Mercurial Repositories > eric / file revision

src/eric7/Documentation/Source/eric7.PipInterface.PipVulnerabilityChecker.html@c48c615c04a3

src/eric7/Documentation/Source/eric7.PipInterface.PipVulnerabilityChecker.html

Sat, 26 Apr 2025 12:34:32 +0200

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Sat, 26 Apr 2025 12:34:32 +0200
branch
eric7
changeset 11240
c48c615c04a3
parent 10479
856476537696
permissions
-rw-r--r--

MicroPython
- Added a configuration option to disable the support for the no longer produced Pimoroni Pico Wireless Pack.

<!DOCTYPE html>
<html><head>
<title>eric7.PipInterface.PipVulnerabilityChecker</title>
<meta charset="UTF-8">
<link rel="stylesheet" href="styles.css">
</head>
<body>
<a NAME="top" ID="top"></a>
<h1>eric7.PipInterface.PipVulnerabilityChecker</h1>
<p>
Module implementing a Python package vulnerability checker.
</p>
<p>
The vulnerability data is provided by the open Python vulnerability database
<a href="https://github.com/pyupio/safety-db">Safety DB</a>.
</p>

<h3>Global Attributes</h3>
<table>
<tr><td>None</td></tr>
</table>

<h3>Classes</h3>
<table>
<tr>
<td><a href="#Package">Package</a></td>
<td>Class containing the package data.</td>
</tr>
<tr>
<td><a href="#PipVulnerabilityChecker">PipVulnerabilityChecker</a></td>
<td>Class implementing a Python package vulnerability checker.</td>
</tr>
<tr>
<td><a href="#Vulnerability">Vulnerability</a></td>
<td>Class containing the vulnerability data.</td>
</tr>
<tr>
<td><a href="#VulnerabilityCheckError">VulnerabilityCheckError</a></td>
<td>Class defining various vulnerability check error states.</td>
</tr>
</table>

<h3>Functions</h3>
<table>
<tr><td>None</td></tr>
</table>

<hr />
<hr />
<a NAME="Package" ID="Package"></a>
<h2>Package</h2>
<p>
    Class containing the package data.
</p>

<h3>Derived from</h3>
None
<h3>Class Attributes</h3>
<table>
<tr><td>name</td></tr>
<tr><td>version</td></tr>
</table>

<h3>Class Methods</h3>
<table>
<tr><td>None</td></tr>
</table>

<h3>Methods</h3>
<table>
<tr><td>None</td></tr>
</table>

<h3>Static Methods</h3>
<table>
<tr><td>None</td></tr>
</table>


<div align="right"><a href="#top">Up</a></div>
<hr />
<hr />
<a NAME="PipVulnerabilityChecker" ID="PipVulnerabilityChecker"></a>
<h2>PipVulnerabilityChecker</h2>
<p>
    Class implementing a Python package vulnerability checker.
</p>

<h3>Derived from</h3>
QObject
<h3>Class Attributes</h3>
<table>
<tr><td>FullDbFile</td></tr>
<tr><td>SummaryDbFile</td></tr>
</table>

<h3>Class Methods</h3>
<table>
<tr><td>None</td></tr>
</table>

<h3>Methods</h3>
<table>
<tr>
<td><a href="#PipVulnerabilityChecker.__init__">PipVulnerabilityChecker</a></td>
<td>Constructor</td>
</tr>
<tr>
<td><a href="#PipVulnerabilityChecker.__createCacheFile">__createCacheFile</a></td>
<td>Private method to create the cache file.</td>
</tr>
<tr>
<td><a href="#PipVulnerabilityChecker.__fetchVulnerabilityDatabase">__fetchVulnerabilityDatabase</a></td>
<td>Private method to get the data of the vulnerability database.</td>
</tr>
<tr>
<td><a href="#PipVulnerabilityChecker.__getDataFromCache">__getDataFromCache</a></td>
<td>Private method to get the vulnerability database from the cache.</td>
</tr>
<tr>
<td><a href="#PipVulnerabilityChecker.__getVulnerabilities">__getVulnerabilities</a></td>
<td>Private method to get the vulnerabilities for a package.</td>
</tr>
<tr>
<td><a href="#PipVulnerabilityChecker.__writeDataToCache">__writeDataToCache</a></td>
<td>Private method to write the vulnerability data for a database to the cache.</td>
</tr>
<tr>
<td><a href="#PipVulnerabilityChecker.check">check</a></td>
<td>Public method to check the given packages for vulnerabilities.</td>
</tr>
<tr>
<td><a href="#PipVulnerabilityChecker.updateVulnerabilityDb">updateVulnerabilityDb</a></td>
<td>Public method to update the cache of the vulnerability databases.</td>
</tr>
</table>

<h3>Static Methods</h3>
<table>
<tr><td>None</td></tr>
</table>


<a NAME="PipVulnerabilityChecker.__init__" ID="PipVulnerabilityChecker.__init__"></a>
<h4>PipVulnerabilityChecker (Constructor)</h4>
<b>PipVulnerabilityChecker</b>(<i>pip, parent=None</i>)
<p>
        Constructor
</p>

<dl>

<dt><i>pip</i> (Pip)</dt>
<dd>
reference to the global pip interface
</dd>
<dt><i>parent</i> (QWidget (optional))</dt>
<dd>
reference to the parent widget (defaults to None)
</dd>
</dl>
<a NAME="PipVulnerabilityChecker.__createCacheFile" ID="PipVulnerabilityChecker.__createCacheFile"></a>
<h4>PipVulnerabilityChecker.__createCacheFile</h4>
<b>__createCacheFile</b>(<i></i>)
<p>
        Private method to create the cache file.
</p>
<p>
        The cache file has the following structure.
        {
          "insecure.json": {
              "cachedAt": 12345678
              "db": {}
          },
          "insecure_full.json": {
              "cachedAt": 12345678
              "db": {}
          },
        }
</p>

<a NAME="PipVulnerabilityChecker.__fetchVulnerabilityDatabase" ID="PipVulnerabilityChecker.__fetchVulnerabilityDatabase"></a>
<h4>PipVulnerabilityChecker.__fetchVulnerabilityDatabase</h4>
<b>__fetchVulnerabilityDatabase</b>(<i>full=False, forceUpdate=False</i>)
<p>
        Private method to get the data of the vulnerability database.
</p>
<p>
        If the cached data is still valid, this data will be used.
        Otherwise a copy of the requested database will be downloaded
        and cached.
</p>

<dl>

<dt><i>full</i> (bool (optional))</dt>
<dd>
flag indicating to get the database containing the full
            data set (defaults to False)
</dd>
<dt><i>forceUpdate</i> (bool (optional))</dt>
<dd>
flag indicating an update of the cache is required
            (defaults to False)
</dd>
</dl>
<dl>
<dt>Return:</dt>
<dd>
dictionary containing the vulnerability data (full data set or
            just package name and version specifier)
</dd>
</dl>
<dl>
<dt>Return Type:</dt>
<dd>
dict
</dd>
</dl>
<a NAME="PipVulnerabilityChecker.__getDataFromCache" ID="PipVulnerabilityChecker.__getDataFromCache"></a>
<h4>PipVulnerabilityChecker.__getDataFromCache</h4>
<b>__getDataFromCache</b>(<i>dbName</i>)
<p>
        Private method to get the vulnerability database from the cache.
</p>

<dl>

<dt><i>dbName</i> (str)</dt>
<dd>
name of the vulnerability database
</dd>
</dl>
<dl>
<dt>Return:</dt>
<dd>
dictionary containing the requested vulnerability data
</dd>
</dl>
<dl>
<dt>Return Type:</dt>
<dd>
dict
</dd>
</dl>
<a NAME="PipVulnerabilityChecker.__getVulnerabilities" ID="PipVulnerabilityChecker.__getVulnerabilities"></a>
<h4>PipVulnerabilityChecker.__getVulnerabilities</h4>
<b>__getVulnerabilities</b>(<i>package, specifier, db</i>)
<p>
        Private method to get the vulnerabilities for a package.
</p>

