import sys
import cve as cvecheck
+
class Package:
def __init__(self, name, version, ignored_cves):
self.name = name
self.cves = list()
self.ignored_cves = ignored_cves
+
def check_package_cves(nvd_path, packages):
if not os.path.isdir(nvd_path):
os.makedirs(nvd_path)
if pkg and cve.affects(pkg.name, pkg.version, pkg.ignored_cves) == cve.CVE_AFFECTS:
pkg.cves.append(cve.identifier)
+
html_header = """
<head>
<script src=\"https://www.kryogenix.org/code/browser/sorttable/sorttable.js\"></script>
"cves": pkg.cves,
} for pkg in packages
}
- # The actual structure to dump, add date to it
+ # The actual structure to dump, add date to it
final = {'packages': pkgs,
'date': str(date)}
with open(output, 'w') as f:
output.add_argument('--json', dest='json', type=resolvepath,
help='JSON output file')
parser.add_argument('--nvd-path', dest='nvd_path',
- help='Path to the local NVD database',type=resolvepath,
+ help='Path to the local NVD database', type=resolvepath,
required=True)
args = parser.parse_args()
if not args.html and not args.json:
print("Write JSON")
dump_json(packages, date, args.json)
+
__main__()
from collections import defaultdict
import re
import subprocess
-import requests # NVD database download
import json
-import time
import sys
sys.path.append('utils/')
from getdeveloperlib import parse_developers # noqa: E402
-
-import cve as cvecheck
+import cve as cvecheck # noqa: E402
INFRA_RE = re.compile(r"\$\(eval \$\(([a-z-]*)-package\)\)")
for pkg_name in cve.pkg_names:
if pkg_name in packages:
pkg = packages[pkg_name]
- if cve.affects(pkg.name, pkg.current_version, pkg.ignored_cves) == cve.CVE_AFFECTS :
+ if cve.affects(pkg.name, pkg.current_version, pkg.ignored_cves) == cve.CVE_AFFECTS:
pkg.cves.append(cve.identifier)
+
def calculate_stats(packages):
stats = defaultdict(int)
stats['packages'] = len(packages)
projects / buildroot.git / commitdiff