test_login";
+ final String GH_AUTH_TOKEN = "test_auth_token";
+ final String GH_API_URL = "test_api_url";
+ GitHubService gh_service = new GitHubService(GH_LOGIN, GH_AUTH_TOKEN, GH_API_URL);
+ WebhookConfig webhookConfig;
+
+ @BeforeEach
+ void setUp() {
+ webhookConfig = new WebhookConfig();
+ webhookConfig.setRepositoryName("LPVS");
+ webhookConfig.setRepositoryOrganization("Samsung");
+ webhookConfig.setPullRequestAPIUrl("http://url.com");
+ }
+
+ @Test
+ public void testCommentResults() throws IOException {
+ GitHub gitHub = Mockito.mock(GitHub.class);
+ GHRepository repository = Mockito.mock(GHRepository.class);
+ ReflectionTestUtils.setField(gh_service, "gitHub", gitHub);
+ Mockito.when(gitHub.getRepository(
+ webhookConfig.getRepositoryOrganization() + "/" + webhookConfig.getRepositoryName()))
+ .thenReturn(repository);
+ LPVSFile file = new LPVSFile();
+ LPVSLicense license = new LPVSLicense(){{
+ setChecklist_url("");
+ setAccess("unrviewed");
+ }};
+ file.setLicenses(new HashSet(){{
+ add(license);
+ }});
+ file.setFilePath("");
+ file.setComponent("");
+ file.setSnippetMatch("");
+ file.setMatchedLines("");
+ List fileList = new ArrayList(){{
+ add(file);
+ }};
+ List> conflictList = new ArrayList<>();
+ conflictList.add(new LicenseService.Conflict<>("1", "2"));
+ GHPullRequest pullRequest = new GHPullRequest();
+ ReflectionTestUtils.setField(pullRequest, "url", "http://url.com");
+ List pullRequestList = new ArrayList(){{
+ add(pullRequest);
+ }};
+ Mockito.when(repository.getPullRequests(GHIssueState.OPEN))
+ .thenReturn(pullRequestList);
+ gh_service.commentResults(webhookConfig, fileList, conflictList);
+ license.setAccess("");
+ gh_service.commentResults(webhookConfig, fileList, conflictList);
+ Mockito.verify(gitHub, times(2)).getRepository(Mockito.anyString());
+ }
+ }
}
diff --git a/src/test/java/com/lpvs/service/LicenseServiceTest.java b/src/test/java/com/lpvs/service/LicenseServiceTest.java
new file mode 100644
index 00000000..fbaf7122
--- /dev/null
+++ b/src/test/java/com/lpvs/service/LicenseServiceTest.java
@@ -0,0 +1,82 @@
+/**
+ * Copyright (c) 2022, Samsung Electronics Co., Ltd. All rights reserved.
+ *
+ * Use of this source code is governed by a MIT license that can be
+ * found in the LICENSE file.
+ */
+
+package com.lpvs.service;
+
+import com.lpvs.entity.LPVSFile;
+import com.lpvs.entity.LPVSLicense;
+import com.lpvs.entity.config.WebhookConfig;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.springframework.test.util.ReflectionTestUtils;
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+
+public class LicenseServiceTest {
+ @Test
+ public void testFindConflicts() {
+ WebhookConfig webhookConfig = new WebhookConfig();
+ webhookConfig.setRepositoryName("LPVS");
+ webhookConfig.setRepositoryOrganization("Samsung");
+ webhookConfig.setRepositoryLicense("Apache-2.0");
+ webhookConfig.setPullRequestAPIUrl("http://url.com");
+ LPVSFile file = new LPVSFile();
+ LPVSLicense license = new LPVSLicense(){{
+ setChecklist_url("");
+ setAccess("unrviewed");
+ setSpdxId("LPGL-2.1-or-later");
+ }};
+ file.setLicenses(new HashSet(){{
+ add(license);
+ }});
+ file.setFilePath("");
+ file.setComponent("");
+ file.setSnippetMatch("");
+ file.setMatchedLines("");
+
+ LPVSFile file1 = new LPVSFile();
+ LPVSLicense license1 = new LPVSLicense(){{
+ setChecklist_url("");
+ setAccess("unrviewed");
+ setSpdxId("Apache-2.0");
+ }};
+ file1.setLicenses(new HashSet(){{
+ add(license1);
+ }});
+ file1.setFilePath("");
+ file1.setComponent("");
+ file1.setSnippetMatch("");
+ file1.setMatchedLines("");
+
+ LPVSFile file2 = new LPVSFile();
+ LPVSLicense license2 = new LPVSLicense(){{
+ setChecklist_url("");
+ setAccess("unrviewed");
+ setSpdxId("MIT");
+ }};
+ file2.setLicenses(new HashSet(){{
+ add(license2);
+ }});
+ file2.setFilePath("");
+ file2.setComponent("");
+ file2.setSnippetMatch("");
+ file2.setMatchedLines("");
+
+ List fileList = new ArrayList(){{
+ add(file);
+ add(file1);
+ add(file2);
+ }};
+ LicenseService licenseService = new LicenseService("", "");
+ ReflectionTestUtils.setField(licenseService, "licenseConflicts",
+ new ArrayList>()
+ {{ add(new LicenseService.Conflict<>("", "")); }});
+ Assertions.assertNotNull(licenseService.findConflicts(webhookConfig, fileList));
+ }
+}
diff --git a/src/test/java/com/lpvs/service/scanner/scanoss/ScanossDetectServiceTest.java b/src/test/java/com/lpvs/service/scanner/scanoss/ScanossDetectServiceTest.java
new file mode 100644
index 00000000..60fe092a
--- /dev/null
+++ b/src/test/java/com/lpvs/service/scanner/scanoss/ScanossDetectServiceTest.java
@@ -0,0 +1,72 @@
+/**
+ * Copyright (c) 2022, Samsung Electronics Co., Ltd. All rights reserved.
+ *
+ * Use of this source code is governed by a MIT license that can be
+ * found in the LICENSE file.
+ */
+
+package com.lpvs.service.scanner.scanoss;
+
+import com.lpvs.entity.LPVSLicense;
+import com.lpvs.entity.config.WebhookConfig;
+import com.lpvs.service.GitHubService;
+import com.lpvs.service.LicenseService;
+import org.aspectj.lang.annotation.Before;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.Mockito;
+import org.springframework.test.util.ReflectionTestUtils;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.nio.file.StandardCopyOption;
+import java.util.ArrayList;
+import java.util.Objects;
+
+public class ScanossDetectServiceTest {
+ @BeforeEach
+ public void setUp() throws URISyntaxException, IOException {
+ if (!(new File("RESULTS").exists())) {
+ new File("RESULTS").mkdir();
+ }
+ // File f = new File(Objects.requireNonNull(getClass().getClassLoader().getResource("A_B.txt")).toURI());
+ Files.copy(Paths.get(Objects.requireNonNull(getClass().getClassLoader().getResource("A_B.json")).toURI()),
+ Paths.get("RESULTS/A_B.json"), StandardCopyOption.REPLACE_EXISTING);
+ }
+
+ @AfterEach
+ public void tearDown() {
+ if ((new File("RESULTS")).exists()) {
+ new File("RESULTS").delete();
+ }
+ }
+
+ @Test
+ public void test() {
+ ScanossDetectService scanossDetectService = new ScanossDetectService();
+ LicenseService licenseService = Mockito.mock(LicenseService.class);
+ GitHubService gitHubService = Mockito.mock(GitHubService.class);
+ String licenseConflictsSource = "scanner";
+ ReflectionTestUtils.setField(scanossDetectService, "licenseService", licenseService);
+ ReflectionTestUtils.setField(scanossDetectService, "gitHubService", gitHubService);
+ WebhookConfig webhookConfig = Mockito.mock(WebhookConfig.class);
+ Mockito.when(webhookConfig.getRepositoryName()).thenReturn("A");
+ Mockito.when(webhookConfig.getHeadCommitSHA()).thenReturn("B");
+ scanossDetectService.checkLicenses(webhookConfig);
+ ReflectionTestUtils.setField(licenseService, "licenseConflictsSource", licenseConflictsSource);
+ Mockito.when(licenseService.findLicenseBySPDX("MIT")).thenReturn(new LPVSLicense(){{
+ setLicenseName("MIT");
+ setLicenseId(1L);
+ setSpdxId("MIT");
+ setIncompatibleWith(new ArrayList(){{
+ add("LGPL-2.1-or-later");
+ }});
+ }});
+ Assertions.assertNotNull(scanossDetectService.checkLicenses(webhookConfig));
+ }
+}
diff --git a/src/test/java/com/lpvs/util/FileUtilTest.java b/src/test/java/com/lpvs/util/FileUtilTest.java
new file mode 100644
index 00000000..49655953
--- /dev/null
+++ b/src/test/java/com/lpvs/util/FileUtilTest.java
@@ -0,0 +1,38 @@
+/**
+ * Copyright (c) 2022, Samsung Electronics Co., Ltd. All rights reserved.
