Skip to content

Commit

Permalink
Merge pull request #141 from aboutcode-org/140_owner_migration
Browse files Browse the repository at this point in the history
140 owner migration
  • Loading branch information
chinyeungli authored Aug 20, 2024
2 parents 5f9c45f + 3b3787a commit b17189a
Show file tree
Hide file tree
Showing 60 changed files with 167 additions and 121 deletions.
11 changes: 8 additions & 3 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
Changelog
=========

Version v30.12.1
----------------

- Update link references of ownership from nexB to aboutcode-org. https://github.com/aboutcode-org/univers/issues/140


Version v30.12.0
----------------
Expand Down Expand Up @@ -37,7 +42,7 @@ Version v30.10.0
Version v30.9.2
----------------

- Fix unhashable error in GemVersion.
- Fix unhashable error in GemVersion.


Version v30.9.1
Expand Down Expand Up @@ -89,7 +94,7 @@ Version v30.5.0
Version v30.4.0
----------------

- Add support for forming VersionRange from a list of versions.Thank you
- Add support for forming VersionRange from a list of versions.Thank you
to Keshav Priyadarshi @keshav-space for this.


Expand Down Expand Up @@ -146,7 +151,7 @@ Version v30.0.0
Version v21.4.9
-----------------

- Add support Gentoo style versions.
- Add support Gentoo style versions.


Version v21.4.8
Expand Down
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
# ScanCode is a trademark of nexB Inc.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/nexB/skeleton for support or download.
# See https://github.com/aboutcode-org/skeleton for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#

Expand Down Expand Up @@ -35,7 +35,7 @@ check:
@echo "-> Run pycodestyle (PEP8) validation"
@${ACTIVATE} pycodestyle --max-line-length=100 --exclude=.eggs,venv,lib,thirdparty,docs,migrations,settings.py,.cache .
@echo "-> Run isort imports ordering validation"
@${ACTIVATE} isort --sl --check-only -l 100 setup.py src tests .
@${ACTIVATE} isort --sl --check-only -l 100 setup.py src tests .
@echo "-> Run black validation"
@${ACTIVATE} black --check --check -l 100 src tests setup.py

Expand Down
2 changes: 1 addition & 1 deletion NOTICE
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# Copyright (c) nexB Inc. and others.
# SPDX-License-Identifier: Apache-2.0
#
# Visit https://aboutcode.org and https://github.com/nexB/vulnerablecode
# Visit https://aboutcode.org and https://github.com/aboutcode-org/vulnerablecode
# for support and download.
#
# Licensed under the Apache License, Version 2.0 (the "License");
Expand Down
20 changes: 10 additions & 10 deletions README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ ranges and to compare two software package versions in VulnerableCode.
Package version ranges and version constraints are useful and essential:

- When relating a known vulnerability or bug to a range of affected package
versions. For instance a statement such as "vulnerability 123 affects
versions. For instance a statement such as "vulnerability 123 affects
package bar, version 3.1 and version 4.2 but not version 5" defines a
range of bar versions affected by a vulnerability.

Expand Down Expand Up @@ -78,7 +78,7 @@ include:
This is supported in part by the `semantic_version
<https://github.com/rbarrois/python-semanticversion>`_ library.

- pypi: handled by Python's packaging library and the standard
- pypi: handled by Python's packaging library and the standard
``packaging.version`` module.

- Rubygems which use a semver-like but not-quite-semver scheme and there can be
Expand All @@ -89,26 +89,26 @@ include:
"OR" between constraints (that it call requirements).
Gem are handled by Python port of the Rubygems requirements and version
handling code from the `puppeteer tool
<https://github.com/nexB/univers/blob/main/src/univers/debian.py.ABOUT>`_
<https://github.com/aboutcode-org/univers/blob/main/src/univers/debian.py.ABOUT>`_

- debian: handled by the `debian-inspector library
<https://github.com/nexB/univers/blob/main/src/univers/debian.py.ABOUT>`_.
<https://github.com/aboutcode-org/univers/blob/main/src/univers/debian.py.ABOUT>`_.

- maven: handled by the embedded `pymaven library
<https://github.com/nexB/univers/blob/main/src/univers/pymaven.py.ABOUT>`_.
<https://github.com/aboutcode-org/univers/blob/main/src/univers/pymaven.py.ABOUT>`_.

- rpm: handled by the embedded `rpm_vercmp library
<https://github.com/nexB/univers/blob/main/src/univers/rpm.py.ABOUT>`_.
<https://github.com/aboutcode-org/univers/blob/main/src/univers/rpm.py.ABOUT>`_.

- golang (using semver)

- PHP composer

- ebuild/gentoo: handled by the embedded `gentoo_vercmp module
<https://github.com/nexB/univers/blob/main/src/univers/gentoo.py.ABOUT>`_.
<https://github.com/aboutcode-org/univers/blob/main/src/univers/gentoo.py.ABOUT>`_.

- arch linux: handled by the embedded `arch utility module borrowed from msys2
<https://github.com/nexB/univers/blob/main/src/univers/arch.py.ABOUT>`_.
<https://github.com/aboutcode-org/univers/blob/main/src/univers/arch.py.ABOUT>`_.

- Alpine linux: handled using the base Gentoo version support and extras
specific to Alpine.
Expand Down Expand Up @@ -172,7 +172,7 @@ Test if a version is within or outside a version range:
Development
============

Run these commands, starting from a git clone of https://github.com/nexB/univers ::
Run these commands, starting from a git clone of https://github.com/aboutcode-org/univers ::

$ ./configure --dev
$ source venv/bin/active
Expand All @@ -181,7 +181,7 @@ Run these commands, starting from a git clone of https://github.com/nexB/univers

We use the same development process as other AboutCode projects.

Visit https://github.com/nexB/univers and
Visit https://github.com/aboutcode-org/univers and
https://gitter.im/aboutcode-org/vulnerablecode and
https://gitter.im/aboutcode-org/aboutcode for support and chat.

Expand Down
2 changes: 1 addition & 1 deletion configure
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# Copyright (c) nexB Inc. and others. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/nexB/ for support or download.
# See https://github.com/aboutcode-org/ for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#

Expand Down
2 changes: 1 addition & 1 deletion configure.bat
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
@rem Copyright (c) nexB Inc. and others. All rights reserved.
@rem SPDX-License-Identifier: Apache-2.0
@rem See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
@rem See https://github.com/nexB/ for support or download.
@rem See https://github.com/aboutcode-org/ for support or download.
@rem See https://aboutcode.org for more information about nexB OSS projects.


Expand Down
2 changes: 1 addition & 1 deletion conftest.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@
# Copyright (c) nexB Inc. and others.
# SPDX-License-Identifier: Apache-2.0
#
# Visit https://aboutcode.org and https://github.com/nexB/univers for support and download.
# Visit https://aboutcode.org and https://github.com/aboutcode-org/univers for support and download.

collect_ignore = ["setup.py"]
2 changes: 1 addition & 1 deletion docs/source/conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@

# This points to aboutcode.readthedocs.io
# In case of "undefined label" ERRORS check docs on intersphinx to troubleshoot
# Link was created at commit - https://github.com/nexB/aboutcode/commit/faea9fcf3248f8f198844fe34d43833224ac4a83
# Link was created at commit - https://github.com/aboutcode-org/aboutcode/commit/faea9fcf3248f8f198844fe34d43833224ac4a83

intersphinx_mapping = {
"aboutcode": ("https://aboutcode.readthedocs.io/en/latest/", None),
Expand Down
2 changes: 1 addition & 1 deletion docs/source/contribute/contrib_doc.rst
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ To get started, create or identify a working directory on your local machine.

Open that directory and execute the following command in a terminal session::

git clone https://github.com/nexB/skeleton.git
git clone https://github.com/aboutcode-org/skeleton.git

That will create an ``/skeleton`` directory in your working directory.
Now you can install the dependencies in a virtualenv::
Expand Down
2 changes: 1 addition & 1 deletion docs/source/skeleton-usage.rst
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ corrected. You can check to see if your corrections are valid by running:
Once the wheels are collected and the ABOUT files are generated and correct,
upload them to thirdparty.aboutcode.org/pypi by placing the wheels and ABOUT
files from the thirdparty directory to the pypi directory at
https://github.com/nexB/thirdparty-packages
https://github.com/aboutcode-org/thirdparty-packages


Usage after project initialization
Expand Down
5 changes: 3 additions & 2 deletions etc/scripts/check_thirdparty.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# ScanCode is a trademark of nexB Inc.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/nexB/skeleton for support or download.
# See https://github.com/aboutcode-org/skeleton for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#
import click
Expand All @@ -17,7 +17,8 @@
@click.option(
"-d",
"--dest",
type=click.Path(exists=True, readable=True, path_type=str, file_okay=False),
type=click.Path(exists=True, readable=True,
path_type=str, file_okay=False),
required=True,
help="Path to the thirdparty directory to check.",
)
Expand Down
19 changes: 12 additions & 7 deletions etc/scripts/fetch_thirdparty.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# ScanCode is a trademark of nexB Inc.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/nexB/skeleton for support or download.
# See https://github.com/aboutcode-org/skeleton for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#

Expand Down Expand Up @@ -55,7 +55,8 @@
"-d",
"--dest",
"dest_dir",
type=click.Path(exists=True, readable=True, path_type=str, file_okay=False),
type=click.Path(exists=True, readable=True,
path_type=str, file_okay=False),
metavar="DIR",
default=utils_thirdparty.THIRDPARTY_DIR,
show_default=True,
Expand Down Expand Up @@ -224,7 +225,8 @@ def fetch_thirdparty(
environments = None
if wheels:
evts = itertools.product(python_versions, operating_systems)
environments = [utils_thirdparty.Environment.from_pyver_and_os(pyv, os) for pyv, os in evts]
environments = [utils_thirdparty.Environment.from_pyver_and_os(
pyv, os) for pyv, os in evts]

# Collect PyPI repos
repos = []
Expand Down Expand Up @@ -260,13 +262,14 @@ def fetch_thirdparty(
repos=repos,
)
if not fetched:
wheels_or_sdist_not_found[f"{name}=={version}"].append(environment)
wheels_or_sdist_not_found[f"{name}=={version}"].append(
environment)
if TRACE:
print(f" NOT FOUND")

if (sdists or
(f"{name}=={version}" in wheels_or_sdist_not_found and name in sdist_only)
):
):
if TRACE:
print(f" ==> Fetching sdist: {name}=={version}")

Expand All @@ -289,7 +292,8 @@ def fetch_thirdparty(
sdist_missing = sdists and "sdist" in dists and not name in wheel_only
if sdist_missing:
mia.append(f"SDist missing: {nv} {dists}")
wheels_missing = wheels and any(d for d in dists if d != "sdist") and not name in sdist_only
wheels_missing = wheels and any(
d for d in dists if d != "sdist") and not name in sdist_only
if wheels_missing:
mia.append(f"Wheels missing: {nv} {dists}")

Expand All @@ -299,7 +303,8 @@ def fetch_thirdparty(
raise Exception(mia)

print(f"==> FETCHING OR CREATING ABOUT AND LICENSE FILES")
utils_thirdparty.fetch_abouts_and_licenses(dest_dir=dest_dir, use_cached_index=use_cached_index)
utils_thirdparty.fetch_abouts_and_licenses(
dest_dir=dest_dir, use_cached_index=use_cached_index)
utils_thirdparty.clean_about_files(dest_dir=dest_dir)

# check for problems
Expand Down
2 changes: 1 addition & 1 deletion etc/scripts/gen_requirements.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# ScanCode is a trademark of nexB Inc.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/nexB/skeleton for support or download.
# See https://github.com/aboutcode-org/skeleton for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#
import argparse
Expand Down
2 changes: 1 addition & 1 deletion etc/scripts/gen_requirements_dev.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# ScanCode is a trademark of nexB Inc.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/nexB/skeleton for support or download.
# See https://github.com/aboutcode-org/skeleton for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#
import argparse
Expand Down
11 changes: 7 additions & 4 deletions etc/scripts/utils_dejacode.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# ScanCode is a trademark of nexB Inc.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/nexB/skeleton for support or download.
# See https://github.com/aboutcode-org/skeleton for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#
import io
Expand Down Expand Up @@ -33,7 +33,8 @@

def can_do_api_calls():
if not DEJACODE_API_KEY and DEJACODE_API_URL:
print("DejaCode DEJACODE_API_KEY and DEJACODE_API_URL not configured. Doing nothing")
print(
"DejaCode DEJACODE_API_KEY and DEJACODE_API_URL not configured. Doing nothing")
return False
else:
return True
Expand Down Expand Up @@ -68,7 +69,8 @@ def get_package_data(distribution):
return results[0]

elif len_results > 1:
print(f"More than 1 entry exists, review at: {DEJACODE_API_URL_PACKAGES}")
print(
f"More than 1 entry exists, review at: {DEJACODE_API_URL_PACKAGES}")
else:
print("Could not find package:", distribution.download_url)

Expand Down Expand Up @@ -149,7 +151,8 @@ def find_latest_dejacode_package(distribution):
# there was no exact match, find the latest version
# TODO: consider the closest version rather than the latest
# or the version that has the best data
with_versions = [(packaging_version.parse(p["version"]), p) for p in packages]
with_versions = [(packaging_version.parse(p["version"]), p)
for p in packages]
with_versions = sorted(with_versions)
latest_version, latest_package_version = sorted(with_versions)[-1]
print(
Expand Down
11 changes: 7 additions & 4 deletions etc/scripts/utils_requirements.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# ScanCode is a trademark of nexB Inc.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/nexB/skeleton for support or download.
# See https://github.com/aboutcode-org/skeleton for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#

Expand Down Expand Up @@ -102,7 +102,8 @@ def lock_dev_requirements(
all_req_nvs = get_required_name_versions(all_req_lines)
dev_only_req_nvs = {n: v for n, v in all_req_nvs if n not in main_names}

new_reqs = "\n".join(f"{n}=={v}" for n, v in sorted(dev_only_req_nvs.items()))
new_reqs = "\n".join(
f"{n}=={v}" for n, v in sorted(dev_only_req_nvs.items()))
with open(dev_requirements_file, "w") as fo:
fo.write(new_reqs)

Expand All @@ -113,10 +114,12 @@ def get_installed_reqs(site_packages_dir):
as a text.
"""
if not os.path.exists(site_packages_dir):
raise Exception(f"site_packages directory: {site_packages_dir!r} does not exists")
raise Exception(
f"site_packages directory: {site_packages_dir!r} does not exists")
# Also include these packages in the output with --all: wheel, distribute,
# setuptools, pip
args = ["pip", "freeze", "--exclude-editable", "--all", "--path", site_packages_dir]
args = ["pip", "freeze", "--exclude-editable",
"--all", "--path", site_packages_dir]
return subprocess.check_output(args, encoding="utf-8")


Expand Down
Loading

0 comments on commit b17189a

Please sign in to comment.