sastbox_sdk 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. checksums.yaml +4 -4
  2. data/lib/sastbox-sdk/codebase.rb +1 -2
  3. data/lib/sastbox-sdk/cwe_detector.rb +4 -6
  4. data/lib/sastbox-sdk/opt_parser.rb +6 -6
  5. data/lib/sastbox-sdk/printer.rb +1 -3
  6. data/lib/sastbox-sdk/reporter_sarif.rb +1 -2
  7. data/lib/sastbox-sdk/runner.rb +0 -1
  8. data/lib/sastbox-sdk/scanner.rb +5 -5
  9. data/lib/sastbox-sdk/severity_calculator.rb +0 -3
  10. data/lib/sastbox-sdk/snippet.rb +3 -3
  11. data/spec/sastbox-sdk/codebase_spec.rb +0 -1
  12. data/spec/sastbox-sdk/cwe_constants_spec.rb +0 -1
  13. data/spec/sastbox-sdk/cwe_detector_spec.rb +0 -3
  14. data/spec/sastbox-sdk/opt_parser_spec.rb +1 -2
  15. data/spec/sastbox-sdk/printer_spec.rb +0 -1
  16. data/spec/sastbox-sdk/reporter_sarif_spec.rb +2 -2
  17. data/spec/sastbox-sdk/runner_spec.rb +4 -5
  18. data/spec/sastbox-sdk/scanner_spec.rb +5 -6
  19. data/spec/sastbox-sdk/severity_calculator_spec.rb +0 -3
  20. data/spec/sastbox-sdk/snippet_spec.rb +0 -1
  21. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ddf6f6375ffde727e1310426ca801d8fb67d8c8a8634aa4dfb8ebc268ade62f9
4
- data.tar.gz: b91edb2c2a34a21fbcb3f4c9e901461e62ac02560104648b4a6a1506acc1f388
3
+ metadata.gz: 31a2030f6f51249e601df53f4e9b09514a549324d5800dedcf2016c76b722be2
4
+ data.tar.gz: 9c77ed8009aa8ff038e8488f999c57f6eca33209bc7d0a0d32222911fb7c5794
5
5
  SHA512:
6
- metadata.gz: 1b2642177f4c220b352e9b33a3dac538cbf871951af30daac80189a80438a1bccb8610910b4720c2c230aaea382c35a4844a544698876cabbabbae376f50a0a3
7
- data.tar.gz: 89e2f12d5b3d426e420f766695532fbca38c0212594adffa2e0c9525f7a1b475ac2a60727eaebfa4b88a904b7849682da1be36f1f37d49b52988167fbfe661af
6
+ metadata.gz: b8e92397c85e2c3a28c612f70d4b5ac781db1515d350440c51cad8091df3138b6f6e3f8d2dd2ede69ab2a06c0938bb80b304bf4a7cb7f32e591b870f1904811a
7
+ data.tar.gz: 95290fd086c41cc1365cdf2b7705c68703ae237a88a1d40b59b6ae76da23e9463db8833a96502c4693658e6226804dd87e4f7a13c2483d6cf412fcb231a1a1be
data/lib/sastbox-sdk/codebase.rb CHANGED
@@ -1,5 +1,4 @@
1
1
  module SastBox
2
2
  module Codebase
3
-
4
3
  end
5
- end
4
+ end
data/lib/sastbox-sdk/cwe_detector.rb CHANGED
@@ -2,7 +2,6 @@ require 'set'
2
2
 
3
3
  module SastBox
4
4
  module Cwe
5
-
6
5
  def cwe_found?(issue, patterns, cwe)
7
6
  patterns.each do |pattern|
8
7
  @alternative_titles.each do |title|
@@ -12,7 +11,7 @@ module SastBox
12
11
  end
13
12
  end
14
13
  end
15
- return false
14
+ false
16
15
  end
17
16
 
18
17
  def detected_sql_injection?(issue)
@@ -185,8 +184,8 @@ module SastBox
185
184
 
186
185
  @alternative_titles << @alternative_titles.first.split('_').join(' ')
187
186
  @alternative_titles << @alternative_titles.first.split('-').join(' ')
188
- @alternative_titles << @alternative_titles.first.gsub("hard coded", "hard-coded")
189
- @alternative_titles << @alternative_titles.first.gsub("hardcoded", "hard-coded")
187
+ @alternative_titles << @alternative_titles.first.gsub('hard coded', 'hard-coded')
188
+ @alternative_titles << @alternative_titles.first.gsub('hardcoded', 'hard-coded')
190
189
  @alternative_titles
191
190
  end
192
191
 
