Add SSVC python module (#342)

* add new json schemas for decision points and dp groups * add ssvc module to represent existing decision points and groups for SSVC v1, v2, v2.1 * add decision point group schema validation test * add doc for csv analyzer * Update Decision_Point.schema.json change ID url to https://github.com/CERTCC/SSVC/tree/main/data/schema/... * Update Decision_Point_Group.schema.json change id url to https://github.com/CERTCC/SSVC/tree/main/data/schema/... --------- Co-authored-by: Vijay Sarvepalli <[email protected]>
CERTCC · Oct 16, 2023 · c853ebf · c853ebf
1 parent f45e651
commit c853ebf
Show file tree

Hide file tree

Showing 41 changed files with 2,202 additions and 6 deletions.
diff --git a/docs/reference/code/analyze_csv.md b/docs/reference/code/analyze_csv.md
@@ -1,2 +1,4 @@
-::: analyze_csv
+# SSVC CSV Analyzer
+
+::: ssvc.csv_analyzer
 
diff --git a/requirements.txt b/requirements.txt
@@ -7,5 +7,7 @@ mkdocs-material-extensions
 mkdocstrings
 mkdocstrings-python
 mkdocs-print-site-plugin
-pandas~=2.1.1
-scikit-learn~=1.3.1
+dataclasses-json
+pandas
+scikit-learn
+jsonschema
diff --git a/src/pyproject.toml b/src/pyproject.toml
@@ -0,0 +1,70 @@
+[build-system]
+# SetupTools
+requires = ["setuptools>66", "setuptools-scm"]
+build-backend = "setuptools.build_meta"
+# Flit
+#requires = ["flit_core >=3.2,<4"]
+#build-backend = "flit_core.buildapi"
+# Hatchling
+#requires = ["hatchling"]
+#build-backend = "hatchling.build"
+# PDM-Backend
+#requires = ["pdm-backend"]
+#build-backend = "pdm.backend"
+
+[project]
+name = "ssvc"
+authors = [
+    { name = "Allen D. Householder", email="[email protected]" },
+    { name = "Vijay Sarvepalli", email="[email protected]"}
+]
+description = "Tools for working with a Stakeholder Specific Vulnerability Categorization (SSVC)"
+readme = {file="README.md", content-type="text/markdown"}
+requires-python = ">=3.8"
+keywords =["ssvc","vulnerability management","vulnerability management"]
+license = {file="LICENSE.md"}
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Topic :: Security",
+    "Topic :: Software Development :: Libraries :: Python Modules",
+]
+dependencies = [
+    "mkdocs","mkdocs-material","mkdocs-material-extensions","mkdocstrings","mkdocstrings-python",
+    "mkdocs-include-markdown-plugin", "pandas","scipy", "dataclasses-json", "jsonschema"
+]
+dynamic = ["version",]
+
+[project.scripts]
+ssvc_csv_analyzer="ssvc.csv_analyzer:main"
+
+[project.urls]
+"Homepage" = "https://certcc.github.io/SSVC"
+"Project" = "https://github.com/CERTCC/SSVC"
+"Bug Tracker" = "https://github.com/CERTCC/SSVC/issues"
+
+[tool.setuptools.packages.find]
+where = ["."]  # list of folders that contain the packages (["."] by default)
+include = ["ssvc*"]  # package names should match these glob patterns (["*"] by default)
+exclude = ["test*"]  # exclude packages matching these glob patterns (empty by default)
+#namespaces = false  # to disable scanning PEP 420 namespaces (true by default)
+
+[tool.setuptools_scm]
+version_file = "ssvc/_version.py"
+root = ".."
+relative_to = "pyproject.toml"
+
+
+#[tools.setuptools.dynamic]
+
+[tool.black]
+line-length = 79
+target-version = ['py38', 'py39', 'py310', 'py311']
+
+[tool.pytest.ini_options]
+minversion = "6.0"
+addopts = "-ra -q"
+testpaths = [
+    "test",
+]
diff --git a/src/ssvc/__init__.py b/src/ssvc/__init__.py
@@ -0,0 +1,14 @@
+#!/usr/bin/env python
+'''
+file: __init__.py
+author: adh
+created_at: 9/20/23 10:36 AM
+'''
+
+
+def main():
+    pass
+
+
+if __name__ == '__main__':
+    main()
diff --git a/src/ssvc/_mixins.py b/src/ssvc/_mixins.py
@@ -0,0 +1,66 @@
+#!/usr/bin/env python
+"""
+file: _basics
+author: adh
+created_at: 9/20/23 4:51 PM
+"""
+from dataclasses import dataclass, field
+from typing import Optional
+
+from dataclasses_json import config, dataclass_json
+
+
+@dataclass_json
+@dataclass(kw_only=True)
+class _Versioned:
+    """
+    Mixin class for versioned SSVC objects.
+    """
+
+    version: str = "0.0.0"
+
+
+@dataclass_json
+@dataclass(kw_only=True)
+class _Namespaced:
+    """
+    Mixin class for namespaced SSVC objects.
+    """
+
+    namespace: str = "ssvc"
+
+
+@dataclass_json
+@dataclass(kw_only=True)
+class _Keyed:
+    """
+    Mixin class for keyed SSVC objects.
+    """
+
+    key: str
+
+
+def exclude_if_none(value):
+    return value is None
+
+
+@dataclass_json
+@dataclass(kw_only=True)
+class _Base:
+    """
+    Base class for SSVC objects.
+    """
+
+    name: str
+    description: str
+    _comment: Optional[str] = field(
+        default=None, metadata=config(exclude=exclude_if_none)
+    )
+
+
+def main():
+    pass
+
+
+if __name__ == "__main__":
+    main()
diff --git a/src/ssvc/_version.py b/src/ssvc/_version.py
@@ -0,0 +1,16 @@
+# file generated by setuptools_scm
+# don't change, don't track in version control
+TYPE_CHECKING = False
+if TYPE_CHECKING:
+    from typing import Tuple, Union
+    VERSION_TUPLE = Tuple[Union[int, str], ...]
+else:
+    VERSION_TUPLE = object
+
+version: str
+__version__: str
+__version_tuple__: VERSION_TUPLE
+version_tuple: VERSION_TUPLE
+
+__version__ = version = '2.1.2.dev56+g4e67e02.d20231010'
+__version_tuple__ = version_tuple = (2, 1, 2, 'dev56', 'g4e67e02.d20231010')