Describe the bug
An AttributeError is raised by pep621.py, because it tries to use 'get()' on a str value, when parsing the license string from a pyproject.toml file given with --pyproject while also using the --pep639 switch.
To Reproduce
Use a pyproject.toml file with 'license' being just a string, not a table.
See note in https://packaging.python.org/en/latest/guides/writing-pyproject-toml/#license-and-license-files about the fact that it was a table in PEP 621 but changed to string in PEP 639)
e.g. a pyproject.toml with a PEP 639 license entry like this.
[project]
name = "platform"
dynamic = ["version"]
description = "Platform"
readme = {file = "README.md", content-type = "text/markdown"}
license = "LicenseRef-Platform-Software-General-1.0"
license-files = []
Expected behavior
No error, handle PEP 639 format (especially when --pep639 is explicitly given on the command line).
Screenshots or output-paste
Commandline was:
sbom/Scripts/cyclonedx-py environment --output-format=xml --schema-version=1.5 --output-reproducible --output-file=".sboms/py.bom.xml" --pyproject="./pyproject.toml" --PEP-639 --gather-license-texts -vvv
Output:
DEBUG | CDX > Error: 'str' object has no attribute 'get'
Traceback (most recent call last):
File "C:\code\repos\platform\sbom\Lib\site-packages\cyclonedx_py\_internal\cli.py", line 289, in run
Command(**args, logger=logger)(**args)
File "C:\code\repos\platform\sbom\Lib\site-packages\cyclonedx_py\_internal\cli.py", line 251, in __call__
bom = self._make_bom(**kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\code\repos\platform\sbom\Lib\site-packages\cyclonedx_py\_internal\cli.py", line 246, in _make_bom
return self._bbc(**self._clean_kwargs(kwargs))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\code\repos\platform\sbom\Lib\site-packages\cyclonedx_py\_internal\environment.py", line 154, in __call__
root_c = pyproject2component(pyproject, ctype=mc_type, fpath=pyproject_file)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\code\repos\platform\sbom\Lib\site-packages\cyclonedx_py\_internal\utils\pyproject.py", line 40, in pyproject2component
return project2component(project, ctype=ctype, fpath=fpath)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\code\repos\platform\sbom\Lib\site-packages\cyclonedx_py\_internal\utils\pep621.py", line 113, in project2component
licenses=licenses_fixup(project2licenses(project, LicenseFactory(), fpath=fpath)),
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\code\repos\platform\sbom\Lib\site-packages\cyclonedx_py\_internal\utils\cdx.py", line 99, in licenses_fixup
licenses = set(licenses)
^^^^^^^^^^^^^
File "C:\code\repos\platform\sbom\Lib\site-packages\cyclonedx_py\_internal\utils\pep621.py", line 81, in project2licenses
elif len(plicense_text := plicense.get('text', '')) > 0:
^^^^^^^^^^^^
AttributeError: 'str' object has no attribute 'get'
CRITICAL | CDX > 'str' object has no attribute 'get'
Environment
- cyclonedx-py version: 6.1.1
- Python version: 3.11.0
- OS: Win 10
Additional context
Contribution
Describe the bug
An AttributeError is raised by pep621.py, because it tries to use 'get()' on a str value, when parsing the license string from a
pyproject.tomlfile given with--pyprojectwhile also using the--pep639switch.To Reproduce
Use a
pyproject.tomlfile with 'license' being just a string, not a table.See note in https://packaging.python.org/en/latest/guides/writing-pyproject-toml/#license-and-license-files about the fact that it was a table in PEP 621 but changed to string in PEP 639)
e.g. a
pyproject.tomlwith a PEP 639 license entry like this.Expected behavior
No error, handle PEP 639 format (especially when --pep639 is explicitly given on the command line).
Screenshots or output-paste
Commandline was:
Output:
Environment
Additional context
Contribution