troubadix 25.10.9__py3-none-any.whl → 25.10.10__py3-none-any.whl

troubadix/__version__.py

@@ -2,4 +2,4 @@
 
 # THIS IS AN AUTOGENERATED FILE. DO NOT TOUCH!
 
-__version__ = "25.10.9"
+__version__ = "25.10.10"

troubadix/codespell/codespell.exclude

@@ -273,6 +273,7 @@ CPE = "cpe:/a:mapp:webtrekk:";
 CPE = "cpe:/a:netsparker:wass";
 CPE = "cpe:/a:tawk:tawk.to_live_chat";
 CPE:           cpe:/a:tawk:tawk.to_live_chat:0.8.0
+    cpe =~ "^cpe:/o:fujifilm:apeos_2150_(n|nd|nda)_firmware") {
     cpe =~ "^cpe:/o:hp:laserjet_pro_420[1-3](cdn|dn|dw|dne|dwe)_firmware") {
  CPU' could have occured because a retry loop continually finds the same
 crafted IFF ILBM file. NOTE: some of these details are obtained from
@@ -398,7 +399,9 @@ drbd: Avoid Clang warning about pointless switch statment (bsc#1051510).
  eliptic curve parameters were not sufficiently validated during
   } else if( banner =~ "^220 (RICOH|LANIER|SAVIN|Gestetner|NRG) (Aficio |Pro)?([A-Z]+)? [^ ]+ (\([^)]+\) )?FTP server" ) {
   } else if("diese Vorgabe muss manuell ueberprueft werden" >< tolower(status)) {
+} else if (prod =~ "^BMX\s*NOE\s*0100$") {
 else if (prod =~ "^BMX\s*NOE\s*0100$" || prod =~ "^BMX\s*NOE\s*0100H$") {
+} else if (prod =~ "^BMX\s*NOE\s*0110$") {
 else if (prod =~ "^BMX\s*NOE\s*0110$" || prod =~ "^BMX\s*NOE\s*0110H$") {
   else if( svc == "agobot.fo" )
 Enable log information of starting/stoping services. (bsc#1144923,
@@ -415,6 +418,7 @@ examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej
 execute arbitrary code via a crafted Upack PE file.
  executuon (bsc#966437).
 EXP=CustomIE.dll
+expected_value = '1. The output should contain "iif "lo" accept" and contain "iif != "lo" ip saddr 127.0.0.0/8 drop" and contain "iif != "lo" ip6 saddr ::1 drop"
 EXP=expext.dll
   expressions that are not properly handled by a stap script that
  * extended EAP-SIM/AKA fast re-authentication to allow use with FILS
@@ -442,6 +446,7 @@ files. If a user were tricked into opening a specially-crafted CAF file, a
   files packed with UPack.
   files to potentially execute code and it is tracked by the Mitre CVE
   file_xml = '\t\t<file_item' + status + ' xmlns="http://oval.mitre.org/XMLSchema/' +
+firebird:x:109:117:Firebird Database Administator,,,:/var/lib/firebird:/usr/sbin/nologin
 Fixed a bug where Podman could not run containers usin... [Please see the references for more information on the vulnerabilities]");
 Fixed an issue with version missmatch (bsc#1162224).
 Fixed a regression in regards to the 'edge' comand line flag
@@ -582,6 +587,7 @@ if (prod =~ "^BMX\s*NOE\s*0110$" || prod =~ "^BMX\s*NOE\s*0110H$") {
 if (prod =~ "^BMX\s*NOE\s*0110" && version_is_less(version: version, test_version: "6.5")) {
 if (prod =~ "^BMX\s*NOE\s*0110" && version_is_less(version: version, test_version: "6.70")) {
 if (prod =~ "^BMX\s*NOE\s*0200") {
+if (!prod || (prod !~ "^BMX\s*P34" && prod !~ "^BMX\s*(NOC\s*0401|NGD\s*0100|NOR\s*0200H|NOE\s*01[01]0)"))
 if (!prod || (prod !~ "^BMX\s*P34" && prod !~ "^BMX\s*NOE\s*01[01]0"))
 if (!prod || (prod !~ "^BMX\s*P34" && prod !~ "^BMX\s*NOE\s*0(1[01]|20)0"))
 if (!prod || (prod !~ "^BMX\s*P34" && prod !~ "^BMX\s*NOR\s*0200H" && prod !~ "^BMX\s*NOE\s*0100" &&
@@ -752,6 +758,7 @@ ML^Q8<TQ^+LTL*)6UG-,[V6-;N*W*79^&[ND/.DM''*U8D?Q:.'+%RB;S$!.'
 MM]7>[YM~GC^@?_WK0@W/F>UDL^Q8<TQ^+LTL*)6UG-,[V6-;N*W*79^&[ND/
 MN*W*79^&[ND/.DM''*U8D?Q:.'+%RB;S$!.'6['*(;8>~A:>&GO>&&M7/36X
   model = "TE Unknown Model";
+  mod = eregmatch(pattern: "([-A-Za-z0-9]+) -?\s*.*([Cc]ard|[Cc]ontroller) \[v", string: recv);
   mod = eregmatch(pattern: "Huawei (TE[0-9]0)", string: banner);
   mod = eregmatch(pattern: "(RICOH|LANIER|SAVIN|Gestetner|NRG) ((Aficio |Pro)?([A-Z]+)? [^ ]+)", string: banner);
 mod = eregmatch(pattern: "^(RICOH|LANIER|SAVIN|Gestetner|NRG) ((Aficio )?[^ ]+ [^ :]*)(:[^:]+:Ver.([.0-9]+))?", string: banner);

