diff --git a/plugins/commands/scanner/src/main/kotlin/ScannerCommand.kt b/plugins/commands/scanner/src/main/kotlin/ScannerCommand.kt index 6d08d573f2a2..e04ed43d0386 100644 --- a/plugins/commands/scanner/src/main/kotlin/ScannerCommand.kt +++ b/plugins/commands/scanner/src/main/kotlin/ScannerCommand.kt @@ -54,6 +54,7 @@ import org.ossreviewtoolkit.plugins.commands.api.utils.configurationGroup import org.ossreviewtoolkit.plugins.commands.api.utils.outputGroup import org.ossreviewtoolkit.plugins.commands.api.utils.readOrtResult import org.ossreviewtoolkit.plugins.commands.api.utils.writeOrtResult +import org.ossreviewtoolkit.scanner.NO_LIMIT_DEPTH import org.ossreviewtoolkit.scanner.ScanStorages import org.ossreviewtoolkit.scanner.Scanner import org.ossreviewtoolkit.scanner.ScannerWrapperFactory @@ -117,6 +118,11 @@ class ScannerCommand : OrtCommand( help = "A comma-separated list of the package types from the ORT file's analyzer result to limit scans to." ).enum().split(",").default(PackageType.entries) + private val packagesDepth by option( + "--packages-depth", + help = "The depth in the packages tree to scan, default is -1 (no limit)" + ).convert { it.toInt() }.default(NO_LIMIT_DEPTH) + private val skipExcluded by option( "--skip-excluded", help = "Do not scan excluded projects or packages. Works only with the '--ort-file' parameter." @@ -231,7 +237,7 @@ class ScannerCommand : OrtCommand( val ortResult = readOrtResult(input) return runBlocking { - scanner.scan(ortResult, skipExcluded || ortConfig.scanner.skipExcluded, labels) + scanner.scan(ortResult, skipExcluded || ortConfig.scanner.skipExcluded, labels, packagesDepth) } } finally { runBlocking { workingTreeCache.shutdown() } diff --git a/scanner/src/funTest/assets/scanner-integration-pkgs-level-1-expected-ort-result.yml b/scanner/src/funTest/assets/scanner-integration-pkgs-level-1-expected-ort-result.yml new file mode 100644 index 000000000000..75c04175be7b --- /dev/null +++ b/scanner/src/funTest/assets/scanner-integration-pkgs-level-1-expected-ort-result.yml @@ -0,0 +1,310 @@ +--- +repository: + vcs: + type: "" + url: "" + revision: "" + path: "" + vcs_processed: + type: "" + url: "" + revision: "" + path: "" + config: {} +analyzer: + start_time: "1970-01-01T00:00:00Z" + end_time: "1970-01-01T00:00:00Z" + environment: + ort_version: "HEAD" + java_version: "" + os: "" + processors: "" + max_memory: "" + variables: {} + tool_versions: {} + config: + allow_dynamic_versions: false + skip_excluded: false + result: + projects: + - id: "Dummy::project:1.0.0" + definition_file_path: "" + declared_licenses: [] + declared_licenses_processed: {} + vcs: + type: "" + url: "" + revision: "" + path: "" + vcs_processed: + type: "" + url: "" + revision: "" + path: "" + homepage_url: "" + scopes: + - name: "deps" + dependencies: + - id: "Dummy::pkg3:1.0.0" + dependencies: + - id: "Dummy::pkg2:1.0.0" + dependencies: + - id: "Dummy::pkg1:1.0.0" + dependencies: + - id: "Dummy::pkg0:1.0.0" + packages: + - id: "Dummy::pkg0:1.0.0" + purl: "" + declared_licenses: [] + declared_licenses_processed: {} + description: "" + homepage_url: "" + binary_artifact: + url: "" + hash: + value: "" + algorithm: "" + source_artifact: + url: "" + hash: + value: "" + algorithm: "" + vcs: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "" + vcs_processed: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "" + - id: "Dummy::pkg1:1.0.0" + purl: "" + declared_licenses: [] + declared_licenses_processed: {} + description: "" + homepage_url: "" + binary_artifact: + url: "" + hash: + value: "" + algorithm: "" + source_artifact: + url: "" + hash: + value: "" + algorithm: "" + vcs: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg1" + vcs_processed: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg1" + - id: "Dummy::pkg2:1.0.0" + purl: "" + declared_licenses: [] + declared_licenses_processed: {} + description: "" + homepage_url: "" + binary_artifact: + url: "" + hash: + value: "" + algorithm: "" + source_artifact: + url: "" + hash: + value: "" + algorithm: "" + vcs: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg2" + vcs_processed: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg2" + - id: "Dummy::pkg3:1.0.0" + purl: "" + declared_licenses: [] + declared_licenses_processed: {} + description: "" + homepage_url: "" + binary_artifact: + url: "" + hash: + value: "" + algorithm: "" + source_artifact: + url: "" + hash: + value: "" + algorithm: "" + vcs: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg3" + vcs_processed: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg3" +scanner: + start_time: "1970-01-01T00:00:00Z" + end_time: "1970-01-01T00:00:00Z" + environment: + ort_version: "HEAD" + java_version: "" + os: "" + processors: "" + max_memory: "" + variables: {} + tool_versions: {} + config: + skip_concluded: false + skip_excluded: false + create_missing_archives: false + detected_license_mapping: + LicenseRef-scancode-agpl-generic-additional-terms: "NOASSERTION" + LicenseRef-scancode-free-unknown: "NOASSERTION" + LicenseRef-scancode-generic-cla: "NOASSERTION" + LicenseRef-scancode-generic-exception: "NOASSERTION" + LicenseRef-scancode-generic-export-compliance: "NOASSERTION" + LicenseRef-scancode-generic-tos: "NOASSERTION" + LicenseRef-scancode-generic-trademark: "NOASSERTION" + LicenseRef-scancode-gpl-generic-additional-terms: "NOASSERTION" + LicenseRef-scancode-other-copyleft: "NOASSERTION" + LicenseRef-scancode-other-permissive: "NOASSERTION" + LicenseRef-scancode-patent-disclaimer: "NOASSERTION" + LicenseRef-scancode-unknown: "NOASSERTION" + LicenseRef-scancode-unknown-license-reference: "NOASSERTION" + LicenseRef-scancode-unknown-spdx: "NOASSERTION" + LicenseRef-scancode-warranty-disclaimer: "NOASSERTION" + ignore_patterns: + - "**/*.ort.yml" + - "**/*.spdx.yml" + - "**/*.spdx.yaml" + - "**/*.spdx.json" + - "**/META-INF/DEPENDENCIES" + - "**/META-INF/DEPENDENCIES.txt" + - "**/META-INF/NOTICE" + - "**/META-INF/NOTICE.txt" + provenances: + - id: "Dummy::pkg3:1.0.0" + package_provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg3" + resolved_revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + sub_repositories: + pkg3/subrepo: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner-subrepo.git" + revision: "a732695e03efcbd74539208af98c297ee86e49d5" + path: "" + - id: "Dummy::project:1.0.0" + package_provenance_resolution_issue: + timestamp: "1970-01-01T00:00:00Z" + source: "scanner" + message: "IOException: Could not resolve provenance for package 'Dummy::project:1.0.0'\ + \ for source code origins [VCS, ARTIFACT]." + severity: "ERROR" + scan_results: + - provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner-subrepo.git" + revision: "a732695e03efcbd74539208af98c297ee86e49d5" + path: "" + resolved_revision: "a732695e03efcbd74539208af98c297ee86e49d5" + scanner: + name: "Dummy" + version: "1.0.0" + configuration: "" + summary: + start_time: "1970-01-01T00:00:00Z" + end_time: "1970-01-01T00:00:00Z" + licenses: + - license: "NOASSERTION" + location: + path: "LICENSE" + start_line: -1 + end_line: -1 + - license: "NOASSERTION" + location: + path: "README" + start_line: -1 + end_line: -1 + - license: "NOASSERTION" + location: + path: "pkg-s1/pkg-s1.txt" + start_line: -1 + end_line: -1 + - provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "" + resolved_revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + scanner: + name: "Dummy" + version: "1.0.0" + configuration: "" + summary: + start_time: "1970-01-01T00:00:00Z" + end_time: "1970-01-01T00:00:00Z" + licenses: + - license: "NOASSERTION" + location: + path: "LICENSE" + start_line: -1 + end_line: -1 + - license: "NOASSERTION" + location: + path: "pkg3/pkg3.txt" + start_line: -1 + end_line: -1 + scanners: + Dummy::pkg3:1.0.0: + - "Dummy" + Dummy::project:1.0.0: + - "Dummy" + files: + - provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner-subrepo.git" + revision: "a732695e03efcbd74539208af98c297ee86e49d5" + path: "" + resolved_revision: "a732695e03efcbd74539208af98c297ee86e49d5" + files: + - path: "LICENSE" + sha1: "7df059597099bb7dcf25d2a9aedfaf4465f72d8d" + - path: "README" + sha1: "ae8044f7fce7ee914a853c30c3085895e9be8b9c" + - path: "pkg-s1/pkg-s1.txt" + sha1: "e5fb17f8f4f4ef0748bb5ba137fd0e091dd5a1f6" + - provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "" + resolved_revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + files: + - path: "pkg3/pkg3.txt" + sha1: "859d66be2d153968cdaa8ec7265270c241eea024" +advisor: null +evaluator: null +resolved_configuration: {} diff --git a/scanner/src/funTest/assets/scanner-integration-pkgs-level-3-expected-ort-result.yml b/scanner/src/funTest/assets/scanner-integration-pkgs-level-3-expected-ort-result.yml new file mode 100644 index 000000000000..ced152f06ab5 --- /dev/null +++ b/scanner/src/funTest/assets/scanner-integration-pkgs-level-3-expected-ort-result.yml @@ -0,0 +1,344 @@ +--- +repository: + vcs: + type: "" + url: "" + revision: "" + path: "" + vcs_processed: + type: "" + url: "" + revision: "" + path: "" + config: {} +analyzer: + start_time: "1970-01-01T00:00:00Z" + end_time: "1970-01-01T00:00:00Z" + environment: + ort_version: "HEAD" + java_version: "" + os: "" + processors: "" + max_memory: "" + variables: {} + tool_versions: {} + config: + allow_dynamic_versions: false + skip_excluded: false + result: + projects: + - id: "Dummy::project:1.0.0" + definition_file_path: "" + declared_licenses: [] + declared_licenses_processed: {} + vcs: + type: "" + url: "" + revision: "" + path: "" + vcs_processed: + type: "" + url: "" + revision: "" + path: "" + homepage_url: "" + scopes: + - name: "deps" + dependencies: + - id: "Dummy::pkg3:1.0.0" + dependencies: + - id: "Dummy::pkg2:1.0.0" + dependencies: + - id: "Dummy::pkg1:1.0.0" + dependencies: + - id: "Dummy::pkg0:1.0.0" + packages: + - id: "Dummy::pkg0:1.0.0" + purl: "" + declared_licenses: [] + declared_licenses_processed: {} + description: "" + homepage_url: "" + binary_artifact: + url: "" + hash: + value: "" + algorithm: "" + source_artifact: + url: "" + hash: + value: "" + algorithm: "" + vcs: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "" + vcs_processed: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "" + - id: "Dummy::pkg1:1.0.0" + purl: "" + declared_licenses: [] + declared_licenses_processed: {} + description: "" + homepage_url: "" + binary_artifact: + url: "" + hash: + value: "" + algorithm: "" + source_artifact: + url: "" + hash: + value: "" + algorithm: "" + vcs: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg1" + vcs_processed: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg1" + - id: "Dummy::pkg2:1.0.0" + purl: "" + declared_licenses: [] + declared_licenses_processed: {} + description: "" + homepage_url: "" + binary_artifact: + url: "" + hash: + value: "" + algorithm: "" + source_artifact: + url: "" + hash: + value: "" + algorithm: "" + vcs: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg2" + vcs_processed: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg2" + - id: "Dummy::pkg3:1.0.0" + purl: "" + declared_licenses: [] + declared_licenses_processed: {} + description: "" + homepage_url: "" + binary_artifact: + url: "" + hash: + value: "" + algorithm: "" + source_artifact: + url: "" + hash: + value: "" + algorithm: "" + vcs: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg3" + vcs_processed: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg3" +scanner: + start_time: "1970-01-01T00:00:00Z" + end_time: "1970-01-01T00:00:00Z" + environment: + ort_version: "HEAD" + java_version: "" + os: "" + processors: "" + max_memory: "" + variables: {} + tool_versions: {} + config: + skip_concluded: false + skip_excluded: false + create_missing_archives: false + detected_license_mapping: + LicenseRef-scancode-agpl-generic-additional-terms: "NOASSERTION" + LicenseRef-scancode-free-unknown: "NOASSERTION" + LicenseRef-scancode-generic-cla: "NOASSERTION" + LicenseRef-scancode-generic-exception: "NOASSERTION" + LicenseRef-scancode-generic-export-compliance: "NOASSERTION" + LicenseRef-scancode-generic-tos: "NOASSERTION" + LicenseRef-scancode-generic-trademark: "NOASSERTION" + LicenseRef-scancode-gpl-generic-additional-terms: "NOASSERTION" + LicenseRef-scancode-other-copyleft: "NOASSERTION" + LicenseRef-scancode-other-permissive: "NOASSERTION" + LicenseRef-scancode-patent-disclaimer: "NOASSERTION" + LicenseRef-scancode-unknown: "NOASSERTION" + LicenseRef-scancode-unknown-license-reference: "NOASSERTION" + LicenseRef-scancode-unknown-spdx: "NOASSERTION" + LicenseRef-scancode-warranty-disclaimer: "NOASSERTION" + ignore_patterns: + - "**/*.ort.yml" + - "**/*.spdx.yml" + - "**/*.spdx.yaml" + - "**/*.spdx.json" + - "**/META-INF/DEPENDENCIES" + - "**/META-INF/DEPENDENCIES.txt" + - "**/META-INF/NOTICE" + - "**/META-INF/NOTICE.txt" + provenances: + - id: "Dummy::pkg1:1.0.0" + package_provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg1" + resolved_revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + - id: "Dummy::pkg2:1.0.0" + package_provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg2" + resolved_revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + - id: "Dummy::pkg3:1.0.0" + package_provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "pkg3" + resolved_revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + sub_repositories: + pkg3/subrepo: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner-subrepo.git" + revision: "a732695e03efcbd74539208af98c297ee86e49d5" + path: "" + - id: "Dummy::project:1.0.0" + package_provenance_resolution_issue: + timestamp: "1970-01-01T00:00:00Z" + source: "scanner" + message: "IOException: Could not resolve provenance for package 'Dummy::project:1.0.0'\ + \ for source code origins [VCS, ARTIFACT]." + severity: "ERROR" + scan_results: + - provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner-subrepo.git" + revision: "a732695e03efcbd74539208af98c297ee86e49d5" + path: "" + resolved_revision: "a732695e03efcbd74539208af98c297ee86e49d5" + scanner: + name: "Dummy" + version: "1.0.0" + configuration: "" + summary: + start_time: "1970-01-01T00:00:00Z" + end_time: "1970-01-01T00:00:00Z" + licenses: + - license: "NOASSERTION" + location: + path: "LICENSE" + start_line: -1 + end_line: -1 + - license: "NOASSERTION" + location: + path: "README" + start_line: -1 + end_line: -1 + - license: "NOASSERTION" + location: + path: "pkg-s1/pkg-s1.txt" + start_line: -1 + end_line: -1 + - provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "" + resolved_revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + scanner: + name: "Dummy" + version: "1.0.0" + configuration: "" + summary: + start_time: "1970-01-01T00:00:00Z" + end_time: "1970-01-01T00:00:00Z" + licenses: + - license: "NOASSERTION" + location: + path: "LICENSE" + start_line: -1 + end_line: -1 + - license: "NOASSERTION" + location: + path: "pkg1/pkg1.txt" + start_line: -1 + end_line: -1 + - license: "NOASSERTION" + location: + path: "pkg2/pkg2.txt" + start_line: -1 + end_line: -1 + - license: "NOASSERTION" + location: + path: "pkg3/pkg3.txt" + start_line: -1 + end_line: -1 + scanners: + Dummy::pkg1:1.0.0: + - "Dummy" + Dummy::pkg2:1.0.0: + - "Dummy" + Dummy::pkg3:1.0.0: + - "Dummy" + Dummy::project:1.0.0: + - "Dummy" + files: + - provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner-subrepo.git" + revision: "a732695e03efcbd74539208af98c297ee86e49d5" + path: "" + resolved_revision: "a732695e03efcbd74539208af98c297ee86e49d5" + files: + - path: "LICENSE" + sha1: "7df059597099bb7dcf25d2a9aedfaf4465f72d8d" + - path: "README" + sha1: "ae8044f7fce7ee914a853c30c3085895e9be8b9c" + - path: "pkg-s1/pkg-s1.txt" + sha1: "e5fb17f8f4f4ef0748bb5ba137fd0e091dd5a1f6" + - provenance: + vcs_info: + type: "Git" + url: "https://github.com/oss-review-toolkit/ort-test-data-scanner.git" + revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + path: "" + resolved_revision: "97d57bb4795bc41f496e1a8e2c7751cefc7da7ec" + files: + - path: "pkg1/pkg1.txt" + sha1: "22eb73bd30d47540a4e05781f0f6e07640857cae" + - path: "pkg2/pkg2.txt" + sha1: "cc8f97cebe1dc0ed889a31f504bcf491d5241aaa" + - path: "pkg3/pkg3.txt" + sha1: "859d66be2d153968cdaa8ec7265270c241eea024" +advisor: null +evaluator: null +resolved_configuration: {} diff --git a/scanner/src/funTest/kotlin/scanners/ScannerIntegrationFunTest.kt b/scanner/src/funTest/kotlin/scanners/ScannerIntegrationFunTest.kt index 3225f8a2331b..f1a5d6e5f7e2 100644 --- a/scanner/src/funTest/kotlin/scanners/ScannerIntegrationFunTest.kt +++ b/scanner/src/funTest/kotlin/scanners/ScannerIntegrationFunTest.kt @@ -98,6 +98,28 @@ class ScannerIntegrationFunTest : WordSpec({ matchExpectedResult(expectedResultFile) } } + + "Scanning all hierarchical packages corresponding" should { + "return the expected ORT result for depth level 1" { + val analyzerResult = createAnalyzerResultWithDependenciesTree(pkg0, pkg1, pkg2, pkg3) + val expectedResultFile = getAssetFile("scanner-integration-pkgs-level-1-expected-ort-result.yml") + + val ortResult = createScanner().scan(analyzerResult, skipExcluded = false, emptyMap(), 1) + + patchActualResult(ortResult.toYaml(), patchStartAndEndTime = true) should + matchExpectedResult(expectedResultFile) + } + + "return the expected ORT result for depth level 3" { + val analyzerResult = createAnalyzerResultWithDependenciesTree(pkg0, pkg1, pkg2, pkg3) + val expectedResultFile = getAssetFile("scanner-integration-pkgs-level-3-expected-ort-result.yml") + + val ortResult = createScanner().scan(analyzerResult, skipExcluded = false, emptyMap(), 3) + + patchActualResult(ortResult.toYaml(), patchStartAndEndTime = true) should + matchExpectedResult(expectedResultFile) + } + } }) internal fun createScanner(scannerWrappers: Map>? = null): Scanner { @@ -146,6 +168,36 @@ private fun createAnalyzerResult(vararg packages: Package): OrtResult { return OrtResult.EMPTY.copy(analyzer = analyzerRun) } +private fun createAnalyzerResultWithDependenciesTree(vararg packages: Package): OrtResult { + val packageReferences = mutableListOf() + packages.forEachIndexed { index, p -> + when { + index == 0 -> packageReferences.add(PackageReference(id = p.id, dependencies = emptySet())) + else -> packageReferences.add( + PackageReference(id = p.id, dependencies = setOf(packageReferences[index - 1])) + ) + } + } + val scope = Scope( + name = "deps", + dependencies = setOf(packageReferences.last()) + ) + + val project = Project.EMPTY.copy( + id = createId("project"), + scopeDependencies = setOf(scope) + ) + + val analyzerRun = AnalyzerRun.EMPTY.copy( + result = AnalyzerResult.EMPTY.copy( + projects = setOf(project), + packages = packages.toSet() + ) + ) + + return OrtResult.EMPTY.copy(analyzer = analyzerRun) +} + private fun createId(name: String): Identifier = Identifier("Dummy::$name:1.0.0") private fun createPackage(name: String, vcs: VcsInfo): Package = diff --git a/scanner/src/main/kotlin/Scanner.kt b/scanner/src/main/kotlin/Scanner.kt index f9ce8dc3a4c9..9a81c67e895d 100644 --- a/scanner/src/main/kotlin/Scanner.kt +++ b/scanner/src/main/kotlin/Scanner.kt @@ -70,6 +70,7 @@ import org.ossreviewtoolkit.utils.ort.showStackTrace import org.ossreviewtoolkit.utils.spdx.toSpdx const val TOOL_NAME = "scanner" +const val NO_LIMIT_DEPTH = -1 @Suppress("TooManyFunctions") class Scanner( @@ -104,7 +105,12 @@ class Scanner( provenanceDownloader = provenanceDownloader ) - suspend fun scan(ortResult: OrtResult, skipExcluded: Boolean, labels: Map): OrtResult { + suspend fun scan( + ortResult: OrtResult, + skipExcluded: Boolean, + labels: Map, + packagesDepth: Int = NO_LIMIT_DEPTH + ): OrtResult { val startTime = Instant.now() val projectPackages = ortResult.getProjects(skipExcluded).mapTo(mutableSetOf()) { it.toPackage() } @@ -119,8 +125,16 @@ class Scanner( ) ) - val packages = ortResult.getPackages(skipExcluded).map { it.metadata }.filterNotConcluded() - .filterNotMetadataOnly().toSet() + val packages = when { + NO_LIMIT_DEPTH == packagesDepth -> ortResult.getPackages(skipExcluded).map { it.metadata } + .filterNotConcluded() + .filterNotMetadataOnly().toSet() + + else -> projectPackages.map { ortResult.getDependencies(it.id, packagesDepth, skipExcluded) } + .flatten().mapNotNull { ortResult.getPackage(it) } + .map { it.metadata }.filterNotConcluded() + .filterNotMetadataOnly().toSet() + } val packageResults = scan( packages, ScanContext(