diff --git a/.github/workflows/licensedcode-data-index-release.yml b/.github/workflows/licensedcode-data-index-release.yml new file mode 100644 index 00000000000..de27ce89e0e --- /dev/null +++ b/.github/workflows/licensedcode-data-index-release.yml @@ -0,0 +1,90 @@ +name: Create library release archives, create a GH release and publish PyPI wheel and sdist on tag in main branch + + +# This is executed automatically on a tag in the main branch + +# Summary of the steps: +# - build wheels and sdist +# - upload wheels and sdist to PyPI +# - create gh-release and upload wheels and dists there +# TODO: smoke test wheels and sdist +# TODO: add changelog to release text body + +# WARNING: this is designed only for packages building as pure Python wheels + +on: + workflow_dispatch: + push: + tags: + - "licensedcode-v*.*.*" + +jobs: + build-pypi-distribs: + permissions: + contents: read # to fetch code (actions/checkout) + + name: Build and publish library to PyPI + runs-on: ubuntu-24.04 + + steps: + - uses: actions/checkout@v4 + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: 3.14 + + - name: Install pypa/build and twine + run: python -m pip install --user --upgrade build twine pkginfo flot + + - name: Install requirements then build main and mini wheel + run: etc/release/licensedcode-create-pypi-wheel-and-sdist.sh + + - name: Upload built archives + uses: actions/upload-artifact@v4 + with: + name: pypi_archives + path: dist/* + + + create-gh-release: + permissions: + contents: write + + name: Create GH release + needs: + - build-pypi-distribs + runs-on: ubuntu-24.04 + + steps: + - name: Download built archives + uses: actions/download-artifact@v4 + with: + name: pypi_archives + path: dist + + - name: Create GH release + uses: softprops/action-gh-release@v2 + with: + draft: true + files: dist/* + + + create-pypi-release: + name: Create PyPI release + needs: + - create-gh-release + runs-on: ubuntu-24.04 + environment: pypi-publish + permissions: + id-token: write + + steps: + - name: Download built archives + uses: actions/download-artifact@v4 + with: + name: pypi_archives + path: dist + + - name: Publish to PyPI + if: startsWith(github.ref, 'refs/tags') + uses: pypa/gh-action-pypi-publish@release/v1 \ No newline at end of file diff --git a/.github/workflows/scancode-release.yml b/.github/workflows/scancode-release.yml index b8bbf9077ee..09193613bc5 100644 --- a/.github/workflows/scancode-release.yml +++ b/.github/workflows/scancode-release.yml @@ -20,7 +20,7 @@ on: permissions: {} jobs: - build_scancode_wheel_for_pypi: + build_scancode_wheels_sdist_for_pypi: permissions: contents: read # to fetch code (actions/checkout) @@ -31,59 +31,25 @@ jobs: run: shell: bash - strategy: - fail-fast: true - matrix: - pyver: ["3.10", "3.11", "3.12", "3.13", "3.14"] - - steps: - - uses: actions/checkout@v4 - - - name: Set up Python on ${{ matrix.pyver }} - uses: actions/setup-python@v5 - with: - python-version: ${{ matrix.pyver }} - - - name: Install requirements then build main and mini wheel - run: etc/release/scancode-create-pypi-wheel.sh - - - name: Collect built wheels for ${{ matrix.pyver }} - uses: actions/upload-artifact@v4 - with: - name: wheels-${{ matrix.pyver }} - path: dist/*.whl - - - build_scancode_sdist_for_pypi: - permissions: - contents: read # to fetch code (actions/checkout) - - name: Build PyPI sdist archives - runs-on: ubuntu-24.04 - - defaults: - run: - shell: bash - - strategy: - fail-fast: true - steps: - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: - python-version: "3.14" + python-version: 3.14 + + - name: Install requirements then build main and mini wheel, sdist + run: etc/release/scancode-create-pypi-wheel-and-sdist.sh - - name: Install requirements then build main and mini sdist - run: etc/release/scancode-create-pypi-sdist.sh + - name: Install requirements then build licensedcode data/index wheels, sdist + run: etc/release/licensedcode-create-pypi-wheel-and-sdist.sh - - name: Collect built sdist + - name: Collect built wheels and sdist uses: actions/upload-artifact@v4 with: - name: sdists - path: dist/*.tar.gz + name: wheels_sdist + path: dist/* build_scancode_for_release_linux: @@ -229,7 +195,7 @@ jobs: name: Test PyPI wheels on linux and mac needs: - - build_scancode_wheel_for_pypi + - build_scancode_wheels_sdist_for_pypi runs-on: ${{ matrix.os }} defaults: @@ -239,7 +205,7 @@ jobs: strategy: fail-fast: true matrix: - os: [ubuntu-24.04, ubuntu-24.04, macos-14, macos-15] + os: [ubuntu-24.04, ubuntu-24.04, macos-14, macos-15-large] pyver: ["3.10", "3.11", "3.12", "3.13", "3.14"] steps: @@ -253,16 +219,20 @@ jobs: - name: Download wheels artifact uses: actions/download-artifact@v4 with: - name: wheels-${{ matrix.pyver }} + name: wheels_sdist path: dist - - name: test install wheels + - name: install and test wheels run: | echo "license: gpl-2.0" > some.file rm -rf venv; \ python -m venv venv venv/bin/python -m pip install --upgrade pip wheel setuptools - for f in `find dist -type f -name "*${{ matrix.pyver }}*"`; \ + for f in `find dist -type f -name "licensedcode*.whl"`; \ + do \ + venv/bin/python -m pip install --force-reinstall "$f" ; \ + done + for f in `find dist -type f -name "scancode_toolkit-*.whl"`; \ do \ venv/bin/python -m pip install --force-reinstall "$f[full]" ; \ venv/bin/scancode -clipeu --json-pp - some.file ; \ @@ -275,7 +245,7 @@ jobs: name: Test PyPI wheels on Windows needs: - - build_scancode_wheel_for_pypi + - build_scancode_wheels_sdist_for_pypi runs-on: ${{ matrix.os }} defaults: @@ -299,15 +269,19 @@ jobs: - name: Download wheels artifact uses: actions/download-artifact@v4 with: - name: wheels-${{ matrix.pyver }} + name: wheels_sdist path: dist - - name: test install wheel + - name: install and test wheels run: | echo "license: gpl-2.0" > some.file python -m venv venv venv/Scripts/python.exe -m pip install --upgrade pip - for f in `find dist -type f -name "*${{ matrix.pyver }}*"`; \ + for f in `find dist -type f -name "licensedcode*.whl"`; \ + do \ + venv/Scripts/python.exe -m pip install --force-reinstall "$f" ; \ + done + for f in `find dist -type f -name "scancode_toolkit-*.whl"`; \ do \ venv/Scripts/python.exe -m pip install --force-reinstall "$f[full]" ; \ venv/Scripts/scancode -clipeu --json-pp - some.file ; \ @@ -375,7 +349,7 @@ jobs: strategy: fail-fast: true matrix: - os: [macos-14, macos-15] + os: [macos-14, macos-15-large] pyver: ["3.10", "3.11", "3.12", "3.13", "3.14"] steps: @@ -454,6 +428,7 @@ jobs: - build_scancode_for_release_windows - build_scancode_for_release_linux - build_scancode_for_release_macos + - build_scancode_wheels_sdist_for_pypi runs-on: ubuntu-24.04 defaults: @@ -559,6 +534,12 @@ jobs: name: windows_app_py_3.14 path: dist + - name: Download scancode and licensedcode wheels + uses: actions/download-artifact@v4 + with: + name: wheels_sdist + path: dist + - name: Mock GH release run: | ls -al dist @@ -573,8 +554,7 @@ jobs: publish_to_pypi: name: Publish to PyPI needs: - - build_scancode_wheel_for_pypi - - build_scancode_sdist_for_pypi + - build_scancode_wheels_sdist_for_pypi - smoke_test_install_and_run_pypi_wheels_on_windows - smoke_test_install_and_run_pypi_wheels_on_posix - publish_to_gh_release @@ -585,10 +565,6 @@ jobs: defaults: run: shell: bash - strategy: - fail-fast: false - matrix: - dist_names: ["wheels-3.10", "wheels-3.11", "wheels-3.12", "wheels-3.13", "wheels-3.14", "sdists"] steps: - name: Set up Python @@ -596,10 +572,10 @@ jobs: with: python-version: 3.14 - - name: Download a single artifact + - name: scancode and licensedcode wheels uses: actions/download-artifact@v4 with: - name: ${{ matrix.dist_names }} + name: wheels_sdist path: dist - name: Mock PyPI upload @@ -607,4 +583,5 @@ jobs: ls -al dist - name: Publish distributions to PyPI + if: startsWith(github.ref, 'refs/tags') uses: pypa/gh-action-pypi-publish@release/v1 diff --git a/configure b/configure index 2eb84020d52..31fde0345e4 100755 --- a/configure +++ b/configure @@ -142,16 +142,17 @@ CLI_ARGS=$1 ################################ BASE=".[packages]" -BASE_DEV=".[packages,testing]" +BASE_DEV=".[packages,dev]" if [[ $OSTYPE == 'darwin'* ]]; then BASE="." - BASE_DEV=".[testing]" + BASE_DEV=".[dev]" fi # Requirement arguments passed to pip and used by default or with --dev. -REQUIREMENTS="--editable . --constraint requirements.txt" -DEV_REQUIREMENTS="--editable .