diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 8ff70a17..9051e08d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -57,8 +57,8 @@ repos: hooks: # note: this is used in lieu of autopep8 and yapf - - id: black - name: black + - id: format + name: format # note: why not use the official black pre-commit hook? so we can use poetry to control which version of black is used. entry: make format pass_filenames: false diff --git a/Makefile b/Makefile index e64be103..69a5de81 100644 --- a/Makefile +++ b/Makefile @@ -109,8 +109,8 @@ lint-fix: virtual-env-check ## Fix linting issues (ruff) ruff check . --fix .PHONY: format -format: virtual-env-check ## Format all code (black) - black src tests +format: virtual-env-check ## Format all code (ruff format) + ruff format src tests poetry run python scripts/format-json-snapshots.py .PHONY: check-types diff --git a/poetry.lock b/poetry.lock index 09c42e64..f45e6feb 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.0.0 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.0.1 and should not be changed by hand. [[package]] name = "attrs" @@ -20,51 +20,6 @@ docs = ["cogapp", "furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphi tests = ["cloudpickle", "hypothesis", "mypy (>=1.11.1)", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"] tests-mypy = ["mypy (>=1.11.1)", "pytest-mypy-plugins"] -[[package]] -name = "black" -version = "24.10.0" -description = "The uncompromising code formatter." -optional = false -python-versions = ">=3.9" -groups = ["dev"] -files = [ - {file = "black-24.10.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:e6668650ea4b685440857138e5fe40cde4d652633b1bdffc62933d0db4ed9812"}, - {file = "black-24.10.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:1c536fcf674217e87b8cc3657b81809d3c085d7bf3ef262ead700da345bfa6ea"}, - {file = "black-24.10.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:649fff99a20bd06c6f727d2a27f401331dc0cc861fb69cde910fe95b01b5928f"}, - {file = "black-24.10.0-cp310-cp310-win_amd64.whl", hash = "sha256:fe4d6476887de70546212c99ac9bd803d90b42fc4767f058a0baa895013fbb3e"}, - {file = "black-24.10.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:5a2221696a8224e335c28816a9d331a6c2ae15a2ee34ec857dcf3e45dbfa99ad"}, - {file = "black-24.10.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:f9da3333530dbcecc1be13e69c250ed8dfa67f43c4005fb537bb426e19200d50"}, - {file = "black-24.10.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:4007b1393d902b48b36958a216c20c4482f601569d19ed1df294a496eb366392"}, - {file = "black-24.10.0-cp311-cp311-win_amd64.whl", hash = "sha256:394d4ddc64782e51153eadcaaca95144ac4c35e27ef9b0a42e121ae7e57a9175"}, - {file = "black-24.10.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:b5e39e0fae001df40f95bd8cc36b9165c5e2ea88900167bddf258bacef9bbdc3"}, - {file = "black-24.10.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:d37d422772111794b26757c5b55a3eade028aa3fde43121ab7b673d050949d65"}, - {file = "black-24.10.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:14b3502784f09ce2443830e3133dacf2c0110d45191ed470ecb04d0f5f6fcb0f"}, - {file = "black-24.10.0-cp312-cp312-win_amd64.whl", hash = "sha256:30d2c30dc5139211dda799758559d1b049f7f14c580c409d6ad925b74a4208a8"}, - {file = "black-24.10.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:1cbacacb19e922a1d75ef2b6ccaefcd6e93a2c05ede32f06a21386a04cedb981"}, - {file = "black-24.10.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:1f93102e0c5bb3907451063e08b9876dbeac810e7da5a8bfb7aeb5a9ef89066b"}, - {file = "black-24.10.