Skip to content

Extended packaged code metadata support #117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
pombredanne opened this issue Nov 19, 2015 · 3 comments
Closed

Extended packaged code metadata support #117

pombredanne opened this issue Nov 19, 2015 · 3 comments
Assignees
@pombredanne
Labels
new feature package scan
Milestone
v2.1

Comments

@pombredanne
Copy link
Member

This feature is about collecting and returning extended metadata available from package manifests such as license, name, version etc from RPMs, NPMs, Gems, Jars, etc.
@pombredanne pombredanne self-assigned this Nov 19, 2015
pombredanne added a commit that referenced this issue Nov 19, 2015
@pombredanne
#117 : minimal experimentla support for npm package details
34ecadd
@pombredanne
Copy link
Member Author

This is a very simple start with a new --package_details option, for now only available in the JSON output:

      "package_details": [
        {
          "type": "npm", 
          "packaging": null, 
          "primary_language": "JavaScript", 
          "metafile_location": "tst/node_modules/morgan/package.json", 
          "id": "morgan", 
          "name": "morgan", 
          "qualified_name": "npm morgan", 
          "version": "1.5.1", 
          "summary": "HTTP request logger middleware for node.js", 
          "asserted_licenses": [
            {
              "license": "MIT", 
              "text": null, 
              "notice": null, 
              "url": null
            }
          ], 
          "author": [], 
          "author_email": [], 
          "author_url": [], 
          "homepage_url": "https://github.com/expressjs/morgan", 
          "download_url": "http://registry.npmjs.org/morgan/-/morgan-1.5.1.tgz", 
          "vcs_tool": "git", 
          "vcs_repository": "https://github.com/expressjs/morgan"
        }

pombredanne added a commit that referenced this issue Nov 19, 2015
@pombredanne
#117 : removing debug print
7970fdf
@pombredanne pombredanne mentioned this issue Apr 10, 2016
Closed
@pombredanne
Copy link
Member Author

In #242 @rakeshbalusa wrote:

ake the example of the module pyrpm (URL - https://github.com/nexB/scancode-toolkit/tree/develop/src/packagedcode/pyrpm) in Packagedcode which can detect an RPM file in a given codebase. It is a good idea to have a recognize function in each and every subclass of the Package class which can detect the corresponding packages.
Hierarchy of the Package types must be strictly maintained. For example, Bower packages are a type of NPM packages and the corresponding BowerPackage must be a subclass of NpmPackage but not the Package class itself.
A working scenario :
Each and every file in a given codebase must be passed to the recognize functions of all the Package subclasses and if any recognize function returns true then the file must be processed depending on the subclass whose method returned true.

@pombredanne pombredanne modified the milestone: v2.0 Aug 5, 2016
@pombredanne pombredanne modified the milestones: v2.0, v2.1 Mar 24, 2017
@pombredanne
Copy link
Member Author

This is taken care for the supported packages. There are dedicated bugs where need such as #649. Closing this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pombredanne pombredanne

Labels
new feature package scan
Projects
None yet
Milestone
v2.1
Development

No branches or pull requests
1 participant
@pombredanne