phalus 0.6.0

Private Headless Automated License Uncoupling System — AI-powered clean room software reimplementation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157

/// Scan result persistence: save and load `ScanResult` as JSON files
/// under `~/.phalus/scans/`.
use std::path::PathBuf;

use anyhow::{Context, Result};
use tracing::debug;

use crate::ScanResult;

// ---------------------------------------------------------------------------
// Paths
// ---------------------------------------------------------------------------

/// Returns `~/.phalus/scans/` (creates it if absent).
pub fn scans_dir() -> Result<PathBuf> {
    let base = dirs::home_dir()
        .context("cannot determine home directory")?
        .join(".phalus")
        .join("scans");
    std::fs::create_dir_all(&base)
        .with_context(|| format!("cannot create scans directory: {}", base.display()))?;
    Ok(base)
}

fn scan_path(id: &str) -> Result<PathBuf> {
    Ok(scans_dir()?.join(format!("{}.json", id)))
}

// ---------------------------------------------------------------------------
// Save / load
// ---------------------------------------------------------------------------

/// Persist a `ScanResult` to `~/.phalus/scans/{id}.json`.
pub fn save(result: &ScanResult) -> Result<PathBuf> {
    let path = scan_path(&result.id)?;
    let json = serde_json::to_string_pretty(result).context("failed to serialize scan result")?;
    std::fs::write(&path, json)
        .with_context(|| format!("failed to write scan result: {}", path.display()))?;
    debug!("Saved scan {} to {}", result.id, path.display());
    Ok(path)
}

/// Load a `ScanResult` by its ID.
pub fn load(id: &str) -> Result<ScanResult> {
    let path = scan_path(id)?;
    let json = std::fs::read_to_string(&path).with_context(|| format!("scan {} not found", id))?;
    serde_json::from_str(&json).with_context(|| format!("invalid scan data for {}", id))
}

/// List all stored scan results, sorted by `scanned_at` descending.
pub fn list_all() -> Result<Vec<ScanResult>> {
    let dir = scans_dir()?;
    let mut results: Vec<ScanResult> = Vec::new();

    for entry in std::fs::read_dir(&dir)
        .with_context(|| format!("cannot read scans directory: {}", dir.display()))?
    {
        let entry = entry?;
        let path = entry.path();
        if path.extension().and_then(|e| e.to_str()) != Some("json") {
            continue;
        }
        match std::fs::read_to_string(&path) {
            Ok(json) => match serde_json::from_str::<ScanResult>(&json) {
                Ok(r) => results.push(r),
                Err(e) => {
                    tracing::warn!("Skipping corrupt scan file {}: {}", path.display(), e);
                }
            },
            Err(e) => {
                tracing::warn!("Cannot read {}: {}", path.display(), e);
            }
        }
    }

    results.sort_by(|a, b| b.scanned_at.cmp(&a.scanned_at));
    Ok(results)
}

/// Delete a stored scan by ID. Returns `true` if it existed.
pub fn delete(id: &str) -> Result<bool> {
    let path = scan_path(id)?;
    if path.exists() {
        std::fs::remove_file(&path).with_context(|| format!("failed to delete scan {}", id))?;
        Ok(true)
    } else {
        Ok(false)
    }
}

/// Delete all stored scans. Returns the number deleted.
pub fn delete_all() -> Result<usize> {
    let dir = scans_dir()?;
    if !dir.exists() {
        return Ok(0);
    }
    let mut count = 0;
    for entry in std::fs::read_dir(&dir)? {
        let entry = entry?;
        if entry.path().extension().is_some_and(|e| e == "json") {
            std::fs::remove_file(entry.path())?;
            count += 1;
        }
    }
    Ok(count)
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::{Ecosystem, LicenseClass, ScanResult, ScannedPackage};
    use chrono::Utc;

    fn make_result(id: &str) -> ScanResult {
        ScanResult {
            id: id.to_string(),
            path: "/tmp/test".to_string(),
            scanned_at: Utc::now(),
            packages: vec![ScannedPackage {
                name: "lodash".to_string(),
                version: "4.17.21".to_string(),
                ecosystem: Ecosystem::Npm,
                raw_license: Some("MIT".to_string()),
                spdx_license: Some("MIT".to_string()),
                classification: LicenseClass::Permissive,
                source: "manifest".to_string(),
            }],
            manifest_files: vec!["/tmp/test/package.json".to_string()],
            sbom_files: vec![],
        }
    }

    #[test]
    fn round_trip_save_load() {
        let result = make_result("store-test-round-trip");
        save(&result).unwrap();
        let loaded = load("store-test-round-trip").unwrap();
        assert_eq!(loaded.id, result.id);
        assert_eq!(loaded.packages.len(), 1);
        assert_eq!(loaded.packages[0].spdx_license.as_deref(), Some("MIT"));
        // Cleanup
        delete("store-test-round-trip").unwrap();
    }

    #[test]
    fn load_missing_returns_err() {
        assert!(load("nonexistent-scan-id-xyz").is_err());
    }

    #[test]
    fn delete_existing() {
        let result = make_result("store-test-delete");
        save(&result).unwrap();
        assert!(delete("store-test-delete").unwrap());
        assert!(!delete("store-test-delete").unwrap());
    }
}