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:ddacb691cdcdf77b96f549cf9591701d8db36b2f19519373d60d31746068dbf2"}, - {file = "black-24.10.0-cp313-cp313-win_amd64.whl", hash = "sha256:680359d932801c76d2e9c9068d05c6b107f2584b2a5b88831c83962eb9984c1b"}, - {file = "black-24.10.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:17374989640fbca88b6a448129cd1745c5eb8d9547b464f281b251dd00155ccd"}, - {file = "black-24.10.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:63f626344343083322233f175aaf372d326de8436f5928c042639a4afbbf1d3f"}, - {file = "black-24.10.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:ccfa1d0cb6200857f1923b602f978386a3a2758a65b52e0950299ea014be6800"}, - {file = "black-24.10.0-cp39-cp39-win_amd64.whl", hash = "sha256:2cd9c95431d94adc56600710f8813ee27eea544dd118d45896bb734e9d7a0dc7"}, - {file = "black-24.10.0-py3-none-any.whl", hash = "sha256:3bb2b7a1f7b685f85b11fed1ef10f8a9148bceb49853e47a294a3dd963c1dd7d"}, - {file = "black-24.10.0.tar.gz", hash = "sha256:846ea64c97afe3bc677b761787993be4991810ecc7a4a937816dd6bddedc4875"}, -] - -[package.dependencies] -click = ">=8.0.0" -mypy-extensions = ">=0.4.3" -packaging = ">=22.0" -pathspec = ">=0.9.0" -platformdirs = ">=2" - -[package.extras] -colorama = ["colorama (>=0.4.3)"] -d = ["aiohttp (>=3.10)"] -jupyter = ["ipython (>=7.8.0)", "tokenize-rt (>=3.2.0)"] -uvloop = ["uvloop (>=0.15.2)"] - [[package]] name = "cachetools" version = "5.5.0" @@ -1377,18 +1332,6 @@ files = [ {file = "packaging-24.2.tar.gz", hash = "sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f"}, ] -[[package]] -name = "pathspec" -version = "0.12.1" -description = "Utility library for gitignore style pattern matching of file paths." -optional = false -python-versions = ">=3.8" -groups = ["dev"] -files = [ - {file = "pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08"}, - {file = "pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712"}, -] - [[package]] name = "platformdirs" version = "4.3.6" @@ -1956,30 +1899,30 @@ files = [ [[package]] name = "ruff" -version = "0.9.1" +version = "0.9.2" description = "An extremely fast Python linter and code formatter, written in Rust." optional = false python-versions = ">=3.7" groups = ["dev"] files = [ - {file = "ruff-0.9.1-py3-none-linux_armv6l.whl", hash = "sha256:84330dda7abcc270e6055551aca93fdde1b0685fc4fd358f26410f9349cf1743"}, - {file = "ruff-0.9.1-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:3cae39ba5d137054b0e5b472aee3b78a7c884e61591b100aeb544bcd1fc38d4f"}, - {file = "ruff-0.9.1-py3-none-macosx_11_0_arm64.whl", hash = "sha256:50c647ff96f4ba288db0ad87048257753733763b409b2faf2ea78b45c8bb7fcb"}, - {file = "ruff-0.9.1-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f0c8b149e9c7353cace7d698e1656ffcf1e36e50f8ea3b5d5f7f87ff9986a7ca"}, - {file = "ruff-0.9.1-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:beb3298604540c884d8b282fe7625651378e1986c25df51dec5b2f60cafc31ce"}, - {file = "ruff-0.9.1-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:39d0174ccc45c439093971cc06ed3ac4dc545f5e8bdacf9f067adf879544d969"}, - {file = "ruff-0.9.1-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:69572926c0f0c9912288915214ca9b2809525ea263603370b9e00bed2ba56dbd"}, - {file = "ruff-0.9.1-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:937267afce0c9170d6d29f01fcd1f4378172dec6760a9f4dface48cdabf9610a"}, - {file = "ruff-0.9.1-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:186c2313de946f2c22bdf5954b8dd083e124bcfb685732cfb0beae0c47233d9b"}, - {file = "ruff-0.9.1-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3f94942a3bb767675d9a051867c036655fe9f6c8a491539156a6f7e6b5f31831"}, - {file = "ruff-0.9.1-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:728d791b769cc28c05f12c280f99e8896932e9833fef1dd8756a6af2261fd1ab"}, - {file = "ruff-0.9.1-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:2f312c86fb40c5c02b44a29a750ee3b21002bd813b5233facdaf63a51d9a85e1"}, - {file = "ruff-0.9.1-py3-none-musllinux_1_2_i686.whl", hash = "sha256:ae017c3a29bee341ba584f3823f805abbe5fe9cd97f87ed07ecbf533c4c88366"}, - {file = "ruff-0.9.1-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:5dc40a378a0e21b4cfe2b8a0f1812a6572fc7b230ef12cd9fac9161aa91d807f"}, - {file = "ruff-0.9.1-py3-none-win32.whl", hash = "sha256:46ebf5cc106cf7e7378ca3c28ce4293b61b449cd121b98699be727d40b79ba72"}, - {file = "ruff-0.9.1-py3-none-win_amd64.whl", hash = "sha256:342a824b46ddbcdddd3abfbb332fa7fcaac5488bf18073e841236aadf4ad5c19"}, - {file = "ruff-0.9.1-py3-none-win_arm64.whl", hash = "sha256:1cd76c7f9c679e6e8f2af8f778367dca82b95009bc7b1a85a47f1521ae524fa7"}, - {file = "ruff-0.9.1.tar.gz", hash = "sha256:fd2b25ecaf907d6458fa842675382c8597b3c746a2dde6717fe3415425df0c17"}, + {file = "ruff-0.9.2-py3-none-linux_armv6l.whl", hash = "sha256:80605a039ba1454d002b32139e4970becf84b5fee3a3c3bf1c2af6f61a784347"}, + {file = "ruff-0.9.2-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:b9aab82bb20afd5f596527045c01e6ae25a718ff1784cb92947bff1f83068b00"}, + {file = "ruff-0.9.2-py3-none-macosx_11_0_arm64.whl", hash = "sha256:fbd337bac1cfa96be615f6efcd4bc4d077edbc127ef30e2b8ba2a27e18c054d4"}, + {file = "ruff-0.9.2-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:82b35259b0cbf8daa22a498018e300b9bb0174c2bbb7bcba593935158a78054d"}, + {file = "ruff-0.9.2-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:8b6a9701d1e371bf41dca22015c3f89769da7576884d2add7317ec1ec8cb9c3c"}, + {file = "ruff-0.9.2-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:9cc53e68b3c5ae41e8faf83a3b89f4a5d7b2cb666dff4b366bb86ed2a85b481f"}, + {file = "ruff-0.9.2-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:8efd9da7a1ee314b910da155ca7e8953094a7c10d0c0a39bfde3fcfd2a015684"}, + {file = "ruff-0.9.2-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:3292c5a22ea9a5f9a185e2d131dc7f98f8534a32fb6d2ee7b9944569239c648d"}, + {file = "ruff-0.9.2-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:1a605fdcf6e8b2d39f9436d343d1f0ff70c365a1e681546de0104bef81ce88df"}, + {file = "ruff-0.9.2-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c547f7f256aa366834829a08375c297fa63386cbe5f1459efaf174086b564247"}, + {file = "ruff-0.9.2-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:d18bba3d3353ed916e882521bc3e0af403949dbada344c20c16ea78f47af965e"}, + {file = "ruff-0.9.2-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:b338edc4610142355ccf6b87bd356729b62bf1bc152a2fad5b0c7dc04af77bfe"}, + {file = "ruff-0.9.2-py3-none-musllinux_1_2_i686.whl", hash = "sha256:492a5e44ad9b22a0ea98cf72e40305cbdaf27fac0d927f8bc9e1df316dcc96eb"}, + {file = "ruff-0.9.2-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:af1e9e9fe7b1f767264d26b1075ac4ad831c7db976911fa362d09b2d0356426a"}, + {file = "ruff-0.9.2-py3-none-win32.whl", hash = "sha256:71cbe22e178c5da20e1514e1e01029c73dc09288a8028a5d3446e6bba87a5145"}, + {file = "ruff-0.9.2-py3-none-win_amd64.whl", hash = "sha256:c5e1d6abc798419cf46eed03f54f2e0c3adb1ad4b801119dedf23fcaf69b55b5"}, + {file = "ruff-0.9.2-py3-none-win_arm64.whl", hash = "sha256:a1b63fa24149918f8b37cef2ee6fff81f24f0d74b6f0bdc37bc3e1f2143e41c6"}, + {file = "ruff-0.9.2.tar.gz", hash = "sha256:b5eceb334d55fae5f316f783437392642ae18e16dcf4f1858d55d3c2a0f8f5d0"}, ] [[package]] @@ -2641,4 +2584,4 @@ cffi = ["cffi (>=1.11)"] [metadata] lock-version = "2.1" python-versions = ">=3.11,<3.14" -content-hash = "1f7e0d0d88d8f9076ee06dbdea6c032ac0cb2439655a168d72358b33c21beaa6" +content-hash = "b4cd73c80d620e84db84c554487df2c4bde49e0e2fb9e4c215200ffae21a82c8" diff --git a/pyproject.toml b/pyproject.toml index 3624d780..42c92883 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -63,7 +63,6 @@ zstandard = ">=0.22,<0.24" [tool.poetry.group.dev.dependencies] pytest = ">=7.2.2,<9.0.0" pre-commit = ">=3.2,<5.0" -black = ">=23.1,<25.0" jsonschema = "^4.17.3" pytest-unordered = ">=0.5.2,<0.7.0" pytest-sugar = ">=0.9.6,<1.1.0" @@ -77,7 +76,7 @@ types-requests = "^2.28.11.7" mypy = "^1.1" radon = ">=5.1,<7.0" dunamai = "^1.15.0" -ruff = ">=0.5.1,<0.9.2" +ruff = "^0.9.2" yardstick = {git = "https://github.com/anchore/yardstick", rev = "dd0410273860e765386bc29046cb26dd9d5fda8c"} # yardstick = {path = "../yardstick", develop=true } tabulate = "0.9.0" @@ -123,32 +122,27 @@ exclude = '''(?x)( | ^tests/.*$ # any tests )''' -[tool.black] -line-length = 130 -exclude = ''' -( - /( - \.eggs # exclude a few common directories in the - | \.git # root of the project - | \.hg - | \.mypy_cache - | \.tox - | \.venv - | _build - | buck-out - | build - | dist - | data - | backup - | src/vunnel/providers/mariner/model # files in here are generated - | tests/quality/vulnerability-match-labels - | tests/quality/.yardstick - | tests/quality/data - | tests/quality/build - | tests/quality/bin - )/ -) -''' +[tool.ruff.format] +exclude = [ + ".eggs", # exclude a few common directories in the + ".git", # root of the project + ".hg", + ".mypy_cache", + ".tox", + ".venv", + "_build", + "buck-out", + "build", + "dist", + "data", + "backup", + "src/vunnel/providers/mariner/model", # files in here are generated + "tests/quality/vulnerability-match-labels", + "tests/quality/.yardstick", + "tests/quality/data", + "tests/quality/build", + "tests/quality/bin", +] [tool.coverage.run] omit = [ @@ -172,7 +166,6 @@ dirty = true [tool.ruff] cache-dir = ".cache/ruff" -# allow for a wide-birth relative to what black will correct to line-length = 150 extend-exclude = [ diff --git a/src/vunnel/providers/alpine/__init__.py b/src/vunnel/providers/alpine/__init__.py index 4b7e8a6e..0bc54222 100644 --- a/src/vunnel/providers/alpine/__init__.py +++ b/src/vunnel/providers/alpine/__init__.py @@ -24,7 +24,6 @@ class Config: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/amazon/__init__.py b/src/vunnel/providers/amazon/__init__.py index 92d2ff35..a3fb6097 100644 --- a/src/vunnel/providers/amazon/__init__.py +++ b/src/vunnel/providers/amazon/__init__.py @@ -29,7 +29,6 @@ def __post_init__(self) -> None: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/chainguard/__init__.py b/src/vunnel/providers/chainguard/__init__.py index 0d7436df..602fcf5e 100644 --- a/src/vunnel/providers/chainguard/__init__.py +++ b/src/vunnel/providers/chainguard/__init__.py @@ -23,7 +23,6 @@ class Config: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/debian/__init__.py b/src/vunnel/providers/debian/__init__.py index aefc48db..0e30e2e5 100644 --- a/src/vunnel/providers/debian/__init__.py +++ b/src/vunnel/providers/debian/__init__.py @@ -28,7 +28,6 @@ def __post_init__(self) -> None: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/debian/parser.py b/src/vunnel/providers/debian/parser.py index cc0b48e7..17ce0243 100644 --- a/src/vunnel/providers/debian/parser.py +++ b/src/vunnel/providers/debian/parser.py @@ -346,11 +346,7 @@ def _normalize_json(self, ns_cve_dsalist=None): # noqa: PLR0912,PLR0915,C901 else: sev = "Unknown" - if ( - sev - and vulnerability.severity_order[sev] - > vulnerability.severity_order[vuln_record["Vulnerability"]["Severity"]] - ): + if sev and vulnerability.severity_order[sev] > vulnerability.severity_order[vuln_record["Vulnerability"]["Severity"]]: vuln_record["Vulnerability"]["Severity"] = sev # add fixedIn @@ -404,22 +400,16 @@ def _normalize_json(self, ns_cve_dsalist=None): # noqa: PLR0912,PLR0915,C901 "AdvisorySummary": [{"ID": x.dsa, "Link": x.link} for x in matched_dsas], } # all_matched_dsas |= set([x.dsa for x in matched_dsas]) - adv_mets[met_ns][met_sev]["dsa"][ - "notfixed" if fixed_el["Version"] == "None" else "fixed" - ] += 1 + adv_mets[met_ns][met_sev]["dsa"]["notfixed" if fixed_el["Version"] == "None" else "fixed"] += 1 elif "nodsa" in distro_record: fixed_el["VendorAdvisory"] = {"NoAdvisory": True} - adv_mets[met_ns][met_sev]["nodsa"][ - "notfixed" if fixed_el["Version"] == "None" else "fixed" - ] += 1 + adv_mets[met_ns][met_sev]["nodsa"]["notfixed" if fixed_el["Version"] == "None" else "fixed"] += 1 else: fixed_el["VendorAdvisory"] = { "NoAdvisory": False, "AdvisorySummary": [], } - adv_mets[met_ns][met_sev]["neither"][ - "notfixed" if fixed_el["Version"] == "None" else "fixed" - ] += 1 + adv_mets[met_ns][met_sev]["neither"]["notfixed" if fixed_el["Version"] == "None" else "fixed"] += 1 # append fixed in record to vulnerability vuln_record["Vulnerability"]["FixedIn"].append(fixed_el) diff --git a/src/vunnel/providers/github/__init__.py b/src/vunnel/providers/github/__init__.py index 7cabcf30..875f34ab 100644 --- a/src/vunnel/providers/github/__init__.py +++ b/src/vunnel/providers/github/__init__.py @@ -39,7 +39,6 @@ def __str__(self) -> str: class Provider(provider.Provider): - __schema__ = schema.GithubSecurityAdvisorySchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/github/parser.py b/src/vunnel/providers/github/parser.py index 61419b30..a8232a1e 100644 --- a/src/vunnel/providers/github/parser.py +++ b/src/vunnel/providers/github/parser.py @@ -445,9 +445,7 @@ def graphql_advisories(cursor=None, timestamp=None, vuln_cursor=None): if vuln_cursor: vuln_after = f'after: "{vuln_cursor}", ' - vulnerabilities = ( - f"{vuln_after}classifications: [GENERAL, MALWARE], first: 100, orderBy: {{field: UPDATED_AT, direction: ASC}}" - ) + vulnerabilities = f"{vuln_after}classifications: [GENERAL, MALWARE], first: 100, orderBy: {{field: UPDATED_AT, direction: ASC}}" return f""" {{ diff --git a/src/vunnel/providers/mariner/__init__.py b/src/vunnel/providers/mariner/__init__.py index 7f601ff2..729d9dc9 100644 --- a/src/vunnel/providers/mariner/__init__.py +++ b/src/vunnel/providers/mariner/__init__.py @@ -24,7 +24,6 @@ class Config: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/nvd/__init__.py b/src/vunnel/providers/nvd/__init__.py index b25c5ef7..567b788c 100644 --- a/src/vunnel/providers/nvd/__init__.py +++ b/src/vunnel/providers/nvd/__init__.py @@ -54,8 +54,7 @@ def __init__(self, root: str, config: Config | None = None): if self.config.runtime.skip_if_exists and config.runtime.existing_results != result.ResultStatePolicy.KEEP: raise ValueError( - "if 'skip_if_exists' is set then 'runtime.existing_results' must be 'keep' " - "(otherwise incremental updates will fail)", + "if 'skip_if_exists' is set then 'runtime.existing_results' must be 'keep' (otherwise incremental updates will fail)", ) if self.config.runtime.result_store != result.StoreStrategy.SQLITE: diff --git a/src/vunnel/providers/nvd/api.py b/src/vunnel/providers/nvd/api.py index 1d7681b9..fb8df91c 100644 --- a/src/vunnel/providers/nvd/api.py +++ b/src/vunnel/providers/nvd/api.py @@ -39,12 +39,8 @@ def __init__( def cve_history( self, cve_id: str | None = None, - results_per_page: ( - int | None - ) = None, # from api docs: "it is recommended that users of the CVE API use the default resultsPerPage value" - change_start_date: ( - str | datetime.datetime | None - ) = None, # note: if you specify a changeStartDate, you must also specify a changeEndDate + results_per_page: (int | None) = None, # from api docs: "it is recommended that users of the CVE API use the default resultsPerPage value" + change_start_date: (str | datetime.datetime | None) = None, # note: if you specify a changeStartDate, you must also specify a changeEndDate change_end_date: str | datetime.datetime | None = None, # note: maximum date range is 120 days ) -> Generator[dict[str, Any], Any, None]: parameters = {} @@ -72,14 +68,10 @@ def cve_history( def cve( # noqa: PLR0913 self, cve_id: str | None = None, - results_per_page: ( - int | None - ) = None, # from api docs: "it is recommended that users of the CVE API use the default resultsPerPage value" + results_per_page: (int | None) = None, # from api docs: "it is recommended that users of the CVE API use the default resultsPerPage value" last_mod_start_date: str | datetime.datetime | None = None, last_mod_end_date: str | datetime.datetime | None = None, - pub_start_date: ( - str | datetime.datetime | None - ) = None, # note: if you specify a pubStartDate, you must also specify a pubEndDate + pub_start_date: (str | datetime.datetime | None) = None, # note: if you specify a pubStartDate, you must also specify a pubEndDate pub_end_date: str | datetime.datetime | None = None, # note: maximum date range is 120 days ) -> Generator[dict[str, Any], Any, None]: parameters = {} @@ -143,7 +135,7 @@ def _request_all_pages( index = results_per_page for page in range(pages): - self.logger.debug(f"{message} (page {page+2} of {pages})") + self.logger.debug(f"{message} (page {page + 2} of {pages})") parameters["resultsPerPage"] = str(results_per_page) parameters["startIndex"] = str(index) diff --git a/src/vunnel/providers/oracle/__init__.py b/src/vunnel/providers/oracle/__init__.py index 553f176f..abb57fbe 100644 --- a/src/vunnel/providers/oracle/__init__.py +++ b/src/vunnel/providers/oracle/__init__.py @@ -24,7 +24,6 @@ class Config: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/rhel/__init__.py b/src/vunnel/providers/rhel/__init__.py index 860b4d35..4f3bb3f1 100644 --- a/src/vunnel/providers/rhel/__init__.py +++ b/src/vunnel/providers/rhel/__init__.py @@ -27,7 +27,6 @@ class Config: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/rhel/parser.py b/src/vunnel/providers/rhel/parser.py index ef40bc12..c73e7e22 100644 --- a/src/vunnel/providers/rhel/parser.py +++ b/src/vunnel/providers/rhel/parser.py @@ -521,9 +521,7 @@ def _parse_affected_release(self, cve_id: str, content) -> list[FixedIn]: # noq f"{cve_id}, platform={ar_obj.platform} : missing package, trying to find a match using {ar_obj.rhsa_id} and other affected releases", # noqa: E501 ) - possible_packages = ( - set().union(*platform_packages.values()).difference(platform_packages[ar_obj.platform]) - ) + possible_packages = set().union(*platform_packages.values()).difference(platform_packages[ar_obj.platform]) for pkg_name in possible_packages: rhsa_version, rhsa_module = self._fetch_rhsa_fix_version(ar_obj.rhsa_id, ar_obj.platform, pkg_name) @@ -575,7 +573,7 @@ def _parse_affected_release(self, cve_id: str, content) -> list[FixedIn]: # noq final_ar_objs[(ar_obj.name, ar_obj.platform, ar_obj.module)] = ar_obj except Exception: - self.logger.exception(f"error processing {cve_id} affected release object: { ar_obj.