IntelLabs · michaelbeale-IL · Apr 16, 2025 · Apr 16, 2025 · Apr 16, 2025
diff --git a/.coverage.jnathawa-mobl1.amr.corp.intel.com.5819.XXOGkbux b/.coverage.jnathawa-mobl1.amr.corp.intel.com.5819.XXOGkbux
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "superBOM"
-version = "0.2.0"
+version = "0.2.1"
 description = ""
 authors = ["Michael Beale <michael.beale@intel.com>"]
 license = "Apache-2.0"

diff --git a/src/superbom/main.py b/src/superbom/main.py
@@ -71,7 +71,7 @@ def save_results(results: Dict[str, pd.DataFrame], output_path: str, format: str
                 logger.info(f"License Info: {result}\n{df}")
 
 
-def process_items(items, process_method, *args, **kwargs) -> List:
+def process_items(items, process_method, *args, **kwargs) -> set:
     """
     Process items using the specified method.
 
@@ -81,15 +81,13 @@ def process_items(items, process_method, *args, **kwargs) -> List:
         *args: Additional arguments to pass to the process method.
         **kwargs: Additional keyword arguments to pass to the process method.
     """
-    results = []
 
+    results = []
     for item in tqdm.tqdm(
         items, desc="Processing items", unit="item", disable=logger.level > logging.INFO
     ):
         try:
-            result = process_method(item, *args, **kwargs)
-            if result:
-                results.append(result)
+            results.append(process_method(item, *args, **kwargs))
         except Exception as e:
             logger.error(f"Error processing item {item}: {e}")
 

diff --git a/src/superbom/utils/packageindexes/conda/condadependencies.py b/src/superbom/utils/packageindexes/conda/condadependencies.py
@@ -76,15 +76,13 @@ def _find_license(self, dictionary, license):
         return None, None
 
     def retrieve_conda_package_info(self, package) -> dict:
-        package_data = []
+        package_data = {}
 
         # make sure there's a package name
         if not package:
             return package_data
 
         parsed = self.parse_conda_dependency(package)
-
-        package_info = {}
         found_channel = ""
         found_platform = ""
 
@@ -141,15 +139,13 @@ def retrieve_conda_package_info(self, package) -> dict:
         else:
             validated, license = False, "No License Information"
 
-        package_data.append(
-            {
-                "Package": name,
-                "Version": version,
-                "License": license,
-                "Validated": validated,
-                "Source": f"{found_channel}:{found_platform}",
-            }
-        )
+        package_data = {
+            "Package": name,
+            "Version": version,
+            "License": license,
+            "Validated": validated,
+            "Source": f"{found_channel}:{found_platform}",
+        }
 
         logger.debug(
             f"Package: {name}, Version: {version}, License: {license}, Source: {found_channel}:{found_platform}"

diff --git a/src/superbom/utils/packageindexes/pypi/pipdependencies.py b/src/superbom/utils/packageindexes/pypi/pipdependencies.py
@@ -25,8 +25,8 @@ def _getpypimetadata(self, package):
 
         return package_data
 
-    def get_pip_package_data(self, package) -> list:
-        package_data = []
+    def get_pip_package_data(self, package) -> dict:
+        package_data = {}
 
         # Skip python package
         if package.name == "python":
@@ -40,15 +40,13 @@ def get_pip_package_data(self, package) -> list:
             validated, license = pypiutils.get_license(metadata)
             source = "pypi"
 
-            package_data.append(
-                {
-                    "Package": name,
-                    "Version": version,
-                    "License": license,
-                    "Validated": validated,
-                    "Source": source,
-                }
-            )
+            package_data = {
+                "Package": name,
+                "Version": version,
+                "License": license,
+                "Validated": validated,
+                "Source": source,
+            }
             self.logger.debug(
                 f"Package: {name}, Version: {version}, License: {license}, Source: {source}"
             )
@@ -59,17 +57,12 @@ def get_pip_package_data(self, package) -> list:
             validated, license = githubutils.get_license(package.name)
             version = "N/A"
             source = "github"
-            package_data.append(
-                {
-                    "Package": package.name,
-                    "Version": version,
-                    "License": license,
-                    "Validated": validated,
-                    "Source": source,
-                }
-            )
-            self.logger.debug(
-                f"Package: {package.name}, Version: {version}, License: {license}, Source: {source}"
-            )
+            package_data = {
+                "Package": package.name,
+                "Version": version,
+                "License": license,
+                "Validated": validated,
+                "Source": source,
+            }
 
         return package_data
diff --git a/tests/unit_tests/test_condadeps.py b/tests/unit_tests/test_condadeps.py
@@ -70,15 +70,13 @@ def test_retrieve_conda_package_info_success(
         dep = "conda-forge::test-package=1.0.0"
         result = self.util.retrieve_conda_package_info(dep)
 
-        expected = [
-            {
-                "Package": "test-package",
-                "Version": "1.0.0",
-                "License": "MIT",
-                "Validated": True,
-                "Source": "conda-forge:noarch",
-            }
-        ]
+        expected = {
+            "Package": "test-package",
+            "Version": "1.0.0",
+            "License": "MIT",
+            "Validated": True,
+            "Source": "conda-forge:noarch",
+        }
         self.assertEqual(result, expected)
 
     @patch("superbom.utils.packageindexes.conda.condadependencies.CondaCache.get_cache")
@@ -102,15 +100,14 @@ def test_retrieve_conda_package_info_no_license(
 
         dep = "conda-forge::test-package=1.0.0"
         result = self.util.retrieve_conda_package_info(dep)
-        expected = [
-            {
-                "Package": "test-package",
-                "Version": "1.0.0",
-                "License": "No License Information",
-                "Validated": False,
-                "Source": "conda-forge:noarch",
-            }
-        ]
+        expected = {
+            "Package": "test-package",
+            "Version": "1.0.0",
+            "License": "No License Information",
+            "Validated": False,
+            "Source": "conda-forge:noarch",
+        }
+
         self.assertEqual(result, expected)
 
     @patch("superbom.utils.packageindexes.conda.condadependencies.CondaCache.get_cache")
@@ -131,15 +128,14 @@ def test_retrieve_conda_package_info_not_found(
 
         dep = "conda-forge::nonexistent-package"
         result = self.util.retrieve_conda_package_info(dep)
-        expected = [
-            {
-                "Package": "nonexistent-package",
-                "Version": None,
-                "License": "No License Information",
-                "Validated": False,
-                "Source": ":",
-            }
-        ]
+        expected = {
+            "Package": "nonexistent-package",
+            "Version": None,
+            "License": "No License Information",
+            "Validated": False,
+            "Source": ":",
+        }
+
         self.assertEqual(result, expected)
 
 

diff --git a/tests/unit_tests/test_pipdeps.py b/tests/unit_tests/test_pipdeps.py
@@ -25,15 +25,14 @@ def test_get_pip_packages_data_pypi(self, mock_get_license, mock_requests_get):
         util = PyPIPackageUtil()
         result = util.get_pip_package_data(mock_package)
 
-        expected_result = [
-            {
-                "Package": "testpackage",
-                "Version": "1.0.0",
-                "License": "MIT",
-                "Validated": True,
-                "Source": "pypi",
-            }
-        ]
+        expected_result = {
+            "Package": "testpackage",
+            "Version": "1.0.0",
+            "License": "MIT",
+            "Validated": True,
+            "Source": "pypi",
+        }
+
         self.assertEqual(result, expected_result)
 
     @patch("superbom.utils.packageindexes.pypi.pipdependencies.requests.get")
@@ -50,15 +49,14 @@ def test_get_pip_packages_data_github(self, mock_get_license, mock_requests_get)
         util = PyPIPackageUtil()
         result = util.get_pip_package_data(mock_package)
 
-        expected_result = [
-            {
-                "Package": "testpackage",
-                "Version": "N/A",
-                "License": "MIT",
-                "Validated": True,
-                "Source": "github",
-            }
-        ]
+        expected_result = {
+            "Package": "testpackage",
+            "Version": "N/A",
+            "License": "MIT",
+            "Validated": True,
+            "Source": "github",
+        }
+
         self.assertEqual(result, expected_result)
 
     @patch("superbom.utils.packageindexes.pypi.pipdependencies.requests.get")
@@ -69,7 +67,7 @@ def test_get_pip_packages_data_python(self, mock_requests_get):
         util = PyPIPackageUtil()
         result = util.get_pip_package_data(mock_package)
 
-        self.assertEqual(result, [])
+        self.assertEqual(result, {})
 
 
 if __name__ == "__main__":