cycode 2.2.1.dev3__py3-none-any.whl → 2.2.1.dev5__py3-none-any.whl

cycode/__init__.py

@@ -1 +1 @@
-__version__ = '2.2.1.dev3'  # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
+__version__ = '2.2.1.dev5'  # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag

cycode/cli/commands/scan/scan_command.py

@@ -13,6 +13,7 @@ from cycode.cli.config import config
 from cycode.cli.consts import (
     ISSUE_DETECTED_STATUS_CODE,
     NO_ISSUES_STATUS_CODE,
+    SCA_GRADLE_ALL_SUB_PROJECTS_FLAG,
     SCA_SKIP_RESTORE_DEPENDENCIES_FLAG,
 )
 from cycode.cli.models import Severity
@@ -110,6 +111,15 @@ from cycode.cli.utils.get_api_client import get_scan_cycode_client
     type=bool,
     required=False,
 )
+@click.option(
+    f'--{SCA_GRADLE_ALL_SUB_PROJECTS_FLAG}',
+    is_flag=True,
+    default=False,
+    help='When specified, Cycode will run gradle restore command for all sub projects. '
+    'Should run from root project directory ONLY!',
+    type=bool,
+    required=False,
+)
 @click.pass_context
 def scan_command(
     context: click.Context,
@@ -124,6 +134,7 @@ def scan_command(
     report: bool,
     no_restore: bool,
     sync: bool,
+    gradle_all_sub_projects: bool,
 ) -> int:
     """Scans for Secrets, IaC, SCA or SAST violations."""
     add_breadcrumb('scan')
@@ -145,6 +156,7 @@ def scan_command(
     context.obj['monitor'] = monitor
     context.obj['report'] = report
     context.obj[SCA_SKIP_RESTORE_DEPENDENCIES_FLAG] = no_restore
+    context.obj[SCA_GRADLE_ALL_SUB_PROJECTS_FLAG] = gradle_all_sub_projects
 
     _sca_scan_to_context(context, sca_scan)
 

cycode/cli/consts.py

@@ -224,3 +224,5 @@ PACKAGE_VULNERABILITY_POLICY_ID = '9369d10a-9ac0-48d3-9921-5de7fe9a37a7'
 SCA_SHORTCUT_DEPENDENCY_PATHS = 2
 
 SCA_SKIP_RESTORE_DEPENDENCIES_FLAG = 'no-restore'
+
+SCA_GRADLE_ALL_SUB_PROJECTS_FLAG = 'gradle-all-sub-projects'

cycode/cli/files_collector/sca/maven/restore_gradle_dependencies.py

@@ -1,28 +1,70 @@
 import os
-from typing import List
+import re
+from typing import List, Optional, Set
 
 import click
 
+from cycode.cli.consts import SCA_GRADLE_ALL_SUB_PROJECTS_FLAG
 from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies
 from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_path_from_context
+from cycode.cli.utils.shell_executor import shell
 
 BUILD_GRADLE_FILE_NAME = 'build.gradle'
 BUILD_GRADLE_KTS_FILE_NAME = 'build.gradle.kts'
 BUILD_GRADLE_DEP_TREE_FILE_NAME = 'gradle-dependencies-generated.txt'
+BUILD_GRADLE_ALL_PROJECTS_TIMEOUT = 180
+BUILD_GRADLE_ALL_PROJECTS_COMMAND = ['gradle', 'projects']
+ALL_PROJECTS_REGEX = r"[+-]{3} Project '(.*?)'"
 
 
 class RestoreGradleDependencies(BaseRestoreDependencies):
-    def __init__(self, context: click.Context, is_git_diff: bool, command_timeout: int) -> None:
+    def __init__(
+        self, context: click.Context, is_git_diff: bool, command_timeout: int, projects: Optional[Set[str]] = None
+    ) -> None:
         super().__init__(context, is_git_diff, command_timeout, create_output_file_manually=True)
+        if projects is None:
+            projects = set()
+        self.projects = self.get_all_projects() if self.is_gradle_sub_projects() else projects
+
+    def is_gradle_sub_projects(self) -> bool:
+        return self.context.obj.get(SCA_GRADLE_ALL_SUB_PROJECTS_FLAG)
 
     def is_project(self, document: Document) -> bool:
         return document.path.endswith(BUILD_GRADLE_FILE_NAME) or document.path.endswith(BUILD_GRADLE_KTS_FILE_NAME)
 
     def get_commands(self, manifest_file_path: str) -> List[List[str]]:
-        return [['gradle', 'dependencies', '-b', manifest_file_path, '-q', '--console', 'plain']]
+        return (
+            self.get_commands_for_sub_projects(manifest_file_path)
+            if self.is_gradle_sub_projects()
+            else [['gradle', 'dependencies', '-b', manifest_file_path, '-q', '--console', 'plain']]
+        )
 
     def get_lock_file_name(self) -> str:
         return BUILD_GRADLE_DEP_TREE_FILE_NAME
 
