trustcheck 2.2.1__tar.gz → 2.2.2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {trustcheck-2.2.1/src/trustcheck.egg-info → trustcheck-2.2.2}/PKG-INFO +1 -1
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/export_homebrew_tap.py +15 -10
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/_version.py +2 -2
- {trustcheck-2.2.1 → trustcheck-2.2.2/src/trustcheck.egg-info}/PKG-INFO +1 -1
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_homebrew_tap_export.py +50 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.dockerignore +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.gitattributes +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/CODEOWNERS +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/ISSUE_TEMPLATE/general.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/dependabot.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/trustcheck-action-fail-policy.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/acceptance-matrix.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/action-integration.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/bandit.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/benchmarks.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/binary-security.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/ci.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/codeql.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/docs.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/fuzz.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/live-integration.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/mutation.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/plagiarism-scan.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/post-release-parity.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/publish.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/sarif-integration.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/semgrep.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.github/workflows/source-build.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.gitignore +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/.pre-commit-hooks.yaml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/CHANGELOG.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/CONTRIBUTING.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/Dockerfile +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/LICENSE +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/MANIFEST.in +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/README.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/SECURITY.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/action.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/README.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/benchmark_against_pip_audit.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/corpus.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/malicious-calibration.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/pdm.lock +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/poetry.lock +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/pylock.toml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements-hashed.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements-main.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements-malformed.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements-markers-extras.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements-private-index.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements-profiles.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements-resolution.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements-vcs-editable.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/requirements.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/truth-public-key.pem +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/truth.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/truth.json.sig +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/corpus/uv.lock +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/measure_command.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/results/benchmark-public-key.pem +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/results/latest.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/benchmarks/results/latest.json.sig +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/assets/images/logo-bg-less.png +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/assets/images/logo.png +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/assets/javascripts/disable-search-shortcut.js +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/changelog.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/cli/configuration.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/cli/exit-codes.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/cli/index.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/cli/policies.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/getting-started/installation.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/getting-started/quickstart.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/guides/ci-integration.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/index.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/benchmarks.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/compatibility.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/industry-formats.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/json-contract.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/malicious-package-detection.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/performance-extensibility.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/python-api.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/recommendations.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/remediation.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/docs/reference/trust-model.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/fuzz/README.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/fuzz/fuzz_artifacts.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/fuzz/fuzz_exports.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/fuzz/fuzz_indexes.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/fuzz/fuzz_lockfiles.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/fuzz/fuzz_provenance.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/fuzz/fuzz_requirements.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/mkdocs.yml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/pyproject.toml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/action.lock +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/ci.in +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/ci.lock +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/fuzz.in +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/fuzz.lock +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/runtime.in +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/runtime.lock +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/semgrep.in +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/requirements/semgrep.lock +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/acceptance_matrix.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/benchmark_signature.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/build_msix_layout.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/build_standalone.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/check_mutation_score.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/dependency_bounds.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/github_plagiarism_scan.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/smoke_test_distribution.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/trustcheck_binary.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/update_benchmark_table.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/update_coverage_badge.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/validate_sarif.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/verify_release_channels.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/scripts/verify_release_version.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/setup.cfg +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/snap/README.md +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/snap/gui/icon.png +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/snap/snapcraft.yaml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/__init__.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/__main__.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/_resolver_guard.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/advisories.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/artifacts.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/attestations.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cache.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/__init__.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/context.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/diff.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/doctor.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/environment.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/impact.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/inspect.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/install.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/manifest.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_commands/scan.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_models.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_render.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_runtime.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/cli_targets.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/contract.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/diff.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/doctor.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/dynamic.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/export_models.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/export_xml.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/exports.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/github_action.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/impact.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/indexes.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/lockfiles.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/malicious.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/manifest.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/models.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/plugins.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/policy.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/pre_commit.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/provenance.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/py.typed +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/pypi.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/remediation.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/remediation_models.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/remediation_render.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/resolver.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/resume.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/schemas.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/service.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/service_state.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/service_urls.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/snapshots.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck/workspace.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck.egg-info/SOURCES.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck.egg-info/dependency_links.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck.egg-info/entry_points.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck.egg-info/requires.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/src/trustcheck.egg-info/top_level.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/bad-scan.toml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/cache/5e491d79f8ba9e36d864ae50c690989677616cd509e5b99abb9272c8ad976435.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/config_non_object.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/empty-scan.toml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/empty-scan.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/invalid-scan.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/policy_non_object.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/scan-poetry.toml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/_tmp/scan-project.toml +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/fixtures/client_config.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/fixtures/policy_require_expected_repo.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/fixtures/requirements-vulnerable.txt +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/snapshots/contract_schema.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/snapshots/report_minimal.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/snapshots/report_verified.json +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_advisories.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_artifacts.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_attestations.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_benchmark_results.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_binary_security_workflow.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_ci_workflow.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_cli.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_contract.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_dependency_bounds.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_diff.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_docker_workflows.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_doctor.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_dynamic.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_edge_cases.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_exports.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_github_action.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_impact.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_indexes.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_install_command.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_integration_live.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_lockfiles.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_malicious.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_manifest.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_msix_packaging.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_mutation_score.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_performance_extensibility.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_plagiarism_scan.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_plugin_security.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_pre_commit.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_property_invariants.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_provenance.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_public_api.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_pypi.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_release_channels.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_release_executable.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_release_readiness.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_release_version.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_remediation.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_resolver.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_resolver_guard.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_sarif_validation.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_scan_profiles.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_service.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_snap_packaging.py +0 -0
- {trustcheck-2.2.1 → trustcheck-2.2.2}/tests/test_workspace.py +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: trustcheck
|
|
3
|
-
Version: 2.2.