[dev,packages] --constraint requirements.txt --constraint requirements-dev.txt" -PROD_REQUIREMENTS="scancode_toolkit*.whl" +REQUIREMENTS="--no-build-isolation --editable $BASE --constraint requirements.txt --constraint requirements-linux.txt" +DEV_REQUIREMENTS="--no-build-isolation --editable $BASE_DEV --constraint requirements.txt --constraint requirements-linux.txt --constraint requirements-dev.txt" +PROD_REQUIREMENTS="--no-build-isolation scancode_toolkit*.whl" +FLOT_REQUIREMENTS="etc/thirdparty/flot*.whl" # where we create a virtualenv VIRTUALENV_DIR=venv @@ -173,16 +174,10 @@ CFG_ROOT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" CFG_BIN_DIR=$CFG_ROOT_DIR/$VIRTUALENV_DIR/bin -################################ -# Install with or without and index. With "--no-index" this is using only local wheels -# This is an offline mode with no index and no network operations -# NO_INDEX="--no-index " -NO_INDEX="" - - ################################ # Thirdparty package locations and index handling # Find packages from the local thirdparty directory if present +# offline mode for scancode installation with no Pypi index at all thirddir=$CFG_ROOT_DIR/thirdparty if [[ "$(echo $thirddir/*.whl)x" != "$thirddir/*.whlx" ]]; then PIP_EXTRA_ARGS="--no-index --find-links $CFG_ROOT_DIR/thirdparty" @@ -255,7 +250,6 @@ install_packages() { # We always have the PEP517 build dependencies installed already. "$CFG_BIN_DIR/pip" install \ --upgrade \ - --no-build-isolation \ $CFG_QUIET \ $PIP_EXTRA_ARGS \ $1 @@ -317,6 +311,7 @@ PIP_EXTRA_ARGS="$PIP_EXTRA_ARGS" find_python create_virtualenv "$VIRTUALENV_DIR" +install_packages "$FLOT_REQUIREMENTS" install_packages "$CFG_REQUIREMENTS" . "$CFG_BIN_DIR/activate" "$CFG_BIN_DIR/scancode-train-gibberish-model" diff --git a/configure.bat b/configure.bat index 022b24a93b7..a1cfe51639a 100644 --- a/configure.bat +++ b/configure.bat @@ -26,9 +26,10 @@ @rem ################################ @rem # Requirement arguments passed to pip and used by default or with --dev. -set "REQUIREMENTS=--editable . --constraint requirements.txt" -set "DEV_REQUIREMENTS=--editable .[dev] --constraint requirements.txt --constraint requirements-dev.txt" -set "PROD_REQUIREMENTS=scancode_toolkit*.whl" +set "REQUIREMENTS=--no-build-isolation --editable . --constraint requirements.txt" +set "DEV_REQUIREMENTS=--no-build-isolation --editable .[dev] --constraint requirements.txt --constraint requirements-dev.txt" +set "PROD_REQUIREMENTS=--no-build-isolation scancode_toolkit*.whl" +set "FLOT_REQUIREMENTS=etc/thirdparty/flot-0.7.3-py3-none-any.whl.ABOUT" @rem # where we create a virtualenv set "VIRTUALENV_DIR=venv" @@ -157,10 +158,16 @@ if %ERRORLEVEL% neq 0 ( "%CFG_BIN_DIR%\pip" install ^ --upgrade ^ - --no-build-isolation ^ + %CFG_QUIET% ^ + %PIP_EXTRA_ARGS% ^ + %FLOT_REQUIREMENTS% + +"%CFG_BIN_DIR%\pip" install ^ + --upgrade ^ %CFG_QUIET% ^ %PIP_EXTRA_ARGS% ^ %CFG_REQUIREMENTS% + "%CFG_BIN_DIR%\scancode-train-gibberish-model" @rem ################################ diff --git a/etc/release/scancode-create-pypi-wheel.sh b/etc/release/licensedcode-create-pypi-wheel-and-sdist.sh similarity index 66% rename from etc/release/scancode-create-pypi-wheel.sh rename to etc/release/licensedcode-create-pypi-wheel-and-sdist.sh index 0955022dbfa..2e05e8d9f5b 100755 --- a/etc/release/scancode-create-pypi-wheel.sh +++ b/etc/release/licensedcode-create-pypi-wheel-and-sdist.sh @@ -22,18 +22,9 @@ venv/bin/scancode-reindex-licenses venv/bin/scancode-reindex-package-patterns venv/bin/scancode-train-gibberish-model -python_tag=$( python -c "import platform;print(f\"cp{''.join(platform.python_version_tuple()[:2])}\")" ) - -venv/bin/python setup.py --quiet bdist_wheel --python-tag $python_tag - -rm -rf build .eggs src/scancode_toolkit*.egg-info src/scancode_toolkit_mini*.egg-info -cp setup.cfg setup-main.cfg -cp setup-mini.cfg setup.cfg - -venv/bin/python setup.py --quiet bdist_wheel --python-tag $python_tag - -cp setup-main.cfg setup.cfg -rm setup-main.cfg +# build license data packages +venv/bin/flot --pyproject pyproject-licensedcode-data.toml --wheel --sdist +venv/bin/flot --pyproject pyproject-licensedcode-index.toml --wheel --sdist venv/bin/twine check dist/* diff --git a/etc/release/scancode-create-pypi-sdist.sh b/etc/release/scancode-create-pypi-wheel-and-sdist.sh similarity index 62% rename from etc/release/scancode-create-pypi-sdist.sh rename to etc/release/scancode-create-pypi-wheel-and-sdist.sh index fe8cdd75440..7ad0263e66d 100755 --- a/etc/release/scancode-create-pypi-sdist.sh +++ b/etc/release/scancode-create-pypi-wheel-and-sdist.sh @@ -9,7 +9,8 @@ # ################################################################################ -# ScanCode release build script for PyPI sdists +# ScanCode release build script for PyPI wheels. +# Build a wheel for the current Python version ################################################################################ set -e @@ -17,16 +18,13 @@ set -e #set -x ./configure --dev -venv/bin/python setup.py --quiet sdist +venv/bin/scancode-reindex-licenses +venv/bin/scancode-reindex-package-patterns +venv/bin/scancode-train-gibberish-model -rm -rf build .eggs src/scancode_toolkit*.egg-info src/scancode_toolkit_mini*.egg-info -cp setup.cfg setup-main.cfg -cp setup-mini.cfg setup.cfg - -venv/bin/python setup.py --quiet sdist - -cp setup-main.cfg setup.cfg -rm setup-main.cfg +# build code packages +venv/bin/flot --pyproject pyproject-scancode-toolkit.toml --wheel --sdist +venv/bin/flot --pyproject pyproject-scancode-toolkit-mini.toml --wheel --sdist venv/bin/twine check dist/* diff --git a/etc/release/scancode-create-release-app-linux.sh b/etc/release/scancode-create-release-app-linux.sh index 7cea129d9fb..82fbcbf32fe 100755 --- a/etc/release/scancode-create-release-app-linux.sh +++ b/etc/release/scancode-create-release-app-linux.sh @@ -64,10 +64,11 @@ cp -r etc/thirdparty $release_dir/etc # Build the wheel ./configure --dev -venv/bin/scancode-reindex-licenses venv/bin/scancode-reindex-package-patterns venv/bin/scancode-train-gibberish-model -venv/bin/python setup.py --quiet bdist_wheel --python-tag cp$python_version +venv/bin/scancode-reindex-licenses +venv/bin/flot --pyproject pyproject-scancode-toolkit.toml --wheel +venv/bin/flot --pyproject pyproject-licensedcode-index.toml --wheel cp -r \ dist/scancode_*.whl \ @@ -77,6 +78,10 @@ cp -r \ *NOTICE *LICENSE *ABOUT \ $release_dir +cp -r \ + dist/licensedcode_index*.whl \ + $release_dir/thirdparty + tarball=scancode-toolkit-$(git describe --tags)_py$python_dot_version-$operating_system.tar.gz mkdir -p release tar -cvzf release/$tarball $release_dir diff --git a/etc/release/scancode-create-release-app-macos.sh b/etc/release/scancode-create-release-app-macos.sh index 9bf6962e24d..2e80bdb53c9 100755 --- a/etc/release/scancode-create-release-app-macos.sh +++ b/etc/release/scancode-create-release-app-macos.sh @@ -20,7 +20,7 @@ set -e operating_system=macos python_dot_version=$1 python_version=${python_dot_version//.} -python_exe="python3" +python_exe="python$python_dot_version" release_dir=scancode-toolkit-$(git describe --tags) rm -rf $release_dir @@ -62,10 +62,11 @@ cp -r etc/thirdparty $release_dir/etc # Build the wheel ./configure --dev -venv/bin/scancode-reindex-licenses venv/bin/scancode-reindex-package-patterns venv/bin/scancode-train-gibberish-model -venv/bin/python setup.py --quiet bdist_wheel --python-tag cp$python_version +venv/bin/scancode-reindex-licenses +venv/bin/flot --pyproject pyproject-scancode-toolkit.toml --wheel +venv/bin/flot --pyproject pyproject-licensedcode-index.toml --wheel cp -r \ dist/scancode_*.whl \ @@ -75,6 +76,10 @@ cp -r \ *NOTICE *LICENSE *ABOUT \ $release_dir +cp -r \ + dist/licensedcode_index*.whl \ + $release_dir/thirdparty + tarball=scancode-toolkit-$(git describe --tags)_py$python_dot_version-$operating_system.tar.gz mkdir -p release tar -cvzf release/$tarball $release_dir diff --git a/etc/release/scancode-create-release-app-sources.sh b/etc/release/scancode-create-release-app-sources.sh index c7fa0fb61e1..348d5bfc049 100755 --- a/etc/release/scancode-create-release-app-sources.sh +++ b/etc/release/scancode-create-release-app-sources.sh @@ -9,7 +9,7 @@ # ################################################################################ -# ScanCode release build script for a Windows app archive +# ScanCode release build script for a source archive for the apps ################################################################################ set -e @@ -24,12 +24,11 @@ git describe --tags > $release_dir/SCANCODE_VERSION thirdparty_dir=$release_dir/thirdparty mkdir -p $thirdparty_dir -# build an sdist ./configure --dev -venv/bin/python setup.py --quiet sdist -mv dist/*.tar.gz $release_dir +venv/bin/flot --pyproject pyproject-scancode-toolkit.toml --sdist -./configure --dev +# collect other built dist +mv dist/*.tar.gz $release_dir venv/bin/python etc/scripts/fetch_thirdparty.py \ --requirements requirements.txt \ @@ -51,6 +50,7 @@ cp -r etc/thirdparty $release_dir/etc cp -r \ scancode.bat scancode extractcode extractcode.bat configure configure.bat \ *.rst \ + *.toml \ docs \ samples \ *NOTICE *LICENSE *ABOUT \ diff --git a/etc/release/scancode-create-release-app-windows.sh b/etc/release/scancode-create-release-app-windows.sh index 5d6950a85a1..371ff3f7af3 