cycode 1.9.5.dev5__tar.gz → 1.9.6.dev2__tar.gz

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: cycode
-Version: 1.9.5.dev5
+Version: 1.9.6.dev2
 Summary: Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning.
 Home-page: https://github.com/cycodehq/cycode-cli
 License: MIT
@@ -557,9 +557,12 @@ Secret SHA: a44081db3296c84b82d12a35c446a3cba19411dddfa0380134c75f7b3973bff0
 
 ### Soft Fail
 
-Utilizing the soft fail feature will not fail the CI/CD step within the pipeline if the Cycode scan finds an issue. Additionally, in case an issue occurs from Cycode’s side, a soft fail will automatically execute to avoid interference.
+Using the soft fail feature will not fail the CI/CD step within the pipeline if the Cycode scan detects an issue.
+If an issue occurs during the Cycode scan, using a soft fail feature will automatically execute with success (`0`) to avoid interference.
 
-Add the `--soft-fail` argument to any type of scan to configure this feature, then assign a value of `1` if you want found issues to result in a failure within the CI/CD tool or `0` for scan results to have no impact (result in a `success` result).
+To configure this feature, add the `--soft-fail` option to any type of scan. This will force the scan results to succeed (exit code `0`).
+
+Scan results are assigned with a value of exit code `1` when issues are found in the scan results; this will result in a failure within the CI/CD tool. Use the option `--soft-fail` to force the results with the exit code `0` to have no impact (i.e., to have a successful result).
 
 ### Example Scan Results
 

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/README.md

@@ -519,9 +519,12 @@ Secret SHA: a44081db3296c84b82d12a35c446a3cba19411dddfa0380134c75f7b3973bff0
 
 ### Soft Fail
 
-Utilizing the soft fail feature will not fail the CI/CD step within the pipeline if the Cycode scan finds an issue. Additionally, in case an issue occurs from Cycode’s side, a soft fail will automatically execute to avoid interference.
+Using the soft fail feature will not fail the CI/CD step within the pipeline if the Cycode scan detects an issue.
+If an issue occurs during the Cycode scan, using a soft fail feature will automatically execute with success (`0`) to avoid interference.
 
-Add the `--soft-fail` argument to any type of scan to configure this feature, then assign a value of `1` if you want found issues to result in a failure within the CI/CD tool or `0` for scan results to have no impact (result in a `success` result).
+To configure this feature, add the `--soft-fail` option to any type of scan. This will force the scan results to succeed (exit code `0`).
+
+Scan results are assigned with a value of exit code `1` when issues are found in the scan results; this will result in a failure within the CI/CD tool. Use the option `--soft-fail` to force the results with the exit code `0` to have no impact (i.e., to have a successful result).
 
 ### Example Scan Results
 

cycode-1.9.6.dev2/cycode/__init__.py

@@ -0,0 +1 @@
+__version__ = '1.9.6.dev2'  # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/commands/auth/auth_manager.py

@@ -29,20 +29,20 @@ class AuthManager:
         self.auth_client = AuthClient()
 
     def authenticate(self) -> None:
-        logger.debug('generating pkce code pair')
+        logger.debug('Generating PKCE code pair')
         code_challenge, code_verifier = self._generate_pkce_code_pair()
 
-        logger.debug('starting authentication session')
+        logger.debug('Starting authentication session')
         session_id = self.start_session(code_challenge)
-        logger.debug('authentication session created, %s', {'session_id': session_id})
+        logger.debug('Authentication session created, %s', {'session_id': session_id})
 
-        logger.debug('opening browser and redirecting to cycode login page')
+        logger.debug('Opening browser and redirecting to Cycode login page')
         self.redirect_to_login_page(code_challenge, session_id)
 
-        logger.debug('starting get api token process')
+        logger.debug('Getting API token')
         api_token = self.get_api_token(session_id, code_verifier)
 
