Dependencies

Dependencies

class ghastoolkit.Dependencies(iterable=None)

Set-like collection of Dependencies with list compatibility.

__contains__(dependency: Dependency) bool

Check if dependency is in the collection.

__getitem__(key)

Support for index-based access for backward compatibility.

__init__(iterable=None)

Initialize with an optional iterable.

__iter__()

Iterator protocol support.

__len__()

Return count of dependencies.

__setitem__(key, value)

Support for index-based setting for backward compatibility.

add(dependency: Dependency, repository: Repository = None)

Add a dependency to the set.

append(dependency: Dependency)

Append is an alias for .add, for backwards compatibility.

applyClearlyDefined()

Reachout to ClearlyDefinded API, get the licenses for a component, and update all the Dependencies.

applyLicenses(licenses: Licenses)

Given a list of licenses (Licenses) apply a license.

contains(dependency: Dependency, version: bool = False) bool

Contains the dependency.

Parameters:
  • dependency – Dependency to check

  • version – Check the version as well

Returns:

True if the dependency is in the list

Return type:

bool

exportBOM(tool: str, path: str, sha: str = '', ref: str = '', version: str = '0.0.0', url: str = '') dict

Create a dependency graph submission JSON payload for GitHub.

extend(dependencies: Dependencies)

Extends Dependencies with another list of Dependencies.

find(name: str) Dependency | None

Find by name.

findDirectDependencies() Dependencies

Find all the direct dependencies.

findLicenses(licenses: list[str]) Dependencies

Find dependencies with a given license.

findNames(names: list[str]) Dependencies

Find by Name using wildcards.

findPurl(purl: str) Dependency | None

Find by PURL.

findUnknownLicenses(licenses: list[str] | None = None) Dependencies

Find all the dependencies with no licensing information.

static loadSpdx(path: str) Dependencies

Load a SPDX file into the Dependencies list.

static loadSpdxSbom(data: dict) Dependencies

Load a SBOM into the Dependencies list.

pop(value: str | int | Dependency) Dependency

Pop allows you to remove an element from the set and return it.

remove(dependency: Dependency)

Remove a dependency from the set.

updateDependencies(dependencies: Dependencies)

Update a list of dependencies.

updateDependency(dependency: Dependency)

Update a dependency in our list with the incoming information.