cve_bin_tool/output_engine/threats.py

# Copyright (C) 2021 Intel Corporation
# SPDX-License-Identifier: GPL-3.0-or-later

import os
from typing import Dict, List, Union


from ..merge import MergeReports

from ..log import LOGGER
from ..util import CVEData, ProductInfo


def output_threats(
    all_cve_data: Dict[ProductInfo, CVEData],
    scanned_dir: str,
    filename: str,
    theme_dir: str,
    total_files: int,
    products_with_cve: int,
    products_without_cve: int,
    merge_report: Union[None, MergeReports],
    logger: LOGGER,
    outfile,
):
    """Returns a THREATS.md report including depedencies found"""
    from pprint import pprint
    pprint(locals())

    import textwrap
    outfile.write(
        textwrap.dedent(
            f"""
            # Threat Model
            """
        )
    )

    # ------------------ BEGIN MERMAID OUTPUT ------------------
    outfile.write(
        textwrap.dedent(
            """

            ```mermaid
            """
        )
    )

    # Write out the mermaid diagram
    import sys
    import asyncio
    import contextlib
    import dffml
    import dffml.cli.dataflow


    # TODO Check if dataflow extra is installed. Build dataflows from scan
    # results. Generate mermaid daigrams from flows.
    import cve_bin_tool.scanners.dataflow

    # The overlayed keyword arguements of fields within to be created
    field_modifications = {
        "dataflow": {"default_factory": lambda: cve_bin_tool.scanners.dataflow.COLLECTOR_DATAFLOW},
        "simple": {"default": True},
        "stages": {"default_factory": lambda: [dffml.Stage.PROCESSING.value]},
    }
    # Create a derived class
    DiagramForMyDataFlow = dffml.cli.dataflow.Diagram.subclass(
        "DiagramForMyDataFlow", field_modifications,
    )
    print(DiagramForMyDataFlow)
    # <class 'dffml.util.cli.cmd.DiagramForMyDataFlow'>
    print(DiagramForMyDataFlow.CONFIG)
    # <class 'types.DiagramForMyDataFlowConfig'>
    with contextlib.redirect_stdout(outfile):
        asyncio.run(DiagramForMyDataFlow._main())


    outfile.write(
        textwrap.dedent(
            """
            ```
            """
        )
    )
    # ------------------ END MERMAID OUTPUT ------------------

    # ------------------ BEGIN OPEN ARCHITECTURE OUTPUT ------------------
    outfile.write(
        textwrap.dedent(
            f"""
            ```json
            """
        )
    )

    # Write out the mermaid diagram
    import sys
    import asyncio
    import contextlib
    import dffml
    import dffml.cli.dataflow
    import dffml.service.dev


    import dffml_config_yaml.configloader


    # TODO Check if dataflow extra is installed. Build dataflows from scan
    # results. Generate mermaid daigrams from flows.
    import cve_bin_tool.scanners.dataflow

    # The overlayed keyword arguements of fields within to be created
    field_modifications = {
        "export": {"default_factory": lambda: "cve_bin_tool.scanners.dataflow:COLLECTOR_DATAFLOW"},
        # "configloader": {"default_factory": lambda: dffml_config_yaml.configloader.YamlConfigLoader},
        "configloader": {"default_factory": lambda: dffml.JSONConfigLoader},
    }

    # Create a derived class
    ExportForMyDataFlow = dffml.service.dev.Export.subclass(
        "ExportForMyDataFlow", field_modifications,
    )
    print(ExportForMyDataFlow)
    # <class 'dffml.util.cli.cmd.ExportForMyDataFlow'>
    print(ExportForMyDataFlow.CONFIG)
    # <class 'types.ExportForMyDataFlowConfig'>
    import io
    a_out = io.StringIO()
    a_out.buffer = io.BytesIO()
    with contextlib.redirect_stdout(a_out):
        asyncio.run(ExportForMyDataFlow._main())

    import json
    outfile.write(json.dumps(json.loads(a_out.buffer.getvalue().decode()), indent=4))
    outfile.write(
        textwrap.dedent(
            """
            ```
            """
        )
    )
    # ------------------ END OPEN ARCHITECTURE OUTPUT ------------------