diff --git a/README.rst b/README.rst index f7a3186..168265e 100644 --- a/README.rst +++ b/README.rst @@ -215,3 +215,45 @@ Retrieve the Socket Organization Settings from socketdev import SocketDev socket = SocketDev("REPLACE_ME") print(socket.settings.get()) + +sbom.view(report_id) +"""""""""""""""""""""" +Retrieve the information for a SBOM Report + +**Usage:** + +.. code-block:: + + from socketdev import SocketDev + socket = SocketDev("REPLACE_ME") + print(socket.sbom.view("report_id")) + +**PARAMETERS:** + +- **report_id (str)** - The report ID of the report to view + +purl.post(license, components) +"""""""""""""""""""""" +Retrieve the package information for a purl post + +**Usage:** + +.. code-block:: + + from socketdev import SocketDev + socket = SocketDev("REPLACE_ME") + license = "true" + components = [ + { + "purl": "pkg:pypi/pyonepassword@5.0.0" + }, + { + "purl": "pkg:pypi/socketsecurity" + } + ] + print(socket.purl.post(license, components)) + +**PARAMETERS:** + +- **license (str)** - The license parameter if enabled will show alerts and license information. If disabled will only show the basic package metadata and scores. Default is true +- **components (array{dict})** - The components list of packages urls \ No newline at end of file diff --git a/socketdev/__init__.py b/socketdev/__init__.py index 57968c2..1264598 100644 --- a/socketdev/__init__.py +++ b/socketdev/__init__.py @@ -9,6 +9,7 @@ from socketdev.quota import Quota from socketdev.report import Report from socketdev.sbom import Sbom +from socketdev.purl import Purl from socketdev.repositories import Repositories from socketdev.settings import Settings from socketdev.socket_classes import Dependency, Org, Response @@ -89,5 +90,6 @@ def __init__(self, token: str): self.quota = Quota() self.report = Report() self.sbom = Sbom() + self.purl = Purl() self.repositories = Repositories() self.settings = Settings() diff --git a/socketdev/purl/__init__.py b/socketdev/purl/__init__.py new file mode 100644 index 0000000..3db39ac --- /dev/null +++ b/socketdev/purl/__init__.py @@ -0,0 +1,36 @@ +import socketdev +from urllib.parse import urlencode +import json + +class Purl: + @staticmethod + def post(license: str="true", components: list=[]) -> dict: + path = "purl?" + "license="+license + components = {"components":components} + components = json.dumps(components) + + response = socketdev.do_request( + path=path, + payload=components, + method="POST" + ) + if response.status_code == 200: + purl = [] + purl_dict = {} + result = response.text + result.strip('"') + result.strip() + for line in result.split("\n"): + if line != '"' and line != "" and line is not None: + item = json.loads(line) + purl.append(item) + for val in purl: + purl_dict[val['id']] = val + else: + purl_dict = {} + print(f"Error posting {components} to the Purl API") + print(response.text) + + return purl_dict + + \ No newline at end of file diff --git a/socketdev/sbom/__init__.py b/socketdev/sbom/__init__.py index 41f2f07..f466b14 100644 --- a/socketdev/sbom/__init__.py +++ b/socketdev/sbom/__init__.py @@ -3,7 +3,7 @@ class Sbom: @staticmethod - def get_sbom_data(report_id: str) -> list: + def view(report_id: str) -> list: path = f"sbom/view/{report_id}" response = socketdev.do_request(path=path) if response.status_code == 200: @@ -16,7 +16,7 @@ def get_sbom_data(report_id: str) -> list: if line != '"' and line != "" and line is not None: item = json.loads(line) sbom.append(item) - for key, val in enumerate(sbom): + for val in sbom: sbom_dict[val['id']] = val else: sbom_dict = {}