utils.secscan: linter fixes
This commit is contained in:
Jimmy Zelinskie
parent
e81926fcba
commit
1d59095460
3 changed files with 85 additions and 82 deletions
|
|
@ -1,98 +1,98 @@
|
||||||
# NOTE: This objects are used directly in the external-notification-data and vulnerability-service
|
# NOTE: This objects are used directly in the external-notification-data and vulnerability-service
|
||||||
# on the frontend, so be careful with changing their existing keys.
|
# on the frontend, so be careful with changing their existing keys.
|
||||||
PRIORITY_LEVELS = {
|
PRIORITY_LEVELS = {
|
||||||
'Unknown': {
|
'Unknown': {
|
||||||
'title': 'Unknown',
|
'title': 'Unknown',
|
||||||
'index': 6,
|
'index': 6,
|
||||||
'level': 'info',
|
'level': 'info',
|
||||||
'color': '#9B9B9B',
|
'color': '#9B9B9B',
|
||||||
'score': 0,
|
'score': 0,
|
||||||
|
|
||||||
'description': 'Unknown is either a security problem that has not been assigned ' +
|
'description': 'Unknown is either a security problem that has not been assigned to a priority' +
|
||||||
'to a priority yet or a priority that our system did not recognize',
|
' yet or a priority that our system did not recognize',
|
||||||
'banner_required': False
|
'banner_required': False
|
||||||
},
|
},
|
||||||
|
|
||||||
'Negligible': {
|
'Negligible': {
|
||||||
'title': 'Negligible',
|
'title': 'Negligible',
|
||||||
'index': 5,
|
'index': 5,
|
||||||
'level': 'info',
|
'level': 'info',
|
||||||
'color': '#9B9B9B',
|
'color': '#9B9B9B',
|
||||||
'score': 1,
|
'score': 1,
|
||||||
|
|
||||||
'description': 'Negligible is technically a security problem, but is only theoretical ' +
|
'description': 'Negligible is technically a security problem, but is only theoretical ' +
|
||||||
'in nature, requires a very special situation, has almost no install base, ' +
|
'in nature, requires a very special situation, has almost no install base, ' +
|
||||||
'or does no real damage.',
|
'or does no real damage.',
|
||||||
'banner_required': False
|
'banner_required': False
|
||||||
},
|
},
|
||||||
|
|
||||||
'Low': {
|
'Low': {
|
||||||
'title': 'Low',
|
'title': 'Low',
|
||||||
'index': 4,
|
'index': 4,
|
||||||
'level': 'warning',
|
'level': 'warning',
|
||||||
'color': '#F8CA1C',
|
'color': '#F8CA1C',
|
||||||
'score': 3,
|
'score': 3,
|
||||||
|
|
||||||
'description': 'Low is a security problem, but is hard to exploit due to environment, ' +
|
'description': 'Low is a security problem, but is hard to exploit due to environment, ' +
|
||||||
'requires a user-assisted attack, a small install base, or does very ' +
|
'requires a user-assisted attack, a small install base, or does very little' +
|
||||||
'little damage.',
|
' damage.',
|
||||||
'banner_required': False
|
'banner_required': False
|
||||||
},
|
},
|
||||||
|
|
||||||
'Medium': {
|
'Medium': {
|
||||||
'title': 'Medium',
|
'title': 'Medium',
|
||||||
'value': 'Medium',
|
'value': 'Medium',
|
||||||
'index': 3,
|
'index': 3,
|
||||||
'level': 'warning',
|
'level': 'warning',
|
||||||
'color': '#FCA657',
|
'color': '#FCA657',
|
||||||
'score': 6,
|
'score': 6,
|
||||||
|
|
||||||
'description': 'Medium is a real security problem, and is exploitable for many people. ' +
|
'description': 'Medium is a real security problem, and is exploitable for many people. ' +
|
||||||
'Includes network daemon denial of service attacks, cross-site scripting, ' +
|
'Includes network daemon denial of service attacks, cross-site scripting, and ' +
|
||||||
'and gaining user privileges.',
|
'gaining user privileges.',
|
||||||
'banner_required': False
|
'banner_required': False
|
||||||
},
|
},
|
||||||
|
|
||||||
'High': {
|
'High': {
|
||||||
'title': 'High',
|
'title': 'High',
|
||||||
'value': 'High',
|
'value': 'High',
|
||||||
'index': 2,
|
'index': 2,
|
||||||
'level': 'warning',
|
'level': 'warning',
|
||||||
'color': '#F77454',
|
'color': '#F77454',
|
||||||
'score': 9,
|
'score': 9,
|
||||||
|
|
||||||
'description': 'High is a real problem, exploitable for many people in a default installation. ' +
|
'description': 'High is a real problem, exploitable for many people in a default ' +
|
||||||
'Includes serious remote denial of services, local root privilege escalations, ' +
|
'installation. Includes serious remote denial of services, local root ' +
|
||||||
'or data loss.',
|
'privilege escalations, or data loss.',
|
||||||
'banner_required': False
|
'banner_required': False
|
||||||
},
|
},
|
||||||
|
|
||||||
'Critical': {
|
'Critical': {
|
||||||
'title': 'Critical',
|
'title': 'Critical',
|
||||||
'value': 'Critical',
|
'value': 'Critical',
|
||||||
'index': 1,
|
'index': 1,
|
||||||
'level': 'error',
|
'level': 'error',
|
||||||
'color': '#D64456',
|
'color': '#D64456',
|
||||||
'score': 10,
|
'score': 10,
|
||||||
|
|
||||||
'description': 'Critical is a world-burning problem, exploitable for nearly all people in ' +
|
'description': 'Critical is a world-burning problem, exploitable for nearly all people in ' +
|
||||||
'a installation of the package. Includes remote root privilege escalations, ' +
|
'a installation of the package. Includes remote root privilege escalations, ' +
|
||||||
'or massive data loss.',
|
'or massive data loss.',
|
||||||
'banner_required': False
|
'banner_required': False
|
||||||
},
|
},
|
||||||
|
|
||||||
'Defcon1': {
|
'Defcon1': {
|
||||||
'title': 'Defcon 1',
|
'title': 'Defcon 1',
|
||||||
'value': 'Defcon1',
|
'value': 'Defcon1',
|
||||||
'index': 0,
|
'index': 0,
|
||||||
'level': 'error',
|
'level': 'error',
|
||||||
'color': 'black',
|
'color': 'black',
|
||||||
'score': 11,
|
'score': 11,
|
||||||
|
|
||||||
'description': 'Defcon1 is a Critical problem which has been manually highlighted ' +
|
'description': 'Defcon1 is a Critical problem which has been manually highlighted by the Quay' +
|
||||||
'by the Quay team. It requires immediate attention.',
|
' team. It requires immediate attention.',
|
||||||
'banner_required': True
|
'banner_required': True
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,10 @@
|
||||||
import logging
|
import logging
|
||||||
import logging.config
|
import logging.config
|
||||||
|
|
||||||
import features
|
|
||||||
|
|
||||||
from collections import defaultdict
|
from collections import defaultdict
|
||||||
|
|
||||||
|
import features
|
||||||
|
|
||||||
from endpoints.notificationhelper import spawn_notification
|
from endpoints.notificationhelper import spawn_notification
|
||||||
from data.database import ExternalNotificationEvent, IMAGE_NOT_SCANNED_ENGINE_VERSION, Image
|
from data.database import ExternalNotificationEvent, IMAGE_NOT_SCANNED_ENGINE_VERSION, Image
|
||||||
from data.model.tag import filter_tags_have_repository_event, get_tags_for_image
|
from data.model.tag import filter_tags_have_repository_event, get_tags_for_image
|
||||||
|
|
@ -13,6 +13,7 @@ from util.secscan.api import (APIRequestFailure, AnalyzeLayerException, MissingP
|
||||||
InvalidLayerException, AnalyzeLayerRetryException)
|
InvalidLayerException, AnalyzeLayerRetryException)
|
||||||
from util.morecollections import AttrDict
|
from util.morecollections import AttrDict
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
import features
|
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
import features
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Reference in a new issue