-
-
Save KyMidd/a6b325e9e660628a107433598c6a45af to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Parse response by looping over sbom.packages to get all names and license types | |
| for package in response.json()['sbom']['packages']: | |
| # If license key not present, set to unknown | |
| if 'licenseConcluded' not in package: | |
| license = "Unknown" | |
| else: | |
| license = package['licenseConcluded'] | |
| # If license contains string GPL, print out repo name | |
| if "GPL" in license.upper(): | |
| print("- ⬅️ Copyleft licensed tool found:", package['name'], "with license:", license) | |
| # Write to CSV | |
| with open(GITHUB_ORG+"_repo_dependency_licensing.csv", 'a', newline='') as file: | |
| # Initialize writer | |
| writer = csv.writer(file) | |
| # Write data | |
| field = [GITHUB_ORG, repo, package['name'], license] | |
| writer.writerow(field) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment