diff --git a/CHANGELOG.md b/CHANGELOG.md index dc611dc..efa79ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,12 +9,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added - Upcoming changes... -## [1.17.2] - 2024-10-29 +## [1.17.2] - 2024-11-01 ### Fixed - Fixed parsing of dependencies in Policy Checks - Fixed legacy SBOM.json support ### Added - Added supplier to SPDX packages +### Changed +- Changed undeclared summary output ## [1.17.1] - 2024-10-24 ### Fixed diff --git a/src/scanoss/inspection/undeclared_component.py b/src/scanoss/inspection/undeclared_component.py index f4f6ce2..d111334 100644 --- a/src/scanoss/inspection/undeclared_component.py +++ b/src/scanoss/inspection/undeclared_component.py @@ -115,20 +115,26 @@ def _markdown(self, components: list) -> Dict[str,Any]: 'summary': self._get_summary(components), } - def _generate_sbom_file(self, components: list) -> list: + def _generate_sbom_file(self, components: list) -> dict[str, list[dict[str, str]]]: """ Generate a list of PURLs for the SBOM file. :param components: List of undeclared components - :return: List of dictionaries containing PURLs + :return: SBOM Dictionary with components """ - sbom = {} + + unique_components = {} if components is None: self.print_stderr(f'WARNING: No components provided!') else: for component in components: - sbom[component['purl']] = { 'purl': component['purl'] } - return list(sbom.values()) + unique_components[component['purl']] = { 'purl': component['purl'] } + + sbom = { + 'components': list(unique_components.values()) + } + + return sbom def run(self): """ diff --git a/tests/policy-inspect-test.py b/tests/policy-inspect-test.py index 7497b94..3bfd897 100644 --- a/tests/policy-inspect-test.py +++ b/tests/policy-inspect-test.py @@ -172,20 +172,22 @@ def test_undeclared_policy(self): expected_summary_output = """5 undeclared component(s) were found. Add the following snippet into your `sbom.json` file ```json - [ - { - "purl": "pkg:github/scanoss/scanner.c" - }, - { - "purl": "pkg:github/scanoss/wfp" - }, - { - "purl": "pkg:npm/%40electron/rebuild" - }, - { - "purl": "pkg:npm/%40emotion/react" - } - ]``` + { + "components":[ + { + "purl": "pkg:github/scanoss/scanner.c" + }, + { + "purl": "pkg:github/scanoss/wfp" + }, + { + "purl": "pkg:npm/%40electron/rebuild" + }, + { + "purl": "pkg:npm/%40emotion/react" + } + ] + }``` """ self.assertEqual(len(details['components']), 5) self.assertEqual(re.sub(r'\s|\\(?!`)|\\(?=`)', '', summary), re.sub(r'\s|\\(?!`)|\\(?=`)', @@ -215,21 +217,25 @@ def test_undeclared_policy_markdown(self): expected_summary_output = """5 undeclared component(s) were found. Add the following snippet into your `sbom.json` file ```json - [ - { - "purl": "pkg:github/scanoss/scanner.c" - }, - { - "purl": "pkg:github/scanoss/wfp" - }, - { - "purl": "pkg:npm/%40electron/rebuild" - }, - { - "purl": "pkg:npm/%40emotion/react" - } - ]``` + { + "components":[ + { + "purl": "pkg:github/scanoss/scanner.c" + }, + { + "purl": "pkg:github/scanoss/wfp" + }, + { + "purl": "pkg:npm/%40electron/rebuild" + }, + { + "purl": "pkg:npm/%40emotion/react" + } + ] + }``` """ + + print(summary) self.assertEqual(status, 0) self.assertEqual(re.sub(r'\s|\\(?!`)|\\(?=`)', '', details), re.sub(r'\s|\\(?!`)|\\(?=`)', '', expected_details_output))