Skip to content

Commit

Permalink
Use "unknown" as the Package URL default type for missing data #1249
Browse files Browse the repository at this point in the history
Signed-off-by: tdruez <tdruez@nexb.com>
  • Loading branch information
tdruez committed Jun 3, 2024
1 parent 64031ec commit e82fb1f
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 16 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,11 @@ v34.6.0 (unreleased)
- Add ability to filter by tag on the resource list view.
https://github.com/nexB/scancode.io/issues/1217

- Use "unknown" as the Package URL default type when no values are provided for that
field. This allows to create a discovered package instance instead of raising a
Project error message.
https://github.com/nexB/scancode.io/issues/1249

v34.5.0 (2024-05-22)
--------------------

Expand Down
28 changes: 13 additions & 15 deletions scanpipe/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -3106,27 +3106,25 @@ def extract_purl_data(cls, package_data):
@classmethod
def create_from_data(cls, project, package_data):
"""
Create and returns a DiscoveredPackage for a `project` from the `package_data`.
If one of the values of the required fields is not available, a "ProjectMessage"
is created instead of a new DiscoveredPackage instance.
Create and return a DiscoveredPackage for a given `project` based on
`package_data`.
If the required `name` field is missing in `package_data`, a `ProjectMessage`
is created instead of a DiscoveredPackage instance.
If the `type` field is missing in `package_data`, it defaults to "unknown"
before creating the DiscoveredPackage.
"""
package_data = package_data.copy()
required_fields = ["type", "name"]
missing_values = [
field_name
for field_name in required_fields
if not package_data.get(field_name)
]

if missing_values:
message = (
f"No values for the following required fields: "
f"{', '.join(missing_values)}"
)

if not package_data.get("name"):
message = 'No values provided for the required "name" field.'
project.add_warning(description=message, model=cls, details=package_data)
return

if not package_data.get("type"):
package_data["type"] = "unknown"

qualifiers = package_data.get("qualifiers")
if qualifiers:
package_data["qualifiers"] = normalize_qualifiers(qualifiers, encode=True)
Expand Down
13 changes: 12 additions & 1 deletion scanpipe/tests/test_models.py
Original file line number Diff line number Diff line change
Expand Up @@ -2447,7 +2447,7 @@ def test_scanpipe_discovered_package_model_create_from_data(self):
self.assertEqual(package_count, DiscoveredPackage.objects.count())
error = project1.projectmessages.latest("created_date")
self.assertEqual("DiscoveredPackage", error.model)
expected_message = "No values for the following required fields: name"
expected_message = 'No values provided for the required "name" field.'
self.assertEqual(expected_message, error.description)
self.assertEqual(package_data1["purl"], error.details["purl"])
self.assertEqual("", error.details["name"])
Expand All @@ -2466,6 +2466,17 @@ def test_scanpipe_discovered_package_model_create_from_data(self):
self.assertEqual(package_count, DiscoveredPackage.objects.count())
self.assertEqual(project_message_count, ProjectMessage.objects.count())

def test_scanpipe_discovered_package_model_create_from_data_missing_type(self):
project1 = Project.objects.create(name="Analysis")

incomplete_data = dict(package_data1)
incomplete_data["type"] = ""

package = DiscoveredPackage.create_from_data(project1, incomplete_data)
self.assertEqual(project1, package.project)
self.assertEqual("pkg:unknown/debian/adduser@3.118?arch=all", str(package))
self.assertEqual("unknown", package.type)

@skipIf(connection.vendor == "sqlite", "No max_length constraints on SQLite.")
def test_scanpipe_discovered_dependency_model_create_from_data(self):
project1 = Project.objects.create(name="Analysis")
Expand Down

0 comments on commit e82fb1f

Please sign in to comment.