100755 --- a/etc/release/scancode-create-release-app-windows.sh +++ b/etc/release/scancode-create-release-app-windows.sh @@ -59,12 +59,14 @@ rm -rf $thirdparty_src_dir mkdir -p $release_dir/etc cp -r etc/thirdparty $release_dir/etc -# Build the wheel +# Build the app archive ./configure --dev -venv/bin/scancode-reindex-licenses + venv/bin/scancode-reindex-package-patterns venv/bin/scancode-train-gibberish-model -venv/bin/python setup.py --quiet bdist_wheel --python-tag cp$python_version +venv/bin/scancode-reindex-licenses +venv/bin/flot --pyproject pyproject-scancode-toolkit.toml --wheel +venv/bin/flot --pyproject pyproject-licensedcode-index.toml --wheel cp -r \ dist/scancode_*.whl \ @@ -74,6 +76,10 @@ cp -r \ *NOTICE *LICENSE *ABOUT \ $release_dir +cp -r \ + dist/licensedcode_index*.whl \ + $release_dir/thirdparty + zipball=scancode-toolkit-$(git describe --tags)_py$python_dot_version-$operating_system.zip mkdir -p release zip -r release/$zipball $release_dir diff --git a/etc/thirdparty/flot-0.7.3-py3-none-any.whl b/etc/thirdparty/flot-0.7.3-py3-none-any.whl new file mode 100644 index 00000000000..a3676dbf7ea Binary files /dev/null and b/etc/thirdparty/flot-0.7.3-py3-none-any.whl differ diff --git a/etc/thirdparty/flot-0.7.3-py3-none-any.whl.ABOUT b/etc/thirdparty/flot-0.7.3-py3-none-any.whl.ABOUT new file mode 100644 index 00000000000..4ee1475a3df --- /dev/null +++ b/etc/thirdparty/flot-0.7.3-py3-none-any.whl.ABOUT @@ -0,0 +1,10 @@ +about_resource: flot-0.7.3-py3-none-any.whl +name: flot +version: 0.7.3 +download_url: https://files.pythonhosted.org/packages/54/98/9fc7924de9ebff67602f6934fff7411d089468d5aee878d7fd2f9d8be1f5/flot-0.7.2-py3-none-any.whl +copyright: | + Copyright (c) nexB Inc. and contributors + Copyright (c) 2015, Thomas Kluyver and contributors + Copyright (c) Donald Stufft and individual contributors. +license_expression_spdx: BSD-2-clause AND BSD-3-clause +license_file: flot.LICENSE \ No newline at end of file diff --git a/etc/thirdparty/flot.LICENSE b/etc/thirdparty/flot.LICENSE new file mode 100644 index 00000000000..3d8c662dced --- /dev/null +++ b/etc/thirdparty/flot.LICENSE @@ -0,0 +1,52 @@ +Copyright (c) nexB Inc. and contributors +Copyright (c) 2015, Thomas Kluyver and contributors +Copyright (c) Donald Stufft and individual contributors. + +SPDX-License-Identifier: BSD-2-clause AND BSD-3-clause + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this +list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, +this list of conditions and the following disclaimer in the documentation and/or +other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its contributors +may be used to endorse or promote products derived from this software without +specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR +ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON +ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/pyproject-licensedcode-data.toml b/pyproject-licensedcode-data.toml new file mode 100644 index 00000000000..1ab76b18caa --- /dev/null +++ b/pyproject-licensedcode-data.toml @@ -0,0 +1,63 @@ +[build-system] +requires = [ "flot>=0.7.0" ] +build-backend = "flot.buildapi" + +[project] +name = "licensedcode-data" +version = "32.5.0" +description = "A packaging of the ScanCode licensedb license and license rules database." +long_description_content_type = "text/x-rst" +readme = "src/licensedcode/data/README.rst" +license = { text = "Apache-2.0 AND CC-BY-4.0 AND LicenseRef-scancode-other-permissive AND LicenseRef-scancode-other-copyleft" } +authors = [ + { name = "nexB. Inc. and others", email = "info@aboutcode.org" }, +] +keywords = [ + "open source", + "license", + "licensing", +] + +classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Topic :: Software Development", + "Topic :: Utilities", +] + +[project.urls] +Homepage = "https://github.com/nexB/scancode-toolkit" + +[tool.flot] +wheel_path_prefixes_to_strip = [ "src" ] + +includes = [ + "src/licensedcode/data/**/*", + "src/licensedcode/README.rst", +] + +excludes = [ + "src/licensedcode/data/cache/**/*", +] + +metadata_files = [ + "*.LICENSE", + "NOTICE", + "AUTHORS.rst", + "CHANGELOG.rst", + "CODE_OF_CONDUCT.rst", +] + +editable_paths = [ "src" ] + +sdist_extra_includes = [ + ".gitattributes", + ".gitignore", + "*.LICENSE", + "NOTICE", + "*.ABOUT", + "pyproject-licensedcode-data.toml", + "*.yml", + "*.rst", +] diff --git a/pyproject-licensedcode-index.toml b/pyproject-licensedcode-index.toml new file mode 100644 index 00000000000..13fbe64bf31 --- /dev/null +++ b/pyproject-licensedcode-index.toml @@ -0,0 +1,62 @@ +[build-system] +requires = [ "flot>=0.7.0" ] +build-backend = "flot.buildapi" + +[project] +name = "licensedcode-index" +version = "32.5.0" +description = "A packaging of the ScanCode licensedb license and license rules pre-built index. Can only be used with ScanCode-Toolkit." +long_description_content_type = "text/x-rst" +readme = "src/licensedcode/data/README.rst" +license = { text = "Apache-2.0 AND CC-BY-4.0 AND LicenseRef-scancode-other-permissive AND LicenseRef-scancode-other-copyleft" } +authors = [ + { name = "nexB. Inc. and others", email = "info@aboutcode.org" }, +] +keywords = [ + "open source", + "license", + "licensing", +] + +classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Topic :: Software Development", + "Topic :: Utilities", +] + +[project.urls] +Homepage = "https://github.com/nexB/scancode-toolkit" + +[tool.flot] +wheel_path_prefixes_to_strip = [ "src" ] + +includes = [ + "src/licensedcode/data/cache/**/*", + "src/licensedcode/data/cc-by-4.0.LICENSE", + "src/licensedcode/data/scancode-data.ABOUT", + "src/licensedcode/README.rst", + "src/licensedcode/data/README.rst", +] + +metadata_files = [ + "*.LICENSE", + "NOTICE", + "AUTHORS.rst", + "CHANGELOG.rst", + "CODE_OF_CONDUCT.rst", +] + +editable_paths = [ "src" ] + +sdist_extra_includes = [ + ".gitattributes", + ".gitignore", + "*.LICENSE", + "NOTICE", + "*.ABOUT", + "pyproject-licensedcode-index.toml", + "*.yml", + "*.rst", +] diff --git a/pyproject-scancode-toolkit-mini.toml b/pyproject-scancode-toolkit-mini.toml new file mode 100644 index 00000000000..3ad6b7f83d8 --- /dev/null +++ b/pyproject-scancode-toolkit-mini.toml @@ -0,0 +1,367 @@ +[build-system] +requires = [ "flot>=0.7.0" ] +build-backend = "flot.buildapi" + +[project] +name = "scancode-toolkit-mini" +version = "32.5.0" +description = "ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts." +readme = "README.rst" +license = { text = "Apache-2.0 AND CC-BY-4.0 AND LicenseRef-scancode-other-permissive AND LicenseRef-scancode-other-copyleft" } +requires-python = ">=3.10" +authors = [ + { name = "nexB. Inc. and others", email = "info@aboutcode.org" }, +] +keywords = [ + "open source", + "scan", + "license", + "package", + "dependency", + "copyright", + "filetype", + "author", + "extract", + "licensing", + "scan", + "sca", + "SBOM", + "spdx", + "cyclonedx", + "package-url", + "purl", +] + +classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Topic :: Software Development", + "Topic :: Utilities", +] + +dependencies = [ + "licensedcode-index", + "attrs >= 18.1,!=20.1.0;python_version<'3.11'", + "attrs >= 22.1.0;python_version>='3.11'", + "Beautifulsoup4[chardet] >= 4.13.0", + "boolean.py >= 4.0", + "chardet >= 3.0.0", + "click >= 6.7, !=7.0, !=8.1.8;python_version<'3.10'", + "click >= 8.2.0;python_version>='3.10'", + "colorama >= 0.3.9", + "commoncode >= 32.4.2", + "cyseq >= 0.1.2", + "container-inspector >= 31.0.0", + "debian-inspector >= 31.1.0", + "dparse2 >= 0.7.0", + "fasteners", + "fingerprints >= 0.6.0, <=1.2.3", + "ftfy >= 6.0.0", + "gemfileparser2 >= 0.9.0", + "html5lib", + "importlib_metadata", + "intbitset >= 4.1.0", + "jaraco.functools", + "javaproperties >= 0.5", + "jinja2 >= 2.7.0", + "jsonstreams >= 0.5.0", + "license_expression >= 30.4.4", + "lxml >= 5.4.0", + "MarkupSafe >= 2.1.2", + "multiregex >= 2.0.3", + "normality <= 2.6.1", + "packageurl_python >= 0.9.0", + "packvers >= 21.0.0", + # use temp advanced patched release + "parameter-expansion-patched >= 0.3.1", + "pdfminer.six >= 20251227", + "pefile >= 2020.1.1", + "pip-requirements-parser >= 32.0.1", + "pkginfo2 >= 30.0.0", + "pluggy >= 1.0.0", + "plugincode >= 32.0.0", + "publicsuffix2", + "pyahocorasick >= 2.3.0", + "pygmars >= 1.0.0", + "pygments >= 1.0.0", + "pymaven_patch >= 0.2.8", + "requests >= 2.7.0", + "saneyaml >= 0.6.0", + "spdx_tools == 0.8.2", + "text_unidecode >= 1.0", + "tomli >= 2", + "urlpy", + "xmltodict >= 0.11.0", + "zipp >= 3.0.0; python_version < \"3.9\"", + "typecode >= 30.0.1", + #"typecode[full] >= 30.1.0", + #"extractcode[full] >= 31.0.0", +] + +[project.urls] +Homepage = "https://github.com/nexB/scancode-toolkit" + + +[project.optional-dependencies] +licenses = [ + "licensecode-data", +] + +# no impact but added for symmetry with the mini config +full = [ + "extractcode[full] >= 31.0.0", + "typecode[full] >= 30.0.0", +] + +# linux-only package handling +packages = [ + "rpm_inspector_rpm >= 4.16.1.3; platform_system == 'Linux'", + "regipy >= 3.1.0; platform_system == 'Linux'", + "packagedcode_msitools >= 0.101.210706; platform_system == 'Linux'", +] + +dev = [ + "flot", + "pytest >= 6, != 7.0.0", + "pytest-xdist >= 2", + "aboutcode-toolkit >= 7.0.2", + "pycodestyle >= 2.8.0", + "twine", + "black", + "isort", + "vendorize >= 0.3.0", + "pytest-rerunfailures", + "ruff", + "bump-my-version", + "Sphinx >= 5.0.2", + "sphinx_rtd_theme >= 0.5.1", + "sphinx-reredirects >= 0.1.2", + "doc8 >= 0.8.1", + "sphinx-autobuild", + "sphinx-rtd-dark-mode>=1.3.0", + "sphinx-copybutton", +] + + +[tool.bumpversion] +current_version = "32.5.0" +allow_dirty = true + +files = [ + { filename = "src/scancode_config.py" }, + { filename = "pyproject.toml" }, + { filename = "pyproject-scancode-toolkit-mini.toml" }, + { filename = "pyproject-packagedcode.toml" }, + +] + + +[tool.flot] +wheel_path_prefixes_to_strip = [ "src" ] + +includes = [ + "src/**/*", +] + +excludes = [ + # these are now provided by separate, smaller packages + "src/licensedcode/data/**/*", + + # scancode_toolkit.egg-info is only for editable local config + "src/scancode_toolkit.egg-info/**/*", + + "docs/build/**/*", + + # Python compiled files + "**/*.py[cod]", + "**/*.egg-info", + # Various junk and temp files + "**/.DS_Store", + "**/*~", + "**/.*.sw[po]", + "**/.ve", + "**/*.bak", + "**/.ipynb_checkpoints", +] + +metadata_files = [ + "*.LICENSE", + "NOTICE", + "AUTHORS.rst", + "CHANGELOG.rst", + "CODE_OF_CONDUCT.rst", +] + +editable_paths = [ "src", "tests" ] + +sdist_extra_includes = [ + "etc/**/*", + # "docs/**/*", + ".github/**/*", + # "samples/**/*", + # "tests/**/*", + ".gitattributes", + ".gitignore", + "*.LICENSE", + "NOTICE", + "*.ABOUT", + "*.toml", + "*.yml", + "*.rst", + "*.py", + + "requirements*", + + "configure*", + "extractcode*", + "scancode*", + + ".dockerignore", + "Dockerfile*", + # path to executable used by a built app + "PYTHON_EXECUTABLE*", + ".VERSION", +] + + +[tool.isort] +force_single_line = "True" +line_length = 88 +sections = "FUTURE,STDLIB,THIRDPARTY,FIRSTPARTY,LOCALFOLDER" +skip = "doc,venv,tmp,thirdparty,build,dist" + + +[project.scripts] +scancode = "scancode.cli:scancode" +scancode-reindex-licenses = "licensedcode.reindex:reindex_licenses" +scancode-license-data = "licensedcode.license_db:dump_scancode_license_data" +regen-package-docs = "packagedcode.regen_package_docs:regen_package_docs" +scancode-reindex-package-patterns = "packagedcode.cache:cache_package_patterns" +add-required-phrases = "licensedcode.required_phrases:add_required_phrases" +gen-new-required-phrases-rules = "licensedcode.required_phrases:gen_required_phrases_rules" +scancode-train-gibberish-model = "textcode.train_gibberish_model:train_gibberish_model" + + +# These are configurations for ScanCode plugins as entry points. +# Each plugin entry hast this form: +# plugin-name = f"ully.qualified.module:PluginClass" +# where plugin-name must be a unique arbitrary name for this entrypoint. + +# scancode_pre_scan is the entry point for pre_scan plugins executed before the +# scans. See also plugincode.pre_scan module for details and doc. +[project.entry-points.scancode_pre_scan] +ignore = "scancode.plugin_ignore:ProcessIgnore" +facet = "summarycode.facet:AddFacet" + + +# scancode_scan is the entry point for scan plugins that run a scan after the +# pre_scan plugins and before the post_scan plugins. See also plugincode.scan +# module for details and doc. +[project.entry-points.scancode_scan] +info = "scancode.plugin_info:InfoScanner" +licenses = "licensedcode.plugin_license:LicenseScanner" +copyrights = "cluecode.plugin_copyright:CopyrightScanner" +packages = "packagedcode.plugin_package:PackageScanner" +emails = "cluecode.plugin_email:EmailScanner" +urls = "cluecode.plugin_url:UrlScanner" +generated = "summarycode.generated:GeneratedCodeDetector" + + +# scancode_post_scan is the entry point for post_scan plugins executed after the +# scan plugins and before the output plugins. See also plugincode.post_scan +# module for details and doc. +[project.entry-points.scancode_post_scan] +summary = "summarycode.summarizer:ScanSummary" +tallies = "summarycode.tallies:Tallies" +tallies-with-details = "summarycode.tallies:TalliesWithDetails" +tallies-key-files = "summarycode.tallies:KeyFilesTallies" +tallies-by-facet = "summarycode.tallies:FacetTallies" +license-clarity-score = "summarycode.score:LicenseClarityScore" +license-policy = "licensedcode.plugin_license_policy:LicensePolicy" +mark-source = "scancode.plugin_mark_source:MarkSource" +filter-clues = "cluecode.plugin_filter_clues:RedundantCluesFilter" +consolidate = "summarycode.plugin_consolidate:Consolidator" +license-references = "licensedcode.licenses_reference:LicenseReference" +todo = "summarycode.todo:AmbiguousDetectionsToDoPlugin" +classify = "summarycode.classify_plugin:FileClassifier" + + +# scancode_output_filter is the entry point for filter plugins executed after +# the post-scan plugins and used by the output plugins to exclude/filter certain +# files or directories from the codebase. See also plugincode.post_scan module +# for details and doc. +[project.entry-points.scancode_output_filter] +only-findings = "scancode.plugin_only_findings:OnlyFindings" +ignore-copyrights = "cluecode.plugin_ignore_copyrights:IgnoreCopyrights" + + +# scancode_output is the entry point for output plugins that write a scan output +# in a given format at the end of a scan. See also plugincode._output module for +# details and doc. +[project.entry-points.scancode_output] +html = "formattedcode.output_html:HtmlOutput" +html-app = "formattedcode.output_html:HtmlAppOutput" +json = "formattedcode.output_json:JsonCompactOutput" +json-pp = "formattedcode.output_json:JsonPrettyOutput" +spdx-tv = "formattedcode.output_spdx:SpdxTvOutput" +spdx-rdf = "formattedcode.output_spdx:SpdxRdfOutput" +csv = "formattedcode.output_csv:CsvOutput" +jsonlines = "formattedcode.output_jsonlines:JsonLinesOutput" +template = "formattedcode.output_html:CustomTemplateOutput" +debian = "formattedcode.output_debian:DebianCopyrightOutput" +yaml = "formattedcode.output_yaml:YamlOutput" +cyclonedx = "formattedcode.output_cyclonedx:CycloneDxJsonOutput" +cyclonedx-xml = "formattedcode.output_cyclonedx:CycloneDxXmlOutput" + + +[tool.pytest.ini_options] +norecursedirs = [ + ".git", + "bin", + "dist", + "build", + "_build", + "dist", + "etc", + "local", + "ci", + "docs", + "man", + "share", + "samples", + ".cache", + ".settings", + "Include", + "include", + "Lib", + "lib", + "lib64", + "Lib64", + "Scripts", + "thirdparty", + "tmp", + "venv", + "tests/data", + ".eggs", + "src/*/data", + "tests/*/data", + "src/licensedcode/_vendor" +] + +python_files = "*.py" + +python_classes = "Test" +python_functions = "test" + +addopts = [ + "-rfExXw", + "--strict-markers", + "--doctest-modules" +] diff --git a/pyproject-scancode-toolkit.toml b/pyproject-scancode-toolkit.toml new file mode 100644 index 00000000000..a39bb5c54f7 --- /dev/null +++ b/pyproject-scancode-toolkit.toml @@ -0,0 +1,368 @@ +[build-system] +requires = [ "flot>=0.7.0" ] +build-backend = "flot.buildapi" + +[project] +name = "scancode-toolkit" +version = "32.5.0" +description = "ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts." +readme = "README.rst" +license = { text = "Apache-2.0 AND CC-BY-4.0 AND LicenseRef-scancode-other-permissive AND LicenseRef-scancode-other-copyleft" } +requires-python = ">=3.10" +authors = [ + { name = "nexB. Inc. and others", email = "info@aboutcode.org" }, +] +keywords = [ + "open source", + "scan", + "license", + "package", + "dependency", + "copyright", + "filetype", + "author", + "extract", + "licensing", + "scan", + "sca", + "SBOM", + "spdx", + "cyclonedx", + "package-url", + "purl", +] + +classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3.14", + "Topic :: Software Development", + "Topic :: Utilities", +] + +dependencies = [ + "licensedcode-index", + "attrs >= 18.1,!=20.1.0;python_version<'3.11'", + "attrs >= 22.1.0;python_version>='3.11'", + "Beautifulsoup4[chardet] >= 4.13.0", + "boolean.py >= 4.0", + "chardet >= 3.0.0", + "click >= 6.7, !=7.0, !