macaron package
This module initializes the necessary components for the macaron package.
Subpackages
- macaron.code_analyzer package
- macaron.config package
- macaron.database package
- macaron.dependency_analyzer package
- macaron.malware_analyzer package
- macaron.output_reporter package
- macaron.parsers package
- macaron.policy_engine package
- macaron.repo_finder package
- macaron.slsa_analyzer package
- macaron.vsa package
Submodules
macaron.environment_variables module
Helper functions related to environment variables.
- macaron.environment_variables.get_patched_env(patch, _env=None)
Return a dictionary whose elements copied from
os.environ
and are updated according topatch
.This function does not modify
os.environ
.- Parameters:
patch (Mapping[str, str | None]) – A mapping (immutable) in which: - each key is an environment variable. - each value is the value to set to the corresponding environment variable. If value is
None
, the environment variable is “unset”._env (dict[str, str] | None) – The environment being updated. This is
None
by default, in which caseos.environ
is being updated.
- Returns:
The the dictionary contains the patched env variables.
- Return type:
macaron.errors module
This module contains error classes for Macaron.
- exception macaron.errors.InvalidExpectationError
Bases:
MacaronError
Happens when the provenance expectation is invalid.
- exception macaron.errors.ExpectationRuntimeError
Bases:
MacaronError
Happens if there are errors while validating the expectation against a target.
- exception macaron.errors.CUEExpectationError
Bases:
MacaronError
Happens when the CUE expectation is invalid.
- exception macaron.errors.CUERuntimeError
Bases:
MacaronError
Happens when there are errors in CUE expectation validation.
- exception macaron.errors.ConfigurationError
Bases:
MacaronError
Happens when there is an error in the configuration (.ini) file.
- exception macaron.errors.CloneError
Bases:
MacaronError
Happens when cannot clone a git repository.
- exception macaron.errors.RepoCheckOutError
Bases:
MacaronError
Happens when there is an error when checking out the correct revision of a git repository.
- exception macaron.errors.RepoNotFoundError
Bases:
MacaronError
Happens if a repository is not found.
- exception macaron.errors.PURLNotFoundError
Bases:
MacaronError
Happens if the PURL identifier for a software component is not found.
- exception macaron.errors.InvalidPURLError
Bases:
MacaronError
Happens when the input PURL string is invalid.
- exception macaron.errors.DuplicateError
Bases:
MacaronError
The class for errors for duplicated data.
- exception macaron.errors.InvalidHTTPResponseError
Bases:
MacaronError
Happens when the HTTP response is invalid or unexpected.
- exception macaron.errors.CheckRegistryError
Bases:
MacaronError
The Check Registry Error class.
- exception macaron.errors.ProvenanceError
Bases:
MacaronError
When there is an error while extracting from provenance.
- exception macaron.errors.InvalidAnalysisTargetError
Bases:
MacaronError
When a valid Analysis Target cannot be constructed.
- exception macaron.errors.ParseError
Bases:
MacaronError
The errors related to parsers.
- exception macaron.errors.CallGraphError
Bases:
MacaronError
The errors related to callgraphs.
- exception macaron.errors.GitHubActionsValueError
Bases:
MacaronError
The errors related to GitHub Actions value errors.
- exception macaron.errors.CycloneDXParserError
Bases:
MacaronError
The CycloneDX error class.
- exception macaron.errors.DependencyAnalyzerError
Bases:
MacaronError
The DependencyAnalyzer error class.
macaron.json_tools module
This module provides utility functions for JSON data.
- macaron.json_tools.json_extract(entry, keys, type_)
Return the value found by following the list of depth-sequential keys inside the passed JSON dictionary.
The value must be of the passed type.
- Parameters:
- Returns:
The found value as the type of the type parameter.
- Return type:
T | None
macaron.util module
This module includes utilities functions for Macaron.
- macaron.util.send_get_http(url, headers)
Send the GET HTTP request with the given url and headers.
This method also handle logging when the server return error status code.
- macaron.util.send_get_http_raw(url, headers=None, timeout=None, allow_redirects=True)
Send the GET HTTP request with the given url and headers.
This method also handle logging when the API server return error status code.
- Parameters:
- Returns:
If a Response object is returned and
allow_redirects
isTrue
(the default) it will have a status code of 200 (OK). Ifallow_redirects
isFalse
the response can instead have a status code of 302. Otherwise, the request has failed andNone
will be returned.- Return type:
Response | None
- macaron.util.check_rate_limit(response)
Check the remaining calls limit to GitHub API and wait accordingly.
- Parameters:
response (Response) – The latest response from GitHub API.
- Return type:
- macaron.util.construct_query(params)
Construct a URL query from the provided keywords params.
- Parameters:
params (dict) – The dictionary of parameters for the search.
- Returns:
The constructed query as string.
- Return type:
Examples
>>> construct_query({"bar":1,"foo":2}) 'bar=1&foo=2'
- macaron.util.download_github_build_log(url, headers)
Download and return the build log from a GitHub API build log url.
- macaron.util.copy_file(src, dest_dir)
Copy a file using shutil.copy2.
This copy operation will preserve the permission of the src file.
- macaron.util.copy_file_bulk(file_list, src_path, target_path)
Copy multiple files using the
copy_file
method.Files in
file_list
will be copied from src_path to target_path.If a file in
file_list
exists intarget_path
, it will be ignored. This method will handle creating intermediate dirs to store files accordingly.- Parameters:
- Returns:
True if succeed else False.
- Return type:
See also
copy_file
Copy a single file.
Examples
file.txt
will be copied fromsrc/foo/bar/file.txt
totarget/foo/bar/file.txt
copy_file_bulk(["foo/bar/file.txt"], "src", "target")