|
|
3
|
+
Version: 2.2.2
|
|
4
4
|
Summary: Package trust and provenance verification for PyPI consumers.
|
|
5
5
|
License-Expression: LicenseRef-Trustcheck-Personal-Use
|
|
6
6
|
Project-URL: Repository, https://github.com/Halfblood-Prince/trustcheck
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
from __future__ import annotations
|
|
2
2
|
|
|
3
3
|
import argparse
|
|
4
|
+
import http.client
|
|
4
5
|
import json
|
|
5
6
|
import re
|
|
6
7
|
import shutil
|
|
@@ -10,8 +11,6 @@ from dataclasses import asdict, dataclass
|
|
|
10
11
|
from pathlib import Path
|
|
11
12
|
from urllib.parse import quote
|
|
12
13
|
|
|
13
|
-
import urllib3
|
|
14
|
-
|
|
15
14
|
PACKAGE_LINE = re.compile(
|
|
16
15
|
r"^(?P<name>[A-Za-z0-9_.-]+)==(?P<version>[^\\\s;]+)(?:\s*;[^\\]+)?(?:\s*\\)?$"
|
|
17
16
|
)
|
|
@@ -103,33 +102,39 @@ def parse_checksums(path: Path) -> dict[str, str]:
|
|
|
103
102
|
def read_pypi_json(project: str, version: str) -> Mapping[str, object]:
|
|
104
103
|
encoded_project = quote(project, safe="")
|
|
105
104
|
encoded_version = quote(version, safe="")
|
|
106
|
-
|
|
107
|
-
pool = urllib3.PoolManager()
|
|
105
|
+
path = f"/pypi/{encoded_project}/{encoded_version}/json"
|
|
108
106
|
last_error: Exception | None = None
|
|
109
107
|
for attempt in range(1, 7):
|
|
108
|
+
connection: http.client.HTTPSConnection | None = None
|
|
110
109
|
try:
|
|
111
|
-
|
|
110
|
+
# PyPI host is fixed, and Python 3.12+ verifies TLS certificates by default.
|
|
111
|
+
# nosemgrep
|
|
112
|
+
connection = http.client.HTTPSConnection("pypi.org", timeout=30)
|
|
113
|
+
connection.request(
|
|
112
114
|
"GET",
|
|
113
|
-
|
|
115
|
+
path,
|
|
114
116
|
headers={
|
|
115
117
|
"Accept": "application/json",
|
|
116
118
|
"User-Agent": "trustcheck-homebrew-tap-exporter",
|
|
117
119
|
},
|
|
118
|
-
retries=False,
|
|
119
|
-
timeout=urllib3.Timeout(total=30),
|
|
120
120
|
)
|
|
121
|
+
response = connection.getresponse()
|
|
122
|
+
response_data = response.read()
|
|
121
123
|
if response.status >= 400:
|
|
122
124
|
raise ValueError(
|
|
123
125
|
f"{project}=={version}: PyPI returned HTTP {response.status}"
|
|
124
126
|
)
|
|
125
|
-
payload = json.loads(
|
|
127
|
+
payload = json.loads(response_data.decode("utf-8"))
|
|
126
128
|
if not isinstance(payload, dict):
|
|
127
129
|
raise ValueError(f"{project}=={version}: PyPI returned non-object JSON")
|
|
128
130
|
return payload
|
|
129
|
-
except (
|
|
131
|
+
except (OSError, http.client.HTTPException, ValueError) as exc:
|
|
130
132
|
last_error = exc
|
|
131
133
|
if attempt < 6:
|
|
132
134
|
time.sleep(10)
|
|
135
|
+
finally:
|
|
136
|
+
if connection is not None:
|
|
137
|
+
connection.close()
|
|
133
138
|
raise ValueError(f"Unable to read PyPI metadata for {project}=={version}") from last_error
|
|
134
139
|
|
|
135
140
|
|
|
@@ -18,7 +18,7 @@ version_tuple: tuple[int | str, ...]
|
|
|
18
18
|
commit_id: str | None
|
|
19
19
|
__commit_id__: str | None
|
|
20
20
|
|
|
21
|
-
__version__ = version = 'v2.2.
|
|
22
|
-
__version_tuple__ = version_tuple = (2, 2,
|
|
21
|
+
__version__ = version = 'v2.2.2'
|
|
22
|
+
__version_tuple__ = version_tuple = (2, 2, 2)
|
|
23
23
|
|
|
24
24
|
__commit_id__ = commit_id = None
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: trustcheck
|
|
3
|
-
Version: 2.2.
|
|
3
|
+
Version: 2.2.2
|
|
4
4
|
Summary: Package trust and provenance verification for PyPI consumers.
|
|
5
5
|
License-Expression: LicenseRef-Trustcheck-Personal-Use
|
|
6
6
|
Project-URL: Repository, https://github.com/Halfblood-Prince/trustcheck
|
|
@@ -5,6 +5,7 @@ import tempfile
|
|
|
5
5
|
import unittest
|
|
6
6
|
from collections.abc import Mapping
|
|
7
7
|
from pathlib import Path
|
|
8
|
+
from unittest.mock import patch
|
|
8
9
|
|
|
9
10
|
from scripts import export_homebrew_tap
|
|
10
11
|
|
|
@@ -34,6 +35,55 @@ def _pypi_payload(name: str, version: str, sha256: str) -> dict[str, object]:
|
|
|
34
35
|
|
|
35
36
|
|
|
36
37
|
class HomebrewTapExportTests(unittest.TestCase):
|
|
38
|
+
def test_read_pypi_json_uses_stdlib_https_connection(self) -> None:
|
|
39
|
+
class FakeResponse:
|
|
40
|
+
status = 200
|
|
41
|
+
|
|
42
|
+
def read(self) -> bytes:
|
|
43
|
+
return json.dumps({"urls": []}).encode("utf-8")
|
|
44
|
+
|
|
45
|
+
class FakeConnection:
|
|
46
|
+
instances: list[FakeConnection] = []
|
|
47
|
+
|
|
48
|
+
def __init__(self, host: str, *, timeout: int) -> None:
|
|
49
|
+
self.host = host
|
|
50
|
+
self.timeout = timeout
|
|
51
|
+
self.request_args: tuple[str, str] | None = None
|
|
52
|
+
self.request_headers: dict[str, str] | None = None
|
|
53
|
+
self.closed = False
|
|
54
|
+
self.instances.append(self)
|
|
55
|
+
|
|
56
|
+
def request(
|
|
57
|
+
self,
|
|
58
|
+
method: str,
|
|
59
|
+
path: str,
|
|
60
|
+
*,
|
|
61
|
+
headers: dict[str, str],
|
|
62
|
+
) -> None:
|
|
63
|
+
self.request_args = (method, path)
|
|
64
|
+
self.request_headers = headers
|
|
65
|
+
|
|
66
|
+
def getresponse(self) -> FakeResponse:
|
|
67
|
+
return FakeResponse()
|
|
68
|
+
|
|
69
|
+
def close(self) -> None:
|
|
70
|
+
self.closed = True
|
|
71
|
+
|
|
72
|
+
with patch.object(
|
|
73
|
+
export_homebrew_tap.http.client,
|
|
74
|
+
"HTTPSConnection",
|
|
75
|
+
FakeConnection,
|
|
76
|
+
):
|
|
77
|
+
payload = export_homebrew_tap.read_pypi_json("demo-package", "1.2.3")
|
|
78
|
+
|
|
79
|
+
self.assertEqual(payload, {"urls": []})
|
|
80
|
+
[connection] = FakeConnection.instances
|
|
81
|
+
self.assertEqual(connection.host, "pypi.org")
|
|
82
|
+
self.assertEqual(connection.timeout, 30)
|
|
83
|
+
self.assertEqual(connection.request_args, ("GET", "/pypi/demo-package/1.2.3/json"))
|
|
84
|
+
self.assertEqual(connection.request_headers["Accept"], "application/json")
|
|
85
|
+
self.assertTrue(connection.closed)
|
|
86
|
+
|
|
37
87
|
def test_parse_lockfile_reads_pinned_packages_and_hashes(self) -> None:
|
|
38
88
|
with tempfile.TemporaryDirectory() as tmpdir:
|
|
39
89
|
lockfile = Path(tmpdir) / "runtime.lock"
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|