def test_latest_vulndb(self):
dists = Distributions()
pkg = 'vulndb'
found = None
pypi = CheeseShop(False)
all_dists = dists.get_distributions('all', pkg,
dists.get_highest_installed(pkg))
for dist, active in all_dists:
project_name, versions = pypi.query_versions_pypi(
dist.project_name)
if versions:
# PyPI returns them in chronological order,
# but who knows if its guaranteed in the API?
# Make sure we grab the highest version:
newest = get_highest_version(versions)
if newest != dist.version:
# We may have newer than what PyPI knows about
if pkg_resources.parse_version(dist.version) < \
pkg_resources.parse_version(newest):
found = True
if found:
self.assertTrue(False, MESSAGE)
def get_fresh_updates(package_name="", version=""):
userpath = expanduser("~")
now = datetime.now()
# Do we have a cache ?
if isfile(userpath + "/.qyolk"):
f = open(userpath + "/.qyolk", "r")
cache = cPickle.load(f)
check_time = now - timedelta(hours=24)
if cache[0] > check_time:
# fresh cache, use it
return cache[1]
# No cache, get updates and create the cache
ret = []
pypi = CheeseShop()
dists = Distributions()
for pkg in get_pkglist():
for (dist, active) in dists.get_distributions(
"all", pkg, dists.get_highest_installed(pkg)):
(project_name,
versions) = pypi.query_versions_pypi(dist.project_name)
if versions:
newest = get_highest_version(versions)
if newest != dist.version:
if pkg_resources.parse_version(
dist.version) < pkg_resources.parse_version(
newest):
ret.append([project_name, dist.version, newest])
f = open(userpath + "/.qyolk", "w")
cPickle.dump([now, ret], f)
return ret
def get_fresh_updates(package_name="", version=""):
userpath = expanduser("~")
now = datetime.now()
# Do we have a cache ?
if isfile(userpath + "/.qyolk"):
f = open(userpath + "/.qyolk", "r")
cache = cPickle.load(f)
check_time = now - timedelta(hours=24)
if cache[0] > check_time:
# fresh cache, use it
return cache[1]
# No cache, get updates and create the cache
ret = []
pypi = CheeseShop()
dists = Distributions()
for pkg in get_pkglist():
for (dist, active) in dists.get_distributions("all", pkg, dists.get_highest_installed(pkg)):
(project_name, versions) = pypi.query_versions_pypi(dist.project_name)
if versions:
newest = get_highest_version(versions)
if newest != dist.version:
if pkg_resources.parse_version(dist.version) < pkg_resources.parse_version(newest):
ret.append([project_name, dist.version, newest])
f = open(userpath + "/.qyolk", "w")
cPickle.dump([now, ret], f)
return ret
def test_latest_vulndb(self):
dists = Distributions()
pkg = 'vulndb'
found = None
pypi = CheeseShop(False)
all_dists = dists.get_distributions('all', pkg,
dists.get_highest_installed(pkg))
for dist, active in all_dists:
project_name, versions = pypi.query_versions_pypi(dist.project_name)
if versions:
# PyPI returns them in chronological order,
# but who knows if its guaranteed in the API?
# Make sure we grab the highest version:
newest = get_highest_version(versions)
if newest != dist.version:
#We may have newer than what PyPI knows about
if pkg_resources.parse_version(dist.version) < \
pkg_resources.parse_version(newest):
found = True
if found:
self.assertTrue(False, MESSAGE)
def show_distributions(self, show):
"""
Show list of installed activated OR non-activated packages
@param show: type of pkgs to show (all, active or nonactive)
@type show: string
@returns: None or 2 if error
"""
show_metadata = self.options.metadata
# Search for any plugins with active CLI options with add_column() method
plugins = self.get_plugin("add_column")
# Some locations show false positive for 'development' packages:
ignores = ["/UNIONFS", "/KNOPPIX.IMG"]
# Check if we're in a workingenv
# See http://cheeseshop.python.org/pypi/workingenv.py
workingenv = os.environ.get("WORKING_ENV")
if workingenv:
ignores.append(workingenv)
dists = Distributions()
results = None
for (dist, active) in dists.get_distributions(show, self.project_name, self.version):
metadata = get_metadata(dist)
for prefix in ignores:
if dist.location.startswith(prefix):
dist.location = dist.location.replace(prefix, "")
# Case-insensitve search because of Windows
if dist.location.lower().startswith(get_python_lib().lower()):
develop = ""
else:
develop = dist.location
if metadata:
add_column_text = ""
for my_plugin in plugins:
# See if package is 'owned' by a package manager such as
# portage, apt, rpm etc.
# add_column_text += my_plugin.add_column(filename) + " "
add_column_text += my_plugin.add_column(dist) + " "
self.print_metadata(metadata, develop, active, add_column_text)
else:
print str(dist) + " has no metadata"
results = True
if not results and self.project_name:
if self.version:
pkg_spec = "%s==%s" % (self.project_name, self.version)
else:
pkg_spec = "%s" % self.project_name
if show == "all":
self.logger.error("There are no versions of %s installed." % pkg_spec)
else:
self.logger.error("There are no %s versions of %s installed." % (show, pkg_spec))
return 2
elif show == "all" and results and self.options.fields:
print "Versions with '*' are non-active."
