6 files changed, 0 insertions, 143 deletions
diff --git a/scripts/contrib/oe-image-files-spdx/.gitignore b/scripts/contrib/oe-image-files-spdx/.gitignore
deleted file mode 100644
index 285851c984..0000000000
--- a/scripts/contrib/oe-image-files-spdx/.gitignore
+++ /dev/null
@@ -1,8 +0,0 @@
-*.spdx.json
-*.pyc
-*.bak
-*.swp
-*.swo
-*.swn
-venv/*
-.venv/*
diff --git a/scripts/contrib/oe-image-files-spdx/README.md b/scripts/contrib/oe-image-files-spdx/README.md
deleted file mode 100644
index 44f76eacd8..0000000000
--- a/scripts/contrib/oe-image-files-spdx/README.md
+++ /dev/null
@@ -1,24 +0,0 @@
-# OE Image Files from SBoM
-This is an example python script that will list the packaged files with their
-checksums based on the SPDX 3.0.1 SBoM.
-It can be used as a template for other programs to investigate output based on
-OE SPDX SBoMs
-## Installation
-This project can be installed using an virtual environment:
-```
-python3 -m venv .venv
-.venv/bin/activate
-python3 -m pip install -e '.[dev]'
-```
-## Usage
-After installing, the `oe-image-files` program can be used to show the files, e.g.:
-```
-oe-image-files core-image-minimal-qemux86-64.rootfs.spdx.json
-```
diff --git a/scripts/contrib/oe-image-files-spdx/pyproject.toml b/scripts/contrib/oe-image-files-spdx/pyproject.toml
deleted file mode 100644
index 3fab5dd605..0000000000
--- a/scripts/contrib/oe-image-files-spdx/pyproject.toml
+++ /dev/null
@@ -1,23 +0,0 @@
-[project]
-name = "oe-image-files"
-description = "Displays all packaged files on the root file system"
-dynamic = ["version"]
-requires-python = ">= 3.8"
-readme = "README.md"
-dependencies = [
-    "spdx_python_model @ git+https://github.com/spdx/spdx-python-model.git@aa40861f11d1b5d20edba7101835341a70d91179",
-]
-[project.scripts]
-oe-image-files = "oe_image_files:main"
-[build-system]
-requires = ["hatchling"]
-build-backend = "hatchling.build"
-[tool.hatch.version]
-path = "src/oe_image_files/version.py"
-[tool.hatch.metadata]
-allow-direct-references = true
diff --git a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/__init__.py b/scripts/contrib/oe-image-files-spdx/src/oe_image_files/__init__.py
deleted file mode 100644
index c28a133f2d..0000000000
--- a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/__init__.py
+++ /dev/null
@@ -1 +0,0 @@
-from .main import main
diff --git a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/main.py b/scripts/contrib/oe-image-files-spdx/src/oe_image_files/main.py
deleted file mode 100644
index 8476bf6369..0000000000
--- a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/main.py
+++ /dev/null
@@ -1,86 +0,0 @@
-# SPDX-License-Identifier: MIT
-import argparse
-from pathlib import Path
-from spdx_python_model import v3_0_1 as spdx_3_0_1
-from .version import VERSION
-def main():
-    parser = argparse.ArgumentParser(
-        description="Show the packaged files and checksums in an OE image from the SPDX SBoM"
-    )
-    parser.add_argument("file", help="SPDX 3 input file", type=Path)
-    parser.add_argument("--version", "-V", action="version", version=VERSION)
-    args = parser.parse_args()
-    # Load SPDX data from file into a new object set
-    objset = spdx_3_0_1.SHACLObjectSet()
-    with args.file.open("r") as f:
-        d = spdx_3_0_1.JSONLDDeserializer()
-        d.read(f, objset)
-    # Find the top level SPDX Document object
-    for o in objset.foreach_type(spdx_3_0_1.SpdxDocument):
-        doc = o
-        break
-    else:
-        print("ERROR: No SPDX Document found!")
-        return 1
-    # Find the root SBoM in the document
-    for o in doc.rootElement:
-        if isinstance(o, spdx_3_0_1.software_Sbom):
-            sbom = o
-            break
-    else:
-        print("ERROR: SBoM not found in document")
-        return 1
-    # Find the root file system package in the SBoM
-    for o in sbom.rootElement:
-        if (
-            isinstance(o, spdx_3_0_1.software_Package)
-            and o.software_primaryPurpose == spdx_3_0_1.software_SoftwarePurpose.archive
-        ):
-            root_package = o
-            break
-    else:
-        print("ERROR: Package not found in document")
-        return 1
-    # Find all relationships of type "contains" that go FROM the root file
-    # system
-    files = []
-    for rel in objset.foreach_type(spdx_3_0_1.Relationship):
-        if not rel.relationshipType == spdx_3_0_1.RelationshipType.contains:
-            continue
-        if not rel.from_ is root_package:
-            continue
-        # Iterate over all files in the TO of the relationship
-        for o in rel.to:
-            if not isinstance(o, spdx_3_0_1.software_File):
-                continue
-            # Find the SHA 256 hash of the file (if any)
-            for h in o.verifiedUsing:
-                if (
-                    isinstance(h, spdx_3_0_1.Hash)
-                    and h.algorithm == spdx_3_0_1.HashAlgorithm.sha256
-                ):
-                    files.append((o.name, h.hashValue))
-                    break
-            else:
-                files.append((o.name, ""))
-    # Print files
-    files.sort(key=lambda x: x[0])
-    for name, hash_val in files:
-        print(f"{name} - {hash_val}")
-    return 0
diff --git a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/version.py b/scripts/contrib/oe-image-files-spdx/src/oe_image_files/version.py
deleted file mode 100644
index 901e5110b2..0000000000
--- a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/version.py
+++ /dev/null
@@ -1 +0,0 @@
-VERSION = "0.0.1"

