feat: 爬取漏洞依赖并对版本信息格式进行转换

crawler/transfer.py

@@ -0,0 +1,48 @@
+"""转换原有的漏洞文件格式"""
+
+import re
+from packaging.specifiers import SpecifierSet
+
+
+def load_vulnerable_packages(filename):
+    """从文件加载有漏洞的包信息"""
+    with open(filename, "r", encoding="utf-8") as file:
+        content = file.read()
+    vulnerabilities = {}
+    blocks = content.split("--------------------------------------------------")
+    range_pattern = re.compile(r"\[(.*?),\s*(.*?)\)")
+
+    for block in blocks:
+        name_match = re.search(r"Package Name: (.+)", block)
+        if name_match:
+            package_name = name_match.group(1).strip()
+            ranges = range_pattern.findall(block)
+            specifier_list = []
+            for start, end in ranges:
+                if start and end:
+                    specifier_list.append(f">={start},<{end}")
+                elif start:
+                    specifier_list.append(f">={start}")
+                elif end:
+                    specifier_list.append(f"<{end}")
+            if specifier_list:
+                vulnerabilities[package_name] = SpecifierSet(",".join(specifier_list))
+    return vulnerabilities
+
+
+def save_vulnerabilities_to_file(vuln_packages, filename):
+    """将漏洞信息写入到文件中"""
+    with open(filename, "w", encoding="utf-8") as file:
+        for package, specifiers in vuln_packages.items():
+            file.write(f"Package Name: {package}\n")
+            file.write(f"Version Ranges: {specifiers}\n")
+            file.write("-" * 50 + "\n")
+
+
+def main():
+    vulnerabilities = load_vulnerable_packages("extracted_data.txt")
+    save_vulnerabilities_to_file(vulnerabilities, "trans_extracted_data.txt")
+
+
+if __name__ == "__main__":
+    main()