cycode 2.0.1.dev1__py3-none-any.whl → 2.0.1.dev3__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. cycode/__init__.py +1 -1
  2. cycode/cli/commands/scan/code_scanner.py +14 -7
  3. cycode/cli/commands/scan/scan_command.py +1 -1
  4. cycode/cli/files_collector/sca/ruby/__init__.py +0 -0
  5. cycode/cli/files_collector/sca/ruby/restore_ruby_dependencies.py +25 -0
  6. cycode/cli/files_collector/sca/sca_code_scanner.py +2 -0
  7. cycode/cli/models.py +1 -0
  8. {cycode-2.0.1.dev1.dist-info → cycode-2.0.1.dev3.dist-info}/METADATA +2 -2
  9. {cycode-2.0.1.dev1.dist-info → cycode-2.0.1.dev3.dist-info}/RECORD +12 -10
  10. {cycode-2.0.1.dev1.dist-info → cycode-2.0.1.dev3.dist-info}/LICENCE +0 -0
  11. {cycode-2.0.1.dev1.dist-info → cycode-2.0.1.dev3.dist-info}/WHEEL +0 -0
  12. {cycode-2.0.1.dev1.dist-info → cycode-2.0.1.dev3.dist-info}/entry_points.txt +0 -0
cycode/__init__.py CHANGED
@@ -1 +1 @@
1
- __version__ = '2.0.1.dev1' # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
1
+ __version__ = '2.0.1.dev3' # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
cycode/cli/commands/scan/code_scanner.py CHANGED
@@ -713,20 +713,26 @@ def exclude_irrelevant_detections(
713
713
  ) -> List[Detection]:
714
714
  relevant_detections = _exclude_detections_by_exclusions_configuration(detections, scan_type)
715
715
  relevant_detections = _exclude_detections_by_scan_type(relevant_detections, scan_type, command_scan_type)
716
- return _exclude_detections_by_severity(relevant_detections, scan_type, severity_threshold)
716
+ return _exclude_detections_by_severity(relevant_detections, severity_threshold)
717
717
 
718
718
 
719
- def _exclude_detections_by_severity(
720
- detections: List[Detection], scan_type: str, severity_threshold: str
721
- ) -> List[Detection]:
722
- if scan_type != consts.SCA_SCAN_TYPE or severity_threshold is None:
719
+ def _exclude_detections_by_severity(detections: List[Detection], severity_threshold: str) -> List[Detection]:
720
+ if severity_threshold is None:
723
721
  return detections
724
722
 
725
723
  relevant_detections = []
726
724
  for detection in detections:
727
725
  severity = detection.detection_details.get('advisory_severity')
726
+ if not severity:
727
+ severity = detection.severity
728
+
728
729
  if _does_severity_match_severity_threshold(severity, severity_threshold):
729
730
  relevant_detections.append(detection)
731
+ else:
732
+ logger.debug(
733
+ 'Going to ignore violations because they are below the severity threshold, %s',
734
+ {'severity': severity, 'severity_threshold': severity_threshold},
735
+ )
730
736
 
731
737
  return relevant_detections
732
738
 
@@ -861,10 +867,11 @@ def _generate_unique_id() -> UUID:
861
867
 
862
868
  def _does_severity_match_severity_threshold(severity: str, severity_threshold: str) -> bool:
863
869
  detection_severity_value = Severity.try_get_value(severity)
864
- if detection_severity_value is None:
870
+ severity_threshold_value = Severity.try_get_value(severity_threshold)
871
+ if detection_severity_value is None or severity_threshold_value is None:
865
872
  return True
866
873
 
867
- return detection_severity_value >= Severity.try_get_value(severity_threshold)
874
+ return detection_severity_value >= severity_threshold_value
868
875
 
869
876
 
870
877
  def _get_scan_result(
cycode/cli/commands/scan/scan_command.py CHANGED
@@ -66,7 +66,7 @@ from cycode.cli.utils.get_api_client import get_scan_cycode_client
66
66
  @click.option(
67
67
  '--severity-threshold',
68
68
  default=None,
69
- help='Show violations only for the specified level or higher (supported for SCA scan types only).',
69
+ help='Show violations only for the specified level or higher.',
70
70
  type=click.Choice([e.name for e in Severity]),
71
71
  required=False,
72
72
  )
cycode/cli/files_collector/sca/ruby/__init__.py ADDED
File without changes
cycode/cli/files_collector/sca/ruby/restore_ruby_dependencies.py ADDED
@@ -0,0 +1,25 @@
1
+ import os
2
+ from typing import List, Optional
3
+
4
+ from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies
5
+ from cycode.cli.models import Document
6
+
7
+ RUBY_PROJECT_FILE_EXTENSIONS = ['Gemfile']
8
+ RUBY_LOCK_FILE_NAME = 'Gemfile.lock'
9
+
10
+
11
+ class RestoreRubyDependencies(BaseRestoreDependencies):
12
+ def is_project(self, document: Document) -> bool:
13
+ return any(document.path.endswith(ext) for ext in RUBY_PROJECT_FILE_EXTENSIONS)
14
+
15
+ def get_commands(self, manifest_file_path: str) -> List[List[str]]:
16
+ return [['bundle', '--quiet']]
17
+
18
+ def get_lock_file_name(self) -> str:
19
+ return RUBY_LOCK_FILE_NAME
20
+
21
+ def verify_restore_file_already_exist(self, restore_file_path: str) -> bool:
22
+ return os.path.isfile(restore_file_path)
23
+
24
+ def get_working_directory(self, document: Document) -> Optional[str]:
25
+ return os.path.dirname(document.absolute_path)
cycode/cli/files_collector/sca/sca_code_scanner.py CHANGED
@@ -10,6 +10,7 @@ from cycode.cli.files_collector.sca.maven.restore_gradle_dependencies import Res
10
10
  from cycode.cli.files_collector.sca.maven.restore_maven_dependencies import RestoreMavenDependencies
11
11
  from cycode.cli.files_collector.sca.npm.restore_npm_dependencies import RestoreNpmDependencies
12
12
  from cycode.cli.files_collector.sca.nuget.restore_nuget_dependencies import RestoreNugetDependencies
13
+ from cycode.cli.files_collector.sca.ruby.restore_ruby_dependencies import RestoreRubyDependencies
13
14
  from cycode.cli.files_collector.sca.sbt.restore_sbt_dependencies import RestoreSbtDependencies
14
15
  from cycode.cli.models import Document
15
16
  from cycode.cli.utils.git_proxy import git_proxy
@@ -138,6 +139,7 @@ def restore_handlers(context: click.Context, is_git_diff: bool) -> List[BaseRest
138
139
  RestoreGoDependencies(context, is_git_diff, BUILD_DEP_TREE_TIMEOUT),
139
140
  RestoreNugetDependencies(context, is_git_diff, BUILD_DEP_TREE_TIMEOUT),
140
141
  RestoreNpmDependencies(context, is_git_diff, BUILD_DEP_TREE_TIMEOUT),
142
+ RestoreRubyDependencies(context, is_git_diff, BUILD_DEP_TREE_TIMEOUT),
141
143
  ]
142
144
 
143
145
 
cycode/cli/models.py CHANGED
@@ -43,6 +43,7 @@ class Severity(Enum):
43
43
 
44
44
  @staticmethod
45
45
  def try_get_value(name: str) -> any:
46
+ name = name.upper()
46
47
  if name not in Severity.__members__:
47
48
  return None
48
49
 