diff --git a/scripts/contrib/oe-image-files-spdx/.gitignore b/scripts/contrib/oe-image-files-spdx/.gitignore deleted file mode 100644 index 285851c984..0000000000 --- a/scripts/contrib/oe-image-files-spdx/.gitignore +++ /dev/null
@@ -1,8 +0,0 @@
1	*.spdx.json
2	*.pyc
3	*.bak
4	*.swp
5	*.swo
6	*.swn
7	venv/*
8	.venv/*


diff --git a/scripts/contrib/oe-image-files-spdx/README.md b/scripts/contrib/oe-image-files-spdx/README.md deleted file mode 100644 index 44f76eacd8..0000000000 --- a/scripts/contrib/oe-image-files-spdx/README.md +++ /dev/null
@@ -1,24 +0,0 @@
1	# OE Image Files from SBoM
2
3	This is an example python script that will list the packaged files with their
4	checksums based on the SPDX 3.0.1 SBoM.
5
6	It can be used as a template for other programs to investigate output based on
7	OE SPDX SBoMs
8
9	## Installation
10
11	This project can be installed using an virtual environment:
12	```
13	python3 -m venv .venv
14	.venv/bin/activate
15	python3 -m pip install -e '.[dev]'
16	```
17
18	## Usage
19
20	After installing, the `oe-image-files` program can be used to show the files, e.g.:
21
22	```
23	oe-image-files core-image-minimal-qemux86-64.rootfs.spdx.json
24	```


diff --git a/scripts/contrib/oe-image-files-spdx/pyproject.toml b/scripts/contrib/oe-image-files-spdx/pyproject.toml deleted file mode 100644 index 3fab5dd605..0000000000 --- a/scripts/contrib/oe-image-files-spdx/pyproject.toml +++ /dev/null
@@ -1,23 +0,0 @@
1	[project]
2	name = "oe-image-files"
3	description = "Displays all packaged files on the root file system"
4	dynamic = ["version"]
5	requires-python = ">= 3.8"
6	readme = "README.md"
7
8	dependencies = [
9	"spdx_python_model @ git+https://github.com/spdx/spdx-python-model.git@aa40861f11d1b5d20edba7101835341a70d91179",
10	]
11
12	[project.scripts]
13	oe-image-files = "oe_image_files:main"
14
15	[build-system]
16	requires = ["hatchling"]
17	build-backend = "hatchling.build"
18
19	[tool.hatch.version]
20	path = "src/oe_image_files/version.py"
21
22	[tool.hatch.metadata]
23	allow-direct-references = true


