Skip to content

fix: license file detection according to PEP621 #929

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jkowalleck merged 1 commit into from
Jul 8, 2025
Merged

fix: license file detection according to PEP621 #929

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion cyclonedx_py/_internal/utils/pep621.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
from collections.abc import Generator, Iterable, Iterator
from itertools import chain
from os.path import dirname, join
from pathlib import PurePosixPath
from typing import TYPE_CHECKING, Any

from cyclonedx.exception.model import InvalidUriException
Expand Down Expand Up @@ -72,7 +73,7 @@ def project2licenses(project: dict[str, Any], lfac: 'LicenseFactory', *,
# per spec:
# > [...] a string value that is a relative file path [...].
# > Tools MUST assume the file’s encoding is UTF-8.
with open(join(dirname(fpath), plicense['file']), 'rb') as plicense_fileh:
with open(join(dirname(fpath), *PurePosixPath(plicense['file']).parts), 'rb') as plicense_fileh:
yield DisjunctiveLicense(name=f"declared license of '{project['name']}'",
acknowledgement=lack,
text=AttachedText(encoding=Encoding.BASE_64,
Expand Down
21 changes: 20 additions & 1 deletion tests/integration/test_utils_pep621.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
# SPDX-License-Identifier: Apache-2.0
# Copyright (c) OWASP Foundation. All Rights Reserved.

from os import mkdir
from os.path import join
from tempfile import TemporaryDirectory
from unittest import TestCase
Expand Down Expand Up @@ -53,7 +54,25 @@ def test_project2licenses_license_dict_file(self) -> None:
}
lfac = LicenseFactory()
with TemporaryDirectory() as tmpdir:
with open(join(tmpdir, project['license']['file']), 'w') as tf:
with open(join(tmpdir, 'license.txt'), 'w') as tf:
tf.write('File license text')
licenses = list(project2licenses(project, lfac, fpath=join(tmpdir, 'pyproject.toml')))
self.assertEqual(len(licenses), 1)
lic = licenses[0]
self.assertIsInstance(lic, DisjunctiveLicense)
self.assertIs(lic.text.encoding, Encoding.BASE_64)
self.assertEqual(lic.text.content, 'RmlsZSBsaWNlbnNlIHRleHQ=')
self.assertEqual(lic.acknowledgement, LicenseAcknowledgement.DECLARED)

def test_project2licenses_license_dict_file_in_subfolder(self) -> None:
project = {
'name': 'testpkg',
'license': {'file': 'foo/license.txt'},
}
lfac = LicenseFactory()
with TemporaryDirectory() as tmpdir:
mkdir(join(tmpdir, 'foo'))
with open(join(tmpdir, 'foo', 'license.txt'), 'w') as tf:
tf.write('File license text')
licenses = list(project2licenses(project, lfac, fpath=join(tmpdir, 'pyproject.toml')))
self.assertEqual(len(licenses), 1)
Expand Down