Ubuntu CVE Tracker

Merge ~alexmurray/ubuntu-cve-tracker:fix-pyright-warnings-in-check-cves into ubuntu-cve-tracker:master

  1. Git
  2. lp:~alexmurray/ubuntu-cve-tracker
  3. fix-pyright-warnings-in-check-cves
  4. Merge into master
Proposed by Alex Murray
Status: Merged
Merged at revision: 9ede61eeb5252dfdeea967aac5d56debd84c78f0
Proposed branch: ~alexmurray/ubuntu-cve-tracker:fix-pyright-warnings-in-check-cves
Merge into: ubuntu-cve-tracker:master
Diff against target: 110 lines (+13/-10)
1 file modified
scripts/check-cves (+13/-10)
Reviewer Review Type Date Requested Status
Steve Beattie Approve
Review via email: mp+462558@code.launchpad.net

This proposal supersedes a proposal from 2024-03-18.

Description of the change

    scripts/check-cves: fix a bunch of pyright warnings

    Before:

    ± pyright scripts/check-cves
    /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:211:32 - error: Object of type "str" is not callable (reportCallIssue)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:252:37 - error: Operator "+" not supported for types "str | Unknown | list[str | Unknown] | list[Unknown]" and "Literal['/data/DSA/list']"
        Operator "+" not supported for types "list[str | Unknown]" and "Literal['/data/DSA/list']"
        Operator "+" not supported for types "list[Unknown]" and "Literal['/data/DSA/list']" (reportOperatorIssue)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:326:32 - error: Argument of type "(cve: Unknown) -> Unknown" cannot be assigned to parameter "desc" of type "str" in function "convert_to_nvd"
        "function" is incompatible with "str" (reportArgumentType)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:414:32 - error: Argument of type "(cve: Unknown) -> Unknown" cannot be assigned to parameter "desc" of type "str" in function "convert_to_nvd"
        "function" is incompatible with "str" (reportArgumentType)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:497:32 - error: Argument of type "(c: Unknown) -> str" cannot be assigned to parameter "desc" of type "str" in function "convert_to_nvd"
        "function" is incompatible with "str" (reportArgumentType)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:597:52 - error: Operator "+" not supported for types "str | Unknown | list[str | Unknown] | list[Unknown]" and "Literal['/data/CVE/list']"
        Operator "+" not supported for types "list[str | Unknown]" and "Literal['/data/CVE/list']"
        Operator "+" not supported for types "list[Unknown]" and "Literal['/data/CVE/list']" (reportOperatorIssue)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:780:49 - error: Operator "not in" not supported for types "Literal['Previously triaged as ignored in Ubuntu\n\n']" and "str | None"
        Operator "not in" not supported for types "Literal['Previously triaged as ignored in Ubuntu\n\n']" and "None" (reportOperatorIssue)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:786:30 - error: "split" is not a known member of "None" (reportOptionalMemberAccess)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:791:27 - error: "find" is not a known member of "None" (reportOptionalMemberAccess)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:791:59 - error: "find" is not a known member of "None" (reportOptionalMemberAccess)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:1474:20 - error: "_exceptions" is not a known member of module "xml.sax" (reportAttributeAccessIssue)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:1622:39 - error: Argument of type "_TemporaryFileWrapper[str] | TextIO" cannot be assigned to parameter "file" of type "TextIO" in function "display_cve"
        Type "_TemporaryFileWrapper[str] | TextIO" cannot be assigned to type "TextIO"
          "_TemporaryFileWrapper[str]" is incompatible with "TextIO" (reportArgumentType)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:1631:39 - error: Argument of type "_TemporaryFileWrapper[str] | TextIO" cannot be assigned to parameter "file" of type "TextIO" in function "display_cve"
        Type "_TemporaryFileWrapper[str] | TextIO" cannot be assigned to type "TextIO"
          "_TemporaryFileWrapper[str]" is incompatible with "TextIO" (reportArgumentType)
    13 errors, 0 warnings, 0 informations

    After:

