-
Notifications
You must be signed in to change notification settings - Fork 456
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add -e --exclude arument for excluding path #876
Conversation
Codecov Report
@@ Coverage Diff @@
## master #876 +/- ##
==========================================
+ Coverage 84.70% 86.96% +2.25%
==========================================
Files 167 167
Lines 2765 2784 +19
Branches 298 302 +4
==========================================
+ Hits 2342 2421 +79
+ Misses 344 292 -52
+ Partials 79 71 -8
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks like it's heading in the right direction, but I'd like to have some tests for it before we merge anything.
What kind of tests does this argument require? |
You need to add tests in |
cve_bin_tool/util.py
Outdated
@@ -150,6 +150,9 @@ def walk(self, roots=None): | |||
for i in filenames | |||
if self.pattern_match(i, self.pattern) | |||
and not self.pattern_match(i, self.file_exclude_pattern) | |||
and not self.directory_pattern( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are we still using directory_pattern? Is fix mentioned by me in previous PR not working?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are we still using directory_pattern? Is fix mentioned by me in the previous PR not working?
It wasn't working because there was not an *
after the path which is to be excluded. It may contain any no. of the path. So, I thought it will be better just to match the string beginning. It won't work otherwise. fnmatch takes a regex type of input. If we were to exclude /home/temp/ in a directory /home/ .
We will have to append /home/temp/ with an *
. So, that it will work for all the sub-dir as well as files inside that dir
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes we can easily append that by checking
if not string.endswith("*"):
string += "*"
If you use fnmatch user can specify path like /home/temp/*.jpg
this will only ignore jpg instead of whole directory. There are also other regex patterns supported by fnmatch.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Niraj-Kamdar Check now
8475f2b
to
e4f6a44
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall it looks good just couple of small changes.
cve_bin_tool/util.py
Outdated
if self.pattern_match(i, self.pattern) | ||
and not self.pattern_match(i, self.file_exclude_pattern) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's also replace i with os.path.join(dirpath, i) here and dirnames also because It was a bug in actual code.
It would be good if you rename this i variable to something useful like filename and dirname.
cve_bin_tool/cli.py
Outdated
if args["exclude"]: | ||
version_scanner = VersionScanner( | ||
should_extract=args["extract"], | ||
exclude_folders=args["exclude"], | ||
error_mode=error_mode, | ||
) | ||
else: | ||
version_scanner = VersionScanner( | ||
should_extract=args["extract"], error_mode=error_mode | ||
) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You don't need to add if...else... here, since by default it will be an empty list which is valid.
cve_bin_tool/version_scanner.py
Outdated
self.exclude_folders = exclude_folders | ||
self.walker = DirWalk( | ||
folder_exclude_pattern="".join( | ||
[exclude + "*;" for exclude in exclude_folders] | ||
) | ||
).walk |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
self.exclude_folders = exclude_folders
self.exclude_folder.append(".git")
self.walker = DirWalk(
folder_exclude_pattern=";".join(exclude if exclude.endswith("*") else exclude + "*" in exclude_folders)
).walk
Here we should include ".git" by default and we have to check if "*" doesn't exist in the end because if it exist there will be two stars at the end.
test/test_cli.py
Outdated
""" Test that the exclude paths are not scanned """ | ||
test_path = os.path.abspath(os.path.dirname(__file__)) | ||
exclude_path = os.path.join(test_path, "assets/") | ||
checkers = ["curl", "libcurl", "kerberos", "kerberos_5"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You have to check that scanner isn't detecting any checker when we exclude a path.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can get list of all checkers from VersionScanner class
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did all the changes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Have you forgotten to push?
cve_bin_tool/util.py
Outdated
if self.pattern_match(dirname, self.folder_include_pattern) | ||
and not self.pattern_match(dirname, self.folder_exclude_pattern) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You need to join path here also os.path.join(dirpath, dirname)
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome looks nice. Thanks for this again.
Thank you! You have been very helpful and guiding. |
Thank you! Sorry it took a little bit to get the final merge in. |
Your welcome. It's okay, not an issue! |
Closes #819
In reference to: #874
@Niraj-Kamdar