Mercurial Repositories > eric / annotate

src/eric7/PipInterface/PipVulnerabilityChecker.py@9ef616cd220d (annotated)

src/eric7/PipInterface/PipVulnerabilityChecker.py

Wed, 25 Sep 2024 14:48:57 +0200

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Wed, 25 Sep 2024 14:48:57 +0200
branch
eric7
changeset 10926
9ef616cd220d
parent 10439
21c28b0f9e41
child 11090
f5f5f5803935
permissions
-rw-r--r--

Moved some functions from 'Globals' to 'EricUtilities'.

8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
10439
21c28b0f9e41 Updated copyright for 2024.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10428
diff changeset
3 # Copyright (c) 2022 - 2024 Detlev Offenbach <detlev@die-offenbachs.de>
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing a Python package vulnerability checker.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9 The vulnerability data is provided by the open Python vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 <a href="https://github.com/pyupio/safety-db">Safety DB</a>.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
13 import collections
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14 import contextlib
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15 import enum
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 import json
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17 import os
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
18 import time
9473
3f23dbf37dbe Resorted the import statements using isort.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9413
diff changeset
19
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20 from dataclasses import dataclass
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22 from packaging.specifiers import SpecifierSet
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23 from PyQt6.QtCore import QCoreApplication, QObject, QThread, QUrl
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
24 from PyQt6.QtNetwork import QNetworkReply, QNetworkRequest
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
25
10926
9ef616cd220d Moved some functions from 'Globals' to 'EricUtilities'.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
26 from eric7 import EricUtilities, Preferences
9413
80c06d472826 Changed the eric7 import statements to include the package name (i.e. eric7) in order to not fiddle with sys.path.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9221
diff changeset
27 from eric7.EricWidgets import EricMessageBox
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28
9001
a00cd6b55728 Corrected some code style issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8978
diff changeset
29
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
30 @dataclass
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
31 class Package:
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
32 """
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
33 Class containing the package data.
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
34 """
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
35
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
36 name: str # package name
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
37 version: str # version
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
39
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 @dataclass
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 class Vulnerability:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
42 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 Class containing the vulnerability data.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
44 """
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
45
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
46 name: str # package name
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
47 spec: dict # package specification record
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
48 version: str # package version
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
49 cve: str # CVE ID
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
50 advisory: str # CVE advisory text
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
51 vulnerabilityId: str # vulnerability ID
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
53
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
54 class VulnerabilityCheckError(enum.Enum):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
55 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56 Class defining various vulnerability check error states.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
57 """
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
58
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
59 OK = 0
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
60 SummaryDbUnavailable = 1
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
61 FullDbUnavailable = 2
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
62
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
63
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
64 class PipVulnerabilityChecker(QObject):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
65 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
66 Class implementing a Python package vulnerability checker.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
67 """
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
68
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
69 FullDbFile = "insecure_full.json"
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
70 SummaryDbFile = "insecure.json"
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
71
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
72 def __init__(self, pip, parent=None):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
73 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
74 Constructor
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
75
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
76 @param pip reference to the global pip interface
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
77 @type Pip
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
78 @param parent reference to the parent widget (defaults to None)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
79 @type QWidget (optional)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
80 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
81 super().__init__(parent)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
82
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
83 self.__pip = pip
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
84
10926
9ef616cd220d Moved some functions from 'Globals' to 'EricUtilities'.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
85 securityDir = os.path.join(EricUtilities.getConfigDir(), "security")
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
86 os.makedirs(securityDir, mode=0o700, exist_ok=True)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
87 self.__cacheFile = os.path.join(securityDir, "vulnerability_cache.json")
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
88 if not os.path.exists(self.__cacheFile):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
89 self.__createCacheFile()
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
90
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
91 def __createCacheFile(self):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
92 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
93 Private method to create the cache file.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
94
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
95 The cache file has the following structure.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
96 {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
97 "insecure.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
98 "cachedAt": 12345678
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
99 "db": {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
100 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
101 "insecure_full.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
102 "cachedAt": 12345678
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
103 "db": {}
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
104 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
105 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
106 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
