spdx_tools.spdx.writer.tagvalue.package_writer
1# SPDX-License-Identifier: Apache-2.0 2# Copyright (c) 2022 spdx contributors 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# http://www.apache.org/licenses/LICENSE-2.0 7# Unless required by applicable law or agreed to in writing, software 8# distributed under the License is distributed on an "AS IS" BASIS, 9# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 10# See the License for the specific language governing permissions and 11# limitations under the License. 12from beartype.typing import TextIO 13 14from spdx_tools.spdx.datetime_conversions import datetime_to_iso_string 15from spdx_tools.spdx.model import Package, PackageVerificationCode 16from spdx_tools.spdx.writer.tagvalue.checksum_writer import write_checksum_to_tag_value 17from spdx_tools.spdx.writer.tagvalue.tagvalue_writer_helper_functions import ( 18 transform_enum_name_to_tv, 19 write_actor, 20 write_text_value, 21 write_value, 22) 23 24 25def write_package(package: Package, text_output: TextIO): 26 text_output.write("## Package Information\n") 27 28 write_value("PackageName", package.name, text_output) 29 write_value("SPDXID", package.spdx_id, text_output) 30 write_value("PackageVersion", package.version, text_output) 31 write_value("PackageFileName", package.file_name, text_output) 32 write_actor("PackageSupplier", package.supplier, text_output) 33 write_actor("PackageOriginator", package.originator, text_output) 34 write_value("PackageDownloadLocation", package.download_location, text_output) 35 36 write_value("FilesAnalyzed", str(package.files_analyzed).lower(), text_output) 37 if package.verification_code: 38 package_verification_code = get_package_verification_code_string(package.verification_code) 39 write_value("PackageVerificationCode", package_verification_code, text_output) 40 41 for package_checksum in package.checksums: 42 write_value("PackageChecksum", write_checksum_to_tag_value(package_checksum), text_output) 43 44 write_value("PackageHomePage", package.homepage, text_output) 45 write_text_value("PackageSourceInfo", package.source_info, text_output) 46 47 write_value("PackageLicenseConcluded", package.license_concluded, text_output) 48 for license_info in package.license_info_from_files: 49 write_value("PackageLicenseInfoFromFiles", license_info, text_output) 50 write_value("PackageLicenseDeclared", package.license_declared, text_output) 51 write_text_value("PackageLicenseComments", package.license_comment, text_output) 52 write_text_value("PackageCopyrightText", package.copyright_text, text_output) 53 54 write_text_value("PackageSummary", package.summary, text_output) 55 write_text_value("PackageDescription", package.description, text_output) 56 write_text_value("PackageComment", package.comment, text_output) 57 58 for external_reference in package.external_references: 59 external_reference_str = " ".join( 60 [ 61 transform_enum_name_to_tv(external_reference.category.name), 62 external_reference.reference_type, 63 external_reference.locator, 64 ] 65 ) 66 write_value("ExternalRef", external_reference_str, text_output) 67 if external_reference.comment: 68 write_text_value("ExternalRefComment", external_reference.comment, text_output) 69 70 for attribution_text in package.attribution_texts: 71 write_text_value("PackageAttributionText", attribution_text, text_output) 72 73 if package.primary_package_purpose: 74 write_value( 75 "PrimaryPackagePurpose", transform_enum_name_to_tv(package.primary_package_purpose.name), text_output 76 ) 77 78 if package.release_date: 79 write_value("ReleaseDate", datetime_to_iso_string(package.release_date), text_output) 80 if package.built_date: 81 write_value("BuiltDate", datetime_to_iso_string(package.built_date), text_output) 82 if package.valid_until_date: 83 write_value("ValidUntilDate", datetime_to_iso_string(package.valid_until_date), text_output) 84 85 86def get_package_verification_code_string(verification_code: PackageVerificationCode) -> str: 87 if not verification_code.excluded_files: 88 return verification_code.value 89 90 excluded_files_str = " (excludes: " + " ".join(verification_code.excluded_files) + ")" 91 return verification_code.value + excluded_files_str
26def write_package(package: Package, text_output: TextIO): 27 text_output.write("## Package Information\n") 28 29 write_value("PackageName", package.name, text_output) 30 write_value("SPDXID", package.spdx_id, text_output) 31 write_value("PackageVersion", package.version, text_output) 32 write_value("PackageFileName", package.file_name, text_output) 33 write_actor("PackageSupplier", package.supplier, text_output) 34 write_actor("PackageOriginator", package.originator, text_output) 35 write_value("PackageDownloadLocation", package.download_location, text_output) 36 37 write_value("FilesAnalyzed", str(package.files_analyzed).lower(), text_output) 38 if package.verification_code: 39 package_verification_code = get_package_verification_code_string(package.verification_code) 40 write_value("PackageVerificationCode", package_verification_code, text_output) 41 42 for package_checksum in package.checksums: 43 write_value("PackageChecksum", write_checksum_to_tag_value(package_checksum), text_output) 44 45 write_value("PackageHomePage", package.homepage, text_output) 46 write_text_value("PackageSourceInfo", package.source_info, text_output) 47 48 write_value("PackageLicenseConcluded", package.license_concluded, text_output) 49 for license_info in package.license_info_from_files: 50 write_value("PackageLicenseInfoFromFiles", license_info, text_output) 51 write_value("PackageLicenseDeclared", package.license_declared, text_output) 52 write_text_value("PackageLicenseComments", package.license_comment, text_output) 53 write_text_value("PackageCopyrightText", package.copyright_text, text_output) 54 55 write_text_value("PackageSummary", package.summary, text_output) 56 write_text_value("PackageDescription", package.description, text_output) 57 write_text_value("PackageComment", package.comment, text_output) 58 59 for external_reference in package.external_references: 60 external_reference_str = " ".join( 61 [ 62 transform_enum_name_to_tv(external_reference.category.name), 63 external_reference.reference_type, 64 external_reference.locator, 65 ] 66 ) 67 write_value("ExternalRef", external_reference_str, text_output) 68 if external_reference.comment: 69 write_text_value("ExternalRefComment", external_reference.comment, text_output) 70 71 for attribution_text in package.attribution_texts: 72 write_text_value("PackageAttributionText", attribution_text, text_output) 73 74 if package.primary_package_purpose: 75 write_value( 76 "PrimaryPackagePurpose", transform_enum_name_to_tv(package.primary_package_purpose.name), text_output 77 ) 78 79 if package.release_date: 80 write_value("ReleaseDate", datetime_to_iso_string(package.release_date), text_output) 81 if package.built_date: 82 write_value("BuiltDate", datetime_to_iso_string(package.built_date), text_output) 83 if package.valid_until_date: 84 write_value("ValidUntilDate", datetime_to_iso_string(package.valid_until_date), text_output)
def
get_package_verification_code_string( verification_code: spdx_tools.spdx.model.package.PackageVerificationCode) -> str:
87def get_package_verification_code_string(verification_code: PackageVerificationCode) -> str: 88 if not verification_code.excluded_files: 89 return verification_code.value 90 91 excluded_files_str = " (excludes: " + " ".join(verification_code.excluded_files) + ")" 92 return verification_code.value + excluded_files_str