-        logger.debug('saving get api token')
+        logger.debug('Saving API token')
         self.save_api_token(api_token)
 
     def start_session(self, code_challenge: str) -> str:
@@ -56,20 +56,20 @@ class AuthManager:
     def get_api_token(self, session_id: str, code_verifier: str) -> 'ApiToken':
         api_token = self.get_api_token_polling(session_id, code_verifier)
         if api_token is None:
-            raise AuthProcessError('getting api token is completed, but the token is missing')
+            raise AuthProcessError('API token pulling is completed, but the token is missing')
         return api_token
 
     def get_api_token_polling(self, session_id: str, code_verifier: str) -> 'ApiToken':
         end_polling_time = time.time() + self.POLLING_TIMEOUT_IN_SECONDS
         while time.time() < end_polling_time:
-            logger.debug('trying to get api token...')
+            logger.debug('Trying to get API token...')
             api_token_polling_response = self.auth_client.get_api_token(session_id, code_verifier)
             if self._is_api_token_process_completed(api_token_polling_response):
-                logger.debug('get api token process completed')
+                logger.debug('Got API token process completion response')
                 return api_token_polling_response.api_token
             if self._is_api_token_process_failed(api_token_polling_response):
-                logger.debug('get api token process failed')
-                raise AuthProcessError('error during getting api token')
+                logger.debug('Got API token process failure response')
+                raise AuthProcessError('Error while obtaining API token')
             time.sleep(self.POLLING_WAIT_INTERVAL_IN_SECONDS)
 
         raise AuthProcessError('session expired')

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/commands/report/sbom/common.py

@@ -70,7 +70,7 @@ def send_report_feedback(
 
         client.report_status(report_execution_id, scan_status)
     except Exception as e:
-        logger.debug(f'Failed to send report feedback: {e}')
+        logger.debug('Failed to send report feedback', exc_info=e)
 
 
 def create_sbom_report(

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/commands/scan/code_scanner.py

@@ -200,7 +200,7 @@ def _get_scan_documents_thread_func(
             scan_id = local_scan_result.scan_id
 
         logger.debug(
-            'Finished scan process, %s',
+            'Processing scan results, %s',
             {
                 'all_violations_count': detections_count,
                 'relevant_violations_count': relevant_detections_count,
@@ -246,14 +246,14 @@ def scan_commit_range(
 
     repo = Repo(path)
     total_commits_count = int(repo.git.rev_list('--count', commit_range))
-    logger.debug(f'Calculating diffs for {total_commits_count} commits in the commit range {commit_range}')
+    logger.debug('Calculating diffs for %s commits in the commit range %s', total_commits_count, commit_range)
 
     progress_bar.set_section_length(ScanProgressBarSection.PREPARE_LOCAL_FILES, total_commits_count)
 
     scanned_commits_count = 0
     for commit in repo.iter_commits(rev=commit_range):
         if _does_reach_to_max_commits_to_scan_limit(commit_ids_to_scan, max_commits_count):
-            logger.debug(f'Reached to max commits to scan count. Going to scan only {max_commits_count} last commits')
+            logger.debug('Reached to max commits to scan count. Going to scan only %s last commits', max_commits_count)
             progress_bar.update(ScanProgressBarSection.PREPARE_LOCAL_FILES, total_commits_count - scanned_commits_count)
             break
 
@@ -284,7 +284,7 @@ def scan_commit_range(
         scanned_commits_count += 1
 
     logger.debug('List of commit ids to scan, %s', {'commit_ids': commit_ids_to_scan})
-    logger.debug('Starting to scan commit range (It may take a few minutes)')
+    logger.debug('Starting to scan commit range (it may take a few minutes)')
 
     scan_documents(context, documents_to_scan, is_git_diff=True, is_commit_range=True)
     return None
@@ -307,7 +307,8 @@ def scan_documents(
         ConsolePrinter(context).print_error(
             CliError(
                 code='no_relevant_files',
-                message='Error: The scan could not be completed - relevant files to scan are not found.',
+                message='Error: The scan could not be completed - relevant files to scan are not found. '
+                'Enable verbose mode to see more details.',
             )
         )
         return
@@ -392,7 +393,7 @@ def scan_commit_range_documents(
         scan_id = local_scan_result.scan_id
 
     logger.debug(
-        'Finished scan process, %s',
+        'Processing commit range scan results, %s',
         {
             'all_violations_count': detections_count,
             'relevant_violations_count': relevant_detections_count,
@@ -475,7 +476,7 @@ def perform_scan_async(
     scan_parameters: dict,
 ) -> ZippedFileScanResult:
     scan_async_result = cycode_client.zipped_file_scan_async(zipped_documents, scan_type, scan_parameters)
-    logger.debug('scan request has been triggered successfully, scan id: %s', scan_async_result.scan_id)
+    logger.debug('Async scan request has been triggered successfully, %s', {'scan_id': scan_async_result.scan_id})
 
     return poll_scan_results(
         cycode_client,
@@ -492,7 +493,7 @@ def perform_scan_sync(
     scan_parameters: dict,
 ) -> ZippedFileScanResult:
     scan_results = cycode_client.zipped_file_scan_sync(zipped_documents, scan_type, scan_parameters)
-    logger.debug('scan request has been triggered successfully, scan id: %s', scan_results.id)
+    logger.debug('Sync scan request has been triggered successfully, %s', {'scan_id': scan_results.id})
     return ZippedFileScanResult(
         did_detect=True,
         detections_per_file=_map_detections_per_file(scan_results.detection_messages),
@@ -512,7 +513,9 @@ def perform_commit_range_scan_async(
         from_commit_zipped_documents, to_commit_zipped_documents, scan_type, scan_parameters
     )
 
-    logger.debug('scan request has been triggered successfully, scan id: %s', scan_async_result.scan_id)
+    logger.debug(
+        'Async commit range scan request has been triggered successfully, %s', {'scan_id': scan_async_result.scan_id}
+    )
     return poll_scan_results(
         cycode_client, scan_async_result.scan_id, scan_type, scan_parameters.get('report'), timeout
     )
@@ -552,11 +555,12 @@ def poll_scan_results(
 
 
 def print_debug_scan_details(scan_details_response: 'ScanDetailsResponse') -> None:
-    logger.debug(f'Scan update: (scan_id: {scan_details_response.id})')
-    logger.debug(f'Scan status: {scan_details_response.scan_status}')
+    logger.debug(
+        'Scan update, %s', {'scan_id': scan_details_response.id, 'scan_status': scan_details_response.scan_status}
+    )
 
     if scan_details_response.message:
-        logger.debug(f'Scan message: {scan_details_response.message}')
+        logger.debug('Scan message: %s', scan_details_response.message)
 
 
 def print_results(
@@ -569,14 +573,16 @@ def print_results(
 def get_document_detections(
     scan_result: ZippedFileScanResult, documents_to_scan: List[Document]
 ) -> List[DocumentDetections]:
-    logger.debug('Get document detections')
+    logger.debug('Getting document detections')
 
     document_detections = []
     for detections_per_file in scan_result.detections_per_file:
         file_name = get_path_by_os(detections_per_file.file_name)
         commit_id = detections_per_file.commit_id
 
-        logger.debug('Going to find document of violated file, %s', {'file_name': file_name, 'commit_id': commit_id})
+        logger.debug(
+            'Going to find the document of the violated file., %s', {'file_name': file_name, 'commit_id': commit_id}
+        )
 
         document = _get_document_by_file_name(documents_to_scan, file_name, commit_id)
         document_detections.append(DocumentDetections(document=document, detections=detections_per_file.detections))
@@ -659,10 +665,10 @@ def get_scan_parameters(context: click.Context, paths: Tuple[str]) -> dict:
 def try_get_git_remote_url(path: str) -> Optional[str]:
     try:
         remote_url = Repo(path).remotes[0].config_reader.get('url')
-        logger.debug(f'Found Git remote URL "{remote_url}" in path "{path}"')
+        logger.debug('Found Git remote URL, %s', {'remote_url': remote_url, 'path': path})
         return remote_url
     except Exception as e:
-        logger.debug('Failed to get git remote URL. %s', {'exception_message': str(e)})
+        logger.debug('Failed to get Git remote URL', exc_info=e)
         return None
 
 
@@ -719,15 +725,15 @@ def _should_exclude_detection(detection: Detection, exclusions: Dict) -> bool:
     exclusions_by_value = exclusions.get(consts.EXCLUSIONS_BY_VALUE_SECTION_NAME, [])
     if _is_detection_sha_configured_in_exclusions(detection, exclusions_by_value):
         logger.debug(
-            'Going to ignore violations because is in the values to ignore list, %s',
-            {'sha': detection.detection_details.get('sha512', '')},
+            'Going to ignore violations because they are on the values-to-ignore list, %s',
+            {'value_sha': detection.detection_details.get('sha512', '')},
         )
         return True
 
     exclusions_by_sha = exclusions.get(consts.EXCLUSIONS_BY_SHA_SECTION_NAME, [])
     if _is_detection_sha_configured_in_exclusions(detection, exclusions_by_sha):
         logger.debug(
-            'Going to ignore violations because is in the shas to ignore list, %s',
+            'Going to ignore violations because they are on the SHA ignore list, %s',
             {'sha': detection.detection_details.get('sha512', '')},
         )
         return True
@@ -737,7 +743,7 @@ def _should_exclude_detection(detection: Detection, exclusions: Dict) -> bool:
         detection_rule = detection.detection_rule_id
         if detection_rule in exclusions_by_rule:
             logger.debug(
-                'Going to ignore violations because is in the shas to ignore list, %s',
+                'Going to ignore violations because they are on the Rule ID ignore list, %s',
                 {'detection_rule': detection_rule},
             )
             return True
@@ -747,7 +753,7 @@ def _should_exclude_detection(detection: Detection, exclusions: Dict) -> bool:
         package = _get_package_name(detection)
         if package in exclusions_by_package:
             logger.debug(
-                'Going to ignore violations because is in the packages to ignore list, %s', {'package': package}
+                'Going to ignore violations because they are on the packages-to-ignore list, %s', {'package': package}
             )
             return True
 
