owasp-depscan 5.2.11__tar.gz → 5.2.13__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (87) hide show
  1. {owasp-depscan-5.2.11/owasp_depscan.egg-info → owasp-depscan-5.2.13}/PKG-INFO +2 -2
  2. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/analysis.py +1 -1
  3. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/audit.py +5 -1
  4. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/normalize.py +2 -2
  5. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/orasclient.py +1 -1
  6. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13/owasp_depscan.egg-info}/PKG-INFO +2 -2
  7. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/owasp_depscan.egg-info/requires.txt +1 -1
  8. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/pyproject.toml +2 -2
  9. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/LICENSE +0 -0
  10. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/MANIFEST.in +0 -0
  11. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/README.md +0 -0
  12. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/__init__.py +0 -0
  13. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/cli.py +0 -0
  14. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/__init__.py +0 -0
  15. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/bom.py +0 -0
  16. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/config.py +0 -0
  17. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/csaf.py +0 -0
  18. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/explainer.py +0 -0
  19. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/github.py +0 -0
  20. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/license.py +0 -0
  21. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/logger.py +0 -0
  22. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/pkg_query.py +0 -0
  23. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/utils.py +0 -0
  24. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/owasp_depscan.egg-info/SOURCES.txt +0 -0
  25. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/owasp_depscan.egg-info/dependency_links.txt +0 -0
  26. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/owasp_depscan.egg-info/entry_points.txt +0 -0
  27. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/owasp_depscan.egg-info/top_level.txt +0 -0
  28. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/setup.cfg +0 -0
  29. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_analysis.py +0 -0
  30. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_bom.py +0 -0
  31. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_csaf.py +0 -0
  32. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_explainer.py +0 -0
  33. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_github.py +0 -0
  34. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_license.py +0 -0
  35. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_norm.py +0 -0
  36. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_pkg_query.py +0 -0
  37. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/test/test_utils.py +0 -0
  38. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/__init__.py +0 -0
  39. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_data/fields.yml +0 -0
  40. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_data/meta.yml +0 -0
  41. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_data/rules.yml +0 -0
  42. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/0bsd.txt +0 -0
  43. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/afl-3.0.txt +0 -0
  44. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/agpl-3.0.txt +0 -0
  45. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/apache-2.0.txt +0 -0
  46. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/artistic-2.0.txt +0 -0
  47. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/bsd-2-clause.txt +0 -0
  48. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/bsd-3-clause-clear.txt +0 -0
  49. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/bsd-3-clause.txt +0 -0
  50. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/bsd-4-clause.txt +0 -0
  51. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/bsl-1.0.txt +0 -0
  52. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/cc-by-4.0.txt +0 -0
  53. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/cc-by-sa-4.0.txt +0 -0
  54. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/cc0-1.0.txt +0 -0
  55. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/cecill-2.1.txt +0 -0
  56. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/cern-ohl-p-2.0.txt +0 -0
  57. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/cern-ohl-s-2.0.txt +0 -0
  58. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/cern-ohl-w-2.0.txt +0 -0
  59. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/ecl-2.0.txt +0 -0
  60. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/epl-1.0.txt +0 -0
  61. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/epl-2.0.txt +0 -0
  62. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/eupl-1.1.txt +0 -0
  63. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/eupl-1.2.txt +0 -0
  64. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/gfdl-1.3.txt +0 -0
  65. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/gpl-2.0.txt +0 -0
  66. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/gpl-3.0.txt +0 -0
  67. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/isc.txt +0 -0
  68. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/lgpl-2.1.txt +0 -0
  69. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/lgpl-3.0.txt +0 -0
  70. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/lppl-1.3c.txt +0 -0
  71. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/mit-0.txt +0 -0
  72. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/mit.txt +0 -0
  73. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/mpl-2.0.txt +0 -0
  74. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/ms-pl.txt +0 -0
  75. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/ms-rl.txt +0 -0
  76. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/mulanpsl-2.0.txt +0 -0
  77. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/ncsa.txt +0 -0
  78. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/odbl-1.0.txt +0 -0
  79. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/ofl-1.1.txt +0 -0
  80. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/osl-3.0.txt +0 -0
  81. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/postgresql.txt +0 -0
  82. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/unlicense.txt +0 -0
  83. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/upl-1.0.txt +0 -0
  84. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/vim.txt +0 -0
  85. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/wtfpl.txt +0 -0
  86. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/choosealicense.com/_licenses/zlib.txt +0 -0
  87. {owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/vendor/spdx/json/licenses.json +0 -0
{owasp-depscan-5.2.11/owasp_depscan.egg-info → owasp-depscan-5.2.13}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: owasp-depscan
3
- Version: 5.2.11
3
+ Version: 5.2.13
4
4
  Summary: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories.
5
5
  Author-email: Team AppThreat <cloud@appthreat.com>
6
6
  License: MIT
@@ -22,7 +22,7 @@ Description-Content-Type: text/markdown
22
22
  License-File: LICENSE
23
23
  Requires-Dist: appthreat-vulnerability-db==5.6.4
24
24
  Requires-Dist: defusedxml
25
- Requires-Dist: oras==0.1.26
25
+ Requires-Dist: oras~=0.1.26
26
26
  Requires-Dist: PyYAML
27
27
  Requires-Dist: rich
28
28
  Requires-Dist: quart
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/analysis.py RENAMED
@@ -1495,7 +1495,7 @@ def find_purl_usages(bom_file, src_dir, reachables_slices_file):
1495
1495
  data = json.load(f)
1496
1496
 
