ܖidZddlmZddlZddlmZddlmZddlZddl m Z m Z ddl m Z ddlmZmZmZmZmZmZmZej,eZGd d eZy) zx Functionality for using the [PyPI](https://warehouse.pypa.io/api-reference/json.html) API as a `VulnerabilityService`. ) annotationsN)Path)cast)InvalidVersionVersion)caching_session)ConnectionError DependencyResolvedDependency ServiceErrorSkippedDependencyVulnerabilityResultVulnerabilityServicec2eZdZdZ d ddZddZy) PyPIServicez} An implementation of `VulnerabilityService` that uses PyPI to provide Python package vulnerability information. Nc 2t||_||_y)a Create a new `PyPIService`. `cache_dir` is an optional cache directory to use, for caching and reusing PyPI API requests. If `None`, `pip-audit` will attempt to use `pip`'s cache directory before falling back on its own default cache directory. `timeout` is an optional argument to control how many seconds the component should wait for responses to network requests. N)rsessiontimeout)self cache_dirrkwargss [/var/www/html/content-pipeline/venv/lib/python3.12/site-packages/pip_audit/_service/pypi.py__init__zPyPIService.__init__#s'y1  c |jr|gfStt|}d|jdt |j d} |j j||j}|j|j+}g}|jd }|||fS|D]} | d} | jd} | t j#d| d| 7 | dD cgc] } t-| } } | j1| jd}|| jd}|d}|j3dd}|j5t7j8| g| d|| |j;| jd||fS#tj$r tdtj$r tdtj$rk}jdk(rPd|jd |j d }t j#|t%|j&| gfcYd }~St(|d }~wwxYwcc} w#t.$r}t)d| d|d }~wwxYw)zs Queries PyPI for the given `Dependency` specification. See `VulnerabilityService.query`. zhttps://pypi.org/pypi//z/json)urlrz PyPI is not redirecting properlyz.Could not connect to PyPI's vulnerability feediz7Dependency not found on PyPI and could not be audited: z ())name skip_reasonNvulnerabilitiesid withdrawnzPyPI vuln entry 'z' marked as withdrawn at fixed_inz&Received malformed version from PyPI: summarydetailszN/A  aliases published)ids description fix_versionsr*) is_skippedrr canonical_namestrversionrgetrraise_for_statusrequestsTooManyRedirectsr ConnectTimeout HTTPError status_codeloggerdebugr rr jsonrrsortreplaceappendrcreate_parse_rfc3339)rspecrresponse http_errorr response_jsonresultsvulnsvr" withdrawn_atr$r-ivr,s rqueryzPyPIService.query3s ?? 8O&-&t':':&;1S=N [)(dii[QSUUUJ . /: Q! e"%KAjM?#[\bdd esP 7F&I-I?IA I*AII III I=&I88I=)NN)rz Path | Nonerz int | NonerdictreturnNone)rAr rLz,tuple[Dependency, list[VulnerabilityResult]])__name__ __module__ __qualname____doc__rrJrrrrs9 DH$6@SW  Urr)rQ __future__rloggingpathlibrtypingrr4packaging.versionrrpip_audit._cacherpip_audit._service.interfacer r r r r rr getLoggerrNr9rrRrrr[sS #5,   8 $k&kr