107 structure = {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
108 "insecure.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
109 "cachedAt": 0,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
110 "db": {},
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
111 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
112 "insecure_full.json": {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
113 "cachedAt": 0,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
114 "db": {},
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
115 },
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
116 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
117 with open(self.__cacheFile, "w") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
118 json.dump(structure, f, indent=2)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
119
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
120 def __getDataFromCache(self, dbName):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
121 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
122 Private method to get the vulnerability database from the cache.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
123
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
124 @param dbName name of the vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
125 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
126 @return dictionary containing the requested vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
127 @rtype dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
128 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
129 if os.path.exists(self.__cacheFile):
10180
3a595df36c9a Simplified some code.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9653
diff changeset
130 with open(self.__cacheFile, "r") as f: # noqa: Y117
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
131 with contextlib.suppress(json.JSONDecodeError, OSError):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
132 cachedData = json.load(f)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
133 if dbName in cachedData and "cachedAt" in cachedData[dbName]:
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
134 cacheValidPeriod = Preferences.getPip(
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
135 "VulnerabilityDbCacheValidity"
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
136 )
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
137 if (
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
138 cachedData[dbName]["cachedAt"] + cacheValidPeriod
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
139 > time.time()
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
140 ):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
141 return cachedData[dbName]["db"]
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
142
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
143 return {}
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
144
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
145 def __writeDataToCache(self, dbName, data):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
146 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
147 Private method to write the vulnerability data for a database to the
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
148 cache.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
149
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
150 @param dbName name of the vulnerability database
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
151 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
152 @param data dictionary containing the vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
153 @type dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
154 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
155 if not os.path.exists(self.__cacheFile):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
156 self.__createCacheFile()
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
157
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
158 with open(self.__cacheFile, "r") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
159 try:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
160 cache = json.load(f)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
161 except json.JSONDecodeError:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
162 cache = {}
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
163
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
164 cache[dbName] = {
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
165 "cachedAt": time.time(),
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
166 "db": data,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
167 }
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
168 with open(self.__cacheFile, "w") as f:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
169 json.dump(cache, f, indent=2)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
170
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
171 def __fetchVulnerabilityDatabase(self, full=False, forceUpdate=False):
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
172 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
173 Private method to get the data of the vulnerability database.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
174
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
175 If the cached data is still valid, this data will be used.
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
176 Otherwise a copy of the requested database will be downloaded
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
177 and cached.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
178
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
179 @param full flag indicating to get the database containing the full
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
180 data set (defaults to False)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
181 @type bool (optional)
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
182 @param forceUpdate flag indicating an update of the cache is required
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
183 (defaults to False)
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
184 @type bool (optional)
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
185 @return dictionary containing the vulnerability data (full data set or
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
186 just package name and version specifier)
10428
a071d4065202 Converted some source code documentation to the new style.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10373
diff changeset
187 @rtype dict
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
188 """
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
189 dbName = (
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
190 PipVulnerabilityChecker.FullDbFile
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
191 if full
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
192 else PipVulnerabilityChecker.SummaryDbFile
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
193 )
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
194
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
195 if not forceUpdate:
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
196 cachedData = self.__getDataFromCache(dbName)
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
197 if cachedData:
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
198 return cachedData
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
199
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
200 url = Preferences.getPip("VulnerabilityDbMirror") + dbName
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
201 request = QNetworkRequest(QUrl(url))
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
202 reply = self.__pip.getNetworkAccessManager().get(request)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
203 while not reply.isFinished():
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
204 QCoreApplication.processEvents()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
205 QThread.msleep(100)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
206
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
207 reply.deleteLater()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
208 if reply.error() == QNetworkReply.NetworkError.NoError:
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
