socketsecurity 0.0.91__tar.gz → 0.0.93__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {socketsecurity-0.0.91/socketsecurity.egg-info → socketsecurity-0.0.93}/PKG-INFO +1 -1
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/__init__.py +1 -1
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/__init__.py +17 -16
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/github.py +15 -59
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/gitlab.py +16 -91
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/scm_comments.py +18 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/socketcli.py +2 -1
- {socketsecurity-0.0.91 → socketsecurity-0.0.93/socketsecurity.egg-info}/PKG-INFO +1 -1
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/LICENSE +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/README.md +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/pyproject.toml +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/setup.cfg +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/classes.py +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/exceptions.py +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/git_interface.py +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/issues.py +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/licenses.py +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity/core/messages.py +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity.egg-info/SOURCES.txt +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity.egg-info/dependency_links.txt +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity.egg-info/entry_points.txt +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity.egg-info/requires.txt +0 -0
- {socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity.egg-info/top_level.txt +0 -0
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
__author__ = 'socket.dev'
|
|
2
|
-
__version__ = '0.0.
|
|
2
|
+
__version__ = '0.0.93'
|
|
@@ -28,7 +28,8 @@ import time
|
|
|
28
28
|
__all__ = [
|
|
29
29
|
"Core",
|
|
30
30
|
"log",
|
|
31
|
-
"__version__"
|
|
31
|
+
"__version__",
|
|
32
|
+
"do_request"
|
|
32
33
|
]
|
|
33
34
|
|
|
34
35
|
|
|
@@ -63,10 +64,11 @@ def do_request(
|
|
|
63
64
|
payload: [dict, str] = None,
|
|
64
65
|
files: list = None,
|
|
65
66
|
method: str = "GET",
|
|
67
|
+
base_url: str = None,
|
|
66
68
|
) -> requests.request:
|
|
67
69
|
"""
|
|
68
70
|
do_requests is the shared function for making HTTP calls
|
|
69
|
-
|
|
71
|
+
:param base_url:
|
|
70
72
|
:param path: Required path for the request
|
|
71
73
|
:param headers: Optional dictionary of headers. If not set will use a default set
|
|
72
74
|
:param payload: Optional dictionary or string of the payload to pass
|
|
@@ -74,8 +76,13 @@ def do_request(
|
|
|
74
76
|
:param method: Optional method to use, defaults to GET
|
|
75
77
|
:return:
|
|
76
78
|
"""
|
|
77
|
-
|
|
78
|
-
|
|
79
|
+
|
|
80
|
+
if base_url is not None:
|
|
81
|
+
url = f"{base_url}/{path}"
|
|
82
|
+
else:
|
|
83
|
+
if encoded_key is None or encoded_key == "":
|
|
84
|
+
raise APIKeyMissing
|
|
85
|
+
url = f"{api_url}/{path}"
|
|
79
86
|
|
|
80
87
|
if headers is None:
|
|
81
88
|
headers = {
|
|
@@ -83,7 +90,6 @@ def do_request(
|
|
|
83
90
|
'User-Agent': f'SocketPythonCLI/{__version__}',
|
|
84
91
|
"accept": "application/json"
|
|
85
92
|
}
|
|
86
|
-
url = f"{api_url}/{path}"
|
|
87
93
|
response = requests.request(
|
|
88
94
|
method.upper(),
|
|
89
95
|
url,
|
|
@@ -92,8 +98,8 @@ def do_request(
|
|
|
92
98
|
files=files,
|
|
93
99
|
timeout=timeout
|
|
94
100
|
)
|
|
95
|
-
output_headers = headers
|
|
96
|
-
output_headers['Authorization'] = "
|
|
101
|
+
output_headers = headers.copy()
|
|
102
|
+
output_headers['Authorization'] = "API_KEY_REDACTED"
|
|
97
103
|
output = {
|
|
98
104
|
"url": url,
|
|
99
105
|
"headers": output_headers,
|
|
@@ -107,14 +113,7 @@ def do_request(
|
|
|
107
113
|
if response.status_code <= 399:
|
|
108
114
|
return response
|
|
109
115
|
elif response.status_code == 400:
|
|
110
|
-
|
|
111
|
-
print(f"payload={payload}")
|
|
112
|
-
print(f"files={files}")
|
|
113
|
-
error = {
|
|
114
|
-
"msg": "bad request",
|
|
115
|
-
"error": response.text
|
|
116
|
-
}
|
|
117
|
-
raise APIFailure(error)
|
|
116
|
+
raise APIFailure(output)
|
|
118
117
|
elif response.status_code == 401:
|
|
119
118
|
raise APIAccessDenied("Unauthorized")
|
|
120
119
|
elif response.status_code == 403:
|
|
@@ -128,8 +127,10 @@ def do_request(
|
|
|
128
127
|
else:
|
|
129
128
|
msg = {
|
|
130
129
|
"status_code": response.status_code,
|
|
130
|
+
"UnexpectedError": "There was an unexpected error using the API",
|
|
131
131
|
"error": response.text,
|
|
132
|
-
"
|
|
132
|
+
"payload": payload,
|
|
133
|
+
"url": url
|
|
133
134
|
}
|
|
134
135
|
raise APIFailure(msg)
|
|
135
136
|
|
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import json
|
|
2
2
|
import os
|
|
3
|
-
from socketsecurity.core import log
|
|
3
|
+
from socketsecurity.core import log, do_request
|
|
4
4
|
import requests
|
|
5
|
-
from socketsecurity.core.exceptions import *
|
|
6
5
|
from socketsecurity.core.classes import Comment
|
|
7
6
|
from socketsecurity.core.scm_comments import Comments
|
|
8
7
|
import sys
|
|
@@ -54,60 +53,11 @@ for env in github_variables:
|
|
|
54
53
|
else:
|
|
55
54
|
is_default_branch = True
|
|
56
55
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
files: list = None,
|
|
63
|
-
method: str = "GET",
|
|
64
|
-
) -> dict:
|
|
65
|
-
"""
|
|
66
|
-
do_requests is the shared function for making HTTP calls
|
|
67
|
-
|
|
68
|
-
:param path: Required path for the request
|
|
69
|
-
:param headers: Optional dictionary of headers. If not set will use a default set
|
|
70
|
-
:param payload: Optional dictionary or string of the payload to pass
|
|
71
|
-
:param files: Optional list of files to upload
|
|
72
|
-
:param method: Optional method to use, defaults to GET
|
|
73
|
-
:return:
|
|
74
|
-
"""
|
|
75
|
-
if gh_api_token is None or gh_api_token == "":
|
|
76
|
-
raise APIKeyMissing
|
|
77
|
-
|
|
78
|
-
if headers is None:
|
|
79
|
-
headers = {
|
|
80
|
-
'Authorization': f"Bearer {gh_api_token}",
|
|
81
|
-
'User-Agent': 'SocketPythonScript/0.0.1',
|
|
82
|
-
"accept": "application/json"
|
|
83
|
-
}
|
|
84
|
-
url = f"{github_api_url}/{path}"
|
|
85
|
-
response = requests.request(
|
|
86
|
-
method.upper(),
|
|
87
|
-
url,
|
|
88
|
-
headers=headers,
|
|
89
|
-
data=payload,
|
|
90
|
-
files=files
|
|
91
|
-
)
|
|
92
|
-
if response.status_code <= 399:
|
|
93
|
-
try:
|
|
94
|
-
return response.json()
|
|
95
|
-
except Exception as error:
|
|
96
|
-
response = {
|
|
97
|
-
"error": error,
|
|
98
|
-
"response": response.text,
|
|
99
|
-
"payload": payload
|
|
100
|
-
}
|
|
101
|
-
return response
|
|
102
|
-
else:
|
|
103
|
-
msg = {
|
|
104
|
-
"status_code": response.status_code,
|
|
105
|
-
"UnexpectedError": "There was an unexpected error using the API",
|
|
106
|
-
"error": response.text,
|
|
107
|
-
"payload": payload,
|
|
108
|
-
"path": path
|
|
109
|
-
}
|
|
110
|
-
raise APIFailure(msg)
|
|
56
|
+
headers = {
|
|
57
|
+
'Authorization': f"Bearer {gh_api_token}",
|
|
58
