eric: comparison eric7/CycloneDXInterface/CycloneDXUtilities.py

-:6bbb4e047902
+:7085ece52151
 from EricWidgets.EricApplication import ericApp
 from EricWidgets import EricMessageBox
 from packageurl import PackageURL
-from cyclonedx.model import LicenseChoice
+from cyclonedx.model import (
+ExternalReference, ExternalReferenceType, LicenseChoice,
+OrganizationalContact, OrganizationalEntity, Tool, XsUri
+)
 from cyclonedx.model.bom import Bom
 from cyclonedx.model.component import Component
 from cyclonedx.model.vulnerability import Vulnerability, VulnerabilitySource
 from cyclonedx.output import (
 OutputFormat, SchemaVersion, get_instance as get_output_instance
 """
 from .CycloneDXConfigDialog import CycloneDXConfigDialog
 dlg = CycloneDXConfigDialog(venvName)
 if dlg.exec() == QDialog.DialogCode.Accepted:
 (inputSource, inputFile, fileFormat, schemaVersion, sbomFile,
-withVulnerabilities, withDependencies) = dlg.getData()
+withVulnerabilities, withDependencies, metadataDict) = dlg.getData()
 # check error conditions first
 if inputSource not in ("environment", "pipenv", "poetry",
 "requirements"):
 raise RuntimeError("Unsupported input source given.")
 " version is a mandatory field.</p>"
 ).format("".join(excludedList))
 )
 bom = Bom.from_parser(parser=parser)
+# TODO: add meta data to the BOM
+_amendMetaData(bom.metadata, metadataDict)
 output = get_output_instance(
 bom=bom,
 output_format=outputFormat,
 schema_version=SchemaVersion['V{0}'.format(
 schemaVersion.replace('.', '_')
 for component in components:
 if component.name == name:
 return component
 return None
+def _amendMetaData(bomMetaData, metadataDict):
+"""
+Function to amend the SBOM meta data according the given data.
+The modifications done are:
+<ul>
+<li>add eric7 to the tools</li>
+</ul>
+@param bomMetaData reference to the SBOM meta data object
+@type BomMetaData
+@param metadataDict dictionary containing additional meta data
+@type dict
+@return reference to the modified SBOM meta data object
+@rtype BomMetaData
+"""
+# add a Tool entry for eric7
+try:
+from importlib.metadata import version as meta_version
+__EricToolVersion = str(meta_version('eric-ide'))
+except Exception:
+from UI.Info import Version
+__EricToolVersion = Version
+EricTool = Tool(vendor='python-projects.org',
+name='eric-ide',
+version=__EricToolVersion)
+EricTool.external_references.update([
+ExternalReference(
+reference_type=ExternalReferenceType.DISTRIBUTION,
+url=XsUri(
+"https://pypi.org/project/eric-ide/"
+)
+),
+ExternalReference(
+reference_type=ExternalReferenceType.DOCUMENTATION,
+url=XsUri(
+"https://pypi.org/project/eric-ide/"
+)
+),
+ExternalReference(
+reference_type=ExternalReferenceType.ISSUE_TRACKER,
+url=XsUri(
+"https://tracker.die-offenbachs.homelinux.org"
+)
+),
+ExternalReference(
+reference_type=ExternalReferenceType.LICENSE,
+url=XsUri(
+"https://hg.die-offenbachs.homelinux.org/eric/file/tip/docs/"
+"LICENSE.GPL3"
+)
+),
+ExternalReference(
+reference_type=ExternalReferenceType.RELEASE_NOTES,
+url=XsUri(
+"https://hg.die-offenbachs.homelinux.org/eric/file/tip/docs/"
+"changelog"
+)
+),
+ExternalReference(
+reference_type=ExternalReferenceType.VCS,
+url=XsUri(
+"https://hg.die-offenbachs.homelinux.org/eric"
+)
+),
+ExternalReference(
+reference_type=ExternalReferenceType.WEBSITE,
+url=XsUri(
+"https://eric-ide.python-projects.org"
+)
+)
+])
+bomMetaData.tools.add(EricTool)
+# add the meta data info entered by the user (if any)
+if metadataDict is not None:
+# TODO: add the meta info
+if metadataDict["AuthorName"]:
+bomMetaData.authors = [OrganizationalContact(
+name=metadataDict["AuthorName"],
+email=metadataDict["AuthorEmail"]
+)]
+if metadataDict["Manufacturer"]:
+bomMetaData.manufacture = OrganizationalEntity(
+name=metadataDict["Manufacturer"]
+)
+if metadataDict["Supplier"]:
+bomMetaData.supplier = OrganizationalEntity(
+name=metadataDict["Supplier"])
+if metadataDict["License"]:
+bomMetaData.licenses = [LicenseChoice(
+license_expression=metadataDict["License"]
+)]
+if metadataDict["Name"]:
+bomMetaData.component = Component(
+name=metadataDict["Name"],
+component_type=metadataDict["Type"],
+version=metadataDict["Version"],
+description=metadataDict["Description"],
+author=metadataDict["AuthorName"],
+licenses=[LicenseChoice(
+license_expression=metadataDict["License"]
+)],
+)
+return bomMetaData

Mercurial Repositories > eric / file comparison

comparison: eric7/CycloneDXInterface/CycloneDXUtilities.py

eric7/CycloneDXInterface/CycloneDXUtilities.py