209 data = str(reply.readAll(), Preferences.getSystem("IOEncoding"), "replace")
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
210 with contextlib.suppress(json.JSONDecodeError):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
211 data = json.loads(data)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
212 self.__writeDataToCache(dbName, data)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
213 return data
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
214
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
215 EricMessageBox.critical(
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
216 None,
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
217 self.tr("Fetching Vulnerability Database"),
9052
c06475635841 Corrected an error message in the pip interface.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9001
diff changeset
218 self.tr(
c06475635841 Corrected an error message in the pip interface.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9001
diff changeset
219 """<p>The vulnerability database <b>{0}</b> could not"""
c06475635841 Corrected an error message in the pip interface.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9001
diff changeset
220 """ be loaded from <b>{1}</b>.</p><p>The vulnerability"""
c06475635841 Corrected an error message in the pip interface.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9001
diff changeset
221 """ check is not available.</p>"""
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
222 ).format(dbName, Preferences.getPip("VulnerabilityDbMirror")),
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
223 )
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
224 return {}
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
225
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
226 def __getVulnerabilities(self, package, specifier, db):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
227 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
228 Private method to get the vulnerabilities for a package.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
229
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
230 @param package name of the package
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
231 @type str
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
232 @param specifier package specifier
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
233 @type Specifier
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
234 @param db vulnerability data
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
235 @type dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
236 @yield dictionary containing the vulnerability data for the package
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
237 @ytype dict
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
238 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
239 for entry in db[package]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
240 for entrySpec in entry["specs"]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
241 if entrySpec == specifier:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
242 yield entry
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
243
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
244 def check(self, packages):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
245 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
246 Public method to check the given packages for vulnerabilities.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
247
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
248 @param packages list of packages
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
249 @type Package
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
250 @return tuple containing an error status and a dictionary containing
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
251 detected vulnerable packages keyed by package name
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
252 @rtype tuple of (VulnerabilityCheckError, list of Vulnerability)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
253 """
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
254 db = self.__fetchVulnerabilityDatabase()
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
255 if not db:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
256 return VulnerabilityCheckError.SummaryDbUnavailable, []
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
257
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
258 fullDb = None
10373
093dcebe5ecb Corrected some uses of dict.keys(), dict.values() and dict.items().
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10180
diff changeset
259 vulnerablePackages = frozenset(db)
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
260 vulnerabilities = collections.defaultdict(list)
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
261
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
262 for package in packages:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
263 # normalize the package name, the safety-db is converting
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
264 # underscores to dashes and uses lowercase
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
265 name = package.name.replace("_", "-").lower()
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
266
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
267 if name in vulnerablePackages:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
268 # we have a candidate here, build the spec set
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
269 for specifier in db[name]:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
270 specifierSet = SpecifierSet(specifiers=specifier)
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
271 if specifierSet.contains(package.version):
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
272 if not fullDb:
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
273 fullDb = self.__fetchVulnerabilityDatabase(full=True)
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
274 for data in self.__getVulnerabilities(
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
275 package=name, specifier=specifier, db=fullDb
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
276 ):
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
277 vulnarabilityId = data.get("id").replace("pyup.io-", "")
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
278 cveId = data.get("cve", "")
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
279 if cveId:
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
280 cveId = cveId.split(",", 1)[0].strip()
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
281 vulnerabilities[package.name].append(
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
282 Vulnerability(
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
283 name=name,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
284 spec=specifier,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
285 version=package.version,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
286 cve=cveId,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
287 advisory=data.get("advisory", ""),
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
288 vulnerabilityId=vulnarabilityId,
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
289 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
290 )
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
291
8977
663521af48b2 Started implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
292 return VulnerabilityCheckError.OK, vulnerabilities
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
293
8978
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
294 def updateVulnerabilityDb(self):
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
295 """
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
296 Public method to update the cache of the vulnerability databases.
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
297 """
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
298 self.__fetchVulnerabilityDatabase(full=False, forceUpdate=True)
38c3ddf21537 Continued implementing a vulnerability checker based on the data of the Safety DB.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 8977
diff changeset
299 self.__fetchVulnerabilityDatabase(full=True, forceUpdate=True)

Mercurial Repository: eric

eric ide

mercurial