owasp-depscan 5.0.3__tar.gz → 5.0.4__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of owasp-depscan might be problematic. Click here for more details.

Files changed (86) hide show
  1. {owasp-depscan-5.0.3/owasp_depscan.egg-info → owasp-depscan-5.0.4}/PKG-INFO +1 -1
  2. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/normalize.py +6 -4
  3. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4/owasp_depscan.egg-info}/PKG-INFO +1 -1
  4. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/pyproject.toml +1 -1
  5. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/LICENSE +0 -0
  6. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/MANIFEST.in +0 -0
  7. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/README.md +0 -0
  8. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/__init__.py +0 -0
  9. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/cli.py +0 -0
  10. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/__init__.py +0 -0
  11. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/analysis.py +0 -0
  12. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/audit.py +0 -0
  13. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/bom.py +0 -0
  14. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/config.py +0 -0
  15. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/csaf.py +0 -0
  16. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/explainer.py +0 -0
  17. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/github.py +0 -0
  18. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/license.py +0 -0
  19. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/logger.py +0 -0
  20. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/pkg_query.py +0 -0
  21. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/utils.py +0 -0
  22. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/owasp_depscan.egg-info/SOURCES.txt +0 -0
  23. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/owasp_depscan.egg-info/dependency_links.txt +0 -0
  24. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/owasp_depscan.egg-info/entry_points.txt +0 -0
  25. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/owasp_depscan.egg-info/requires.txt +0 -0
  26. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/owasp_depscan.egg-info/top_level.txt +0 -0
  27. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/setup.cfg +0 -0
  28. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_analysis.py +0 -0
  29. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_bom.py +0 -0
  30. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_csaf.py +0 -0
  31. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_explainer.py +0 -0
  32. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_github.py +0 -0
  33. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_license.py +0 -0
  34. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_norm.py +0 -0
  35. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_pkg_query.py +0 -0
  36. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/test/test_utils.py +0 -0
  37. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/__init__.py +0 -0
  38. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_data/fields.yml +0 -0
  39. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_data/meta.yml +0 -0
  40. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_data/rules.yml +0 -0
  41. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/0bsd.txt +0 -0
  42. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/afl-3.0.txt +0 -0
  43. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/agpl-3.0.txt +0 -0
  44. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/apache-2.0.txt +0 -0
  45. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/artistic-2.0.txt +0 -0
  46. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/bsd-2-clause.txt +0 -0
  47. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/bsd-3-clause-clear.txt +0 -0
  48. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/bsd-3-clause.txt +0 -0
  49. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/bsd-4-clause.txt +0 -0
  50. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/bsl-1.0.txt +0 -0
  51. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/cc-by-4.0.txt +0 -0
  52. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/cc-by-sa-4.0.txt +0 -0
  53. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/cc0-1.0.txt +0 -0
  54. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/cecill-2.1.txt +0 -0
  55. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/cern-ohl-p-2.0.txt +0 -0
  56. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/cern-ohl-s-2.0.txt +0 -0
  57. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/cern-ohl-w-2.0.txt +0 -0
  58. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/ecl-2.0.txt +0 -0
  59. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/epl-1.0.txt +0 -0
  60. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/epl-2.0.txt +0 -0
  61. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/eupl-1.1.txt +0 -0
  62. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/eupl-1.2.txt +0 -0
  63. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/gfdl-1.3.txt +0 -0
  64. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/gpl-2.0.txt +0 -0
  65. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/gpl-3.0.txt +0 -0
  66. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/isc.txt +0 -0
  67. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/lgpl-2.1.txt +0 -0
  68. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/lgpl-3.0.txt +0 -0
  69. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/lppl-1.3c.txt +0 -0
  70. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/mit-0.txt +0 -0
  71. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/mit.txt +0 -0
  72. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/mpl-2.0.txt +0 -0
  73. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/ms-pl.txt +0 -0
  74. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/ms-rl.txt +0 -0
  75. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/mulanpsl-2.0.txt +0 -0
  76. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/ncsa.txt +0 -0
  77. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/odbl-1.0.txt +0 -0
  78. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/ofl-1.1.txt +0 -0
  79. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/osl-3.0.txt +0 -0
  80. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/postgresql.txt +0 -0
  81. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/unlicense.txt +0 -0
  82. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/upl-1.0.txt +0 -0
  83. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/vim.txt +0 -0
  84. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/wtfpl.txt +0 -0
  85. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/choosealicense.com/_licenses/zlib.txt +0 -0
  86. {owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/vendor/spdx/json/licenses.json +0 -0
{owasp-depscan-5.0.3/owasp_depscan.egg-info → owasp-depscan-5.0.4}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: owasp-depscan
3
- Version: 5.0.3
3
+ Version: 5.0.4
4
4
  Summary: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories.
5
5
  Author-email: Team AppThreat <cloud@appthreat.com>
6
6
  License: MIT
{owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/depscan/lib/normalize.py RENAMED
@@ -155,10 +155,12 @@ def create_pkg_variations(pkg_dict):
155
155
  for suffix in COMMON_SUFFIXES:
156
156
  if name.endswith(suffix):
157
157
  name_aliases.add(name.replace(suffix, ""))
158
- for k, v in config.package_alias.items():
159
- if name.startswith(k) or k.startswith(name) or v.startswith(name):
160
- name_aliases.add(k)
161
- name_aliases.add(v)
158
+ # The below aliasing is resulting in several false positives for npm
159
+ if pkg_type not in ("npm",):
160
+ for k, v in config.package_alias.items():
161
+ if name.startswith(k) or k.startswith(name) or v.startswith(name):
162
+ name_aliases.add(k)
163
+ name_aliases.add(v)
162
164
  if pkg_type in config.OS_PKG_TYPES:
163
165
  if "lib" in name:
164
166
  name_aliases.add(name.replace("lib", ""))
{owasp-depscan-5.0.3 → owasp-depscan-5.0.4/owasp_depscan.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: owasp-depscan
3
- Version: 5.0.3
3
+ Version: 5.0.4
4
4
  Summary: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories.
5
5
  Author-email: Team AppThreat <cloud@appthreat.com>
6
6
  License: MIT
{owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/pyproject.toml RENAMED
@@ -1,6 +1,6 @@
1
1
  [project]
2
2
  name = "owasp-depscan"
3
- version = "5.0.3"
3
+ version = "5.0.4"
4
4
  description = "Fully open-source security audit for project dependencies based on known vulnerabilities and advisories."
5
5
  authors = [
6
6
  {name = "Team AppThreat", email = "cloud@appthreat.com"},
{owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/LICENSE RENAMED
File without changes
{owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/MANIFEST.in RENAMED
File without changes
{owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/README.md RENAMED
File without changes
{owasp-depscan-5.0.3 → owasp-depscan-5.0.4}/setup.cfg RENAMED
File without changes