def build_pkg_recommendation(pack_details, ecosystem) -> Dict:
"""Build Package Recommendation."""
logger.debug('Building Package Recommendation.')
pkg_recomendation = CABatchResponseBuilder(
ecosystem).generate_recommendation(pack_details)
known_package_flow(ecosystem, pkg_recomendation["package"],
pkg_recomendation["version"])
return pkg_recomendation
def test_get_premium_message_with_0_exploit_vul(self):
"""Test Get Premium Message With Public Vulnerabilities."""
obj = CABatchResponseBuilder(self.eco)
obj.public_vul = 1
obj.pvt_vul = 1
obj.package = "django"
obj.version = "1.1"
obj.severity = ['high']
msg = obj.get_premium_message(0)
ideal_msg = "django - 1.1 has 1 known security vulnerability " \
"and 1 security advisory with high severity. No recommended version."
self.assertEqual(msg, ideal_msg)
def test_get_premium_message_with_pvt_vul(self):
"""Test Get Premium Message With Private Vulnerabilities."""
obj = CABatchResponseBuilder(self.eco)
obj.public_vul = 0
obj.pvt_vul = 1
obj.package = "django"
obj.version = "1.1"
msg = obj.get_premium_message(1)
ideal_msg = "django - 1.1 has 1 security advisory with 1 exploitable vulnerabilities. "
self.assertEqual(msg, ideal_msg)
def test_get_premium_message_with_public_vul(self):
"""Test Get Premium Message With Public Vulnerabilities."""
obj = CABatchResponseBuilder(self.eco)
obj.public_vul = 1
obj.pvt_vul = 0
obj.package = "django"
obj.version = "1.1"
msg = obj.get_premium_message(1)
ideal_msg = "django - 1.1 has 1 known security vulnerability with " \
"1 exploitable vulnerabilities. No recommended version."
self.assertEqual(msg, ideal_msg)
def get_known_unknown_pkgs(
ecosystem: str,
graph_response: Dict,
normalised_input_pkgs: List,
ignore: Dict = {}) -> Tuple[List[Dict], Set[Package]]:
"""Analyse Known and Unknown Packages.
:param ecosystem: Ecosystem
:param graph_response: Graph Response
:param normalised_input_pkgs: Normalised Input Packages
:param ignore: Packages to be ignored while showing vulnerabilities.
:return: Stack Recommendations, Unknown Pkgs
"""
normalised_input_pkg_map = None # Mapping is required only for Golang.
if ecosystem == 'golang':
normalised_input_pkg_map = {
get_package_version_key(input_pkg.package, input_pkg.version): {
'given_name': input_pkg.given_name,
'version': input_pkg.version,
'given_version': input_pkg.given_version
}
for input_pkg in normalised_input_pkgs
}
stack_recommendation = []
db_known_packages = set()
gh = GithubUtils()
for package in graph_response.get('result', {}).get('data'):
pkg_name = package.get('package').get('name', [''])[0]
clean_version = get_clean_version(
pkg_name,
package.get('version').get('version', [''])[0],
normalised_input_pkg_map)
pseudo_version = gh.is_pseudo_version(
clean_version) if ecosystem == 'golang' else False
given_pkg_name, given_pkg_version = get_given_name_and_version(
pkg_name, clean_version, normalised_input_pkg_map)
pkg_recomendation = CABatchResponseBuilder(ecosystem). \
generate_recommendation(package, given_pkg_name, given_pkg_version, ignore)
stack_recommendation.append(pkg_recomendation)
db_known_packages.add(
normlize_packages(name=pkg_name,
given_name=given_pkg_name,
version=clean_version,
given_version=given_pkg_version,
is_pseudo_version=pseudo_version))
input_dependencies = set(normalised_input_pkgs)
unknown_pkgs: Set = input_dependencies.difference(db_known_packages)
return stack_recommendation, unknown_pkgs
def get_known_unknown_pkgs(
ecosystem: str, graph_response: Dict,
normalised_input_pkgs: List) -> Tuple[List[Dict], Set[Package]]:
"""Analyse Known and Unknown Packages."""
stack_recommendation = []
db_known_packages = set()
for package in graph_response.get('result', {}).get('data'):
pkg_name = package.get('package').get('name', [''])[0]
pkg_vr = package.get('version').get('version', [''])[0]
pkg_recomendation = CABatchResponseBuilder(
ecosystem).generate_recommendation(package)
stack_recommendation.append(pkg_recomendation)
known_package_flow(ecosystem, pkg_recomendation["package"],
pkg_recomendation["version"])
db_known_packages.add(normlize_packages(pkg_name, pkg_vr))
input_dependencies = set(normalised_input_pkgs)
unknown_pkgs: Set = input_dependencies.difference(db_known_packages)
return stack_recommendation, unknown_pkgs
def test_get_premium_response(self, _mock1, _mock2):
"""Test Get Premium Response."""
_mock1.return_value = 1
_mock2.return_value = "https://snyk.io/vuln/pypi:django"
obj = CABatchResponseBuilder(self.eco)
obj.severity = ["high", "high"]
obj.package = "django"
obj.version = "1.1"
response = obj.get_premium_response()
ideal_response = {'package': 'django',
'version': '1.1',
'recommended_versions': '',
'package_unknown': False,
'vendor_package_link': 'https://snyk.io/vuln/pypi:django',
'vulnerability': [],
'message': 'django - 1.1 has ',
'highest_severity': 'high',
'known_security_vulnerability_count': 0,
'security_advisory_count': 0,
'exploitable_vulnerabilities_count': 1
}
self.assertEqual(response, ideal_response)