diff --git a/lib/Sentra/Engine/DependabotMetrics.pm b/lib/Sentra/Engine/DependabotMetrics.pm index 557905d..4628e2a 100644 --- a/lib/Sentra/Engine/DependabotMetrics.pm +++ b/lib/Sentra/Engine/DependabotMetrics.pm @@ -1,42 +1,17 @@ package Sentra::Engine::DependabotMetrics { use strict; use warnings; - use Mojo::UserAgent; - use Mojo::JSON qw(decode_json); + use JSON; + use Sentra::Utils::UserAgent; + use Sentra::Utils::Repositories_List; sub new { my ($class, $org, $token, $per_page) = @_; - my $userAgent = Mojo::UserAgent -> new(); + my $userAgent = Sentra::Utils::UserAgent -> new($token); + my @repositories_list = Sentra::Utils::Repositories_List -> new($org, $token); - my $headers = { - 'X-GitHub-Api-Version' => '2022-11-28', - 'Accept' => 'application/vnd.github+json', - 'User-Agent' => 'Sentra 0.0.3', - 'Authorization' => "Bearer $token" - }; - - my @repos; - my $repo_page = 1; - - while (1) { - my $repo_url = "https://api.github.com/orgs/$org/repos?per_page=$per_page&page=$repo_page"; - my $repo_tx = $userAgent -> get($repo_url => $headers); - my $res = $repo_tx -> result or return "Error fetching repositories: " . $repo_tx->error->{message} . "\n"; - - $res->is_success or return "Error fetching repositories: " . $res->message . "\n"; - - my $repo_data = $res -> json; - - last unless @$repo_data; - - push @repos, map { "$org/$_->{name}" } grep { !$_->{archived} } @$repo_data; - - $repo_page++; - } - - return "Error when trying to request information from GitHub, please review the parameters provided." unless @repos; - + my $output = ""; my $total_alerts = 0; my %severity_count = ( @@ -46,32 +21,25 @@ package Sentra::Engine::DependabotMetrics { critical => 0 ); - for my $repo (@repos) { + foreach my $repository (@repositories_list) { my $alert_page = 1; - - while (1) { - my $alert_url = "https://api.github.com/repos/$repo/dependabot/alerts?state=open&per_page=$per_page&page=$alert_page"; - my $alert_tx = $userAgent -> get($alert_url => $headers); - my $res = $alert_tx->result or return "Error fetching alerts for $repo: " . $alert_tx->error->{message} . "\n"; + my $alert_url = "https://api.github.com/repos/$repository/dependabot/alerts?state=open&per_page=$per_page&page=$alert_page"; + my $request = $userAgent -> get($alert_url); - $res->is_success or return "Error fetching alerts for $repo: " . $res->message . "\n"; - - my $alert_data = $res -> json; + if ($request -> code() == 200) { + my $alert_data = decode_json($request -> content()); last unless @$alert_data; - + $total_alerts += scalar @$alert_data; - + for my $alert (@$alert_data) { my $severity = $alert -> {security_vulnerability}{severity} || 'unknown'; + $severity_count{$severity}++ if exists $severity_count{$severity}; - } - - $alert_page++; + } } } - - my $output = ""; $output .= "Severity $_: $severity_count{$_}\n" for keys %severity_count; $output .= "Total DependaBot Alerts: $total_alerts\n"; diff --git a/lib/Sentra/Engine/Maintained.pm b/lib/Sentra/Engine/Maintained.pm index 2e83a52..297cf3a 100644 --- a/lib/Sentra/Engine/Maintained.pm +++ b/lib/Sentra/Engine/Maintained.pm @@ -1,54 +1,37 @@ package Sentra::Engine::Maintained { use strict; use warnings; - use Mojo::UserAgent; - use Mojo::JSON qw(decode_json); + use JSON; use DateTime; use DateTime::Format::ISO8601; + use Sentra::Utils::UserAgent; + use Sentra::Utils::Repositories_List; sub new { my ($class, $org, $token, $per_page) = @_; - my $userAgent = Mojo::UserAgent -> new(); + my $output = ''; + my $userAgent = Sentra::Utils::UserAgent -> new($token); + my @repositories_list = Sentra::Utils::Repositories_List -> new($org, $token); - my $headers = { - 'Authorization' => "Bearer $token", - 'Accept' => 'application/vnd.github+json', - 'X-GitHub-Api-Version' => '2022-11-28' - }; + foreach my $repository (@repositories_list) { + my $get_commits = $userAgent -> get("https://api.github.com/repos/$repository/commits"); - my $output = ''; - my $repo_url = "https://api.github.com/orgs/$org/repos?per_page=$per_page"; - my $repo_tx = $userAgent -> get($repo_url => $headers); - my $res = $repo_tx -> result(); - - if ($res -> is_success) { - my $repos = $res->json; - - for my $repo (@$repos) { - next if $repo -> {archived}; - - my $full_name = "$org/$repo->{name}"; - my $commits_url = "https://api.github.com/repos/$full_name/commits"; - my $commits_tx = $userAgent -> get($commits_url => $headers); - my $commits_res = $commits_tx -> result; - - if ($commits_res && $commits_res->is_success) { - my $commits = $commits_res->json; + if ($get_commits -> code() == 200) { + my $commits = decode_json($get_commits -> content()); - if (@$commits) { - my $last_commit_date_str = $commits->[0]{commit}{committer}{date}; - my $last_commit_date = DateTime::Format::ISO8601 -> parse_datetime($last_commit_date_str); + if (@$commits) { + my $last_commit_date_str = $commits->[0]{commit}{committer}{date}; + my $last_commit_date = DateTime::Format::ISO8601 -> parse_datetime($last_commit_date_str); - if (DateTime -> now -> subtract(days => 90) > $last_commit_date) { - $output .= "The repository https://github.com/$full_name has not been updated for more than 90 days.\n"; - } + if (DateTime -> now -> subtract(days => 90) > $last_commit_date) { + $output .= "The repository https://github.com/$repository has not been updated for more than 90 days.\n"; } - } - } + } + } } - return $output || "No issues found."; + return $output; } } diff --git a/lib/Sentra/Engine/SearchFiles.pm b/lib/Sentra/Engine/SearchFiles.pm index 0603bd0..a9156c5 100644 --- a/lib/Sentra/Engine/SearchFiles.pm +++ b/lib/Sentra/Engine/SearchFiles.pm @@ -1,44 +1,27 @@ package Sentra::Engine::SearchFiles { use strict; use warnings; - use Mojo::UserAgent; - use Mojo::JSON qw(decode_json); + use JSON; + use Sentra::Utils::UserAgent; + use Sentra::Utils::Repositories_List; sub new { my ($class, $org, $token, $per_page) = @_; - my $userAgent = Mojo::UserAgent -> new(); + my $output = ''; + my $userAgent = Sentra::Utils::UserAgent -> new($token); + my @repositories_list = Sentra::Utils::Repositories_List -> new($org, $token); - my $headers = { - 'Authorization' => "Bearer $token", - 'Accept' => 'application/vnd.github+json', - 'X-GitHub-Api-Version' => '2022-11-28' - }; - - my $output = ''; - my $repo_url = "https://api.github.com/orgs/$org/repos?per_page=$per_page"; - my $repo_tx = $userAgent -> get($repo_url => $headers); - - my $res = $repo_tx -> result(); - - if ($res -> is_success) { - my $repos = $res -> json(); - - for my $repo (@$repos) { - next if $repo -> {archived}; - - my $full_name = "$org/$repo->{name}"; - - my $dependabot_url = "https://api.github.com/repos/$full_name/contents/.github/dependabot.yaml"; - my $dependabot_tx = $userAgent -> get($dependabot_url => $headers); + foreach my $repository (@repositories_list) { + my $dependabot_url = "https://api.github.com/repos/$repository/contents/.github/dependabot.yaml"; + my $request = $userAgent -> get($dependabot_url); - if ($dependabot_tx -> result -> code == 404) { - $output .= "The dependabot.yml file was not found in this repository: https://github.com/$full_name\n"; - } - } + if ($request -> code == 404) { + $output .= "The dependabot.yml file was not found in this repository: https://github.com/$repository\n"; + } } - return $output || "No issues found."; + return $output; } } diff --git a/lib/Sentra/Utils/Github.pm b/lib/Sentra/Utils/Github.pm deleted file mode 100644 index d10a473..0000000 --- a/lib/Sentra/Utils/Github.pm +++ /dev/null @@ -1,10 +0,0 @@ -package Sentra::Utils::Github { - use strict; - use warnings; - - sub new { - return 1; - } -} - -1; \ No newline at end of file diff --git a/sentra.pl b/sentra.pl index c8e5d86..350e0a7 100644 --- a/sentra.pl +++ b/sentra.pl @@ -28,9 +28,9 @@ sub main { ); my %dispatch_table = ( - 'metrics' => sub { Sentra::Engine::DependabotMetrics->new($org, $token, $per_page) }, - 'dependency' => sub { Sentra::Engine::SearchFiles->new($org, $token, $per_page) }, - 'maintained' => sub { Sentra::Engine::Maintained->new($org, $token, $per_page) }, + 'metrics' => sub { Sentra::Engine::DependabotMetrics -> new($org, $token, $per_page) }, + 'dependency' => sub { Sentra::Engine::SearchFiles -> new($org, $token, $per_page) }, + 'maintained' => sub { Sentra::Engine::Maintained -> new($org, $token, $per_page) }, ); for my $option (keys %options) {