Source code for varats.provider.cve.cve_provider

"""Module for the :class:`CVEProvider`."""
import typing as tp
from typing import Protocol, runtime_checkable

from benchbuild.project import Project

from varats.project.project_util import get_local_project_repo
from varats.provider.cve.cve import CVE
from varats.provider.cve.cve_map import generate_cve_map, CVEDict
from varats.provider.provider import Provider
from varats.utils.git_util import FullCommitHash




[docs]
@runtime_checkable
class CVEProviderHook(Protocol):
    """
    Gives the :class:`CVEProvider` the necessary information how to find CVEs
    and CWEs for a project.

    This class should be inherited by projects.
    """



[docs]
    @classmethod
    def get_cve_product_info(cls) -> tp.List[tp.Tuple[str, str]]:
        """
        Get information on how to find CVEs for a project.

        Returns:
            a tuple ``(vendor, product)``
        """








[docs]
class CVEProvider(Provider):
    """Provides CVE and CWE information for a project."""

    def __init__(self, project: tp.Type[Project]) -> None:
        super().__init__(project)
        project_name = project.NAME
        if issubclass(project, CVEProviderHook):
            self.__cve_map: CVEDict = generate_cve_map(
                get_local_project_repo(project_name),
                project.get_cve_product_info()
            )
        else:
            raise ValueError(
                f"Project {project} does not implement "
                f"CVEProviderHook."
            )



[docs]
    @classmethod
    def create_provider_for_project(
        cls, project: tp.Type[Project]
    ) -> tp.Optional['CVEProvider']:
        if issubclass(project, CVEProviderHook):
            return CVEProvider(project)
        return None





[docs]
    @classmethod
    def create_default_provider(
        cls, project: tp.Type[Project]
    ) -> 'CVEProvider':
        return CVEDefaultProvider(project)





[docs]
    def get_revision_cve_tuples(
        self
    ) -> tp.Set[tp.Tuple[FullCommitHash, tp.FrozenSet[CVE]]]:
        """
        Get all CVEs associated with this provider's project along with the
        fixing commits/versions.

        Return:
            a set of tuples of commit hash and cves
        """
        return {(k, frozenset(v["cve"])) for k, v in self.__cve_map.items()}








[docs]
class CVEDefaultProvider(CVEProvider):
    """Default implementation of the :class:`CVE provider` for projects that do
    not (yet) support CVEs."""

    def __init__(self, project: tp.Type[Project]) -> None:
        # pylint: disable=E1003
        super(CVEProvider, self).__init__(project)



[docs]
    def get_revision_cve_tuples(
        self
    ) -> tp.Set[tp.Tuple[FullCommitHash, tp.FrozenSet[CVE]]]:
        return set()