+ *
+ * Use of this source code is governed by a MIT license that can be
+ * found in the LICENSE file.
+ */
+
+package com.lpvs.util;
+
+import com.google.gson.reflect.TypeToken;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.kohsuke.github.GHPullRequestFileDetail;
+import org.kohsuke.github.PagedIterable;
+import org.kohsuke.github.PagedIterator;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.springframework.core.ParameterizedTypeReference;
+import org.springframework.test.util.ReflectionTestUtils;
+
+import javax.annotation.Nonnull;
+import java.util.ArrayList;
+
+public class FileUtilTest {
+ @Test
+ public void test() {
+ GHPullRequestFileDetail detail = new GHPullRequestFileDetail();
+ ReflectionTestUtils.setField(detail, "filename", "I_am_a_file");
+ FileUtil.saveFiles(new ArrayList(){{
+ add(detail);
+ }}, "", "", 1);
+ ReflectionTestUtils.setField(detail, "patch", "+ a\n- b\n@@ -8,7 +8,6 @@\n c");
+ Assertions.assertEquals("Projects//:::::Projects//delete",
+ FileUtil.saveFiles(new ArrayList(){{
+ add(detail);
+ }}, "", "", 1));
+ }
+}
diff --git a/src/test/resources/A_B.json b/src/test/resources/A_B.json
new file mode 100644
index 00000000..f16da40d
--- /dev/null
+++ b/src/test/resources/A_B.json
@@ -0,0 +1,142 @@
+{
+ "test - Copy.c": [
+ {
+ "component": "FFmpeg",
+ "file": "libavformat/aaxdec.c",
+ "file_hash": "4e64eb106ffa63ca7f6cc8c988f1cb10",
+ "file_url": "https://osskb.org/api/file_contents/4e64eb106ffa63ca7f6cc8c988f1cb10",
+ "id": "snippet",
+ "latest": "5.1.r105571",
+ "licenses": [
+ {
+ "checklist_url": "https://www.osadl.org/fileadmin/checklists/unreflicenses/LGPL-2.1-or-later.txt",
+ "copyleft": "yes",
+ "incompatible_with": "Apache-1.0, Apache-1.1, Apache-2.0, BSD-4-Clause, BSD-4-Clause-UC, FTL, IJG, OpenSSL, Python-2.0, zlib-acknowledgement, XFree86-1.1",
+ "name": "LGPL-2.1-or-later",
+ "osadl_updated": "2022-05-13 08:48",
+ "patent_hints": "yes",
+ "source": "file_header",
+ "url": "https://spdx.org/licenses/LGPL-2.1-or-later.html"
+ },
+ {
+ "checklist_url": "https://www.osadl.org/fileadmin/checklists/unreflicenses/LGPL-2.1-or-later.txt",
+ "copyleft": "yes",
+ "incompatible_with": "Apache-1.0, Apache-1.1, Apache-2.0, BSD-4-Clause, BSD-4-Clause-UC, FTL, IJG, OpenSSL, Python-2.0, zlib-acknowledgement, XFree86-1.1",
+ "name": "LGPL-2.1-or-later",
+ "osadl_updated": "2022-05-13 08:48",
+ "patent_hints": "yes",
+ "source": "scancode",
+ "url": "https://spdx.org/licenses/LGPL-2.1-or-later.html"
+ }
+ ],
+ "lines": "1-37",
+ "matched": "97%",
+ "oss_lines": "14-50",
+ "purl": [
+ "pkg:github/shiftmediaproject/ffmpeg"
+ ],
+ "release_date": "2021-08-08",
+ "server": {
+ "kb_version": {
+ "daily": "22.06.10",
+ "monthly": "22.05"
+ },
+ "version": "4.5.2"
+ },
+ "source_hash": "c27aa06008779ad2da604cd30c588ea4",
+ "status": "pending",
+ "url": "https://github.com/ShiftMediaProject/FFmpeg",
