eric: comparison eric7/PipInterface/PipPackagesWidget.py

-:663521af48b2
+:38c3ddf21537
 from EricWidgets.EricApplication import ericApp
 from EricWidgets import EricMessageBox
 from EricGui.EricOverrideCursor import EricOverrideCursor
+from .PipVulnerabilityChecker import Package, VulnerabilityCheckError
 from .Ui_PipPackagesWidget import Ui_PipPackagesWidget
 import UI.PixmapCache
 import Globals
 import Preferences
 pipList = self.packagesList.findItems(
 "pip",
 Qt.MatchFlag.MatchExactly | Qt.MatchFlag.MatchCaseSensitive
 )
 if len(pipList) > 0:
-pipVersionTuple = Globals.versionToTuple(pipList[0].text(1))
+pipVersionTuple = Globals.versionToTuple(
+pipList[0].text(PipPackagesWidget.InstalledVersionColumn))
 return pipVersionTuple
 def getPip(self):
 """
 """
 Private slot handling the switching of the 'user-site' mode.
 """
 self.__refreshPackagesList()
-@pyqtSlot()
+def __showPackageInformation(self, packageName):
-def on_packagesList_itemSelectionChanged(self):
+"""
-"""
+Private method to show information for a package.
-Private slot handling the selection of a package.
+@param packageName name of the package
+@type str
+"""
+environment = self.environmentsComboBox.currentText()
+interpreter = self.__pip.getVirtualenvInterpreter(environment)
+if not interpreter:
+return
+args = ["-m", "pip", "show"]
+if self.verboseCheckBox.isChecked():
+args.append("--verbose")
+if self.installedFilesCheckBox.isChecked():
+args.append("--files")
+args.append(packageName)
+with EricOverrideCursor():
+success, output = self.__pip.runProcess(args, interpreter)
+if success and output:
+mode = self.ShowProcessGeneralMode
+for line in output.splitlines():
+line = line.rstrip()
+if line != "---":
+if mode != self.ShowProcessGeneralMode:
+if line[0] == " ":
+QTreeWidgetItem(
+self.infoWidget,
+[" ", line.strip()])
+else:
+mode = self.ShowProcessGeneralMode
+if mode == self.ShowProcessGeneralMode:
+try:
+label, info = line.split(": ", 1)
+except ValueError:
+label = line[:-1]
+info = ""
+label = label.lower()
+if label in self.__infoLabels:
+QTreeWidgetItem(
+self.infoWidget,
+[self.__infoLabels[label], info])
+if label == "files":
+mode = self.ShowProcessFilesListMode
+elif label == "classifiers":
+mode = self.ShowProcessClassifiersMode
+elif label == "entry-points":
+mode = self.ShowProcessEntryPointsMode
+self.infoWidget.scrollToTop()
+header = self.infoWidget.header()
+header.setStretchLastSection(False)
+header.resizeSections(QHeaderView.ResizeMode.ResizeToContents)
+if (
+header.sectionSize(0) + header.sectionSize(1) <
+header.width()
+):
+header.setStretchLastSection(True)
+@pyqtSlot(QTreeWidgetItem, int)
+def on_packagesList_itemClicked(self, item, column):
+"""
+Private slot reacting on a package item click.
+@param item reference to the clicked item
+@type QTreeWidgetItem
+@param column clicked column
+@type int
 """
 self.infoWidget.clear()
-if len(self.packagesList.selectedItems()) == 1:
+if (
-itm = self.packagesList.selectedItems()[0]
+column == PipPackagesWidget.VulnerabilityColumn and
+bool(item.text(PipPackagesWidget.VulnerabilityColumn))
-environment = self.environmentsComboBox.currentText()
+):
-interpreter = self.__pip.getVirtualenvInterpreter(environment)
+self.__showVulnerabilityInformation(
-if not interpreter:
+item.text(PipPackagesWidget.PackageColumn),
-return
+item.text(PipPackagesWidget.InstalledVersionColumn),
+item.data(PipPackagesWidget.VulnerabilityColumn,
-args = ["-m", "pip", "show"]
+PipPackagesWidget.VulnerabilityRole)
-if self.verboseCheckBox.isChecked():
+)
-args.append("--verbose")
+else:
-if self.installedFilesCheckBox.isChecked():
+self.__showPackageInformation(
-args.append("--files")
+item.text(PipPackagesWidget.PackageColumn)
-args.append(itm.text(0))
+)
-with EricOverrideCursor():
-success, output = self.__pip.runProcess(args, interpreter)
-if success and output:
-mode = self.ShowProcessGeneralMode
-for line in output.splitlines():
-line = line.rstrip()
-if line != "---":
-if mode != self.ShowProcessGeneralMode:
-if line[0] == " ":
-QTreeWidgetItem(
-self.infoWidget,
-[" ", line.strip()])
-else:
-mode = self.ShowProcessGeneralMode
-if mode == self.ShowProcessGeneralMode:
-try:
-label, info = line.split(": ", 1)
-except ValueError:
-label = line[:-1]
-info = ""
-label = label.lower()
-if label in self.__infoLabels:
-QTreeWidgetItem(
-self.infoWidget,
-[self.__infoLabels[label], info])
-if label == "files":
-mode = self.ShowProcessFilesListMode
-elif label == "classifiers":
-mode = self.ShowProcessClassifiersMode
-elif label == "entry-points":
-mode = self.ShowProcessEntryPointsMode
-self.infoWidget.scrollToTop()
-header = self.infoWidget.header()
-header.setStretchLastSection(False)
-header.resizeSections(QHeaderView.ResizeMode.ResizeToContents)
-if (
-header.sectionSize(0) + header.sectionSize(1) <
-header.width()
-):
-header.setStretchLastSection(True)
 self.__updateActionButtons()
 @pyqtSlot(QTreeWidgetItem, int)
-def on_packagesList_itemActivated(self, item, column):
+def on_packagesList_itemDoubleClicked(self, item, column):
 """
-Private slot reacting on a package item activation.
