From e102d46b42f8aca6bd435d08f7be315544ff0edb Mon Sep 17 00:00:00 2001
From: Joydeep Tripathy <bntripathy123@gmail.com>
Date: Tue, 27 Feb 2024 19:42:26 +0530
Subject: [PATCH 1/4] feat: checker-experiment

---
 experiments/checker-experiment.py | 74 +++++++++++++++++++++++++++++++
 1 file changed, 74 insertions(+)
 create mode 100644 experiments/checker-experiment.py

diff --git a/experiments/checker-experiment.py b/experiments/checker-experiment.py
new file mode 100644
index 0000000000..9dd6b284a5
--- /dev/null
+++ b/experiments/checker-experiment.py
@@ -0,0 +1,74 @@
+"""
+This experiment is an extension of the CI-Pre-Checker github action.(https://github.com/intel/cve-bin-tool/pull/3840)
+
+This script aims to print any and all the checkers which have {product,version} pairs in their VENDOR_PRODUCT which do NOT have any associated,reported CVEs
+After this experiment is done and all the pre-existing checkers are taken care of , we can proceed to add the CI-Pre-checker github action for any newly added/updated checkers.
+
+-- Joydeep Tripathy (crazytrain328)
+"""
+
+import ast
+import os
+import sqlite3
+import sys
+from pathlib import Path
+
+OLD_CACHE_DIR = Path("~").expanduser() / ".cache" / "cve-bin-tool" / "cve.db"
+
+
+def extract_vendor_product(file_path):
+    """Extract {vendor,product} pairs from given checker file"""
+    vendor_product = None
+    with open(file_path) as file:
+        inside_vendor_product = False
+        vendor_product_str = ""
+        for line in file:
+            if "VENDOR_PRODUCT" in line:
+                inside_vendor_product = True
+            if inside_vendor_product:
+                vendor_product_str += line.strip()
+                if line.strip().endswith("]"):
+                    break
+        if vendor_product_str:
+            vendor_product = ast.literal_eval(vendor_product_str.split("=")[1].strip())
+    return vendor_product
+
+
+def query_database(file_path):
+    """Query the database and check whether all the {vendor,product} pairs have associated CVEs"""
+    vendor_product = extract_vendor_product(file_path)
+    dbcon = sqlite3.connect(OLD_CACHE_DIR)
+    cursor = dbcon.cursor()
+    for vendor, product in vendor_product:
+        cursor.execute(
+            "SELECT count(*) FROM cve_range WHERE vendor = ? AND product = ?",
+            (vendor, product),
+        )
+        result = cursor.fetchall()
+        # Failing
+        if result[0] == 0:
+            return False
+    # Success
+    return True
+
+
+directory = "/home/joydeep/dev/cve-bin-tool/cve_bin_tool/checkers"
+value = None
+# Iterate through the files in the directory
+for filename in os.listdir(directory):
+    # Check if the file is a Python file and not __init__.py
+    if filename.endswith(".py") and filename != "__init__.py":
+        file_path = os.path.join(directory, filename)
+        value = query_database(file_path)
+        if value is False:
+            print("WARNING::")
+            sys.exit(1)
+        print(f"For {filename}: {value}")
+
+
+"""
+
+Result: All the pre-existing checkers are in the clear.
+We can go ahead and add the github action.
+
+"""

From f3fb0220417b3b375f076e97df9fe986a75f4f92 Mon Sep 17 00:00:00 2001
From: Joydeep Tripathy <bntripathy123@gmail.com>
Date: Tue, 27 Feb 2024 21:29:52 +0530
Subject: [PATCH 2/4] fix: empty commit

Signed-off-by: Joydeep Tripathy <bntripathy123@gmail.com>

From 944294cd5df8e8641b58d2f72670940fd8225785 Mon Sep 17 00:00:00 2001
From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com>
Date: Fri, 9 Aug 2024 09:01:26 +0530
Subject: [PATCH 3/4] feat: added spdx header

---
 experiments/checker-experiment.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/experiments/checker-experiment.py b/experiments/checker-experiment.py
index 9dd6b284a5..cb719778e1 100644
--- a/experiments/checker-experiment.py
+++ b/experiments/checker-experiment.py
@@ -1,3 +1,6 @@
+# Copyright (C) 2024 Intel Corporation
+# SPDX-License-Identifier: GPL-3.0-or-later
+
 """
 This experiment is an extension of the CI-Pre-Checker github action.(https://github.com/intel/cve-bin-tool/pull/3840)
 

From dd916b1ea5590794d4809504bdd8b35db4c76c2a Mon Sep 17 00:00:00 2001
From: Joydeep Tripathy <113792434+joydeep049@users.noreply.github.com>
Date: Fri, 9 Aug 2024 09:06:44 +0530
Subject: [PATCH 4/4] feat: minor changes

---
 experiments/checker-experiment.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/experiments/checker-experiment.py b/experiments/checker-experiment.py
index cb719778e1..da2d9f96b6 100644
--- a/experiments/checker-experiment.py
+++ b/experiments/checker-experiment.py
@@ -7,7 +7,7 @@
 This script aims to print any and all the checkers which have {product,version} pairs in their VENDOR_PRODUCT which do NOT have any associated,reported CVEs
 After this experiment is done and all the pre-existing checkers are taken care of , we can proceed to add the CI-Pre-checker github action for any newly added/updated checkers.
 
--- Joydeep Tripathy (crazytrain328)
+-- Joydeep Tripathy (www.github.com/joydeep049)
 """
 
 import ast