socketsecurity 0.0.91__tar.gz → 0.0.92__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. {socketsecurity-0.0.91/socketsecurity.egg-info → socketsecurity-0.0.92}/PKG-INFO +1 -1
  2. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/__init__.py +1 -1
  3. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/__init__.py +5 -2
  4. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/github.py +19 -62
  5. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/gitlab.py +19 -93
  6. {socketsecurity-0.0.91 → socketsecurity-0.0.92/socketsecurity.egg-info}/PKG-INFO +1 -1
  7. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/LICENSE +0 -0
  8. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/README.md +0 -0
  9. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/pyproject.toml +0 -0
  10. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/setup.cfg +0 -0
  11. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/classes.py +0 -0
  12. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/exceptions.py +0 -0
  13. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/git_interface.py +0 -0
  14. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/issues.py +0 -0
  15. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/licenses.py +0 -0
  16. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/messages.py +0 -0
  17. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/core/scm_comments.py +0 -0
  18. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity/socketcli.py +0 -0
  19. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity.egg-info/SOURCES.txt +0 -0
  20. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity.egg-info/dependency_links.txt +0 -0
  21. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity.egg-info/entry_points.txt +0 -0
  22. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity.egg-info/requires.txt +0 -0
  23. {socketsecurity-0.0.91 → socketsecurity-0.0.92}/socketsecurity.egg-info/top_level.txt +0 -0
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: socketsecurity
3
- Version: 0.0.91
3
+ Version: 0.0.92
4
4
  Summary: Socket Security CLI for CI/CD
5
5
  Author-email: Douglas Coburn <douglas@socket.dev>
6
6
  Maintainer-email: Douglas Coburn <douglas@socket.dev>
@@ -1,2 +1,2 @@
1
1
  __author__ = 'socket.dev'
2
- __version__ = '0.0.91'
2
+ __version__ = '0.0.92'
@@ -28,7 +28,8 @@ import time
28
28
  __all__ = [
29
29
  "Core",
30
30
  "log",
31
- "__version__"
31
+ "__version__",
32
+ "do_request"
32
33
  ]
33
34
 
34
35
 
@@ -128,8 +129,10 @@ def do_request(
128
129
  else:
129
130
  msg = {
130
131
  "status_code": response.status_code,
132
+ "UnexpectedError": "There was an unexpected error using the API",
131
133
  "error": response.text,
132
- "UnexpectedError": "There was an unexpected error using the API"
134
+ "payload": payload,
135
+ "url": url
133
136
  }
134
137
  raise APIFailure(msg)
135
138
 
@@ -1,8 +1,7 @@
1
1
  import json
2
2
  import os
3
- from socketsecurity.core import log
3
+ from socketsecurity.core import log, do_request
4
4
  import requests
5
- from socketsecurity.core.exceptions import *
6
5
  from socketsecurity.core.classes import Comment
7
6
  from socketsecurity.core.scm_comments import Comments
8
7
  import sys
@@ -54,60 +53,12 @@ for env in github_variables:
54
53
  else:
55
54
  is_default_branch = True
56
55
 
57
-
58
- def do_request(
59
- path: str,
60
- headers: dict = None,
61
- payload: [dict, str] = None,
62
- files: list = None,
63
- method: str = "GET",
64
- ) -> dict:
65
- """
66
- do_requests is the shared function for making HTTP calls
67
-
68
- :param path: Required path for the request
69
- :param headers: Optional dictionary of headers. If not set will use a default set
70
- :param payload: Optional dictionary or string of the payload to pass
71
- :param files: Optional list of files to upload
72
- :param method: Optional method to use, defaults to GET
73
- :return:
74
- """
75
- if gh_api_token is None or gh_api_token == "":
76
- raise APIKeyMissing
77
-
78
- if headers is None:
79
- headers = {
80
- 'Authorization': f"Bearer {gh_api_token}",
81
- 'User-Agent': 'SocketPythonScript/0.0.1',
82
- "accept": "application/json"
83
- }
84
- url = f"{github_api_url}/{path}"
85
- response = requests.request(
86
- method.upper(),
87
- url,
88
- headers=headers,
89
- data=payload,
90
- files=files
91
- )
92
- if response.status_code <= 399:
93
- try:
94
- return response.json()
95
- except Exception as error:
96
- response = {
97
- "error": error,
98
- "response": response.text,
99
- "payload": payload
100
- }
101
- return response
102
- else:
103
- msg = {
104
- "status_code": response.status_code,
105
- "UnexpectedError": "There was an unexpected error using the API",
106
- "error": response.text,
107
- "payload": payload,
108
- "path": path
109
- }
110
- raise APIFailure(msg)
56
+ headers = {
57
+ 'Authorization': f"Bearer {gh_api_token}",
58
+ 'User-Agent': 'SocketPythonScript/0.0.1',
59
+ "accept": "application/json"
60
+ }
61
+ base_url = f"{github_api_url}/"
111
62
 
112
63
 
113
64
  class Github:
@@ -177,37 +128,43 @@ class Github:
177
128
  existing_overview_comment = comments.get("overview")
178
129
  existing_security_comment = comments.get("security")
179
130
  if new_overview_comment:
131
+ log.debug("New Dependency Overview comment")
180
132
  if existing_overview_comment is not None:
133
+ log.debug("Previous version of Dependency Overview, updating")
181
134
  existing_overview_comment: Comment
182
135
  Github.update_comment(overview_comment, str(existing_overview_comment.id))
183
136
  else:
137
+ log.debug("No previous version of Dependency Overview, posting")
184
138
  Github.post_comment(overview_comment)
185
139
  if new_security_comment:
140
+ log.debug("New Security Issue Comment")
186
141
  if existing_security_comment is not None:
142
+ log.debug("Previous version of Security Issue comment, updating")
187
143
  existing_security_comment: Comment
188
144
  Github.update_comment(security_comment, str(existing_security_comment.id))
189
145
  else:
146
+ log.debug("No Previous version of Security Issue comment, posting")
190
147
  Github.post_comment(security_comment)
191
148
 
192
149
  @staticmethod
193
150
  def post_comment(body: str) -> None:
194
151
  repo = github_repository.rsplit("/", 1)[1]
195
- path = f"repos/{github_repository_owner}/{repo}/issues/{pr_number}/comments"
152
+ path = f"{base_url}repos/{github_repository_owner}/{repo}/issues/{pr_number}/comments"
196
153
  payload = {
197
154
  "body": body
198
155
  }
199
156
  payload = json.dumps(payload)
200
- do_request(path, payload=payload, method="POST")
157
+ do_request(path, payload=payload, method="POST", headers=headers)
201
158
 
202
159
  @staticmethod
203
160
  def update_comment(body: str, comment_id: str) -> None:
204
161
  repo = github_repository.rsplit("/", 1)[1]
205
- path = f"repos/{github_repository_owner}/{repo}/issues/comments/{comment_id}"
162
+ path = f"{base_url}repos/{github_repository_owner}/{repo}/issues/comments/{comment_id}"
206
163
  payload = {
207
164
  "body": body
208
165
  }
209
166
  payload = json.dumps(payload)
210
- do_request(path, payload=payload, method="PATCH")
167
+ do_request(path, payload=payload, method="PATCH", headers=headers)
211
168
 
212
169
  @staticmethod
213
170
  def write_new_env(name: str, content: str) -> None:
@@ -218,8 +175,8 @@ class Github:
218
175
 
219
176
  @staticmethod
220
177
  def get_comments_for_pr(repo: str, pr: str) -> dict:
221
- path = f"repos/{github_repository_owner}/{repo}/issues/{pr}/comments"
222
- raw_comments = do_request(path)
178
+ path = f"{base_url}repos/{github_repository_owner}/{repo}/issues/{pr}/comments"
179
+ raw_comments = do_request(path, headers=headers)
223
180
  comments = {}
224
181
  if "error" not in raw_comments:
225
182
  for item in raw_comments:
@@ -1,7 +1,5 @@
1
1
  import os
2
- from socketsecurity.core import log
3
- import requests
4
- from socketsecurity.core.exceptions import *
2
+ from socketsecurity.core import log, do_request
5
3
  from socketsecurity.core.scm_comments import Comments
6
4
  import sys
7
5
  from socketsecurity.core.classes import Comment, Issue
@@ -41,7 +39,6 @@ gitlab_variables = [
41
39
  "GITLAB_TOKEN",
42
40
  ]
43
41
 
44
-
45
42
  for env in gitlab_variables:
46
43
  var_name = env.lower()
47
44
  globals()[var_name] = os.getenv(env) or None
@@ -49,59 +46,12 @@ for env in gitlab_variables:
49
46
  value = globals()[var_name]
50
47
  log.debug(f"{env}={value}")
51
48
 
52
-
53
- def do_request(
54
- path: str,
55
- headers: dict = None,
56
- payload: [dict, str] = None,
57
- files: list = None,
58
- method: str = "GET",
59
- ) -> dict:
60
- """
61
- do_requests is the shared function for making HTTP calls
62
-
63
- :param path: Required path for the request
64
- :param headers: Optional dictionary of headers. If not set will use a default set
65
- :param payload: Optional dictionary or string of the payload to pass
66
- :param files: Optional list of files to upload
67
- :param method: Optional method to use, defaults to GET
68
- :return:
69
- """
70
- if gitlab_token is None or gitlab_token == "":
71
- raise APIKeyMissing
72
-
73
- if headers is None:
74
- headers = {
75
- 'Authorization': f"Bearer {gitlab_token}",
76
- 'User-Agent': 'SocketPythonScript/0.0.1',
77
- "accept": "application/json"
78
- }
79
- url = f"{ci_api_v4_url}/{path}"
80
- response = requests.request(
81
- method.upper(),
82
- url,
83
- headers=headers,
84
- data=payload,
85
- files=files
86
- )
87
- if response.status_code <= 399:
88
- try:
89
- return response.json()
90
- except Exception as error:
91
- response = {
92
- "error": error,
93
- "response": response.text
94
- }
95
- return response
96
- else:
97
- msg = {
98
- "status_code": response.status_code,
99
- "UnexpectedError": "There was an unexpected error using the API",
100
- "error": response.text,
101
- "payload": payload,
102
- "path": path
103
- }
104
- raise APIFailure(msg)
49
+ base_url = f"{ci_api_v4_url}/"
50
+ headers = {
51
+ 'Authorization': f"Bearer {gitlab_token}",
52
+ 'User-Agent': 'SocketPythonScript/0.0.1',
53
+ "accept": "application/json"
54
+ }
105
55
 
106
56
 
107
57
  class Gitlab:
@@ -171,40 +121,44 @@ class Gitlab:
171
121
  existing_overview_comment = comments.get("overview")
172
122
  existing_security_comment = comments.get("security")
173
123
  if new_overview_comment:
124
+ log.debug("New Dependency Overview comment")
174
125
  if existing_overview_comment is not None:
126
+ log.debug("Previous version of Dependency Overview, updating")
175
127
  existing_overview_comment: Comment
176
128
  Gitlab.update_comment(overview_comment, str(existing_overview_comment.id))
177
129
  else:
130
+ log.debug("No previous version of Dependency Overview, posting")
178
131
  Gitlab.post_comment(overview_comment)
179
132
  if new_security_comment:
133
+ log.debug("New Security Issue Comment")
180
134
  if existing_security_comment is not None:
135
+ log.debug("Previous version of Security Issue comment, updating")
181
136
  existing_security_comment: Comment
182
137
  Gitlab.update_comment(security_comment, str(existing_security_comment.id))
183
138
  else:
139
+ log.debug("No Previous version of Security Issue comment, posting")
184
140
  Gitlab.post_comment(security_comment)
185
141
 
186
142
  @staticmethod
187
143
  def post_comment(body: str) -> None:
188
- path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes"
144
+ path = f"{base_url}projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes"
189
145
  payload = {
190
146
  "body": body
191
147
  }
192
- # payload = json.dumps(payload)
193
- do_request(path, payload=payload, method="POST")
148
+ do_request(path, payload=payload, method="POST", headers=headers)
194
149
 
195
150
  @staticmethod
196
151
  def update_comment(body: str, comment_id: str) -> None:
197
- path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes/{comment_id}"
152
+ path = f"{base_url}projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes/{comment_id}"
198
153
  payload = {
199
154
  "body": body
200
155
  }
201
- # payload = json.dumps(payload)
202
- do_request(path, payload=payload, method="PUT")
156
+ do_request(path, payload=payload, method="PUT", headers=headers)
203
157
 
204
158
  @staticmethod
205
159
  def get_comments_for_pr(repo: str, pr: str) -> dict:
206
- path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes"
207
- raw_comments = do_request(path)
160
+ path = f"{base_url}projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes"
161
+ raw_comments = do_request(path, headers=headers)
208
162
  comments = {}
209
163
  if "message" not in raw_comments:
210
164
  for item in raw_comments:
@@ -217,34 +171,6 @@ class Gitlab:
217
171
  socket_comments = Comments.check_for_socket_comments(comments)
218
172
  return socket_comments
219
173
 
220
- @staticmethod
221
- def get_ignore_options(comments: dict) -> [bool, list]:
222
- ignore_commands = []
223
- ignore_all = False
224
-
225
- for comment in comments["ignore"]:
226
- comment: Comment
227
- first_line = comment.body_list[0]
228
- if not ignore_all and "SocketSecurity ignore" in first_line:
229
- first_line = first_line.lstrip("@")
230
- _, command = first_line.split("SocketSecurity ")
231
- command = command.strip()
232
- if command == "ignore-all":
233
- ignore_all = True
234
- else:
235
- command = command.lstrip("ignore").strip()
236
- name, version = command.split("@")
237
- data = f"{name}, {version}"
238
- ignore_commands.append(data)
239
- return ignore_all, ignore_commands
240
-
241
- @staticmethod
242
- def is_ignore(pkg_name: str, pkg_version: str, name: str, version: str) -> bool:
243
- result = False
244
- if pkg_name == name and (pkg_version == version or version == "*"):
245
- result = True
246
- return result
247
-
248
174
  @staticmethod
249
175
  def remove_comment_alerts(comments: dict):
250
176
  security_alert = comments.get("security")
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: socketsecurity
3
- Version: 0.0.91
3
+ Version: 0.0.92
4
4
  Summary: Socket Security CLI for CI/CD
5
5
  Author-email: Douglas Coburn <douglas@socket.dev>
6
6
  Maintainer-email: Douglas Coburn <douglas@socket.dev>
File without changes