diff options
author | Steve Winslow <steve@swinslow.net> | 2020-05-10 14:54:30 -0400 |
---|---|---|
committer | Steve Winslow <steve@swinslow.net> | 2020-05-10 14:54:30 -0400 |
commit | d1a01f0c01c3d1095ff4a43088daacf3cf6edee2 (patch) | |
tree | 8cb8e346e7f351f5668458aee4212ecb83dfdb99 /examples | |
parent | 003280a3d97db9ecba61cfe6fad1a0a5f9e4529a (diff) | |
download | spdx-tools-d1a01f0c01c3d1095ff4a43088daacf3cf6edee2.tar.gz |
Refactor examples to handle element ID maps
Signed-off-by: Steve Winslow <steve@swinslow.net>
Diffstat (limited to 'examples')
-rw-r--r-- | examples/1-load/example_load.go | 67 | ||||
-rw-r--r-- | examples/5-report/example_report.go | 52 | ||||
-rw-r--r-- | examples/6-licensediff/example_licensediff.go | 95 | ||||
-rw-r--r-- | examples/README.md | 7 |
4 files changed, 137 insertions, 84 deletions
diff --git a/examples/1-load/example_load.go b/examples/1-load/example_load.go index 7cc9575..e2af1ac 100644 --- a/examples/1-load/example_load.go +++ b/examples/1-load/example_load.go @@ -11,6 +11,7 @@ import ( "fmt" "os" + "github.com/spdx/tools-golang/spdxlib" "github.com/spdx/tools-golang/tvloader" ) @@ -53,40 +54,50 @@ func main() { fmt.Printf("==============\n") fmt.Printf("%#v\n\n", doc.CreationInfo) - // check whether the SPDX file has at least one package - if doc.Packages == nil || len(doc.Packages) < 1 { - fmt.Printf("No packages found in SPDX document\n") + // check whether the SPDX file has at least one package that it describes + pkgIDs, err := spdxlib.GetDescribedPackageIDs2_1(doc) + if err != nil { + fmt.Printf("Unable to get describe packages from SPDX document: %v\n", err) return } - // it does, so we'll choose the first one - pkg := doc.Packages[0] + // it does, so we'll go through each one + for _, pkgID := range pkgIDs { + pkg, ok := doc.Packages[pkgID] + if !ok { + fmt.Printf("Package %s has described relationship but ID not found\n", string(pkgID)) + continue + } - // check whether the package had its files analyzed - if !pkg.FilesAnalyzed { - fmt.Printf("First Package (%s) had FilesAnalyzed: false\n", pkg.PackageName) - return - } + // check whether the package had its files analyzed + if !pkg.FilesAnalyzed { + fmt.Printf("Package %s (%s) had FilesAnalyzed: false\n", string(pkgID), pkg.PackageName) + continue + } - // also check whether the package has any files present - if pkg.Files == nil || len(pkg.Files) < 1 { - fmt.Printf("No Files found in first Package (%s)\n", pkg.PackageName) - return - } + // also check whether the package has any files present + if pkg.Files == nil || len(pkg.Files) < 1 { + fmt.Printf("Package %s (%s) has no Files\n", string(pkgID), pkg.PackageName) + continue + } - // if we got here, there's at least one file - // print the filename and license info for the first 50 - fmt.Printf("============================\n") - fmt.Printf("Files info (up to first 50):\n") - fmt.Printf("============================\n") - i := 1 - for _, f := range pkg.Files { - fmt.Printf("File %d: %s\n", i, f.FileName) - fmt.Printf(" License from file: %v\n", f.LicenseInfoInFile) - fmt.Printf(" License concluded: %v\n", f.LicenseConcluded) - i++ - if i > 50 { - break + // if we got here, there's at least one file + // print the filename and license info for the first 50 + fmt.Printf("============================\n") + fmt.Printf("Package %s (%s)\n", string(pkgID), pkg.PackageName) + fmt.Printf("File info (up to first 50):\n") + i := 1 + for _, f := range pkg.Files { + // note that these will be in random order, since we're pulling + // from a map. if we care about order, we should first pull the + // IDs into a slice, sort it, and then print the ordered files. + fmt.Printf("- File %d: %s\n", i, f.FileName) + fmt.Printf(" License from file: %v\n", f.LicenseInfoInFile) + fmt.Printf(" License concluded: %v\n", f.LicenseConcluded) + i++ + if i > 50 { + break + } } } } diff --git a/examples/5-report/example_report.go b/examples/5-report/example_report.go index fff3439..e4250be 100644 --- a/examples/5-report/example_report.go +++ b/examples/5-report/example_report.go @@ -13,6 +13,7 @@ import ( "os" "github.com/spdx/tools-golang/reporter" + "github.com/spdx/tools-golang/spdxlib" "github.com/spdx/tools-golang/tvloader" ) @@ -46,32 +47,41 @@ func main() { // if we got here, the file is now loaded into memory. fmt.Printf("Successfully loaded %s\n\n", filename) - // check whether the SPDX file has at least one package - if doc.Packages == nil || len(doc.Packages) < 1 { - fmt.Printf("No packages found in SPDX document\n") + // check whether the SPDX file has at least one package that it describes + pkgIDs, err := spdxlib.GetDescribedPackageIDs2_1(doc) + if err != nil { + fmt.Printf("Unable to get describe packages from SPDX document: %v\n", err) return } - // it does, so we'll choose the first one - pkg := doc.Packages[0] + // it does, so we'll go through each one + for _, pkgID := range pkgIDs { + pkg, ok := doc.Packages[pkgID] + if !ok { + fmt.Printf("Package %s has described relationship but ID not found\n", string(pkgID)) + continue + } - // check whether the package had its files analyzed - if !pkg.FilesAnalyzed { - fmt.Printf("First Package (%s) had FilesAnalyzed: false\n", pkg.PackageName) - return - } + // check whether the package had its files analyzed + if !pkg.FilesAnalyzed { + fmt.Printf("Package %s (%s) had FilesAnalyzed: false\n", string(pkgID), pkg.PackageName) + return + } - // also check whether the package has any files present - if pkg.Files == nil || len(pkg.Files) < 1 { - fmt.Printf("No Files found in first Package (%s)\n", pkg.PackageName) - return - } + // also check whether the package has any files present + if pkg.Files == nil || len(pkg.Files) < 1 { + fmt.Printf("Package %s (%s) has no Files\n", string(pkgID), pkg.PackageName) + return + } - // if we got here, there's at least one file - // generate and print a report of the Package's Files' LicenseConcluded - // values, sorted by # of occurrences - err = reporter.Generate(pkg, os.Stdout) - if err != nil { - fmt.Printf("Error while generating report: %v\n", err) + // if we got here, there's at least one file + // generate and print a report of the Package's Files' LicenseConcluded + // values, sorted by # of occurrences + fmt.Printf("============================\n") + fmt.Printf("Package %s (%s)\n", string(pkgID), pkg.PackageName) + err = reporter.Generate(pkg, os.Stdout) + if err != nil { + fmt.Printf("Error while generating report: %v\n", err) + } } } diff --git a/examples/6-licensediff/example_licensediff.go b/examples/6-licensediff/example_licensediff.go index 3a7b401..567c909 100644 --- a/examples/6-licensediff/example_licensediff.go +++ b/examples/6-licensediff/example_licensediff.go @@ -3,10 +3,11 @@ // Example for: *licensediff*, *tvloader* // This example demonstrates loading two SPDX tag-value files from disk into -// memory, and generating a diff of the concluded licenses for Files in the -// first-listed Packages in each document. +// memory, and generating a diff of the concluded licenses for Files in +// Packages with matching IDs in each document. // This is generally only useful when run with two SPDX documents that -// describe licenses for subsequent versions of the same set of files. +// describe licenses for subsequent versions of the same set of files, AND if +// they have the same identifier in both documents. package main @@ -15,6 +16,7 @@ import ( "os" "github.com/spdx/tools-golang/licensediff" + "github.com/spdx/tools-golang/spdxlib" "github.com/spdx/tools-golang/tvloader" ) @@ -44,9 +46,10 @@ func main() { fmt.Printf("Error while parsing %v: %v", filenameFirst, err) return } - // make sure it has at least one Package - if len(docFirst.Packages) < 1 { - fmt.Printf("Error, no packages found in SPDX file %s\n", filenameFirst) + // check whether the SPDX file has at least one package that it describes + pkgIDsFirst, err := spdxlib.GetDescribedPackageIDs2_1(docFirst) + if err != nil { + fmt.Printf("Unable to get describe packages from first SPDX document: %v\n", err) return } @@ -68,39 +71,67 @@ func main() { fmt.Printf("Error while parsing %v: %v", filenameSecond, err) return } - // make sure it has at least one Package - if len(docSecond.Packages) < 1 { - fmt.Printf("Error, no packages found in SPDX file %s\n", filenameSecond) + // check whether the SPDX file has at least one package that it describes + pkgIDsSecond, err := spdxlib.GetDescribedPackageIDs2_1(docSecond) + if err != nil { + fmt.Printf("Unable to get describe packages from second SPDX document: %v\n", err) return } // if we got here, the file is now loaded into memory. fmt.Printf("Successfully loaded second SPDX file %s\n\n", filenameSecond) - // extract the first-listed package from each Document. - // (there could be more than one Package within a Document. For - // purposes of this example, we'll just look at the first one.) - // we've already confirmed above that each has at least one Package. - p1 := docFirst.Packages[0] - p2 := docSecond.Packages[0] - - // now, run a diff between the two - pairs, err := licensediff.MakePairs(p1, p2) - if err != nil { - fmt.Printf("Error generating licensediff pairs: %v\n", err) - return + // compare the described packages from each Document, by SPDX ID + // go through the first set first, report if they aren't in the second set + for _, pkgID := range pkgIDsFirst { + fmt.Printf("================================\n") + p1, okFirst := docFirst.Packages[pkgID] + if !okFirst { + fmt.Printf("Package %s has described relationship in first document but ID not found\n", string(pkgID)) + continue + } + fmt.Printf("Package %s (%s)\n", string(pkgID), p1.PackageName) + p2, okSecond := docSecond.Packages[pkgID] + if !okSecond { + fmt.Printf(" Found in first document, not found in second\n") + continue + } + + // now, run a diff between the two + pairs, err := licensediff.MakePairs(p1, p2) + if err != nil { + fmt.Printf(" Error generating licensediff pairs: %v\n", err) + continue + } + + // take the pairs and turn them into a more structured results set + resultSet, err := licensediff.MakeResults(pairs) + if err != nil { + fmt.Printf(" Error generating licensediff results set: %v\n", err) + continue + } + + // print some information about the results + fmt.Printf(" Files in first only: %d\n", len(resultSet.InFirstOnly)) + fmt.Printf(" Files in second only: %d\n", len(resultSet.InSecondOnly)) + fmt.Printf(" Files in both with different licenses: %d\n", len(resultSet.InBothChanged)) + fmt.Printf(" Files in both with same licenses: %d\n", len(resultSet.InBothSame)) } - // take the pairs and turn them into a more structured results set - resultSet, err := licensediff.MakeResults(pairs) - if err != nil { - fmt.Printf("Error generating licensediff results set: %v\n", err) - return + // now report if there are any package IDs in the second set that aren't + // in the first + for _, pkgID := range pkgIDsSecond { + p2, okSecond := docSecond.Packages[pkgID] + if !okSecond { + fmt.Printf("================================\n") + fmt.Printf("Package %s has described relationship in second document but ID not found\n", string(pkgID)) + continue + } + _, okFirst := docFirst.Packages[pkgID] + if !okFirst { + fmt.Printf("================================\n") + fmt.Printf("Package %s (%s)\n", string(pkgID), p2.PackageName) + fmt.Printf(" Found in second document, not found in first\n") + } } - - // print some information about the results - fmt.Printf("Files in first only: %d\n", len(resultSet.InFirstOnly)) - fmt.Printf("Files in second only: %d\n", len(resultSet.InSecondOnly)) - fmt.Printf("Files in both with different licenses: %d\n", len(resultSet.InBothChanged)) - fmt.Printf("Files in both with same licenses: %d\n", len(resultSet.InBothSame)) } diff --git a/examples/README.md b/examples/README.md index 26c6fe4..c62ce86 100644 --- a/examples/README.md +++ b/examples/README.md @@ -49,8 +49,9 @@ files, and printing the report to standard output. *licensediff*, *tvloader* This example demonstrates loading two SPDX tag-value files from disk into -memory, and generating a diff of the concluded licenses for Files in the -first-listed Packages in each document. +memory, and generating a diff of the concluded licenses for Files in Packages +with matching IDs in each document. This is generally only useful when run with two SPDX documents that describe -licenses for subsequent versions of the same set of files. +licenses for subsequent versions of the same set of files, AND if they have +the same identifier in both documents. |