=8.1.8;python_version<'3.10'", + "click >= 8.2.0;python_version>='3.10'", + "colorama >= 0.3.9", + "commoncode >= 32.4.2", + "cyseq >= 0.1.2", + "container-inspector >= 31.0.0", + "debian-inspector >= 31.1.0", + "dparse2 >= 0.7.0", + "fasteners", + "fingerprints >= 0.6.0, <=1.2.3", + "ftfy >= 6.0.0", + "gemfileparser2 >= 0.9.0", + "html5lib", + "importlib_metadata", + "intbitset >= 4.1.0", + "jaraco.functools", + "javaproperties >= 0.5", + "jinja2 >= 2.7.0", + "jsonstreams >= 0.5.0", + "license_expression >= 30.4.4", + "lxml >= 5.4.0", + "MarkupSafe >= 2.1.2", + "multiregex >= 2.0.3", + "normality <= 2.6.1", + "packageurl_python >= 0.9.0", + "packvers >= 21.0.0", + # use temp advanced patched release + "parameter-expansion-patched >= 0.3.1", + "pdfminer.six >= 20251227", + "pefile >= 2020.1.1", + "pip-requirements-parser >= 32.0.1", + "pkginfo2 >= 30.0.0", + "pluggy >= 1.0.0", + "plugincode >= 32.0.0", + "publicsuffix2", + "pyahocorasick >= 2.3.0", + "pygmars >= 1.0.0", + "pygments >= 1.0.0", + "pymaven_patch >= 0.2.8", + "requests >= 2.7.0", + "saneyaml >= 0.6.0", + "spdx_tools == 0.8.2", + "text_unidecode >= 1.0", + "tomli >= 2", + "urlpy", + "xmltodict >= 0.11.0", + "zipp >= 3.0.0; python_version < \"3.9\"", + "typecode >= 30.0.1", + "typecode[full] >= 30.1.0", + "extractcode[full] >= 31.0.0", +] + +[project.urls] +Homepage = "https://github.com/nexB/scancode-toolkit" + + +[project.optional-dependencies] +licenses = [ + "licensecode-data", +] + +# no impact but added for symmetry with the other pyproject.toml +full = [ + "extractcode[full] >= 31.0.0", + "typecode[full] >= 30.1.0", +] + +# linux-only package handling +packages = [ + "rpm_inspector_rpm >= 4.16.1.3; platform_system == 'Linux'", + "regipy >= 3.1.0; platform_system == 'Linux'", + "packagedcode_msitools >= 0.101.210706; platform_system == 'Linux'", + "go-inspector >= 0.5.0; platform_system == 'Linux'", + "rust-inspector >= 0.2.1; platform_system == 'Linux'", +] + +dev = [ + "flot", + "pytest >= 6, != 7.0.0", + "pytest-xdist >= 2", + "aboutcode-toolkit >= 7.0.2", + "pycodestyle >= 2.8.0", + "twine", + "black", + "isort", + "vendorize >= 0.3.0", + "pytest-rerunfailures", + "ruff", + "bump-my-version", + "Sphinx >= 5.0.2", + "sphinx_rtd_theme >= 0.5.1", + "sphinx-reredirects >= 0.1.2", + "doc8 >= 0.8.1", + "sphinx-autobuild", + "sphinx-rtd-dark-mode>=1.3.0", + "sphinx-copybutton", +] + + +[tool.bumpversion] +current_version = "32.5.0" +allow_dirty = true + +files = [ + { filename = "src/scancode_config.py" }, + { filename = "pyproject.toml" }, + { filename = "pyproject-scancode-toolkit-mini.toml" }, + { filename = "pyproject-packagedcode.toml" }, +] + + +[tool.flot] +wheel_path_prefixes_to_strip = [ "src" ] + +includes = [ + "src/**/*", +] + +excludes = [ + # these are now provided by separate, smaller packages + "src/licensedcode/data/**/*", + + # scancode_toolkit.egg-info is only for editable local config + "src/scancode_toolkit.egg-info/**/*", + + "docs/build/**/*", + + # Python compiled files + "**/*.py[cod]", + "**/*.egg-info", + # Various junk and temp files + "**/.DS_Store", + "**/*~", + "**/.*.sw[po]", + "**/.ve", + "**/*.bak", + "**/.ipynb_checkpoints", +] + +metadata_files = [ + "*.LICENSE", + "NOTICE", + "AUTHORS.rst", + "CHANGELOG.rst", + "CODE_OF_CONDUCT.rst", +] + +editable_paths = [ "src", "tests" ] + +sdist_extra_includes = [ + "etc/**/*", + # "docs/**/*", + ".github/**/*", + # "samples/**/*", + #"tests/**/*", + ".gitattributes", + ".gitignore", + "*.LICENSE", + "NOTICE", + "*.ABOUT", + "*.toml", + "*.yml", + "*.rst", + "*.py", + + "requirements*", + + "configure*", + "extractcode*", + "scancode*", + + ".dockerignore", + "Dockerfile*", + # path to executable used by a built app + "PYTHON_EXECUTABLE*", + ".VERSION", +] + + +[tool.isort] +force_single_line = "True" +line_length = 88 +sections = "FUTURE,STDLIB,THIRDPARTY,FIRSTPARTY,LOCALFOLDER" +skip = "doc,venv,tmp,thirdparty,build,dist" + + +[project.scripts] +scancode = "scancode.cli:scancode" +scancode-reindex-licenses = "licensedcode.reindex:reindex_licenses" +scancode-license-data = "licensedcode.license_db:dump_scancode_license_data" +regen-package-docs = "packagedcode.regen_package_docs:regen_package_docs" +scancode-reindex-package-patterns = "packagedcode.cache:cache_package_patterns" +add-required-phrases = "licensedcode.required_phrases:add_required_phrases" +gen-new-required-phrases-rules = "licensedcode.required_phrases:gen_required_phrases_rules" +scancode-train-gibberish-model = "textcode.train_gibberish_model:train_gibberish_model" + + +# These are configurations for ScanCode plugins as entry points. +# Each plugin entry hast this form: +# plugin-name = f"ully.qualified.module:PluginClass" +# where plugin-name must be a unique arbitrary name for this entrypoint. + +# scancode_pre_scan is the entry point for pre_scan plugins executed before the +# scans. See also plugincode.pre_scan module for details and doc. +[project.entry-points.scancode_pre_scan] +ignore = "scancode.plugin_ignore:ProcessIgnore" +facet = "summarycode.facet:AddFacet" + + +# scancode_scan is the entry point for scan plugins that run a scan after the +# pre_scan plugins and before the post_scan plugins. See also plugincode.scan +# module for details and doc. +[project.entry-points.scancode_scan] +info = "scancode.plugin_info:InfoScanner" +licenses = "licensedcode.plugin_license:LicenseScanner" +copyrights = "cluecode.plugin_copyright:CopyrightScanner" +packages = "packagedcode.plugin_package:PackageScanner" +emails = "cluecode.plugin_email:EmailScanner" +urls = "cluecode.plugin_url:UrlScanner" +generated = "summarycode.generated:GeneratedCodeDetector" + + +# scancode_post_scan is the entry point for post_scan plugins executed after the +# scan plugins and before the output plugins. See also plugincode.post_scan +# module for details and doc. +[project.entry-points.scancode_post_scan] +summary = "summarycode.summarizer:ScanSummary" +tallies = "summarycode.tallies:Tallies" +tallies-with-details = "summarycode.tallies:TalliesWithDetails" +tallies-key-files = "summarycode.tallies:KeyFilesTallies" +tallies-by-facet = "summarycode.tallies:FacetTallies" +license-clarity-score = "summarycode.score:LicenseClarityScore" +license-policy = "licensedcode.plugin_license_policy:LicensePolicy" +mark-source = "scancode.plugin_mark_source:MarkSource" +filter-clues = "cluecode.plugin_filter_clues:RedundantCluesFilter" +consolidate = "summarycode.plugin_consolidate:Consolidator" +license-references = "licensedcode.licenses_reference:LicenseReference" +todo = "summarycode.todo:AmbiguousDetectionsToDoPlugin" +classify = "summarycode.classify_plugin:FileClassifier" + + +# scancode_output_filter is the entry point for filter plugins executed after +# the post-scan plugins and used by the output plugins to exclude/filter certain +# files or directories from the codebase. See also plugincode.post_scan module +# for details and doc. +[project.entry-points.scancode_output_filter] +only-findings = "scancode.plugin_only_findings:OnlyFindings" +ignore-copyrights = "cluecode.plugin_ignore_copyrights:IgnoreCopyrights" + + +# scancode_output is the entry point for output plugins that write a scan output +# in a given format at the end of a scan. See also plugincode._output module for +# details and doc. +[project.entry-points.scancode_output] +html = "formattedcode.output_html:HtmlOutput" +html-app = "formattedcode.output_html:HtmlAppOutput" +json = "formattedcode.output_json:JsonCompactOutput" +json-pp = "formattedcode.output_json:JsonPrettyOutput" +spdx-tv = "formattedcode.output_spdx:SpdxTvOutput" +spdx-rdf = "formattedcode.output_spdx:SpdxRdfOutput" +csv = "formattedcode.output_csv:CsvOutput" +jsonlines = "formattedcode.output_jsonlines:JsonLinesOutput" +template = "formattedcode.output_html:CustomTemplateOutput" +debian = "formattedcode.output_debian:DebianCopyrightOutput" +yaml = "formattedcode.output_yaml:YamlOutput" +cyclonedx = "formattedcode.output_cyclonedx:CycloneDxJsonOutput" +cyclonedx-xml = "formattedcode.output_cyclonedx:CycloneDxXmlOutput" + + +[tool.pytest.ini_options] +norecursedirs = [ + ".git", + "bin", + "dist", + "build", + "_build", + "dist", + "etc", + "local", + "ci", + "docs", + "man", + "share", + "samples", + ".cache", + ".settings", + "Include", + "include", + "Lib", + "lib", + "lib64", + "Lib64", + "Scripts", + "thirdparty", + "tmp", + "venv", + "tests/data", + ".eggs", + "src/*/data", + "tests/*/data", + "src/licensedcode/_vendor" +] + +python_files = "*.py" + +python_classes = "Test" +python_functions = "test" + +addopts = [ + "-rfExXw", + "--strict-markers", + "--doctest-modules" +] diff --git a/pyproject.toml b/pyproject.toml index e2656e8f647..d46f3a5b0a1 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,11 +1,331 @@ +# note: this is the default pyproject.toml that is used only in development +# we use flot the other pyproject*.toml files to build release wheels and archives + [build-system] -requires = ["setuptools", "wheel"] -build-backend = "setuptools.build_meta" +requires = [ "flot>=0.7.0" ] +build-backend = "flot.buildapi" + +[project] +name = "scancode-toolkit-devel" +version = "32.5.0" +description = "ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts." +readme = "README.rst" +license = { text = "Apache-2.0 AND CC-BY-4.0 AND LicenseRef-scancode-other-permissive AND LicenseRef-scancode-other-copyleft" } +requires-python = ">=3.10" +authors = [ + { name = "nexB. Inc. and others", email = "info@aboutcode.org" }, +] +keywords = [ + "open source", + "scan", + "license", + "package", + "dependency", + "copyright", + "filetype", + "author", + "extract", + "licensing", + "sca", + "SBOM", + "spdx", + "cyclonedx", + "package-url", + "purl", +] + +classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3.14", + "Topic :: Software Development", + "Topic :: Utilities", +] + +dependencies = [ + "attrs >= 18.1,!