Remove verbose and quiet args

Author: PrajwalM2212

cve_bin_tool/NVDAutoUpdate.py

@@ -48,18 +48,12 @@
 
 
 def get_cvelist(
-    output,
-    dbname,
-    quiet,
-    supplement=True,
-    json_feed=JSON_FEED,
-    json_zip=JSON_ZIP,
-    **kargs
+    output, dbname, supplement=True, json_feed=JSON_FEED, json_zip=JSON_ZIP, **kargs
 ):
     """ Get list of CVEs and add to the database """
     if not os.path.exists(output):
         os.makedirs(output, 0o750)
-    conn = init_database(dbname, quiet)
+    conn = init_database(dbname)
 
     today = str(datetime.date.today())
     year = str(int(today[:4]))
@@ -72,7 +66,7 @@ def get_cvelist(
         r"nvdcve-1.1-[0-9]*\.json\.zip", r_feed.read().decode("utf-8")
     ):
         t = threading.Thread(
-            target=download_cves, args=(filename, output, json_zip, kargs, year, quiet)
+            target=download_cves, args=(filename, output, json_zip, kargs, year)
         )
         t.start()
         threads.append(t)
@@ -118,30 +112,27 @@ def get_cvelist(
     conn.close()
 
 
-def download_cves(filename, output, json_zip, kargs, year, quiet):
+def download_cves(filename, output, json_zip, kargs, year):
     r_file = urlopen(json_zip + filename, **kargs)
     filepath = os.path.join(output, filename)
     if year in filename or not os.path.exists(filepath):
         with open(filepath, "wb") as file_handle:
             for chunk in r_file:
                 file_handle.write(chunk)
         file_handle.close()
-        if not quiet:
-            if year in filename:
-                LOGGER.debug("Updated current year file " + filename)
-                # check only 2019 for now (old files not updated)
-                if check_cve_zip(2019):
-                    if not quiet:
-                        LOGGER.debug("Verified 2019 zipfile against published sha256 sum")
-                else:
-                    LOGGER.error(
-                        "Error: failed to verify zipfile against published sha256 sum",
-                       )
+        if year in filename:
+            LOGGER.debug("Updated current year file " + filename)
+            # check only 2019 for now (old files not updated)
+            if check_cve_zip(2019):
+                LOGGER.debug("Verified 2019 zipfile against published sha256 sum")
             else:
-                LOGGER.debug("Creating new file " + filename)
+                LOGGER.error(
+                    "Error: failed to verify zipfile against published sha256 sum",
+                )
+        else:
+            LOGGER.debug("Creating new file " + filename)
     else:
-        if not quiet:
-            LOGGER.debug("Previous year file: " + filename + " already exists")
+        LOGGER.debug("Previous year file: " + filename + " already exists")
 
 
 def check_cve_zip(year):
@@ -173,9 +164,9 @@ def check_cve_zip(year):
     return False
 
 
-def init_database(dbname, quiet):
+def init_database(dbname):
     """ Create new database if needed """
-    if not quiet and (not os.path.isfile(dbname)):
+    if not os.path.isfile(dbname):
         LOGGER.debug("Database file does not exist. Initializing it")
     conn = sqlite3.connect(dbname)
     db_cursor = conn.cursor()
@@ -315,7 +306,7 @@ def extract_data(nvddir):
 
             jsonfile.close()
         except Exception as exception:
-            LO("Exception in extract_data: " + str(exception))
+            LOGGER.error("Exception in extract_data: " + str(exception))
 
     return (
         cve_number,
@@ -395,7 +386,7 @@ def display_data(conn):
         LOGGER.info(row)
 
 
-def get_cvelist_if_stale(nvddir, dbname, quiet):
+def get_cvelist_if_stale(nvddir, dbname):
     """ If the local copy of the cvelist is more than a day old, download a new one.
     This allows some caching so you don't have to wait for the full download with every
     single execution. """
@@ -406,12 +397,11 @@ def get_cvelist_if_stale(nvddir, dbname, quiet):
         datetime.datetime.today()
         - datetime.datetime.fromtimestamp(os.path.getmtime(latest_zipfile))
     ) > datetime.timedelta(hours=24):
-        if not quiet:
-            LOGGER.debug("Updating CVE data. This will take a few minutes.")
-        get_cvelist(nvddir, dbname, quiet)
+        LOGGER.debug("Updating CVE data. This will take a few minutes.")
+        get_cvelist(nvddir, dbname)
 
     if not os.path.isfile(dbname):
-        conn = init_database(dbname, quiet)
+        conn = init_database(dbname)
         (
             cve_number,
             vendor_name,
@@ -433,24 +423,22 @@ def get_cvelist_if_stale(nvddir, dbname, quiet):
         )
         conn.close()
 
-    elif not quiet:
-        LOGGER.debug(
-            "Last Update: "
-            + datetime.date.fromtimestamp(os.path.getmtime(dbname)).isoformat()
-        )
-        LOGGER.debug("Local database has been updated in the past 24h.")
-        LOGGER.debug('New data not downloaded.  Use "-u now" to force an update')
+    LOGGER.debug(
+        "Last Update: "
+        + datetime.date.fromtimestamp(os.path.getmtime(dbname)).isoformat()
+    )
+    LOGGER.debug("Local database has been updated in the past 24h.")
+    LOGGER.debug('New data not downloaded.  Use "-u now" to force an update')
 
 
 class NVDSQLite(object):
     """ Methods for NVD stored in sqlite """
 
-    def __init__(self, disk_location=DISK_LOCATION_DEFAULT, quiet=False):
+    def __init__(self, disk_location=DISK_LOCATION_DEFAULT):
         """ Set location on disk where NVD data cache will reside.
         Connect to SQLite database"""
         self.disk_location = disk_location
         self.conn = None
-        self.quiet = quiet
 
     @property
     def dbname(self):
@@ -506,7 +494,7 @@ def get_cves(self, *vendor_product_pairs):
 
     def get_cvelist_if_stale(self):
         """ Update CVEs data from NVD if stale."""
-        get_cvelist_if_stale(self.nvddir, self.dbname, self.quiet)
+        get_cvelist_if_stale(self.nvddir, self.dbname)
 
     @classmethod
     def clear_cached_data(cls):

cve_bin_tool/cli.py

@@ -48,7 +48,7 @@ class Scanner(object):
 
     CHECKER_ENTRYPOINT = "cve_bin_tool.checker"
 
-    def __init__(self, nvd, checkers=None, verbose=True, logger=None):
+    def __init__(self, nvd, checkers=None, logger=None):
         if logger is None:
             logger = LOGGER.getChild(self.__class__.__name__)
         # Load checkers if not given
@@ -57,10 +57,9 @@ def __init__(self, nvd, checkers=None, verbose=True, logger=None):
         self.nvd = nvd
         self.checkers = checkers
         self.logger = logger
-        self.verbose = verbose
         self.all_cves = defaultdict(dict)
         self.files_with_cve = 0
-        self.logger.info("Checkers loaded: %s", ", ".join(self.checkers.keys()))
+        self.logger.info("Checkers loaded: %s" % (", ".join(self.checkers.keys())))
 
     @staticmethod
     def vendor_package_pairs(docstring):
@@ -98,18 +97,18 @@ def available_checkers(cls):
         checker_list = [item.name for item in checkers]
         return checker_list
 
-    def remove_skiplist(self, skips=None, quiet=False):
+    def remove_skiplist(self, skips=None):
         # Take out any checkers that are on the skip list
         # (string of comma-delimited checker names)
         skiplist = skips.split(",") if skips else []
         for skipme in skiplist:
             if skipme in self.checkers:
                 del self.checkers[skipme]
-                if not quiet:
-                    self.logger.debug("Skipping checker: {}".format(skipme))
+                self.logger.debug("Skipping checker: {}".format(skipme))
             else:
-                if not quiet:
-                    self.logger.error("Checker {} is not a valid checker name".format(skipme))
+                self.logger.error(
+                    "Checker {} is not a valid checker name".format(skipme)
+                )
 
     def print_checkers(self):
         self.logger.info("Checkers: {}".format(", ".join(self.checkers.keys())))
@@ -133,7 +132,7 @@ def scan_file(self, filename):
         """Scans a file to see if it contains any of the target libraries,
         and whether any of those contain CVEs"""
 
-        self.logger.debug("Scanning file: %r", filename)
+        self.logger.debug("Scanning file: %r" % filename)
 
         # Do not try to scan symlinks
         if os.path.islink(filename):
@@ -199,13 +198,15 @@ def scan_file(self, filename):
                 if found_cves.keys():
                     self.files_with_cve = self.files_with_cve + 1
                 self.all_cves[modulename][version] = found_cves
-                if self.verbose:
-                    self.logger.info(filename, result["is_or_contains"], modulename, version)
-                    if found_cves.keys():
-                        self.logger.info("Known CVEs in version " + str(version))
-                        self.logger.info(", ".join(found_cves.keys()))
+                self.logger.info(
+                    "%s %s %s %s"
+                    % (filename, result["is_or_contains"], modulename, version)
+                )
+                if found_cves.keys():
+                    self.logger.info("Known CVEs in version " + str(version))
+                    self.logger.info(", ".join(found_cves.keys()))
 
-        self.logger.debug("Done scanning file: %r", filename)
+        self.logger.debug("Done scanning file: %r" % filename)
         return self.all_cves
 
     def extract_and_scan(self, filename, walker=None):
@@ -250,7 +251,9 @@ def scan_and_or_extract_file(scanner, ectx, walker, should_extract, filepath):
     # Attempt to extract the file and scan the contents
     if ectx.can_extract(filepath):
         if not should_extract:
-            LOGGER.debug("%s is an archive. Pass " % (filepath,) + "-x option to auto-extract")
+            LOGGER.warning(
+                "%s is an archive. Pass " % (filepath,) + "-x option to auto-extract"
+            )
             return
         for filename in walker([ectx.extract(filepath)]):
             scan_and_or_extract_file(scanner, ectx, walker, should_extract, filename)
@@ -261,20 +264,22 @@ def extract_file(ectx, walker, should_extract, filepath, file_list):
     if ectx.can_extract(filepath):
         if not should_extract:
             file_list.append(filepath)
-            LOGGER.debug("%s is an archive. Pass " % (filepath,) + "-x option to auto-extract")
+            LOGGER.warning(
+                "%s is an archive. Pass " % (filepath,) + "-x option to auto-extract"
+            )
             return
         for filename in walker([ectx.extract(filepath)]):
             extract_file(ectx, walker, should_extract, filename, file_list)
     file_list.append(filepath)
 
 
 def scan_files(scanning_file, args):
-    nvd = NVDSQLite(quiet=args["quiet"])
+    nvd = NVDSQLite()
     if args["update"] != "never":
         nvd.get_cvelist_if_stale()
     with nvd:
-        scanner = Scanner(nvd, verbose=args["verbose"])
-        scanner.remove_skiplist(args["skips"], args["quiet"])
+        scanner = Scanner(nvd)
+        scanner.remove_skiplist(args["skips"])
         scanner.scan_file(scanning_file)
         return scanner.files_with_cve
 
@@ -313,13 +318,6 @@ def main(argv=None, outfile=sys.stdout):
     parser.add_argument(
         "-x", "--extract", action="store_true", help="autoextract compressed files"
     )
-    parser.add_argument(
-        "-v",
-        "--verbose",
-        action="store_true",
-        help="details on found issues as script runs",
-    )
-    parser.add_argument("-q", "--quiet", action="store_true", help="suppress output")
     parser.add_argument(
         "-l",
         "--log",
@@ -357,10 +355,10 @@ def main(argv=None, outfile=sys.stdout):
         args = parser.parse_args(argv[1:])
     except SystemExit:
         # override default argparse exit(2) behaviour so positive numbers can indicate
-        # number of cves (useful in quiet mode)
         sys.exit(-2)
 
-    logging.basicConfig(level=args.log_level)
+    if args.log_level:
+        LOGGER.setLevel(args.log_level)
 
     if platform.system() != "Linux":
         warning_nolinux = """
@@ -386,25 +384,22 @@ def main(argv=None, outfile=sys.stdout):
     ).walk
 
     if args.update == "now":
-        if not args.quiet:
-            LOGGER.debug("Removing all cached CVE data.")
+        LOGGER.debug("Removing all cached CVE data.")
         NVDSQLite.clear_cached_data()
 
     # Single-thread mode
     if not args.multithread:
         # Close database when done
-        nvd = NVDSQLite(quiet=args.quiet)
+        nvd = NVDSQLite()
         # Update CVE database
         if args.update != "never":
-            if not args.quiet:
-                LOGGER.debug("Checking if CVE data needs an update.")
+            LOGGER.debug("Checking if CVE data needs an update.")
             nvd.get_cvelist_if_stale()
         with nvd:
             extractor = Extractor()
-            scanner = Scanner(nvd, verbose=args.verbose)
-            scanner.remove_skiplist(args.skips, args.quiet)
-            if args.verbose:
-                scanner.print_checkers()
+            scanner = Scanner(nvd)
+            scanner.remove_skiplist(args.skips)
+            scanner.print_checkers()
 
             with extractor() as ectx:
                 if os.path.isdir(args.directory):
@@ -417,21 +412,22 @@ def main(argv=None, outfile=sys.stdout):
                         scanner, ectx, walker, args.extract, args.directory
                     )
 
-            if not args.quiet:
-                LOGGER.info("")
-                LOGGER.info("Overall CVE summary: ")
-                LOGGER.info(
-                    "There are" + str(scanner.files_with_cve) + "files with known CVEs detected"
-                )
-            if (not args.quiet) and scanner.files_with_cve > 0:
+            LOGGER.info("")
+            LOGGER.info("Overall CVE summary: ")
+            LOGGER.info(
+                "There are "
+                + str(scanner.files_with_cve)
+                + " files with known CVEs detected"
+            )
+            if scanner.files_with_cve > 0:
                 affected_string = ", ".join(
                     map(
                         lambda module_version: " ".join(str(module_version)),
                         scanner.affected(),
                     )
                 )
                 LOGGER.info("Known CVEs in %s:" % (affected_string,))
-                output_cves(outfile, scanner.all_cves, include_details=args.verbose)
+                output_cves(outfile, scanner.all_cves)
 
             # Use the number of files with known cves as error code
             # as requested by folk planning to automate use of this script.
@@ -442,12 +438,12 @@ def main(argv=None, outfile=sys.stdout):
     else:
 
         def worker():
-            nvd = NVDSQLite(quiet=args.quiet)
+            nvd = NVDSQLite()
             if args.update != "never":
                 nvd.get_cvelist_if_stale()
             with nvd:
-                scanner = Scanner(nvd, verbose=args.verbose)
-                scanner.remove_skiplist(args.skips, args.quiet)
+                scanner = Scanner(nvd)
+                scanner.remove_skiplist(args.skips)
                 while True:
                     scan_target = q.get()
                     if not scan_target:

cve_bin_tool/csv2cve.py

@@ -51,13 +51,13 @@ def csv2cve(filename):
         csvdata = csv.DictReader(csvfile, delimiter=",")  # "," is default anyhow
 
         if csvdata is None or csvdata.fieldnames is None:
-            LOGGER.error("Error: invalid CSV", file=sys.stderr)
+            LOGGER.error("Error: invalid CSV")
             return ERR_BADCSV
 
         required_columns = ["vendor", "package", "version"]
         for column in required_columns:
             if column not in csvdata.fieldnames:
-                LOGGER.error("Error: no {} column found".format(column), file=sys.stderr)
+                LOGGER.error("Error: no {} column found".format(column))
                 return ERR_MISSINGCOLUMN
 
         # Initialize the NVD database