Mercurial Repositories > eric / annotate

src/eric7/PipInterface/PipVulnerabilityChecker.py@3f23dbf37dbe (annotated)

src/eric7/PipInterface/PipVulnerabilityChecker.py

Fri, 04 Nov 2022 13:52:26 +0100

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Fri, 04 Nov 2022 13:52:26 +0100
branch
eric7
changeset 9473
3f23dbf37dbe
parent 9413
80c06d472826
child 9653
e67609152c5e
permissions
-rw-r--r--

Resorted the import statements using isort.

8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
3 # Copyright (c) 2022 Detlev Offenbach <detlev@die-offenbachs.de>
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing a Python package vulnerability checker.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9 The vulnerability data is provided by the open Python vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 <a href="https://github.com/pyupio/safety-db">Safety DB</a>.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
13 import collections
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14 import contextlib
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15 import enum
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 import json
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17 import os
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
18 import time
9473
3f23dbf37dbe Resorted the import statements using isort.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9413
diff changeset
19
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20 from dataclasses import dataclass
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22 from packaging.specifiers import SpecifierSet
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23 from PyQt6.QtCore import QCoreApplication, QObject, QThread, QUrl
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
24 from PyQt6.QtNetwork import QNetworkReply, QNetworkRequest
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
25
9473
3f23dbf37dbe Resorted the import statements using isort.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9413
diff changeset
26 from eric7 import Globals, Preferences
9413
80c06d472826 Changed the eric7 import statements to include the package name (i.e. eric7) in order to not fiddle with sys.path.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9221
diff changeset
27 from eric7.EricWidgets import EricMessageBox
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28
9001
a00cd6b55728 Corrected some code style issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8978
diff changeset
29
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
30 @dataclass
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
31 class Package:
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
32 """
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
33 Class containing the package data.
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
34 """
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
35
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
36 name: str # package name
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
37 version: str # version
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
39
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 @dataclass
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 class Vulnerability:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
42 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 Class containing the vulnerability data.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
44 """
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
45
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
46 name: str # package name
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
47 spec: dict # package specification record
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
48 version: str # package version
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
49 cve: str # CVE ID
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
50 advisory: str # CVE advisory text
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
51 vulnerabilityId: str # vulnerability ID
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
53
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
54 class VulnerabilityCheckError(enum.Enum):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
55 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56 Class defining various vulnerability check error states.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
57 """
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
58
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
59 OK = 0
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
60 SummaryDbUnavailable = 1
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
61 FullDbUnavailable = 2
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
62
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
63
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
64 class PipVulnerabilityChecker(QObject):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
65 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
66 Class implementing a Python package vulnerability checker.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
67 """
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
68
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
69 FullDbFile = "insecure_full.json"
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
70 SummaryDbFile = "insecure.json"
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
71
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
72 def __init__(self, pip, parent=None):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
73 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
74 Constructor
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
75
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
76 @param pip reference to the global pip interface
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
77 @type Pip
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
78 @param parent reference to the parent widget (defaults to None)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
79 @type QWidget (optional)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
80 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
81 super().__init__(parent)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
82
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
83 self.__pip = pip
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
84
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
85 securityDir = os.path.join(Globals.getConfigDir(), "security")
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
86 os.makedirs(securityDir, mode=0o700, exist_ok=True)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
87 self.__cacheFile = os.path.join(securityDir, "vulnerability_cache.json")
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
88 if not os.path.exists(self.__cacheFile):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
89 self.__createCacheFile()
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
90
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
91 def __createCacheFile(self):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
92 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
93 Private method to create the cache file.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
94
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
95 The cache file has the following structure.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
96 {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
97 "insecure.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
98 "cachedAt": 12345678
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
99 "db": {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
100 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
101 "insecure_full.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
102 "cachedAt": 12345678
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
103 "db": {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
104 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
105 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
106 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
107 structure = {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
108 "insecure.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
109 "cachedAt": 0,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
110 "db": {},
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
111 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
112 "insecure_full.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
113 "cachedAt": 0,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
114 "db": {},
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
115 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
116 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
117 with open(self.__cacheFile, "w") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
118 json.dump(structure, f, indent=2)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
119
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
120 def __getDataFromCache(self, dbName):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
121 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
122 Private method to get the vulnerability database from the cache.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
123
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
124 @param dbName name of the vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
125 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
126 @return dictionary containing the requested vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
127 @rtype dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
128 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
129 if os.path.exists(self.__cacheFile):
9001
a00cd6b55728 Corrected some code style issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8978
diff changeset
130 with open(self.__cacheFile, "r") as f: # __IGNORE_WARNING_Y117__
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
131 with contextlib.suppress(json.JSONDecodeError, OSError):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
132 cachedData = json.load(f)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
133 if dbName in cachedData and "cachedAt" in cachedData[dbName]:
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
134 cacheValidPeriod = Preferences.getPip(
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
135 "VulnerabilityDbCacheValidity"
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
136 )
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
137 if (
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
138 cachedData[dbName]["cachedAt"] + cacheValidPeriod
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
139 > time.time()
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
140 ):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
141 return cachedData[dbName]["db"]
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
142
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
143 return {}
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
144
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
145 def __writeDataToCache(self, dbName, data):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
146 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
147 Private method to write the vulnerability data for a database to the
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
148 cache.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
149
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
150 @param dbName name of the vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
151 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
152 @param data dictionary containing the vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
153 @type dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
154 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
155 if not os.path.exists(self.__cacheFile):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
156 self.__createCacheFile()
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
157
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
