Python getWatchedRepos Beispiele

Beispiel #1

Datei: analyzeDeps.py Projekt: nasifimtiazohi/vulnerable-dependency-detection-comparison

def addDepndencies():
    # repos= common.getNpmPackageRepos()
    # sql.execute('truncate table npmDependencyTree')
    # for path in repos:
    #     repo=path.split("/")[-1]
    #     repoId = common.getRepoId(repo)
    #     addNodeDependencies(repoId,path)

    repos = common.getWatchedRepos()
    for path in repos:
        repo = path.split("/")[-1]
        repoId = common.getRepoId(repo)
        if repoId == 19:
            addMavenDependencies(repoId, path)

Beispiel #2

Datei: prepareDistro.py Projekt: nasifimtiazohi/vulnerable-dependency-detection-comparison

def initial_setup():
    projects = readPom('pom.xml')
    
    paths = common.getWatchedRepos()

    for path in paths:
        repo=path.split('/')[-1]
        clonedRepos.append(repo)
    

    for k in projects.keys():
        if projects[k]['repo'] in clonedRepos:
            continue
        if 'org.openmrs' not in projects[k]['group']:
            print(projects[k]['group'])
            continue

        cloneAndCheckoutVersion(k, projects[k])

Beispiel #3

Datei: analyzeVictim.py Projekt: nasifimtiazohi/vulnerable-dependency-detection-comparison

    repo=path.split('/')[-1]
    repoId=common.getRepoId(repo)
    os.chdir(path)
    
    start= datetime.now()
    os.system('mvn com.redhat.victims.maven:security-versions:check')
    end=datetime.now()
    diff=end-start
    scanTime = common.getTimeDeltaInMinutes(diff)
    
    os.chdir(path+'/target')
    files=(os.popen("find . -type f -path */dependencies/* -name index.html").read()).split("\n")[:-1]
    
    assert len(files) == 1
    file=files[0]
    
    soup= BeautifulSoup(open(file).read(),'lxml')
    d=getVulns(repoId, soup.find_all('table')[0])
    vulns = dedupe_vulns(repoId, d)
    addAlerts(vulns)
    
    return scanTime

if __name__=='__main__':
    repos=common.getWatchedRepos()
    scanTime = 0
    for path in repos:
        scanTime += scanAndProcess(path)
        print(scanTime)
    
    common.addScanTime(toolId, scanTime, 'maven')

Beispiel #4

    q = '''select * from repoDependencyFiles rDF
        join repository r on rDF.repositoryId = r.id
        where file like %s'''
    results = sql.execute(q, ('%package.json', ))

    for item in results:
        path = '/Users/nasifimtiaz/openmrs/' + item['repoName']
        if '/' in item['file']:
            path = path + '/' + item['file']
            path = path[:-len('/package.json')]
        os.chdir(path)
        os.system('npm install')


if __name__ == '__main__':
    mavenRepos = common.getWatchedRepos()
    npmRepos = common.getNpmPackageRepos()
    mavenScantime = 0
    npmScantime = 0

    #npmInstall()

    repos = common.getWatchedRepos()
    for path in repos:
        repo = path.split('/')[-1]
        repoId = common.getRepoId(repo)
        df, time = getOWASPReportAsDf(path, 'maven')
        if path in mavenRepos:
            mavenScantime += time
        if path in npmRepos:
            npmScantime += time