feat(checkers): add pre-commit hook for reformatting checkers table (#1290)

imsahil007 · terriko · web-flow · commit 0333caab6b90 · 2021-08-03T16:51:52.000-07:00
* feat(checkers): add pre commit hook for reformatting checkers table * fixes #1250 Co-authored-by: Terri Oda <terri.oda@intel.com>
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -14,8 +14,17 @@ repos:
     hooks:
     - id: pyupgrade
       args: ["--py36-plus"]
-
+      
 -   repo: https://github.com/pycqa/flake8
     rev: 3.9.2
     hooks:
     - id: flake8
+
+-   repo: local
+    hooks: 
+    - id: format_checkers
+      language: python
+      name: format_checkers
+      entry: python cve_bin_tool/format_checkers.py
+      files: "^cve_bin_tool/checkers/__init__.py"
+      types: [python]
diff --git a/README.md b/README.md
@@ -114,18 +114,25 @@ require more information, there is also a [user manual](https://cve-bin-tool.rea
 This scanner looks at the strings found in binary files to see if they
 match certain vulnerable versions of the following libraries and tools:
 
-|          |           |                | Available checkers |            |            |         |
-| -------- | --------- | ---------------| ------------------ | ---------- | ---------- | ------- |
-| avahi    | bash      | bind           | binutils           | busybox    | bzip2      | cups    |
-| curl     | dovecot   | expat          | ffmpeg             | freeradius | gcc        | gimp    |
-| gnutls   | glibc     | gstreamer      | haproxy            | hostapd    | icecast    | icu     |
-| irssi    | kerberos  | libarchive     | libdb              | libgcrypt  | libjpeg    | libnss  |
-| libtiff  | libvirt   | lighttpd       | mariadb            | memcached  | ncurses    | nessus  |
-| netpbm   | nginx     | node           | openafs            | openldap   | openssh    | openssl |
-| openswan | openvpn   | png            | polarssl_fedora    | postgresql | python     | qt      |
-| radare2  | rsyslog   | samba          | sqlite             | strongswan | sudo       | syslogng| 
-| systemd  | tcpdump   | varnish        | wireshark          | xerces     | xml2       | zlib    | 
-
+<!--CHECKERS TABLE BEGIN-->
+|   |  |  | Available checkers |  |  |  |
+|--------------- |--------- |-------------- |--------------- |---------- |---------- |------------- |
+| accountsservice |avahi |bash |bind |binutils |bolt |bubblewrap |
+| busybox |bzip2 |cronie |cryptsetup |cups |curl |dbus |
+| dnsmasq |dovecot |dpkg |enscript |expat |ffmpeg |freeradius |
+| ftp |gcc |gimp |glibc |gnomeshell |gnupg |gnutls |
+| gpgme |gstreamer |gupnp |haproxy |hostapd |hunspell |icecast |
+| icu |irssi |kbd |kerberos |kexectools |libarchive |libbpg |
+| libdb |libgcrypt |libical |libjpeg_turbo |liblas |libnss |libsndfile |
+| libsoup |libssh2 |libtiff |libvirt |libxslt |lighttpd |logrotate |
+| lua |mariadb |mdadm |memcached |mtr |mysql |nano |
+| ncurses |nessus |netpbm |nginx |node |ntp |open_vm_tools |
+| openafs |openjpeg |openldap |openssh |openssl |openswan |openvpn |
+| p7zip |pcsc_lite |png |polarssl_fedora |poppler |postgresql |pspp |
+| python |qt |radare2 |rsyslog |samba |sqlite |strongswan |
+| subversion |sudo |syslogng |systemd |tcpdump |trousers |varnish |
+| webkitgtk |wireshark |wpa_supplicant |xerces |xml2 |zlib |zsh |
+<!--CHECKERS TABLE END-->
 
 All the checkers can be found in the checkers directory, as can the
 [instructions on how to add a new checker](https://github.com/intel/cve-bin-tool/blob/main/cve_bin_tool/checkers/README.md).
diff --git a/cve_bin_tool/format_checkers.py b/cve_bin_tool/format_checkers.py
@@ -0,0 +1,91 @@
+# Copyright (C) 2021 Intel Corporation
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+"""To reformat checkers table when cve_bin_tool/checkers/__init__.py is updated."""
+
+import os
+
+from cve_bin_tool import checkers
+
+CHECKERS_TABLE_SIZE = 7
+
+
+def reshape_list(checkers):
+    """Reshape the list of checkers to a 2D-List for printing the table"""
+    return [
+        checkers[index : (index + CHECKERS_TABLE_SIZE)]
+        for index in range(0, len(checkers), CHECKERS_TABLE_SIZE)
+    ]
+
+
+def max_checker_length(checkers):
+    """Returns a list of max length of each column"""
+    checkers[-1].extend([""] * (CHECKERS_TABLE_SIZE - len(checkers[-1])))
+
+    size_list = [0] * CHECKERS_TABLE_SIZE
+
+    for row in range(CHECKERS_TABLE_SIZE):
+        for index in range(len(checkers)):
+            checker = checkers[index][row]
+            if len(checker) > size_list[row]:
+                size_list[row] = len(checker)
+    return size_list
+
+
+def reformat_checkers(checkers, size_array):
+    """Returns a markdown based table string for checkers"""
+    checkers.insert(0, [""] * CHECKERS_TABLE_SIZE)
+    checkers[0][CHECKERS_TABLE_SIZE // 2] = "Available checkers"
+
+    markdown = "| "
+
+    for row in checkers[0]:
+        markdown += f" {row} |"
+    markdown += "\n"
+
+    markdown += "|"
+    for index in range(len(checkers[0])):
+        markdown += f"{'-'*size_array[index]} |"
+    markdown += "\n"
+
+    for row in checkers[1:]:
+        markdown += "| "
+        for checker in row:
+            markdown += f"{checker} |"
+        markdown += "\n"
+
+    return markdown
+
+
+def update_checker_table(file_path, markdown):
+    """Updates README.md and MANUAL.md with the new checker table"""
+    lines = []
+    start_index, end_index = None, None
+
+    with open(file_path) as f:
+        for index, line in enumerate(f):
+            if "CHECKERS TABLE BEGIN" in line:
+                start_index = index
+            elif "CHECKERS TABLE END" in line:
+                end_index = index
+            lines.append(line)
+
+    lines = lines[: start_index + 1] + [markdown] + lines[end_index:]
+
+    with open(file_path, "w") as f:
+        f.writelines(lines)
+
+
+if __name__ == "__main__":
+    checkers_array = list(set(checkers.__all__) - {"Checker", "VendorProductPair"})
+    checkers_array = reshape_list(sorted(checkers_array))
+    shape_list = max_checker_length(checkers_array)
+    checkers_markdown = reformat_checkers(checkers_array, shape_list)
+    update_checker_table(
+        file_path=os.path.join(os.path.abspath("."), "README.md"),
+        markdown=checkers_markdown,
+    )
+    update_checker_table(
+        file_path=os.path.join(os.path.abspath("."), "doc", "MANUAL.md"),
+        markdown=checkers_markdown,
+    )
diff --git a/doc/MANUAL.md b/doc/MANUAL.md
@@ -99,17 +99,25 @@ which is useful if you're trying the latest code from
                             comma-separated list of checkers to disable
       -r RUNS, --runs RUNS  comma-separated list of checkers to enable
 
-|          |          |            | Available checkers |            |          |         |
-| -------- | -------- | ---------- | ------------------ | ---------- | -------- | ------- |
-| avahi    | bash     | bind       | binutils           | busybox    | bzip2    | cups    |
-| curl     | dovecot  | expat      | ffmpeg             | freeradius | gcc      | gimp    |
-| gnutls   | glibc    | gstreamer  | haproxy            | hostapd    | icecast  | icu     |
-| irssi    | kerberos | libarchive | libdb              | libgcrypt  | libjpeg  | libnss  |
-| libtiff  | libvirt  | lighttpd   | mariadb            | memcached  | ncurses  | nessus  |
-| netpbm   | nginx    | node       | openafs            | openldap   | openssh  | openssl |
-| openswan | openvpn  | png        | polarssl_fedora    | postgresql | python   | qt      |
-| radare2  | rsyslog  | samba      | sqlite             | strongswan | syslogng | systemd |
-| tcpdump  | varnish  | wireshark  | xerces             | xml2       | zlib     |         |
+<!--CHECKERS TABLE BEGIN-->
+|   |  |  | Available checkers |  |  |  |
+|--------------- |--------- |-------------- |--------------- |---------- |---------- |------------- |
+| accountsservice |avahi |bash |bind |binutils |bolt |bubblewrap |
+| busybox |bzip2 |cronie |cryptsetup |cups |curl |dbus |
+| dnsmasq |dovecot |dpkg |enscript |expat |ffmpeg |freeradius |
+| ftp |gcc |gimp |glibc |gnomeshell |gnupg |gnutls |
+| gpgme |gstreamer |gupnp |haproxy |hostapd |hunspell |icecast |
+| icu |irssi |kbd |kerberos |kexectools |libarchive |libbpg |
+| libdb |libgcrypt |libical |libjpeg_turbo |liblas |libnss |libsndfile |
+| libsoup |libssh2 |libtiff |libvirt |libxslt |lighttpd |logrotate |
+| lua |mariadb |mdadm |memcached |mtr |mysql |nano |
+| ncurses |nessus |netpbm |nginx |node |ntp |open_vm_tools |
+| openafs |openjpeg |openldap |openssh |openssl |openswan |openvpn |
+| p7zip |pcsc_lite |png |polarssl_fedora |poppler |postgresql |pspp |
+| python |qt |radare2 |rsyslog |samba |sqlite |strongswan |
+| subversion |sudo |syslogng |systemd |tcpdump |trousers |varnish |
+| webkitgtk |wireshark |wpa_supplicant |xerces |xml2 |zlib |zsh |
+<!--CHECKERS TABLE END-->
 
 For a quick overview of usage and how it works, you can also see [the readme file](README.md).
 