{cycode-2.0.1.dev1.dist-info → cycode-2.0.1.dev3.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: cycode
3
- Version: 2.0.1.dev1
3
+ Version: 2.0.1.dev3
4
4
  Summary: Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning.
5
5
  Home-page: https://github.com/cycodehq/cycode-cli
6
6
  License: MIT
@@ -327,7 +327,7 @@ The Cycode CLI application offers several types of scans so that you can choose
327
327
  | `--client-id TEXT` | Specify a Cycode client ID for this specific scan execution |
328
328
  | `--show-secret BOOLEAN` | Show secrets in plain text. See [Show/Hide Secrets](#showhide-secrets) section for more details. |
329
329
  | `--soft-fail BOOLEAN` | Run scan without failing, always return a non-error status code. See [Soft Fail](#soft-fail) section for more details. |
330
- | `--severity-threshold [INFO\|LOW\|MEDIUM\|HIGH\|CRITICAL]` | Show only violations at the specified level or higher (supported for the SCA scan type only). |
330
+ | `--severity-threshold [INFO\|LOW\|MEDIUM\|HIGH\|CRITICAL]` | Show only violations at the specified level or higher. |
331
331
  | `--sca-scan` | Specify the SCA scan you wish to execute (`package-vulnerabilities`/`license-compliance`). The default is both |
332
332
  | `--monitor` | When specified, the scan results will be recorded in the knowledge graph. Please note that when working in `monitor` mode, the knowledge graph will not be updated as a result of SCM events (Push, Repo creation). (Supported for SCA scan type only). |
333
333
  | `--report` | When specified, a violations report will be generated. A URL link to the report will be printed as an output to the command execution |
{cycode-2.0.1.dev1.dist-info → cycode-2.0.1.dev3.dist-info}/RECORD RENAMED
@@ -1,4 +1,4 @@
1
- cycode/__init__.py,sha256=gyg84mcCrIaPIKLkXSKyb_3V373s044FebAsbSg659s,114
1
+ cycode/__init__.py,sha256=WIKoL2XY1z5jcr2GXtp1ikkC7nZTKxUFKUuFktIudZs,114
2
2
  cycode/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
3
3
  cycode/cli/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
4
  cycode/cli/commands/auth/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -21,7 +21,7 @@ cycode/cli/commands/report/sbom/repository_url/repository_url_command.py,sha256=
21
21
  cycode/cli/commands/report/sbom/sbom_command.py,sha256=akjbxFcArXW6tnGBXJWTpPjMr28pNmJZGLD7UxKeW6Y,2431
22
22
  cycode/cli/commands/report/sbom/sbom_report_file.py,sha256=fr3HMSr6lppeI3OgYADDWlWD8ij2edN1gmpUOPmeTN0,1533
23
23
  cycode/cli/commands/scan/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
24
- cycode/cli/commands/scan/code_scanner.py,sha256=BJ-UedY_A2VXZv4tV0pXvlC4gswg7OLBOPeNvVbkLeU,39858
24
+ cycode/cli/commands/scan/code_scanner.py,sha256=83AwOIP4duebolkuzMR4dXMwTzzI7YnRYRACJeaY0ng,40180
25
25
  cycode/cli/commands/scan/commit_history/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
26
26
  cycode/cli/commands/scan/commit_history/commit_history_command.py,sha256=Yr1MAcrTYvYxdjAFBuvovWs3B5wBFv-N4lZRox_gXDE,1062
27
27
  cycode/cli/commands/scan/path/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -35,7 +35,7 @@ cycode/cli/commands/scan/repository/repository_command.py,sha256=xH6PPXweenHOll7
35
35
  cycode/cli/commands/scan/scan_ci/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
36
36
  cycode/cli/commands/scan/scan_ci/ci_integrations.py,sha256=bbttv1pI8C2jQWtvt_mzypFEVi2iTI9TV0xfeIgrs5M,1588
37
37
  cycode/cli/commands/scan/scan_ci/scan_ci_command.py,sha256=wTjNt06gWgNoehg1ueHf9eAXseGE8pUb6wL1_vrIU5w,622
38