+Private slot reacting on a package item double click.
-@param item reference to the activated item
+@param item reference to the double clicked item
 @type QTreeWidgetItem
-@param column activated column
+@param column double clicked column
 @type int
 """
-packageName = item.text(0)
+packageName = item.text(PipPackagesWidget.PackageColumn)
-upgradable = bool(item.text(2))
+upgradable = bool(item.text(PipPackagesWidget.AvailableVersionColumn))
-if column == 1:
+if column == PipPackagesWidget.InstalledVersionColumn:
 # show details for installed version
-packageVersion = item.text(1)
+packageVersion = item.text(
+PipPackagesWidget.InstalledVersionColumn)
 else:
 # show details for available version or installed one
-if item.text(2):
+if item.text(PipPackagesWidget.AvailableVersionColumn):
-packageVersion = item.text(2)
+packageVersion = item.text(
+PipPackagesWidget.AvailableVersionColumn)
 else:
-packageVersion = item.text(1)
+packageVersion = item.text(
+PipPackagesWidget.InstalledVersionColumn)
 self.__showPackageDetails(packageName, packageVersion,
 upgradable=upgradable)
 @pyqtSlot(bool)
 checkbox.
 @param checked state of the checkbox
 @type bool
 """
-self.on_packagesList_itemSelectionChanged()
+self.on_packagesList_itemClicked(self.packagesList.currentItem(),
+self.packagesList.currentColumn())
 @pyqtSlot(bool)
 def on_installedFilesCheckBox_clicked(self, checked):
 """
 Private slot to handle a change of the installed files information
 checkbox.
 @param checked state of the checkbox
 @type bool
 """
-self.on_packagesList_itemSelectionChanged()
+self.on_packagesList_itemClicked(self.packagesList.currentItem(),
+self.packagesList.currentColumn())
 @pyqtSlot()
 def on_refreshButton_clicked(self):
 """
 Private slot to refresh the display.
 @pyqtSlot()
 def on_upgradeButton_clicked(self):
 """
 Private slot to upgrade selected packages of the selected environment.
 """
-packages = [itm.text(0) for itm in self.__selectedUpdateableItems()]
+packages = [itm.text(PipPackagesWidget.PackageColumn)
+for itm in self.__selectedUpdateableItems()]
 if packages:
 self.executeUpgradePackages(packages)
 @pyqtSlot()
 def on_upgradeAllButton_clicked(self):
 """
 Private slot to upgrade all packages of the selected environment.
 """
-packages = [itm.text(0) for itm in self.__allUpdateableItems()]
+packages = [itm.text(PipPackagesWidget.PackageColumn)
+for itm in self.__allUpdateableItems()]
 if packages:
 self.executeUpgradePackages(packages)
 @pyqtSlot()
 def on_uninstallButton_clicked(self):
 Private slot to show information for the selected package.