@@ -810,7 +816,7 @@ def _report_scan_status(
 
         cycode_client.report_scan_status(scan_type, scan_id, scan_status, should_use_scan_service)
     except Exception as e:
-        logger.debug('Failed to report scan status, %s', {'exception_message': str(e)})
+        logger.debug('Failed to report scan status', exc_info=e)
 
 
 def _generate_unique_id() -> UUID:
@@ -868,7 +874,7 @@ def _try_get_report_url_if_needed(
         report_url_response = cycode_client.get_scan_report_url(scan_id, scan_type)
         return report_url_response.report_url
     except Exception as e:
-        logger.debug('Failed to get report url: %s', str(e))
+        logger.debug('Failed to get report URL', exc_info=e)
 
 
 def wait_for_detections_creation(
@@ -883,16 +889,18 @@ def wait_for_detections_creation(
     while time.time() < end_polling_time:
         scan_persisted_detections_count = cycode_client.get_scan_detections_count(scan_type, scan_id)
         logger.debug(
-            f'Excepted {expected_detections_count} detections, got {scan_persisted_detections_count} detections '
-            f'({expected_detections_count - scan_persisted_detections_count} more; '
-            f'{round(end_polling_time - time.time())} seconds left)'
+            'Excepting %s detections, got %s detections (%s more; %s seconds left)',
+            expected_detections_count,
+            scan_persisted_detections_count,
+            expected_detections_count - scan_persisted_detections_count,
+            round(end_polling_time - time.time()),
         )
         if scan_persisted_detections_count == expected_detections_count:
             return
 
         time.sleep(consts.DETECTIONS_COUNT_VERIFICATION_WAIT_INTERVAL_IN_SECONDS)
 
-    logger.debug(f'{scan_persisted_detections_count} detections has been created')
+    logger.debug('%s detections has been created', scan_persisted_detections_count)
     raise custom_exceptions.ScanAsyncError(
         f'Failed to wait for detections to be created after {polling_timeout} seconds'
     )
@@ -905,14 +913,14 @@ def _map_detections_per_file(detections: List[dict]) -> List[DetectionsPerFile]:
             detection['message'] = detection['correlation_message']
             file_name = _get_file_name_from_detection(detection)
             if file_name is None:
-                logger.debug('file name is missing from detection with id %s', detection.get('id'))
+                logger.debug('File name is missing from detection with ID %s', detection.get('id'))
                 continue
             if detections_per_files.get(file_name) is None:
                 detections_per_files[file_name] = [DetectionSchema().load(detection)]
             else:
                 detections_per_files[file_name].append(DetectionSchema().load(detection))
         except Exception as e:
-            logger.debug('Failed to parse detection: %s', str(e))
+            logger.debug('Failed to parse detection', exc_info=e)
             continue
 
     return [

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/commands/scan/pre_receive/pre_receive_command.py

@@ -32,14 +32,14 @@ def pre_receive_command(context: click.Context, ignored_args: List[str]) -> None
 
         if should_skip_pre_receive_scan():
             logger.info(
-                'A scan has been skipped as per your request.'
-                ' Please note that this may leave your system vulnerable to secrets that have not been detected'
+                'A scan has been skipped as per your request. '
+                'Please note that this may leave your system vulnerable to secrets that have not been detected.'
             )
             return
 
         if is_verbose_mode_requested_in_pre_receive_scan():
             enable_verbose_mode(context)
-            logger.debug('Verbose mode enabled, all log levels will be displayed')
+            logger.debug('Verbose mode enabled: all log levels will be displayed.')
 
         command_scan_type = context.info_name
         timeout = configuration_manager.get_pre_receive_command_timeout(command_scan_type)
@@ -51,7 +51,8 @@ def pre_receive_command(context: click.Context, ignored_args: List[str]) -> None
             commit_range = calculate_pre_receive_commit_range(branch_update_details)
             if not commit_range:
                 logger.info(
-                    'No new commits found for pushed branch, %s', {'branch_update_details': branch_update_details}
+                    'No new commits found for pushed branch, %s',
+                    {'branch_update_details': branch_update_details},
                 )
                 return
 

