diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0720c29c..56e9bf74 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -17,7 +17,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' #on: [ push, pull_request ] jobs: diff --git a/.github/workflows/regression-test-404.yml b/.github/workflows/regression-test-404.yml index 9f0bfdf4..f5e0023d 100644 --- a/.github/workflows/regression-test-404.yml +++ b/.github/workflows/regression-test-404.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-a11y-statement.yml b/.github/workflows/regression-test-a11y-statement.yml index 8ab1a5f7..212ed9bb 100644 --- a/.github/workflows/regression-test-a11y-statement.yml +++ b/.github/workflows/regression-test-a11y-statement.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-css.yml b/.github/workflows/regression-test-css.yml index 128206bf..9527b574 100644 --- a/.github/workflows/regression-test-css.yml +++ b/.github/workflows/regression-test-css.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-email.yml b/.github/workflows/regression-test-email.yml index a87495e1..108dbdcd 100644 --- a/.github/workflows/regression-test-email.yml +++ b/.github/workflows/regression-test-email.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-google-lighthouse-based.yml b/.github/workflows/regression-test-google-lighthouse-based.yml index 6a06f3a8..3788fe9e 100644 --- a/.github/workflows/regression-test-google-lighthouse-based.yml +++ b/.github/workflows/regression-test-google-lighthouse-based.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-html.yml b/.github/workflows/regression-test-html.yml index 81999712..d9e779f4 100644 --- a/.github/workflows/regression-test-html.yml +++ b/.github/workflows/regression-test-html.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-http.yml b/.github/workflows/regression-test-http.yml index e3eb873e..43ae0a52 100644 --- a/.github/workflows/regression-test-http.yml +++ b/.github/workflows/regression-test-http.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-pa11y.yml b/.github/workflows/regression-test-pa11y.yml index ed33524b..138ba23f 100644 --- a/.github/workflows/regression-test-pa11y.yml +++ b/.github/workflows/regression-test-pa11y.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-sitespeed.yml b/.github/workflows/regression-test-sitespeed.yml index 86841675..30826941 100644 --- a/.github/workflows/regression-test-sitespeed.yml +++ b/.github/workflows/regression-test-sitespeed.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-standard-files.yml b/.github/workflows/regression-test-standard-files.yml index 1e55f328..3f480b00 100644 --- a/.github/workflows/regression-test-standard-files.yml +++ b/.github/workflows/regression-test-standard-files.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-tracking.yml b/.github/workflows/regression-test-tracking.yml index 9c93ac07..c3894e1b 100644 --- a/.github/workflows/regression-test-tracking.yml +++ b/.github/workflows/regression-test-tracking.yml @@ -11,7 +11,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-translations.yml b/.github/workflows/regression-test-translations.yml index 820ae3dc..ec97a907 100644 --- a/.github/workflows/regression-test-translations.yml +++ b/.github/workflows/regression-test-translations.yml @@ -6,7 +6,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-webbkoll.yml b/.github/workflows/regression-test-webbkoll.yml index 17a31555..27434dff 100644 --- a/.github/workflows/regression-test-webbkoll.yml +++ b/.github/workflows/regression-test-webbkoll.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/regression-test-ylt.yml b/.github/workflows/regression-test-ylt.yml index 4ddc9ba5..3862d6fd 100644 --- a/.github/workflows/regression-test-ylt.yml +++ b/.github/workflows/regression-test-ylt.yml @@ -7,7 +7,7 @@ on: - 'software-full.json' - 'software-sources.json' - '**update-software.yml' - - '**update_software.py' + - 'update_software.py' - '**software-rules.json' - 'Dockerfile' - '**regression-test-docker-image.yml' diff --git a/.github/workflows/update-software.yml b/.github/workflows/update-software.yml index c8b9d943..b4d2f564 100644 --- a/.github/workflows/update-software.yml +++ b/.github/workflows/update-software.yml @@ -10,7 +10,7 @@ on: # - 'software-sources.json' # - '**update-software.yml' # - '**verify_result.py' - # - '**update_software.py' + # - 'update_software.py' # - '**software-rules.json' jobs: build: @@ -41,7 +41,7 @@ jobs: sparse-checkout: | advisories - name: Verifing Software(s) - run: python tools\update_software.py + run: python update_software.py - name: Create pull request uses: peter-evans/create-pull-request@v6 with: diff --git a/docs/tests/software.md b/docs/tests/software.md index 51010f4a..6e900df0 100644 --- a/docs/tests/software.md +++ b/docs/tests/software.md @@ -170,4 +170,4 @@ Fork https://github.com/github/advisory-database and set `software_github_adadvi Make sure you add a valid GitHub API key in your `config.py`. -run `tools/update_software.py` +run `update_software.py` diff --git a/tools/update_software.py b/update_software.py similarity index 95% rename from tools/update_software.py rename to update_software.py index 29256109..ea621255 100644 --- a/tools/update_software.py +++ b/update_software.py @@ -7,72 +7,10 @@ import re import os import packaging.version +from tests.utils import get_config_or_default, get_http_content CONFIG_WARNINGS = {} -def get_config_or_default(name): - """ - Retrieves the configuration value for a given name from the configuration file. - If the name does not exist in the configuration file, - it attempts to retrieve it from the defaults.config.py file. - - Parameters: - name (str): The name of the configuration value to retrieve. - - Returns: - The configuration value associated with the given name. - - Raises: - ValueError: If the name does not exist in both the configuration file and - the defaults.config.py file. - - Notes: - - If the name exists in the defaults.config.py file but not in the configuration file, - a warning message is printed. - - If the name does not exist in both files, - a fatal error message is printed and a ValueError is raised. - """ - # Try get config from our configuration file - value = get_config_from_module(name, 'config') - if value is not None: - return value - - name = name.upper() - value = get_config_from_module(name, 'config') - if value is not None: - return value - - # do we have fallback value we can use in our defaults/config.py file? - value = get_config_from_module(name, 'defaults.config') - if value is not None: - if name not in CONFIG_WARNINGS: - CONFIG_WARNINGS[name] = True - return value - - return None - -def get_config_from_module(config_name, module_name): - """ - Retrieves the configuration value for a given name from the specified module file. - - Parameters: - config_name (str): The name of the configuration value to retrieve. - module_name (str): The name of the module the values should be retrieved from. - - Returns: - The configuration value associated with the given config_name and module_name. - """ - # do we have fallback value we can use in our defaults/config.py file? - try: - from importlib import import_module # pylint: disable=import-outside-toplevel - tmp_config = import_module(module_name) # pylint: disable=invalid-name - if hasattr(tmp_config, config_name): - return getattr(tmp_config, config_name) - except ModuleNotFoundError: - _ = 1 - - return None - try: github_adadvisory_database_path = get_config_or_default( 'SOFTWARE_GITHUB_ADADVISORY_DATABASE_PATH') @@ -306,9 +244,12 @@ def extend_versions_for_nginx(versions): lversion_specificity = len(lversion.release) - if lversion_specificity == 3 and lversion_specificity == len(lsafe_version.release): + if lversion_specificity == 3 and\ + lversion_specificity == len(lsafe_version.release): # is same branch and is equal or greater then safe (fixed) version? - if lversion.release[0] == lsafe_version.release[0] and lversion.release[1] == lsafe_version.release[1] and lversion.release[2] >= lsafe_version.release[2]: + if lversion.release[0] == lsafe_version.release[0] and\ + lversion.release[1] == lsafe_version.release[1] and\ + lversion.release[2] >= lsafe_version.release[2]: is_match = False if is_match: