def _get_flat_dependency_tree(self):
"""Get Flat dependency tree.
:returns:
save_in_rds: content to be saved in DB.
packages: Flat Package list to be pushed to Backbone.
"""
if self.params.ecosystem == 'golang':
# List flattening is done at Golang frontend client.
deps = json.loads(self._manifest_file_info.get('content', []))
packages = deps.get('packages', None)
save_in_rds = {
'result': [{
'details': [{
'ecosystem': 'golang',
"manifest_file_path": self.params.file_path,
"manifest_file": self.params.manifest.filename,
"_resolved": packages
}]
}]
}
return save_in_rds, packages
# Dependency finder
d = DependencyFinder()
save_in_rds = d.scan_and_find_dependencies(
self.params.ecosystem, [self._manifest_file_info],
json.dumps(self.params.show_transitive))
packages = save_in_rds.get('result',
[{}])[0].get('details', [{}])[0].get(
'_resolved', None)
return save_in_rds, packages
def _read_deps_and_packages(self):
"""Read dependencies and packages information from manifest file content."""
deps = {}
packages = []
try:
# Dependency finder
d = DependencyFinder()
deps = d.scan_and_find_dependencies(
self.params.ecosystem, [self._manifest_file_info],
json.dumps(self.params.show_transitive))
# Build package details.
resolved = deps.get('result',
[{}])[0].get('details',
[{}])[0].get('_resolved', None)
if resolved is not None:
for p in resolved:
packages.append({
'name':
p.get('package', ''),
'version':
p.get('version', ''),
'dependencies': [{
'name': pkg['package'],
'version': pkg['version']
} for pkg in p.get('deps', [])]
})
return {'deps': deps, 'packages': packages}
except (ValueError, json.JSONDecodeError) as e:
logger.exception('%s Invalid dependencies encountered. %s',
self._new_request_id, str(e))
raise SAInvalidInputException(
'Error while parsing dependencies information') from e
except Exception as e:
logger.exception(
'%s Unknown exception encountered while parsing deps. %s',
self._new_request_id, str(e))
raise SAInvalidInputException(
'Unknown error while parsing dependencies '
'information') from e
def test_scan_and_find_dependencies():
"""Test scan_and_find_dependencies function."""
manifests = [{
"filename": "npm-list.json",
"filepath": "/bin/local",
"content": open(str(Path(__file__).parent / "data/manifests/npm-list.json")).read()
}]
res = DependencyFinder().scan_and_find_dependencies("npm", manifests, "true")
assert "result" in res
assert res['result'][0]['details'][0]['_resolved'][0]['package'] == "body-parser"
assert len(res['result'][0]['details'][0]['_resolved'][0]['deps']) == 2
def test_scan_and_find_dependencies_golang():
"""Test scan_and_find_dependencies function for golang."""
manifests = [{
"filename": "golist.json",
"filepath": "/bin/local",
"content": open(str(Path(__file__).parent / "data/manifests/golist.json")).read()
}]
res = DependencyFinder().scan_and_find_dependencies("golang", manifests, "true")
assert "result" in res
assert res['result'][0]['details'][0]['_resolved'][0]['package'] == \
"github.com/asaskevich/govalidator"
def test_scan_and_find_dependencies_pypi():
"""Test scan_and_find_dependencies function for pypi."""
manifests = [{
"filename": "pylist.json",
"filepath": "/bin/local",
"content": open(str(Path(__file__).parent / "data/manifests/pylist.json")).read()
}]
res = DependencyFinder().scan_and_find_dependencies("pypi", manifests, "false")
assert "result" in res
assert res['result'][0]['details'][0]['_resolved'][0]['package'] == "django"
assert len(res['result'][0]['details'][0]['_resolved'][0]['deps']) == 1