diff --git a/ntia_conformance_checker/base_checker.py b/ntia_conformance_checker/base_checker.py index a1fbb29..2a07cdf 100644 --- a/ntia_conformance_checker/base_checker.py +++ b/ntia_conformance_checker/base_checker.py @@ -72,7 +72,7 @@ def output_json(self) -> dict: def output_html(self) -> str: """Abstract method to create a result in HTML format.""" - def __init__(self, file, validate=True): + def __init__(self, file, validate=True, compliance=""): """ Initialize the BaseChecker. @@ -81,6 +81,7 @@ def __init__(self, file, validate=True): validate (bool): Whether to validate the file. compliance (str): The compliance standard to be used. Defaults to "ntia". """ + self.compliance_standard = compliance self.parsing_error = [] self.validation_messages = "" diff --git a/ntia_conformance_checker/fsct_checker.py b/ntia_conformance_checker/fsct_checker.py index ccdffc5..dba26a1 100644 --- a/ntia_conformance_checker/fsct_checker.py +++ b/ntia_conformance_checker/fsct_checker.py @@ -179,7 +179,11 @@ def output_json(self): """Create a dict of results for outputting to JSON.""" # instantiate dict and fields that have > 1 level result = {} + result["parsingError"] = self.parsing_error + result["isConformant"] = self.compliant + if not self.parsing_error: + result["complianceStandard"] = self.compliance_standard result["sbomName"] = self.sbom_name result["componentNames"] = {} result["componentVersions"] = {} @@ -190,35 +194,31 @@ def output_json(self): result["timestampProvided"] = self.doc_timestamp result["dependencyRelationshipsProvided"] = self.dependency_relationships - result["componentNames"]["nonconformantComponents"] = ( - self.components_without_names - ) + result["componentNames"][ + "nonconformantComponents" + ] = self.components_without_names result["componentNames"]["allProvided"] = not self.components_without_names - result["componentVersions"]["nonconformantComponents"] = ( - self.components_without_versions - ) + result["componentVersions"][ + "nonconformantComponents" + ] = self.components_without_versions result["componentVersions"][ "allProvided" ] = not self.components_without_versions - result["componentIdentifiers"]["nonconformantComponents"] = ( - self.components_without_identifiers - ) + result["componentIdentifiers"][ + "nonconformantComponents" + ] = self.components_without_identifiers result["componentIdentifiers"][ "allProvided" ] = not self.components_without_identifiers - result["componentSuppliers"]["nonconformantComponents"] = ( - self.components_without_suppliers - ) + result["componentSuppliers"][ + "nonconformantComponents" + ] = self.components_without_suppliers result["componentSuppliers"][ "allProvided" ] = not self.components_without_suppliers result["totalNumberComponents"] = self.get_total_number_components() if self.validation_messages: result["validationMessages"] = list(map(str, self.validation_messages)) - else: - result["parsingError"] = self.parsing_error - - result["isFsct3Conformant"] = self.compliant return result diff --git a/ntia_conformance_checker/ntia_checker.py b/ntia_conformance_checker/ntia_checker.py index 4d9213e..438b825 100644 --- a/ntia_conformance_checker/ntia_checker.py +++ b/ntia_conformance_checker/ntia_checker.py @@ -13,7 +13,7 @@ class NTIAChecker(BaseChecker): """NTIA Minimum Elements check.""" - def __init__(self, file, validate=True): + def __init__(self, file, validate=True, compliance="ntia"): super().__init__(file=file, validate=validate) if self.doc: @@ -154,6 +154,10 @@ def output_json(self) -> dict: """Create a dict of results for outputting to JSON.""" # instantiate dict and fields that have > 1 level result = {} + result["parsingError"] = self.parsing_error + result["isConformant"] = self.compliant + result["isNtiaConformant"] = self.compliant # for backward compatibility + if not self.parsing_error: result["sbomName"] = self.sbom_name result["componentNames"] = {} @@ -165,35 +169,31 @@ def output_json(self) -> dict: result["timestampProvided"] = self.doc_timestamp result["dependencyRelationshipsProvided"] = self.dependency_relationships - result["componentNames"]["nonconformantComponents"] = ( - self.components_without_names - ) + result["componentNames"][ + "nonconformantComponents" + ] = self.components_without_names result["componentNames"]["allProvided"] = not self.components_without_names - result["componentVersions"]["nonconformantComponents"] = ( - self.components_without_versions - ) + result["componentVersions"][ + "nonconformantComponents" + ] = self.components_without_versions result["componentVersions"][ "allProvided" ] = not self.components_without_versions - result["componentIdentifiers"]["nonconformantComponents"] = ( - self.components_without_identifiers - ) + result["componentIdentifiers"][ + "nonconformantComponents" + ] = self.components_without_identifiers result["componentIdentifiers"][ "allProvided" ] = not self.components_without_identifiers - result["componentSuppliers"]["nonconformantComponents"] = ( - self.components_without_suppliers - ) + result["componentSuppliers"][ + "nonconformantComponents" + ] = self.components_without_suppliers result["componentSuppliers"][ "allProvided" ] = not self.components_without_suppliers result["totalNumberComponents"] = self.get_total_number_components() if self.validation_messages: result["validationMessages"] = list(map(str, self.validation_messages)) - else: - result["parsingError"] = self.parsing_error - - result["isNtiaConformant"] = self.compliant return result diff --git a/pyproject.toml b/pyproject.toml index 17ffc46..c60e77b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,16 +6,16 @@ build-backend = "setuptools.build_meta" name = "ntia_conformance_checker" version = "3.0.2" authors = [ - {name = "Josh Lin", email = "linynjosh@gmail.com"}, - {name = "John Speed Meyers", email = "johnmeyersster@gmail.com"} + { name = "Josh Lin", email = "linynjosh@gmail.com" }, + { name = "John Speed Meyers", email = "johnmeyersster@gmail.com" }, ] maintainers = [ - {name = "John Speed Meyers", email = "johnmeyersster@gmail.com"}, - {name = "Gary O'Neall", email = "gary@sourceauditor.com"}, - {name = "Josh Lin", email = "linynjosh@gmail.com"}, - {name = "SPDX group at the Linux Foundation and others", email = "spdx-implementers+owner@lists.spdx.org"}, + { name = "John Speed Meyers", email = "johnmeyersster@gmail.com" }, + { name = "Gary O'Neall", email = "gary@sourceauditor.com" }, + { name = "Josh Lin", email = "linynjosh@gmail.com" }, + { name = "SPDX group at the Linux Foundation and others", email = "spdx-implementers+owner@lists.spdx.org" }, ] -license = {text = "Apache-2.0"} +license = { text = "Apache-2.0" } description = "Check SPDX SBOM for NTIA minimum elements and common SBOM baseline attributes" readme = "README.md" classifiers = [ @@ -28,8 +28,11 @@ classifiers = [ "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", "Programming Language :: Python :: 3.13", + "Topic :: Security", + "Topic :: Software Development :: Libraries :: Python Modules", + "Topic :: System :: Systems Administration", ] -urls = {Homepage = "https://github.com/spdx/ntia-conformance-checker"} +urls = { Homepage = "https://github.com/spdx/ntia-conformance-checker" } requires-python = ">=3.8" keywords = [ "spdx", @@ -49,9 +52,6 @@ dependencies = ["spdx-tools==0.8.3"] [project.optional-dependencies] test = ["pytest"] -[tool.setuptools] -packages = ["ntia_conformance_checker"] - [project.scripts] # Both "ntia-checker" and "sbomcheck" are identical. # "ntia-checker" is kept for backward compatibility. @@ -59,3 +59,6 @@ packages = ["ntia_conformance_checker"] # to accommodate other compliance standards. ntia-checker = "ntia_conformance_checker.main:main" sbomcheck = "ntia_conformance_checker.main:main" + +[tool.setuptools] +packages = ["ntia_conformance_checker"]