Refactor VulnerabilitySource to be in shared directory access

Author: ArBridgeman

exasol/toolbox/security/__init__.py

@@ -6,6 +6,7 @@
     asdict,
     dataclass,
 )
+from enum import Enum
 
 import typer
 
@@ -78,3 +79,29 @@ def json_str(self) -> str:
         """Converts to a string-encoded JSON"""
         issue_json = asdict(self)
         return json.dumps(issue_json)
+
+
+class VulnerabilitySource(str, Enum):
+    CVE = "CVE"
+    CWE = "CWE"
+    GHSA = "GHSA"
+    PYSEC = "PYSEC"
+
+    @classmethod
+    def from_prefix(cls, name: str) -> VulnerabilitySource | None:
+        for el in cls:
+            if name.upper().startswith(el.value):
+                return el
+        return None
+
+    def get_link(self, package: str, vuln_id: str) -> str:
+        if self == VulnerabilitySource.CWE:
+            cwe_id = vuln_id.upper().replace(f"{VulnerabilitySource.CWE.value}-", "")
+            return f"https://cwe.mitre.org/data/definitions/{cwe_id}.html"
+
+        map_link = {
+            VulnerabilitySource.CVE: "https://nvd.nist.gov/vuln/detail/{vuln_id}",
+            VulnerabilitySource.GHSA: "https://github.com/advisories/{vuln_id}",
+            VulnerabilitySource.PYSEC: "https://github.com/pypa/advisory-database/blob/main/vulns/{package}/{vuln_id}.yaml",
+        }
+        return map_link[self].format(package=package, vuln_id=vuln_id)

exasol/toolbox/tools/security.py

@@ -21,6 +21,7 @@
 from exasol.toolbox.security import (
     GitHubVulnerabilityIssue,
     VulnerabilityIssue,
+    VulnerabilitySource,
 )
 
 stdout = print
@@ -81,32 +82,6 @@ def from_maven(report: str) -> Iterable[VulnerabilityIssue]:
             )
 
 
-class VulnerabilitySource(str, Enum):
-    CVE = "CVE"
-    CWE = "CWE"
-    GHSA = "GHSA"
-    PYSEC = "PYSEC"
-
-    @classmethod
-    def from_prefix(cls, name: str) -> VulnerabilitySource | None:
-        for el in cls:
-            if name.upper().startswith(el.value):
-                return el
-        return None
-
-    def get_link(self, package: str, vuln_id: str) -> str:
-        if self == VulnerabilitySource.CWE:
-            cwe_id = vuln_id.upper().replace(f"{VulnerabilitySource.CWE.value}-", "")
-            return f"https://cwe.mitre.org/data/definitions/{cwe_id}.html"
-
-        map_link = {
-            VulnerabilitySource.CVE: "https://nvd.nist.gov/vuln/detail/{vuln_id}",
-            VulnerabilitySource.GHSA: "https://github.com/advisories/{vuln_id}",
-            VulnerabilitySource.PYSEC: "https://github.com/pypa/advisory-database/blob/main/vulns/{package}/{vuln_id}.yaml",
-        }
-        return map_link[self].format(package=package, vuln_id=vuln_id)
-
-
 def identify_pypi_references(
     references: list[str], package_name: str
 ) -> tuple[list[str], list[str], list[str]]:

test/unit/security_test.py

@@ -8,7 +8,10 @@
 
 import pytest
 
-from exasol.toolbox.security import GitHubVulnerabilityIssue
+from exasol.toolbox.security import (
+    GitHubVulnerabilityIssue,
+    VulnerabilitySource,
+)
 from exasol.toolbox.tools import security
 
 
@@ -493,14 +496,14 @@ def test_from_json(json_file, expected):
     [
         pytest.param("DUMMY", None, id="without_a_matching_prefix_returns_none"),
         pytest.param(
-            f"{security.VulnerabilitySource.CWE.value.lower()}-1234",
-            security.VulnerabilitySource.CWE,
+            f"{VulnerabilitySource.CWE.value.lower()}-1234",
+            VulnerabilitySource.CWE,
             id="with_matching_prefix_returns_vulnerability_source",
         ),
     ],
 )
 def test_from_prefix(prefix: str, expected):
-    assert security.VulnerabilitySource.from_prefix(prefix) == expected
+    assert VulnerabilitySource.from_prefix(prefix) == expected
 
 
 @pytest.mark.parametrize(