File tree Expand file tree Collapse file tree 1 file changed +67
-0
lines changed
qgis-app/plugins/management/commands Expand file tree Collapse file tree 1 file changed +67
-0
lines changed Original file line number Diff line number Diff line change 1+ from django .core .management .base import BaseCommand
2+
3+ from plugins .models import Plugin
4+ from plugins .security_utils import run_security_scan
5+
6+
7+ class Command (BaseCommand ):
8+ help = (
9+ "Run security scan on the latest version of each plugin "
10+ "if a scan result does not already exist."
11+ )
12+
13+ def handle (self , * args , ** options ):
14+ plugins = Plugin .objects .all ()
15+ scanned = 0
16+ skipped = 0
17+ failed = 0
18+
19+ for plugin in plugins .iterator ():
20+ latest_version = (
21+ plugin .pluginversion_set .order_by ("-created_on" ).first ()
22+ )
23+
24+ if latest_version is None :
25+ self .stdout .write (
26+ self .style .WARNING (
27+ f" { plugin .package_name }
28+ )
29+ )
30+ skipped += 1
31+ continue
32+
33+ if hasattr (latest_version , "security_scan" ):
34+ self .stdout .write (
35+ f" { plugin .package_name } { latest_version .version }
36+ "already scanned, skipping."
37+ )
38+ skipped += 1
39+ continue
40+
41+ self .stdout .write (
42+ f" Scanning { plugin .package_name } { latest_version .version }
43+ )
44+ result = run_security_scan (latest_version )
45+
46+ if result is not None :
47+ self .stdout .write (
48+ self .style .SUCCESS (
49+ f" { plugin .package_name } { latest_version .version }
50+ f"scan complete (status: { result .overall_status }
51+ )
52+ )
53+ scanned += 1
54+ else :
55+ self .stdout .write (
56+ self .style .ERROR (
57+ f" { plugin .package_name } { latest_version .version }
58+ "scan failed."
59+ )
60+ )
61+ failed += 1
62+
63+ self .stdout .write (
64+ self .style .SUCCESS (
65+ f"\n Done. Scanned: { scanned } { skipped } { failed }
66+ )
67+ )
You can’t perform that action at this time.
0 commit comments