print "Versions with '!' are deployed in development mode."
def get_pkglist():
"""
Return list of all installed packages
Note: It returns one project name per pkg no matter how many versions
of a particular package is installed
@returns: list of project name strings for every installed pkg
"""
dists = Distributions()
projects = []
for (dist, _active) in dists.get_distributions("all"):
if dist.project_name not in projects:
projects.append(dist.project_name)
return projects
def get_pkglist():
"""
Return list of all installed packages
Note: It returns one project name per pkg no matter how many versions
of a particular package is installed
@returns: list of project name strings for every installed pkg
"""
dists = Distributions()
projects = []
for (dist, _active) in dists.get_distributions("all"):
if dist.project_name not in projects:
projects.append(dist.project_name)
return projects
def show_updates(self):
"""
Check installed packages for available updates on PyPI
@param project_name: optional package name to check; checks every
installed pacakge if none specified
@type project_name: string
@returns: None
"""
dists = Distributions()
if self.project_name:
#Check for a single package
pkg_list = [self.project_name]
else:
#Check for every installed package
pkg_list = get_pkglist()
found = None
for pkg in pkg_list:
for (dist, active) in dists.get_distributions("all", pkg,
dists.get_highest_installed(pkg)):
(project_name, versions) = \
self.pypi.query_versions_pypi(dist.project_name)
if versions:
#PyPI returns them in chronological order,
#but who knows if its guaranteed in the API?
#Make sure we grab the highest version:
newest = get_highest_version(versions)
if newest != dist.version:
#We may have newer than what PyPI knows about
if pkg_resources.parse_version(dist.version) < \
pkg_resources.parse_version(newest):
found = True
print " %s %s (%s)" % (project_name, dist.version,
newest)
if not found and self.project_name:
self.logger.info("You have the latest version installed.")
elif not found:
self.logger.info("No newer packages found at The Cheese Shop")
return 0
def show_updates(self):
"""
Check installed packages for available updates on PyPI
@param project_name: optional package name to check; checks every
installed pacakge if none specified
@type project_name: string
@returns: None
"""
dists = Distributions()
if self.project_name:
#Check for a single package
pkg_list = [self.project_name]
else:
#Check for every installed package
pkg_list = get_pkglist()
found = None
for pkg in pkg_list:
for (dist, active) in dists.get_distributions(
"all", pkg, dists.get_highest_installed(pkg)):
(project_name, versions) = \
self.pypi.query_versions_pypi(dist.project_name)
if versions:
#PyPI returns them in chronological order,
#but who knows if its guaranteed in the API?
#Make sure we grab the highest version:
newest = get_highest_version(versions)
if newest != dist.version:
#We may have newer than what PyPI knows about
if pkg_resources.parse_version(dist.version) < \
pkg_resources.parse_version(newest):
found = True
print " %s %s (%s)" % (project_name, dist.version,
newest)
if not found and self.project_name:
self.logger.info("You have the latest version installed.")
elif not found:
self.logger.info("No newer packages found at The Cheese Shop")
return 0
def show_distributions(self, show):
"""
Show list of installed activated OR non-activated packages
@param show: type of pkgs to show (all, active or nonactive)
@type show: string
@returns: None or 2 if error
"""
show_metadata = self.options.metadata
#Search for any plugins with active CLI options with add_column() method
plugins = self.get_plugin("add_column")
#Some locations show false positive for 'development' packages:
ignores = ["/UNIONFS", "/KNOPPIX.IMG"]
#Check if we're in a workingenv
#See http://cheeseshop.python.org/pypi/workingenv.py
workingenv = os.environ.get('WORKING_ENV')
if workingenv:
ignores.append(workingenv)
dists = Distributions()
results = None
for (dist, active) in dists.get_distributions(show, self.project_name,
self.version):
metadata = get_metadata(dist)
for prefix in ignores:
if dist.location.startswith(prefix):
dist.location = dist.location.replace(prefix, "")
#Case-insensitve search because of Windows
if dist.location.lower().startswith(get_python_lib().lower()):
develop = ""
else:
develop = dist.location
if metadata:
add_column_text = ""
for my_plugin in plugins:
#See if package is 'owned' by a package manager such as
#portage, apt, rpm etc.
#add_column_text += my_plugin.add_column(filename) + " "
add_column_text += my_plugin.add_column(dist) + " "
self.print_metadata(metadata, develop, active, add_column_text)
else:
print str(dist) + " has no metadata"
results = True
if not results and self.project_name:
if self.version:
pkg_spec = "%s==%s" % (self.project_name, self.version)
else:
pkg_spec = "%s" % self.project_name
if show == "all":
self.logger.error("There are no versions of %s installed." \
% pkg_spec)
else:
self.logger.error("There are no %s versions of %s installed." \
% \
(show, pkg_spec))
return 2
elif show == "all" and results and self.options.fields:
print "Versions with '*' are non-active."
print "Versions with '!' are deployed in development mode."