troubadix/plugins/http_links_in_tags.py

@@ -172,6 +172,10 @@ class CheckHttpLinksInTags(FilePlugin):
             # e.g.:
             # sun.net.www.protocol.jar.JarURLConnection
             "sun.net.www.",
+            # e.g.:
+            # For example: 'http://[::1]/'.
+            "http://[::1]/",
+            "https://[::1]/",
         ]
 
         return any(

troubadix/standalone_plugins/deprecate_vts.py

@@ -1,12 +1,14 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 # SPDX-FileCopyrightText: 2024 Greenbone AG
 
+import importlib.util
+import logging
 import re
 from argparse import ArgumentParser, Namespace
 from dataclasses import dataclass
 from enum import Enum
 from pathlib import Path
-from typing import Iterable, Optional
+from typing import Iterable
 
 from pontos.terminal.terminal import ConsoleTerminal
 
@@ -19,6 +21,8 @@ from troubadix.helper.patterns import (
 )
 from troubadix.troubadix import from_file
 
+logger = logging.getLogger(__name__)
+
 
 class Deprecations(Enum):
     NOTUS = "and replaced by a Notus scanner based one."
@@ -37,7 +41,21 @@ class DeprecatedFile:
 KB_ITEMS_PATTERN = re.compile(r"set_kb_item\(.+\);")
 
 
-def update_summary(file: DeprecatedFile, deprecation_reason: str) -> str:
+def load_transition_oid_mapping(transition_file: Path) -> dict[str, str]:
+    spec = importlib.util.spec_from_file_location(
+        "transition_layer", transition_file
+    )
+    transition_layer = importlib.util.module_from_spec(spec)
+    spec.loader.exec_module(transition_layer)
+
+    return transition_layer.mapping
+
+
+def update_summary(
+    file: DeprecatedFile,
+    deprecation_reason: str,
+    replacement_oid: str | None = None,
+) -> str:
     """Update the summary of the nasl script by adding the information
     that the script has been deprecated, and if possible, the oid of
     the new notus script replacing it.
@@ -46,21 +64,22 @@ def update_summary(file: DeprecatedFile, deprecation_reason: str) -> str:
         file: DeprecatedFile object containing the content of the VT
         deprecation_reason: The reason this VT is being deprecated,
             from a list of options.
+        replacement_oid: The OID of the script that replaces this deprecated one.
 
