Scan of .deb file throws error

[sisao]

Description

When scanning a Debian package file a error is thrown:

scancode -plciv --html tar.html --json-pp tar.json tar_1.34+dfsg-1_amd64.deb
Setup plugin: scan:info...
Setup plugin: scan:packages...
Setup plugin: scan:licenses...
Setup plugin: scan:copyrights...
Setup plugin: post_scan:license-references...
Setup plugin: output:html...
Setup plugin: output:json-pp...
Collect file inventory...
Scan files for: info, packages, licenses, copyrights with 1 process(es)...
Scanned: /sources/test/tar_1.34+dfsg-1_amd64.deb
Scanned: /sources/test/tar_1.34+dfsg-1_amd64.deb
Filter scans...
Filter scan: info...
Filter scan: packages...
Filter scan: licenses...
Filter scan: copyrights...
Run post-scans...
Run post-scan: license-references...
Save scan results...
Save scan results as: html...
Save scan results as: json-pp...
Scanning done.
Some files failed to scan properly:
Path: tar_1.34+dfsg-1_amd64.deb
ERROR: for scanner: packages:
ERROR: Unknown error:
Traceback (most recent call last):
File "/usr/local/lib/python3.9/dist-packages/scancode/interrupt.py", line 91, in interruptible
return NO_ERROR, func(*(args or ()), **(kwargs or {}))
File "/usr/local/lib/python3.9/dist-packages/scancode/api.py", line 308, in get_package_data
return dict(package_data=[pd.to_dict() for pd in package_datas])
File "/usr/local/lib/python3.9/dist-packages/scancode/api.py", line 308, in
return dict(package_data=[pd.to_dict() for pd in package_datas])
File "/usr/local/lib/python3.9/dist-packages/packagedcode/models.py", line 744, in to_dict
mapping = super().to_dict(with_details=with_details, **kwargs)
File "/usr/local/lib/python3.9/dist-packages/packagedcode/models.py", line 316, in to_dict
mapping['purl'] = self.purl
File "/usr/local/lib/python3.9/dist-packages/packagedcode/models.py", line 289, in purl
return PackageURL(
File "/usr/local/lib/python3.9/dist-packages/packageurl/init.py", line 258, in new
raise ValueError(f"Invalid purl: {key} argument must be a string: {repr(value)}.")
ValueError: Invalid purl: version argument must be a string: Version(epoch=0, upstream='1.34+dfsg', revision='1').
Summary: info, packages, licenses, copyrights with 1 process(es)
Errors count: 1
Scan Speed: 17.34 files/sec. 14.00 MB/sec.
Initial counts: 1 resource(s): 1 file(s) and 0 directorie(s)
Final counts: 1 resource(s): 1 file(s) and 0 directorie(s) for 826.91 KB
Timings:
scan_start: 2023-02-16T123303.913870
scan_end: 2023-02-16T123305.624838
setup_scan:licenses: 1.63s
setup: 1.63s
total: 1.75s
Removing temporary files...done.

How To Reproduce

Download a Debian package e.g. apt-get download tar and run scancode

scancode -plciv --html tar.html --json-pp tar.json tar_1.34+dfsg-1_amd64.deb

System configuration

OS:
Debian 11

Scancode version:
ScanCode version: 32.0.0rc1
ScanCode Output Format version: 3.0.0
SPDX License list version: 3.19

[pombredanne]

Thanks for this (and sorry for the late reply!)
This smaller deb has the same issue: http://ftp.us.debian.org/debian/pool/main/b/bridge-utils/bridge-utils_1.6-2_amd64.deb

See also nexB/scancode.io#693

[pombredanne]

This has been fixed and released in https://github.com/nexB/scancode-toolkit/releases/tag/v31.2.6 and ported to the latest develop branch. Thanks!