PyPI - checkmate5 - Versions diffs - 4.0.67__py3-none-any.whl - Mend

checkmate5 4.0.67__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

checkmate/__init__.py +21 -0
checkmate/__main__.py +25 -0
checkmate/contrib/__init__.py +21 -0
checkmate/contrib/plugins/__init__.py +0 -0
checkmate/contrib/plugins/all/gptanalyzer/__init__.py +0 -0
checkmate/contrib/plugins/all/gptanalyzer/analyzer.py +99 -0
checkmate/contrib/plugins/all/gptanalyzer/issues_data.py +6 -0
checkmate/contrib/plugins/all/gptanalyzer/setup.py +13 -0
checkmate/contrib/plugins/cve/__init__.py +0 -0
checkmate/contrib/plugins/cve/text4shell/__init__.py +0 -0
checkmate/contrib/plugins/cve/text4shell/analyzer.py +64 -0
checkmate/contrib/plugins/cve/text4shell/issues_data.py +8 -0
checkmate/contrib/plugins/cve/text4shell/setup.py +13 -0
checkmate/contrib/plugins/git/__init__.py +0 -0
checkmate/contrib/plugins/git/commands/__init__.py +6 -0
checkmate/contrib/plugins/git/commands/analyze.py +364 -0
checkmate/contrib/plugins/git/commands/base.py +16 -0
checkmate/contrib/plugins/git/commands/diff.py +199 -0
checkmate/contrib/plugins/git/commands/init.py +59 -0
checkmate/contrib/plugins/git/commands/update_stats.py +41 -0
checkmate/contrib/plugins/git/hooks/__init__.py +0 -0
checkmate/contrib/plugins/git/hooks/project.py +19 -0
checkmate/contrib/plugins/git/lib/__init__.py +1 -0
checkmate/contrib/plugins/git/lib/repository.py +557 -0
checkmate/contrib/plugins/git/lib/repository_pygit2.py +531 -0
checkmate/contrib/plugins/git/models.py +178 -0
checkmate/contrib/plugins/git/setup.py +27 -0
checkmate/contrib/plugins/golang/__init__.py +0 -0
checkmate/contrib/plugins/golang/gostaticcheck/__init__.py +0 -0
checkmate/contrib/plugins/golang/gostaticcheck/analyzer.py +94 -0
checkmate/contrib/plugins/golang/gostaticcheck/issues_data.py +1246 -0
checkmate/contrib/plugins/golang/gostaticcheck/setup.py +13 -0
checkmate/contrib/plugins/iac/__init__.py +0 -0
checkmate/contrib/plugins/iac/kubescape/__init__.py +0 -0
checkmate/contrib/plugins/iac/kubescape/analyzer.py +115 -0
checkmate/contrib/plugins/iac/kubescape/issues_data.py +636 -0
checkmate/contrib/plugins/iac/kubescape/setup.py +14 -0
checkmate/contrib/plugins/iac/tfsec/__init__.py +0 -0
checkmate/contrib/plugins/iac/tfsec/analyzer.py +92 -0
checkmate/contrib/plugins/iac/tfsec/issues_data.py +1917 -0
checkmate/contrib/plugins/iac/tfsec/setup.py +13 -0
checkmate/contrib/plugins/java/__init__.py +0 -0
checkmate/contrib/plugins/java/semgrepjava/__init__.py +0 -0
checkmate/contrib/plugins/java/semgrepjava/analyzer.py +96 -0
checkmate/contrib/plugins/java/semgrepjava/issues_data.py +5 -0
checkmate/contrib/plugins/java/semgrepjava/setup.py +13 -0
checkmate/contrib/plugins/javascript/__init__.py +0 -0
checkmate/contrib/plugins/javascript/semgrepeslint/__init__.py +0 -0
checkmate/contrib/plugins/javascript/semgrepeslint/analyzer.py +95 -0
checkmate/contrib/plugins/javascript/semgrepeslint/issues_data.py +6 -0
checkmate/contrib/plugins/javascript/semgrepeslint/setup.py +13 -0
