cycode 3.0.2.dev2__py3-none-any.whl → 3.1.1.dev1__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. cycode/__init__.py +1 -1
  2. cycode/cli/consts.py +59 -25
  3. cycode/cli/files_collector/excluder.py +8 -1
  4. {cycode-3.0.2.dev2.dist-info → cycode-3.1.1.dev1.dist-info}/METADATA +1 -1
  5. {cycode-3.0.2.dev2.dist-info → cycode-3.1.1.dev1.dist-info}/RECORD +8 -8
  6. {cycode-3.0.2.dev2.dist-info → cycode-3.1.1.dev1.dist-info}/LICENCE +0 -0
  7. {cycode-3.0.2.dev2.dist-info → cycode-3.1.1.dev1.dist-info}/WHEEL +0 -0
  8. {cycode-3.0.2.dev2.dist-info → cycode-3.1.1.dev1.dist-info}/entry_points.txt +0 -0
cycode/__init__.py CHANGED
@@ -1 +1 @@
1
- __version__ = '3.0.2.dev2' # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
1
+ __version__ = '3.1.1.dev1' # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
cycode/cli/consts.py CHANGED
@@ -14,38 +14,40 @@ IAC_SCAN_TYPE = 'iac'
14
14
  SCA_SCAN_TYPE = 'sca'
15
15
  SAST_SCAN_TYPE = 'sast'
16
16
 
17
- IAC_SCAN_SUPPORTED_FILES = ('.tf', '.tf.json', '.json', '.yaml', '.yml', 'dockerfile')
17
+ IAC_SCAN_SUPPORTED_FILE_EXTENSIONS = ('.tf', '.tf.json', '.json', '.yaml', '.yml', '.dockerfile', '.containerfile')
18
+ IAC_SCAN_SUPPORTED_FILE_PREFIXES = ('dockerfile', 'containerfile')
18
19
 
19
20
  SECRET_SCAN_FILE_EXTENSIONS_TO_IGNORE = (
20
- '.7z',
21
+ '.DS_Store',
21
22
  '.bmp',
22
- '.bz2',
23
- '.dmg',
24
- '.exe',
25
23
  '.gif',
26
- '.gz',
27
24
  '.ico',
28
- '.jar',
29
- '.jpg',
30
- '.jpeg',
31
- '.png',
32
- '.rar',
33
- '.realm',
34
- '.s7z',
35
- '.svg',
36
- '.tar',
37
25
  '.tif',
38
26
  '.tiff',
39
27
  '.webp',
40
- '.zi',
28
+ '.mp3',
29
+ '.mp4',
30
+ '.mkv',
31
+ '.avi',
32
+ '.mov',
33
+ '.mpg',
34
+ '.mpeg',
35
+ '.wav',
36
+ '.vob',
37
+ '.aac',
38
+ '.flac',
39
+ '.ogg',
40
+ '.mka',
41
+ '.wma',
42
+ '.wmv',
43
+ '.psd',
44
+ '.ai',
45
+ '.model',
41
46
  '.lock',
42
47
  '.css',
43
- '.less',
44
- '.dll',
45
- '.enc',
46
- '.deb',
47
- '.obj',
48
- '.model',
48
+ '.pdf',
49
+ '.odt',
50
+ '.iso',
49
51
  )
50
52
 
