owasp-depscan 5.2.11__py3-none-any.whl → 5.2.13__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of owasp-depscan might be problematic. Click here for more details.

Files changed (10) hide show
  1. depscan/lib/analysis.py +1 -1
  2. depscan/lib/audit.py +5 -1
  3. depscan/lib/normalize.py +2 -2
  4. depscan/lib/orasclient.py +1 -1
  5. {owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/METADATA +2 -2
  6. {owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/RECORD +10 -10
  7. {owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/WHEEL +1 -1
  8. {owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/LICENSE +0 -0
  9. {owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/entry_points.txt +0 -0
  10. {owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/top_level.txt +0 -0
depscan/lib/analysis.py CHANGED
@@ -1495,7 +1495,7 @@ def find_purl_usages(bom_file, src_dir, reachables_slices_file):
1495
1495
  data = json.load(f)
1496
1496
 
1497
1497
  for c in data["components"]:
1498
- purl = c["purl"]
1498
+ purl = c.get("purl", "")
1499
1499
  if c.get("evidence") and c["evidence"].get("occurrences"):
1500
1500
  direct_purls[purl] += len(c["evidence"].get("occurrences"))
1501
1501
  return dict(direct_purls), dict(reached_purls)
depscan/lib/audit.py CHANGED
@@ -4,13 +4,17 @@ from depscan.lib import config
4
4
  from depscan.lib.pkg_query import npm_metadata, pypi_metadata
5
5
 
6
6
  # Dict mapping project type to the audit source
7
- type_audit_map = {"nodejs": NpmSource(), "js": NpmSource(), "npm": NpmSource()}
7
+ type_audit_map = {"nodejs": NpmSource(), "js": NpmSource(), "javascript": NpmSource(), "ts": NpmSource(),
8
+ "typescript": NpmSource(), "npm": NpmSource()}
8
9
 
9
10
  # Dict mapping project type to risk audit
10
11
  risk_audit_map = {
11
12
  "npm": npm_metadata,
12
13
  "nodejs": npm_metadata,
13
14
  "js": npm_metadata,
15
+ "javascript": npm_metadata,
16
+ "ts": npm_metadata,
17
+ "typescript": npm_metadata,
14
18
  "python": pypi_metadata,
15
19
  "py": pypi_metadata,
16
20
  "pypi": pypi_metadata,
depscan/lib/normalize.py CHANGED
@@ -219,7 +219,7 @@ def create_pkg_variations(pkg_dict):
219
219
  {
220
220
  "vendor": vvar,
221
221
  "name": nvar,
222
- "version": pkg_dict["version"],
222
+ "version": pkg_dict.get("version", ""),
223
223
  }
224
224
  )
225
225
  elif len(name_aliases) > 1:
@@ -229,7 +229,7 @@ def create_pkg_variations(pkg_dict):
229
229
  {
230
230
  "vendor": pkg_dict.get("vendor"),
231
231
  "name": nvar,
232
- "version": pkg_dict["version"],
232
+ "version": pkg_dict.get("version", ""),
233
233
  }
234
234
  )
235
235
  return pkg_list
depscan/lib/orasclient.py CHANGED
@@ -22,7 +22,7 @@ class VdbDistributionRegistry(oras.provider.Registry):
22
22
  jsonschema.exceptions.ValidationError: Additional properties are not allowed ('artifactType' was unexpected)
23
23
  """
24
24
 
25
- def get_manifest(self, container, allowed_media_type=None):
25
+ def get_manifest(self, container, allowed_media_type=None, refresh_headers=True):
26
26
  """
27
27
  Retrieve a manifest for a package.
28
28
 
{owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: owasp-depscan
3
- Version: 5.2.11
3
+ Version: 5.2.13
4
4
  Summary: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories.
5
5
  Author-email: Team AppThreat <cloud@appthreat.com>
6
6
  License: MIT
@@ -22,7 +22,7 @@ Description-Content-Type: text/markdown
22
22
  License-File: LICENSE
23
23
  Requires-Dist: appthreat-vulnerability-db ==5.6.4
24
24
  Requires-Dist: defusedxml
25
- Requires-Dist: oras ==0.1.26
25
+ Requires-Dist: oras ~=0.1.26
26
26
  Requires-Dist: PyYAML
27
27
  Requires-Dist: rich
28
28
  Requires-Dist: quart
{owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/RECORD RENAMED
@@ -1,8 +1,8 @@
1
1
  depscan/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
2
2
  depscan/cli.py,sha256=fS9CoM1mWNqavUqfGA40LMf_-9OQMzFIYvIle3O2TrA,38835
3
3
  depscan/lib/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
- depscan/lib/analysis.py,sha256=cLIwPdW3UlbL4gxdabncFAJfJNUqB64ZjeEzGqJgeL8,58149
5
- depscan/lib/audit.py,sha256=6GmHOkhDYY1LCIRd-wUSrSISh6_IFR5PhOopPJIQTeE,1318
4
+ depscan/lib/analysis.py,sha256=w1d3GsefGXxosLqMr9SosdHhMin4EfeA1atE1M2PC9o,58157
5
+ depscan/lib/audit.py,sha256=wpmIowFLaoFs0agZN3FUFxPumty5Gr6YRfcjXGsuNcI,1497
6
6
  depscan/lib/bom.py,sha256=AdwzWpgnxaq2CKngfiSC-6dKJMnSv0ZD0h6jj4vxW1w,16718
7
7
  depscan/lib/config.py,sha256=5up5ukTvTg1JhQmJD75i8iS3SZvB-QkSlJ-XChNwywk,14540
8
8
  depscan/lib/csaf.py,sha256=j9J5E_22nm--MOKy-g-agVnqtlkD84K93AyzOxIh-Rs,81781
@@ -10,8 +10,8 @@ depscan/lib/explainer.py,sha256=gSBNMxwyr1s_2v0GY-k3Ds5B92LMeCrqJF5P9nsW934,9966
10
10
  depscan/lib/github.py,sha256=h6e_12xLwspXJbt_7lW6vuHaqgJQgyFSRCLrfUndCH4,1697
11
11
  depscan/lib/license.py,sha256=y4-WZuD2MOunKaLd2EJGcSYP6s3Lp_dgssdzhcl9eEM,2332
12
12
  depscan/lib/logger.py,sha256=TZkxVN2a5g2g0nOlrIodJWaDhTFT6JLtR1vR4fPSMgs,1605
13
- depscan/lib/normalize.py,sha256=ltR513Y9XCm5Azit-ojXckNMAfm7L4LFSbgzML-A-oQ,12427
14
- depscan/lib/orasclient.py,sha256=IrTr7qVUgc-sCzLX9aaBLavGQQ2DR5kGqSBHNt67-Pk,4938
13
+ depscan/lib/normalize.py,sha256=ymn4IaHouVWg1bdXYzoLhXDDSf7JIwg0Gay4D9JVVtM,12443
14
+ depscan/lib/orasclient.py,sha256=l8Diieh0I2thTova4ozUkMblgyhRsttAkarnkRemsn0,4960
15
15
  depscan/lib/pkg_query.py,sha256=Hlf3LypsL7EF309HevcfhdjAOPDZbN1XRQOmjQpnxlI,20082
16
16
  depscan/lib/utils.py,sha256=saC5-ySoyZSgJzATi8gIJtMm3mE57Z1ZuQFV4gG_KN4,14763
17
17
  vendor/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -64,9 +64,9 @@ vendor/choosealicense.com/_licenses/vim.txt,sha256=d5GQjXB328L8EBkhKgxcjk344D3K7
64
64
  vendor/choosealicense.com/_licenses/wtfpl.txt,sha256=BxXeubkvQm32MDmlZsBcbzJzBpR5kWgw0JxSR9d7f3k,948
65
65
  vendor/choosealicense.com/_licenses/zlib.txt,sha256=e6dfCeLhxD3NCnIkY4cVIagRaWdRvencjNhHZ1APvpc,1678
66
66
  vendor/spdx/json/licenses.json,sha256=_Vz_aACEg-giVk08ZBQLqB5Z3AnSWZmdD9I22ID3QNs,275192
67
- owasp_depscan-5.2.11.dist-info/LICENSE,sha256=oQnCbnZtJ_NLDdOLc-rVY1D1N0RNWLHPpYXcc77xzSo,1073
68
- owasp_depscan-5.2.11.dist-info/METADATA,sha256=Ff3E0SAyNMvihVtenForYNtPIRF9_AjGHx_p851F1_8,28092
69
- owasp_depscan-5.2.11.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
70
- owasp_depscan-5.2.11.dist-info/entry_points.txt,sha256=FxQKHFWZTfKU2eBxHPFRxwhSNexntYygYhquykS8zxA,69
71
- owasp_depscan-5.2.11.dist-info/top_level.txt,sha256=qbHOZvNU2dXANv946hMdP2vOi0ESQB5t2ZY5ktKtXvQ,15
72
- owasp_depscan-5.2.11.dist-info/RECORD,,
67
+ owasp_depscan-5.2.13.dist-info/LICENSE,sha256=oQnCbnZtJ_NLDdOLc-rVY1D1N0RNWLHPpYXcc77xzSo,1073
68
+ owasp_depscan-5.2.13.dist-info/METADATA,sha256=uOsPy3zPXorKEBPdl1H0mm5xulRwn0pDAlOYC0_e93k,28092
69
+ owasp_depscan-5.2.13.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
70
+ owasp_depscan-5.2.13.dist-info/entry_points.txt,sha256=FxQKHFWZTfKU2eBxHPFRxwhSNexntYygYhquykS8zxA,69
71
+ owasp_depscan-5.2.13.dist-info/top_level.txt,sha256=qbHOZvNU2dXANv946hMdP2vOi0ESQB5t2ZY5ktKtXvQ,15
72
+ owasp_depscan-5.2.13.dist-info/RECORD,,
{owasp_depscan-5.2.11.dist-info → owasp_depscan-5.2.13.dist-info}/WHEEL RENAMED
@@ -1,5 +1,5 @@
1
1
  Wheel-Version: 1.0
2
- Generator: bdist_wheel (0.42.0)
2
+ Generator: bdist_wheel (0.43.0)
3
3
  Root-Is-Purelib: true
4
4
  Tag: py3-none-any
5
5