-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgitverify.py
64 lines (52 loc) · 3.7 KB
/
gitverify.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/usr/bin/env python3
import os, sys
from include import gh_api, output, arg_parser
from modules import verify_metadata
from modules import verify_contributors
from modules import verify_domains
from modules import verify_issues_prs
if __name__ == "__main__":
args = arg_parser.parse_arguments()
output_obj = output.Output(verbose=args.verbose, outfile=args.outfile, outformat=args.format)
print("""
░██████╗░██╗████████╗██╗░░░██╗███████╗██████╗░██╗███████╗██╗░░░██╗
██╔════╝░██║╚══██╔══╝██║░░░██║██╔════╝██╔══██╗██║██╔════╝╚██╗░██╔╝
██║░░██╗░██║░░░██║░░░╚██╗░██╔╝█████╗░░██████╔╝██║█████╗░░░╚████╔╝░
██║░░╚██╗██║░░░██║░░░░╚████╔╝░██╔══╝░░██╔══██╗██║██╔══╝░░░░╚██╔╝░░
╚██████╔╝██║░░░██║░░░░░╚██╔╝░░███████╗██║░░██║██║██║░░░░░░░░██║░░░
░╚═════╝░╚═╝░░░╚═╝░░░░░░╚═╝░░░╚══════╝╚═╝░░╚═╝╚═╝╚═╝░░░░░░░░╚═╝░░░
GitVerify: Is the repo trustworthy? Make an informed decision.
v1.0 - https://www.kulkan.com
######################################################################################""")
# Let's warn the user that unauth RateLimits are pretty low
if os.environ.get("GH_ACCESS_TOKEN", None) == None:
output_obj.warn("GH_ACCESS_TOKEN environment variable not set, using GitHub RateLimits for anonymous queries")
output_obj.warn("Unauthenticated requests to the Github API will enforce a very low and strict RateLimit")
print("For information on how to create a GitHub API Access Token refer to: ")
print("https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens")
if os.environ.get("VT_API_KEY", None) == None:
output_obj.warn("VT_API_KEY environment variable not set, disabling VirusTotal checks.")
print("For information on how to create a VirusTotal API Key refer to: ")
print("https://www.virustotal.com/en/documentation/public-api/")
args.disable_vt = True
if not args.repositories_file:
args.repositories_file = [args.repository]
for repo in args.repositories_file:
try:
repository = gh_api.fetch_repository(repo)
print("######################################################################################")
print("Now verifying repository: {}".format(repository.get('full_name')))
except Exception as ex:
print("Unable to pull data for the repository that was provided. Is it a valid repo URL?")
if args.verbose:
print(ex)
sys.exit()
output_obj.initialize_repo_output(repository.get('full_name'))
verify_metadata.run(repository, output_obj)
# We store the result from contributors() to prevent calling it again for I+PRS
contributors = verify_contributors.run(repository, output_obj)
verify_issues_prs.run(repository, contributors, output_obj)
if not args.disable_vt:
verify_domains.run(repository, output_obj)
output_obj.doOutput()
sys.exit()