|
| 1 | +#!/bin/bash |
| 2 | + |
| 3 | +# Find and install packages, if required, using conda channel or using pip package manager |
| 4 | +vulnerable_packages=( "pydantic=2.5.3" "joblib=1.3.1" "mistune=3.0.1" "werkzeug=3.0.3" "transformers=4.36.0" "pillow=10.3.0" "aiohttp=3.9.4" \ |
| 5 | + "cryptography=42.0.4" "gitpython=3.1.41" "jupyter-lsp=2.2.2" "idna=3.7" "jinja2=3.1.4" "scrapy=2.11.2" ) |
| 6 | + |
| 7 | +# Define the number of rows (based on the length of vulnerable_packages) |
| 8 | +rows=${#vulnerable_packages[@]} |
| 9 | + |
| 10 | +# Define the number of columns |
| 11 | +cols=4 |
| 12 | + |
| 13 | +# Define the 2D array |
| 14 | +declare -A packages_array |
| 15 | + |
| 16 | +# Fill the 2D array |
| 17 | +for ((i=0; i<rows; i++)); do |
| 18 | + # Split each element of vulnerable_packages by the '=' sign |
| 19 | + IFS='=' read -ra parts <<< "${vulnerable_packages[$i]}" |
| 20 | + # Assign the parts to the 2D array |
| 21 | + packages_array[$i,0]=${parts[0]} |
| 22 | + packages_array[$i,1]=${parts[1]} |
| 23 | +done |
| 24 | + |
| 25 | +value=0 |
| 26 | +insert_in_2D_array() { |
| 27 | + local package_name=$1 |
| 28 | + local channel_name="anaconda" |
| 29 | + |
| 30 | + echo "Running conda search for package '$package_name' in channel '$channel_name'..." |
| 31 | + |
| 32 | + # Capture the conda search output and process it |
| 33 | + latest_version=$(conda search "$package_name" -c "$channel_name" | \ |
| 34 | + grep -E '^[[:alnum:]]' | \ |
| 35 | + awk '{print $2}' | \ |
| 36 | + sort -V | \ |
| 37 | + uniq | \ |
| 38 | + tail -n 2 | \ |
| 39 | + head -n 1) |
| 40 | + |
| 41 | + found_version=$(pip show $package_name | grep '^Version:' | awk '{print $2}') |
| 42 | + if [[ -z "$latest_version" ]]; then |
| 43 | + echo "No version found in anaconda channel." |
| 44 | + latest_version="0" |
| 45 | + fi |
| 46 | + if [[ -z "$found_version" ]]; then |
| 47 | + echo "No package version found in upstream." |
| 48 | + found_version="0" |
| 49 | + fi |
| 50 | + echo "Latest version of $package_name: $latest_version" |
| 51 | + packages_array[$i,2]="$found_version" |
| 52 | + packages_array[$i,3]="$latest_version" |
| 53 | + ((value++)) |
| 54 | +} |
| 55 | + |
| 56 | +# store found package versions in upstream as 3rd column element in 2D array |
| 57 | +check_packages_anaconda_channel() { |
| 58 | + for ((i=0; i<rows; i++)); do |
| 59 | + PACKAGE_NAME=${packages_array[$i,0]} |
| 60 | + echo "Package Name $i: $PACKAGE_NAME" |
| 61 | + insert_in_2D_array $PACKAGE_NAME |
| 62 | + done |
| 63 | +} |
| 64 | + |
| 65 | +compare_and_install_packages() { |
| 66 | + check_packages_anaconda_channel |
| 67 | + printf "%-10s %-10s %-10s %-10s\n" "Package Name," "Version needed," "Version Present," "Conda channel version" |
| 68 | + echo "---------------------------------------------------------------------------------" |
| 69 | + for ((i=0; i<rows; i++)); do |
| 70 | + for ((j=0; j<cols; j++)); do |
| 71 | + echo -n "${packages_array[$i,$j]} " |
| 72 | + done |
| 73 | + echo |
| 74 | + done |
| 75 | + for ((i=0; i<rows; i++)); do |
| 76 | + echo -e "\nComparing semver versions between required and present currently for ${packages_array[$i,0]}" |
| 77 | + comparison_result=$(compare_semver "${packages_array[$i,1]}" "${packages_array[$i,2]}") |
| 78 | + if [[ $comparison_result == "greater" ]]; then |
| 79 | + echo -e "\nComparing semver versions between required and available through conda channel for $1" |
| 80 | + comparison_result2=$(compare_semver "${packages_array[$i,1]}" "${packages_array[$i,3]}") |
| 81 | + if [[ $comparison_result2 == "greater" ]]; then |
| 82 | + echo -e "\nInstalling ${packages_array[$i,0]} using pip" |
| 83 | + python3 -m pip install --upgrade "${packages_array[$i,0]}==${packages_array[$i,1]}" |
| 84 | + else |
| 85 | + echo -e "\nInstalling ${packages_array[$i,0]} using conda channel" |
| 86 | + conda install "${packages_array[$i,0]}==${packages_array[$i,3]}" |
| 87 | + fi |
| 88 | + else |
| 89 | + echo -e "No need to update ${packages_array[$i,0]}"; |
| 90 | + fi |
| 91 | + done |
| 92 | +} |
| 93 | + |
| 94 | +# Function to compare semver versions |
| 95 | +compare_semver() { |
| 96 | + # Split versions into arrays |
| 97 | + IFS='.' read -r -a version1 <<< "$1" |
| 98 | + IFS='.' read -r -a version2 <<< "$2" |
| 99 | + |
| 100 | + comparison="" |
| 101 | + # Compare MAJOR version |
| 102 | + if (( ${version1[0]} > ${version2[0]} )); then |
| 103 | + comparison="greater" |
| 104 | + elif (( ${version1[0]} < ${version2[0]} )); then |
| 105 | + comparison="lesser" |
| 106 | + else |
| 107 | + # Compare MINOR version |
| 108 | + if (( ${version1[1]} > ${version2[1]} )); then |
| 109 | + comparison="greater" |
| 110 | + elif (( ${version1[1]} < ${version2[1]} )); then |
| 111 | + comparison="lesser" |
| 112 | + else |
| 113 | + # Compare PATCH version |
| 114 | + if (( ${version1[2]} > ${version2[2]} )); then |
| 115 | + comparison="greater" |
| 116 | + elif (( ${version1[2]} < ${version2[2]} )); then |
| 117 | + comparison="lesser" |
| 118 | + else |
| 119 | + comparison="equal" |
| 120 | + fi |
| 121 | + fi |
| 122 | + fi |
| 123 | + |
| 124 | + echo $comparison |
| 125 | +} |
| 126 | + |
| 127 | +compare_and_install_packages |
0 commit comments