eric7.PipInterface.PipVulnerabilityChecker

Module implementing a Python package vulnerability checker.

The vulnerability data is provided by the open Python vulnerability database Safety DB.

Global Attributes

None

Classes

Package Class containing the package data.
PipVulnerabilityChecker Class implementing a Python package vulnerability checker.
Vulnerability Class containing the vulnerability data.
VulnerabilityCheckError Class defining various vulnerability check error states.

Functions

None


Package

Class containing the package data.

Derived from

None

Class Attributes

name
version

Class Methods

None

Methods

None

Static Methods

None
Up


PipVulnerabilityChecker

Class implementing a Python package vulnerability checker.

Derived from

QObject

Class Attributes

FullDbFile
SummaryDbFile

Class Methods

None

Methods

PipVulnerabilityChecker Constructor
__createCacheFile Private method to create the cache file.
__fetchVulnerabilityDatabase Private method to get the data of the vulnerability database.
__getDataFromCache Private method to get the vulnerability database from the cache.
__getVulnerabilities Private method to get the vulnerabilities for a package.
__writeDataToCache Private method to write the vulnerability data for a database to the cache.
check Public method to check the given packages for vulnerabilities.
updateVulnerabilityDb Public method to update the cache of the vulnerability databases.

Static Methods

None

PipVulnerabilityChecker (Constructor)

PipVulnerabilityChecker(pip, parent=None)

Constructor

pip (Pip)
reference to the global pip interface
parent (QWidget (optional))
reference to the parent widget (defaults to None)

PipVulnerabilityChecker.__createCacheFile

__createCacheFile()

Private method to create the cache file.

The cache file has the following structure. { "insecure.json": { "cachedAt": 12345678 "db": {} }, "insecure_full.json": { "cachedAt": 12345678 "db": {} }, }

PipVulnerabilityChecker.__fetchVulnerabilityDatabase

__fetchVulnerabilityDatabase(full=False, forceUpdate=False)

Private method to get the data of the vulnerability database.

If the cached data is still valid, this data will be used. Otherwise a copy of the requested database will be downloaded and cached.

full (bool (optional))
flag indicating to get the database containing the full data set (defaults to False)
forceUpdate (bool (optional))
flag indicating an update of the cache is required (defaults to False)
Return:
dictionary containing the vulnerability data (full data set or just package name and version specifier)
Return Type:
dict

PipVulnerabilityChecker.__getDataFromCache

__getDataFromCache(dbName)

Private method to get the vulnerability database from the cache.

dbName (str)
name of the vulnerability database
Return:
dictionary containing the requested vulnerability data
Return Type:
dict

PipVulnerabilityChecker.__getVulnerabilities

__getVulnerabilities(package, specifier, db)

Private method to get the vulnerabilities for a package.

package (str)
name of the package
specifier (Specifier)
package specifier
db (dict)
vulnerability data
Yield:
dictionary containing the vulnerability data for the package
Yield Type:
dict

PipVulnerabilityChecker.__writeDataToCache

__writeDataToCache(dbName, data)

Private method to write the vulnerability data for a database to the cache.

dbName (str)
name of the vulnerability database
data (dict)
dictionary containing the vulnerability data

PipVulnerabilityChecker.check

check(packages)

Public method to check the given packages for vulnerabilities.

packages (Package)
list of packages
Return:
tuple containing an error status and a dictionary containing detected vulnerable packages keyed by package name
Return Type:
tuple of (VulnerabilityCheckError, list of Vulnerability)

PipVulnerabilityChecker.updateVulnerabilityDb

updateVulnerabilityDb()

Public method to update the cache of the vulnerability databases.

Up


Vulnerability

Class containing the vulnerability data.

Derived from

None

Class Attributes

advisory
cve
name
spec
version
vulnerabilityId

Class Methods

None

Methods

None

Static Methods

None
Up


VulnerabilityCheckError

Class defining various vulnerability check error states.

Derived from

enum.Enum

Class Attributes

FullDbUnavailable
OK
SummaryDbUnavailable

Class Methods

None

Methods

None

Static Methods

None
Up