feat(scanoss): Map ScanOSS snippets to the ScanSummary

This commits maps the snippets in a ScanOSS response using the newly-created snippet data model. Please note that the snippet's license in the test data file has been manipulated to be a license not present in the other identifications of this file. This allows to demonstrate that license findings and snippet findings are disjoint in ORT, even if they are returned together by ScanOSS. Signed-off-by: Nicolas Nobelis <nicolas.nobelis@bosch.io>
oss-review-toolkit · Apr 4, 2023 · 14ce396 · 14ce396
1 parent 3c61670
commit 14ce396
Show file tree

Hide file tree

Showing 4 changed files with 532 additions and 10 deletions.
diff --git a/scanner/src/main/kotlin/scanners/scanoss/ScanOssResultParser.kt b/scanner/src/main/kotlin/scanners/scanoss/ScanOssResultParser.kt
@@ -23,11 +23,13 @@ import java.io.File
 import java.time.Instant
 
 import org.ossreviewtoolkit.clients.scanoss.FullScanResponse
+import org.ossreviewtoolkit.clients.scanoss.model.IdentificationType
 import org.ossreviewtoolkit.clients.scanoss.model.ScanResponse
 import org.ossreviewtoolkit.model.CopyrightFinding
 import org.ossreviewtoolkit.model.LicenseFinding
 import org.ossreviewtoolkit.model.ScanSummary
 import org.ossreviewtoolkit.model.TextLocation
+import org.ossreviewtoolkit.model.utils.SnippetFinding
 import org.ossreviewtoolkit.utils.spdx.SpdxConstants
 import org.ossreviewtoolkit.utils.spdx.SpdxExpression
 import org.ossreviewtoolkit.utils.spdx.calculatePackageVerificationCode
@@ -64,11 +66,19 @@ internal fun generateSummary(
 ): ScanSummary {
     val licenseFindings = mutableListOf<LicenseFinding>()
     val copyrightFindings = mutableListOf<CopyrightFinding>()
+    val snippetFindings = mutableMapOf<String, MutableSet<SnippetFinding>>()
 
     result.forEach { (_, scanResponses) ->
         scanResponses.forEach { scanResponse ->
-            licenseFindings += getLicenseFindings(scanResponse, detectedLicenseMapping)
-            copyrightFindings += getCopyrightFindings(scanResponse)
+            if (scanResponse.id == IdentificationType.FILE) {
+                licenseFindings += getLicenseFindings(scanResponse, detectedLicenseMapping)
+                copyrightFindings += getCopyrightFindings(scanResponse)
+            }
+            if (scanResponse.id == IdentificationType.SNIPPET) {
+                val path = requireNotNull(scanResponse.file)
+                val findings = snippetFindings.getOrPut(path) { mutableSetOf() }
+                findings += getSnippetFindings(scanResponse)
+            }
         }
     }
 
@@ -78,6 +88,7 @@ internal fun generateSummary(
         packageVerificationCode = verificationCode,
         licenseFindings = licenseFindings.toSortedSet(),
         copyrightFindings = copyrightFindings.toSortedSet(),
+        snippetFindings = snippetFindings,
         issues = emptyList()
     )
 }
@@ -131,3 +142,38 @@ private fun getCopyrightFindings(scanResponse: ScanResponse): List<CopyrightFind
         )
     }
 }
+
+/**
+ * Get the snippet findings from the given [scanResponse].
+ */
+private fun getSnippetFindings(scanResponse: ScanResponse): Set<SnippetFinding> {
+    val vendor = requireNotNull(scanResponse.vendor)
+    val component = requireNotNull(scanResponse.component)
+    val version = requireNotNull(scanResponse.version)
+    val matched = requireNotNull(scanResponse.matched)
+    val file = requireNotNull(scanResponse.file)
+    val lines = requireNotNull(scanResponse.lines)
+    val fileUrl = requireNotNull(scanResponse.fileUrl)
+    val ossLines = requireNotNull(scanResponse.ossLines)
+
+    val licenses = scanResponse.licenses.map { license ->
+        SpdxExpression.parse(license.name)
+    }.toSet()
+
+    val score = matched.substringBeforeLast("%").toFloat()
+
+    val splitLines = lines.split("-")
+    val splitOssLines = ossLines.split("-")
+    val sourceLocation = if (splitLines.size == 2) {
+        TextLocation(file, splitLines.first().toInt(), splitLines.last().toInt())
+    } else {
+        TextLocation(file, splitLines.first().toInt())
+    }
+    val snippetLocation = if (splitOssLines.size == 2) {
+        TextLocation(fileUrl, splitOssLines.first().toInt(), splitOssLines.last().toInt())
+    } else {
+        TextLocation(fileUrl, splitOssLines.first().toInt())
+    }
+
+    return setOf(SnippetFinding(vendor, component, version, licenses, score, sourceLocation, snippetLocation))
+}