     Returns:
         The updated content of the file
     """
     old_summary = _get_summary(file.content)
     if not old_summary:
-        print(f"No summary in: {file.name}")
+        logger.warning(f"No summary in: {file.name}")
         return file.content
 
-    deprecate_text = (
-        f"Note: This VT has been deprecated "
-        f"{Deprecations[deprecation_reason].value}"
-    )
+    deprecate_text = f"Note: This VT has been deprecated {Deprecations[deprecation_reason].value}"
+
+    if replacement_oid:
+        deprecate_text += f" The replacement VT has OID {replacement_oid}."
 
-    new_summary = old_summary + "\n" + deprecate_text
+    new_summary = old_summary + "\n\n  " + deprecate_text
     file.content = file.content.replace(old_summary, new_summary)
 
     return file.content
@@ -71,8 +90,7 @@ def _finalize_content(content: str) -> str:
     deprecated tag and removing the extra content."""
     content_to_keep = content.split("exit(0);")[0]
     return content_to_keep + (
-        'script_tag(name:"deprecated", value:TRUE);'
-        "\n\n  exit(0);\n}\n\nexit(66);\n"
+        'script_tag(name:"deprecated", value:TRUE);\n\n  exit(0);\n}\n\nexit(66);\n'
     )
 
 
@@ -111,7 +129,7 @@ def parse_files(files: list) -> list[DeprecatedFile]:
     return to_deprecate
 
 
-def _get_summary(content: str) -> Optional[str]:
+def _get_summary(content: str) -> str | None:
     """Extract the summary from the nasl script"""
     pattern = get_script_tag_pattern(ScriptTag.SUMMARY)
     if match_summary := re.search(pattern, content):
@@ -120,10 +138,34 @@ def _get_summary(content: str) -> Optional[str]:
     return None
 
 
+def find_replacement_oid(
+    file: DeprecatedFile,
+    oid_mapping: dict[str, str] | None = None,
+) -> str | None:
+    # Get replacement OID if available
+    if not oid_mapping:
+        return None
+
+    oid_match = re.search(
+        get_special_script_tag_pattern(SpecialScriptTag.OID),
+        file.content,
+    )
+    if not oid_match:
+        raise ValueError(
+            f"No OID found in {file.name}. Cannot map to replacement OID."
+        )
+    oid = oid_match.group("value")
+    replacement_oid = oid_mapping.get(oid)
+    if not replacement_oid:
+        raise ValueError(f"No replacement OID found for {oid} in {file.name}.")
+    return replacement_oid
+
+
 def deprecate(
     output_path: Path,
     to_deprecate: list[DeprecatedFile],
     deprecation_reason: str,
+    oid_mapping: dict[str, str] | None = None,
 ) -> None:
     """Deprecate the selected VTs by removing unnecessary keys, updating the
     summary, and adding the deprecated tag.
@@ -134,16 +176,19 @@ def deprecate(
         to_deprecate: the list of files to be deprecated
         deprecation_reason: The reason this VT is being deprecated,
         from a list of options.
+        oid_mapping: Optional mapping of file paths to replacement OIDs
     """
     output_path.mkdir(parents=True, exist_ok=True)
     for file in to_deprecate:
         if re.findall(KB_ITEMS_PATTERN, file.content):
-            print(
-                f"Unable to deprecate {file.name}. There are still KB keys "
-                f"remaining."
+            logger.warning(
+                f"Unable to deprecate {file.name}. There are still KB keys remaining."
             )
             continue
-        file.content = update_summary(file, deprecation_reason)
+
+        replacement_oid = find_replacement_oid(file, oid_mapping)
+
+        file.content = update_summary(file, deprecation_reason, replacement_oid)
         file.content = _finalize_content(file.content)
 
         # Drop any unnecessary script tags like script_dependencies(),
@@ -229,6 +274,17 @@ def parse_args(args: Iterable[str] = None) -> Namespace:
             "to be deprecated, separated by new lines."
         ),
     )
+
+    parser.add_argument(
+        "--transition-file",
+        metavar="<transition_file>",
+        default=None,
+        type=file_type_existing,
+        help=(
+            "Path to a file containing a list of oid mappings."
+            "Found in notus/generator/nasl/transition_layer."
+        ),
+    )
     return parser.parse_args(args)
 
 
@@ -245,8 +301,17 @@ def main():
     elif args.file:
         files = args.file
 
-    to_be_deprecated = parse_files(files)
-    deprecate(args.output_path, to_be_deprecated, args.deprecation_reason)
+    # Load OID mapping if provided
+    oid_mapping = None
+    if args.transition_file:
+        oid_mapping = load_transition_oid_mapping(args.transition_file)
+
+    deprecate(
+        args.output_path,
+        parse_files(files),
+        args.deprecation_reason,
+        oid_mapping,
+    )
 
 
 if __name__ == "__main__":

{troubadix-25.10.9.dist-info → troubadix-25.10.10.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: troubadix
-Version: 25.10.9
+Version: 25.10.10
 Summary: A linting and QA check tool for NASL files
 License: GPL-3.0-or-later
 License-File: LICENSE

{troubadix-25.10.9.dist-info → troubadix-25.10.10.dist-info}/RECORD

@@ -1,8 +1,8 @@
 troubadix/__init__.py,sha256=K7sIXXDrC7YRb7BvIpdQ6ZfG_QkT0qUH_wAlHROVRfM,716
-troubadix/__version__.py,sha256=5vWilWzDGYBXmf8qR5PG3cr7jcf2aD3Xeu9CIBn01Ms,104
+troubadix/__version__.py,sha256=tM6XBs928mas3m_SEaK-UlVtWoA2w4UXHge5R3tqxRc,105
 troubadix/argparser.py,sha256=-H07Jhqh68_M4Mbjq9qJjTr3MShy_N2pxl2qHA6cfRU,7481
 troubadix/codespell/codespell.additions,sha256=SJPlIo8vEKEOTftY6ZBSXzcfyv6y9aFAXl9FdpcMxD0,561
-troubadix/codespell/codespell.exclude,sha256=W1dHEbKuXZbiLMRLhUPIzhCV1ptHqPLuaB6VsJLxn64,147965
+troubadix/codespell/codespell.exclude,sha256=1zLTC45y7o1pVWUju35IFRNFG1Tj-r5HbgJwtCb8FRk,148569
 troubadix/codespell/codespell.ignore,sha256=2CP8u6O2VENcDpt2FfEDNmfa1Eh3D80yeYHT54GM1X4,1512
 troubadix/helper/__init__.py,sha256=tp2fPLzwGEA_2eiJbvuePiY6rjYSFxx7VUsCV4fSwvw,1110
 troubadix/helper/date_format.py,sha256=2m8EWZPmTQ1kxgv4i5hrPoPlAA8usjz28aRff352zNU,2488
@@ -31,7 +31,7 @@ troubadix/plugins/encoding.py,sha256=Ow_ZpyjtL2_nqhbukY_3EUhiR0agfSxMxJ4IcMSGsT4
 troubadix/plugins/forking_nasl_functions.py,sha256=IUtCrTK_sGDx79jAPS8lF_aN8zSG2AkzfC6duTMvJOw,6069
 troubadix/plugins/get_kb_on_services.py,sha256=oFmcjiF7ZD3x5tEbJEoZNn80y1qUzNgeSZNsogSqaZ0,3401
 troubadix/plugins/grammar.py,sha256=-53McZsKFuEavIS8-8CG7fUbW8VO3FuZv0PXenD42Bk,10239
-troubadix/plugins/http_links_in_tags.py,sha256=F4fm74M3CbmWOJoCyDdEO-bKQahFsHL6vs4ZynhHEkc,7325
+troubadix/plugins/http_links_in_tags.py,sha256=DOAsN16av2UdMJUvK3nDi44ertBIi9EauK821GwGLKY,7448
 troubadix/plugins/if_statement_syntax.py,sha256=5BRJwCCghvZn1AfvYzmk8l9S7aRqbVaLHhSKod_Q9zw,1429
 troubadix/plugins/illegal_characters.py,sha256=B6q_RU85AxCjLry56Oc-RhMSpnJU8mTrxclRzi1FVFU,4406
 troubadix/plugins/log_messages.py,sha256=COrnp3bXMG8PRIAD2x5Ka9hk-jI16We9ifXj6JBZI0c,2960
@@ -101,15 +101,15 @@ troubadix/standalone_plugins/dependency_graph/checks.py,sha256=O4KyiVKpKxrgdmADX
 troubadix/standalone_plugins/dependency_graph/cli.py,sha256=RIyGeSm83XJ88N7Ati6z417hXkMajzzAtqdxnOg-urI,1305
 troubadix/standalone_plugins/dependency_graph/dependency_graph.py,sha256=_4x_btU9GTdh5MZw56R7hfUwpdejNa2iXXxRRIPiEGU,5536
 troubadix/standalone_plugins/dependency_graph/models.py,sha256=7kLrjFRdyReTRTgxte6-3KCBve4evg91AcqkX4I8VJU,1002
-troubadix/standalone_plugins/deprecate_vts.py,sha256=mLt2DV9Y1YAEuh6c4nFweZYIOprsBzO7115dihEn4lA,7602
+troubadix/standalone_plugins/deprecate_vts.py,sha256=2Lk7aPVsD8iUWSglSr46bcibnxG1KsWsKB9CA1TsmwQ,9528
 troubadix/standalone_plugins/file_extensions.py,sha256=fqswrhCcQqygIszcnobS9hFQmSpv3gDkvlufoaTckBg,2355
 troubadix/standalone_plugins/last_modification.py,sha256=ROzwVzzYilXJ0llVt4Lv0w8b9BJKoahl6YxPDiub614,4338
 troubadix/standalone_plugins/no_solution.py,sha256=p_-az9Igl4GH6HnhLLYbYlWIiEP64OTQLpX-z3JAshs,8760
 troubadix/standalone_plugins/util.py,sha256=JTXGmi-_BJouTNe6QzEosLlXUt9jKW-3fz4db05RJJw,696
 troubadix/standalone_plugins/version_updated.py,sha256=6YHF0OjL5NWszQdsSh7XzlSji1e6Uaqwu_Y6m3R0mvI,4203
 troubadix/troubadix.py,sha256=5__Jz3bYSrya4aG6RCBWxqnsDepXfwXZ3v0bjCzEFi0,6039
-troubadix-25.10.9.dist-info/METADATA,sha256=vqH-RyAUMdTGfE_TiQ1WAsxQrsyXNm5LSD4xuf7l7G8,4536
-troubadix-25.10.9.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
-troubadix-25.10.9.dist-info/entry_points.txt,sha256=ETEPBi4fKv3o7hzkzceX4838G6g5_5wRdEddYot8N6A,920
-troubadix-25.10.9.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-troubadix-25.10.9.dist-info/RECORD,,
+troubadix-25.10.10.dist-info/METADATA,sha256=leca1P8z5zmMk5RnLALX8jqEqKMPY1ilL3ii1eH4aLo,4537
+troubadix-25.10.10.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
+troubadix-25.10.10.dist-info/entry_points.txt,sha256=ETEPBi4fKv3o7hzkzceX4838G6g5_5wRdEddYot8N6A,920
+troubadix-25.10.10.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+troubadix-25.10.10.dist-info/RECORD,,