PyPI - pyannotators-patterns - Versions diffs - 0.6.11__tar.gz → 0.6.15__tar.gz - Mend

pyannotators-patterns 0.6.11tar.gz → 0.6.15tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

{pyannotators_patterns-0.6.11 → pyannotators_patterns-0.6.15}/.gitignore RENAMED Viewed

@@ -130,4 +130,8 @@ dmypy.json
 .groovylintrc.json
 .emailNotif
 uv.lock
-audit-report.json
+# SBOMs
+**/sbom*.json
+**/trivy*.html
+**/audit*.json

{pyannotators_patterns-0.6.11 → pyannotators_patterns-0.6.15}/Jenkinsfile RENAMED Viewed

@@ -106,6 +106,7 @@ pipeline {
       stages {
         stage('Install dependencies') {
           steps {
+            sh 'rm -f uv.lock'
             sh 'pip install uv'
             sh 'uv sync --no-cache --extra test'
           }
@@ -155,6 +156,75 @@ pipeline {
         }
       }
     }
+    stage('Prepare SBOM') {
+      when {
+        beforeAgent true
+        environment name: 'SKIP_JOB', value: '0'
+      }
+      options {
+        timeout(time: 120, unit: 'SECONDS')
+      }
+      agent {
+        docker {
+          image 'alpine:3.19'
+          label 'built-in'
+          customWorkspace "${PATH_HOME}/${JOB_NAME}"
+          args "-u 0"
+        }
+      }
+      stages {
+        stage('Generate SBOM') {
+          steps {
+            sh '''
+               apk add --no-cache curl
+               curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b . v${SYFT_VERSION}
+               ./syft . \
+                --exclude '**/syft' \
+                --exclude '**/.pytest_cache' \
+                --exclude '**/.ruff_cache' \
+                --exclude '**/sbom.cdx.json' \
+                --exclude '**/sbom.spdx.json' \
+                --source-name "${JOB_NAME}" \
+                --source-version "${BUILD_NUMBER}" \
+                -o cyclonedx-json=sbom.cdx.json \
+                -o spdx-json=sbom.spdx.json
+               rm -f ./syft
+               '''
+          }
+        }
+        stage('Analyse SBOM') {
+          steps {
+            sh '''
+               curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b . v${TRIVY_VERSION}
+               curl -L https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/html.tpl -o trivy-html-template.tpl
+               ./trivy sbom --download-db-only
+               ./trivy sbom sbom.cdx.json \
+                --skip-db-update \
+                --format template \
+                --template "@trivy-html-template.tpl" \
+                -o trivy-report.html
+               rm -f ./trivy
+               '''
+          }
+        }
+        stage('Archive SBOM & analysis') {
+          steps {
+            archiveArtifacts artifacts: 'sbom*.json, trivy*.html', fingerprint: true
+          }
+        }
+      }
+    }
   }
   post {

{pyannotators_patterns-0.6.11 → pyannotators_patterns-0.6.15}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pyannotators-patterns
-Version: 0.6.11
+Version: 0.6.15
 Summary: Annotator based on Presidio pattern recognizer
 Project-URL: Homepage, https://github.com/oterrier/pyannotators_patterns/
 Author-email: Olivier Terrier <olivier.terrier@kairntech.com>

{pyannotators_patterns-0.6.11 → pyannotators_patterns-0.6.15}/src/pyannotators_patterns/__init__.py RENAMED Viewed

@@ -1,3 +1,3 @@
 """Annotator based on Presidio pattern recognizer"""
-__version__ = "0.6.11"
+__version__ = "0.6.15"