1497
1497
  for c in data["components"]:
1498
- purl = c["purl"]
1498
+ purl = c.get("purl", "")
1499
1499
  if c.get("evidence") and c["evidence"].get("occurrences"):
1500
1500
  direct_purls[purl] += len(c["evidence"].get("occurrences"))
1501
1501
  return dict(direct_purls), dict(reached_purls)
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/audit.py RENAMED
@@ -4,13 +4,17 @@ from depscan.lib import config
4
4
  from depscan.lib.pkg_query import npm_metadata, pypi_metadata
5
5
 
6
6
  # Dict mapping project type to the audit source
7
- type_audit_map = {"nodejs": NpmSource(), "js": NpmSource(), "npm": NpmSource()}
7
+ type_audit_map = {"nodejs": NpmSource(), "js": NpmSource(), "javascript": NpmSource(), "ts": NpmSource(),
8
+ "typescript": NpmSource(), "npm": NpmSource()}
8
9
 
9
10
  # Dict mapping project type to risk audit
10
11
  risk_audit_map = {
11
12
  "npm": npm_metadata,
12
13
  "nodejs": npm_metadata,
13
14
  "js": npm_metadata,
15
+ "javascript": npm_metadata,
16
+ "ts": npm_metadata,
17
+ "typescript": npm_metadata,
14
18
  "python": pypi_metadata,
15
19
  "py": pypi_metadata,
16
20
  "pypi": pypi_metadata,
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/normalize.py RENAMED
@@ -219,7 +219,7 @@ def create_pkg_variations(pkg_dict):
219
219
  {
220
220
  "vendor": vvar,
221
221
  "name": nvar,
222
- "version": pkg_dict["version"],
222
+ "version": pkg_dict.get("version", ""),
223
223
  }
224
224
  )
225
225
  elif len(name_aliases) > 1:
@@ -229,7 +229,7 @@ def create_pkg_variations(pkg_dict):
229
229
  {
230
230
  "vendor": pkg_dict.get("vendor"),
231
231
  "name": nvar,
232
- "version": pkg_dict["version"],
232
+ "version": pkg_dict.get("version", ""),
233
233
  }
234
234
  )
235
235
  return pkg_list
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/depscan/lib/orasclient.py RENAMED
@@ -22,7 +22,7 @@ class VdbDistributionRegistry(oras.provider.Registry):
22
22
  jsonschema.exceptions.ValidationError: Additional properties are not allowed ('artifactType' was unexpected)
23
23
  """
24
24
 
25
- def get_manifest(self, container, allowed_media_type=None):
25
+ def get_manifest(self, container, allowed_media_type=None, refresh_headers=True):
26
26
  """
27
27
  Retrieve a manifest for a package.
28
28
 
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13/owasp_depscan.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: owasp-depscan
3
- Version: 5.2.11
3
+ Version: 5.2.13
4
4
  Summary: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories.
5
5
  Author-email: Team AppThreat <cloud@appthreat.com>
6
6
  License: MIT
@@ -22,7 +22,7 @@ Description-Content-Type: text/markdown
22
22
  License-File: LICENSE
23
23
  Requires-Dist: appthreat-vulnerability-db==5.6.4
24
24
  Requires-Dist: defusedxml
25
- Requires-Dist: oras==0.1.26
25
+ Requires-Dist: oras~=0.1.26
26
26
  Requires-Dist: PyYAML
27
27
  Requires-Dist: rich
28
28
  Requires-Dist: quart
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/owasp_depscan.egg-info/requires.txt RENAMED
@@ -1,6 +1,6 @@
1
1
  appthreat-vulnerability-db==5.6.4
2
2
  defusedxml
3
- oras==0.1.26
3
+ oras~=0.1.26
4
4
  PyYAML
5
5
  rich
6
6
  quart
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/pyproject.toml RENAMED
@@ -1,6 +1,6 @@
1
1
  [project]
2
2
  name = "owasp-depscan"
3
- version = "5.2.11"
3
+ version = "5.2.13"
4
4
  description = "Fully open-source security audit for project dependencies based on known vulnerabilities and advisories."
5
5
  authors = [
6
6
  {name = "Team AppThreat", email = "cloud@appthreat.com"},
@@ -8,7 +8,7 @@ authors = [
8
8
  dependencies = [
9
9
  "appthreat-vulnerability-db==5.6.4",
10
10
  "defusedxml",
11
- "oras==0.1.26",
11
+ "oras~=0.1.26",
12
12
  "PyYAML",
13
13
  "rich",
14
14
  "quart",
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/LICENSE RENAMED
File without changes
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/README.md RENAMED
File without changes
{owasp-depscan-5.2.11 → owasp-depscan-5.2.13}/setup.cfg RENAMED
File without changes