 """
 item = self.packagesList.selectedItems()[0]
 if item:
 packageName = item.text(PipPackagesWidget.PackageColumn)
-upgradable = bool(item.text(2))
+upgradable = bool(item.text(
+PipPackagesWidget.AvailableVersionColumn))
 # show details for available version or installed one
-if item.text(2):
+if item.text(PipPackagesWidget.AvailableVersionColumn):
-packageVersion = item.text(2)
+packageVersion = item.text(
+PipPackagesWidget.AvailableVersionColumn)
 else:
-packageVersion = item.text(1)
+packageVersion = item.text(
+PipPackagesWidget.InstalledVersionColumn)
 self.__showPackageDetails(packageName, packageVersion,
 upgradable=upgradable)
 #######################################################################
 self.__uninstallRequirements)
 self.__generateRequirementsAct = self.__pipMenu.addAction(
 self.tr("Generate Requirements..."),
 self.__generateRequirements)
 self.__pipMenu.addSeparator()
+self.__checkVulnerabilityAct = self.__pipMenu.addAction(
+self.tr("Check Vulnerabilities"),
+self.__updateVulnerabilityData)
+# updateVulnerabilityDbAct
+self.__pipMenu.addAction(
+self.tr("Update Vulnerability Database"),
+self.__updateVulnerabilityDbCache)
+self.__pipMenu.addSeparator()
 self.__cacheInfoAct = self.__pipMenu.addAction(
 self.tr("Show Cache Info..."),
 self.__showCacheInfo)
 self.__cacheShowListAct = self.__pipMenu.addAction(
 self.tr("Show Cached Files..."),
 self.__cacheShowListAct.setEnabled(enablePipCache)
 self.__cacheRemoveAct.setEnabled(enablePipCache)
 self.__cachePurgeAct.setEnabled(enablePipCache)
 self.__editVirtualenvConfigAct.setEnabled(enable)
+self.__checkVulnerabilityAct.setEnabled(
+enable & self.vulnerabilityCheckBox.isEnabled())
 @pyqtSlot()
 def __installPip(self):
 """
 Private slot to install pip into the selected environment.
 @type bool (optional)
 """
 if clearFirst:
 self.__clearVulnerabilityInfo()
-packages = []       # TODO: fill this list with real data
+packages = []
+for row in range(self.packagesList.topLevelItemCount()):
+itm = self.packagesList.topLevelItem(row)
+packages.append(Package(
+name=itm.text(PipPackagesWidget.PackageColumn),
+version=itm.text(PipPackagesWidget.InstalledVersionColumn)
+))
 error, vulnerabilities = (
 self.__pip.getVulnerabilityChecker().check(packages)
 )
+if error == VulnerabilityCheckError.OK:
+for package in vulnerabilities:
+items = self.packagesList.findItems(
+package,
+Qt.MatchFlag.MatchExactly |
+Qt.MatchFlag.MatchCaseSensitive
+)
+if items:
+itm = items[0]
+itm.setData(
+PipPackagesWidget.VulnerabilityColumn,
+PipPackagesWidget.VulnerabilityRole,
+vulnerabilities[package]
+)
+affected = {v.spec for v in vulnerabilities[package]}
+itm.setText(
+PipPackagesWidget.VulnerabilityColumn,
+', '.join(affected)
+)
+itm.setIcon(
+PipPackagesWidget.VulnerabilityColumn,
+UI.PixmapCache.getIcon("securityLow")
+)
+elif error in (VulnerabilityCheckError.FullDbUnavailable,
+VulnerabilityCheckError.SummaryDbUnavailable):
+self.vulnerabilityCheckBox.setChecked(False)
+self.vulnerabilityCheckBox.setEnabled(False)
+self.packagesList.setColumnHidden(
+PipPackagesWidget.VulnerabilityColumn, True)
+@pyqtSlot()
+def __updateVulnerabilityDbCache(self):
+"""
+Private slot to initiate an update of the local cache of the
+vulnerability database.
+"""
+with EricOverrideCursor():
+self.__pip.getVulnerabilityChecker().updateVulnerabilityDb()
+def __showVulnerabilityInformation(self, packageName, packageVersion,
+vulnerabilities):
+"""
+Private method to show the detected vulnerability data.
+@param packageName name of the package
+@type str
+@param packageVersion installed version number
+@type str
+@param vulnerabilities list of vulnerabilities
+@type list of Vulnerability
+"""
+header = (
+self.tr("{0} {1}", "package name, package version")
+.format(packageName, packageVersion)
+)
+topItem = QTreeWidgetItem(self.infoWidget, [header])
+topItem.setFirstColumnSpanned(True)
+topItem.setExpanded(True)
+font = topItem.font(0)
+font.setBold(True)
+topItem.setFont(0, font)
+for vulnerability in vulnerabilities:
+title = (
+vulnerability.cve
+if vulnerability.cve else
+vulnerability.vulnerabilityId
+)
+titleItem = QTreeWidgetItem(topItem, [title])
+titleItem.setFirstColumnSpanned(True)
+titleItem.setExpanded(True)
+QTreeWidgetItem(
+titleItem,
+[self.tr("Affected Version:"), vulnerability.spec])
+itm = QTreeWidgetItem(
+titleItem,
+[self.tr("Advisory:"), vulnerability.advisory])
+itm.setToolTip(1, "<p>{0}</p>".format(
+vulnerability.advisory.replace("\r\n", "<br/>")
+))
+self.infoWidget.scrollToTop()
+self.infoWidget.resizeColumnToContents(0)
+header = self.infoWidget.header()
+header.setStretchLastSection(True)

Mercurial Repositories > eric / file comparison

comparison: eric7/PipInterface/PipPackagesWidget.py

eric7/PipInterface/PipPackagesWidget.py