def verify_license_data(context, component, license_c): """Licenses check.""" json_data = get_json_data(context) check_attribute_presence(json_data, 'analyzed_dependencies') is_component_present = False for dep in json_data['analyzed_dependencies']: if dep['name'] == component: is_component_present = True assert "licenses" in dep, 'Licenses not found' licenses = dep["licenses"] for lic in licenses: if lic == license_c: assert lic == license_c assert is_component_present, 'Component {} not present'.format(component)
def verify_vulnerability_count(context, component, vulnerability, expected): """Check vulnerabiltiy count for given type of vulnerability.""" json_data = get_json_data(context) check_attribute_presence(json_data, 'analyzed_dependencies') is_component_present = False for dep in json_data['analyzed_dependencies']: if dep['name'] == component: is_component_present = True actual = len(dep[vulnerability]) assert actual == expected, \ 'Component {} have {} {} but expected {}'.format(component, actual, vulnerability, expected) assert is_component_present, 'Component {} not present'.format(component)
def verify_valid_data_companion(context, component, latest_version): """Check valid data in companion packages.""" json_data = get_json_data(context) check_attribute_presence(json_data, 'recommendation') is_component_present = False for dep in json_data['recommendation']['companion']: if dep['name'] == component: is_component_present = True actual_version = dep['latest_version'] assert actual_version == latest_version, \ 'Component {} have {} but expected {}'.format(component, actual_version, latest_version) assert is_component_present, 'Component {} not present'.format(component)
def stack_analysis_check_replaces_count(context, component, version, expected_replacements=1): """Check that the component is replaced only once in the alternate analysis.""" json_data = get_json_data(context) path = "result/0/recommendation/alternate" alternates = get_value_using_path(json_data, path) replacements = find_replacements(alternates, component, version) replacements_count = len(replacements) assert replacements_count == expected_replacements, \ "there must be just %d replacement(s), " \ "but %d replacements have been found" % (expected_replacements, replacements_count)
def verify_dependency_count(context, component, expected): """Check dependency count for given component.""" json_data = get_json_data(context) check_attribute_presence(json_data, 'analyzed_dependencies') is_component_present = False for dep in json_data['analyzed_dependencies']: if dep['name'] == component: is_component_present = True dependencies = dep['dependencies'] print(dep) actual = len(dependencies) assert actual == expected, \ 'Component {} have {} deps but expected {}'.format(component, actual, expected) assert is_component_present, 'Component {} not present'.format(component)
def stack_analysis_check_replaces(context, component, version, replaced_by, replacement_version): """Check that the component is replaced by the given package and version.""" json_data = get_json_data(context) path = "result/0/recommendation/alternate" alternates = get_value_using_path(json_data, path) replacements = find_replacements(alternates, component, version) for replacement in replacements: if replacement["name"] == replaced_by and \ replacement["version"] == replacement_version: break else: raise Exception("Can not found expected replacement for the component" " {component} {version}".format(component=component, version=version))
def check_security_node(context, path): """Check the content of security node.""" json_data = get_json_data(context) components = get_value_using_path(json_data, path) assert components is not None for component in components: check_attribute_presence(component, "security") cve_items = component["security"] for cve_item in cve_items: check_attribute_presence(cve_item, "CVE") check_attribute_presence(cve_item, "CVSS") cve = cve_item["CVE"] cvss = cve_item["CVSS"] check_cve_value(cve) check_cvss_value(cvss)
def verify_severity_analyzed_deps(context, component, title, severity, vulenerability): """Check valid vulenerability title and severity.""" json_data = get_json_data(context) check_attribute_presence(json_data, 'analyzed_dependencies') is_component_present = False for dep in json_data['analyzed_dependencies']: if dep['name'] == component: is_component_present = True if vulenerability == 'public_vulnerabilities': for vuln in dep['public_vulnerabilities']: if vuln['title'] == title: assert vuln[ 'severity'] == severity, "severity not matched" elif vulenerability == 'private_vulnerabilities': for vuln in dep['private_vulnerabilities']: if vuln['title'] == title: assert vuln[ 'severity'] == severity, "severity not matched" assert is_component_present, 'Component {} not present'.format(component)
def verify_valid_data_analyzed_deps(context, component, latest_version, version, recommended_version, vulenerability, vid, cvss): """Check valid data in companion packages.""" json_data = get_json_data(context) check_attribute_presence(json_data, 'analyzed_dependencies') is_component_present = False for dep in json_data['analyzed_dependencies']: if dep['name'] == component: is_component_present = True is_vuln_id_present = False actual_version = dep['latest_version'] if vulenerability == 'public_vulnerabilities': for vuln in dep['public_vulnerabilities']: if vuln['id'] == vid: check_vulenrability_attributes(vuln) assert str( vuln['cvss']) == cvss, 'CVSS score not matched' is_vuln_id_present = True elif vulenerability == 'private_vulnerabilities': for vuln in dep['private_vulnerabilities']: if vuln['id'] == vid: check_vulenrability_attributes(vuln) assert str( vuln['cvss']) == cvss, 'CVSS score not matched' is_vuln_id_present = True assert is_vuln_id_present, 'Invalid vulnerability not found' assert actual_version == latest_version, \ 'Component {} have {} but expected latest {}'.format(component, actual_version, latest_version) assert dep['version'] == version, \ 'Component {} have {} but expected version{}'.format(component, dep['version'], version) assert dep['recommended_version'] == recommended_version, \ 'Component {} have {} but expected {}'.format(component, dep['recommended_version'], recommended_version) assert is_component_present, 'Component {} not present'.format(component)
def check_for_registration_link(context): """Check for presence of registration link.""" json_data = get_json_data(context) # Validate root level attributes. check_attribute_presence(json_data, 'registration_link')
def check_outlier_count(context, count=2): """Check the number of outliers in the stack analysis.""" json_data = get_json_data(context) path = "result/0/recommendation/usage_outliers" usage_outliers = get_value_using_path(json_data, path) assert len(usage_outliers) == int(count)
def stack_analysis_validate_alternate_components(context): """Check that all alternate components replace user components.""" json_data = get_json_data(context) perform_alternate_components_validation(json_data)
def verify_stack_level_field_presence_in_recommendation(context, field_name): """Check that the given field can be found in the recommendation.""" json_data = get_json_data(context) path = 'result/0/recommendation' recommendation = get_value_using_path(json_data, path) assert recommendation.get(field_name, None) is not None
def verify_stack_level_field_presence_in_stack_report(context, field_name): """Check that the given field can be found in the stack report.""" json_data = get_json_data(context) path = 'result/0/user_stack_info' user_stack_info = get_value_using_path(json_data, path) assert user_stack_info.get(field_name, None) is not None
def check_companion_count(context, min_count=0): """Check that we have more than min_count companions.""" json_data = get_json_data(context) path = "result/0/recommendation/companion" companions = get_value_using_path(json_data, path) assert len(companions) > int(min_count)
def check_analysed_dependencies_attributes(context): """Check all attributes presence for analysed dependencies.""" json_data = get_json_data(context) for ad in json_data['analyzed_dependencies']: check_dependency_attributes(ad)
def verify_github_data(context): """Verify the github data.""" json_data = get_json_data(context) check_attribute_presence(json_data, 'analyzed_dependencies') for dep in json_data['analyzed_dependencies']: check_github_attributes(dep['github'])
def stack_analysis_check_outliers(context, component): """Check the outlier record in the stack analysis.""" json_data = get_json_data(context) path = "result/0/recommendation/usage_outliers" usage_outliers = get_value_using_path(json_data, path) check_frequency_count(usage_outliers, component)