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/files_collector/excluder.py

@@ -62,23 +62,36 @@ def _does_document_exceed_max_size_limit(content: str) -> bool:
 
 def _is_relevant_file_to_scan(scan_type: str, filename: str) -> bool:
     if _is_subpath_of_cycode_configuration_folder(filename):
-        logger.debug('file is irrelevant because it is in cycode configuration directory, %s', {'filename': filename})
+        logger.debug(
+            'The file is irrelevant because it is in the Cycode configuration directory, %s',
+            {'filename': filename, 'configuration_directory': consts.CYCODE_CONFIGURATION_DIRECTORY},
+        )
         return False
 
     if _is_path_configured_in_exclusions(scan_type, filename):
-        logger.debug('file is irrelevant because the file path is in the ignore paths list, %s', {'filename': filename})
+        logger.debug('The file is irrelevant because its path is in the ignore paths list, %s', {'filename': filename})
         return False
 
     if not _is_file_extension_supported(scan_type, filename):
-        logger.debug('file is irrelevant because the file extension is not supported, %s', {'filename': filename})
+        logger.debug(
+            'The file is irrelevant because its extension is not supported, %s',
+            {'scan_type': scan_type, 'filename': filename},
+        )
         return False
 
     if is_binary_file(filename):
-        logger.debug('file is irrelevant because it is binary file, %s', {'filename': filename})
+        logger.debug('The file is irrelevant because it is a binary file, %s', {'filename': filename})
         return False
 
     if scan_type != consts.SCA_SCAN_TYPE and _does_file_exceed_max_size_limit(filename):
-        logger.debug('file is irrelevant because its exceeded max size limit, %s', {'filename': filename})
+        logger.debug(
+            'The file is irrelevant because it has exceeded the maximum size limit, %s',
+            {
+                'max_file_size': consts.FILE_MAX_SIZE_LIMIT_IN_BYTES,
+                'file_size': get_file_size(filename),
+                'filename': filename,
+            },
+        )
         return False
 
     if scan_type == consts.SCA_SCAN_TYPE and not _is_file_relevant_for_sca_scan(filename):
@@ -89,7 +102,9 @@ def _is_relevant_file_to_scan(scan_type: str, filename: str) -> bool:
 
 def _is_file_relevant_for_sca_scan(filename: str) -> bool:
     if any(sca_excluded_path in filename for sca_excluded_path in consts.SCA_EXCLUDED_PATHS):
-        logger.debug("file is irrelevant because it is from node_modules's inner path, %s", {'filename': filename})
+        logger.debug(
+            'The file is irrelevant because it is from the inner path of node_modules, %s', {'filename': filename}
+        )
         return False
 
     return True
@@ -98,27 +113,39 @@ def _is_file_relevant_for_sca_scan(filename: str) -> bool:
 def _is_relevant_document_to_scan(scan_type: str, filename: str, content: str) -> bool:
     if _is_subpath_of_cycode_configuration_folder(filename):
         logger.debug(
-            'document is irrelevant because it is in cycode configuration directory, %s', {'filename': filename}
+            'The document is irrelevant because it is in the Cycode configuration directory, %s',
+            {'filename': filename, 'configuration_directory': consts.CYCODE_CONFIGURATION_DIRECTORY},
         )
         return False
 
     if _is_path_configured_in_exclusions(scan_type, filename):
         logger.debug(
-            'document is irrelevant because the document path is in the ignore paths list, %s', {'filename': filename}
+            'The document is irrelevant because its path is in the ignore paths list, %s', {'filename': filename}
         )
         return False
 
     if not _is_file_extension_supported(scan_type, filename):
-        logger.debug('document is irrelevant because the file extension is not supported, %s', {'filename': filename})
+        logger.debug(
+            'The document is irrelevant because its extension is not supported, %s',
+            {'scan_type': scan_type, 'filename': filename},
+        )
         return False
 
     if is_binary_content(content):
-        logger.debug('document is irrelevant because it is binary, %s', {'filename': filename})
+        logger.debug('The document is irrelevant because it is a binary file, %s', {'filename': filename})
         return False
 
     if scan_type != consts.SCA_SCAN_TYPE and _does_document_exceed_max_size_limit(content):
-        logger.debug('document is irrelevant because its exceeded max size limit, %s', {'filename': filename})
+        logger.debug(
+            'The document is irrelevant because it has exceeded the maximum size limit, %s',
+            {
+                'max_document_size': consts.FILE_MAX_SIZE_LIMIT_IN_BYTES,
+                'document_size': get_content_size(content),
+                'filename': filename,
+            },
+        )
         return False
+
     return True
 
