Skip to content

Commit

Permalink
Allow querying by PURLs that have version numbers.
Browse files Browse the repository at this point in the history 
Part of #64.
  • Loading branch information
@oliverchang
oliverchang committed Feb 17, 2022
1 parent ebec939 commit 3a12f88
Show file tree
Hide file tree
Showing 4 changed files with 102 additions and 1 deletion.
9 changes: 9 additions & 0 deletions gcp/api/integration_tests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -435,6 +435,15 @@ def test_query_purl(self):
self.assert_results_equal({'vulns': [self._VULN_RUSTSEC_2020_0105]},
response.json())

response = requests.post(
_api() + '/v1/query',
data=json.dumps({'package': {
'purl': 'pkg:cargo/[email protected]',
}}))

self.assert_results_equal({'vulns': [self._VULN_RUSTSEC_2020_0105]},
response.json())


def print_logs(filename):
"""Print logs."""
Expand Down
63 changes: 63 additions & 0 deletions gcp/api/output
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
created virtual environment CPython3.9.2.final.0-64 in 143ms
creator CPython3Posix(dest=/usr/local/google/home/ochang/osv/gcp/api/ENV, clear=False, no_vcs_ignore=False, global=False)
seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=/root/.local/share/virtualenv)
added seed packages: PyYAML==5.4.1, cached_property==1.5.2, cachetools==4.2.1, certifi==2020.12.5, cffi==1.14.5, chardet==4.0.0, google_api_core==1.24.1, google_api_python_client==1.12.8, google_auth==1.24.0, google_auth_httplib2==0.0.4, google_cloud_core==1.5.0, google_cloud_datastore==1.15.3, google_cloud_logging==2.1.0, google_cloud_ndb==1.7.2, google_cloud_pubsub==2.2.0, google_cloud_storage==1.36.2, google_crc32c==1.1.2, google_resumable_media==1.2.0, googleapis_common_protos==1.53.0, grpc_google_iam_v1==0.12.3, grpcio==1.34.0, grpcio_tools==1.34.0, httplib2==0.19.1, idna==2.10, libcst==0.3.17, mypy_extensions==0.4.3, packaging==20.9, pip==20.1.1, pip==20.3.4, pkg_resources==0.0.0, proto_plus==1.18.1, protobuf==3.15.6, pyasn1==0.4.8, pyasn1_modules==0.2.8, pycparser==2.20, pygit2==1.4.0, pymemcache==3.4.1, pyparsing==2.4.7, pytz==2021.1, redis==3.5.3, requests==2.25.1, rsa==4.7.2, semver==2.13.0, setuptools==44.0.0, setuptools==44.1.1, six==1.15.0, typing_extensions==3.7.4.3, typing_inspect==0.6.0, uritemplate==3.0.1, urllib3==1.26.4, wheel==0.34.2
activators BashActivator,CShellActivator,FishActivator,PowerShellActivator,PythonActivator,XonshActivator
Requirement already satisfied: google-api-core==1.24.1 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 1)) (1.24.1)
Requirement already satisfied: google-api-python-client==1.12.8 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 2)) (1.12.8)
Requirement already satisfied: google-auth==1.24.0 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 3)) (1.24.0)
Requirement already satisfied: google-auth-httplib2==0.0.4 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 4)) (0.0.4)
Requirement already satisfied: google-cloud-core==1.5.0 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 5)) (1.5.0)
Requirement already satisfied: google-cloud-datastore==1.15.3 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 6)) (1.15.3)
Requirement already satisfied: google-cloud-logging==2.1.0 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 7)) (2.1.0)
Requirement already satisfied: google-cloud-ndb==1.7.2 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 8)) (1.7.2)
Requirement already satisfied: google-cloud-pubsub==2.2.0 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 9)) (2.2.0)
Requirement already satisfied: grpcio==1.34.0 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 10)) (1.34.0)
Requirement already satisfied: grpcio-tools==1.34.0 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 11)) (1.34.0)
Requirement already satisfied: packaging==20.9 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 12)) (20.9)
Requirement already satisfied: pygit2==1.4.0 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 13)) (1.4.0)
Requirement already satisfied: requests==2.25.1 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 14)) (2.25.1)
Requirement already satisfied: semver==2.13.0 in ./ENV/lib/python3.9/site-packages (from -r requirements.txt (line 15)) (2.13.0)
Requirement already satisfied: protobuf>=3.12.0 in ./ENV/lib/python3.9/site-packages (from google-api-core==1.24.1->-r requirements.txt (line 1)) (3.15.6)
Requirement already satisfied: setuptools>=34.0.0 in ./ENV/lib/python3.9/site-packages (from google-api-core==1.24.1->-r requirements.txt (line 1)) (44.1.1)