__dict__}") + self.logger.exception(f"error processing {cve_id} affected release object: {ar_obj.__dict__}") # construct the final fixed in objects fixed_ins = [ diff --git a/src/vunnel/providers/sles/__init__.py b/src/vunnel/providers/sles/__init__.py index 2efc439b..07acf9de 100644 --- a/src/vunnel/providers/sles/__init__.py +++ b/src/vunnel/providers/sles/__init__.py @@ -28,7 +28,6 @@ def __post_init__(self) -> None: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/providers/ubuntu/parser.py b/src/vunnel/providers/ubuntu/parser.py index 55774f8e..00eb50f4 100644 --- a/src/vunnel/providers/ubuntu/parser.py +++ b/src/vunnel/providers/ubuntu/parser.py @@ -1007,9 +1007,7 @@ def _resolve_patches_using_history( # noqa: C901, PLR0912, PLR0915 pending_dpt_list: list[DistroPkg] = copy.deepcopy(to_be_merged_dpt_list) # last processed commit - saved_cve_last_processed_rev = ( - saved_state.git_last_processed_rev if saved_state and saved_state.git_last_processed_rev else None - ) + saved_cve_last_processed_rev = saved_state.git_last_processed_rev if saved_state and saved_state.git_last_processed_rev else None # fetch log of revision history for this file, its in the most recent - least recent order since_revs = self.git_wrapper.get_revision_history(cve_id, cve_rel_path, saved_cve_last_processed_rev) diff --git a/src/vunnel/providers/wolfi/__init__.py b/src/vunnel/providers/wolfi/__init__.py index 40e54123..6fcc1e56 100644 --- a/src/vunnel/providers/wolfi/__init__.py +++ b/src/vunnel/providers/wolfi/__init__.py @@ -24,7 +24,6 @@ class Config: class Provider(provider.Provider): - __schema__ = schema.OSSchema() __distribution_version__ = int(__schema__.major_version) diff --git a/src/vunnel/utils/__init__.py b/src/vunnel/utils/__init__.py index b7a84093..5f292574 100644 --- a/src/vunnel/utils/__init__.py +++ b/src/vunnel/utils/__init__.py @@ -32,7 +32,7 @@ def wrapper(*args: Any, **kwargs: Any) -> Any: # explanation of S311 disable: random number is not used for cryptography sleep = backoff_in_seconds * 2**attempt + random.uniform(0, 1) # noqa: S311 - logger.warning(f"{f} failed with {err}. Retrying in {int(sleep)} seconds (attempt {attempt+1} of {retries})") + logger.warning(f"{f} failed with {err}. Retrying in {int(sleep)} seconds (attempt {attempt + 1} of {retries})") time.sleep(sleep) attempt += 1 diff --git a/src/vunnel/utils/oval_parser.py b/src/vunnel/utils/oval_parser.py index 51532899..e2293a05 100644 --- a/src/vunnel/utils/oval_parser.py +++ b/src/vunnel/utils/oval_parser.py @@ -165,9 +165,7 @@ def _process_definition(def_element, vuln_dict, config: Config): # noqa: PLR091 v["Vulnerability"]["NamespaceName"] = ns_name v["Vulnerability"]["Severity"] = severity or "" - v["Vulnerability"]["Metadata"] = ( - {"Issued": issued, "Updated": updated, "RefId": ref_id} if updated else {"Issued": issued, "RefId": ref_id} - ) + v["Vulnerability"]["Metadata"] = {"Issued": issued, "Updated": updated, "RefId": ref_id} if updated else {"Issued": issued, "RefId": ref_id} v["Vulnerability"]["Name"] = name v["Vulnerability"]["Link"] = link v["Vulnerability"]["Description"] = description