SocketDev · dacoburn · Feb 19, 2025 · Feb 19, 2025 · Feb 19, 2025 · Feb 19, 2025
@@ -22,4 +22,5 @@ test.py
 file_generator.py
 .coverage
 .env.local
-Pipfile
+Pipfile
+test/
@@ -601,12 +601,13 @@ def get_source_data(package: Package, packages: dict) -> list:
                 if top_package:
                     manifests = ""
                     top_purl = f"{top_package.type}/{top_package.name}@{top_package.version}"
-                    for manifest_data in top_package.manifestFiles:
-                        manifest_file = manifest_data.get("file")
-                        manifests += f"{manifest_file};"
-                    manifests = manifests.rstrip(";")
-                    source = (top_purl, manifests)
-                    introduced_by.append(source)
+                    if hasattr(top_package, "manifestFiles") and top_package.manifestFiles:
+                        for manifest_data in top_package.manifestFiles:
+                            manifest_file = manifest_data.get("file")
+                            manifests += f"{manifest_file};"
+                        manifests = manifests.rstrip(";")
+                        source = (top_purl, manifests)
+                        introduced_by.append(source)
                 else:
                     log.debug(f"Unable to get top level package info for {top_id}")
         return introduced_by