=20.1.0;python_version<'3.11'", + "attrs >= 22.1.0;python_version>='3.11'", + "Beautifulsoup4[chardet] >= 4.13.0", + "boolean.py >= 4.0", + "chardet >= 3.0.0", + "click >= 6.7, !=7.0, !=8.1.8;python_version<'3.10'", + "click >= 8.2.0;python_version>='3.10'", + "colorama >= 0.3.9", + "commoncode >= 32.4.2", + "cyseq >= 0.1.2", + "container-inspector >= 31.0.0", + "debian-inspector >= 31.1.0", + "dparse2 >= 0.7.0", + "fasteners", + "fingerprints >= 0.6.0, <=1.2.3", + "ftfy >= 6.0.0", + "gemfileparser2 >= 0.9.0", + "html5lib", + "importlib_metadata", + "intbitset >= 4.1.0", + "jaraco.functools", + "javaproperties >= 0.5", + "jinja2 >= 2.7.0", + "jsonstreams >= 0.5.0", + "license_expression >= 30.4.4", + "lxml >= 5.4.0", + "MarkupSafe >= 2.1.2", + "multiregex >= 2.0.3", + "normality <= 2.6.1", + "packageurl_python >= 0.9.0", + "packvers >= 21.0.0", + # use temp advanced patched release + "parameter-expansion-patched >= 0.3.1", + "pdfminer.six >= 20251227", + "pefile >= 2020.1.1", + "pip-requirements-parser >= 32.0.1", + "pkginfo2 >= 30.0.0", + "pluggy >= 1.0.0", + "plugincode >= 32.0.0", + "publicsuffix2", + "pyahocorasick >= 2.3.0", + "pygmars >= 1.0.0", + "pygments >= 1.0.0", + "pymaven_patch >= 0.2.8", + "requests >= 2.7.0", + "saneyaml >= 0.6.0", + "spdx_tools == 0.8.2", + "text_unidecode >= 1.0", + "tomli >= 2", + "urlpy", + "xmltodict >= 0.11.0", + "zipp >= 3.0.0; python_version < \"3.9\"", + "typecode >= 30.0.1", + "typecode[full] >= 30.1.0", + "extractcode[full] >= 31.0.0", +] + + +[project.urls] +Homepage = "https://github.com/nexB/scancode-toolkit" + + +[project.optional-dependencies] +# no impact but added for symmetry with the other pyproject.toml +licenses = [ + "licensecode-data", + "licensedcode-index", +] + +# no impact but added for symmetry with the other pyproject.toml +full = [ + "extractcode[full] >= 31.0.0", + "typecode[full] >= 30.1.0", +] + +# linux-only package handling +packages = [ + "rpm_inspector_rpm >= 4.16.1.3; platform_system == 'Linux'", + "regipy >= 3.1.0; platform_system == 'Linux'", + "packagedcode_msitools >= 0.101.210706; platform_system == 'Linux'", + "go-inspector >= 0.5.0; platform_system == 'Linux'", + "rust-inspector >= 0.2.1; platform_system == 'Linux'", +] + +dev = [ + "flot >= 0.7.0", + "pytest >= 6, != 7.0.0", + "pytest-xdist >= 2", + "aboutcode-toolkit >= 7.0.2", + "pycodestyle >= 2.8.0", + "twine", + "black", + "isort", + "vendorize >= 0.3.0", + "pytest-rerunfailures", + "ruff", + "bump-my-version", + "Sphinx >= 5.0.2", + "sphinx_rtd_theme >= 0.5.1", + "sphinx-reredirects >= 0.1.2", + "doc8 >= 0.8.1", + "sphinx-autobuild", + "sphinx-rtd-dark-mode>=1.3.0", + "sphinx-copybutton", +] + + +[tool.bumpversion] +current_version = "32.5.0" +allow_dirty = true + +files = [ + { filename = "src/scancode_config.py" }, + { filename = "pyproject.toml" }, + { filename = "pyproject-scancode-toolkit-mini.toml" }, + { filename = "pyproject-packagedcode.toml" }, + +] + + +[tool.flot] +wheel_path_prefixes_to_strip = [ "src" ] + +includes = [ + "src/**/*", +] + +excludes = [ + # these are now provided by separate, smaller packages + "src/licensedcode/data/**/*", + + # scancode_toolkit.egg-info is only for editable local config + "src/scancode_toolkit.egg-info/**/*", + + "docs/build/**/*", + + # Python compiled files + "**/*.py[cod]", + "**/*.egg-info", + # Various junk and temp files + "**/.DS_Store", + "**/*~", + "**/.*.sw[po]", + "**/.ve", + "**/*.bak", + "**/.ipynb_checkpoints", +] + +metadata_files = [ + "*.LICENSE", + "NOTICE", + "AUTHORS.rst", + "CHANGELOG.rst", + "CODE_OF_CONDUCT.rst", +] + +editable_paths = [ "src", "tests" ] + +sdist_extra_includes = [ + "etc/**/*", + # "docs/**/*", + ".github/**/*", + # "samples/**/*", + #"tests/**/*", + ".gitattributes", + ".gitignore", + "*.LICENSE", + "NOTICE", + "*.ABOUT", + "*.toml", + "*.yml", + "*.rst", + "*.py", + + "requirements*", + + "configure*", + "extractcode*", + "scancode*", + + ".dockerignore", + "Dockerfile*", + # path to executable used by a built app + "PYTHON_EXECUTABLE*", + ".VERSION", +] + + +[tool.isort] +force_single_line = "True" +line_length = 88 +sections = "FUTURE,STDLIB,THIRDPARTY,FIRSTPARTY,LOCALFOLDER" +skip = "doc,venv,tmp,thirdparty,build,dist" + + +[project.scripts] +scancode = "scancode.cli:scancode" +scancode-reindex-licenses = "licensedcode.reindex:reindex_licenses" +scancode-license-data = "licensedcode.license_db:dump_scancode_license_data" +regen-package-docs = "packagedcode.regen_package_docs:regen_package_docs" +scancode-reindex-package-patterns = "packagedcode.cache:cache_package_patterns" +add-required-phrases = "licensedcode.required_phrases:add_required_phrases" +gen-new-required-phrases-rules = "licensedcode.required_phrases:gen_required_phrases_rules" +scancode-train-gibberish-model = "textcode.train_gibberish_model:train_gibberish_model" + + +# These are configurations for ScanCode plugins as entry points. +# Each plugin entry hast this form: +# plugin-name = f"ully.qualified.module:PluginClass" +# where plugin-name must be a unique arbitrary name for this entrypoint. + +# scancode_pre_scan is the entry point for pre_scan plugins executed before the +# scans. See also plugincode.pre_scan module for details and doc. +[project.entry-points.scancode_pre_scan] +ignore = "scancode.plugin_ignore:ProcessIgnore" +facet = "summarycode.facet:AddFacet" + + +# scancode_scan is the entry point for scan plugins that run a scan after the +# pre_scan plugins and before the post_scan plugins. See also plugincode.scan +# module for details and doc. +[project.entry-points.scancode_scan] +info = "scancode.plugin_info:InfoScanner" +licenses = "licensedcode.plugin_license:LicenseScanner" +copyrights = "cluecode.plugin_copyright:CopyrightScanner" +packages = "packagedcode.plugin_package:PackageScanner" +emails = "cluecode.plugin_email:EmailScanner" +urls = "cluecode.plugin_url:UrlScanner" +generated = "summarycode.generated:GeneratedCodeDetector" + + +# scancode_post_scan is the entry point for post_scan plugins executed after the +# scan plugins and before the output plugins. See also plugincode.post_scan +# module for details and doc. +[project.entry-points.scancode_post_scan] +summary = "summarycode.summarizer:ScanSummary" +tallies = "summarycode.tallies:Tallies" +tallies-with-details = "summarycode.tallies:TalliesWithDetails" +tallies-key-files = "summarycode.tallies:KeyFilesTallies" +tallies-by-facet = "summarycode.tallies:FacetTallies" +license-clarity-score = "summarycode.score:LicenseClarityScore" +license-policy = "licensedcode.plugin_license_policy:LicensePolicy" +mark-source = "scancode.plugin_mark_source:MarkSource" +filter-clues = "cluecode.plugin_filter_clues:RedundantCluesFilter" +consolidate = "summarycode.plugin_consolidate:Consolidator" +license-references = "licensedcode.licenses_reference:LicenseReference" +todo = "summarycode.todo:AmbiguousDetectionsToDoPlugin" +classify = "summarycode.classify_plugin:FileClassifier" + + +# scancode_output_filter is the entry point for filter plugins executed after +# the post-scan plugins and used by the output plugins to exclude/filter certain +# files or directories from the codebase. See also plugincode.post_scan module +# for details and doc. +[project.entry-points.scancode_output_filter] +only-findings = "scancode.plugin_only_findings:OnlyFindings" +ignore-copyrights = "cluecode.plugin_ignore_copyrights:IgnoreCopyrights" + + +# scancode_output is the entry point for output plugins that write a scan output +# in a given format at the end of a scan. See also plugincode._output module for +# details and doc. +[project.entry-points.scancode_output] +html = "formattedcode.output_html:HtmlOutput" +html-app = "formattedcode.output_html:HtmlAppOutput" +json = "formattedcode.output_json:JsonCompactOutput" +json-pp = "formattedcode.output_json:JsonPrettyOutput" +spdx-tv = "formattedcode.output_spdx:SpdxTvOutput" +spdx-rdf = "formattedcode.output_spdx:SpdxRdfOutput" +csv = "formattedcode.output_csv:CsvOutput" +jsonlines = "formattedcode.output_jsonlines:JsonLinesOutput" +template = "formattedcode.output_html:CustomTemplateOutput" +debian = "formattedcode.output_debian:DebianCopyrightOutput" +yaml = "formattedcode.output_yaml:YamlOutput" +cyclonedx = "formattedcode.output_cyclonedx:CycloneDxJsonOutput" +cyclonedx-xml = "formattedcode.output_cyclonedx:CycloneDxXmlOutput" -[tool.setuptools_scm] -# this is used populated when creating a git archive -# and when there is .git dir and/or there is no git installed -fallback_version = "9999.$Format:%h-%cs$" [tool.pytest.ini_options] norecursedirs = [ @@ -14,6 +334,7 @@ norecursedirs = [ "dist", "build", "_build", + "dist", "etc", "local", "ci", diff --git a/requirements-dev.txt b/requirements-dev.txt index 5b2d8a40254..ede859f4ae9 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -9,6 +9,7 @@ docutils==0.19 doc8==2.0.0 et-xmlfile==1.1.0 execnet==1.9.0 +flot==0.7.3 iniconfig==1.1.1 isort==5.10.1 jeepney==0.8.0 diff --git a/requirements-linux.txt b/requirements-linux.txt index 9269a7bd04b..006c9f6b8a0 100644 --- a/requirements-linux.txt +++ b/requirements-linux.txt @@ -1,4 +1,4 @@ packagedcode-msitools==0.101.210706 -regipy==3.1.0 +regipy==6.2.0 rpm-inspector-rpm==4.16.1.3.210404 go-inspector==0.5.0 diff --git a/setup-mini.cfg b/setup-mini.cfg deleted file mode 100644 index 9bfcc14439a..00000000000 --- a/setup-mini.cfg +++ /dev/null @@ -1,237 +0,0 @@ -[metadata] -name = scancode-toolkit-mini -version = 32.5.0 -license = Apache-2.0 AND CC-BY-4.0 AND LicenseRef-scancode-other-permissive AND LicenseRef-scancode-other-copyleft - -# description must be on ONE line https://github.com/pypa/setuptools/issues/1390 -description = ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts. scancode-toolkit-mini is a special build that does not come with pre-built binary dependencies by default. These are instead installed separately or with the extra_requires scancode-toolkit-mini[full] -long_description = file:README.rst -long_description_content_type = text/x-rst -url = https://github.com/aboutcode-org/scancode-toolkit - -author = nexB. Inc. and others -author_email = info@aboutcode.org - -classifiers = - Development Status :: 5 - Production/Stable - Intended Audience :: Developers - Programming Language :: Python :: 3 - Programming Language :: Python :: 3 :: Only - Programming Language :: Python :: 3.10 - Programming Language :: Python :: 3.11 - Programming Language :: Python :: 3.12 - Programming Language :: Python :: 3.13 - Programming Language :: Python :: 3.14 - Topic :: Software Development - Topic :: Utilities - -keywords = - open source - scan - license - package - dependency - copyright - filetype - author - extract - licensing - scan - sca - SBOM - spdx - cyclonedx - -license_files = - apache-2.0.LICENSE - NOTICE - AUTHORS.rst - CHANGELOG.rst - CODE_OF_CONDUCT.rst - cc-by-4.0.LICENSE - README.rst - -[options] -python_requires = >=3.10 -package_dir = - =src -packages = find: -include_package_data = true -zip_safe = false - -py_modules = - scancode_config - - -install_requires = - attrs >= 18.1,!=20.1.0;python_version<'3.11' - attrs >= 22.1.0;python_version>='3.11' - Beautifulsoup4[chardet] >= 4.13.0 - boolean.py >= 4.0 - chardet >= 3.0.0 - click >= 6.7, !=7.0, !=8.1.8;python_version<'3.10' - click >= 8.2.0;python_version>='3.10' - colorama >= 0.3.9 - commoncode >= 32.4.2 - container-inspector >= 31.0.0 - debian-inspector >= 31.1.0 - dparse2 >= 0.7.0 - fasteners - fingerprints >= 0.6.0, <=1.2.3 - ftfy >= 6.0.0 - gemfileparser2 >= 0.9.0 - html5lib - importlib_metadata - intbitset >= 4.1.0 - jaraco.functools - javaproperties >= 0.5 - jinja2 >= 2.7.0 - jsonstreams >= 0.5.0 - license_expression >= 30.4.4 - lxml >= 5.4.0 - MarkupSafe >= 2.1.2 - multiregex >= 2.0.3 - normality <= 2.6.1 - packageurl_python >= 0.9.0 - packvers >= 21.0.0 - # use temp advanced patched release - parameter-expansion-patched >= 0.3.1 - pdfminer.six >= 20251227 - pefile >= 2020.1.1 - pkginfo2 >= 30.0.0 - pip-requirements-parser >= 32.0.1 - pluggy >= 1.0.0 - plugincode >= 32.0.0 - publicsuffix2 - pyahocorasick >= 2.3.0 - pygmars >= 1.0.0 - pygments - pymaven_patch >= 0.2.8 - requests >= 2.7.0 - saneyaml >= 0.6.0 - spdx_tools == 0.8.2 - text_unidecode >= 1.0 - tomli >= 2; python_version < "3.11" - urlpy - xmltodict >= 0.11.0 - typecode >= 30.1.0 -# typecode[full] >= 30.0.1 -# extractcode[full] >= 31.0.0 - - -[options.packages.find] -where = src - - -[options.extras_require] -full = - typecode[full] >= 30.1.0 - extractcode[full] >= 31.0.0 - -dev = - pytest >= 6, != 7.0.0 - pytest-xdist >= 2 - aboutcode-toolkit >= 7.0.2 - twine - black - isort - vendorize >= 0.3.0 - pytest-rerunfailures - ruff - Sphinx>=5.0.2 - sphinx-rtd-theme>=1.0.0 - sphinx-reredirects >= 0.1.2 - doc8 >= 0.8.1 - sphinx-autobuild - sphinx-rtd-dark-mode>=1.3.0 - sphinx-copybutton - -# linux-only package handling -packages = - rpm_inspector_rpm >= 4.16.1.3; platform_system == 'Linux' - regipy >= 3.1.0; platform_system == 'Linux' - packagedcode_msitools >= 0.101.210706; platform_system == 'Linux' - go-inspector >= 0.5.0; platform_system == 'Linux' - rust-inspector >= 0.2.1; platform_system == 'Linux' - -[options.entry_points] -console_scripts = - scancode = scancode.cli:scancode - scancode-reindex-licenses = licensedcode.reindex:reindex_licenses - scancode-reindex-package-patterns = packagedcode.cache:cache_package_patterns - scancode-license-data = licensedcode.license_db:dump_scancode_license_data - regen-package-docs = packagedcode.regen_package_docs:regen_package_docs - add-required-phrases = licensedcode.required_phrases:add_required_phrases - gen-new-required-phrases-rules = licensedcode.required_phrases:gen_required_phrases_rules - scancode-train-gibberish-model = textcode.train_gibberish_model:train_gibberish_model - -# These are configurations for ScanCode plugins as setuptools entry points. -# Each plugin entry hast this form: -# plugin-name = fully.qualified.module:PluginClass -# where plugin-name must be a unique arbitrary name for this entrypoint. - -# scancode_pre_scan is the entry point for pre_scan plugins executed before the -# scans. See also plugincode.pre_scan module for details and doc. -scancode_pre_scan = - ignore = scancode.plugin_ignore:ProcessIgnore - facet = summarycode.facet:AddFacet - - -# scancode_scan is the entry point for scan plugins that run a scan after the -# pre_scan plugins and before the post_scan plugins. See also plugincode.scan -# module for details and doc. -scancode_scan = - info = scancode.plugin_info:InfoScanner - licenses = licensedcode.plugin_license:LicenseScanner - copyrights = cluecode.plugin_copyright:CopyrightScanner - packages = packagedcode.plugin_package:PackageScanner - emails = cluecode.plugin_email:EmailScanner - urls = cluecode.plugin_url:UrlScanner - generated = summarycode.generated:GeneratedCodeDetector - - -# scancode_post_scan is the entry point for post_scan plugins executed after the -# scan plugins and before the output plugins. See also plugincode.post_scan -# module for details and doc. -scancode_post_scan = - summary = summarycode.summarizer:ScanSummary - tallies = summarycode.tallies:Tallies - tallies-with-details = summarycode.tallies:TalliesWithDetails - tallies-key-files = summarycode.tallies:KeyFilesTallies - tallies-by-facet = summarycode.tallies:FacetTallies - license-clarity-score = summarycode.score:LicenseClarityScore - license-policy = licensedcode.plugin_license_policy:LicensePolicy - mark-source = scancode.plugin_mark_source:MarkSource - filter-clues = cluecode.plugin_filter_clues:RedundantCluesFilter - consolidate = summarycode.plugin_consolidate:Consolidator - license-references = licensedcode.licenses_reference:LicenseReference - todo = summarycode.todo:AmbiguousDetectionsToDoPlugin - classify = summarycode.classify_plugin:FileClassifier - - -# scancode_output_filter is the entry point for filter plugins executed after -# the post-scan plugins and used by the output plugins to exclude/filter certain -# files or directories from the codebase. See also plugincode.post_scan module -# for details and doc. -scancode_output_filter = - only-findings = scancode.plugin_only_findings:OnlyFindings - ignore-copyrights = cluecode.plugin_ignore_copyrights:IgnoreCopyrights - - -# scancode_output is the entry point for output plugins that write a scan output -# in a given format at the end of a scan. See also plugincode._output module for -# details and doc. -scancode_output = - html = formattedcode.output_html:HtmlOutput - html-app = formattedcode.output_html:HtmlAppOutput - json = formattedcode.output_json:JsonCompactOutput - json-pp = formattedcode.output_json:JsonPrettyOutput - spdx-tv = formattedcode.output_spdx:SpdxTvOutput - spdx-rdf = formattedcode.output_spdx:SpdxRdfOutput - csv = formattedcode.output_csv:CsvOutput - jsonlines = formattedcode.output_jsonlines:JsonLinesOutput - template = formattedcode.output_html:CustomTemplateOutput - debian = formattedcode.output_debian:DebianCopyrightOutput - yaml = formattedcode.output_yaml:YamlOutput - cyclonedx = formattedcode.output_cyclonedx:CycloneDxJsonOutput - cyclonedx-xml = formattedcode.output_cyclonedx:CycloneDxXmlOutput