diff --git a/pyproject.toml b/pyproject.toml index e972c00ce..524f44212 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -212,6 +212,7 @@ ignore_missing_imports = true fail-under = 10.0 suggestion-mode = true # Remove this setting when pylint v4 is released. load-plugins = [ + "pylint.extensions.for_any_all", ] disable = [ "fixme", @@ -230,7 +231,6 @@ disable = [ "too-many-public-methods", "too-many-return-statements", "too-many-statements", - "too-many-try-statements", "duplicate-code", ] diff --git a/src/macaron/slsa_analyzer/build_tool/docker.py b/src/macaron/slsa_analyzer/build_tool/docker.py index be115b1d3..40676d3c0 100644 --- a/src/macaron/slsa_analyzer/build_tool/docker.py +++ b/src/macaron/slsa_analyzer/build_tool/docker.py @@ -44,11 +44,7 @@ def is_detected(self, repo_path: str) -> bool: bool True if this build tool is detected, else False. """ - for file in self.build_configs: - if file_exists(repo_path, file): - return True - - return False + return any(file_exists(repo_path, file) for file in self.build_configs) def prepare_config_files(self, wrapper_path: str, build_dir: str) -> bool: """Make necessary preparations for using this build tool. diff --git a/src/macaron/slsa_analyzer/build_tool/go.py b/src/macaron/slsa_analyzer/build_tool/go.py index ab6fa6009..c1c094e1c 100644 --- a/src/macaron/slsa_analyzer/build_tool/go.py +++ b/src/macaron/slsa_analyzer/build_tool/go.py @@ -44,11 +44,7 @@ def is_detected(self, repo_path: str) -> bool: True if this build tool is detected, else False. """ go_config_files = self.build_configs + self.entry_conf - for file in go_config_files: - if file_exists(repo_path, file): - return True - - return False + return any(file_exists(repo_path, file) for file in go_config_files) def prepare_config_files(self, wrapper_path: str, build_dir: str) -> bool: """Prepare the necessary wrapper files for running the build. diff --git a/src/macaron/slsa_analyzer/build_tool/gradle.py b/src/macaron/slsa_analyzer/build_tool/gradle.py index a99073be0..2cc491934 100644 --- a/src/macaron/slsa_analyzer/build_tool/gradle.py +++ b/src/macaron/slsa_analyzer/build_tool/gradle.py @@ -73,11 +73,7 @@ def is_detected(self, repo_path: str) -> bool: True if this build tool is detected, else False. """ gradle_config_files = self.build_configs + self.entry_conf - for file in gradle_config_files: - if file_exists(repo_path, file): - return True - - return False + return any(file_exists(repo_path, file) for file in gradle_config_files) def prepare_config_files(self, wrapper_path: str, build_dir: str) -> bool: """Prepare the necessary wrapper files for running the build. diff --git a/src/macaron/slsa_analyzer/build_tool/maven.py b/src/macaron/slsa_analyzer/build_tool/maven.py index 7cc50f69c..69323ad9c 100644 --- a/src/macaron/slsa_analyzer/build_tool/maven.py +++ b/src/macaron/slsa_analyzer/build_tool/maven.py @@ -66,11 +66,7 @@ def is_detected(self, repo_path: str) -> bool: ) return False maven_config_files = self.build_configs - for file in maven_config_files: - if file_exists(repo_path, file): - return True - - return False + return any(file_exists(repo_path, file) for file in maven_config_files) def prepare_config_files(self, wrapper_path: str, build_dir: str) -> bool: """Prepare the necessary wrapper files for running the build. diff --git a/src/macaron/slsa_analyzer/build_tool/npm.py b/src/macaron/slsa_analyzer/build_tool/npm.py index e62f90bc2..27c7e2de3 100644 --- a/src/macaron/slsa_analyzer/build_tool/npm.py +++ b/src/macaron/slsa_analyzer/build_tool/npm.py @@ -57,11 +57,7 @@ def is_detected(self, repo_path: str) -> bool: # cases like .npmrc existing but not package-lock.json and whether # they would still count as "detected" npm_config_files = self.build_configs + self.package_lock + self.entry_conf - for file in npm_config_files: - if file_exists(repo_path, file): - return True - - return False + return any(file_exists(repo_path, file) for file in npm_config_files) def prepare_config_files(self, wrapper_path: str, build_dir: str) -> bool: """Prepare the necessary wrapper files for running the build. diff --git a/src/macaron/slsa_analyzer/build_tool/pip.py b/src/macaron/slsa_analyzer/build_tool/pip.py index a926a8b24..da3f980cd 100644 --- a/src/macaron/slsa_analyzer/build_tool/pip.py +++ b/src/macaron/slsa_analyzer/build_tool/pip.py @@ -55,10 +55,7 @@ def is_detected(self, repo_path: str) -> bool: bool True if this build tool is detected, else False. """ - for file in self.build_configs: - if file_exists(repo_path, file): - return True - return False + return any(file_exists(repo_path, file) for file in self.build_configs) def prepare_config_files(self, wrapper_path: str, build_dir: str) -> bool: """Prepare the necessary wrapper files for running the build. diff --git a/src/macaron/slsa_analyzer/build_tool/yarn.py b/src/macaron/slsa_analyzer/build_tool/yarn.py index f9418ccde..2856dc4ee 100644 --- a/src/macaron/slsa_analyzer/build_tool/yarn.py +++ b/src/macaron/slsa_analyzer/build_tool/yarn.py @@ -55,11 +55,7 @@ def is_detected(self, repo_path: str) -> bool: # cases like .yarnrc existing but not package-lock.json and whether # they would still count as "detected" yarn_config_files = self.build_configs + self.package_lock + self.entry_conf - for file in yarn_config_files: - if file_exists(repo_path, file): - return True - - return False + return any(file_exists(repo_path, file) for file in yarn_config_files) def prepare_config_files(self, wrapper_path: str, build_dir: str) -> bool: """Prepare the necessary wrapper files for running the build. diff --git a/src/macaron/slsa_analyzer/package_registry/jfrog_maven_registry.py b/src/macaron/slsa_analyzer/package_registry/jfrog_maven_registry.py index 1c78d4409..62ae09c06 100644 --- a/src/macaron/slsa_analyzer/package_registry/jfrog_maven_registry.py +++ b/src/macaron/slsa_analyzer/package_registry/jfrog_maven_registry.py @@ -194,10 +194,7 @@ def is_detected(self, build_tool: BaseBuildTool) -> bool: if not self.enabled: return False compatible_build_tool_classes = [Maven, Gradle] - for build_tool_class in compatible_build_tool_classes: - if isinstance(build_tool, build_tool_class): - return True - return False + return any(isinstance(build_tool, build_tool_class) for build_tool_class in compatible_build_tool_classes) def construct_maven_repository_path( self, diff --git a/src/macaron/slsa_analyzer/package_registry/maven_central_registry.py b/src/macaron/slsa_analyzer/package_registry/maven_central_registry.py index 3b3040d50..d9ef77d1a 100644 --- a/src/macaron/slsa_analyzer/package_registry/maven_central_registry.py +++ b/src/macaron/slsa_analyzer/package_registry/maven_central_registry.py @@ -1,4 +1,4 @@ -# Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2023 - 2024, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. """The module provides abstractions for the Maven Central package registry.""" @@ -100,10 +100,7 @@ def is_detected(self, build_tool: BaseBuildTool) -> bool: based on the given build tool. """ compatible_build_tool_classes = [Maven, Gradle] - for build_tool_class in compatible_build_tool_classes: - if isinstance(build_tool, build_tool_class): - return True - return False + return any(isinstance(build_tool, build_tool_class) for build_tool_class in compatible_build_tool_classes) def find_publish_timestamp(self, group_id: str, artifact_id: str, version: str | None = None) -> datetime: """Make a search request to Maven Central to find the publishing timestamp of an artifact. diff --git a/src/macaron/slsa_analyzer/package_registry/npm_registry.py b/src/macaron/slsa_analyzer/package_registry/npm_registry.py index cd435871f..d4c97d143 100644 --- a/src/macaron/slsa_analyzer/package_registry/npm_registry.py +++ b/src/macaron/slsa_analyzer/package_registry/npm_registry.py @@ -121,10 +121,7 @@ def is_detected(self, build_tool: BaseBuildTool) -> bool: logger.debug("Support for the npm registry is disabled.") return False compatible_build_tool_classes = [NPM, Yarn] - for build_tool_class in compatible_build_tool_classes: - if isinstance(build_tool, build_tool_class): - return True - return False + return any(isinstance(build_tool, build_tool_class) for build_tool_class in compatible_build_tool_classes) def download_attestation_payload(self, url: str, download_path: str) -> bool: """Download the npm attestation from npm registry. diff --git a/src/macaron/slsa_analyzer/package_registry/pypi_registry.py b/src/macaron/slsa_analyzer/package_registry/pypi_registry.py index deffc50bf..dd52e6394 100644 --- a/src/macaron/slsa_analyzer/package_registry/pypi_registry.py +++ b/src/macaron/slsa_analyzer/package_registry/pypi_registry.py @@ -130,10 +130,7 @@ def is_detected(self, build_tool: BaseBuildTool) -> bool: based on the given build tool. """ compatible_build_tool_classes = [Pip, Poetry] - for build_tool_class in compatible_build_tool_classes: - if isinstance(build_tool, build_tool_class): - return True - return False + return any(isinstance(build_tool, build_tool_class) for build_tool_class in compatible_build_tool_classes) def download_package_json(self, url: str) -> dict: """Download the package JSON metadata from pypi registry. diff --git a/src/macaron/slsa_analyzer/provenance/intoto/v01/__init__.py b/src/macaron/slsa_analyzer/provenance/intoto/v01/__init__.py index 94f8b6f78..bee069028 100644 --- a/src/macaron/slsa_analyzer/provenance/intoto/v01/__init__.py +++ b/src/macaron/slsa_analyzer/provenance/intoto/v01/__init__.py @@ -161,7 +161,4 @@ def is_valid_digest_set(digest: dict[str, JsonType]) -> TypeGuard[dict[str, str] ``True`` if the digest set is valid according to the spec, in which case its type is narrowed to a ``dict[str, str]``; ``False`` otherwise. """ - for key in digest: - if not isinstance(digest[key], str): - return False - return True + return all(isinstance(digest[key], str) for key in digest) diff --git a/src/macaron/slsa_analyzer/provenance/intoto/v1/__init__.py b/src/macaron/slsa_analyzer/provenance/intoto/v1/__init__.py index a428c712b..2854b91e2 100644 --- a/src/macaron/slsa_analyzer/provenance/intoto/v1/__init__.py +++ b/src/macaron/slsa_analyzer/provenance/intoto/v1/__init__.py @@ -164,10 +164,7 @@ def is_valid_digest_set(digest: JsonType) -> bool: """ if not isinstance(digest, dict): return False - for key in digest: - if not isinstance(digest[key], str): - return False - return True + return all(isinstance(digest[key], str) for key in digest) def _validate_property( diff --git a/src/macaron/slsa_analyzer/registry.py b/src/macaron/slsa_analyzer/registry.py index ec4e4adc4..065273b0b 100644 --- a/src/macaron/slsa_analyzer/registry.py +++ b/src/macaron/slsa_analyzer/registry.py @@ -216,11 +216,7 @@ def _validate_eval_reqs(eval_reqs: list[Any]) -> bool: bool True if all evaluated requirements are valid, else False. """ - for req in eval_reqs: - if not isinstance(req, ReqName): - return False - - return True + return all(isinstance(req, ReqName) for req in eval_reqs) @staticmethod def _validate_check_id_format(check_id: Any) -> bool: