Add support for conan.io C/C++ packages

[pombredanne]

Description

Conan is a C/C++ package manager and we should be able to collect metadata from it. It happens also to be coded in Python
See https://github.com/conan-io

@marco-m-pix4d ping

[pombredanne]

https://conan.io/center/ is the "repo" for common packages which is generated from https://github.com/conan-io/conan-center-index using the data files such as there https://github.com/conan-io/conan-center-index/tree/master/recipes/easyexif/all

[marco-m-pix4d]

Summary of Conan features related to license:

• Each recipe (conanfile.py) has an optional license attribute.
• This attribute, if present, is then displayed by the conan info command.
• Since conan info can report all the direct and indirect dependencies, one can easily make a list of all the license attributes of a project consuming packages via conan.

On the other hand, this would not be a license scan: the license attribute is just a best-effort tag added by the creator of the conan recipe.

Thus, it looks like that another approach is needed. I will chime in when I have something that makes sense.

Note also that an organization might use its own Conan server, or multiple conan servers.

[pombredanne]

Thus, it looks like that another approach is needed. I will chime in when I have something that makes sense.

I guess you need metadata + scan of the actual package sources as you mentioned in our original chat.

[adarshmarvel22]

I want to work on this issue.Please assign me.

[marco-m-pix4d]

Thanks !

[pombredanne]

@marco-m-pix4d feedback is mucho welcomed!
Note that we parse the AST for the conanfile Python files.