+ "url_hash": "cf73511d784cddc8b080c199948c98dd",
+ "vendor": "ShiftMediaProject",
+ "version": "4.5.r103180"
+ }
+ ],
+ "test.c": [
+ {
+ "component": "scanoss",
+ "file": "scanoss/cyclonedx.py",
+ "file_hash": "1ec8c7d5aa9f485aaa1a5091cb99a87e",
+ "file_url": "https://osskb.org/api/file_contents/1ec8c7d5aa9f485aaa1a5091cb99a87e",
+ "id": "snippet",
+ "latest": "0.7.4",
+ "licenses": [
+ {
+ "checklist_url": "https://www.osadl.org/fileadmin/checklists/unreflicenses/MIT.txt",
+ "copyleft": "no",
+ "name": "MIT",
+ "osadl_updated": "2022-05-13 08:48",
+ "patent_hints": "no",
+ "source": "component_declared"
+ },
+ {
+ "checklist_url": "https://www.osadl.org/fileadmin/checklists/unreflicenses/MIT.txt",
+ "copyleft": "no",
+ "name": "MIT",
+ "osadl_updated": "2022-05-13 08:48",
+ "patent_hints": "no",
+ "source": "file_spdx_tag",
+ "url": "https://spdx.org/licenses/MIT.html"
+ },
+ {
+ "checklist_url": "https://www.osadl.org/fileadmin/checklists/unreflicenses/MIT.txt",
+ "copyleft": "no",
+ "name": "MIT",
+ "osadl_updated": "2022-05-13 08:48",
+ "patent_hints": "no",
+ "source": "scancode",
+ "url": "https://spdx.org/licenses/MIT.html"
+ },
+ {
+ "checklist_url": "https://www.osadl.org/fileadmin/checklists/unreflicenses/GPL-2.0-or-later.txt",
+ "copyleft": "yes",
+ "incompatible_with": "Apache-1.0, Apache-1.1, Apache-2.0, BSD-4-Clause, BSD-4-Clause-UC, FTL, IJG, OpenSSL, Python-2.0, zlib-acknowledgement, XFree86-1.1",
+ "name": "GPL-2.0-or-later",
+ "osadl_updated": "2022-05-13 08:48",
+ "patent_hints": "yes",
+ "source": "component_declared",
+ "url": "https://spdx.org/licenses/GPL-2.0-or-later.html"
+ },
+ {
+ "checklist_url": "https://www.osadl.org/fileadmin/checklists/unreflicenses/GPL-2.0-only.txt",
+ "copyleft": "yes",
+ "incompatible_with": "Apache-1.0, Apache-1.1, Apache-2.0, BSD-4-Clause, BSD-4-Clause-UC, FTL, IJG, OpenSSL, Python-2.0, zlib-acknowledgement, XFree86-1.1",
+ "name": "GPL-2.0-only",
+ "osadl_updated": "2022-05-13 08:48",
+ "patent_hints": "yes",
+ "source": "license_file",
+ "url": "https://spdx.org/licenses/GPL-2.0-only.html"
+ },
+ {
+ "checklist_url": "https://www.osadl.org/fileadmin/checklists/unreflicenses/MIT.txt",
+ "copyleft": "no",
+ "name": "MIT",
+ "osadl_updated": "2022-05-13 08:48",
+ "patent_hints": "no",
+ "source": "license_file",
+ "url": "https://spdx.org/licenses/MIT.html"
+ }
+ ],
+ "lines": "36-157",
+ "matched": "77%",
+ "oss_lines": "18-139",
+ "purl": [
+ "pkg:pypi/scanoss",
+ "pkg:github/scanoss/scanoss.py"
+ ],
+ "release_date": "2021-11-08",
+ "server": {
+ "kb_version": {
+ "daily": "22.06.10",
+ "monthly": "22.05"
+ },
+ "version": "4.5.2"
+ },
+ "source_hash": "a4e27a561b13325615e283b841b702be",
+ "status": "pending",
+ "url": "https://pypi.org/project/scanoss",
+ "url_hash": "721d702fc347c87457be94b27e66eac5",
+ "vendor": "SCANOSS",
+ "version": "0.7.0"
+ }
+ ]
+}
\ No newline at end of file