|
+
'User-Agent': 'SocketPythonScript/0.0.1',
|
|
59
|
+
"accept": "application/json"
|
|
60
|
+
}
|
|
111
61
|
|
|
112
62
|
|
|
113
63
|
class Github:
|
|
@@ -177,16 +127,22 @@ class Github:
|
|
|
177
127
|
existing_overview_comment = comments.get("overview")
|
|
178
128
|
existing_security_comment = comments.get("security")
|
|
179
129
|
if new_overview_comment:
|
|
130
|
+
log.debug("New Dependency Overview comment")
|
|
180
131
|
if existing_overview_comment is not None:
|
|
132
|
+
log.debug("Previous version of Dependency Overview, updating")
|
|
181
133
|
existing_overview_comment: Comment
|
|
182
134
|
Github.update_comment(overview_comment, str(existing_overview_comment.id))
|
|
183
135
|
else:
|
|
136
|
+
log.debug("No previous version of Dependency Overview, posting")
|
|
184
137
|
Github.post_comment(overview_comment)
|
|
185
138
|
if new_security_comment:
|
|
139
|
+
log.debug("New Security Issue Comment")
|
|
186
140
|
if existing_security_comment is not None:
|
|
141
|
+
log.debug("Previous version of Security Issue comment, updating")
|
|
187
142
|
existing_security_comment: Comment
|
|
188
143
|
Github.update_comment(security_comment, str(existing_security_comment.id))
|
|
189
144
|
else:
|
|
145
|
+
log.debug("No Previous version of Security Issue comment, posting")
|
|
190
146
|
Github.post_comment(security_comment)
|
|
191
147
|
|
|
192
148
|
@staticmethod
|
|
@@ -197,7 +153,7 @@ class Github:
|
|
|
197
153
|
"body": body
|
|
198
154
|
}
|
|
199
155
|
payload = json.dumps(payload)
|
|
200
|
-
do_request(path, payload=payload, method="POST")
|
|
156
|
+
do_request(path, payload=payload, method="POST", headers=headers, base_url=github_api_url)
|
|
201
157
|
|
|
202
158
|
@staticmethod
|
|
203
159
|
def update_comment(body: str, comment_id: str) -> None:
|
|
@@ -207,7 +163,7 @@ class Github:
|
|
|
207
163
|
"body": body
|
|
208
164
|
}
|
|
209
165
|
payload = json.dumps(payload)
|
|
210
|
-
do_request(path, payload=payload, method="PATCH")
|
|
166
|
+
do_request(path, payload=payload, method="PATCH", headers=headers, base_url=github_api_url)
|
|
211
167
|
|
|
212
168
|
@staticmethod
|
|
213
169
|
def write_new_env(name: str, content: str) -> None:
|
|
@@ -219,7 +175,7 @@ class Github:
|
|
|
219
175
|
@staticmethod
|
|
220
176
|
def get_comments_for_pr(repo: str, pr: str) -> dict:
|
|
221
177
|
path = f"repos/{github_repository_owner}/{repo}/issues/{pr}/comments"
|
|
222
|
-
raw_comments = do_request(path)
|
|
178
|
+
raw_comments = Comments.process_response(do_request(path, headers=headers, base_url=github_api_url))
|
|
223
179
|
comments = {}
|
|
224
180
|
if "error" not in raw_comments:
|
|
225
181
|
for item in raw_comments:
|
|
@@ -1,7 +1,6 @@
|
|
|
1
|
+
import json
|
|
1
2
|
import os
|
|
2
|
-
from socketsecurity.core import log
|
|
3
|
-
import requests
|
|
4
|
-
from socketsecurity.core.exceptions import *
|
|
3
|
+
from socketsecurity.core import log, do_request
|
|
5
4
|
from socketsecurity.core.scm_comments import Comments
|
|
6
5
|
import sys
|
|
7
6
|
from socketsecurity.core.classes import Comment, Issue
|
|
@@ -41,7 +40,6 @@ gitlab_variables = [
|
|
|
41
40
|
"GITLAB_TOKEN",
|
|
42
41
|
]
|
|
43
42
|
|
|
44
|
-
|
|
45
43
|
for env in gitlab_variables:
|
|
46
44
|
var_name = env.lower()
|
|
47
45
|
globals()[var_name] = os.getenv(env) or None
|
|
@@ -49,60 +47,11 @@ for env in gitlab_variables:
|
|
|
49
47
|
value = globals()[var_name]
|
|
50
48
|
log.debug(f"{env}={value}")
|
|
51
49
|
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
files: list = None,
|
|
58
|
-
method: str = "GET",
|
|
