cartography 0.95.0rc1__py3-none-any.whl → 0.96.0rc2__py3-none-any.whl

cartography/intel/semgrep/findings.py

@@ -11,7 +11,6 @@ from requests.exceptions import ReadTimeout
 
 from cartography.client.core.tx import load
 from cartography.graph.job import GraphJob
-from cartography.models.semgrep.deployment import SemgrepDeploymentSchema
 from cartography.models.semgrep.findings import SemgrepSCAFindingSchema
 from cartography.models.semgrep.locations import SemgrepSCALocationSchema
 from cartography.stats import get_stats_client
@@ -26,29 +25,6 @@ _TIMEOUT = (60, 60)
 _MAX_RETRIES = 3
 
 
-@timeit
-def get_deployment(semgrep_app_token: str) -> Dict[str, Any]:
-    """
-    Gets the deployment associated with the passed Semgrep App token.
-    param: semgrep_app_token: The Semgrep App token to use for authentication.
-    """
-    deployment = {}
-    deployment_url = "https://semgrep.dev/api/v1/deployments"
-    headers = {
-        "Content-Type": "application/json",
-        "Authorization": f"Bearer {semgrep_app_token}",
-    }
-    response = requests.get(deployment_url, headers=headers, timeout=_TIMEOUT)
-    response.raise_for_status()
-
-    data = response.json()
-    deployment["id"] = data["deployments"][0]["id"]
-    deployment["name"] = data["deployments"][0]["name"]
-    deployment["slug"] = data["deployments"][0]["slug"]
-
-    return deployment
-
-
 @timeit
 def get_sca_vulns(semgrep_app_token: str, deployment_slug: str) -> List[Dict[str, Any]]:
     """
@@ -81,11 +57,11 @@ def get_sca_vulns(semgrep_app_token: str, deployment_slug: str) -> List[Dict[str
             response = requests.get(sca_url, params=request_data, headers=headers, timeout=_TIMEOUT)
             response.raise_for_status()
             data = response.json()
-        except (ReadTimeout, HTTPError) as e:
+        except (ReadTimeout, HTTPError):
             logger.warning(f"Failed to retrieve Semgrep SCA vulns for page {page}. Retrying...")
             retries += 1
             if retries >= _MAX_RETRIES:
-                raise e
+                raise
             continue
         vulns = data["findings"]
         has_more = len(vulns) > 0
@@ -201,19 +177,6 @@ def transform_sca_vulns(raw_vulns: List[Dict[str, Any]]) -> Tuple[List[Dict[str,
     return vulns, usages
 
 
-@timeit
-def load_semgrep_deployment(
-    neo4j_session: neo4j.Session, deployment: Dict[str, Any], update_tag: int,
-) -> None:
-    logger.info(f"Loading Semgrep deployment info {deployment} into the graph...")
-    load(
-        neo4j_session,
-        SemgrepDeploymentSchema(),
-        [deployment],
-        lastupdated=update_tag,
-    )
-
-
 @timeit
 def load_semgrep_sca_vulns(
     neo4j_session: neo4j.Session,
@@ -221,7 +184,7 @@ def load_semgrep_sca_vulns(
     deployment_id: str,
     update_tag: int,
 ) -> None:
-    logger.info(f"Loading {len(vulns)} Semgrep SCA vulns info into the graph.")
+    logger.info(f"Loading {len(vulns)} SemgrepSCAFinding objects into the graph.")
     load(
         neo4j_session,
         SemgrepSCAFindingSchema(),
@@ -238,7 +201,7 @@ def load_semgrep_sca_usages(
     deployment_id: str,
     update_tag: int,
 ) -> None:
-    logger.info(f"Loading {len(usages)} Semgrep SCA usages info into the graph.")
+    logger.info(f"Loading {len(usages)} SemgrepSCALocation objects into the graph.")
     load(
         neo4j_session,
         SemgrepSCALocationSchema(),
@@ -265,26 +228,32 @@ def cleanup(
 
