def manage_new_projects_text():
output = 'Manage new projects'
projects = Project.select()
if projects.filter(status="Skip").count() > 0:
output += f", Skipped: {projects.filter(status='Skip').count()}"
if projects.filter(status="New").count() > 0:
output += f", New: {projects.filter(status='New').count()}"
return output
def save_row_to_db(row):
if project_in_db(row['Project ID']):
project = Project.get(project_id=row['Project ID'])
else:
project = Project()
project.project = row['Project']
project.project_id = row['Project ID']
entry = Vulnerability(project=project)
entry.issue_id = row['Issue ID']
entry.ignored = row['Ignored']
entry.status = row['Status']
entry.project_id = row['Project ID']
entry.library = row['Library']
entry.version_in_use = row['Version in use']
entry.library_release_date = convert_to_datetime(row['Library release date'])
entry.package_manager = row['Package manager']
entry.coordinate1 = row['Coordinate 1']
entry.coordinate2 = row['Coordinate 2']
entry.latest_version = row['Latest version']
entry.latest_release_data = convert_to_datetime(row['Latest release date'])
entry.project_name = row['Project']
entry.branch = row['Branch']
entry.tag = row['Tag']
entry.issue_opened_scan_id = row['Issue opened: Scan ID']
entry.issue_opened_scan_date = convert_to_datetime(row['Issue opened: Scan date'])
entry.issue_fixed_scan_id = int_check(row['Issue fixed: Scan ID'])
entry.issue_fixed_scan_date = convert_to_datetime(row['Issue fixed: Scan date'])
entry.dependency = row['Dependency (Transitive or Direct)']
entry.scan = row['Scan']
entry.scan_date = convert_to_datetime(row['Scan date'])
entry.vulnerability_id = row['Vulnerability ID']
entry.title = row['Title']
entry.cvss_score = row['CVSS score']
entry.severity = row['Severity']
entry.cve = row['CVE']
entry.public_disclosure = is_public(row['Public or Veracode Customer Access'])
entry.disclosure_date = convert_to_datetime(row['Disclosure date'])
entry.has_vulnerable_methods = row['Has vulnerable methods']
entry.number_of_vulnerable_methods = row['Number of vulnerable methods']
def run_project_reports():
projects = Project.select()
if len(projects) > 0:
print(f"running reports for {len(projects)} projects")
for project in projects:
high, medium, low = report_entries(project)
report = ProjectReport(project=project, date=datetime.now())
report.severity_high = high
report.severity_medium = medium
report.severity_low = low
db.commit()
else:
print("no reports found")
def project_status():
with db_session:
projects = Project.select(
lambda p: p.status == "New" or p.status == "Skip")
if len(projects) > 0:
for project in projects:
print()
prompt = Bullet(
prompt=
f"Run reports for {project.project}, Current status: {project.status}",
choices=['Include', 'Exclude', 'Skip'])
result = prompt.launch()
project.status = result
db.commit()
def post(self, current_user):
'''Add a new project'''
req = request.get_json()
name = req.get('name')
description = req.get('description')
if not name or not description:
return {"msg": "Invalid Request"}, 400
try:
project = Project(name=name, description=description)
db.session.add(project)
db.session.commit()
except sqlalchemy.exc.IntegrityError:
return {"msg":"Project name already exists"}
except:
return {"msg":'Server Error'}, 500
return {"msg": "Project Created"}, 201
def projects_to_be_reported_on():
projects = Project.select(lambda p: p.status == 'Include')
if len(projects) > 0:
print(f"{len(projects)} projects are been report on")
return projects
def exclude_projects_note():
projects = Project.select(lambda p: p.status == 'Exclude')
if len(projects) > 0:
print(f"{len(projects)} projects are been excluded")
def skipped_projects_note():
projects = Project.select(lambda p: p.status == 'Skip')
if len(projects) > 0:
print(f"{len(projects)} projects are been skipped")
for project in projects:
print(f"\t{project.project}")
def project_in_db(project_id):
value = Project.get(project_id=project_id)
if value is not None:
return True
else:
return False