 

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/files_collector/path_documents.py

@@ -74,7 +74,7 @@ def _get_relevant_files(
     progress_bar.set_section_length(progress_bar_section, progress_bar_section_len)
 
     logger.debug(
-        'Found all relevant files for scanning %s', {'paths': paths, 'file_to_scan_count': len(relevant_files_to_scan)}
+        'Found all relevant files for scanning, %s', {'paths': paths, 'file_to_scan_count': len(relevant_files_to_scan)}
     )
 
     return relevant_files_to_scan

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/files_collector/sca/maven/base_restore_maven_dependencies.py

@@ -17,7 +17,7 @@ def execute_command(command: List[str], file_name: str, command_timeout: int) ->
     try:
         dependencies = shell(command, command_timeout)
     except Exception as e:
-        logger.debug('Failed to restore dependencies shell comment. %s', {'filename': file_name, 'exception': str(e)})
+        logger.debug('Failed to restore dependencies via shell command, %s', {'filename': file_name}, exc_info=e)
         return None
 
     return dependencies

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/files_collector/sca/sca_code_scanner.py

@@ -47,7 +47,7 @@ def add_ecosystem_related_files_if_exists(
     for doc in documents:
         ecosystem = get_project_file_ecosystem(doc)
         if ecosystem is None:
-            logger.debug('failed to resolve project file ecosystem: %s', doc.path)
+            logger.debug('Failed to resolve project file ecosystem: %s', doc.path)
             continue
 
         documents_to_add.extend(get_doc_ecosystem_related_project_files(doc, documents, ecosystem, commit_rev, repo))
@@ -94,20 +94,20 @@ def try_restore_dependencies(
     if restore_dependencies.is_project(document):
         restore_dependencies_document = restore_dependencies.restore(document)
         if restore_dependencies_document is None:
-            logger.warning('Error occurred while trying to generate dependencies tree. %s', {'filename': document.path})
+            logger.warning('Error occurred while trying to generate dependencies tree, %s', {'filename': document.path})
             return
 
         if restore_dependencies_document.content is None:
-            logger.warning('Error occurred while trying to generate dependencies tree. %s', {'filename': document.path})
+            logger.warning('Error occurred while trying to generate dependencies tree, %s', {'filename': document.path})
             restore_dependencies_document.content = ''
         else:
             is_monitor_action = context.obj.get('monitor')
             project_path = context.params.get('path')
             manifest_file_path = get_manifest_file_path(document, is_monitor_action, project_path)
-            logger.debug(f'Succeeded to generate dependencies tree on path: {manifest_file_path}')
+            logger.debug('Succeeded to generate dependencies tree on path: %s', manifest_file_path)
 
         if restore_dependencies_document.path in documents_to_add:
-            logger.debug(f'Duplicate document on restore for path: {restore_dependencies_document.path}')
+            logger.debug('Duplicate document on restore for path: %s', restore_dependencies_document.path)
         else:
             documents_to_add[restore_dependencies_document.path] = restore_dependencies_document
 
@@ -147,5 +147,5 @@ def perform_pre_scan_documents_actions(
     context: click.Context, scan_type: str, documents_to_scan: List[Document], is_git_diff: bool = False
 ) -> None:
     if scan_type == consts.SCA_SCAN_TYPE and not context.obj.get(consts.SCA_SKIP_RESTORE_DEPENDENCIES_FLAG):
-        logger.debug('Perform pre scan document add_dependencies_tree_document action')
+        logger.debug('Perform pre-scan document add_dependencies_tree_document action')
         add_dependencies_tree_document(context, documents_to_scan, is_git_diff)

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/files_collector/zip_documents.py

@@ -1,4 +1,4 @@
-import time
+import timeit
 from pathlib import Path
 from typing import List, Optional
 
@@ -22,25 +22,26 @@ def zip_documents(scan_type: str, documents: List[Document], zip_file: Optional[
     if zip_file is None:
         zip_file = InMemoryZip()
 
-    start_zip_creation_time = time.time()
+    start_zip_creation_time = timeit.default_timer()
 
     for index, document in enumerate(documents):
         _validate_zip_file_size(scan_type, zip_file.size)
 
         logger.debug(
-            'adding file to zip, %s', {'index': index, 'filename': document.path, 'unique_id': document.unique_id}
+            'Adding file to ZIP, %s',
+            {'index': index, 'filename': document.path, 'unique_id': document.unique_id},
         )
         zip_file.append(document.path, document.unique_id, document.content)
 
     zip_file.close()
 
-    end_zip_creation_time = time.time()
+    end_zip_creation_time = timeit.default_timer()
     zip_creation_time = int(end_zip_creation_time - start_zip_creation_time)
-    logger.debug('finished to create zip file, %s', {'zip_creation_time': zip_creation_time})
+    logger.debug('Finished to create ZIP file, %s', {'zip_creation_time': zip_creation_time})
 
     if zip_file.configuration_manager.get_debug_flag():
         zip_file_path = Path.joinpath(Path.cwd(), f'{scan_type}_scan_{end_zip_creation_time}.zip')
-        logger.debug('writing zip file to disk, %s', {'zip_file_path': zip_file_path})
+        logger.debug('Writing ZIP file to disk, %s', {'zip_file_path': zip_file_path})
         zip_file.write_on_disk(zip_file_path)
 
     return zip_file

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/utils/progress_bar.py

@@ -11,8 +11,8 @@ if TYPE_CHECKING:
     from click._termui_impl import ProgressBar
     from click.termui import V as ProgressBarValue
 
-
-logger = get_logger('progress bar')
+# use LOGGING_LEVEL=DEBUG env var to see debug logs of this module
+logger = get_logger('progress bar', control_level_in_runtime=False)
 
 
 class ProgressBarSection(AutoCountEnum):
@@ -184,7 +184,7 @@ class CompositeProgressBar(BaseProgressBar):
             self.__exit__(None, None, None)
 
     def set_section_length(self, section: 'ProgressBarSection', length: int = 0) -> None:
-        logger.debug(f'set_section_length: {section} {length}')
+        logger.debug('Calling set_section_length, %s', {'section': str(section), 'length': length})
         self._section_lengths[section] = length
 
         if length == 0:
@@ -203,8 +203,11 @@ class CompositeProgressBar(BaseProgressBar):
     def _increment_section_value(self, section: 'ProgressBarSection', value: int) -> None:
         self._section_values[section] = self._section_values.get(section, 0) + value
         logger.debug(
-            f'_increment_section_value: {section} +{value}. '
-            f'{self._section_values[section]}/{self._section_lengths[section]}'
+            'Calling _increment_section_value: %s +%s. %s/%s',
+            section,
+            value,
+            self._section_values[section],
+            self._section_lengths[section],
         )
 
     def _rerender_progress_bar(self) -> None:
@@ -225,7 +228,9 @@ class CompositeProgressBar(BaseProgressBar):
         cur_val = self._section_values.get(self._current_section.section, 0)
         if cur_val >= max_val:
             next_section = self._progress_bar_sections[self._current_section.section.next()]
-            logger.debug(f'_update_current_section: {self._current_section.section} -> {next_section.section}')
+            logger.debug(
+                'Calling _update_current_section:  %s -> %s', self._current_section.section, next_section.section
+            )
 
             self._current_section = next_section
             self._current_section_value = 0

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cli/utils/shell_executor.py

@@ -11,7 +11,7 @@ _SUBPROCESS_DEFAULT_TIMEOUT_SEC = 60
 def shell(
     command: Union[str, List[str]], timeout: int = _SUBPROCESS_DEFAULT_TIMEOUT_SEC, execute_in_shell: bool = False
 ) -> Optional[str]:
-    logger.debug(f'Executing shell command: {command}')
+    logger.debug('Executing shell command: %s', command)
 
     try:
         result = subprocess.run(
@@ -24,7 +24,7 @@ def shell(
 
         return result.stdout.decode('UTF-8').strip()
     except subprocess.CalledProcessError as e:
-        logger.debug(f'Error occurred while running shell command. Exception: {e.stderr}')
+        logger.debug('Error occurred while running shell command', exc_info=e)
     except subprocess.TimeoutExpired as e:
         raise click.Abort(f'Command "{command}" timed out') from e
     except Exception as e:

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cyclient/config.py

@@ -1,7 +1,7 @@
 import logging
 import os
 import sys
-from typing import Optional, Union
+from typing import NamedTuple, Optional, Set, Union
 from urllib.parse import urlparse
 
 from cycode.cli import consts
@@ -42,7 +42,13 @@ DEFAULT_CONFIGURATION = {
 
 configuration = dict(DEFAULT_CONFIGURATION, **os.environ)
 