Requirement already satisfied: six>=1.13.0 in ./ENV/lib/python3.9/site-packages (from google-api-core==1.24.1->-r requirements.txt (line 1)) (1.15.0)
Requirement already satisfied: googleapis-common-protos<2.0dev,>=1.6.0 in ./ENV/lib/python3.9/site-packages (from google-api-core==1.24.1->-r requirements.txt (line 1)) (1.53.0)
Requirement already satisfied: pytz in ./ENV/lib/python3.9/site-packages (from google-api-core==1.24.1->-r requirements.txt (line 1)) (2021.1)
Requirement already satisfied: httplib2<1dev,>=0.15.0 in ./ENV/lib/python3.9/site-packages (from google-api-python-client==1.12.8->-r requirements.txt (line 2)) (0.19.1)
Requirement already satisfied: uritemplate<4dev,>=3.0.0 in ./ENV/lib/python3.9/site-packages (from google-api-python-client==1.12.8->-r requirements.txt (line 2)) (3.0.1)
Requirement already satisfied: cachetools<5.0,>=2.0.0 in ./ENV/lib/python3.9/site-packages (from google-auth==1.24.0->-r requirements.txt (line 3)) (4.2.1)
Requirement already satisfied: pyasn1-modules>=0.2.1 in ./ENV/lib/python3.9/site-packages (from google-auth==1.24.0->-r requirements.txt (line 3)) (0.2.8)
Requirement already satisfied: rsa<5,>=3.1.4 in ./ENV/lib/python3.9/site-packages (from google-auth==1.24.0->-r requirements.txt (line 3)) (4.7.2)
Requirement already satisfied: proto-plus>=1.11.0 in ./ENV/lib/python3.9/site-packages (from google-cloud-logging==2.1.0->-r requirements.txt (line 7)) (1.18.1)
Requirement already satisfied: pymemcache in ./ENV/lib/python3.9/site-packages (from google-cloud-ndb==1.7.2->-r requirements.txt (line 8)) (3.4.1)
Requirement already satisfied: redis in ./ENV/lib/python3.9/site-packages (from google-cloud-ndb==1.7.2->-r requirements.txt (line 8)) (3.5.3)
Requirement already satisfied: grpc-google-iam-v1<0.13dev,>=0.12.3 in ./ENV/lib/python3.9/site-packages (from google-cloud-pubsub==2.2.0->-r requirements.txt (line 9)) (0.12.3)
Requirement already satisfied: libcst>=0.3.10 in ./ENV/lib/python3.9/site-packages (from google-cloud-pubsub==2.2.0->-r requirements.txt (line 9)) (0.3.17)
Requirement already satisfied: pyparsing>=2.0.2 in ./ENV/lib/python3.9/site-packages (from packaging==20.9->-r requirements.txt (line 12)) (2.4.7)
Requirement already satisfied: cached-property in ./ENV/lib/python3.9/site-packages (from pygit2==1.4.0->-r requirements.txt (line 13)) (1.5.2)
Requirement already satisfied: cffi>=1.4.0 in ./ENV/lib/python3.9/site-packages (from pygit2==1.4.0->-r requirements.txt (line 13)) (1.14.5)
Requirement already satisfied: certifi>=2017.4.17 in ./ENV/lib/python3.9/site-packages (from requests==2.25.1->-r requirements.txt (line 14)) (2020.12.5)
Requirement already satisfied: chardet<5,>=3.0.2 in ./ENV/lib/python3.9/site-packages (from requests==2.25.1->-r requirements.txt (line 14)) (4.0.0)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in ./ENV/lib/python3.9/site-packages (from requests==2.25.1->-r requirements.txt (line 14)) (1.26.4)
Requirement already satisfied: idna<3,>=2.5 in ./ENV/lib/python3.9/site-packages (from requests==2.25.1->-r requirements.txt (line 14)) (2.10)
Requirement already satisfied: pycparser in ./ENV/lib/python3.9/site-packages (from cffi>=1.4.0->pygit2==1.4.0->-r requirements.txt (line 13)) (2.20)
Requirement already satisfied: pyyaml>=5.2 in ./ENV/lib/python3.9/site-packages (from libcst>=0.3.10->google-cloud-pubsub==2.2.0->-r requirements.txt (line 9)) (5.4.1)
Requirement already satisfied: typing-inspect>=0.4.0 in ./ENV/lib/python3.9/site-packages (from libcst>=0.3.10->google-cloud-pubsub==2.2.0->-r requirements.txt (line 9)) (0.6.0)
Requirement already satisfied: typing-extensions>=3.7.4.2 in ./ENV/lib/python3.9/site-packages (from libcst>=0.3.10->google-cloud-pubsub==2.2.0->-r requirements.txt (line 9)) (3.7.4.3)
Requirement already satisfied: pyasn1<0.5.0,>=0.4.6 in ./ENV/lib/python3.9/site-packages (from pyasn1-modules>=0.2.1->google-auth==1.24.0->-r requirements.txt (line 3)) (0.4.8)
Requirement already satisfied: mypy-extensions>=0.3.0 in ./ENV/lib/python3.9/site-packages (from typing-inspect>=0.4.0->libcst>=0.3.10->google-cloud-pubsub==2.2.0->-r requirements.txt (line 9)) (0.4.3)
2: Pulling from endpoints-release/endpoints-runtime
Digest: sha256:36673a883709ead1406eb99a2dfc9fff660df4f040841ba97e36009cb0ed1893
Status: Image is up to date for gcr.io/endpoints-release/endpoints-runtime:2
gcr.io/endpoints-release/endpoints-runtime:2
.....
----------------------------------------------------------------------
Ran 5 tests in 11.809s

