Skip to content

Commit

Permalink
Move _generate_sbom to vulnscan cli, avoid strong cycles
Browse files Browse the repository at this point in the history
  • Loading branch information
@jonringer
jonringer committed Sep 30, 2024
1 parent c0a07db commit 4af1227
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 21 deletions.
20 changes: 0 additions & 20 deletions src/vulnxscan/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,10 @@


import json
import logging
import pathlib
import re
import time
import urllib.parse

from tempfile import NamedTemporaryFile
import pandas as pd

from common.utils import (
Expand All @@ -34,7 +31,6 @@
from repology.repology_cli import Repology
from repology.repology_cli import getargs as cli_getargs
from repology.repology_cve import query_cve
from sbomnix.sbomdb import SbomDb


################################################################################
Expand Down Expand Up @@ -211,22 +207,6 @@ def _github_query(query_str, delay=60):
return resp_json


def _generate_sbom(target_path, buildtime=False):
LOG.info("Generating SBOM for target '%s'", target_path)
sbomdb = SbomDb(target_path, buildtime, include_meta=False)
prefix = "vulnxscan_"
cdx_suffix = ".json"
csv_suffix = ".csv"
with NamedTemporaryFile(
delete=False, prefix=prefix, suffix=cdx_suffix
) as fcdx, NamedTemporaryFile(
delete=False, prefix=prefix, suffix=csv_suffix
) as fcsv:
sbomdb.to_cdx(fcdx.name, printinfo=False)
sbomdb.to_csv(fcsv.name, loglevel=logging.DEBUG)
return pathlib.Path(fcdx.name), pathlib.Path(fcsv.name)


def _is_json(path):
try:
with open(path, encoding="utf-8") as f:
Expand Down
23 changes: 22 additions & 1 deletion src/vulnxscan/vulnxscan_cli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,10 @@
import logging
import sys
import pathlib
from tempfile import NamedTemporaryFile

from vulnxscan.utils import _generate_sbom, _is_json
from sbomnix.sbomdb import SbomDb
from vulnxscan.utils import _is_json
from vulnxscan.vulnscan import VulnScan
from common.utils import (
LOG,
Expand Down Expand Up @@ -140,3 +142,22 @@ def main():
main()

################################################################################


def _generate_sbom(target_path, buildtime=False):
LOG.info("Generating SBOM for target '%s'", target_path)
sbomdb = SbomDb(target_path, buildtime, include_meta=False)
prefix = "vulnxscan_"
cdx_suffix = ".json"
csv_suffix = ".csv"
with NamedTemporaryFile(
delete=False, prefix=prefix, suffix=cdx_suffix
) as fcdx, NamedTemporaryFile(
delete=False, prefix=prefix, suffix=csv_suffix
) as fcsv:
sbomdb.to_cdx(fcdx.name, printinfo=False)
sbomdb.to_csv(fcsv.name, loglevel=logging.DEBUG)
return pathlib.Path(fcdx.name), pathlib.Path(fcsv.name)


################################################################################

0 comments on commit 4af1227

Please sign in to comment.