Dependencies¶

Dependencies¶

class ghastoolkit.Dependencies(iterable=None)¶

Set-like collection of Dependencies with list compatibility.

__contains__(dependency: Dependency) → bool¶: Check if dependency is in the collection.

__getitem__(key)¶: Support for index-based access for backward compatibility.

__init__(iterable=None)¶: Initialize with an optional iterable.

__iter__()¶: Iterator protocol support.

__len__()¶: Return count of dependencies.

__setitem__(key, value)¶: Support for index-based setting for backward compatibility.

add(dependency: Dependency, repository: Repository = None)¶: Add a dependency to the set.

append(dependency: Dependency)¶: Append is an alias for .add, for backwards compatibility.

applyClearlyDefined()¶: Reachout to ClearlyDefinded API, get the licenses for a component, and update all the Dependencies.

applyLicenses(licenses: Licenses)¶: Given a list of licenses (Licenses) apply a license.

contains(dependency: Dependency, version: bool = False) → bool¶

Contains the dependency.

Parameters:

dependency – Dependency to check
version – Check the version as well

Returns:

True if the dependency is in the list

Return type:

bool

exportBOM(tool: str, path: str, sha: str = '', ref: str = '', version: str = '0.0.0', url: str = '') → dict¶: Create a dependency graph submission JSON payload for GitHub.

extend(dependencies: Dependencies)¶: Extends Dependencies with another list of Dependencies.

find(name: str) → Dependency | None¶: Find by name.

findDirectDependencies() → Dependencies¶: Find all the direct dependencies.

findLicenses(licenses: list[str]) → Dependencies¶: Find dependencies with a given license.

findNames(names: list[str]) → Dependencies¶: Find by Name using wildcards.

findPurl(purl: str) → Dependency | None¶: Find by PURL.

findUnknownLicenses(licenses: list[str] | None = None) → Dependencies¶: Find all the dependencies with no licensing information.

static loadSpdx(path: str) → Dependencies¶: Load a SPDX file into the Dependencies list.

static loadSpdxSbom(data: dict) → Dependencies¶: Load a SBOM into the Dependencies list.

pop(value: str | int | Dependency) → Dependency¶: Pop allows you to remove an element from the set and return it.

remove(dependency: Dependency)¶: Remove a dependency from the set.

updateDependencies(dependencies: Dependencies)¶: Update a list of dependencies.

updateDependency(dependency: Dependency)¶: Update a dependency in our list with the incoming information.