:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
When using --from-json it is possible to pass directories instead of regular files, resulting in a crash.
How To Reproduce
$ ./scancode --from-json /tmp/bla --yaml /tmp/scancode.yaml
Setup plugins...
Collect file inventory...
Removing temporary files...done.
Usage: scancode [OPTIONS] <OUTPUT FORMAT OPTION(s)> <input>...
Try the 'scancode --help' option for help on options and arguments.
Error: Invalid value: ERROR: failed to collect codebase at: '/tmp/bla'
Traceback (most recent call last):
File "/home/armijn/git/scancode-toolkit/venv/lib/python3.10/site-packages/commoncode/resource.py", line 1685, in _get_scan_data_helper
return json.loads(location)
File "/usr/lib64/python3.10/json/__init__.py", line 346, in loads
return _default_decoder.decode(s)
File "/usr/lib64/python3.10/json/decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "/usr/lib64/python3.10/json/decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/armijn/git/scancode-toolkit/src/scancode/cli.py", line 844, in run_scan
codebase = codebase_class(
File "/home/armijn/git/scancode-toolkit/venv/lib/python3.10/site-packages/commoncode/resource.py", line 1676, in __init__
scan_data = self._get_scan_data(location)
File "/home/armijn/git/scancode-toolkit/venv/lib/python3.10/site-packages/commoncode/resource.py", line 1736, in _get_scan_data
return self._get_scan_data_helper(location)
File "/home/armijn/git/scancode-toolkit/venv/lib/python3.10/site-packages/commoncode/resource.py", line 1689, in _get_scan_data_helper
with open(location) as f:
IsADirectoryError: [Errno 21] Is a directory: '/tmp/bla'
System configuration
For bug reports, it really helps us to know:
What OS are you running on? (Windows/MacOS/Linux)
What version of scancode-toolkit was used to generate the scan file?
What installation method was used to install/run scancode? (pip/source download/other)
pombredanne
commented
11 months ago
Description
Related to #3588, #3589, #3590 and #3591
When using
--from-jsonit is possible to pass directories instead of regular files, resulting in a crash.How To Reproduce
System configuration