Mercurial Repositories > eric / annotate

eric7/PipInterface/PipVulnerabilityChecker.py@663521af48b2 (annotated)

eric7/PipInterface/PipVulnerabilityChecker.py

Sun, 13 Mar 2022 19:59:03 +0100

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Sun, 13 Mar 2022 19:59:03 +0100
branch
eric7
changeset 8977
663521af48b2
child 8978
38c3ddf21537
permissions
-rw-r--r--

Started implementing a vulnerability checker based on the data of the Safety DB.

8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
3 # Copyright (c) 2022 Detlev Offenbach <detlev@die-offenbachs.de>
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing a Python package vulnerability checker.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9 The vulnerability data is provided by the open Python vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 <a href="https://github.com/pyupio/safety-db">Safety DB</a>.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
13 import contextlib
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14 import enum
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15 import json
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 import os
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17 import time
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
18 from collections import namedtuple
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
19 from dataclasses import dataclass
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21 from packaging.specifiers import SpecifierSet
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23 from PyQt6.QtCore import QCoreApplication, QObject, QThread, QUrl
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
24 from PyQt6.QtNetwork import QNetworkReply, QNetworkRequest
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
25
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
26 from EricWidgets import EricMessageBox
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
27
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28 import Globals
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
29 import Preferences
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
30
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
31 Package = namedtuple("Package", ["name", "version"])
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
32
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
33
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
34 @dataclass
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
35 class Vulnerability:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
36 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
37 Class containing the vulnerability data.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
39 name: str # package name
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 spec: dict # package specification record
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 version: str # package version
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
42 cve: str # CVE ID
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 advisory: str # CVE advisory text
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
44 vulnerabilityId: str # vulnerability ID
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
45
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
46
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
47 class VulnerabilityCheckError(enum.Enum):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
48 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
49 Class defining various vulnerability check error states.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
50 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
51 OK = 0
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52 SummaryDbUnavailable = 1
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
53 FullDbUnavailable = 2
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
54
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
55
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56 class PipVulnerabilityChecker(QObject):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
57 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
58 Class implementing a Python package vulnerability checker.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
59 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
60 def __init__(self, pip, parent=None):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
61 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
62 Constructor
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
63
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
64 @param pip reference to the global pip interface
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
65 @type Pip
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
66 @param parent reference to the parent widget (defaults to None)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
67 @type QWidget (optional)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
68 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
69 super().__init__(parent)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
70
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
71 self.__pip = pip
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
72
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
73 securityDir = os.path.join(Globals.getConfigDir(), "security")
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
74 os.makedirs(securityDir, mode=0o700, exist_ok=True)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
75 self.__cacheFile = os.path.join(securityDir,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
76 "vulnerability_cache.json")
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
77 if not os.path.exists(self.__cacheFile):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
78 self.__createCacheFile()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
79
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
80 def __createCacheFile(self):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
81 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
82 Private method to create the cache file.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
83
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
84 The cache file has the following structure.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
85 {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
86 "insecure.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
87 "cachedAt": 12345678
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
88 "db": {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
89 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
90 "insecure_full.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
91 "cachedAt": 12345678
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
92 "db": {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
93 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
94 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
95 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
96 structure = {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
97 "insecure.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
98 "cachedAt": 0,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
99 "db": {},
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
100 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
101 "insecure_full.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
102 "cachedAt": 0,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
103 "db": {},
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
104 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
105 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
106 with open(self.__cacheFile, "w") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
107 json.dump(structure, f, indent=2)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
108
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
109 def __getDataFromCache(self, dbName):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
110 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
111 Private method to get the vulnerability database from the cache.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
112
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
113 @param dbName name of the vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
114 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
115 @return dictionary containing the requested vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
116 @rtype dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
117 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
118 if os.path.exists(self.__cacheFile):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
119 with open(self.__cacheFile, "r") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
120 with contextlib.suppress(json.JSONDecodeError, OSError):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
121 cachedData = json.load(f)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
122 if (
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
123 dbName in cachedData and
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
124 "cachedAt" in cachedData[dbName]
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
125 ):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
126 cacheValidPeriod = Preferences.getPip(
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
127 "VulnerabilityDbCacheValidity")
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
128 if (
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
129 cachedData[dbName]["cachedAt"] + cacheValidPeriod >
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
130 time.time()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
131 ):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
132 return cachedData[dbName]["db"]
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
133
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
134 return {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
135
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
136 def __writeDataToCache(self, dbName, data):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
137 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
138 Private method to write the vulnerability data for a database to the
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
139 cache.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
140
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
