Skip to content

Commit ec88205

Browse files
ziadhanyziadhany
committed
rewrite get_gitlab_package_type
Signed-off-by: ziad <ziadhany2016@gmail.com>
1 parent dc605b0 commit ec88205

File tree

2 files changed

+24
-17
lines changed

2 files changed

+24
-17
lines changed

vulnerabilities/importers/gitlab.py

Lines changed: 10 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,6 @@
1717
from typing import Optional
1818

1919
import pytz
20-
import saneyaml
2120
from dateutil import parser as dateparser
2221
from django.db.models.query import QuerySet
2322
from fetchcode.vcs import fetch_via_vcs
@@ -42,6 +41,7 @@
4241
from vulnerabilities.utils import AffectedPackage as LegacyAffectedPackage
4342
from vulnerabilities.utils import build_description
4443
from vulnerabilities.utils import get_affected_packages_by_patched_package
44+
from vulnerabilities.utils import load_yaml
4545
from vulnerabilities.utils import nearest_patched_package
4646
from vulnerabilities.utils import resolve_version_range
4747

@@ -86,7 +86,7 @@ def advisory_data(self) -> Iterable[AdvisoryData]:
8686
glob = "**/*.yml"
8787
files = (p for p in path.glob(glob) if p.is_file())
8888
for file in files:
89-
purl_type = get_gitlab_package_type(path=file)
89+
purl_type = get_gitlab_package_type(path=file, root=path)
9090
if not purl_type:
9191
logger.error(f"Unknow gitlab directory structure {file!r}")
9292
continue
@@ -102,16 +102,14 @@ def advisory_data(self) -> Iterable[AdvisoryData]:
102102
self.vcs_response.delete()
103103

104104

105-
def get_gitlab_package_type(path: Path):
105+
def get_gitlab_package_type(path: Path, root: Path):
106106
"""
107-
Return a package type extracted from a gitlab advisory path or None
107+
Return a package type extracted from a gitlab advisory path
108108
"""
109-
parts = path.parts
110-
111-
if len(parts) < 3:
112-
return
113-
114-
return parts[3]
109+
relative = path.relative_to(root)
110+
parts = relative.parts
111+
gitlab_schema = parts[0]
112+
return gitlab_schema
115113

116114

117115
def get_purl(package_slug):
@@ -184,8 +182,8 @@ def parse_gitlab_advisory(file):
184182
identifiers:
185183
- "GMS-2018-26"
186184
"""
187-
with open(file) as f:
188-
gitlab_advisory = saneyaml.load(f)
185+
gitlab_advisory = load_yaml(file)
186+
189187
if not isinstance(gitlab_advisory, dict):
190188
logger.error(
191189
f"parse_gitlab_advisory: unknown gitlab advisory format in {file!r} with data: {gitlab_advisory!r}"

vulnerabilities/tests/test_gitlab.py

Lines changed: 14 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -100,22 +100,31 @@ def test_get_purl():
100100

101101
def test_get_gitlab_package_type():
102102
assert (
103-
get_gitlab_package_type(Path("/tmp/tmp9317bd5i/maven/com.google.gwt/gwt/CVE-2013-4204.yml"))
103+
get_gitlab_package_type(
104+
Path("/tmp/tmp9317bd5i/maven/com.google.gwt/gwt/CVE-2013-4204.yml"),
105+
Path("/tmp/tmp9317bd5i/"),
106+
)
104107
== "maven"
105108
)
106109
assert (
107110
get_gitlab_package_type(
108111
Path(
109112
"/tmp/tmp9317bd5i/maven/io.projectreactor.netty/reactor-netty-http/CVE-2020-5404.yml"
110-
)
113+
),
114+
Path("/tmp/tmp9317bd5i/"),
111115
)
112116
== "maven"
113117
)
114118
assert (
115119
get_gitlab_package_type(
116-
Path("/tmp/tmp9317bd5i/go/github.com/cloudflare/cfrpki/CVE-2021-3909.yml")
120+
Path("/tmp/tmp9317bd5i/go/github.com/cloudflare/cfrpki/CVE-2021-3909.yml"),
121+
Path("/tmp/tmp9317bd5i/"),
117122
)
118123
== "go"
119124
)
120-
assert get_gitlab_package_type(Path("/tmp/tmp9317bd5i/gem/rexml/CVE-2021-28965.yml")) == "gem"
121-
assert get_gitlab_package_type(Path()) is None
125+
assert (
126+
get_gitlab_package_type(
127+
Path("/tmp/tmp9317bd5i/gem/rexml/CVE-2021-28965.yml"), Path("/tmp/tmp9317bd5i/")
128+
)
129+
== "gem"
130+
)

0 commit comments

Comments
 (0)