Skip to content

Commit 24785ef

Browse files
committed
Drop miners/composer.py file
Signed-off-by: ziad hany <ziadhany2016@gmail.com>
1 parent 4d5d9e4 commit 24785ef

File tree

3 files changed

+102
-115
lines changed

3 files changed

+102
-115
lines changed

minecode_pipelines/miners/composer.py

Lines changed: 0 additions & 108 deletions
This file was deleted.

minecode_pipelines/pipes/composer.py

Lines changed: 99 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,15 +20,110 @@
2020
# ScanCode.io is a free software code scanning tool from nexB Inc. and others.
2121
# Visit https://github.com/aboutcode-org/scancode.io for support and download.
2222

23-
from minecode_pipelines.miners.composer import get_composer_packages
24-
from minecode_pipelines.miners.composer import load_composer_packages
25-
from minecode_pipelines.miners.composer import get_composer_purl
26-
23+
import json
24+
from minecode_pipelines.utils import get_temp_file
25+
from aboutcode.hashid import get_core_purl
26+
import requests
27+
from packageurl import PackageURL
2728
from minecode_pipelines.utils import cycle_from_index, grouper
2829

2930
PACKAGE_BATCH_SIZE = 100
3031

3132

33+
def get_composer_packages():
34+
"""
35+
Fetch all Composer packages from Packagist and save them to a temporary JSON file.
36+
Response example:
37+
{
38+
"packageNames" ["0.0.0/composer-include-files", "0.0.0/laravel-env-shim"]
39+
}
40+
"""
41+
42+
response = requests.get("https://packagist.org/packages/list.json")
43+
if not response.ok:
44+
return
45+
46+
packages = response.json()
47+
temp_file = get_temp_file("ComposerPackages", "json")
48+
with open(temp_file, "w", encoding="utf-8") as f:
49+
json.dump(packages, f, indent=4)
50+
51+
return temp_file
52+
53+
54+
def get_composer_purl(vendor, package):
55+
"""
56+
Fetch all available Package URLs (purls) for a Composer package from Packagist.
57+
Response example:
58+
{
59+
"minified": "composer/2.0",
60+
"packages": [
61+
{
62+
"monolog/monolog": {
63+
"0": {
64+
"name": "monolog/monolog",
65+
"version": "3.9.0"
66+
}
67+
}
68+
}
69+
],
70+
"security-advisories": [
71+
{
72+
"advisoryId": "PKSA-dmw8-jd8k-q3c6",
73+
"affectedVersions": ">=1.8.0,<1.12.0"
74+
}
75+
]
76+
}
77+
get_composer_purl("monolog", "monolog")
78+
-> ["pkg:composer/monolog/monolog@3.9.0", "pkg:composer/monolog/monolog@3.8.0", ...]
79+
"""
80+
purls = []
81+
url = f"https://repo.packagist.org/p2/{vendor}/{package}.json"
82+
83+
try:
84+
response = requests.get(url, timeout=10)
85+
response.raise_for_status()
86+
except requests.RequestException:
87+
return None, purls
88+
89+
data = response.json()
90+
packages = data.get("packages", {})
91+
releases = packages.get(f"{vendor}/{package}", [])
92+
93+
for release in releases:
94+
version = release.get("version")
95+
if version:
96+
purl = PackageURL(
97+
type="composer",
98+
namespace=vendor,
99+
name=package,
100+
version=version,
101+
)
102+
purls.append(purl.to_string())
103+
104+
base_purl = None
105+
if purls:
106+
first_purl = purls[0]
107+
base_purl = get_core_purl(first_purl)
108+
return base_purl, purls
109+
110+
111+
def load_composer_packages(packages_file):
112+
"""Load and return a list of (vendor, package) tuples from a JSON file."""
113+
with open(packages_file, encoding="utf-8") as f:
114+
packages_data = json.load(f)
115+
116+
package_names = packages_data.get("packageNames", [])
117+
result = []
118+
119+
for item in package_names:
120+
if "/" in item:
121+
vendor, package = item.split("/", 1)
122+
result.append((vendor, package))
123+
124+
return result
125+
126+
32127
def mine_composer_packages():
33128
"""Mine Composer package names from Packagist and return List of (vendor, package) tuples."""
34129
packages_file = get_composer_packages()

minecode_pipelines/tests/pipes/test_composer.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,9 @@
1212
from unittest.mock import patch, MagicMock
1313
from django.test import SimpleTestCase
1414

15-
from minecode_pipelines.miners.composer import get_composer_packages
16-
from minecode_pipelines.miners.composer import load_composer_packages
17-
from minecode_pipelines.miners.composer import get_composer_purl
15+
from minecode_pipelines.pipes.composer import get_composer_packages
16+
from minecode_pipelines.pipes.composer import load_composer_packages
17+
from minecode_pipelines.pipes.composer import get_composer_purl
1818

1919
DATA_DIR = Path(__file__).parent.parent / "test_data" / "composer"
2020

0 commit comments

Comments
 (0)