- cycode/cli/commands/scan/scan_command.py,sha256=n7QJ5vRHO_fXfUKZt8ndq2BAkweK-OJnunD8MPYAYuE,5192
38
+ cycode/cli/commands/scan/scan_command.py,sha256=NaTxREAbsWUsY-TTHt62kiIVM0_qgNwb_LDKFCrLgFg,5156
39
39
  cycode/cli/commands/status/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
40
40
  cycode/cli/commands/status/status_command.py,sha256=DlIHHLv7CgmlXd6Kn9p26VF0TfRUmhGKLFc3FUEPQOo,4295
41
41
  cycode/cli/commands/version/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -66,12 +66,14 @@ cycode/cli/files_collector/sca/npm/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQe
66
66
  cycode/cli/files_collector/sca/npm/restore_npm_dependencies.py,sha256=-HSuuRNyGZRCVL3GCm0WXGoE7ovTHCGJXr7nnzVjwko,1428
67
67
  cycode/cli/files_collector/sca/nuget/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
68
68
  cycode/cli/files_collector/sca/nuget/restore_nuget_dependencies.py,sha256=sbtNnbg-K3-9HsC59YXBxcX3EGZNOAMS8H-6SKYyPpk,1029
69
+ cycode/cli/files_collector/sca/ruby/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
70
+ cycode/cli/files_collector/sca/ruby/restore_ruby_dependencies.py,sha256=AaQhRmd9Hsvr5t9MIZ4baKpV6Q5HrIHVe0XnL_MPaMk,908
69
71
  cycode/cli/files_collector/sca/sbt/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
70
72
  cycode/cli/files_collector/sca/sbt/restore_sbt_dependencies.py,sha256=hlRoQWEFbap2UYiVdK6HOeWi0Zn3l2Az2A4yWdnnyI0,923
71
- cycode/cli/files_collector/sca/sca_code_scanner.py,sha256=GJR5f13hD-KH6WsaYNrwnnQoduxbFMW226BjJpSXFJQ,6968
73
+ cycode/cli/files_collector/sca/sca_code_scanner.py,sha256=E5cIBdjwrL2Exy7U6r9HiZX-ex86QeX7LCkDK2km2Sc,7145
72
74
  cycode/cli/files_collector/zip_documents.py,sha256=64ovgvzG7399bPWIg_g0T3KebSuFpRXZaxBTeNdJ17k,1873
73
75
  cycode/cli/main.py,sha256=TWZxfs7nu-zSm1YU4H801T_u16xeV3S-gZcb4gSSD24,387
74
- cycode/cli/models.py,sha256=AlrXIVwggkiRmQVme33RohNP_fGFIAp0DVlzzsB2eQA,2273
76
+ cycode/cli/models.py,sha256=y869G4jKPy81SPX9L3VM7gk7Kydw8XeejAGd4DJA-cw,2301
75
77
  cycode/cli/printers/__init__.py,sha256=ALwAXSZy2lNXWC3NfCIxf8K0F6eFrbZa9PLZwPINi5E,93
76
78
  cycode/cli/printers/console_printer.py,sha256=EmztKipDc8e9SE16b7ZCpPDN5FH2j6lksY82j2dz_DY,2496
77
79
  cycode/cli/printers/json_printer.py,sha256=r6SMAi16xFwpAB-q-tSHi1yrF3RQy_ZWeU4ZTXhRfLs,2511
@@ -118,8 +120,8 @@ cycode/cyclient/models.py,sha256=5ka8hfIoO1wJMcaUXogdiaSJCgKdcwXIVIH-dNhIS9E,142
118
120
  cycode/cyclient/report_client.py,sha256=sNLOm64oaONz-TUBs6fpFfbb7RfxALPS6YBqadMo2-8,3971
119
121
  cycode/cyclient/scan_client.py,sha256=jISrjksprxGm0aKEqIS8hIhIHW86WBi5HfTiDTQjDg0,13879
120
122
  cycode/cyclient/scan_config_base.py,sha256=sM69JOIt6Y0zFT-kp0KXSBjG8ViKl2Y2y6Fh95-57io,1642
121
- cycode-2.0.1.dev1.dist-info/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
122
- cycode-2.0.1.dev1.dist-info/METADATA,sha256=fB0PxWSe1_yrg5CimE0tBHy9eCrycofVEBQUtvX8Q_0,45698
123
- cycode-2.0.1.dev1.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
124
- cycode-2.0.1.dev1.dist-info/entry_points.txt,sha256=GKZlS6LtUdABDPd7-o9bwNSI5gYQnyA3qGrFFQKt3Vc,51
125
- cycode-2.0.1.dev1.dist-info/RECORD,,
123
+ cycode-2.0.1.dev3.dist-info/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
124
+ cycode-2.0.1.dev3.dist-info/METADATA,sha256=pPMkp5MjYmDoHJ6OfpeiyPx8xWfJpjDLfJx-pwg1vB0,45698
125
+ cycode-2.0.1.dev3.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
126
+ cycode-2.0.1.dev3.dist-info/entry_points.txt,sha256=GKZlS6LtUdABDPd7-o9bwNSI5gYQnyA3qGrFFQKt3Vc,51
127
+ cycode-2.0.1.dev3.dist-info/RECORD,,