    ± pyright scripts/check-cves
    /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:253:37 - error: Operator "+" not supported for types "str | Unknown | list[str | Unknown] | list[Unknown]" and "Literal['/data/DSA/list']"
        Operator "+" not supported for types "list[str | Unknown]" and "Literal['/data/DSA/list']"
        Operator "+" not supported for types "list[Unknown]" and "Literal['/data/DSA/list']" (reportOperatorIssue)
      /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:598:52 - error: Operator "+" not supported for types "str | Unknown | list[str | Unknown] | list[Unknown]" and "Literal['/data/CVE/list']"
        Operator "+" not supported for types "list[str | Unknown]" and "Literal['/data/CVE/list']"
        Operator "+" not supported for types "list[Unknown]" and "Literal['/data/CVE/list']" (reportOperatorIssue)
    2 errors, 0 warnings, 0 informations

    Signed-off-by: Alex Murray <email address hidden>

To post a comment you must log in.
Revision history for this message
Steve Beattie (sbeattie) wrote :
Download full text (5.7 KiB)

 review approve

On Mon, Mar 18, 2024 at 01:26:18AM -0000, Alex Murray wrote:
> scripts/check-cves: fix a bunch of pyright warnings
>
> Before:
>
> ± pyright scripts/check-cves
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:211:32 - error: Object of type "str" is not callable (reportCallIssue)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:252:37 - error: Operator "+" not supported for types "str | Unknown | list[str | Unknown] | list[Unknown]" and "Literal['/data/DSA/list']"
> Operator "+" not supported for types "list[str | Unknown]" and "Literal['/data/DSA/list']"
> Operator "+" not supported for types "list[Unknown]" and "Literal['/data/DSA/list']" (reportOperatorIssue)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:326:32 - error: Argument of type "(cve: Unknown) -> Unknown" cannot be assigned to parameter "desc" of type "str" in function "convert_to_nvd"
> "function" is incompatible with "str" (reportArgumentType)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:414:32 - error: Argument of type "(cve: Unknown) -> Unknown" cannot be assigned to parameter "desc" of type "str" in function "convert_to_nvd"
> "function" is incompatible with "str" (reportArgumentType)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:497:32 - error: Argument of type "(c: Unknown) -> str" cannot be assigned to parameter "desc" of type "str" in function "convert_to_nvd"
> "function" is incompatible with "str" (reportArgumentType)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:597:52 - error: Operator "+" not supported for types "str | Unknown | list[str | Unknown] | list[Unknown]" and "Literal['/data/CVE/list']"
> Operator "+" not supported for types "list[str | Unknown]" and "Literal['/data/CVE/list']"
> Operator "+" not supported for types "list[Unknown]" and "Literal['/data/CVE/list']" (reportOperatorIssue)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:780:49 - error: Operator "not in" not supported for types "Literal['Previously triaged as ignored in Ubuntu\n\n']" and "str | None"
> Operator "not in" not supported for types "Literal['Previously triaged as ignored in Ubuntu\n\n']" and "None" (reportOperatorIssue)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:786:30 - error: "split" is not a known member of "None" (reportOptionalMemberAccess)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:791:27 - error: "find" is not a known member of "None" (reportOptionalMemberAccess)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:791:59 - error: "find" is not a known member of "None" (reportOptionalMemberAccess)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:1474:20 - error: "_exceptions" is not a known member of module "xml.sax" (reportAttributeAccessIssue)
> /home/amurray/ubuntu/git/ubuntu-cve-tracker/scripts/check-cves:1622:39 - error: Argument of type "_Temporar...

Read more...