     def verify_restore_file_already_exist(self, restore_file_path: str) -> bool:
         return os.path.isfile(restore_file_path)
+
+    def get_working_directory(self, document: Document) -> Optional[str]:
+        return get_path_from_context(self.context) if self.is_gradle_sub_projects() else None
+
+    def get_all_projects(self) -> Set[str]:
+        projects_output = shell(
+            command=BUILD_GRADLE_ALL_PROJECTS_COMMAND,
+            timeout=BUILD_GRADLE_ALL_PROJECTS_TIMEOUT,
+            working_directory=get_path_from_context(self.context),
+        )
+
+        projects = re.findall(ALL_PROJECTS_REGEX, projects_output)
+
+        return set(projects)
+
+    def get_commands_for_sub_projects(self, manifest_file_path: str) -> List[List[str]]:
+        project_name = os.path.basename(os.path.dirname(manifest_file_path))
+        project_name = f':{project_name}'
+        return (
+            [['gradle', f'{project_name}:dependencies', '-q', '--console', 'plain']]
+            if project_name in self.projects
+            else []
+        )

cycode/cli/utils/scan_batch.py

@@ -50,7 +50,8 @@ def run_parallel_batched_scan(
     progress_bar: 'BaseProgressBar',
 ) -> Tuple[Dict[str, 'CliError'], List['LocalScanResult']]:
     max_size = consts.SCAN_BATCH_MAX_SIZE_IN_BYTES.get(scan_type, consts.DEFAULT_SCAN_BATCH_MAX_SIZE_IN_BYTES)
-    batches = split_documents_into_batches(documents, max_size)
+
+    batches = [documents] if scan_type == consts.SCA_SCAN_TYPE else split_documents_into_batches(documents, max_size)
 
     progress_bar.set_section_length(ScanProgressBarSection.SCAN, len(batches))  # * 3
     # TODO(MarshalX): we should multiply the count of batches in SCAN section because each batch has 3 steps:

{cycode-2.2.1.dev3.dist-info → cycode-2.2.1.dev5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: cycode
-Version: 2.2.1.dev3
+Version: 2.2.1.dev5
 Summary: Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning.
 Home-page: https://github.com/cycodehq/cycode-cli
 License: MIT

{cycode-2.2.1.dev3.dist-info → cycode-2.2.1.dev5.dist-info}/RECORD

@@ -1,4 +1,4 @@
-cycode/__init__.py,sha256=vpHVIjFbUE0HZ1vNee8RWTjIDx4aPXE7TjY-L3UxHpw,114
+cycode/__init__.py,sha256=BXfQCIcXTm0oKsiPsG0UvgekX7s2gAsCYRSvOjdsLaI,114
 cycode/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/commands/ai_remediation/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -37,7 +37,7 @@ cycode/cli/commands/scan/repository/repository_command.py,sha256=xH6PPXweenHOll7
 cycode/cli/commands/scan/scan_ci/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/commands/scan/scan_ci/ci_integrations.py,sha256=bbttv1pI8C2jQWtvt_mzypFEVi2iTI9TV0xfeIgrs5M,1588
 cycode/cli/commands/scan/scan_ci/scan_ci_command.py,sha256=wTjNt06gWgNoehg1ueHf9eAXseGE8pUb6wL1_vrIU5w,622
-cycode/cli/commands/scan/scan_command.py,sha256=mLyksWNm40nJiP6iV8yNwFfpstx3uN5r3Tr53tfkDjs,5215
+cycode/cli/commands/scan/scan_command.py,sha256=BIwO-gARF3gv75T9sML9ewq8MiSFgWn5K4zzd7E1k60,5639
 cycode/cli/commands/status/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/commands/status/status_command.py,sha256=DlIHHLv7CgmlXd6Kn9p26VF0TfRUmhGKLFc3FUEPQOo,4295
 cycode/cli/commands/version/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -45,7 +45,7 @@ cycode/cli/commands/version/version_checker.py,sha256=fuT_REPWh_eQW7OTBETgdeXMa5
 cycode/cli/commands/version/version_command.py,sha256=CdLccqFoK3_yE13H7QUpxjsEZltke1emN-_qHHpnghU,555
 cycode/cli/config.py,sha256=JR_-uZdWVV-AaffRqTbDH0V7O4KLGNKn50v3huuPlts,466
 cycode/cli/config.yaml,sha256=SBs5VNdaY9BVbRlwgnTF_j53GBbjJVwwBj9qx_qvrds,463
-cycode/cli/consts.py,sha256=Tqzme0tesEEWOd30fJgSwmpIo-ITb9tHXhc_xrpIoDA,6985
+cycode/cli/consts.py,sha256=7zIQ3ff_b6Sn7-LwV0RPZ7qRbQ20OnKQcgdgenhHoWU,7047
 cycode/cli/exceptions/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/exceptions/common.py,sha256=Si_e8bn_VfsnCww_eN1czF9iBPbQZxS8L8Oy4YoA0cA,954
 cycode/cli/exceptions/custom_exceptions.py,sha256=7HiXUoh0lnIP7yUwO-lv1p9AXiMU2bIJdlUvu9H6CKY,3466
@@ -65,7 +65,7 @@ cycode/cli/files_collector/sca/base_restore_dependencies.py,sha256=fQBfwKKMym3iY
 cycode/cli/files_collector/sca/go/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/files_collector/sca/go/restore_go_dependencies.py,sha256=Hz5yysoeS54gX02FY9aysFSOKb3Tl7IH4VqD6ImOPL8,2010
 cycode/cli/files_collector/sca/maven/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-cycode/cli/files_collector/sca/maven/restore_gradle_dependencies.py,sha256=GHucXSEYG6zS3T3k-clioggTPO2Bk4g6jVuo-_sOXNc,1157
+cycode/cli/files_collector/sca/maven/restore_gradle_dependencies.py,sha256=AVW_WAkmm8jOxjd2KvRTFaRWS3Pk1fjwMpnnLBN8cnM,2884
 cycode/cli/files_collector/sca/maven/restore_maven_dependencies.py,sha256=aJo8yGJJVGGOq4v2_BX-OFk0m5IPXZOE6Z88weJtC-c,3146
 cycode/cli/files_collector/sca/npm/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/files_collector/sca/npm/restore_npm_dependencies.py,sha256=-HSuuRNyGZRCVL3GCm0WXGoE7ovTHCGJXr7nnzVjwko,1428
@@ -106,7 +106,7 @@ cycode/cli/utils/ignore_utils.py,sha256=zQqRS_SmuFZfTwmRGnYJHd9lIolYoGDgSAiAIZmr
 cycode/cli/utils/jwt_utils.py,sha256=M7UxRHQQ1xsWxg0b1Lo85eQxhnhfgBJB4xpe1Y_JZZs,544
 cycode/cli/utils/path_utils.py,sha256=TqyH-kZxEQHa6rVygr8yBy0fbXSwNu34-ifIKM4n-os,3114
 cycode/cli/utils/progress_bar.py,sha256=OMG_JF5xIScDvqeOuHcEr6kPcYR1D8n9hzD64uq_-EI,9884
-cycode/cli/utils/scan_batch.py,sha256=TXEkujV6wqaLyC_FNNtc5LYp-ogFIAxc2kqt1yAB4Tw,2701
+cycode/cli/utils/scan_batch.py,sha256=5xU8SdfKVEKGzqoo4q16Bg8jvvThivCxyImyvbbOQ2A,2756
 cycode/cli/utils/scan_utils.py,sha256=d3Cysjagh0RRbIXNmt0rQfgDTtZBJKO9TLntC6CuPbQ,334
 cycode/cli/utils/shell_executor.py,sha256=jmD8El3wzkLaGwf3iHjbfFhd6Z9MOs9F7sLuIP9MiKg,935
 cycode/cli/utils/string_utils.py,sha256=W4TMXOQP_PpAfOYemWkUK1TeW_TkQDBCHeTeL0Olcsk,2034
@@ -127,8 +127,8 @@ cycode/cyclient/models.py,sha256=iUrTtQrIvls1kgtOadCa8QPzsvh8_kj2eZIX73FIIpk,143
 cycode/cyclient/report_client.py,sha256=sNLOm64oaONz-TUBs6fpFfbb7RfxALPS6YBqadMo2-8,3971
 cycode/cyclient/scan_client.py,sha256=kgtGsxW-7Y_7hlS1ZY0O5xcRm8i3PvRp84PgEWlhD_0,14772
 cycode/cyclient/scan_config_base.py,sha256=JqoC8C8164IuFrhJe540bPWf6_iQOZ2SJXGud72COwo,1780
-cycode-2.2.1.dev3.dist-info/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
-cycode-2.2.1.dev3.dist-info/METADATA,sha256=JF5gXu-j65pl0IjE45PWg-qKh688TB0Ud4VMxiqjCFo,45725
-cycode-2.2.1.dev3.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-cycode-2.2.1.dev3.dist-info/entry_points.txt,sha256=GKZlS6LtUdABDPd7-o9bwNSI5gYQnyA3qGrFFQKt3Vc,51
-cycode-2.2.1.dev3.dist-info/RECORD,,
+cycode-2.2.1.dev5.dist-info/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
+cycode-2.2.1.dev5.dist-info/METADATA,sha256=edAYrHNI3PDEQYRCFnWJ5iRpJJUgS48anTCDckPq8H4,45725
+cycode-2.2.1.dev5.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+cycode-2.2.1.dev5.dist-info/entry_points.txt,sha256=GKZlS6LtUdABDPd7-o9bwNSI5gYQnyA3qGrFFQKt3Vc,51
+cycode-2.2.1.dev5.dist-info/RECORD,,