Skip to content

Commit

Permalink
Merge pull request #6 from matthewb66/dev
Browse files Browse the repository at this point in the history
Dev
matthewb66 authored Apr 20, 2024
2 parents bc698da + a497604 commit 34df3b7
Showing 4 changed files with 329 additions and 132 deletions.
245 changes: 199 additions & 46 deletions detect_advisor/global_values.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#
# Constants
advisor_version = "1.0.4"
advisor_version = "1.0.5"
detect_version = "9.X.0"

ext_list = {
@@ -38,6 +38,9 @@
'files': [],
'exts': ['.bzl'],
'execs': ['bazel'],
'exec_reqd': True,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.bazel.path=PATH_TO_BAZEL\n" +
@@ -50,14 +53,16 @@
'cli_reqd':
"--detect.bazel.target='TARGET'\n" + \
" (REQUIRED Bazel Target: The Bazel target (for example, //foo:foolib) for which dependencies are collected.)\n",

},

'BITBAKE':
{
'files': ['oe-init-build-env'],
'exts': [],
'execs': ['bitbake'],
'exec_reqd': True,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'linux_only': True,
'cli_options':
@@ -76,17 +81,23 @@

'CARGO':
{
'files': ['Cargo.lock', 'Cargo.toml'],
'files': ['Cargo.toml'],
'exts': [],
'execs': ['cargo'],
'execs': [],
'exec_reqd': False,
'lock_files': ['Cargo.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
},

'CARTHAGE':
{
'files': ['Cartfile', 'Cartfile.resolved'],
'files': ['Cartfile'],
'exts': [],
'execs': ['carthage'],
'execs': [],
'exec_reqd': False,
'lock_files': ['Cartfile.resolved'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
},

@@ -95,6 +106,9 @@
'files': ['compile_commands.json'],
'exts': [],
'execs': ['clang'],
'exec_reqd': True,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'linux_only': True,
'cli_options':
@@ -107,15 +121,21 @@
{
'files': ['Podfile.lock'],
'exts': [],
'execs': ['pod'],
'execs': [],
'exec_reqd': False,
'lock_files': ['Podfile.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
},

'CONAN':
{
'files': ['conanfile.txt', 'conanfile.py', 'conan.lock'],
'files': ['conanfile.txt', 'conanfile.py'],
'exts': [],
'execs': ['conan'],
'exec_reqd': False,
'lock_files': ['conan.lock'],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.conan.path=PATH_TO_CONAN\n" +
@@ -135,6 +155,9 @@
'files': ['environment.yml'],
'exts': [],
'execs': ['conda'],
'lock_files': [],
'lockfile_reqd': False,
'exec_reqd': True,
'accuracy': 'HIGH',
'cli_options':
"--detect.conda.path=PATH_TO_CONDA\n" +
@@ -148,6 +171,9 @@
'files': ['Makefile.PL'],
'exts': [],
'execs': ['cpan', 'cpanm'],
'exec_reqd': True,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.cpan.path=PATH_TO_CPAN\n" +
@@ -161,6 +187,9 @@
'files': ['makefile', 'CMakeLists.txt'],
'exts': ['.mk'],
'execs': ['cpp'],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
" C/C++ projects built using a compiler should be scanned using the blackduck_c_cpp utility.\n" + \
@@ -171,15 +200,21 @@
{
'files': ['packrat.lock'],
'exts': [],
'execs': ['cran'],
'execs': [],
'exec_reqd': False,
'lock_files': ['packrat.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
},

'DART':
{
'files': ['pubspec.yaml', 'pubspec.lock'],
'files': ['pubspec.yaml'],
'exts': [],
'execs': ['dart', 'flutter'],
'exec_reqd': False,
'lock_files': ['pubspec.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
'cli_options':
"--detect.dart.path=PATH_TO_DART\n" +
@@ -190,24 +225,94 @@
" (OPTIONAL Exclude dev dependencies - default NONE.)\n"
},

'GO':
'GO_DEP':
{
'files': ['Gopkg.lock'],
'exts': [],
'execs': [],
'exec_reqd': False,
'lock_files': ['Gopkg.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
'cli_options':
"--detect.go.path=PATH_TO_GO\n" +
" (OPTIONAL Path to the Go executable.)\n" +
"--detect.go.mod.dependency.types.excluded=<NONE, UNUSED, VENDORED>\n" +
" (OPTIONAL Go Mod Dependency Types Excluded: Set this value to indicate which Go Mod dependency types Detect should exclude from the BOM.)\n"
},

'GO_GRADLE':
{
'files': ['gogradle.lock'],
'exts': [],
'execs': [],
'exec_reqd': False,
'lock_files': ['gogradle.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
'cli_options':
"--detect.go.path=PATH_TO_GO\n" +
" (OPTIONAL Path to the Go executable.)\n" +
"--detect.go.mod.dependency.types.excluded=<NONE, UNUSED, VENDORED>\n" +
" (OPTIONAL Go Mod Dependency Types Excluded: Set this value to indicate which Go Mod dependency types Detect should exclude from the BOM.)\n"
},

'GO_MOD':
{
'files': ['Gopkg.lock', 'gogradle.lock', 'go.mod', 'vendor.json', 'vendor.conf'],
'files': ['go.mod'],
'exts': [],
'execs': ['go'],
'exec_reqd': True,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.go.path=PATH_TO_GO\n" +
" (OPTIONAL Path to the Go executable.)\n" +
"--detect.go.mod.dependency.types.excluded=<NONE, UNUSED, VENDORED>\n" +
" (OPTIONAL Go Mod Dependency Types Excluded: Set this value to indicate which Go Mod dependency types Detect should exclude from the BOM.)\n"
},


'GO_VENDOR':
{
'files': ['vendor.json'],
'exts': [],
'execs': [],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.go.path=PATH_TO_GO\n" +
" (OPTIONAL Path to the Go executable.)\n" +
"--detect.go.mod.dependency.types.excluded=<NONE, UNUSED, VENDORED>\n" +
" (OPTIONAL Go Mod Dependency Types Excluded: Set this value to indicate which Go Mod dependency types Detect should exclude from the BOM.)\n"
},

'GO_VNDR':
{
'files': ['vendor.conf'],
'exts': [],
'execs': [],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.go.path=PATH_TO_GO\n" +
" (OPTIONAL Path to the Go executable.)\n" +
"--detect.go.mod.dependency.types.excluded=<NONE, UNUSED, VENDORED>\n" +
" (OPTIONAL Go Mod Dependency Types Excluded: Set this value to indicate which Go Mod dependency types Detect should exclude from the BOM.)\n"
},

'GRADLE':
{
'files': ['build.gradle', 'build.gradle.kts'],
'exts': [],
'execs': ['go'],
'execs': [],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'LOW',
'cli_options':
"--detect.gradle.path=PATH_TO_GRADLE\n" +
@@ -233,6 +338,9 @@
'files': ['rebar.config'],
'exts': [],
'execs': ['rebar3'],
'exec_reqd': True,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.hex.rebar3.path=PATH_TO_REBAR3\n" +
@@ -241,9 +349,12 @@

'IVY':
{
'files': ['ivy.xml', 'build.xml'],
'files': ['ivy.xml'],
'exts': [],
'execs': ['ivy'],
'execs': [],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'LOW',
},

@@ -252,6 +363,9 @@
'files': ['lerna.json'],
'exts': [],
'execs': ['lerna'],
'exec_reqd': True,
'lock_files': ['package-lock.json', 'npm-shrinkwrap.json', 'yarn.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
'cli_options':
"--detect.lerna.path=PATH_TO_LERNA\n" +
@@ -269,6 +383,9 @@
'files': ['pom.xml', 'pom.groovy'],
'exts': [],
'execs': ['mvn', 'mvnw'],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'LOW',
'cli_options':
"--detect.maven.path=PATH_TO_MAVEN\n" +
@@ -287,9 +404,12 @@

'NPM':
{
'files': ['npm-shrinkwrap.json', 'package.json', 'package-lock.json'],
'files': ['package.json'],
'exts': [],
'execs': ['npm'],
'exec_reqd': False,
'lock_files': ['npm-shrinkwrap.json', 'package-lock.json'],
'lockfile_reqd': False,
'accuracy': 'LOW',
'cli_options':
"--detect.npm.path=PATH_TO_NPM\n" +
@@ -308,6 +428,9 @@
'.hiveproj', '.pigproj', '.jsproj', '.usqlproj', '.deployproj', '.msbuildproj',
'.sqlproj', '.dbproj', '.rproj'],
'execs': [],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'LOW',
'cli_options':
"--detect.nuget.config.path=PATH\n" + \
@@ -325,9 +448,12 @@

'PACKAGIST':
{
'files': ['composer.lock', 'composer.json'],
'files': ['composer.json'],
'exts': [],
'execs': ['composer'],
'execs': [],
'exec_reqd': False,
'lock_files': ['composer.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
'cli_options':
"--detect.packagist.include.dev.dependencies=false\n" + \
@@ -339,6 +465,9 @@
'files': ['package.xml'],
'exts': [],
'execs': ['pear'],
'exec_reqd': True,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.pear.only.required.deps=true\n" + \
@@ -348,9 +477,12 @@

'PIP':
{
'files': ['pipfile', 'pipfile.lock', 'setup.py', 'pyproject.toml'],
'files': ['Pipfile','Pipfile.lock'],
'exts': [],
'execs': ['python', 'python3', 'pipenv', 'pip', 'pip3'],
'execs': ['python', 'python3'],
'exec_reqd': False,
'lock_files': ['Pipfile.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
'cli_options':
"--detect.pip.only.project.tree=true\n" + \
@@ -363,38 +495,56 @@
" cannot be correctly inferred from its setup.py file.)\n"
},

'PYTHON':
'PIP_REQTS':
{
'files': ['requirements.txt'],
'files': ['requirements.txt', 'setup.py'],
'exts': [],
'execs': ['python', 'python3'],
'execs': ['pip', 'pip3'],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'LOW',
'cli_options':
"--detect.pip.requirements.path='PATH1,PATH2'\n" + \
" (OPTIONAL PIP Requirements Path: List of paths to requirements.txt files.)\n"
"--detect.pip.only.project.tree=true\n" + \
" (OPTIONAL PIP Include Only Project Tree: By default, pipenv includes all dependencies found in the graph. Set to true to only\n" + \
" include dependencies found underneath the dependency that matches the provided pip project and version name.)\n" + \
"--detect.pip.project.name=NAME\n" + \
" (OPTIONAL PIP Project Name: The name of your PIP project, to be used if your project's name cannot be correctly inferred from its setup.py file.)\n" + \
"--detect.pip.project.version.name=VERSION\n" + \
" (OPTIONAL PIP Project Version Name: The version of your PIP project, to be used if your project's version name\n" + \
" cannot be correctly inferred from its setup.py file.)\n"
},

'PNPM':
{
'files': ['pnpm-lock.yaml'],
'exts': [],
'execs': ['pnpm'],
'execs': [],
'exec_reqd': False,
'lock_files': ['pnpm-lock.yaml'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
},

'POETRY':
{
'files': ['Poetry.lock'],
'files': ['pyproject.toml', 'Poetry.lock'],
'exts': [],
'execs': ['pypi'],
'execs': [],
'exec_reqd': False,
'lock_files': ['Poetry.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
},

'RUBYGEMS':
{
'files': ['Gemfile.lock'],
'exts': [],
'execs': ['gem'],
'execs': [],
'exec_reqd': False,
'lock_files': ['Gemfile.lock'],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.ruby.include.dev.dependencies=true\n" + \
@@ -403,19 +553,14 @@
" (OPTIONAL Ruby Runtime Dependencies: If set to false, runtime dependencies will not be included when parsing *.gemspec files.)\n",
},

'GEMSPEC':
{
'files': [],
'exts': ['.gemspec'],
'execs': ['gem'],
'accuracy': 'LOW',
},

'SBT':
{
'files': ['build.sbt'],
'exts': [],
'execs': ['sbt'],
'execs': [],
'exec_reqd': False,
'lock_files': [],
'lockfile_reqd': False,
'accuracy': 'HIGH',
'cli_options':
"--detect.sbt.report.search.depth\n" + \
@@ -428,30 +573,38 @@

'SWIFT':
{
'files': ['Package.swift', 'Package.resolved'],
'files': ['Package.swift'],
'exts': [],
'execs': ['swift'],
'exec_reqd': False,
'lock_files': ['Package.resolved'],
'lockfile_reqd': False,
'accuracy': 'HIGH',
},

'XCODE':
{
'files': [],
'exts': ['.xcworkspace', '.xcodeproj'],
'execs': ['xcode'],
'execs': [],
'exec_reqd': False,
'lock_files': ['Package.resolved'],
'lockfile_reqd': False,
'accuracy': 'HIGH',
},

'YARN':
{
'files': ['yarn.lock'],
'files': ['package.json'],
'exts': [],
'execs': ['yarn'],
'execs': [],
'exec_reqd': False,
'lock_files': ['yarn.lock'],
'lockfile_reqd': True,
'accuracy': 'HIGH',
'cli_options':
"--detect.yarn.prod.only=true\n" + \
" (OPTIONAL Include Yarn Production Dependencies Only: Set this to true to only scan production dependencies.)\n"

},
}

@@ -469,7 +622,7 @@
"--blackduck.proxy.port=PROXYPORT\n" + \
"--blackduck.proxy.username=USERNAME\n" + \
"--blackduck.proxy.password=PASSWORD\n",
'detect_win': " powershell \"[Net.ServicePointManager]::SecurityProtocol = 'tls12'; irm https://detect.synopsys.com/detec9.ps1?$(Get-Random) | iex; detect\"\n",
'detect_win': " powershell \"[Net.ServicePointManager]::SecurityProtocol = 'tls12'; irm https://detect.synopsys.com/detect9.ps1?$(Get-Random) | iex; detect\"\n",
'detect_win_proxy': " (You may need to configure a proxy to download and run the Detect script as follows)\n" + \
" ${Env:blackduck.proxy.host} = PROXYHOST\n" + \
" ${Env:blackduck.proxy.port} = PROXYPORT\n" + \
32 changes: 23 additions & 9 deletions detect_advisor/messages.py
Original file line number Diff line number Diff line change
@@ -164,14 +164,14 @@

'PACKAGES3': {
'level': 'crit',
'desc': 'Package manager programs ({}) missing for package files in invocation folder',
'desc': 'Required package manager programs ({}) missing for dependency scan in invocation folder',
'impact': 'Scan will fail',
'action': 'Install required package manager programs',
},

'PACKAGES4': {
'level': 'imp',
'desc': 'Package manager programs ({}) missing for package files in sub-folders',
'desc': 'Required package manager programs ({}) missing for dependency scan in sub-folders',
'impact': 'The scan will fail if the scan depth is modified from the default level 0',
'action': 'Install required package manager programs',
},
@@ -185,19 +185,19 @@

'PACKAGES6': {
'level': 'crit',
'desc': 'Package manager programs ({}) missing for package files in invocation folder',
'impact': 'Scan will fail',
'action': 'Either install required package manager programs or consider specifying --detect.accuracy.required=NONE (reduced accuracy scan)',
'desc': 'Missing lockfiles/PMs for package manager files in invocation folder',
'impact': 'Dependency scan will fail unless lockfiles created, PMs installed or --detect.accuracy.required=NONE specified',
'action': 'Either install required package manager programs, create lockfiles or specify --detect.accuracy.required=NONE (reduced accuracy scan)',
'cli': 'reqd',
'cli_search': 'detect.accuracy.required',
'cli_text': '--detect.accuracy.required=NONE (OR specify --detect.XXXX.path=<LOCATION> where XXX is package manager OR install package managers)',
'cli_text': '--detect.accuracy.required=NONE (OR specify --detect.XXXX.path=<LOCATION> where XXX is package manager OR install package managers OR create lockfiles)',
},

'PACKAGES7': {
'level': 'imp',
'desc': 'Package manager programs ({}) missing for package files in sub-folders',
'impact': 'The scan will fail if the scan depth is modified from the default level 0',
'action': 'Either install required package manager programs or consider specifying --detect.accuracy.required=NONE (reduced accuracy scan)',
'desc': 'Missing lockfiles/PMs will cause scan to fail for package manager files in sub-folders',
'impact': 'Dependency scan will fail if scan depth > 0 unless lockfiles created, PMs installed or --detect.accuracy.required=NONE specified',
'action': 'Either install required package manager programs, create lockfiles or specify --detect.accuracy.required=NONE (reduced accuracy scan)',
'cli': 'reqd',
'cli_search': 'detect.accuracy.required',
'cli_text': '--detect.accuracy.required=NONE (OR specify --detect.XXXX.path=<LOCATION> where XXX is package manager OR install package managers)',
@@ -234,6 +234,20 @@
'cli_text': '--detect.accuracy.required=NONE (OR install JS packages)',
},

'PACKAGES12': {
'level': 'imp',
'desc': 'Lockfile(s) required for dependency scan missing in invocation folder',
'impact': 'Dependency scans will not be run',
'action': "Create lockfiles and rescan",
},

'PACKAGES13': {
'level': 'imp',
'desc': 'Lockfile(s) required for dependency scan missing in sub-folders',
'impact': 'Dependency scans will not be run',
'action': "Create lockfiles and rescan",
},

}


182 changes: 106 additions & 76 deletions detect_advisor/process.py
Original file line number Diff line number Diff line change
@@ -11,19 +11,24 @@


def process_pmdata():
pm_allfiles = {}
pm_allexts = {}
pm_all_files = {}
pm_all_exts = {}
# pm_all_locks = {}

for pm in global_values.pm_dict.keys():
if len(global_values.pm_dict[pm]['files']) > 0:
for ffile in global_values.pm_dict[pm]['files']:
pm_allfiles[ffile] = pm
pm_all_files[ffile] = pm

if len(global_values.pm_dict[pm]['exts']) > 0:
for fext in global_values.pm_dict[pm]['exts']:
pm_allexts[fext] = pm
pm_all_exts[fext] = pm

return pm_allfiles, pm_allexts
# if len(global_values.pm_dict[pm]['lock_files']) > 0:
# for ffile in global_values.pm_dict[pm]['lock_files']:
# pm_all_locks[ffile] = pm

return pm_all_files, pm_all_exts


def process_nested_zip(z, zippath, zipdepth, dirdepth):
@@ -145,8 +150,8 @@ def checkfile(name, path, size, size_comp, dirdepth, in_archive):
'path': path,
'depth': dirdepth,
}
# else:
# global_values.file_list['arcs_pm'].append(path)
else:
global_values.file_list['arcs_pm'].append(path)
ftype = 'det'
elif os.path.basename(name) in global_values.ext_list['lic']:
# global_values.file_list['other'].append(path)
@@ -406,9 +411,8 @@ def detector_process(full):
det_other = 0
det_max_depth = 0
det_min_depth = 100
det_in_arc = 0

pm_dict = {}
pm_found_dict = {}

det_files_by_depth = {}
if len(global_values.files_dict['det']) > 0:
@@ -418,84 +422,109 @@ def detector_process(full):
if det_excluded(detpath):
continue
depth = global_values.files_dict['det'][dethash]['depth']
if detpath.find("##") > 0:
# in archive
det_in_arc += 1
else:
if depth == 1:
det_depth1 += 1
elif depth > 1:
det_other += 1
if depth > det_max_depth:
det_max_depth = depth
if depth < det_min_depth:
det_min_depth = depth

fname = os.path.basename(detpath)
pm = ''
if fname in pm_allfiles.keys():
pm = pm_allfiles[fname]
elif os.path.splitext(fname)[1] in pm_allexts.keys():
pm = pm_allexts[os.path.splitext(fname)[1]]
if pm != '':
if depth not in det_files_by_depth.keys():
det_files_by_depth[depth] = [detpath]
else:
det_files_by_depth[depth].append(detpath)

# files_rep += detpath + '\n'
if pm in pm_dict.keys():
pm_dict[pm]['count'] += 1
if depth < pm_dict[pm]['mindepth']:
pm_dict[pm]['mindepth'] = depth
if depth > pm_dict[pm]['maxdepth']:
pm_dict[pm]['maxdepth'] = depth
else:
pm_dict[pm] = {
'count': 1,
'mindepth': depth,
'maxdepth': depth,
'exes_missing': False
}
exes = global_values.pm_dict[pm]['execs']
# missing_cmds = ""
all_missing = True
for exe in exes:
if shutil.which(exe) is not None:
all_missing = False
break
if all_missing:
pm_dict[pm]['exes_missing'] = True
global_values.detectors_list.append(pm)
if depth == 1:
det_depth1 += 1
elif depth > 1:
det_other += 1
if depth > det_max_depth:
det_max_depth = depth
if depth < det_min_depth:
det_min_depth = depth

fname = os.path.basename(detpath)
pm = ''
if fname in pm_allfiles.keys():
pm = pm_allfiles[fname]
elif os.path.splitext(fname)[1] in pm_allexts.keys():
pm = pm_allexts[os.path.splitext(fname)[1]]

if pm != '':
# files_rep += detpath + '\n'
if pm in pm_found_dict.keys():
pm_found_dict[pm]['count'] += 1
if depth < pm_found_dict[pm]['mindepth']:
pm_found_dict[pm]['mindepth'] = depth
if depth > pm_found_dict[pm]['maxdepth']:
pm_found_dict[pm]['maxdepth'] = depth
else:
pm_found_dict[pm] = {
'count': 1,
'mindepth': depth,
'maxdepth': depth,
'exes_missing': False,
'lockfound': True,
}
exes = global_values.pm_dict[pm]['execs']
# missing_cmds = ""
all_missing = True
for exe in exes:
if shutil.which(exe) is not None:
all_missing = False
break
if all_missing:
pm_found_dict[pm]['exes_missing'] = True
global_values.detectors_list.append(pm)

# Check for lockfiles
lockfile_message = ''
if len(global_values.pm_dict[pm]['lock_files']) > 0:
dir = os.path.dirname(detpath)
found = False
for entry in os.listdir(dir):
if os.path.isfile(entry) and entry in global_values.pm_dict[pm]['lock_files']:
found = True

if not found:
pm_found_dict[pm]['lockfound'] = False
lockfile_message = ' *'

if depth not in det_files_by_depth.keys():
det_files_by_depth[depth] = [detpath + lockfile_message]
else:
det_files_by_depth[depth].append(detpath + lockfile_message)

global_values.full_rep += "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n" + \
"\nALL PACKAGE MANAGER CONFIG FILES FOUND (sorted by depth):"
"\nALL PACKAGE MANAGER CONFIG FILES FOUND (sorted by depth - * indicates missing lockfile):"
for depth in sorted(det_files_by_depth.keys()):
global_values.full_rep += f"\nDepth {depth}:\n" + '\n'.join(det_files_by_depth[depth])
global_values.full_rep += f"\nDEPTH {depth}:\n- " + '\n- '.join(det_files_by_depth[depth])

def pm_getter(item):
return item[1]['mindepth']

global_values.rep += ("\nPACKAGE MANAGER CONFIG FILE SUMMARY:\n\n"
" MinDepth MaxDepth Count Info\n")
for item in sorted(pm_dict.items(), key=pm_getter):
for item in sorted(pm_found_dict.items(), key=pm_getter):
pm = item[0]
info = ''
if item[1]['exes_missing']:

# Work out the pm scenario
lock_missing_reqd = False
if not item[1]['lockfound'] and global_values.pm_dict[pm]['lockfile_reqd']:
# Lockfile missing and required
info += '- Lockfile(s) required but not found '
if item[1]['mindepth'] == 1:
messages.message('PACKAGES12', ','.join(exes)) #To do
else:
messages.message('PACKAGES13', ','.join(exes)) #To do

# if item[1]['exes_missing']:
if item[1]['exes_missing'] and global_values.pm_dict[pm]['exec_reqd']:
exes = global_values.pm_dict[pm]['execs']
# info = "Missing package manager executables '{}'".format(','.join(exes))
info = 'Package Manager missing'
if global_values.pm_dict[pm]['accuracy'] == 'LOW':
info += " - (buildless scan supported but not recommended - see recommendations)"
if item[1]['mindepth'] == 1:
messages.message('PACKAGES6', ','.join(exes))
else:
messages.message('PACKAGES7', ','.join(exes))
info = '- Package Manager missing and required '
if item[1]['mindepth'] == 1:
messages.message('PACKAGES3', ','.join(exes))
else:
if item[1]['mindepth'] == 1:
messages.message('PACKAGES3', ','.join(exes))
else:
messages.message('PACKAGES4', ','.join(exes))
messages.message('PACKAGES4', ','.join(exes))

if global_values.pm_dict[pm]['accuracy'] == 'LOW':
if (global_values.pm_dict[pm]['exec_reqd'] and item[1]['exes_missing'] and
not item[1]['lockfound'] and global_values.pm_dict[pm]['lockfile_reqd']):
info += " - LOW accuracy scan due to missing PM/lockfiles"
if item[1]['mindepth'] == 1:
messages.message('PACKAGES6', ','.join(exes))
else:
messages.message('PACKAGES7', ','.join(exes))

if platform.system() != "Linux" and 'linux_only' in global_values.pm_dict[pm] and global_values.pm_dict[pm]['linux_only']:
if item[1]['mindepth'] == 1:
@@ -518,7 +547,8 @@ def pm_getter(item):

global_values.rep += " TOTAL {:>5,d}\n".format(len(
global_values.files_dict['det']))
global_values.rep += " (PM config files in archives {:>5,d})\n".format(det_in_arc)
global_values.rep += " (PM config files in archives {:>5,d})\n".format(
global_values.counts['det'][global_values.inarc])

if det_depth1 == 0 and det_other > 0:
messages.message('PACKAGES1', det_min_depth, det_max_depth)
@@ -530,10 +560,10 @@ def pm_getter(item):
messages.message('PACKAGES5')

for pm in global_values.detectors_list:
if 'cli_options' in pm_dict[pm]:
if 'cli_options' in pm_found_dict[pm]:
global_values.cli_msgs_dict['dep'] += (
f"For {pm}:\n" + global_values.pm_dict[pm]['cli_options'] + '\n')
if 'cli_reqd' in pm_dict[pm]:
if 'cli_reqd' in pm_found_dict[pm]:
global_values.cli_msgs_dict['crit'] += (
f"For {pm}:\n" + global_values.pm_dict[pm]['cli_reqd'] + '\n')

2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"

[project]
name = "detect_advisor"
version = "1.0.4"
version = "1.0.5"
authors = [
{ name="Matthew Brady", email="mbrad@synopsys.com" },
]

0 comments on commit 34df3b7

Please sign in to comment.