59
|
-
) -> dict:
|
|
60
|
-
"""
|
|
61
|
-
do_requests is the shared function for making HTTP calls
|
|
62
|
-
|
|
63
|
-
:param path: Required path for the request
|
|
64
|
-
:param headers: Optional dictionary of headers. If not set will use a default set
|
|
65
|
-
:param payload: Optional dictionary or string of the payload to pass
|
|
66
|
-
:param files: Optional list of files to upload
|
|
67
|
-
:param method: Optional method to use, defaults to GET
|
|
68
|
-
:return:
|
|
69
|
-
"""
|
|
70
|
-
if gitlab_token is None or gitlab_token == "":
|
|
71
|
-
raise APIKeyMissing
|
|
72
|
-
|
|
73
|
-
if headers is None:
|
|
74
|
-
headers = {
|
|
75
|
-
'Authorization': f"Bearer {gitlab_token}",
|
|
76
|
-
'User-Agent': 'SocketPythonScript/0.0.1',
|
|
77
|
-
"accept": "application/json"
|
|
78
|
-
}
|
|
79
|
-
url = f"{ci_api_v4_url}/{path}"
|
|
80
|
-
response = requests.request(
|
|
81
|
-
method.upper(),
|
|
82
|
-
url,
|
|
83
|
-
headers=headers,
|
|
84
|
-
data=payload,
|
|
85
|
-
files=files
|
|
86
|
-
)
|
|
87
|
-
if response.status_code <= 399:
|
|
88
|
-
try:
|
|
89
|
-
return response.json()
|
|
90
|
-
except Exception as error:
|
|
91
|
-
response = {
|
|
92
|
-
"error": error,
|
|
93
|
-
"response": response.text
|
|
94
|
-
}
|
|
95
|
-
return response
|
|
96
|
-
else:
|
|
97
|
-
msg = {
|
|
98
|
-
"status_code": response.status_code,
|
|
99
|
-
"UnexpectedError": "There was an unexpected error using the API",
|
|
100
|
-
"error": response.text,
|
|
101
|
-
"payload": payload,
|
|
102
|
-
"path": path
|
|
103
|
-
}
|
|
104
|
-
raise APIFailure(msg)
|
|
105
|
-
|
|
50
|
+
headers = {
|
|
51
|
+
'Authorization': f"Bearer {gitlab_token}",
|
|
52
|
+
'User-Agent': 'SocketPythonScript/0.0.1',
|
|
53
|
+
"accept": "application/json"
|
|
54
|
+
}
|
|
106
55
|
|
|
107
56
|
class Gitlab:
|
|
108
57
|
commit_sha: str
|
|
@@ -171,16 +120,22 @@ class Gitlab:
|
|
|
171
120
|
existing_overview_comment = comments.get("overview")
|
|
172
121
|
existing_security_comment = comments.get("security")
|
|
173
122
|
if new_overview_comment:
|
|
123
|
+
log.debug("New Dependency Overview comment")
|
|
174
124
|
if existing_overview_comment is not None:
|
|
125
|
+
log.debug("Previous version of Dependency Overview, updating")
|
|
175
126
|
existing_overview_comment: Comment
|
|
176
127
|
Gitlab.update_comment(overview_comment, str(existing_overview_comment.id))
|
|
177
128
|
else:
|
|
129
|
+
log.debug("No previous version of Dependency Overview, posting")
|
|
178
130
|
Gitlab.post_comment(overview_comment)
|
|
179
131
|
if new_security_comment:
|
|
132
|
+
log.debug("New Security Issue Comment")
|
|
180
133
|
if existing_security_comment is not None:
|
|
134
|
+
log.debug("Previous version of Security Issue comment, updating")
|
|
181
135
|
existing_security_comment: Comment
|
|
182
136
|
Gitlab.update_comment(security_comment, str(existing_security_comment.id))
|
|
183
137
|
else:
|
|
138
|
+
log.debug("No Previous version of Security Issue comment, posting")
|
|
184
139
|
Gitlab.post_comment(security_comment)
|
|
185
140
|
|
|
186
141
|
@staticmethod
|
|
@@ -189,8 +144,7 @@ class Gitlab:
|
|
|
189
144
|
payload = {
|
|
190
145
|
"body": body
|
|
191
146
|
}
|
|
192
|
-
|
|
193
|
-
do_request(path, payload=payload, method="POST")
|
|
147
|
+
do_request(path, payload=payload, method="POST", headers=headers, base_url=ci_api_v4_url)
|
|
194
148
|
|
|
195
149
|
@staticmethod
|
|
196
150
|
def update_comment(body: str, comment_id: str) -> None:
|
|
@@ -198,13 +152,12 @@ class Gitlab:
|
|
|
198
152
|
payload = {
|
|
199
153
|
"body": body
|
|
200
154
|
}
|
|
201
|
-
|
|
202
|
-
do_request(path, payload=payload, method="PUT")
|
|
155
|
+
do_request(path, payload=payload, method="PUT", headers=headers, base_url=ci_api_v4_url)
|
|
203
156
|
|
|
204
157
|
@staticmethod
|
|
205
158
|
def get_comments_for_pr(repo: str, pr: str) -> dict:
|
|
206
159
|
path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes"
|
|
207
|
-
raw_comments = do_request(path)
|
|
160
|
+
raw_comments = Comments.process_response(do_request(path, headers=headers, base_url=ci_api_v4_url))
|
|
208
161
|
comments = {}
|
|
209
162
|
if "message" not in raw_comments:
|
|
210
163
|
for item in raw_comments:
|
|
@@ -217,34 +170,6 @@ class Gitlab:
|
|
|
217
170
|
socket_comments = Comments.check_for_socket_comments(comments)
|
|
218
171
|
return socket_comments
|
|
219
172
|
|
|
220
|
-
@staticmethod
|
|
221
|
-
def get_ignore_options(comments: dict) -> [bool, list]:
|
|
222
|
-
ignore_commands = []
|
|
223
|
-
ignore_all = False
|
|
224
|
-
|
|
225
|
-
for comment in comments["ignore"]:
|
|
226
|
-
comment: Comment
|
|
227
|
-
first_line = comment.body_list[0]
|
|
228
|
-
if not ignore_all and "SocketSecurity ignore" in first_line:
|
|
229
|
-
first_line = first_line.lstrip("@")
|
|
230
|
-
_, command = first_line.split("SocketSecurity ")
|
|
231
|
-
command = command.strip()
|
|
232
|
-
if command == "ignore-all":
|
|
233
|
-
ignore_all = True
|
|
234
|
-
else:
|
|
235
|
-
command = command.lstrip("ignore").strip()
|
|
236
|
-
name, version = command.split("@")
|
|
237
|
-
data = f"{name}, {version}"
|
|
238
|
-
ignore_commands.append(data)
|
|
239
|
-
return ignore_all, ignore_commands
|
|
240
|
-
|
|
241
|
-
@staticmethod
|
|
242
|
-
def is_ignore(pkg_name: str, pkg_version: str, name: str, version: str) -> bool:
|
|
243
|
-
result = False
|
|
244
|
-
if pkg_name == name and (pkg_version == version or version == "*"):
|
|
245
|
-
result = True
|
|
246
|
-
return result
|
|
247
|
-
|
|
248
173
|
@staticmethod
|
|
249
174
|
def remove_comment_alerts(comments: dict):
|
|
250
175
|
security_alert = comments.get("security")
|
|
@@ -1,7 +1,25 @@
|
|
|
1
1
|
from socketsecurity.core.classes import Comment, Issue
|
|
2
|
+
from socketsecurity.core import log
|
|
3
|
+
from requests import Response
|
|
4
|
+
import json
|
|
2
5
|
|
|
3
6
|
|
|
4
7
|
class Comments:
|
|
8
|
+
@staticmethod
|
|
9
|
+
def process_response(response: Response) -> dict:
|
|
10
|
+
output = {}
|
|
11
|
+
try:
|
|
12
|
+
output = response.json()
|
|
13
|
+
except Exception as error:
|
|
14
|
+
log.debug("Unable to parse comment response json, trying as text")
|
|
15
|
+
log.debug(error)
|
|
16
|
+
try:
|
|
17
|
+
output = json.loads(response.text)
|
|
18
|
+
except Exception as error:
|
|
19
|
+
log.error("Unable to process comment data, unable to get previous comment data")
|
|
20
|
+
log.error(error)
|
|
21
|
+
return output
|
|
22
|
+
|
|
5
23
|
@staticmethod
|
|
6
24
|
def remove_alerts(comments: dict, new_alerts: list) -> list:
|
|
7
25
|
alerts = []
|
|
@@ -169,7 +169,8 @@ def main_code():
|
|
|
169
169
|
arguments = parser.parse_args()
|
|
170
170
|
debug = arguments.enable_debug
|
|
171
171
|
if debug:
|
|
172
|
-
|
|
172
|
+
log.setLevel(logging.DEBUG)
|
|
173
|
+
log.debug("Debug logging enabled")
|
|
173
174
|
repo = arguments.repo
|
|
174
175
|
branch = arguments.branch
|
|
175
176
|
commit_message = arguments.commit_message
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{socketsecurity-0.0.91 → socketsecurity-0.0.93}/socketsecurity.egg-info/dependency_links.txt
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|