141 @param dbName name of the vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
142 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
143 @param data dictionary containing the vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
144 @type dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
145 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
146 if not os.path.exists(self.__cacheFile):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
147 self.__createCacheFile()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
148
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
149 with open(self.__cacheFile, "r") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
150 try:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
151 cache = json.load(f)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
152 except json.JSONDecodeError:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
153 cache = {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
154
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
155 cache[dbName] = {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
156 "cachedAt": time.time(),
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
157 "db": data,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
158 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
159 with open(self.__cacheFile, "w") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
160 json.dump(cache, f, indent=2)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
161
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
162 def __fetchVulnerabilityDatabase(self, full=False):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
163 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
164 Private method to get the data of the vulnerability database.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
165
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
166 If the cached data is still valid, this data will be used.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
167 Otherwise a copy of the requested database will be downloaded
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
168 and cached.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
169
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
170 @param full flag indicating to get the database containing the full
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
171 data set (defaults to False)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
172 @type bool (optional)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
173 @return dictionary containing the vulnerability data (full data set or
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
174 just package name and version specifier)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
175 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
176 dbName = "insecure_full.json" if full else "insecure.json"
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
177
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
178 cachedData = self.__getDataFromCache(dbName)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
179 if cachedData:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
180 return cachedData
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
181
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
182 url = Preferences.getPip("VulnerabilityDbMirror") + dbName
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
183 request = QNetworkRequest(QUrl(url))
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
184 reply = self.__pip.getNetworkAccessManager().get(request)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
185 while not reply.isFinished():
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
186 QCoreApplication.processEvents()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
187 QThread.msleep(100)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
188
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
189 reply.deleteLater()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
190 if reply.error() == QNetworkReply.NetworkError.NoError:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
191 data = str(reply.readAll(),
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
192 Preferences.getSystem("IOEncoding"),
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
193 'replace')
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
194 with contextlib.suppress(json.JSONDecodeError):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
195 data = json.loads(data)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
196 self.__writeDataToCache(dbName, data)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
197 return data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
198
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
199 EricMessageBox.critical(
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
200 None,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
201 self.tr("Fetching Vulnerability Database"),
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
202 self.tr("""<p>The vulnerability database <b>{0}</b> could not"""
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
203 """ be loaded from <b>{1}</b>.</p><p>The vulnerability"""
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
204 """ check is not available.</p>""")
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
205 )
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
206 return {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
207
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
208 def __getVulnerabilities(self, package, specifier, db):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
209 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
210 Private method to get the vulnerabilities for a package.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
211
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
212 @param package name of the package
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
213 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
214 @param specifier package specifier
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
215 @type Specifier
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
216 @param db vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
217 @type dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
218 @yield dictionary containing the vulnerability data for the package
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
219 @ytype dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
220 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
221 for entry in db[package]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
222 for entrySpec in entry["specs"]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
223 if entrySpec == specifier:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
224 yield entry
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
225
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
226 def check(self, packages):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
227 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
228 Public method to check the given packages for vulnerabilities.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
229
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
230 @param packages list of packages
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
231 @type Package
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
232 @return tuple containing an error status and the list of vulnerable
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
233 packages detected
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
234 @rtype tuple of (VulnerabilityCheckError, list of Vulnerability)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
235 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
236 db = self.__fetchVulnerabilityDatabase()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
237 if not db:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
238 return VulnerabilityCheckError.SummaryDbUnavailable, []
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
239
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
240 fullDb = None
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
241 vulnerablePackages = frozenset(db.keys())
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
242 vulnerabilities = [] # TODO: fill this list
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
243
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
244 for package in packages:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
245 # normalize the package name, the safety-db is converting
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
246 # underscores to dashes and uses lowercase
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
247 name = package.name.replace("_", "-").lower()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
248
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
249 if name in vulnerablePackages:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
250 # we have a candidate here, build the spec set
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
251 for specifier in db[name]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
252 specifierSet = SpecifierSet(specifiers=specifier)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
253 if specifierSet.contains(package.version):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
254 if not fullDb:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
255 fullDb = self.__fetchVulnerabilityDatabase(
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
256 full=True)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
257 for data in self.__getVulnerabilities(
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
258 package=name, specifier=specifier, db=fullDb
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
259 ):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
260 vulnarabilityId = (
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
261 data.get("id").replace("pyup.io-", "")
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
262 )
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
263 cveId = data.get("cve")
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
264 if cveId:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
265 cveId = cveId.split(",", 1)[0].strip()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
266
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
267 return VulnerabilityCheckError.OK, vulnerabilities

Mercurial Repository: eric

eric ide

mercurial