-_CREATED_LOGGERS = set()
+
+class CreatedLogger(NamedTuple):
+    logger: logging.Logger
+    control_level_in_runtime: bool
+
+
+_CREATED_LOGGERS: Set[CreatedLogger] = set()
 
 
 def get_logger_level() -> Optional[Union[int, str]]:
@@ -50,18 +56,19 @@ def get_logger_level() -> Optional[Union[int, str]]:
     return logging.getLevelName(config_level)
 
 
-def get_logger(logger_name: Optional[str] = None) -> logging.Logger:
+def get_logger(logger_name: Optional[str] = None, control_level_in_runtime: bool = True) -> logging.Logger:
     new_logger = logging.getLogger(logger_name)
     new_logger.setLevel(get_logger_level())
 
-    _CREATED_LOGGERS.add(new_logger)
+    _CREATED_LOGGERS.add(CreatedLogger(logger=new_logger, control_level_in_runtime=control_level_in_runtime))
 
     return new_logger
 
 
 def set_logging_level(level: int) -> None:
     for created_logger in _CREATED_LOGGERS:
-        created_logger.setLevel(level)
+        if created_logger.control_level_in_runtime:
+            created_logger.logger.setLevel(level)
 
 
 def get_val_as_string(key: str) -> str:
@@ -83,10 +90,9 @@ def get_val_as_int(key: str) -> Optional[int]:
 
 def is_valid_url(url: str) -> bool:
     try:
-        urlparse(url)
-        return True
-    except ValueError as e:
-        logger.warning(f'Invalid cycode api url: {url}, using default value', e)
+        parsed_url = urlparse(url)
+        return all([parsed_url.scheme, parsed_url.netloc])
+    except ValueError:
         return False
 
 
@@ -95,6 +101,9 @@ configuration_manager = ConfigurationManager()
 
 cycode_api_url = configuration_manager.get_cycode_api_url()
 if not is_valid_url(cycode_api_url):
+    logger.warning(
+        'Invalid Cycode API URL: %s, using default value (%s)', cycode_api_url, consts.DEFAULT_CYCODE_API_URL
+    )
     cycode_api_url = consts.DEFAULT_CYCODE_API_URL
 
 timeout = get_val_as_int(consts.CYCODE_CLI_REQUEST_TIMEOUT_ENV_VAR_NAME)

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cyclient/cycode_client_base.py

@@ -44,7 +44,10 @@ class CycodeClientBase:
         **kwargs,
     ) -> Response:
         url = self.build_full_url(self.api_url, endpoint)
-        logger.debug(f'Executing {method.upper()} request to {url}')
+        logger.debug(
+            'Executing request, %s',
+            {'method': method.upper(), 'url': url},
+        )
 
         timeout = self.timeout
         if 'timeout' in kwargs:
@@ -56,7 +59,10 @@ class CycodeClientBase:
             response = request(method=method, url=url, timeout=timeout, headers=headers, **kwargs)
 
             content = 'HIDDEN' if hide_response_content_log else response.text
-            logger.debug(f'Response {response.status_code} from {url}. Content: {content}')
+            logger.debug(
+                'Receiving response, %s',
+                {'status_code': response.status_code, 'url': url, 'content': content},
+            )
 
             response.raise_for_status()
             return response

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/cycode/cyclient/headers.py

@@ -38,7 +38,7 @@ class _CorrelationId:
         if self._id is None:
             # example: 16fd2706-8baf-433b-82eb-8c7fada847da
             self._id = str(uuid4())
-            logger.debug(f'Correlation ID: {self._id}')
+            logger.debug('Correlation ID: %s', self._id)
 
         return self._id
 

{cycode-1.9.5.dev5 → cycode-1.9.6.dev2}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "cycode"
-version = "1.9.5.dev5" # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
+version = "1.9.6.dev2" # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
 description = "Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning."
 keywords=["secret-scan", "cycode", "devops", "token", "secret", "security", "cycode", "code"]
 authors = ["Cycode <support@cycode.com>"]
@@ -96,6 +96,7 @@ extend-select = [
     "TCH",
     "TID",
     "YTT",
+    "G",
 ]
 line-length = 120
 target-version = "py37"

cycode-1.9.5.dev5/cycode/__init__.py

@@ -1 +0,0 @@
-__version__ = '1.9.5.dev5'  # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag