improved cli. removed useless import

2024-11-22 14:57:20 +00:00 · 2020-01-03 17:51:55 +01:00 · 2020-01-03 17:51:55 +01:00 · 2fa7b4583e
commit 2fa7b4583e
parent fe4a656412
3 changed files with 82 additions and 81 deletions
--- a/bin/finder.py
+++ b/bin/finder.py
@ -7,7 +7,7 @@
 #
 # This software is part of cve-search.org
 #
-# Copyright (c) 2019 Alexandre Dulaunoy - a@foo.be
+# Copyright (c) 2019-2020 Alexandre Dulaunoy - a@foo.be
 import git
@ -17,68 +17,68 @@ import argparse
 import typing
 from git_vuln_finder import (
    build_pattern,
    get_patterns,
    find_vuln,
-    summary,
+    summary
    extract_cve
 )
 PATTERNS_PATH="./git_vuln_finder/patterns"
-parser = argparse.ArgumentParser(description = "Finding potential software vulnerabilities from git commit messages.", epilog = "More info: https://github.com/cve-search/git-vuln-finder")
+def main():
-parser.add_argument("-v", help="increase output verbosity", action="store_true")
+    """Point of entry for the script.
-parser.add_argument("-r", type=str, help="git repository to analyse")
+    """
-parser.add_argument("-o", type=str, help="Output format: [json]", default="json")
+    # Parsing arguments
-parser.add_argument("-s", type=str, help="State of the commit found", default="under-review")
+    parser = argparse.ArgumentParser(description = "Finding potential software vulnerabilities from git commit messages.", epilog = "More info: https://github.com/cve-search/git-vuln-finder")
-parser.add_argument("-p", type=str, help="Matching pattern to use: [vulnpatterns, cryptopatterns, cpatterns] - the pattern 'all' is used to match all the patterns at once.", default="vulnpatterns")
+    parser.add_argument("-v", help="increase output verbosity", action="store_true")
-parser.add_argument("-c", help="output only a list of the CVE pattern found in commit messages (disable by default)", action="store_true")
+    parser.add_argument("-r", type=str, help="git repository to analyse")
-parser.add_argument("-t", help="Include tags matching a specific commit", action="store_true")
+    parser.add_argument("-o", type=str, help="Output format: [json]", default="json")
-args = parser.parse_args()
+    parser.add_argument("-s", type=str, help="State of the commit found", default="under-review")
    parser.add_argument("-p", type=str, help="Matching pattern to use: [vulnpatterns, cryptopatterns, cpatterns] - the pattern 'all' is used to match all the patterns at once.", default="vulnpatterns")
    parser.add_argument("-c", help="output only a list of the CVE pattern found in commit messages (disable by default)", action="store_true")
    parser.add_argument("-t", help="Include tags matching a specific commit", action="store_true")
    args = parser.parse_args()
-patterns = get_patterns()
+    patterns = get_patterns()
-vulnpatterns = patterns["en"]["medium"]["vuln"]
+    vulnpatterns = patterns["en"]["medium"]["vuln"]
-cryptopatterns = patterns["en"]["medium"]["crypto"]
+    cryptopatterns = patterns["en"]["medium"]["crypto"]
-cpatterns = patterns["en"]["medium"]["c"]
+    cpatterns = patterns["en"]["medium"]["c"]
-if args.p == "vulnpatterns":
+
    if args.p == "vulnpatterns":
        defaultpattern = vulnpatterns
-elif args.p == "cryptopatterns":
+    elif args.p == "cryptopatterns":
        defaultpattern = cryptopatterns
-elif args.p == "cpatterns":
+    elif args.p == "cpatterns":
        defaultpattern = cpatterns
-elif args.p == "all":
+    elif args.p == "all":
        defaultpattern = [vulnpatterns, cryptopatterns, cpatterns]
-else:
+    else:
        parser.print_usage()
        parser.exit()
-if not args.r:
+    if not args.r:
        parser.print_usage()
        parser.exit()
-else:
+    else:
        repo = git.Repo(args.r)
-found = 0
+    # Initialization of the variables for the results
-all_potential_vulnerabilities = {}
+    found = 0
-cve_found = set()
+    all_potential_vulnerabilities = {}
-
+    cve_found = set()
 def main():
    pass
-repo_heads = repo.heads
+    repo_heads = repo.heads
-repo_heads_names = [h.name for h in repo_heads]
+    repo_heads_names = [h.name for h in repo_heads]
-print(repo_heads_names, file=sys.stderr)
+    print(repo_heads_names, file=sys.stderr)
-origin = repo.remotes.origin.url
+    origin = repo.remotes.origin.url
-if args.t:
+    if args.t:
        tagmap = {}
        for t in repo.tags:
            tagmap.setdefault(repo.commit(t).hexsha, []).append(str(t))
-for branch in repo_heads_names:
+    for branch in repo_heads_names:
        commits = list(repo.iter_commits(branch))
        defaultpattern
        for commit in commits:
@ -109,10 +109,11 @@ for branch in repo_heads_names:
                                                               commit_state=args.s)
                        all_potential_vulnerabilities.update(potential_vulnerabilities)
                        found += 1
-if not args.c:
+
    if not args.c:
        print(json.dumps(all_potential_vulnerabilities))
-elif args.c:
+    elif args.c:
        print(json.dumps(list(cve_found)))
-print("{} CVE referenced found in commit(s)".format(len(list(cve_found))), file=sys.stderr)
+    print("{} CVE referenced found in commit(s)".format(len(list(cve_found))), file=sys.stderr)
-print("Total potential vulnerability found in {} commit(s)".format(found), file=sys.stderr)
+    print("Total potential vulnerability found in {} commit(s)".format(found), file=sys.stderr)
--- a/git_vuln_finder/pycache/finder.cpython-38.pyc
+++ b/git_vuln_finder/pycache/finder.cpython-38.pyc
--- a/git_vuln_finder/finder.py
+++ b/git_vuln_finder/finder.py
@ -7,7 +7,7 @@
 #
 # This software is part of cve-search.org
 #
-# Copyright (c) 2019 Alexandre Dulaunoy - a@foo.be
+# Copyright (c) 2019-2020 Alexandre Dulaunoy - a@foo.be
 import os