def scan_deps(scan_id: str):
with db.session_scope() as session:
logger.debug('{} extract dependencies'.format(scan_id))
scan = get_scan(scan_id, session)
dependencies = get_dependencies(scan.lang, scan.source_path)
logger.debug('found dependencies {}'.format(dependencies))
# save all dependencies in the database
add_scan_deps(scan.id, dependencies, datetime.now(), session)
scan.total_packages = len(dependencies)
session.commit()
logger.debug('saved {} dependencies'.format(len(dependencies)))
# compare the dependencies in this scan with the last scan for this project
previous_scan = get_previous_scan_for_project(scan.project_id, scan.id,
session)
if previous_scan is None:
logger.debug('no previous scan found for {}'.format(scan_id))
deps_equals = False
else:
logger.debug('previous scan to {} is {}'.format(
scan_id, previous_scan.id))
deps_equals = compare_scan_deps(scan.id, previous_scan.id, session)
if deps_equals:
update_scan_state(scan, ScanState.SAME_DEPS_AS_PREVIOUS,
session)
logger.debug('{} scan has same deps as {}'.format(
scan_id, previous_scan.id))
if not deps_equals:
get_vulnerabilities.delay(scan_id)
def test_compare_scan_deps_not_equals(self):
list1 = [ScanDep(raw_dep='el1')]
list2 = [ScanDep(raw_dep='el2')]
query_all = Mock()
query_all.side_effect = [list1, list2]
self.mock_session.query().filter().all = query_all
equals = compare_scan_deps('scan_id', 'scan_id2', self.mock_session)
self.assertFalse(equals)