def features_for(report):
"""
Transforms a Clair v4 `VulnerabilityReport` dict into the standard shape of a
Quay Security scanner response.
"""
features = []
for pkg_id, pkg in report["packages"].items():
pkg_env = report["environments"][pkg_id][0]
pkg_vulns = [
report["vulnerabilities"][vuln_id]
for vuln_id in report["package_vulnerabilities"].get(pkg_id, [])
]
enrichments = ({
key: sorted(val, key=lambda x: x["baseScore"], reverse=True)[0]
for key, val in list(report["enrichments"].values())[0][0].items()
} if report.get("enrichments", {}) else {})
features.append(
Feature(
pkg["name"],
"",
"",
pkg_env["introduced_in"],
pkg["version"],
[
Vulnerability(
vuln["normalized_severity"]
if vuln["normalized_severity"] else
PRIORITY_LEVELS["Unknown"]["value"],
"",
vuln["links"],
vuln["fixed_in_version"]
if vuln["fixed_in_version"] != "0" else "",
vuln["description"],
vuln["name"],
Metadata(
vuln["updater"],
vuln.get("repository", {}).get("name"),
vuln.get("repository", {}).get("uri"),
vuln.get("distribution", {}).get("name"),
vuln.get("distribution", {}).get("version"),
NVD(
CVSSv3(
enrichments.get(vuln["id"], {}).get(
"vectorString", ""),
enrichments.get(vuln["id"], {}).get(
"baseScore", ""),
)),
),
) for vuln in pkg_vulns
],
))
return features
def process_notification_page(self, page_result):
for notification_data in page_result:
if notification_data["reason"] != "added":
continue
yield UpdatedVulnerability(
notification_data["manifest"],
Vulnerability(
Severity=notification_data["vulnerability"].get(
"normalized_severity"),
Description=notification_data["vulnerability"].get(
"description"),
NamespaceName=notification_data["vulnerability"].get(
"package", {}).get("name"),
Name=notification_data["vulnerability"].get("name"),
FixedBy=notification_data["vulnerability"].get(
"fixed_in_version"),
Link=notification_data["vulnerability"].get("links"),
Metadata={},
),
)
def features_for(report):
"""
Transforms a Clair v4 `VulnerabilityReport` dict into the standard shape of a
Quay Security scanner response.
"""
features = []
for pkg_id, pkg in report["packages"].items():
pkg_env = report["environments"][pkg_id][0]
pkg_vulns = [
report["vulnerabilities"][vuln_id]
for vuln_id in report["package_vulnerabilities"].get(pkg_id, [])
]
features.append(
Feature(
pkg["name"],
"",
"",
pkg_env["introduced_in"],
pkg["version"],
[
Vulnerability(
vuln["normalized_severity"]
if vuln["normalized_severity"]
else PRIORITY_LEVELS["Unknown"]["value"],
"",
vuln["links"],
vuln["fixed_in_version"] if vuln["fixed_in_version"] != "0" else "",
vuln["description"],
vuln["name"],
None,
)
for vuln in pkg_vulns
],
)
)
return features