Skip to content

Commit

Permalink
Merge branch 'main' into fix_universal_pythonDLL_detection
Browse files Browse the repository at this point in the history
  • Loading branch information
terriko authored Nov 12, 2024
2 parents 3285aef + dafb9da commit 48ebe5f
Show file tree
Hide file tree
Showing 29 changed files with 578 additions and 433 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/build-wheel.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
egress-policy: audit

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: ${{ matrix.python-version }}
cache: 'pip'
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/init@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -76,4 +76,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/analyze@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
7 changes: 4 additions & 3 deletions .github/workflows/cve_scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,16 +12,17 @@ permissions:
jobs:
cve_scan:
name: CVE scan on dependencies
runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
timeout-minutes: 30
# runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
runs-on: 'ubuntu-latest'
timeout-minutes: 60
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'
cache: 'pip'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,4 @@ jobs:
- name: 'Checkout Repository'
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: 'Dependency Review'
uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5
uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
2 changes: 1 addition & 1 deletion .github/workflows/formatting.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
egress-policy: audit

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'
cache: 'pip'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/fuzzing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v5.2.0
uses: actions/setup-python@v5.3.0
with:
python-version: 3.9

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/linting.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
egress-policy: audit

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'
cache: 'pip'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sbom.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
egress-policy: audit

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: ${{ matrix.python }}
cache: 'pip'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/spelling.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
egress-policy: audit

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: check-spelling/check-spelling@v0.0.22
- uses: check-spelling/check-spelling@v0.0.24
with:
extra_dictionaries:
cspell:python/src/python/python.txt
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/testing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ jobs:
pypi.org:443
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'
cache: 'pip'
Expand Down Expand Up @@ -108,7 +108,7 @@ jobs:
www.sqlite.org:443
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: ${{ matrix.python }}
cache: 'pip'
Expand Down Expand Up @@ -197,7 +197,7 @@ jobs:
github.head_ref
)
)
runs-on: 'ubuntu-latest'
runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
timeout-minutes: 120
env:
LONG_TESTS: 1
Expand Down Expand Up @@ -240,7 +240,7 @@ jobs:
www.sqlite.org:443
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.10'
cache: 'pip'
Expand Down Expand Up @@ -397,7 +397,7 @@ jobs:
www.sqlite.org:443
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.10'
cache: 'pip'
Expand Down Expand Up @@ -503,7 +503,7 @@ jobs:
egress-policy: audit

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.12'
cache: 'pip'
Expand Down Expand Up @@ -566,7 +566,7 @@ jobs:
path: ~/conda_pkgs_dir
key: ${{ runner.os }}-conda-${{ env.CACHE_NUMBER }}-${{
hashFiles('requirements.txt') }}
- uses: conda-incubator/setup-miniconda@a4260408e20b96e80095f42ff7f1a15b27dd94ca # v3.0.4
- uses: conda-incubator/setup-miniconda@d2e6a045a86077fb6cad6f5adf368e9076ddaa8d # v3.1.0
with:
auto-update-conda: true
activate-environment: pdftotext
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/update-cache.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
egress-policy: audit

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.10'
cache: 'pip'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/update-js-dependencies.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/update-pre-commit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:

- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/validate-yml.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.11'
cache: 'pip'
Expand Down
6 changes: 3 additions & 3 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,13 @@ repos:
exclude: ^fuzz/generated/

- repo: https://github.com/psf/black-pre-commit-mirror
rev: 24.8.0
rev: 24.10.0
hooks:
- id: black
exclude: ^fuzz/generated/

- repo: https://github.com/asottile/pyupgrade
rev: v3.17.0
rev: v3.19.0
hooks:
- id: pyupgrade
exclude: ^fuzz/generated/
Expand All @@ -46,7 +46,7 @@ repos:
- id: gitlint

- repo: https://github.com/pre-commit/mirrors-mypy
rev: v1.11.2
rev: v1.13.0
hooks:
- id: mypy
additional_dependencies:
Expand Down
5 changes: 4 additions & 1 deletion cve_bin_tool/output_engine/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -882,7 +882,10 @@ def output_file(self, output_type="console"):
with open(self.filename, "wb") as f:
self.output_cves(f, output_type)
else:
with open(self.filename, "w", encoding="utf8") as f:
# if type is csv, file should be opened with newline=''
# see https://docs.python.org/3/library/csv.html#csv.writer
newline = "" if output_type == "csv" else None
with open(self.filename, mode="w", newline=newline, encoding="utf8") as f:
self.output_cves(f, output_type)

def check_file_path(self, filepath: str, output_type: str, prefix: str = "output"):
Expand Down
19 changes: 19 additions & 0 deletions cve_bin_tool/parsers/env.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,12 @@

@dataclasses.dataclass
class EnvNamespaceConfig:
"""
Configuration details for environment namespace in the CVE Bin tool
Attributes:
CVE ID associated with this namespace, vendor name, product name, version of the product, file path where product is located
"""

ad_hoc_cve_id: str
vendor: str
product: str
Expand All @@ -24,6 +30,12 @@ class EnvNamespaceConfig:

@dataclasses.dataclass
class EnvConfig:
"""
Configuration for multiple environment namespaces
Attributes:
A dictionary mapping namespace names to their configurations
"""

namespaces: dict[str, EnvNamespaceConfig]


Expand All @@ -40,6 +52,13 @@ class EnvParser(Parser):

@staticmethod
def parse_file_contents(contents):
"""
Parse the contents of an environment configuration file
Args:
contents(str): textual content of environment configuration file
Returns:
EnvConfig: EnvConfig instance containing parsed namespace configurations
"""
lines = list(
[
line
Expand Down
7 changes: 4 additions & 3 deletions dev-requirements.txt
Original file line number Diff line number Diff line change
@@ -1,14 +1,15 @@
black==24.8.0
black==24.10.0; python_version > "3.8"
black==24.8.0; python_version <= "3.8"
isort; python_version < "3.8"
isort==5.13.2; python_version >= "3.8"
pre-commit; python_version <= "3.8"
pre-commit==3.8.0; python_version > "3.8"
pre-commit==4.0.1; python_version > "3.8"
flake8; python_version < "3.8"
flake8==7.1.1; python_version >= "3.8"
bandit==1.7.10
gitlint==v0.19.1
interrogate
mypy==v1.11.2
mypy==v1.13.0
pytest>=7.2.0
pytest-xdist
pytest-cov
Expand Down
Loading

0 comments on commit 48ebe5f

Please sign in to comment.