cycode 0.2.5.dev6__tar.gz → 0.2.5.dev7__tar.gz

{cycode-0.2.5.dev6 → cycode-0.2.5.dev7}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: cycode
-Version: 0.2.5.dev6
+Version: 0.2.5.dev7
 Summary: Perform secrets/iac scans for your sources using Cycode's engine
 Home-page: https://github.com/cycodehq-public/cycode-cli
 License: MIT
@@ -248,12 +248,12 @@ repos:
 
 The following are the options and commands available with the Cycode CLI application:
 
-| Option                  | Description                                               |
-|-------------------------|-----------------------------------------------------------|
-| `--output [text\|json]` | Specify the output (`text`/`json`). The default is `text` |
-| `-v`, `--verbose`       | Show detailed logs                                        |
-| `--version`             | Show the version and exit.                                |
-| `--help`                | Show options for given command.                           |
+| Option                         | Description                                                       |
+|--------------------------------|-------------------------------------------------------------------|
+| `--output [text\|json\|table]` | Specify the output (`text`/`json`/`table`). The default is `text` |
+| `-v`, `--verbose`              | Show detailed logs                                                |
+| `--version`                    | Show the version and exit.                                        |
+| `--help`                       | Show options for given command.                                   |
 
 | Command                             | Description |
 |-------------------------------------|-------------|

{cycode-0.2.5.dev6 → cycode-0.2.5.dev7}/README.md

@@ -211,12 +211,12 @@ repos:
 
 The following are the options and commands available with the Cycode CLI application:
 
-| Option                  | Description                                               |
-|-------------------------|-----------------------------------------------------------|
-| `--output [text\|json]` | Specify the output (`text`/`json`). The default is `text` |
-| `-v`, `--verbose`       | Show detailed logs                                        |
-| `--version`             | Show the version and exit.                                |
-| `--help`                | Show options for given command.                           |
+| Option                         | Description                                                       |
+|--------------------------------|-------------------------------------------------------------------|
+| `--output [text\|json\|table]` | Specify the output (`text`/`json`/`table`). The default is `text` |
+| `-v`, `--verbose`              | Show detailed logs                                                |
+| `--version`                    | Show the version and exit.                                        |
+| `--help`                       | Show options for given command.                                   |
 
 | Command                             | Description |
 |-------------------------------------|-------------|

cycode-0.2.5.dev7/cycode/__init__.py

@@ -0,0 +1 @@
+__version__ = '0.2.5.dev7'   # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag

{cycode-0.2.5.dev6 → cycode-0.2.5.dev7}/cycode/cli/main.py

@@ -65,10 +65,10 @@ NO_ISSUES_STATUS_CODE = 0
 @click.option('--output', default=None,
               help="""
               \b
-              Specify the results output (text/json), 
+              Specify the results output (text/json/table), 
               the default is text
               """,
-              type=click.Choice(['text', 'json']))
+              type=click.Choice(['text', 'json', 'table']))
 @click.option('--severity-threshold',
               default=None,
               help='Show only violations at the specified level or higher (supported for SCA scan type only).',
@@ -142,8 +142,8 @@ def finalize(context: click.Context, *args, **kwargs):
 @click.option(
     '--output',
     default='text',
-    help='Specify the output (text/json), the default is text',
-    type=click.Choice(['text', 'json'])
+    help='Specify the output (text/json/table), the default is text',
+    type=click.Choice(['text', 'json', 'table'])
 )
 @click.option(
     '--user-agent',

{cycode-0.2.5.dev6 → cycode-0.2.5.dev7}/cycode/cli/printers/base_printer.py

@@ -7,7 +7,9 @@ from cycode.cli.models import DocumentDetections, CliResult, CliError
 
 
 class BasePrinter(ABC):
-    context: click.Context
+    RED_COLOR_NAME = 'red'
+    WHITE_COLOR_NAME = 'white'
+    GREEN_COLOR_NAME = 'green'
 
     def __init__(self, context: click.Context):
         self.context = context

cycode-0.2.5.dev7/cycode/cli/printers/base_table_printer.py

@@ -0,0 +1,43 @@
+import abc
+from typing import List
+
+import click
+
+from cycode.cli.printers.text_printer import TextPrinter
+from cycode.cli.models import DocumentDetections, CliError, CliResult
+from cycode.cli.printers.base_printer import BasePrinter
+
+
+class BaseTablePrinter(BasePrinter, abc.ABC):
+    def __init__(self, context: click.Context):
+        super().__init__(context)
+        self.context = context
+        self.scan_id: str = context.obj.get('scan_id')
+        self.scan_type: str = context.obj.get('scan_type')
+        self.show_secret: bool = context.obj.get('show_secret', False)
+
+    def print_result(self, result: CliResult) -> None:
+        TextPrinter(self.context).print_result(result)
+
+    def print_error(self, error: CliError) -> None:
+        TextPrinter(self.context).print_error(error)
+
+    def print_scan_results(self, results: List[DocumentDetections]):
+        click.secho(f'Scan Results: (scan_id: {self.scan_id})')
+
+        if not results:
+            click.secho('Good job! No issues were found!!! 👏👏👏', fg=self.GREEN_COLOR_NAME)
+            return
+
+        self._print_results(results)
+
+        report_url = self.context.obj.get('report_url')
+        if report_url:
+            click.secho(f'Report URL: {report_url}')
+
+    def _is_git_repository(self) -> bool:
+        return self.context.obj.get('remote_url') is not None
+
+    @abc.abstractmethod
+    def _print_results(self, results: List[DocumentDetections]) -> None:
+        raise NotImplementedError

{cycode-0.2.5.dev6 → cycode-0.2.5.dev7}/cycode/cli/printers/console_printer.py

@@ -1,10 +1,10 @@
 import click
 from typing import List, TYPE_CHECKING
 
-from cycode.cli.consts import SCA_SCAN_TYPE
 from cycode.cli.exceptions.custom_exceptions import CycodeError
 from cycode.cli.models import DocumentDetections, CliResult, CliError
 from cycode.cli.printers.table_printer import TablePrinter
+from cycode.cli.printers.sca_table_printer import SCATablePrinter
 from cycode.cli.printers.json_printer import JsonPrinter
 from cycode.cli.printers.text_printer import TextPrinter
 
@@ -16,11 +16,15 @@ class ConsolePrinter:
     _AVAILABLE_PRINTERS = {
         'text': TextPrinter,
         'json': JsonPrinter,
-        'text_sca': TablePrinter
+        'table': TablePrinter,
+        # overrides
+        'table_sca': SCATablePrinter,
+        'text_sca': SCATablePrinter,
     }
 
     def __init__(self, context: click.Context):
         self.context = context
+        self.scan_type = self.context.obj.get('scan_type')
         self.output_type = self.context.obj.get('output')
 
         self._printer_class = self._AVAILABLE_PRINTERS.get(self.output_type)
@@ -32,11 +36,11 @@ class ConsolePrinter:
         printer.print_scan_results(detections_results_list)
 
     def _get_scan_printer(self) -> 'BasePrinter':
-        scan_type = self.context.obj.get('scan_type')
-
         printer_class = self._printer_class
-        if scan_type == SCA_SCAN_TYPE and self.output_type == 'text':
-            printer_class = TablePrinter
+
+        composite_printer = self._AVAILABLE_PRINTERS.get(f'{self.output_type}_{self.scan_type}')
+        if composite_printer:
+            printer_class = composite_printer
 
         return printer_class(self.context)
 

cycode-0.2.5.dev6/cycode/cli/printers/table_printer.py → cycode-0.2.5.dev7/cycode/cli/printers/sca_table_printer.py

@@ -5,8 +5,8 @@ import click
 from texttable import Texttable
 
 from cycode.cli.consts import LICENSE_COMPLIANCE_POLICY_ID, PACKAGE_VULNERABILITY_POLICY_ID
-from cycode.cli.models import DocumentDetections, Detection, CliError, CliResult
-from cycode.cli.printers.base_printer import BasePrinter
+from cycode.cli.models import DocumentDetections, Detection
+from cycode.cli.printers.base_table_printer import BaseTablePrinter
 
 SEVERITY_COLUMN = 'Severity'
 LICENSE_COLUMN = 'License'
@@ -23,36 +23,11 @@ PREVIEW_DETECTIONS_COMMON_HEADERS = [
 ]
 
 
-class TablePrinter(BasePrinter):
-    RED_COLOR_NAME = 'red'
-    WHITE_COLOR_NAME = 'white'
-    GREEN_COLOR_NAME = 'green'
-
-    def __init__(self, context: click.Context):
-        super().__init__(context)
-        self.scan_id = context.obj.get('scan_id')
-
-    def print_result(self, result: CliResult) -> None:
-        raise NotImplemented
-
-    def print_error(self, error: CliError) -> None:
-        raise NotImplemented
-
-    def print_scan_results(self, results: List[DocumentDetections]):
-        click.secho(f"Scan Results: (scan_id: {self.scan_id})")
-
-        if not results:
-            click.secho("Good job! No issues were found!!! 👏👏👏", fg=self.GREEN_COLOR_NAME)
-            return
-
+class SCATablePrinter(BaseTablePrinter):
+    def _print_results(self, results: List[DocumentDetections]) -> None:
         detections_per_detection_type_id = self._extract_detections_per_detection_type_id(results)
-
         self._print_detection_per_detection_type_id(detections_per_detection_type_id)
 
-        report_url = self.context.obj.get('report_url')
-        if report_url:
-            click.secho(f'Report URL: {report_url}')
-
     @staticmethod
     def _extract_detections_per_detection_type_id(results: List[DocumentDetections]) -> Dict[str, List[Detection]]:
         detections_per_detection_type_id = defaultdict(list)
@@ -146,9 +121,6 @@ class TablePrinter(BasePrinter):
 
         return row
 
-    def _is_git_repository(self) -> bool:
-        return self.context.obj.get("remote_url") is not None
-
     def _get_upgrade_package_vulnerability(self, detection: Detection) -> List[str]:
         alert = detection.detection_details.get('alert')
         row = [

cycode-0.2.5.dev7/cycode/cli/printers/table.py

@@ -0,0 +1,61 @@
+from typing import List, Dict, Optional, TYPE_CHECKING
+from texttable import Texttable
+
+if TYPE_CHECKING:
+    from cycode.cli.printers.table_models import ColumnInfo, ColumnWidths
+
+
+class Table:
+    """Helper class to manage columns and their values in the right order and only if the column should be presented."""
+
+    def __init__(self, column_infos: Optional[List['ColumnInfo']] = None):
+        self._column_widths = None
+
+        self._columns: Dict['ColumnInfo', List[str]] = dict()
+        if column_infos:
+            self._columns: Dict['ColumnInfo', List[str]] = {columns: list() for columns in column_infos}
+
+    def add(self, column: 'ColumnInfo') -> None:
+        self._columns[column] = list()
+
+    def set(self, column: 'ColumnInfo', value: str) -> None:
+        # we push values only for existing columns what were added before
+        if column in self._columns:
+            self._columns[column].append(value)
+
+    def _get_ordered_columns(self) -> List['ColumnInfo']:
+        # we are sorting columns by index to make sure that columns will be printed in the right order
+        return sorted(self._columns, key=lambda column_info: column_info.index)
+
+    def get_columns_info(self) -> List['ColumnInfo']:
+        return self._get_ordered_columns()
+
+    def get_headers(self) -> List[str]:
+        return [header.name for header in self._get_ordered_columns()]
+
+    def get_rows(self) -> List[str]:
+        column_values = [self._columns[column_info] for column_info in self._get_ordered_columns()]
+        return list(zip(*column_values))
+
+    def set_cols_width(self, column_widths: 'ColumnWidths') -> None:
+        header_width_size = []
+        for header in self.get_columns_info():
+            width_multiplier = 1
+            if header in column_widths:
+                width_multiplier = column_widths[header]
+
+            header_width_size.append(len(header.name) * width_multiplier)
+
+        self._column_widths = header_width_size
+
+    def get_table(self, max_width: int = 80) -> Texttable:
+        table = Texttable(max_width)
+        table.header(self.get_headers())
+
+        for row in self.get_rows():
+            table.add_row(row)
+
+        if self._column_widths:
+            table.set_cols_width(self._column_widths)
+
+        return table

cycode-0.2.5.dev7/cycode/cli/printers/table_models.py

@@ -0,0 +1,20 @@
+from typing import NamedTuple, Dict
+
+
+class ColumnInfoBuilder:
+    _index = 0
+
+    @staticmethod
+    def build(name: str) -> 'ColumnInfo':
+        column_info = ColumnInfo(name, ColumnInfoBuilder._index)
+        ColumnInfoBuilder._index += 1
+        return column_info
+
+
+class ColumnInfo(NamedTuple):
+    name: str
+    index: int  # Represents the order of the columns, starting from the left
+
+
+ColumnWidths = Dict[ColumnInfo, int]
+ColumnWidthsConfig = Dict[str, ColumnWidths]

cycode-0.2.5.dev7/cycode/cli/printers/table_printer.py

@@ -0,0 +1,116 @@
+from typing import List
+
+import click
+
+from cycode.cli.printers.base_table_printer import BaseTablePrinter
+from cycode.cli.printers.table_models import ColumnInfoBuilder, ColumnWidthsConfig
+from cycode.cli.printers.table import Table
+from cycode.cli.utils.string_utils import obfuscate_text, get_position_in_line
+from cycode.cli.consts import SECRET_SCAN_TYPE, INFRA_CONFIGURATION_SCAN_TYPE, SAST_SCAN_TYPE
+from cycode.cli.models import DocumentDetections, Detection, Document
+
+# Creation must have strict order. Represents the order of the columns in the table (from left to right)
+ISSUE_TYPE_COLUMN = ColumnInfoBuilder.build(name='Issue Type')
+RULE_ID_COLUMN = ColumnInfoBuilder.build(name='Rule ID')
+FILE_PATH_COLUMN = ColumnInfoBuilder.build(name='File Path')
+SECRET_SHA_COLUMN = ColumnInfoBuilder.build(name='Secret SHA')
+COMMIT_SHA_COLUMN = ColumnInfoBuilder.build(name='Commit SHA')
+LINE_NUMBER_COLUMN = ColumnInfoBuilder.build(name='Line Number')
+COLUMN_NUMBER_COLUMN = ColumnInfoBuilder.build(name='Column Number')
+VIOLATION_LENGTH_COLUMN = ColumnInfoBuilder.build(name='Violation Length')
+VIOLATION_COLUMN = ColumnInfoBuilder.build(name='Violation')
+
+COLUMN_WIDTHS_CONFIG: ColumnWidthsConfig = {
+    SECRET_SCAN_TYPE: {
+        ISSUE_TYPE_COLUMN: 2,
+        RULE_ID_COLUMN: 2,
+        FILE_PATH_COLUMN: 2,
+        SECRET_SHA_COLUMN: 2,
+        VIOLATION_COLUMN: 2,
+    },
+    INFRA_CONFIGURATION_SCAN_TYPE: {
+        ISSUE_TYPE_COLUMN: 4,
+        RULE_ID_COLUMN: 3,
+        FILE_PATH_COLUMN: 3,
+    },
+    SAST_SCAN_TYPE: {
+        ISSUE_TYPE_COLUMN: 7,
+        RULE_ID_COLUMN: 2,
+        FILE_PATH_COLUMN: 3,
+    },
+}
+
+
+class TablePrinter(BaseTablePrinter):
+    def _print_results(self, results: List[DocumentDetections]) -> None:
+        table = self._get_table()
+        if self.scan_type in COLUMN_WIDTHS_CONFIG:
+            table.set_cols_width(COLUMN_WIDTHS_CONFIG[self.scan_type])
+
+        for result in results:
+            for detection in result.detections:
+                self._enrich_table_with_values(table, detection, result.document)
+
+        click.echo(table.get_table().draw())
+
+    def _get_table(self) -> Table:
+        table = Table()
+
+        table.add(ISSUE_TYPE_COLUMN)
+        table.add(RULE_ID_COLUMN)
+        table.add(FILE_PATH_COLUMN)
+        table.add(LINE_NUMBER_COLUMN)
+        table.add(COLUMN_NUMBER_COLUMN)
+
+        if self._is_git_repository():
+            table.add(COMMIT_SHA_COLUMN)
+
+        if self.scan_type == SECRET_SCAN_TYPE:
+            table.add(SECRET_SHA_COLUMN)
+            table.add(VIOLATION_LENGTH_COLUMN)
+            table.add(VIOLATION_COLUMN)
+
+        return table
+
+    def _enrich_table_with_values(self, table: Table, detection: Detection, document: Document) -> None:
+        self._enrich_table_with_detection_summary_values(table, detection, document)
+        self._enrich_table_with_detection_code_segment_values(table, detection, document)
+
+    def _enrich_table_with_detection_summary_values(
+            self, table: Table, detection: Detection, document: Document
+    ) -> None:
+        issue_type = detection.message
+        if self.scan_type == SECRET_SCAN_TYPE:
+            issue_type = detection.type
+
+        table.set(ISSUE_TYPE_COLUMN, issue_type)
+        table.set(RULE_ID_COLUMN, detection.detection_rule_id)
+        table.set(FILE_PATH_COLUMN, click.format_filename(document.path))
+        table.set(SECRET_SHA_COLUMN, detection.detection_details.get('sha512', ''))
+        table.set(COMMIT_SHA_COLUMN, detection.detection_details.get('commit_id', ''))
+
+    def _enrich_table_with_detection_code_segment_values(
+            self, table: Table, detection: Detection, document: Document
+    ) -> None:
+        detection_details = detection.detection_details
+
+        detection_line = detection_details.get('line_in_file', -1)
+        if self.scan_type == SECRET_SCAN_TYPE:
+            detection_line = detection_details.get('line', -1)
+
+        detection_column = get_position_in_line(document.content, detection_details.get('start_position', -1))
+        violation_length = detection_details.get('length', -1)
+
+        violation = ''
+        file_content_lines = document.content.splitlines()
+        if detection_line < len(file_content_lines):
+            line = file_content_lines[detection_line]
+            violation = line[detection_column: detection_column + violation_length]
+
+            if not self.show_secret:
+                violation = obfuscate_text(violation)
+
+        table.set(LINE_NUMBER_COLUMN, str(detection_line))
+        table.set(COLUMN_NUMBER_COLUMN, str(detection_column))
+        table.set(VIOLATION_LENGTH_COLUMN, f'{violation_length} chars')
+        table.set(VIOLATION_COLUMN, violation)

{cycode-0.2.5.dev6 → cycode-0.2.5.dev7}/cycode/cli/printers/text_printer.py

@@ -7,14 +7,10 @@ from cycode.cli.printers.base_printer import BasePrinter
 from cycode.cli.models import DocumentDetections, Detection, Document, CliResult, CliError
 from cycode.cli.config import config
 from cycode.cli.consts import SECRET_SCAN_TYPE, COMMIT_RANGE_BASED_COMMAND_SCAN_TYPES
-from cycode.cli.utils.string_utils import obfuscate_text
+from cycode.cli.utils.string_utils import obfuscate_text, get_position_in_line
 
 
 class TextPrinter(BasePrinter):
-    RED_COLOR_NAME = 'red'
-    WHITE_COLOR_NAME = 'white'
-    GREEN_COLOR_NAME = 'green'
-
     def __init__(self, context: click.Context):
         super().__init__(context)
         self.scan_id: str = context.obj.get('scan_id')
@@ -132,9 +128,6 @@ class TextPrinter(BasePrinter):
 
         return self.WHITE_COLOR_NAME
 
-    def _get_position_in_line(self, text: str, position: int) -> int:
-        return position - text.rfind('\n', 0, position) - 1
-
     def _get_line_number_style(self, line_number: int):
         return f'{click.style(str(line_number), fg=self.WHITE_COLOR_NAME, bold=False)} ' \
                f'{click.style("|", fg=self.RED_COLOR_NAME, bold=False)}'
@@ -158,7 +151,7 @@ class TextPrinter(BasePrinter):
         file_content = document.content
         file_lines = file_content.splitlines()
         start_line = self._get_code_segment_start_line(detection_line, code_segment_size)
-        detection_position_in_line = self._get_position_in_line(file_content, detection_position)
+        detection_position_in_line = get_position_in_line(file_content, detection_position)
 
         click.echo()
         for i in range(code_segment_size):
@@ -182,7 +175,7 @@ class TextPrinter(BasePrinter):
         git_diff_content = document.content
         git_diff_lines = git_diff_content.splitlines()
         detection_line = git_diff_lines[detection_line_number]
-        detection_position_in_line = self._get_position_in_line(git_diff_content, detection_position)
+        detection_position_in_line = get_position_in_line(git_diff_content, detection_position)
 
         click.echo()
         self._print_detection_line(document, detection_line, detection_line_number_in_original_file,

{cycode-0.2.5.dev6 → cycode-0.2.5.dev7}/cycode/cli/utils/string_utils.py

@@ -43,3 +43,7 @@ def generate_random_string(string_len: int):
     # letters, digits, and symbols
     characters = string.ascii_letters + string.digits + string.punctuation
     return ''.join(random.choice(characters) for _ in range(string_len))
+
+
+def get_position_in_line(text: str, position: int) -> int:
+    return position - text.rfind('\n', 0, position) - 1

{cycode-0.2.5.dev6 → cycode-0.2.5.dev7}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "cycode"
-version = "0.2.5.dev6" # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
+version = "0.2.5.dev7" # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
 description = "Perform secrets/iac scans for your sources using Cycode's engine"
 keywords=["secret-scan", "cycode", "devops", "token", "secret", "security", "cycode", "code"]
 authors = ["Cycode <support@cycode.com>"]

cycode-0.2.5.dev6/cycode/__init__.py

@@ -1 +0,0 @@
-__version__ = '0.2.5.dev6'   # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag