Skip to content

Commit

Permalink
modified lookup and save logic nexB#1283
Browse files Browse the repository at this point in the history 
Signed-off-by: 404-geek <[email protected]>
  • Loading branch information
@404-geek
404-geek committed Jul 25, 2024
1 parent 9d80ef1 commit 29da290
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 7 deletions.
3 changes: 0 additions & 3 deletions scanpipe/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3843,7 +3843,6 @@ def as_spdx(self):


class PackageScore(UUIDPKModel, PackageScoreMixin):

def __str__(self):
return self.score or str(self.uuid)

Expand Down Expand Up @@ -3871,7 +3870,6 @@ def create_from_data(cls, DiscoveredPackage, scorecard_data, scoring_tool=None):

date_str = scorecard_data.score_date
if date_str:

naive_datetime = datetime.strptime(date_str, "%Y-%m-%d")

score_date = timezone.make_aware(
Expand Down Expand Up @@ -3908,7 +3906,6 @@ def create_from_data(cls, DiscoveredPackage, scorecard_data, scoring_tool=None):


class ScorecardCheck(UUIDPKModel, ScorecardChecksMixin):

def __str__(self):
return self.check_score or str(self.uuid)

Expand Down
18 changes: 14 additions & 4 deletions scanpipe/pipelines/get_scorecard_info_packages.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@

from ossf_scorecard import scorecard

from scanpipe.models import PackageScore
from scanpipe.pipelines import Pipeline


Expand All @@ -39,8 +40,7 @@ class FetchScoreCodeInfo(Pipeline):
def steps(cls):
return (
cls.check_scorecode_service_availability,
cls.lookup_packages_scorecode_info,
# cls.lookup_dependencies_scorecode_info,
cls.lookup_save_packages_scorecode_info,
)

def check_scorecode_service_availability(self):
Expand All @@ -51,10 +51,20 @@ def check_scorecode_service_availability(self):
if not scorecard.is_available():
raise Exception("scorecode service is not available.")

def lookup_packages_scorecode_info(self):
def lookup_save_packages_scorecode_info(self):
"""Fetch scorecode information for each of the project's discovered packages."""
packages = self.project.discoveredpackages.all()
scorecard.fetch_scorecard_info(
scorecard_packages_data = scorecard.fetch_scorecard_info(
packages=packages,
logger=self.log,
)

if scorecard_packages_data:
scorecard.save_scorecard_info(
package_scorecard_data=scorecard_packages_data,
cls=PackageScore,
logger=self.log,
)

else:
raise Exception("No Data Found for the packages")

0 comments on commit 29da290

Please sign in to comment.