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/scripts/check-cves b/scripts/check-cves
index e5cf20f..940d2d1 100755
--- a/scripts/check-cves
+++ b/scripts/check-cves
@@ -16,6 +16,7 @@
1616
1717
18from datetime import datetime, timezone, date as datetime_date18from datetime import datetime, timezone, date as datetime_date
19import typing
19import json20import json
20import math21import math
21import argparse22import argparse
@@ -183,7 +184,7 @@ class PercentageFile(object):
183 return self.f.close()184 return self.f.close()
184185
185186
186def convert_to_nvd(cves=[], desc=""):187def convert_to_nvd(cves=[], desc=lambda _: ""):
187 # convert to nvd format dict (like nvd json)188 # convert to nvd format dict (like nvd json)
188 nvd = {"CVE_data_type": "CVE",189 nvd = {"CVE_data_type": "CVE",
189 "CVE_data_format": "MITRE",190 "CVE_data_format": "MITRE",
@@ -335,7 +336,7 @@ def import_debian(handler):
335class RHEL8OVALHandler(xml.sax.handler.ContentHandler):336class RHEL8OVALHandler(xml.sax.handler.ContentHandler):
336 """SAX handler for processing rhel8 OVAL XML."""337 """SAX handler for processing rhel8 OVAL XML."""
337338
338 def __init__(self, ignore=[]):339 def __init__(self):
339 # For per-hit processing340 # For per-hit processing
340 self._curr_vuln = None341 self._curr_vuln = None
341 self._curr_cve = None342 self._curr_cve = None
@@ -513,7 +514,7 @@ def read_mbox_file(f):
513 sys.exit(1)514 sys.exit(1)
514515
515 child = subprocess.Popen(['./scripts/locate_cves.py', f], stdout=subprocess.PIPE, universal_newlines=True)516 child = subprocess.Popen(['./scripts/locate_cves.py', f], stdout=subprocess.PIPE, universal_newlines=True)
516 out, err = child.communicate()517 out, _ = child.communicate()
517518
518 tmp = tempfile.NamedTemporaryFile(mode='w', prefix='mbox-import_', suffix='.out', delete=False)519 tmp = tempfile.NamedTemporaryFile(mode='w', prefix='mbox-import_', suffix='.out', delete=False)
519 tmpname = tmp.name520 tmpname = tmp.name
@@ -675,7 +676,7 @@ class CVEHandler(xml.sax.handler.ContentHandler):
675 try:676 try:
676 for ref in cve["references"]["reference_data"]:677 for ref in cve["references"]["reference_data"]:
677 self.curr_refs += [(ref["refsource"], ref["name"], ref["url"])]678 self.curr_refs += [(ref["refsource"], ref["name"], ref["url"])]
678 except:679 except Exception:
679 pass680 pass
680681
681 # find an english description682 # find an english description
@@ -776,6 +777,8 @@ class CVEHandler(xml.sax.handler.ContentHandler):
776 self.curr_refs += [(self.curr_source, self.curr_chars, self.curr_url)]777 self.curr_refs += [(self.curr_source, self.curr_chars, self.curr_url)]
777778
778 def handle_cve(self):779 def handle_cve(self):
780 if not self.curr_cve or not self.curr_desc:
781 return
779 # Skip CVEs we know about already unless this is a mistriaged CVE782 # Skip CVEs we know about already unless this is a mistriaged CVE
780 if self.curr_cve in self.cve_ignore and mistriaged_hint not in self.curr_desc:783 if self.curr_cve in self.cve_ignore and mistriaged_hint not in self.curr_desc:
781 return784 return
@@ -842,7 +845,7 @@ class CVEHandler(xml.sax.handler.ContentHandler):
842845
843 return external_subprojects846 return external_subprojects
844847
845 def display_cve(self, cve, file=sys.stdout, line_prefix=None, wrap_desc=False):848 def display_cve(self, cve, file: typing.IO=sys.stdout, line_prefix=None, wrap_desc=False):
846 class CVEOutput:849 class CVEOutput:
847 def __init__(self, file, line_prefix=None):850 def __init__(self, file, line_prefix=None):
848 self.file = file851 self.file = file
@@ -904,7 +907,7 @@ class CVEHandler(xml.sax.handler.ContentHandler):
904 print(f' Ubuntu: {pkg} | {answer[name][pkg]} | {name}')907 print(f' Ubuntu: {pkg} | {answer[name][pkg]} | {name}')
905 # no debian info, display possible commented ignore command when908 # no debian info, display possible commented ignore command when
906 # using command file (i.e. wrap_desc is true)909 # using command file (i.e. wrap_desc is true)
907 if (self.debian[cve]['state'] == 'RESERVED' or self.debian[cve]['state'] == None) and wrap_desc:910 if (self.debian[cve]['state'] == 'RESERVED' or self.debian[cve]['state'] is None) and wrap_desc:
908 proposed_ignore = self.ignore_suggestion.get_ignore_suggestion(self.cve_data[cve]['desc'])911 proposed_ignore = self.ignore_suggestion.get_ignore_suggestion(self.cve_data[cve]['desc'])
909 print(f'{cve} ignore "{proposed_ignore}"')912 print(f'{cve} ignore "{proposed_ignore}"')
910 # debian rejected, so offer to reject by ignoring when using command file (i.e. wrap_desc is true)913 # debian rejected, so offer to reject by ignoring when using command file (i.e. wrap_desc is true)
@@ -1009,7 +1012,7 @@ class CVEHandler(xml.sax.handler.ContentHandler):
10091012
1010 def human_process_cve(self, cve, action='skip', reason='', package=''):1013 def human_process_cve(self, cve, action='skip', reason='', package=''):
1011 info = ''1014 info = ''
1012 while info == "" or not info[0] in ['i', 'a', 's', 'q', 'r']:1015 while info == "" or info[0] not in ['i', 'a', 's', 'q', 'r']:
1013 prompt_user(f'\nA]dd (or R]epeat), I]gnore forever, S]kip for now, or Q]uit? [{action}] ')1016 prompt_user(f'\nA]dd (or R]epeat), I]gnore forever, S]kip for now, or Q]uit? [{action}] ')
1014 info = sys.stdin.readline().strip().lower()1017 info = sys.stdin.readline().strip().lower()
1015 if info == "":1018 if info == "":
@@ -1140,7 +1143,7 @@ class CVEHandler(xml.sax.handler.ContentHandler):
1140 except IndexError:1143 except IndexError:
1141 raise ValueError(f'Invalid add command on line {line_num}:\n{orig_line}')1144 raise ValueError(f'Invalid add command on line {line_num}:\n{orig_line}')
11421145
1143 if not priority in cve_lib.priorities and not priority == 'untriaged':1146 if priority not in cve_lib.priorities and not priority == 'untriaged':
1144 raise ValueError(f'Invalid priority on line {line_num}:\n{orig_line}')1147 raise ValueError(f'Invalid priority on line {line_num}:\n{orig_line}')
11451148
1146 if os.path.exists(f'{destdir}/active/{cve}'):1149 if os.path.exists(f'{destdir}/active/{cve}'):
@@ -1471,7 +1474,7 @@ for uri in args.uris:
1471 handler.parse_json(readable)1474 handler.parse_json(readable)
1472 else:1475 else:
1473 parser.parse(readable)1476 parser.parse(readable)
1474 except xml.sax._exceptions.SAXParseException as e:1477 except xml.sax.SAXParseException as e:
1475 print(f"\n\nWARNING: {uri} is malformed:\n{e}")1478 print(f"\n\nWARNING: {uri} is malformed:\n{e}")
1476 print("Aborting", file=sys.stderr)1479 print("Aborting", file=sys.stderr)
1477 sys.exit(1)1480 sys.exit(1)
@@ -1496,7 +1499,7 @@ def refresh_cves(cve_refresh_list, full_refresh=True):
1496 desc = _wrap_desc(handler.cve_data[cve]['desc'].strip())1499 desc = _wrap_desc(handler.cve_data[cve]['desc'].strip())
1497 public = handler.cve_data[cve]['public']1500 public = handler.cve_data[cve]['public']
1498 cvsss = handler.cve_data[cve]['cvss']1501 cvsss = handler.cve_data[cve]['cvss']
1499 except:1502 except Exception:
1500 if args.verbose:1503 if args.verbose:
1501 print(f'{cve} not listed in XML', file=sys.stderr)1504 print(f'{cve} not listed in XML', file=sys.stderr)
15021505

Subscribers

People subscribed via source and target branches