ܖimdZddlmZddlZddlZddlmZddlmZm Z ddl Z ddl m Z ddl mZddlmZmZmZmZmZmZej,eZGd d eZy) zV Functionality for using the [OSV](https://osv.dev/) API as a `VulnerabilityService`. ) annotationsN)Path)Anycast)Version)caching_session)ConnectionError DependencyResolvedDependency ServiceErrorVulnerabilityResultVulnerabilityServicec6eZdZdZdZddef ddZddZy) OsvServicez| An implementation of `VulnerabilityService` that uses OSV to provide Python package vulnerability information. zhttps://api.osv.dev/v1/queryNcDt|d|_||_||_y)aj Create a new `OsvService`. `cache_dir` is an optional cache directory to use, for caching and reusing OSV API requests. If `None`, `pip-audit` will use its own internal caching directory. `timeout` is an optional argument to control how many seconds the component should wait for responses to network requests. F)use_pipN)rsessiontimeoutosv_url)self cache_dirrrs Z/var/www/html/content-pipeline/venv/lib/python3.12/site-packages/pip_audit/_service/osv.py__init__zOsvService.__init__$s 'y%@   c |jr|gfStt|}|jddt |j d} |j j|jtj||j}|jg}|j}|s||fS|dD]}t%|j'dd }|j(d k7rt*j-d |G|d } |j'd } | t*j/d| d| {|j'd} | |j'd} | d} | j1dd} |j'd} | t*j-d| dg} | D]h}|d}|d|jk(s|ddk(s$|dD]=}|ddk(s |dDcgc] }d|vr|d }}|Dcgc] }t%|} }hj| j3|j5t7j8| g|j'dg| | |j;|j'd !||fS#tj$r tdtj $r }t"|d}~wwxYwcc}wcc}w)"zr Queries OSV for the given `Dependency` specification. See `VulnerabilityService.query`. PyPI)name ecosystem)packageversion)urldatarz-Could not connect to OSV's vulnerability feedNvulnsschema_versionz1.0.0z Unsupported OSV schema version: id withdrawnzOSV vuln entry 'z' marked as withdrawn at summarydetailszN/A  affectedz' is missing 'affected' listrrrrangestype ECOSYSTEMeventsfixedaliases published)ids description fix_versionsr3) is_skippedrr canonical_namestrr rpostrjsondumpsrraise_for_statusrequestsConnectTimeoutr HTTPErrorr rgetmajorloggerwarningdebugreplacesortappendr create_parse_rfc3339)rspecqueryresponse http_errorresults response_jsonvulnr$r& withdrawn_atr5 affectedsr6r,pkgr-r fix_version_strs version_strs rrLzOsvService.query7s ?? 8O&-!% 3 3&I4<<(  /*.,,*;*;LLZZ& +<+H  % % '.0  = "'*D D %TXX.>%HIN##q(!A.AQRSdB 88K0L' /t3L\N[\((9-K""hhy1 "# &--dC8K,I !1"5QRS*,L% "y)v;$"5"55#k:Jf:T"*8"4 "!&>[806h/?0$+#*g#5!( 00,0IY,9D 4,L," "  "&     NN#**6dhhy"56 +!-"11$((;2GH  {D LW}k&& S!"QR R!! /J . /x0 ,s% AI>J= 5K >0J:.J55J:)rz Path | Nonerz int | Nonerr9)rKr returnz,tuple[Dependency, list[VulnerabilityResult]])__name__ __module__ __qualname____doc__DEFAULT_OSV_URLrrLrrrrs@ 5O"&"&  &jrr)r[ __future__rr;loggingpathlibrtypingrrr>packaging.versionrpip_audit._cacherpip_audit._service.interfacer r r r r r getLoggerrXrCrr]rrrfsQ# %,   8 $E%Er