<dl>

<dt><i>package</i> (str)</dt>
<dd>
name of the package
</dd>
<dt><i>specifier</i> (Specifier)</dt>
<dd>
package specifier
</dd>
<dt><i>db</i> (dict)</dt>
<dd>
vulnerability data
</dd>
</dl>
<dl>
<dt>Yield:</dt>
<dd>
dictionary containing the vulnerability data for the package
</dd>
</dl>
<dl>
<dt>Yield Type:</dt>
<dd>
dict
</dd>
</dl>
<a NAME="PipVulnerabilityChecker.__writeDataToCache" ID="PipVulnerabilityChecker.__writeDataToCache"></a>
<h4>PipVulnerabilityChecker.__writeDataToCache</h4>
<b>__writeDataToCache</b>(<i>dbName, data</i>)
<p>
        Private method to write the vulnerability data for a database to the
        cache.
</p>

<dl>

<dt><i>dbName</i> (str)</dt>
<dd>
name of the vulnerability database
</dd>
<dt><i>data</i> (dict)</dt>
<dd>
dictionary containing the vulnerability data
</dd>
</dl>
<a NAME="PipVulnerabilityChecker.check" ID="PipVulnerabilityChecker.check"></a>
<h4>PipVulnerabilityChecker.check</h4>
<b>check</b>(<i>packages</i>)
<p>
        Public method to check the given packages for vulnerabilities.
</p>

<dl>

<dt><i>packages</i> (Package)</dt>
<dd>
list of packages
</dd>
</dl>
<dl>
<dt>Return:</dt>
<dd>
tuple containing an error status and a dictionary containing
            detected vulnerable packages keyed by package name
</dd>
</dl>
<dl>
<dt>Return Type:</dt>
<dd>
tuple of (VulnerabilityCheckError, list of Vulnerability)
</dd>
</dl>
<a NAME="PipVulnerabilityChecker.updateVulnerabilityDb" ID="PipVulnerabilityChecker.updateVulnerabilityDb"></a>
<h4>PipVulnerabilityChecker.updateVulnerabilityDb</h4>
<b>updateVulnerabilityDb</b>(<i></i>)
<p>
        Public method to update the cache of the vulnerability databases.
</p>

<div align="right"><a href="#top">Up</a></div>
<hr />
<hr />
<a NAME="Vulnerability" ID="Vulnerability"></a>
<h2>Vulnerability</h2>
<p>
    Class containing the vulnerability data.
</p>

<h3>Derived from</h3>
None
<h3>Class Attributes</h3>
<table>
<tr><td>advisory</td></tr>
<tr><td>cve</td></tr>
<tr><td>name</td></tr>
<tr><td>spec</td></tr>
<tr><td>version</td></tr>
<tr><td>vulnerabilityId</td></tr>
</table>

<h3>Class Methods</h3>
<table>
<tr><td>None</td></tr>
</table>

<h3>Methods</h3>
<table>
<tr><td>None</td></tr>
</table>

<h3>Static Methods</h3>
<table>
<tr><td>None</td></tr>
</table>


<div align="right"><a href="#top">Up</a></div>
<hr />
<hr />
<a NAME="VulnerabilityCheckError" ID="VulnerabilityCheckError"></a>
<h2>VulnerabilityCheckError</h2>
<p>
    Class defining various vulnerability check error states.
</p>

<h3>Derived from</h3>
enum.Enum
<h3>Class Attributes</h3>
<table>
<tr><td>FullDbUnavailable</td></tr>
<tr><td>OK</td></tr>
<tr><td>SummaryDbUnavailable</td></tr>
</table>

<h3>Class Methods</h3>
<table>
<tr><td>None</td></tr>
</table>

<h3>Methods</h3>
<table>
<tr><td>None</td></tr>
</table>

<h3>Static Methods</h3>
<table>
<tr><td>None</td></tr>
</table>


<div align="right"><a href="#top">Up</a></div>
<hr />
</body></html>

Mercurial Repository: eric

eric ide

mercurial