158 with open(self.__cacheFile, "r") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
159 try:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
160 cache = json.load(f)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
161 except json.JSONDecodeError:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
162 cache = {}
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
163
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
164 cache[dbName] = {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
165 "cachedAt": time.time(),
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
166 "db": data,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
167 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
168 with open(self.__cacheFile, "w") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
169 json.dump(cache, f, indent=2)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
170
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
171 def __fetchVulnerabilityDatabase(self, full=False, forceUpdate=False):
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
172 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
173 Private method to get the data of the vulnerability database.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
174
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
175 If the cached data is still valid, this data will be used.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
176 Otherwise a copy of the requested database will be downloaded
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
177 and cached.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
178
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
179 @param full flag indicating to get the database containing the full
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
180 data set (defaults to False)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
181 @type bool (optional)
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
182 @param forceUpdate flag indicating an update of the cache is required
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
183 (defaults to False)
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
184 @type bool (optional)
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
185 @return dictionary containing the vulnerability data (full data set or
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
186 just package name and version specifier)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
187 """
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
188 dbName = (
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
189 PipVulnerabilityChecker.FullDbFile
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
190 if full
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
191 else PipVulnerabilityChecker.SummaryDbFile
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
192 )
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
193
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
194 if not forceUpdate:
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
195 cachedData = self.__getDataFromCache(dbName)
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
196 if cachedData:
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
197 return cachedData
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
198
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
199 url = Preferences.getPip("VulnerabilityDbMirror") + dbName
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
200 request = QNetworkRequest(QUrl(url))
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
201 reply = self.__pip.getNetworkAccessManager().get(request)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
202 while not reply.isFinished():
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
203 QCoreApplication.processEvents()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
204 QThread.msleep(100)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
205
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
206 reply.deleteLater()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
207 if reply.error() == QNetworkReply.NetworkError.NoError:
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
208 data = str(reply.readAll(), Preferences.getSystem("IOEncoding"), "replace")
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
209 with contextlib.suppress(json.JSONDecodeError):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
210 data = json.loads(data)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
211 self.__writeDataToCache(dbName, data)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
212 return data
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
213
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
214 EricMessageBox.critical(
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
215 None,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
216 self.tr("Fetching Vulnerability Database"),
9052
c06475635841 Corrected an error message in the pip interface.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9001
diff changeset
217 self.tr(
c06475635841 Corrected an error message in the pip interface.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9001
diff changeset
218 """<p>The vulnerability database <b>{0}</b> could not"""
c06475635841 Corrected an error message in the pip interface.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9001
diff changeset
219 """ be loaded from <b>{1}</b>.</p><p>The vulnerability"""
c06475635841 Corrected an error message in the pip interface.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9001
diff changeset
220 """ check is not available.</p>"""
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
221 ).format(dbName, Preferences.getPip("VulnerabilityDbMirror")),
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
222 )
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
223 return {}
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
224
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
225 def __getVulnerabilities(self, package, specifier, db):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
226 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
227 Private method to get the vulnerabilities for a package.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
228
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
229 @param package name of the package
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
230 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
231 @param specifier package specifier
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
232 @type Specifier
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
233 @param db vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
234 @type dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
235 @yield dictionary containing the vulnerability data for the package
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
236 @ytype dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
237 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
238 for entry in db[package]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
239 for entrySpec in entry["specs"]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
240 if entrySpec == specifier:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
241 yield entry
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
242
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
243 def check(self, packages):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
244 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
245 Public method to check the given packages for vulnerabilities.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
246
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
247 @param packages list of packages
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
248 @type Package
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
249 @return tuple containing an error status and a dictionary containing
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
250 detected vulnerable packages keyed by package name
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
251 @rtype tuple of (VulnerabilityCheckError, list of Vulnerability)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
252 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
253 db = self.__fetchVulnerabilityDatabase()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
254 if not db:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
255 return VulnerabilityCheckError.SummaryDbUnavailable, []
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
256
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
257 fullDb = None
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
258 vulnerablePackages = frozenset(db.keys())
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
259 vulnerabilities = collections.defaultdict(list)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
260
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
261 for package in packages:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
262 # normalize the package name, the safety-db is converting
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
263 # underscores to dashes and uses lowercase
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
264 name = package.name.replace("_", "-").lower()
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
265
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
266 if name in vulnerablePackages:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
267 # we have a candidate here, build the spec set
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
268 for specifier in db[name]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
269 specifierSet = SpecifierSet(specifiers=specifier)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
270 if specifierSet.contains(package.version):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
271 if not fullDb:
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
272 fullDb = self.__fetchVulnerabilityDatabase(full=True)
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
273 for data in self.__getVulnerabilities(
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
274 package=name, specifier=specifier, db=fullDb
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
275 ):
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
276 vulnarabilityId = data.get("id").replace("pyup.io-", "")
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
277 cveId = data.get("cve", "")
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
278 if cveId:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
279 cveId = cveId.split(",", 1)[0].strip()
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
280 vulnerabilities[package.name].append(
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
281 Vulnerability(
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
282 name=name,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
283 spec=specifier,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
284 version=package.version,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
285 cve=cveId,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
286 advisory=data.get("advisory", ""),
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
287 vulnerabilityId=vulnarabilityId,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
288 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
289 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
290
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
291 return VulnerabilityCheckError.OK, vulnerabilities
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
292
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
293 def updateVulnerabilityDb(self):
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
294 """
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
295 Public method to update the cache of the vulnerability databases.
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
296 """
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
297 self.__fetchVulnerabilityDatabase(full=False, forceUpdate=True)
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
298 self.__fetchVulnerabilityDatabase(full=True, forceUpdate=True)

Mercurial Repository: eric

eric ide

mercurial