for_packages field not populated for Package Resources

aboutcode-org / scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!

https://github.com/aboutcode-org/scancode-toolkit/releases/

2.1k stars 544 forks source link

for_packages field not populated for Package Resources #2929

Open JonoYang opened 2 years ago

JonoYang commented 2 years ago

I am scanning electron v 3.1.11 from npm (https://www.npmjs.com/package/electron) and I do not see any values in the for_packages field for the scanned Resources, other than the package.json Resource. I expect that all of the files neighboring package.json would also have their for_packages field set.

JonoYang commented 2 years ago

It doesn't appear that assign_package_to_resources isn't being entered in https://github.com/nexB/scancode-toolkit/blob/develop/src/packagedcode/npm.py#L85 . I've put a print statement in that method and no messages show up when I run a scan.

JonoYang commented 2 years ago

@pombredanne

I've noticed that in packagedcode.npm.BaseNpmHandler.assemble that it made no calls to assign_package_to_resources, so I've made that change in my branch (https://github.com/nexB/scancode-toolkit/blob/37db949e9918932b7cc6454936f829dfb22bd213/src/packagedcode/npm.py#L56), however, it doesn't seem like we are entering the assign_package_to_resources method on packagedcode.npm.BaseNpmHandler.