@@ -197,6 +196,5 @@ module SastBox
197
196
  cwe_start_heuristics(issue)
198
197
  end
199
198
  end
200
-
201
199
  end
202
- end
200
+ end
data/lib/sastbox-sdk/opt_parser.rb CHANGED
@@ -5,12 +5,12 @@ module SastBox
5
5
  module OptParser
6
6
  def parse_opts(args)
7
7
  @opts = OpenStruct.new
8
- @opts.verbose = false
9
- @opts.info = false
10
- @opts.color = true
11
- @opts.diff_hashes = []
12
- @opts.diff_quick = false
13
- @opts.timeout = 200 * 60
8
+ @opts.verbose = false
9
+ @opts.info = false
10
+ @opts.color = true
11
+ @opts.diff_hashes = []
12
+ @opts.diff_quick = false
13
+ @opts.timeout = 200 * 60
14
14
 
15
15
  opt_parser = OptionParser.new do |opts|
16
16
  opts.on('-c', '--codebase=CODEBASE', 'Codebase to be scanned') do |codebase|
data/lib/sastbox-sdk/printer.rb CHANGED
@@ -3,7 +3,6 @@ require 'date'
3
3
 
4
4
  module SastBox
5
5
  module Printer
6
-
7
6
  def enable_color(flag = true)
8
7
  @color = flag
9
8
  end
@@ -80,6 +79,5 @@ module SastBox
80
79
 
81
80
  def self.included(base)
82
81
  end
83
-
84
82
  end
85
- end
83
+ end
data/lib/sastbox-sdk/reporter_sarif.rb CHANGED
@@ -3,7 +3,6 @@ require 'digest'
3
3
  module SastBox
4
4
  module Reporter
5
5
  module Sarif
6
-
7
6
  def generate_sarif_report
8
7
  new_sarif_log
9
8
  @issues.each do |issue|
@@ -103,9 +102,9 @@ module SastBox
103
102
  issueSeverity: issue[:severity],
104
103
  }
105
104
  }
105
+
106
106
  sarif_result
107
107
  end
108
-
109
108
  end
110
109
  end
111
110
  end
data/lib/sastbox-sdk/runner.rb CHANGED
@@ -2,7 +2,6 @@ require 'timeout'
2
2
 
3
3
  module SastBox
4
4
  module Runner
5
-
6
5
  def command?(name)
7
6
  `which #{name}`
8
7
  $?.success?
data/lib/sastbox-sdk/scanner.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  module SastBox
2
2
  class Scanner
3
-
4
3
  include SastBox::OptParser
5
4
  include SastBox::Printer
6
5
  include SastBox::Runner
@@ -79,7 +78,8 @@ module SastBox
79
78
  def skip_issue?(issue)
80
79
  return true if issue[:filename].include?('/.git/')
81
80
  return true if issue[:snippet][:read_success] == false
82
- return false
81
+
82
+ false
83
83
  end
84
84
 
85
85
  def validate_opts
@@ -111,11 +111,11 @@ module SastBox
111
111
  status = 0
112
112
  status = 1 unless @issues.empty?
113
113
  print_title("Finished #{@name}")
114
- exit status
114
+ status
115
115
  end
116
116
 
117
117
  def save_scan_output
118
- File.open(@opts.output, "wb") { |file| file.write(generate_sarif_report) }
118
+ File.open(@opts.output, 'wb') { |file| file.write(generate_sarif_report) }
119
119
  print_normal("Sarif result saved to #{@opts.output}", 1)
120
120
  end
121
121
 
@@ -143,8 +143,8 @@ module SastBox
143
143
  if File.exist?(filename)
144
144
  content = parse_json_from_str(File.read(filename))
145
145
  end
146
+
146
147
  content
147
148
  end
148
-
149
149
  end
150
150
  end
data/lib/sastbox-sdk/severity_calculator.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  module SastBox
2
2
  module SeverityCalculator
3
-
4
3
  def add_severity(issue)
5
4
  accepted_levels = [:info, :low, :medium, :high, :critical]
6
5
 
@@ -13,7 +12,6 @@ module SastBox
13
12
  else
14
13
  issue[:severity] = attempt_to_determine_severity(issue)
15
14
  end
16
-
17
15
  end
18
16
 
19
17
  def severity_pattern_found?(patterns, text)
@@ -51,7 +49,6 @@ module SastBox
51
49
 
52
50
  info = []
53
51
 
54
-
55
52
  if level == :undefined
56
53
  level = :critical if severity_pattern_found?(critical, text)
57
54
  end
data/lib/sastbox-sdk/snippet.rb CHANGED
@@ -2,7 +2,6 @@ require 'digest'
2
2
 
3
3
  module SastBox
4
4
  module Snippet
5
-
6
5
  def filename_relative(filename)
7
6
  filename_path = File.expand_path(filename)
8
7
  codebase_path = File.expand_path(@opts.codebase)
@@ -10,9 +9,10 @@ module SastBox
10
9
  if filename_path.start_with?(codebase_path)
11
10
  filename_path.sub!(codebase_path, '')
12
11
  filename_path = filename_path[1..-1] if filename_path.start_with?('/')
13
- return filename_path
12
+
13
+ filename_path
14
14
  else
15
- return nil
15
+ nil
16
16
  end
17
17
  end
18
18
 
data/spec/sastbox-sdk/codebase_spec.rb CHANGED
@@ -4,4 +4,3 @@ require_relative '../../lib/sastbox-sdk'
4
4
 
5
5
  RSpec.describe 'Codebase' do
6
6
  end
7
-
data/spec/sastbox-sdk/cwe_constants_spec.rb CHANGED
@@ -4,4 +4,3 @@ require_relative '../../lib/sastbox-sdk'
4
4
 
5
5
  RSpec.describe 'Cwe_constants' do
6
6
  end
7
-
data/spec/sastbox-sdk/cwe_detector_spec.rb CHANGED
@@ -209,8 +209,5 @@ RSpec.describe 'Cwe_detector' do
209
209
  expect(issue[:cwe_id]).to eq SastBox::Cwe::UNRESTRICTED_UPLOAD_OF_FILE_WITH_DANGEROUS_TYPE
210
210
  end
211
211
  end
212
-
213
-
214
212
  end
215
-
216
213
  end
data/spec/sastbox-sdk/opt_parser_spec.rb CHANGED
@@ -16,7 +16,7 @@ RSpec.describe 'Opt_parser' do
16
16
 
17
17
  describe 'parse_opts' do
18
18
  context 'should parse all the provided options' do
19
- subject { scanner.parse_opts(['-c', 'codebase', '-o', 'outputfile', '-v', '-t', '2', '-n']) }
19
+ subject { scanner.parse_opts(%w[-c codebase -o outputfile -v -t 2 -n]) }
20
20
 
21
21
  it 'codebase - is expected to eq "codebase"' do
22
22
  expect(subject.codebase).to eq 'codebase'
@@ -44,4 +44,3 @@ RSpec.describe 'Opt_parser' do
44
44
  end
45
45
  end
46
46
  end
47
-
data/spec/sastbox-sdk/printer_spec.rb CHANGED
@@ -56,4 +56,3 @@ RSpec.describe 'Printer' do
56
56
  end
57
57
  end
58
58
  end
59
-
data/spec/sastbox-sdk/reporter_sarif_spec.rb CHANGED
@@ -29,7 +29,7 @@ RSpec.describe 'Reporter_sarif' do
29
29
  end
30
30
 
31
31
  before do
32
- scanner.parse_opts(['-c', 'xxx'])
32
+ scanner.parse_opts(%w[-c xxx])
33
33
 
34
34
  scanner.add_issue(
35
35
  title: 'title',
@@ -46,7 +46,7 @@ RSpec.describe 'Reporter_sarif' do
46
46
 
47
47
  describe 'generate_sarif_report' do
48
48
  context 'should generate valid SARIF' do
49
- subject {scanner.generate_sarif_report() }
49
+ subject {scanner.generate_sarif_report }
50
50
 
51
51
  it {expect(subject).to be_a(String)}
52
52
 
data/spec/sastbox-sdk/runner_spec.rb CHANGED
@@ -46,9 +46,9 @@ RSpec.describe 'Runner' do
46
46
  subject { scanner.run_cmd(['uname']) }
47
47
 
48
48
  it { expect(subject).to be_an(Array) }
49
- it { expect(subject.length).to be(2) }
49
+ it { expect(subject.length).to be(3) }
50
50
  it { expect(subject[0]).to eq "Linux\n" }
51
- it { expect(subject[1]).to eq(nil).or be_an(Process::Status) }
51
+ it { expect(subject[1]).to eq("").or be_an(Process::Status) }
52
52
  end
53
53
 
54
54
  context 'should exit with an invalid command' do
@@ -70,9 +70,9 @@ RSpec.describe 'Runner' do
70
70
  subject { scanner_timeout_60_sec.run_cmd_with_timeout(['uname']) }
71
71
 
72
72
  it { expect(subject).to be_an(Array) }
73
- it { expect(subject.length).to be(2) }
73
+ it { expect(subject.length).to be(3) }
74
74
  it { expect(subject[0]).to eq "Linux\n" }
75
- it { expect(subject[1]).to eq(nil).or be_an(Process::Status) }
75
+ it { expect(subject[1]).to eq("").or be_an(Process::Status) }
76
76
  end
77
77
 
78
78
  context 'should fail when exceeded timeout' do
@@ -89,4 +89,3 @@ RSpec.describe 'Runner' do
89
89
  end
90
90
  end
91
91
  end
92
-
data/spec/sastbox-sdk/scanner_spec.rb CHANGED
@@ -16,7 +16,7 @@ RSpec.describe 'Scanner' do
16
16
  describe 'start_scan' do
17
17
  context 'should raise name error for run method when correct options are provided' do
18
18
  before do
19
- scanner.parse_opts(['-o', 'xxx', '-c', 'aaa'])
19
+ scanner.parse_opts(%w[-o xxx -c aaa])
20
20
  end
21
21
 
22
22
  it "should raise name error for run method when correct options are provided" do
@@ -48,7 +48,7 @@ RSpec.describe 'Scanner' do
48
48
  end
49
49
 
50
50
  before do
51
- scanner.parse_opts(['-o', 'xxx', '-c', 'aaa'])
51
+ scanner.parse_opts(%w[-o xxx -c aaa])
52
52
  scanner.add_issue(issue)
53
53
  end
54
54
 
@@ -69,7 +69,7 @@ RSpec.describe 'Scanner' do
69
69
  end
70
70
 
71
71
  before do
72
- scanner.parse_opts(['-o', 'xxx', '-c', 'aaa'])
72
+ scanner.parse_opts(%w[-o xxx -c aaa])
73
73
  end
74
74
 
75
75
  it do
@@ -145,14 +145,14 @@ RSpec.describe 'Scanner' do
145
145
  end
146
146
 
147
147
  before do
148
- scanner.parse_opts(['-c', '/abc/def/ghi'])
148
+ scanner.parse_opts(%w[-c /abc/def/ghi])
149
149
  @status = scanner.add_issue(issue)
150
150
  end
151
151
 
152
152
  #it { expect(@status).to be scanner.issues }
153
153
  it { expect(scanner.issues.length).to be 1}
154
154
  it "hash_issue_v1" do
155
- expect(scanner.issues.first[:hash_issue]).to eq '220da2ef86cb34b97e4253f5b212b2a720c93d717e7fec8f243d851441774181'
155
+ expect(scanner.issues.first[:hash_issue]).to eq '4d89fbb4cc1e2beef276558ead0c4a66d1048668edda40b36efae7f8c6f30642'
156
156
  end
157
157
 
158
158
  it "hash_issue_v2" do
@@ -235,4 +235,3 @@ RSpec.describe 'Scanner' do
235
235
  end
236
236
  end
237
237
  end
238
-
data/spec/sastbox-sdk/severity_calculator_spec.rb CHANGED
@@ -120,7 +120,4 @@ RSpec.describe 'SeverityCalculator' do
120
120
  it {expect( scanner.attempt_to_determine_severity(issue)).to eq :undefined}
121
121
  end
122
122
  end
123
-
124
-
125
123
  end
126
-
data/spec/sastbox-sdk/snippet_spec.rb CHANGED
@@ -172,4 +172,3 @@ RSpec.describe 'snippet' do
172
172
  end
173
173
  end
174
174
  end
175
-
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sastbox_sdk
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 1.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Conviso Engineering Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-02-21 00:00:00.000000000 Z
11
+ date: 2024-12-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: colored
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - '='
32
32
  - !ruby/object:Gem::Version
33
- version: 2.6.3
33
+ version: 2.9.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - '='
39
39
  - !ruby/object:Gem::Version
40
- version: 2.6.3
40
+ version: 2.9.0
41
41
  description: SDK to construct SAST scanners
42
42
  email: product-development@convisoappsec.com
43
43
  executables: []
@@ -89,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
89
89
  - !ruby/object:Gem::Version
90
90
  version: '0'
91
91
  requirements: []
92
- rubygems_version: 3.5.6
92
+ rubygems_version: 3.5.10
93
93
  signing_key:
94
94
  specification_version: 4
95
95
  summary: SastBox SDK