Feature Request: Code Viewing Capability

[jspeed-meyers]

@RootLUG,

I'm sure you've thought of this and it would probably be a pain. But I find myself clicking on the indicators in the HTML view hoping that I get taken to a view of the code GitHub-style, so that I can do deeper code investigation. Thought I would mention it.

JS

[RootLUG]

Hi John,
thanks for the suggestion, I indeed have thought about this but it would be very problematic to get this working. There is no direct relation between a file in a wheel and something on github, in many cases the git repo is not even set in the metadata of the package and at the same time aura also scans blobs of dat that are extracted from within existing files (like long bytes or string definition inside the source code). In theory it could be done but I suspect that in practice the scanner would spend more time trying to browse existing linked repo to find the exact file/commit that matches the file from the package and this would work in a small percentage of packages on pypi.

In past, the sqlite format output of aura also stored all the data that was scanned which could be possible to re-use for this code viewing feature. This would also massively increase the output size from a scan from few kbs, to mb or even gb sizes in some cases.

Suggestions for how to get this working are welcome :)