def main(): args = build_args() print(at_logo) if args.clean: if os.path.exists(config.data_dir): try: os.rmdir(config.data_dir) except Exception: pass else: LOG.info("Vulnerability database loaded from {}".format( config.vdb_bin_file)) if args.cache: for s in [GitHubSource(), NvdSource()]: LOG.info("Refreshing {}".format(s.__class__.__name__)) s.refresh() elif args.sync: for s in [GitHubSource(), NvdSource()]: LOG.info("Syncing {}".format(s.__class__.__name__)) s.download_recent() if args.sync_npm: for s in [NpmSource()]: LOG.info("Syncing {}".format(s.__class__.__name__)) s.download_recent() if args.sync_github: for s in [GitHubSource()]: LOG.info("Syncing {}".format(s.__class__.__name__)) s.download_recent() if args.search_npm: source = NpmSource() results = source.bulk_search(config.npm_app_info, [args.search_npm]) print_results(results) if args.list: db = dbLib.get() results = dbLib.list_all_occurrence(db) print_results(results) elif args.search: db = dbLib.get() search_list = re.split(r"[,|;]", args.search) for pkg_info in search_list: pstr = re.split(r"[:=@]", pkg_info) if pstr: if len(pstr) == 2 and dbLib.index_search(*pstr): results = dbLib.pkg_search(db, *pstr) print_results(results) elif len(pstr) == 3: results = dbLib.vendor_pkg_search(db, *pstr) print_results(results) else: print("No vulnerability found!")
def test_version_ranges(): source = NpmSource() version_list = source.get_version_ranges("<1.10.2") assert version_list == [{ "version_start_including": "", "version_end_including": "", "version_start_excluding": "", "version_end_excluding": "1.10.2", }] version_list = source.get_version_ranges("<=4.0.13 || >=4.1.0 <4.1.2") assert version_list == [ { "version_start_including": "", "version_end_including": "4.0.13", "version_start_excluding": "", "version_end_excluding": "", }, { "version_start_including": "4.1.0", "version_end_including": "", "version_start_excluding": "", "version_end_excluding": "4.1.2", }, ] version_list = source.get_version_ranges(">=4.3.0") assert version_list == [{ "version_start_including": "4.3.0", "version_end_including": "", "version_start_excluding": "", "version_end_excluding": "", }] version_list = source.get_version_ranges("1.1.0") assert version_list == [{ "version_start_including": "1.1.0", "version_end_including": "", "version_start_excluding": "", "version_end_excluding": "", }] version_list = source.get_version_ranges(">= 0.6.1") assert version_list == [{ "version_start_including": "0.6.1", "version_end_including": "", "version_start_excluding": "", "version_end_excluding": "", }] version_list = source.get_version_ranges(">= 1.4.1 < 2.0.0 || >= 2.0.3") assert version_list == [ { "version_start_including": "1.4.1", "version_end_including": "", "version_start_excluding": "", "version_end_excluding": "2.0.0", }, { "version_start_including": "2.0.3", "version_end_including": "", "version_start_excluding": "", "version_end_excluding": "", }, ]
from vdb.lib.npm import NpmSource # Dict mapping project type to the audit source type_audit_map = {"nodejs": NpmSource(), "js": NpmSource()} def audit(project_type, pkg_list, report_file): """ Method to audit packages using remote source such as npm advisory :param project_type: Project type :param pkg_list: List of packages :param report_file: Report file """ app_info = {"name": "appthreat-depscan", "version": "1.0.0"} results = type_audit_map[project_type].bulk_search(app_info=app_info, pkg_list=pkg_list) return results
def test_convert(test_cve_json): data = NpmSource().convert(test_cve_json) assert len(data) == 8 assert data[0].id == "CVE-2017-16042"
def test_bulk_search(test_app_info, test_pkg_list): data = NpmSource().bulk_search(test_app_info, test_pkg_list) assert len(data) == 7 assert data[0].id == "CVE-2017-16042"
def test_download_all(): data = NpmSource().download_all() assert len(data) >= 100