 
 @timeit
-def sync(
-    neo4j_sesion: neo4j.Session,
+def sync_findings(
+    neo4j_session: neo4j.Session,
     semgrep_app_token: str,
     update_tag: int,
     common_job_parameters: Dict[str, Any],
 ) -> None:
+
+    deployment_id = common_job_parameters.get("DEPLOYMENT_ID")
+    deployment_slug = common_job_parameters.get("DEPLOYMENT_SLUG")
+    if not deployment_id or not deployment_slug:
+        logger.warning(
+            "Missing Semgrep deployment ID or slug, ensure that sync_deployment() has been called."
+            "Skipping SCA findings sync job.",
+        )
+        return
+
     logger.info("Running Semgrep SCA findings sync job.")
-    semgrep_deployment = get_deployment(semgrep_app_token)
-    deployment_id = semgrep_deployment["id"]
-    deployment_slug = semgrep_deployment["slug"]
-    load_semgrep_deployment(neo4j_sesion, semgrep_deployment, update_tag)
-    common_job_parameters["DEPLOYMENT_ID"] = deployment_id
     raw_vulns = get_sca_vulns(semgrep_app_token, deployment_slug)
     vulns, usages = transform_sca_vulns(raw_vulns)
-    load_semgrep_sca_vulns(neo4j_sesion, vulns, deployment_id, update_tag)
-    load_semgrep_sca_usages(neo4j_sesion, usages, deployment_id, update_tag)
-    run_scoped_analysis_job('semgrep_sca_risk_analysis.json', neo4j_sesion, common_job_parameters)
-    cleanup(neo4j_sesion, common_job_parameters)
+    load_semgrep_sca_vulns(neo4j_session, vulns, deployment_id, update_tag)
+    load_semgrep_sca_usages(neo4j_session, usages, deployment_id, update_tag)
+    run_scoped_analysis_job('semgrep_sca_risk_analysis.json', neo4j_session, common_job_parameters)
+
+    cleanup(neo4j_session, common_job_parameters)
     merge_module_sync_metadata(
-        neo4j_session=neo4j_sesion,
+        neo4j_session=neo4j_session,
         group_type='Semgrep',
         group_id=deployment_id,
         synced_type='SCA',

cartography/models/aws/ec2/network_acl_rules.py

@@ -0,0 +1,97 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclRuleNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef('Id')
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    network_acl_id: PropertyRef = PropertyRef('NetworkAclId')
+    protocol: PropertyRef = PropertyRef('Protocol')
+    fromport: PropertyRef = PropertyRef('FromPort')
+    toport: PropertyRef = PropertyRef('ToPort')
+    cidrblock: PropertyRef = PropertyRef('CidrBlock')
+    egress: PropertyRef = PropertyRef('Egress')
+    rulenumber: PropertyRef = PropertyRef('RuleNumber')
+    ruleaction: PropertyRef = PropertyRef('RuleAction')
+    region: PropertyRef = PropertyRef('Region', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclRuleAclRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclRuleToAcl(CartographyRelSchema):
+    target_node_label: str = 'EC2NetworkAcl'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'network_acl_id': PropertyRef('NetworkAclId')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "MEMBER_OF_NACL"
+    properties: EC2NetworkAclRuleAclRelProperties = EC2NetworkAclRuleAclRelProperties()
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclRuleToAwsAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclRuleToAWSAccount(CartographyRelSchema):
+    target_node_label: str = 'AWSAccount'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: EC2NetworkAclRuleToAwsAccountRelProperties = EC2NetworkAclRuleToAwsAccountRelProperties()
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclInboundRuleSchema(CartographyNodeSchema):
+    """
+    Network interface as known by describe-network-interfaces.
+    """
+    label: str = 'EC2NetworkAclRule'
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(
+        ['IpPermissionInbound'],
+    )
+    properties: EC2NetworkAclRuleNodeProperties = EC2NetworkAclRuleNodeProperties()
+    sub_resource_relationship: EC2NetworkAclRuleToAWSAccount = EC2NetworkAclRuleToAWSAccount()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            EC2NetworkAclRuleToAcl(),
+        ],
+    )
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclEgressRuleSchema(CartographyNodeSchema):
+    """
+    Network interface as known by describe-network-interfaces.
+    """
+    label: str = 'EC2NetworkAclRule'
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(
+        [
+            'IpPermissionEgress',
+        ],
+    )
+    properties: EC2NetworkAclRuleNodeProperties = EC2NetworkAclRuleNodeProperties()
+    sub_resource_relationship: EC2NetworkAclRuleToAWSAccount = EC2NetworkAclRuleToAWSAccount()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            EC2NetworkAclRuleToAcl(),
+        ],
+    )