checkmate/contrib/plugins/perl/__init__.py +0 -0
checkmate/contrib/plugins/perl/graudit/__init__.py +0 -0
checkmate/contrib/plugins/perl/graudit/analyzer.py +70 -0
checkmate/contrib/plugins/perl/graudit/issues_data.py +8 -0
checkmate/contrib/plugins/perl/graudit/setup.py +13 -0
checkmate/contrib/plugins/python/__init__.py +0 -0
checkmate/contrib/plugins/python/bandit/__init__.py +0 -0
checkmate/contrib/plugins/python/bandit/analyzer.py +74 -0
checkmate/contrib/plugins/python/bandit/issues_data.py +426 -0
checkmate/contrib/plugins/python/bandit/setup.py +13 -0
checkmate/contrib/plugins/ruby/__init__.py +0 -0
checkmate/contrib/plugins/ruby/brakeman/__init__.py +0 -0
checkmate/contrib/plugins/ruby/brakeman/analyzer.py +96 -0
checkmate/contrib/plugins/ruby/brakeman/issues_data.py +518 -0
checkmate/contrib/plugins/ruby/brakeman/setup.py +13 -0
checkmate/helpers/__init__.py +0 -0
checkmate/helpers/facts.py +26 -0
checkmate/helpers/hashing.py +68 -0
checkmate/helpers/issue.py +101 -0
checkmate/helpers/settings.py +14 -0
checkmate/lib/__init__.py +1 -0
checkmate/lib/analysis/__init__.py +3 -0
checkmate/lib/analysis/base.py +103 -0
checkmate/lib/code/__init__.py +3 -0
checkmate/lib/code/environment.py +809 -0
checkmate/lib/models.py +515 -0
checkmate/lib/stats/__init__.py +1 -0
checkmate/lib/stats/helpers.py +19 -0
checkmate/lib/stats/mapreduce.py +29 -0
checkmate/management/__init__.py +1 -0
checkmate/management/commands/__init__.py +18 -0
checkmate/management/commands/alembic.py +32 -0
checkmate/management/commands/analyze.py +42 -0
checkmate/management/commands/analyzers.py +1 -0
checkmate/management/commands/base.py +66 -0
checkmate/management/commands/compare.py +0 -0
checkmate/management/commands/export.py +0 -0
checkmate/management/commands/info.py +0 -0
checkmate/management/commands/init.py +103 -0
checkmate/management/commands/issues.py +478 -0
checkmate/management/commands/props/__init__.py +1 -0
checkmate/management/commands/props/delete.py +29 -0
checkmate/management/commands/props/get.py +30 -0
checkmate/management/commands/props/set.py +29 -0
checkmate/management/commands/reset.py +53 -0
checkmate/management/commands/shell.py +19 -0
checkmate/management/commands/snapshots.py +22 -0
checkmate/management/commands/stats.py +21 -0
checkmate/management/commands/summary.py +19 -0
checkmate/management/commands/sync.py +63 -0
checkmate/management/commands/trend.py +1 -0
checkmate/management/commands/watch.py +27 -0
checkmate/management/decorators.py +1 -0
checkmate/management/helpers.py +140 -0
checkmate/scripts/__init__.py +18 -0
checkmate/scripts/manage.py +121 -0
checkmate/settings/__init__.py +2 -0
checkmate/settings/base.py +127 -0
checkmate/settings/defaults.py +133 -0
checkmate5-4.0.67.dist-info/LICENSE.txt +4095 -0
checkmate5-4.0.67.dist-info/METADATA +15 -0
checkmate5-4.0.67.dist-info/RECORD +116 -0
checkmate5-4.0.67.dist-info/WHEEL +5 -0
checkmate5-4.0.67.dist-info/entry_points.txt +2 -0
checkmate5-4.0.67.dist-info/top_level.txt +1 -0

checkmate/contrib/plugins/golang/gostaticcheck/setup.py ADDED Viewed

@@ -0,0 +1,13 @@
+from .analyzer import GostaticcheckAnalyzer
+from .issues_data import issues_data
+analyzers = {
+    'gostaticcheck':
+        {
+            'name': 'gostaticcheck',
+            'title': 'gostaticcheck',
+            'class': GostaticcheckAnalyzer,
+            'language': 'golang',
+            'issues_data': issues_data,
+        },
+}

checkmate/contrib/plugins/iac/__init__.py ADDED Viewed

File without changes

checkmate/contrib/plugins/iac/kubescape/__init__.py ADDED Viewed

File without changes

checkmate/contrib/plugins/iac/kubescape/analyzer.py ADDED Viewed

@@ -0,0 +1,115 @@
+# -*- coding: utf-8 -*-
+from checkmate.lib.analysis.base import BaseAnalyzer
+import logging
+import os
+import tempfile
+import json
+import subprocess
+logger = logging.getLogger(__name__)
+class KubescapeAnalyzer(BaseAnalyzer):
+    def __init__(self, *args, **kwargs):
+        super(KubescapeAnalyzer, self).__init__(*args, **kwargs)
+        try:
+            result = subprocess.check_output(
+                ["kubescape", "version"],stderr=subprocess.DEVNULL).strip()
+        except subprocess.CalledProcessError:
+            logger.error(
+                "Cannot initialize kubescape analyzer: Executable is missing, please install it.")
+            raise
+    def summarize(self, items):
+        pass
+    def analyze(self, file_revision):
+        issues = []
+        tmpdir = "/tmp/"+file_revision.project.pk
+        if not os.path.exists(os.path.dirname(tmpdir+"/"+file_revision.path)):
+            try:
+                os.makedirs(os.path.dirname(tmpdir+"/"+file_revision.path))
+            except OSError as exc:  # Guard against race condition
+                if exc.errno != errno.EEXIST:
+                    raise
+        result = subprocess.check_output(["rsync -r . "+tmpdir+" --exclude .git"],shell=True).strip()
+        f = open(tmpdir+"/"+file_revision.path, "wb")
+        fout = tempfile.NamedTemporaryFile(suffix=".json", delete=False)
+        result = {}
+        try:
+            with f:
+                try:
+                  f.write(file_revision.get_file_content())
+                except UnicodeDecodeError:
+                  pass
+            try:
+                result = subprocess.check_output(["kubescape",
+                                                  "scan",
+                                                  f.name,
+                                                  "--format",
+                                                  "json",
+                                                  "--format-version",
+                                                  "v2",
+                                                  "--output",
+                                                  fout.name],
+                                                  stderr=subprocess.DEVNULL).strip()
+            except subprocess.CalledProcessError as e:
+                if e.returncode == 1:
+                    result = e.output
+                    pass
+                elif e.returncode == 3:
+                    result = []
+                    pass
+                else:
+                    #print((e.returncode))
+                    result = e.output
+                    pass
+            with open(fout.name, "r") as f:
+                try:
+                    result = json.load(f)
+                except ValueError as e:
+                    result['warnings'] = []
+                    pass
+            json_result = result
+            try:
+                for issue in json_result['results']:
+                  for control in issue['controls']:
+                    controlkey = control['controlID']
+                    sev = json_result['summaryDetails']['controls'][controlkey]['scoreFactor']
+                    if sev>=7:
+                      severity = "High"
+                    elif sev>=4 and sev>=6:
+                      severity = "Medium"
+                    else:
+                      severity = "Warning"
+                    line = 1
+                    location = (((line, None),
+                                 (line, None)),)
+                    issues.append({
+                            'code': control['controlID'],
+                            'severity': severity,
+                            'location': location,
+                            'data': control['name'],
+                            'file': file_revision.path,
+                            'line': line,
+                            'fingerprint': self.get_fingerprint_from_code(file_revision, location, extra_data=control['name'])
+                    })
+            except:
+                pass
+        finally:
+          return {'issues': issues}