From cba521ee01aeb7bd3309518b4f46ba71d74abac9 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Sat, 8 Jun 2024 22:46:17 +0200 Subject: [PATCH] refactor: const for purl type `pypi` (#754) Signed-off-by: Jan Kowalleck --- cyclonedx_py/_internal/__init__.py | 3 +++ cyclonedx_py/_internal/environment.py | 10 +++++++--- cyclonedx_py/_internal/pipenv.py | 13 +++++++------ cyclonedx_py/_internal/poetry.py | 13 +++++++------ cyclonedx_py/_internal/requirements.py | 6 ++++-- 5 files changed, 28 insertions(+), 17 deletions(-) diff --git a/cyclonedx_py/_internal/__init__.py b/cyclonedx_py/_internal/__init__.py index 2896d3c08..8f5c5397f 100644 --- a/cyclonedx_py/_internal/__init__.py +++ b/cyclonedx_py/_internal/__init__.py @@ -74,3 +74,6 @@ class PropertyName(Enum): # see https://github.com/CycloneDX/cyclonedx-property-taxonomy/blob/main/cdx/pipenv.md PipenvCategory = 'cdx:pipenv:category' # endregion pipenv + + +PurlTypePypi = 'pypi' diff --git a/cyclonedx_py/_internal/environment.py b/cyclonedx_py/_internal/environment.py index 71bfe83c8..a2c585380 100644 --- a/cyclonedx_py/_internal/environment.py +++ b/cyclonedx_py/_internal/environment.py @@ -31,7 +31,7 @@ from packageurl import PackageURL from packaging.requirements import Requirement -from . import BomBuilder, PropertyName +from . import BomBuilder, PropertyName, PurlTypePypi from .cli_common import add_argument_mc_type, add_argument_pyproject from .utils.cdx import licenses_fixup, make_bom from .utils.packaging import metadata2extrefs, metadata2licenses, normalize_packagename @@ -236,8 +236,12 @@ def __component_add_extref_and_purl(self, component: 'Component', del packagesource_extref if packagesource is None or not packagesource.url.startswith('file://'): # no purl for locals and unpublished packages - component.purl = PackageURL('pypi', name=component.name, version=component.version, - qualifiers=purl_qs, subpath=purl_subpath) + component.purl = PackageURL( + type=PurlTypePypi, + name=component.name, + version=component.version, + qualifiers=purl_qs, + subpath=purl_subpath) @staticmethod def __py_interpreter(value: str) -> str: diff --git a/cyclonedx_py/_internal/pipenv.py b/cyclonedx_py/_internal/pipenv.py index 7de1aa919..fa0360bc4 100644 --- a/cyclonedx_py/_internal/pipenv.py +++ b/cyclonedx_py/_internal/pipenv.py @@ -28,7 +28,7 @@ from cyclonedx.model.component import Component, ComponentType from packageurl import PackageURL -from . import BomBuilder, PropertyName +from . import BomBuilder, PropertyName, PurlTypePypi from .cli_common import add_argument_mc_type, add_argument_pyproject from .utils.args import arparse_split from .utils.cdx import make_bom @@ -172,11 +172,12 @@ def _make_bom(self, root_c: Optional['Component'], version=package_data['version'][2:] if 'version' in package_data else None, external_references=self.__make_extrefs(package_name, package_data, source_urls), ) - component.purl = PackageURL(type='pypi', - name=component.name, - version=component.version, - qualifiers=self.__purl_qualifiers4lock(package_data, source_urls) - ) if not self.__is_local(package_data) else None + component.purl = PackageURL( + type=PurlTypePypi, + name=component.name, + version=component.version, + qualifiers=self.__purl_qualifiers4lock(package_data, source_urls) + ) if not self.__is_local(package_data) else None self._logger.info('add component for package %r', package_name) self._logger.debug('add component: %r', component) bom.components.add(component) diff --git a/cyclonedx_py/_internal/poetry.py b/cyclonedx_py/_internal/poetry.py index de091637c..6506c8ca4 100644 --- a/cyclonedx_py/_internal/poetry.py +++ b/cyclonedx_py/_internal/poetry.py @@ -30,7 +30,7 @@ from cyclonedx.model.dependency import Dependency from packageurl import PackageURL -from . import BomBuilder, PropertyName +from . import BomBuilder, PropertyName, PurlTypePypi from .cli_common import add_argument_mc_type from .utils.cdx import make_bom from .utils.packaging import normalize_packagename @@ -417,11 +417,12 @@ def __make_component4lock(self, package: 'T_NameDict') -> 'Component': value=source['resolved_reference'] ) if is_vcs and 'resolved_reference' in source else None, ]), - purl=PackageURL(type='pypi', - name=package['name'], - version=package['version'], - qualifiers=self.__purl_qualifiers4lock(package) - ) if not is_local else None + purl=PackageURL( + type=PurlTypePypi, + name=package['name'], + version=package['version'], + qualifiers=self.__purl_qualifiers4lock(package) + ) if not is_local else None ) def __purl_qualifiers4lock(self, package: 'T_NameDict') -> 'T_NameDict': diff --git a/cyclonedx_py/_internal/requirements.py b/cyclonedx_py/_internal/requirements.py index 1181b13c2..8ef785d6b 100644 --- a/cyclonedx_py/_internal/requirements.py +++ b/cyclonedx_py/_internal/requirements.py @@ -29,7 +29,7 @@ from packageurl import PackageURL from pip_requirements_parser import RequirementsFile # type:ignore[import-untyped] -from . import BomBuilder, PropertyName +from . import BomBuilder, PropertyName, PurlTypePypi from .cli_common import add_argument_mc_type, add_argument_pyproject from .utils.cdx import make_bom from .utils.io import io2file @@ -218,7 +218,9 @@ def _make_component(self, req: 'InstallRequirement', name=name or 'unknown', version=version, purl=PackageURL( - type='pypi', name=req.name, version=version, + type=PurlTypePypi, + name=req.name, + version=version, qualifiers=purl_qualifiers ) if not is_local and name else None, external_references=external_references,