diff --git a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/__init__.py b/scripts/contrib/oe-image-files-spdx/src/oe_image_files/__init__.py deleted file mode 100644 index c28a133f2d..0000000000 --- a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/__init__.py +++ /dev/null
@@ -1 +0,0 @@
1	from .main import main


diff --git a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/main.py b/scripts/contrib/oe-image-files-spdx/src/oe_image_files/main.py deleted file mode 100644 index 8476bf6369..0000000000 --- a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/main.py +++ /dev/null
@@ -1,86 +0,0 @@
1	# SPDX-License-Identifier: MIT
2
3	import argparse
4	from pathlib import Path
5
6
7	from spdx_python_model import v3_0_1 as spdx_3_0_1
8	from .version import VERSION
9
10
11	def main():
12	parser = argparse.ArgumentParser(
13	description="Show the packaged files and checksums in an OE image from the SPDX SBoM"
14	)
15	parser.add_argument("file", help="SPDX 3 input file", type=Path)
16	parser.add_argument("--version", "-V", action="version", version=VERSION)
17
18	args = parser.parse_args()
19
20	# Load SPDX data from file into a new object set
21	objset = spdx_3_0_1.SHACLObjectSet()
22	with args.file.open("r") as f:
23	d = spdx_3_0_1.JSONLDDeserializer()
24	d.read(f, objset)
25
26	# Find the top level SPDX Document object
27	for o in objset.foreach_type(spdx_3_0_1.SpdxDocument):
28	doc = o
29	break
30	else:
31	print("ERROR: No SPDX Document found!")
32	return 1
33
34	# Find the root SBoM in the document
35	for o in doc.rootElement:
36	if isinstance(o, spdx_3_0_1.software_Sbom):
37	sbom = o
38	break
39	else:
40	print("ERROR: SBoM not found in document")
41	return 1
42
43	# Find the root file system package in the SBoM
44	for o in sbom.rootElement:
45	if (
46	isinstance(o, spdx_3_0_1.software_Package)
47	and o.software_primaryPurpose == spdx_3_0_1.software_SoftwarePurpose.archive
48	):
49	root_package = o
50	break
51	else:
52	print("ERROR: Package not found in document")
53	return 1
54
55	# Find all relationships of type "contains" that go FROM the root file
56	# system
57	files = []
58	for rel in objset.foreach_type(spdx_3_0_1.Relationship):
59	if not rel.relationshipType == spdx_3_0_1.RelationshipType.contains:
60	continue
61
62	if not rel.from_ is root_package:
63	continue
64
65	# Iterate over all files in the TO of the relationship
66	for o in rel.to:
67	if not isinstance(o, spdx_3_0_1.software_File):
68	continue
69
70	# Find the SHA 256 hash of the file (if any)
71	for h in o.verifiedUsing:
72	if (
73	isinstance(h, spdx_3_0_1.Hash)
74	and h.algorithm == spdx_3_0_1.HashAlgorithm.sha256
75	):
76	files.append((o.name, h.hashValue))
77	break
78	else:
79	files.append((o.name, ""))
80
81	# Print files
82	files.sort(key=lambda x: x[0])
83	for name, hash_val in files:
84	print(f"{name} - {hash_val}")
85
86	return 0


diff --git a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/version.py b/scripts/contrib/oe-image-files-spdx/src/oe_image_files/version.py deleted file mode 100644 index 901e5110b2..0000000000 --- a/scripts/contrib/oe-image-files-spdx/src/oe_image_files/version.py +++ /dev/null
@@ -1 +0,0 @@
1	VERSION = "0.0.1"