RubyGems - fastlane-plugin-seclane - Versions diffs - 1.0.0 - Mend

fastlane-plugin-seclane 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +7 -0
data/lib/fastlane/plugin/seclane/actions/seclane_scan_action.rb +201 -0
data/lib/fastlane/plugin/seclane/version.rb +5 -0
data/lib/fastlane/plugin/seclane.rb +13 -0
metadata +115 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 784dd68429a97b3d8e10a7a2641850c3061d9fd15c5519f2f8b284f3cd6c3911
+  data.tar.gz: 16e2bf24282d861bf7b68453a41223d493aaff3098affdd9bcc06fa1cee4adff
+SHA512:
+  metadata.gz: 4e27c5fd15088c5fab4159eb4da6bab220dd67129ce2fbace7e7070ab315d89e59b65590c45709a2963c2951f4f1bbbde926e872df3d5c50455821294bbac54e
+  data.tar.gz: 63c04aff74bdd23d9291c346f1574339420798f61e0b6b0d2e25ccb779d5fdf8bd9e4f21128a75bfe94036541310764ebd9e5f00aa7334a086a9903935dee4ff

data/lib/fastlane/plugin/seclane/actions/seclane_scan_action.rb ADDED Viewed

@@ -0,0 +1,201 @@
+require "seclane"
+module Fastlane
+  module Actions
+    class SeclaneScanAction < Action
+      def self.run(params)
+        config = ::Seclane::Configuration.new(
+          platform: params[:platform],
+          scan_mode: params[:scan_mode],
+          base_branch: params[:base_branch],
+          severity_threshold: params[:severity_threshold],
+          fail_on_severity: params[:fail_on_severity],
+          fail_on_count: params[:fail_on_count],
+          custom_patterns: params[:custom_patterns],
+          exclude_patterns: params[:exclude_patterns],
+          disabled_rules: params[:disabled_rules],
+          disabled_categories: params[:disabled_categories],
+          output_format: params[:output_format],
+          config_file: params[:config_file]
+        )
+        scanner = ::Seclane::Scanner.new(config)
+        scanner.run
+        report = scanner.report
+        UI.message(report)
+        findings = scanner.filtered_findings
+        Actions.lane_context[SharedValues::SECLANE_FINDINGS_COUNT] = findings.length
+        Actions.lane_context[SharedValues::SECLANE_REPORT] = report
+        if scanner.failed?
+          UI.user_error!("Seclane found #{findings.length} secret(s) meeting the failure threshold")
+        end
+        findings.length
+      end
+      def self.description
+        "Scans Android and iOS app codebases for secrets and tokens"
+      end
+      def self.authors
+        ["Seclane by Cluelane"]
+      end
+      def self.return_value
+        "The number of findings that met the severity threshold"
+      end
+      def self.details
+        "Uses git diff to detect changed files and scans them for hardcoded secrets, API keys, tokens, private keys, and other sensitive data. Supports Android and iOS specific patterns."
+      end
+      def self.available_options
+        [
+          FastlaneCore::ConfigItem.new(
+            key: :platform,
+            env_name: "SECLANE_PLATFORM",
+            description: "Target platform: 'android', 'ios', 'flutter', 'react_native'",
+            optional: false,
+            type: String,
+            verify_block: proc do |value|
+              unless %w[android ios flutter react_native].include?(value)
+                UI.user_error!("Invalid platform: #{value}. Must be 'android', 'ios', 'flutter', or 'react_native'")
+              end
+            end
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :scan_mode,
+            env_name: "SECLANE_SCAN_MODE",
+            description: "Scan mode: 'diff' for changed files only, 'full' for all files",
+            default_value: "diff",
+            optional: true,
+            type: String,
+            verify_block: proc do |value|
+              unless %w[diff full].include?(value)
+                UI.user_error!("Invalid scan_mode: #{value}. Must be 'diff' or 'full'")
+              end
+            end
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :base_branch,
+            env_name: "SECLANE_BASE_BRANCH",
+            description: "Branch to diff against when using diff scan mode",
+            default_value: "main",
+            optional: true,
+            type: String
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :severity_threshold,
+            env_name: "SECLANE_SEVERITY_THRESHOLD",
+            description: "Minimum severity to report: 'low', 'medium', 'high'",
+            default_value: "low",
+            optional: true,
+            type: String,
+            verify_block: proc do |value|
+              unless %w[low medium high].include?(value)
+                UI.user_error!("Invalid severity_threshold: #{value}")
+              end
+            end
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :fail_on_severity,
+            env_name: "SECLANE_FAIL_ON_SEVERITY",
+            description: "Fail the lane at this severity: 'low', 'medium', 'high', 'none'",
+            default_value: "high",
+            optional: true,
+            type: String,
+            verify_block: proc do |value|
+              unless %w[low medium high none].include?(value)
+                UI.user_error!("Invalid fail_on_severity: #{value}")
+              end
+            end
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :fail_on_count,
+            env_name: "SECLANE_FAIL_ON_COUNT",
+            description: "Number of findings at fail severity needed to fail the lane (default: 1)",
+            default_value: 1,
+            optional: true,
+            type: Integer
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :custom_patterns,
+            env_name: "SECLANE_CUSTOM_PATTERNS",
+            description: "Additional regex patterns to scan for",
+            default_value: [],
+            optional: true,
+            type: Array
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :exclude_patterns,
+            env_name: "SECLANE_EXCLUDE_PATTERNS",
+            description: "File glob patterns to ignore",
+            default_value: [],
+            optional: true,
+            type: Array
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :output_format,
+            env_name: "SECLANE_OUTPUT_FORMAT",
+            description: "Output format: 'text', 'json', 'junit', 'markdown'",
+            default_value: "text",
+            optional: true,
+            type: String,
+            verify_block: proc do |value|
+              unless %w[text json junit markdown sonarqube].include?(value)
+                UI.user_error!("Invalid output_format: #{value}")
+              end
+            end
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :disabled_rules,
+            env_name: "SECLANE_DISABLED_RULES",
+            description: "List of rule names to disable",
+            default_value: [],
+            optional: true,
+            type: Array
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :disabled_categories,
+            env_name: "SECLANE_DISABLED_CATEGORIES",
+            description: "List of rule categories to disable (e.g., 'ai_provider', 'saas_tokens')",
+            default_value: [],
+            optional: true,
+            type: Array
+          ),
+          FastlaneCore::ConfigItem.new(
+            key: :config_file,
+            env_name: "SECLANE_CONFIG_FILE",
+            description: "Path to .seclane.yml config file",
+            default_value: ".seclane.yml",
+            optional: true,
+            type: String
+          )
+        ]
+      end
+      def self.is_supported?(platform)
+        [:ios, :android].include?(platform)
+      end
+      def self.category
+        :testing
+      end
+      def self.output
+        [
+          ["SECLANE_FINDINGS_COUNT", "Number of findings that met the severity threshold"],
+          ["SECLANE_REPORT", "The full scan report text"]
+        ]
+      end
+    end
+    module SharedValues
+      SECLANE_FINDINGS_COUNT = :SECLANE_FINDINGS_COUNT
+      SECLANE_REPORT = :SECLANE_REPORT
+    end
+  end
+end

data/lib/fastlane/plugin/seclane/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Fastlane
+  module Seclane
+    VERSION = "1.0.0"
+  end
+end

data/lib/fastlane/plugin/seclane.rb ADDED Viewed

@@ -0,0 +1,13 @@
+require "fastlane/plugin/seclane/version"
+module Fastlane
+  module Seclane
+    def self.all_classes
+      Dir[File.expand_path("**/{actions,helper}/*.rb", File.dirname(__FILE__))]
+    end
+  end
+end
+Fastlane::Seclane.all_classes.each do |current|
+  require current
+end

metadata ADDED Viewed

@@ -0,0 +1,115 @@
+--- !ruby/object:Gem::Specification
+name: fastlane-plugin-seclane
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Seclane by Cluelane
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2026-03-29 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: seclane-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.12'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: fastlane
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description:
+email:
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/fastlane/plugin/seclane.rb
+- lib/fastlane/plugin/seclane/actions/seclane_scan_action.rb
+- lib/fastlane/plugin/seclane/version.rb
+homepage: https://github.com/tsvetilian-ty/seclane
+licenses:
+- AGPL-3.0
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.7.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.19
+signing_key:
+specification_version: 4
+summary: Fastlane plugin to scan Android and iOS apps for secrets and tokens
+test_files: []