cartography/models/aws/ec2/network_acls.py

@@ -0,0 +1,86 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef('Arn')
+    arn: PropertyRef = PropertyRef('Arn')
+    network_acl_id: PropertyRef = PropertyRef('Id')
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    is_default: PropertyRef = PropertyRef('IsDefault')
+    region: PropertyRef = PropertyRef('Region', set_in_kwargs=True)
+    vpc_id: PropertyRef = PropertyRef('VpcId')
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclToVpcRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclToVpc(CartographyRelSchema):
+    target_node_label: str = 'AWSVpc'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'vpcid': PropertyRef('VpcId')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "MEMBER_OF_AWS_VPC"
+    properties: EC2NetworkAclToVpcRelProperties = EC2NetworkAclToVpcRelProperties()
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclToSubnetRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclToSubnet(CartographyRelSchema):
+    target_node_label: str = 'EC2Subnet'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'subnetid': PropertyRef('SubnetId')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "PART_OF_SUBNET"
+    properties: EC2NetworkAclToSubnetRelProperties = EC2NetworkAclToSubnetRelProperties()
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclToAwsAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclToAWSAccount(CartographyRelSchema):
+    target_node_label: str = 'AWSAccount'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: EC2NetworkAclToAwsAccountRelProperties = EC2NetworkAclToAwsAccountRelProperties()
+
+
+@dataclass(frozen=True)
+class EC2NetworkAclSchema(CartographyNodeSchema):
+    """
+    Network interface as known by describe-network-interfaces.
+    """
+    label: str = 'EC2NetworkAcl'
+    properties: EC2NetworkAclNodeProperties = EC2NetworkAclNodeProperties()
+    sub_resource_relationship: EC2NetworkAclToAWSAccount = EC2NetworkAclToAWSAccount()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            EC2NetworkAclToVpc(),
+            EC2NetworkAclToSubnet(),
+        ],
+    )

cartography/models/core/common.py

@@ -8,7 +8,14 @@ class PropertyRef:
     (PropertyRef.set_in_kwargs=True).
     """
 
-    def __init__(self, name: str, set_in_kwargs=False, extra_index=False, ignore_case=False):
+    def __init__(
+        self,
+        name: str,
+        set_in_kwargs=False,
+        extra_index=False,
+        ignore_case=False,
+        fuzzy_and_ignore_case=False,
+    ):
         """
         :param name: The name of the property
         :param set_in_kwargs: Optional. If True, the property is not defined on the data dict, and we expect to find the
@@ -33,11 +40,21 @@ class PropertyRef:
             cartography catalog of GitHubUser nodes. Therefore, you would need `ignore_case=True` in the PropertyRef
             that points to the GitHubUser node's name field, otherwise if one of your employees' GitHub usernames
             contains capital letters, you would not be able to map them properly to a GitHubUser node in your graph.
+        :param fuzzy_and_ignore_case: If True, performs a fuzzy + case-insensitive match when comparing the value of
+        this property using the `CONTAINS` operator.
+        query. Defaults to False. This only has effect as part of a TargetNodeMatcher and is not supported for the
+        sub resource relationship.
         """
         self.name = name
         self.set_in_kwargs = set_in_kwargs
         self.extra_index = extra_index
         self.ignore_case = ignore_case
+        self.fuzzy_and_ignore_case = fuzzy_and_ignore_case
+        if self.fuzzy_and_ignore_case and self.ignore_case:
+            raise ValueError(
+                f'Error setting PropertyRef "{self.name}": ignore_case cannot be used together with'
+                'fuzzy_and_ignore_case. Pick one or the other.',
+            )
 
     def _parameterize_name(self) -> str:
         return f"${self.name}"

cartography/models/github/orgs.py

@@ -0,0 +1,26 @@
+"""
+This schema does not handle the org's relationships.  Those are handled by other schemas, for example:
+* GitHubTeamSchema defines (GitHubOrganization)-[RESOURCE]->(GitHubTeam)
+* GitHubUserSchema defines (GitHubUser)-[MEMBER_OF|UNAFFILIATED]->(GitHubOrganization)
+(There may be others, these are just two examples.)
+"""
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+
+
+@dataclass(frozen=True)
+class GitHubOrganizationNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef('url')
+    username: PropertyRef = PropertyRef('login', extra_index=True)
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class GitHubOrganizationSchema(CartographyNodeSchema):
+    label: str = 'GitHubOrganization'
+    properties: GitHubOrganizationNodeProperties = GitHubOrganizationNodeProperties()
+    other_relationships = None
+    sub_resource_relationship = None

cartography/models/github/users.py

@@ -0,0 +1,119 @@
+"""
+RE: Tenant relationship between GitHubUser and GitHubOrganization
+
+Note this relationship is implemented via 'other_relationships' and not via the 'sub_resource_relationship'
+as might be expected.
+
+The 'sub_resource_relationship' typically describes the relationship of a node to its tenant (the org, project, or
+other resource to which other nodes belong).  An assumption of that relationship is that if the tenant goes
+away, all nodes related to it should be cleaned up.
+
+In GitHub, though the GitHubUser's tenant seems to be GitHubOrganization, users actually exist independently.  There
+is a concept of 'UNAFFILIATED' users (https://docs.github.com/en/graphql/reference/enums#roleinorganization) like
+Enterprise Owners who are related to an org even if they are not direct members of it.  You would not want them to be
+cleaned up, if an org goes away, and you could want them in your graph even if they are not members of any org in
+the enterprise.
+
+To allow for this in the schema, this relationship is treated as any other node-to-node relationship, via
+'other_relationships', instead of as the typical 'sub_resource_relationship'.
+
+RE: GitHubOrganizationUserSchema vs GitHubUnaffiliatedUserSchema
+
+As noted above, there are implicitly two types of users, those that are part of, or affiliated, to a target
+GitHubOrganization, and those thare are not part, or unaffiliated.   Both are represented as GitHubUser nodes,
+but there are two schemas below to allow for some differences between them, e.g., unaffiliated lack these properties:
+  * the 'role' property, because unaffiliated have no 'role' in the target org
+  * the 'has_2fa_enabled' property, because the GitHub api does not return it, for these users
+The main importance of having two schemas is to allow the two sets of users to be loaded separately.  If we are loading
+an unaffiliated user, but the user already exists in the graph (perhaps they are members of another GitHub orgs for
+example), then loading the unaffiliated user will not blank out the 'role' and 'has_2fa_enabled' properties.
+"""
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class BaseGitHubUserNodeProperties(CartographyNodeProperties):
+    # core properties in all GitHubUser nodes
+    id: PropertyRef = PropertyRef('url')
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    fullname: PropertyRef = PropertyRef('name')
+    username: PropertyRef = PropertyRef('login', extra_index=True)
+    is_site_admin: PropertyRef = PropertyRef('isSiteAdmin')
+    is_enterprise_owner: PropertyRef = PropertyRef('isEnterpriseOwner')
+    email: PropertyRef = PropertyRef('email')
+    company: PropertyRef = PropertyRef('company')
+
+
+@dataclass(frozen=True)
+class GitHubOrganizationUserNodeProperties(BaseGitHubUserNodeProperties):
+    # specified for affiliated users only. The GitHub api does not return this property for unaffiliated users.
+    has_2fa_enabled: PropertyRef = PropertyRef('hasTwoFactorEnabled')
+    # specified for affiliated uers only.  Unaffiliated users do not have a 'role' in the target organization.
+    role: PropertyRef = PropertyRef('role')
+
+
+@dataclass(frozen=True)
+class GitHubUnaffiliatedUserNodeProperties(BaseGitHubUserNodeProperties):
+    # No additional properties needed
+    pass
+
+
+@dataclass(frozen=True)
+class GitHubUserToOrganizationRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class GitHubUserMemberOfOrganizationRel(CartographyRelSchema):
+    target_node_label: str = 'GitHubOrganization'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('MEMBER_OF')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "MEMBER_OF"
+    properties: GitHubUserToOrganizationRelProperties = GitHubUserToOrganizationRelProperties()
+
+
+@dataclass(frozen=True)
+class GitHubUserUnaffiliatedOrganizationRel(CartographyRelSchema):
+    target_node_label: str = 'GitHubOrganization'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('UNAFFILIATED')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "UNAFFILIATED"
+    properties: GitHubUserToOrganizationRelProperties = GitHubUserToOrganizationRelProperties()
+
+
+@dataclass(frozen=True)
+class GitHubOrganizationUserSchema(CartographyNodeSchema):
+    label: str = 'GitHubUser'
+    properties: GitHubOrganizationUserNodeProperties = GitHubOrganizationUserNodeProperties()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            GitHubUserMemberOfOrganizationRel(),
+        ],
+    )
+    sub_resource_relationship = None
+
+
+@dataclass(frozen=True)
+class GitHubUnaffiliatedUserSchema(CartographyNodeSchema):
+    label: str = 'GitHubUser'
+    properties: GitHubUnaffiliatedUserNodeProperties = GitHubUnaffiliatedUserNodeProperties()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            GitHubUserUnaffiliatedOrganizationRel(),
+        ],
+    )
+    sub_resource_relationship = None

cartography/models/semgrep/dependencies.py

@@ -0,0 +1,90 @@
+from dataclasses import dataclass
+from typing import Optional
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class SemgrepDependencyNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef('id')
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    name: PropertyRef = PropertyRef('name')
+    ecosystem: PropertyRef = PropertyRef('ecosystem')
+    version: PropertyRef = PropertyRef('version')
+
+
+@dataclass(frozen=True)
+class SemgrepDependencyToSemgrepDeploymentRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:SemgrepDependency)<-[:RESOURCE]-(:SemgrepDeployment)
+class SemgrepDependencyToSemgrepDeploymentSchema(CartographyRelSchema):
+    target_node_label: str = 'SemgrepDeployment'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('DEPLOYMENT_ID', set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: SemgrepDependencyToSemgrepDeploymentRelProperties = SemgrepDependencyToSemgrepDeploymentRelProperties()
+
+
+@dataclass(frozen=True)
+class SemgrepDependencyToGithubRepoRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    specifier: PropertyRef = PropertyRef('specifier')
+    transitivity: PropertyRef = PropertyRef('transitivity')
+    url: PropertyRef = PropertyRef('url')
+
+
+@dataclass(frozen=True)
+# (:SemgrepDependency)<-[:REQUIRES]-(:GitHubRepository)
+class SemgrepDependencyToGithubRepoRel(CartographyRelSchema):
+    target_node_label: str = 'GitHubRepository'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('repo_url')},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "REQUIRES"
+    properties: SemgrepDependencyToGithubRepoRelProperties = SemgrepDependencyToGithubRepoRelProperties()
+
+
+@dataclass(frozen=True)
+class SemgrepSCAFindngToDependencyRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class SemgrepGoLibrarySchema(CartographyNodeSchema):
+    label: str = 'GoLibrary'
+    extra_node_labels: Optional[ExtraNodeLabels] = ExtraNodeLabels(['Dependency', 'SemgrepDependency'])
+    properties: SemgrepDependencyNodeProperties = SemgrepDependencyNodeProperties()
+    sub_resource_relationship: SemgrepDependencyToSemgrepDeploymentSchema = SemgrepDependencyToSemgrepDeploymentSchema()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            SemgrepDependencyToGithubRepoRel(),
+        ],
+    )
+
+
+@dataclass(frozen=True)
+class SemgrepNpmLibrarySchema(CartographyNodeSchema):
+    label: str = 'NpmLibrary'
+    extra_node_labels: Optional[ExtraNodeLabels] = ExtraNodeLabels(['Dependency', 'SemgrepDependency'])
+    properties: SemgrepDependencyNodeProperties = SemgrepDependencyNodeProperties()
+    sub_resource_relationship: SemgrepDependencyToSemgrepDeploymentSchema = SemgrepDependencyToSemgrepDeploymentSchema()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            SemgrepDependencyToGithubRepoRel(),
+        ],
+    )

{cartography-0.95.0rc1.dist-info → cartography-0.96.0rc2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: cartography
-Version: 0.95.0rc1
+Version: 0.96.0rc2
 Summary: Explore assets and their relationships across your technical infrastructure.
 Home-page: https://www.github.com/cartography-cncf/cartography
 Maintainer: Cartography Contributors