diff --git a/setup.cfg b/setup.cfg deleted file mode 100644 index 7c45f388fd5..00000000000 --- a/setup.cfg +++ /dev/null @@ -1,239 +0,0 @@ -[metadata] -name = scancode-toolkit -version = 32.5.0 -license = Apache-2.0 AND CC-BY-4.0 AND LicenseRef-scancode-other-permissive AND LicenseRef-scancode-other-copyleft - -# description must be on ONE line https://github.com/pypa/setuptools/issues/1390 -description = ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts. -long_description = file:README.rst -long_description_content_type = text/x-rst -url = https://github.com/aboutcode-org/scancode-toolkit - -author = nexB. Inc. and others -author_email = info@aboutcode.org - -classifiers = - Development Status :: 5 - Production/Stable - Intended Audience :: Developers - Programming Language :: Python :: 3 - Programming Language :: Python :: 3 :: Only - Programming Language :: Python :: 3.10 - Programming Language :: Python :: 3.11 - Programming Language :: Python :: 3.12 - Programming Language :: Python :: 3.13 - Programming Language :: Python :: 3.14 - Topic :: Software Development - Topic :: Utilities - -keywords = - open source - scan - license - package - dependency - copyright - filetype - author - extract - licensing - scan - sca - SBOM - spdx - cyclonedx - -license_files = - apache-2.0.LICENSE - NOTICE - AUTHORS.rst - CHANGELOG.rst - CODE_OF_CONDUCT.rst - cc-by-4.0.LICENSE - README.rst - -[options] -python_requires = >=3.10 - -package_dir = - =src -packages = find: -include_package_data = true -zip_safe = false - -py_modules = - scancode_config - - -install_requires = - attrs >= 18.1,!=20.1.0;python_version<'3.11' - attrs >= 22.1.0;python_version>='3.11' - Beautifulsoup4[chardet] >= 4.13.0 - boolean.py >= 4.0 - chardet >= 3.0.0 - click >= 6.7, !=7.0, !=8.1.8;python_version<'3.10' - click >= 8.2.0;python_version>='3.10' - colorama >= 0.3.9 - commoncode >= 32.4.2 - container-inspector >= 31.0.0 - cyseq >= 0.1.2 - debian-inspector >= 31.1.0 - dparse2 >= 0.7.0 - fasteners - fingerprints >= 0.6.0, <=1.2.3 - ftfy >= 6.0.0 - gemfileparser2 >= 0.9.0 - html5lib - importlib_metadata - intbitset >= 4.1.0 - jaraco.functools - javaproperties >= 0.5 - jinja2 >= 2.7.0 - jsonstreams >= 0.5.0 - license_expression >= 30.4.4 - lxml >= 5.4.0 - MarkupSafe >= 2.1.2 - multiregex >= 2.0.3 - normality <= 2.6.1 - packageurl_python >= 0.9.0 - packvers >= 21.0.0 - # use temp advanced patched release - parameter-expansion-patched >= 0.3.1 - pdfminer.six >= 20251227 - pefile >= 2020.1.1 - pkginfo2 >= 30.0.0 - pip-requirements-parser >= 32.0.1 - pluggy >= 1.0.0 - plugincode >= 32.0.0 - publicsuffix2 - pyahocorasick >= 2.3.0 - pygmars >= 1.0.0 - pygments - pymaven_patch >= 0.2.8 - requests >= 2.7.0 - saneyaml >= 0.6.0 - spdx_tools == 0.8.2 - text_unidecode >= 1.0 - tomli >= 2; python_version < "3.11" - urlpy - xmltodict >= 0.11.0 - typecode >= 30.1.0 - typecode[full] >= 30.1.0 - extractcode[full] >= 31.0.0 - - -[options.packages.find] -where = src - - -[options.extras_require] -full = - typecode[full] >= 30.1.0 - extractcode[full] >= 31.0.0 - -dev = - pytest >= 6, != 7.0.0 - pytest-xdist >= 2 - aboutcode-toolkit >= 7.0.2 - twine - black - isort - vendorize >= 0.3.0 - pytest-rerunfailures - ruff - Sphinx>=5.0.2 - sphinx-rtd-theme>=1.0.0 - sphinx-reredirects >= 0.1.2 - doc8 >= 0.8.1 - sphinx-autobuild - sphinx-rtd-dark-mode>=1.3.0 - sphinx-copybutton - -# linux-only package handling -packages = - rpm_inspector_rpm >= 4.16.1.3; platform_system == 'Linux' - regipy >= 3.1.0; platform_system == 'Linux' - packagedcode_msitools >= 0.101.210706; platform_system == 'Linux' - go-inspector >= 0.5.0; platform_system == 'Linux' - rust-inspector >= 0.2.1; platform_system == 'Linux' - -[options.entry_points] -console_scripts = - scancode = scancode.cli:scancode - scancode-reindex-licenses = licensedcode.reindex:reindex_licenses - scancode-reindex-package-patterns = packagedcode.cache:cache_package_patterns - scancode-license-data = licensedcode.license_db:dump_scancode_license_data - regen-package-docs = packagedcode.regen_package_docs:regen_package_docs - add-required-phrases = licensedcode.required_phrases:add_required_phrases - gen-new-required-phrases-rules = licensedcode.required_phrases:gen_required_phrases_rules - scancode-train-gibberish-model = textcode.train_gibberish_model:train_gibberish_model - -# These are configurations for ScanCode plugins as setuptools entry points. -# Each plugin entry hast this form: -# plugin-name = fully.qualified.module:PluginClass -# where plugin-name must be a unique arbitrary name for this entrypoint. - -# scancode_pre_scan is the entry point for pre_scan plugins executed before the -# scans. See also plugincode.pre_scan module for details and doc. -scancode_pre_scan = - ignore = scancode.plugin_ignore:ProcessIgnore - facet = summarycode.facet:AddFacet - - -# scancode_scan is the entry point for scan plugins that run a scan after the -# pre_scan plugins and before the post_scan plugins. See also plugincode.scan -# module for details and doc. -scancode_scan = - info = scancode.plugin_info:InfoScanner - licenses = licensedcode.plugin_license:LicenseScanner - copyrights = cluecode.plugin_copyright:CopyrightScanner - packages = packagedcode.plugin_package:PackageScanner - emails = cluecode.plugin_email:EmailScanner - urls = cluecode.plugin_url:UrlScanner - generated = summarycode.generated:GeneratedCodeDetector - - -# scancode_post_scan is the entry point for post_scan plugins executed after the -# scan plugins and before the output plugins. See also plugincode.post_scan -# module for details and doc. -scancode_post_scan = - summary = summarycode.summarizer:ScanSummary - tallies = summarycode.tallies:Tallies - tallies-with-details = summarycode.tallies:TalliesWithDetails - tallies-key-files = summarycode.tallies:KeyFilesTallies - tallies-by-facet = summarycode.tallies:FacetTallies - license-clarity-score = summarycode.score:LicenseClarityScore - license-policy = licensedcode.plugin_license_policy:LicensePolicy - mark-source = scancode.plugin_mark_source:MarkSource - filter-clues = cluecode.plugin_filter_clues:RedundantCluesFilter - consolidate = summarycode.plugin_consolidate:Consolidator - license-references = licensedcode.licenses_reference:LicenseReference - todo = summarycode.todo:AmbiguousDetectionsToDoPlugin - classify = summarycode.classify_plugin:FileClassifier - - -# scancode_output_filter is the entry point for filter plugins executed after -# the post-scan plugins and used by the output plugins to exclude/filter certain -# files or directories from the codebase. See also plugincode.post_scan module -# for details and doc. -scancode_output_filter = - only-findings = scancode.plugin_only_findings:OnlyFindings - ignore-copyrights = cluecode.plugin_ignore_copyrights:IgnoreCopyrights - - -# scancode_output is the entry point for output plugins that write a scan output -# in a given format at the end of a scan. See also plugincode._output module for -# details and doc. -scancode_output = - html = formattedcode.output_html:HtmlOutput - html-app = formattedcode.output_html:HtmlAppOutput - json = formattedcode.output_json:JsonCompactOutput - json-pp = formattedcode.output_json:JsonPrettyOutput - spdx-tv = formattedcode.output_spdx:SpdxTvOutput - spdx-rdf = formattedcode.output_spdx:SpdxRdfOutput - csv = formattedcode.output_csv:CsvOutput - jsonlines = formattedcode.output_jsonlines:JsonLinesOutput - template = formattedcode.output_html:CustomTemplateOutput - debian = formattedcode.output_debian:DebianCopyrightOutput - yaml = formattedcode.output_yaml:YamlOutput - cyclonedx = formattedcode.output_cyclonedx:CycloneDxJsonOutput - cyclonedx-xml = formattedcode.output_cyclonedx:CycloneDxXmlOutput diff --git a/setup.py b/setup.py deleted file mode 100644 index bac24a43d99..00000000000 --- a/setup.py +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env python - -import setuptools - -if __name__ == "__main__": - setuptools.setup() diff --git a/src/licensedcode/data/README.rst b/src/licensedcode/data/README.rst new file mode 100644 index 00000000000..5e9296b49ba --- /dev/null +++ b/src/licensedcode/data/README.rst @@ -0,0 +1,13 @@ +ScanCode LicenseDB +================== + +LicenseDB is a free and open database of mostly all the software licenses, +in particular all the open source software licenses, with over 2000 curated +licenses texts and their metadata. + +LicenseDB is built from the ScanCode Toolkit license dataset and is an +essential reference license resource for license compliance and SBOMs. +LicenseDB includes all the SPDX and OSI licenses together with an extended +curated collection of other licenses and license metadata. +These licenses are carefully reviewed and curated and continusouly updated +by an open community of contributors. \ No newline at end of file