OK
esp.log:
docker: Error response from daemon: Conflict. The container name "/esp" is already in use by container "ab29fd926fabe753f3832ebc2ea7fe087768b2ebaa9bd7c1f193e7849eda3474". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.

backend.log:

1 change: 1 addition & 0 deletions gcp/api/requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ google-cloud-ndb==1.7.2
google-cloud-pubsub==2.2.0
grpcio==1.34.0
grpcio-tools==1.34.0
packageurl-python==0.9.9
packaging==20.9
pygit2==1.4.0
requests==2.25.1
Expand Down
30 changes: 29 additions & 1 deletion gcp/api/server.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@

from google.cloud import ndb
import grpc
from packageurl import PackageURL

import osv
from osv import ecosystems
Expand Down Expand Up @@ -81,10 +82,27 @@ def QueryAffected(self, request, context):
else:
package_name = ''
ecosystem = ''
purl = ''
purl = None

purl_version = None
if purl:
try:
parsed_purl = PackageURL.from_string(purl)
purl_version = parsed_purl.version
purl = _clean_purl(parsed_purl).to_string()
except ValueError:
context.abort(grpc.StatusCode.INVALID_ARGUMENT, 'Invalid Package URL.')
return None

if request.query.WhichOneof('param') == 'commit':
bugs = query_by_commit(request.query.commit, to_response=bug_to_response)
elif purl and purl_version:
bugs = query_by_version(
package_name,
ecosystem,
purl,
purl_version,
to_response=bug_to_response)
elif request.query.WhichOneof('param') == 'version':
bugs = query_by_version(
package_name,
Expand All @@ -94,6 +112,7 @@ def QueryAffected(self, request, context):
to_response=bug_to_response)
else:
context.abort(grpc.StatusCode.INVALID_ARGUMENT, 'Invalid query.')
return None

return osv_service_v1_pb2.VulnerabilityList(vulns=bugs)

Expand Down Expand Up @@ -123,6 +142,15 @@ def _get_bugs(bug_ids, to_response=bug_to_response):
]


def _clean_purl(purl):
"""Clean a purl object."""
values = purl.to_dict()
values.pop('version', None)
values.pop('subpath', None)
values.pop('qualifiers', None)
return PackageURL(**values)


def query_by_commit(commit, to_response=bug_to_response):
"""Query by commit."""
query = osv.AffectedCommit.query(osv.AffectedCommit.commit == commit,
Expand Down

0 comments on commit 3a12f88

Please sign in to comment.