pyannotators_patterns-0.6.15/trivy-html-template.tpl ADDED Viewed

@@ -0,0 +1,148 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+{{- if . }}
+    <style>
+      * {
+        font-family: Arial, Helvetica, sans-serif;
+      }
+      h1 {
+        text-align: center;
+      }
+      .group-header th {
+        font-size: 200%;
+      }
+      .sub-header th {
+        font-size: 150%;
+      }
+      table, th, td {
+        border: 1px solid black;
+        border-collapse: collapse;
+        white-space: nowrap;
+        padding: .3em;
+      }
+      table {
+        margin: 0 auto;
+      }
+      .severity {
+        text-align: center;
+        font-weight: bold;
+        color: #fafafa;
+      }
+      .severity-LOW .severity { background-color: #5fbb31; }
+      .severity-MEDIUM .severity { background-color: #e9c600; }
+      .severity-HIGH .severity { background-color: #ff8800; }
+      .severity-CRITICAL .severity { background-color: #e40000; }
+      .severity-UNKNOWN .severity { background-color: #747474; }
+      .severity-LOW { background-color: #5fbb3160; }
+      .severity-MEDIUM { background-color: #e9c60060; }
+      .severity-HIGH { background-color: #ff880060; }
+      .severity-CRITICAL { background-color: #e4000060; }
+      .severity-UNKNOWN { background-color: #74747460; }
+      table tr td:first-of-type {
+        font-weight: bold;
+      }
+      .links a,
+      .links[data-more-links=on] a {
+        display: block;
+      }
+      .links[data-more-links=off] a:nth-of-type(1n+5) {
+        display: none;
+      }
+      a.toggle-more-links { cursor: pointer; }
+    </style>
+    <title>{{- escapeXML ( index . 0 ).Target }} - Trivy Report - {{ now }} </title>
+    <script>
+      window.onload = function() {
+        document.querySelectorAll('td.links').forEach(function(linkCell) {
+          var links = [].concat.apply([], linkCell.querySelectorAll('a'));
+          [].sort.apply(links, function(a, b) {
+            return a.href > b.href ? 1 : -1;
+          });
+          links.forEach(function(link, idx) {
+            if (links.length > 3 && 3 === idx) {
+              var toggleLink = document.createElement('a');
+              toggleLink.innerText = "Toggle more links";
+              toggleLink.href = "#toggleMore";
+              toggleLink.setAttribute("class", "toggle-more-links");
+              linkCell.appendChild(toggleLink);
+            }
+            linkCell.appendChild(link);
+          });
+        });
+        document.querySelectorAll('a.toggle-more-links').forEach(function(toggleLink) {
+          toggleLink.onclick = function() {
+            var expanded = toggleLink.parentElement.getAttribute("data-more-links");
+            toggleLink.parentElement.setAttribute("data-more-links", "on" === expanded ? "off" : "on");
+            return false;
+          };
+        });
+      };
+    </script>
+  </head>
+  <body>
+    <h1>{{- escapeXML ( index . 0 ).Target }} - Trivy Report - {{ now }}</h1>
+    <table>
+    {{- range . }}
+      <tr class="group-header"><th colspan="6">{{ .Type | toString | escapeXML }}</th></tr>
+      {{- if (eq (len .Vulnerabilities) 0) }}
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      {{- else }}
+      <tr class="sub-header">
+        <th>Package</th>
+        <th>Vulnerability ID</th>
+        <th>Severity</th>
+        <th>Installed Version</th>
+        <th>Fixed Version</th>
+        <th>Links</th>
+      </tr>
+        {{- range .Vulnerabilities }}
+      <tr class="severity-{{ escapeXML .Vulnerability.Severity }}">
+        <td class="pkg-name">{{ escapeXML .PkgName }}</td>
+        <td>{{ escapeXML .VulnerabilityID }}</td>
+        <td class="severity">{{ escapeXML .Vulnerability.Severity }}</td>
+        <td class="pkg-version">{{ escapeXML .InstalledVersion }}</td>
+        <td>{{ escapeXML .FixedVersion }}</td>
+        <td class="links" data-more-links="off">
+          {{- range .Vulnerability.References }}
+          <a href={{ escapeXML . | printf "%q" }}>{{ escapeXML . }}</a>
+          {{- end }}
+        </td>
+      </tr>
+        {{- end }}
+      {{- end }}
+      {{- if (eq (len .Misconfigurations ) 0) }}
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      {{- else }}
+      <tr class="sub-header">
+        <th>Type</th>
+        <th>Misconf ID</th>
+        <th>Check</th>
+        <th>Severity</th>
+        <th>Message</th>
+      </tr>
+        {{- range .Misconfigurations }}
+      <tr class="severity-{{ escapeXML .Severity }}">
+        <td class="misconf-type">{{ escapeXML .Type }}</td>
+        <td>{{ escapeXML .ID }}</td>
+        <td class="misconf-check">{{ escapeXML .Title }}</td>
+        <td class="severity">{{ escapeXML .Severity }}</td>
+        <td class="link" data-more-links="off"  style="white-space:normal;">
+          {{ escapeXML .Message }}
+          <br>
+            <a href={{ escapeXML .PrimaryURL | printf "%q" }}>{{ escapeXML .PrimaryURL }}</a>
+          </br>
+        </td>
+      </tr>
+        {{- end }}
+      {{- end }}
+    {{- end }}
+    </table>
+{{- else }}
+  </head>
+  <body>
+    <h1>Trivy Returned Empty Report</h1>
+{{- end }}
+  </body>
+</html>