diff --git a/vulntotal/datasources/vulnerablecode.py b/vulntotal/datasources/vulnerablecode.py index 02393afc6..7311056b4 100644 --- a/vulntotal/datasources/vulnerablecode.py +++ b/vulntotal/datasources/vulnerablecode.py @@ -112,9 +112,8 @@ class VCIOTokenError(Exception): def fetch_vulnerablecode_query(url: str, payload: dict): """ Requires VCIO API key in .env file - For example:: - - VCIO_TOKEN='OJ78Os2IPfM80hqVT2ek+1QnrTKvsX1HdOMABq3pmQd' + For example: + VCIO_TOKEN='OJ78Os2IPfM80hqVT2ek+1QnrTKvsX1HdOMABq3pmQd' """ load_dotenv() @@ -123,12 +122,11 @@ def fetch_vulnerablecode_query(url: str, payload: dict): msg = "Cannot call VulnerableCode API without a token set in the VCIO_TOKEN environment variable." raise VCIOTokenError(msg) - if payload is not None: - response = requests.post( - url, headers={"Authorization": f"Token {vcio_token}"}, json=payload - ) - else: - response = requests.get(url, headers={"Authorization": f"Token {vcio_token}"}) + response = ( + requests.post(url, headers={"Authorization": f"Token {vcio_token}"}, json=payload) + if payload is not None + else requests.get(url, headers={"Authorization": f"Token {vcio_token}"}) + ) if response.text.startswith('{"detail":'): raise VCIOTokenError(f"{response.json().get('detail')}") diff --git a/vulntotal/vulntotal_cli.py b/vulntotal/vulntotal_cli.py index 10b810302..c65007ba8 100755 --- a/vulntotal/vulntotal_cli.py +++ b/vulntotal/vulntotal_cli.py @@ -318,8 +318,8 @@ def group_by_cve(vulnerabilities): if cve not in grouped_by_cve: grouped_by_cve[cve] = [] grouped_by_cve[cve].append(formatted_row(datasource, advisory)) - grouped_by_cve["no_cve"] = no_cve - grouped_by_cve["no_advisory"] = no_advisory + grouped_by_cve["NOCVE"] = no_cve + grouped_by_cve["NOADVISORY"] = no_advisory return grouped_by_cve diff --git a/vulntotal/vulntotal_utils.py b/vulntotal/vulntotal_utils.py index 4fa4717fd..79d866e05 100644 --- a/vulntotal/vulntotal_utils.py +++ b/vulntotal/vulntotal_utils.py @@ -80,14 +80,14 @@ def parse_constraint(constraint): return constraint[-1], constraint[:-1] -def github_constraints_satisfied(github_constrain, version): +def github_constraints_satisfied(github_constraint, version): """ Return True or False depending on whether the given version satisfies the github constraint For example: >>> assert github_constraints_satisfied(">= 7.0.0, <= 7.6.57", "7.1.1") == True >>> assert github_constraints_satisfied(">= 10.4.0, <= 10.4.1", "10.6.0") == False """ - gh_constraints = github_constrain.strip().replace(" ", "") + gh_constraints = github_constraint.strip().replace(" ", "") constraints = gh_constraints.split(",") for constraint in constraints: gh_comparator, gh_version = parse_constraint(constraint) @@ -117,7 +117,7 @@ def snyk_constraints_satisfied(snyk_constraint, version): return True -def gitlab_constraints_satisfied(gitlab_constrain, version): +def gitlab_constraints_satisfied(gitlab_constraint, version): """ Return True or False depending on whether the given version satisfies the gitlab constraint For example: @@ -128,7 +128,7 @@ def gitlab_constraints_satisfied(gitlab_constrain, version): >>> assert gitlab_constraints_satisfied( ">=1.5,<1.5.2", "2.2") == False """ - gitlab_constraints = gitlab_constrain.strip() + gitlab_constraints = gitlab_constraint.strip() if gitlab_constraints.startswith(("[", "(")): # transform "[7.0.0,7.0.11),[7.2.0,7.2.4)" -> [ "[7.0.0,7.0.11)", "[7.2.0,7.2.4)" ] splitted = gitlab_constraints.split(",") @@ -144,10 +144,10 @@ def gitlab_constraints_satisfied(gitlab_constrain, version): for constraint in constraints: is_constraint_satisfied = True - for subcontraint in constraint.strip().split(delimiter): - if not subcontraint: + for subconstraint in constraint.strip().split(delimiter): + if not subconstraint: continue - gitlab_comparator, gitlab_version = parse_constraint(subcontraint.strip()) + gitlab_comparator, gitlab_version = parse_constraint(subconstraint.strip()) if not gitlab_version: continue if not compare(