Commit 34c020e5 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

style: fix code formatting issues

parent 0538ad66

sbom_scanner/scan.py

+31 −30
Original line number Diff line number Diff line
@@ -31,6 +31,7 @@ MIME_APPLICATION_JSON = "application/json" 


IS_STR_TRUE = ["true", "yes", "1"]





@dataclass

class DtSeverity:

    """Dependency Track severity level"""
@@ -248,10 +249,12 @@ class ApiClient: 
    def __init__(self, base_api_url: str, api_key: str, verify_ssl: bool):

        self.base_api_url = base_api_url

        self.session = requests.Session()

        self.session.headers.update({

        self.session.headers.update(

            {

                "X-API-Key": api_key,

                "accept": MIME_APPLICATION_JSON,

        })

            }

        )

        self.session.verify = verify_ssl



    def get(self, path, **kwargs):
@@ -307,9 +310,7 @@ class Scanner: 
    @cache

    def dt_version(self) -> Version:

        """Determines the DT server version."""

        return Version(

            self.api_client.get("/version").json()["version"]

        )

        return Version(self.api_client.get("/version").json()["version"])



    @property

    @cache
@@ -533,11 +534,19 @@ class Scanner: 
            sbom_utils.trim_purls(sbom, self.purl_max_len)



        self.do_publish(

            sbom_utils.to_json(sbom, self.cdx_schema_version), project_path, sbom_type, vex_file_path

            sbom_utils.to_json(sbom, self.cdx_schema_version),

            project_path,

            sbom_type,

            vex_file_path,

        )



    def do_publish(

        self, sbom_json: str, project_path: str, sbom_type: str, vex_file_path: Path, allow_retry=True

        self,

        sbom_json: str,

        project_path: str,

        sbom_type: str,

        vex_file_path: Path,

        allow_retry=True,

    ):

        project_path_parts = project_path.split(self.path_separator)

        # determine publish params
@@ -610,7 +619,9 @@ class Scanner: 
        if self.need_findings:

            self.do_scan(project_def, event_id)



    def do_vex_publish(self, project_def: DtProjectDef, vex_file_path: Path,  event_id: str):

    def do_vex_publish(

        self, project_def: DtProjectDef, vex_file_path: Path, event_id: str

    ):

        self.wait_for_event_processing(event_id)



        if not vex_file_path.exists():
@@ -674,7 +685,7 @@ class Scanner: 
            risk_score += severity.risk_score

            if self.show_findings:

                print(

                    f'  - {vuln["vulnId"]} {severity.color}{severity.name}{AnsiColors.RESET}: {component.get("group","")}:{component.get("name")}:{component.get("version","")} - {" ".join(cwes)}'

                    f"  - {vuln['vulnId']} {severity.color}{severity.name}{AnsiColors.RESET}: {component.get('group', '')}:{component.get('name')}:{component.get('version', '')} - {' '.join(cwes)}"

                )

                print(re.sub("\n+", "\n", vuln.get("description", "").strip()))

                print()
@@ -730,10 +741,10 @@ class Scanner: 
                fail(

                    "VIEW_PORTFOLIO permission is mandatory to show finding or compute risk score after SBOM analysis"

                )

        if self.upload_vex and not self.has_permission(DtPermission.VULNERABILITY_ANALYSIS):

            fail(

              "VULNERABILITY_ANALYSIS permission is mandatory to import VEX files"

            )

        if self.upload_vex and not self.has_permission(

            DtPermission.VULNERABILITY_ANALYSIS

        ):

            fail("VULNERABILITY_ANALYSIS permission is mandatory to import VEX files")



        # scan for SBOM files

        sboms = []
@@ -804,9 +815,7 @@ def run() -> None: 
        prog="sbom-scanner",

        description="This tool scans for SBOM files and publishes them to a Dependency Track server.",

    )

    dt_platform_group = parser.add_argument_group(

        "Dependency Track connection"

    )

    dt_platform_group = parser.add_argument_group("Dependency Track connection")

    dt_platform_group.add_argument(

        "-u",

        "--base-api-url",
@@ -951,19 +960,11 @@ def run() -> None: 
        fail(

            f"You need to specify a tag with --parent-collection-logic-tag (or DEPTRACK_PARENT_COLLECTION_LOGIC_TAG env var) if parent collection logic has been set to {CollectionLogic.TAG.name}"

        )

    if (

        args.merge

        and args.upload_vex

        and not args.merged_vex_file

    ):

    if args.merge and args.upload_vex and not args.merged_vex_file:

        fail(

            "You need to specify a VEX file with --merged-vex-file (or DEPTRACK_MERGED_VEX_FILE env var) if you want to upload a VEX file and are merging SBOM files (--merge)"

        )

    if (

        not args.merge

        and args.upload_vex

        and args.merged_vex_file

    ):

    if not args.merge and args.upload_vex and args.merged_vex_file:

        fail(

            "You cannot specify a VEX file with --merged-vex-file (or DEPTRACK_MERGED_VEX_FILE env var) if you are NOT merging SBOM files (--merge is not set)"

        )

.gitignore

+1 −1

File changed.

Contains only whitespace changes.

Dockerfile

+1 −1

File changed.

Contains only whitespace changes.

SECURITY.md

+1 −1

File changed.

Contains only whitespace changes.