51
53
  SCA_CONFIGURATION_SCAN_SUPPORTED_FILES = ( # keep in lowercase
@@ -55,11 +57,18 @@ SCA_CONFIGURATION_SCAN_SUPPORTED_FILES = ( # keep in lowercase
55
57
  'composer.lock',
56
58
  'go.sum',
57
59
  'go.mod',
60
+ 'go.mod.graph',
58
61
  'gopkg.lock',
59
62
  'pom.xml',
63
+ 'bom.json',
64
+ 'bcde.mvndeps',
60
65
  'build.gradle',
66
+ '.gradle',
61
67
  'gradle.lockfile',
62
68
  'build.gradle.kts',
69
+ '.gradle.kts',
70
+ '.properties',
71
+ '.kt', # config KT files
63
72
  'package.json',
64
73
  'package-lock.json',
65
74
  'yarn.lock',
@@ -69,9 +78,10 @@ SCA_CONFIGURATION_SCAN_SUPPORTED_FILES = ( # keep in lowercase
69
78
  'packages.lock.json',
70
79
  'nuget.config',
71
80
  '.csproj',
81
+ '.vbproj',
72
82
  'gemfile',
73
83
  'gemfile.lock',
74
- 'build.sbt',
84
+ '.sbt',
75
85
  'build.scala',
76
86
  'build.sbt.lock',
77
87
  'pyproject.toml',
@@ -84,14 +94,36 @@ SCA_CONFIGURATION_SCAN_SUPPORTED_FILES = ( # keep in lowercase
84
94
  'mix.lock',
85
95
  'package.swift',
86
96
  'package.resolved',
97
+ 'pubspec.yaml',
98
+ 'pubspec.lock',
99
+ 'conanfile.py',
100
+ 'conanfile.txt',
101
+ 'maven_install.json',
102
+ 'conan.lock',
87
103
  )
88
104
 
89
- SCA_EXCLUDED_PATHS = ('node_modules',)
105
+ SCA_EXCLUDED_PATHS = (
106
+ 'node_modules',
107
+ 'venv',
108
+ '.venv',
109
+ '__pycache__',
110
+ '.pytest_cache',
111
+ '.tox',
112
+ '.mvn',
113
+ '.gradle',
114
+ '.npm',
115
+ '.yarn',
116
+ '.bundle',
117
+ '.bloop',
118
+ '.build',
119
+ '.dart_tool',
120
+ '.pub',
121
+ )
90
122
 
91
123
  PROJECT_FILES_BY_ECOSYSTEM_MAP = {
92
124
  'crates': ['Cargo.lock', 'Cargo.toml'],
93
125
  'composer': ['composer.json', 'composer.lock'],
94
- 'go': ['go.sum', 'go.mod', 'Gopkg.lock'],
126
+ 'go': ['go.sum', 'go.mod', 'go.mod.graph', 'Gopkg.lock'],
95
127
  'maven_pom': ['pom.xml'],
96
128
  'maven_gradle': ['build.gradle', 'build.gradle.kts', 'gradle.lockfile'],
97
129
  'npm': ['package.json', 'package-lock.json', 'yarn.lock', 'npm-shrinkwrap.json', '.npmrc'],
@@ -104,6 +136,8 @@ PROJECT_FILES_BY_ECOSYSTEM_MAP = {
104
136
  'pypi_setup': ['setup.py'],
105
137
  'hex': ['mix.exs', 'mix.lock'],
106
138
  'swift_pm': ['Package.swift', 'Package.resolved'],
139
+ 'dart': ['pubspec.yaml', 'pubspec.lock'],
140
+ 'conan': ['conanfile.py', 'conanfile.txt', 'conan.lock'],
107
141
  }
108
142
 
109
143
  COMMIT_RANGE_SCAN_SUPPORTED_SCAN_TYPES = [SECRET_SCAN_TYPE, SCA_SCAN_TYPE]
cycode/cli/files_collector/excluder.py CHANGED
@@ -51,8 +51,11 @@ def _is_file_relevant_for_sca_scan(filename: str) -> bool:
51
51
 
52
52
  class Excluder:
53
53
  def __init__(self) -> None:
54
+ self._scannable_prefixes: dict[str, tuple[str, ...]] = {
55
+ consts.IAC_SCAN_TYPE: consts.IAC_SCAN_SUPPORTED_FILE_PREFIXES,
56
+ }
54
57
  self._scannable_extensions: dict[str, tuple[str, ...]] = {
55
- consts.IAC_SCAN_TYPE: consts.IAC_SCAN_SUPPORTED_FILES,
58
+ consts.IAC_SCAN_TYPE: consts.IAC_SCAN_SUPPORTED_FILE_EXTENSIONS,
56
59
  consts.SCA_SCAN_TYPE: consts.SCA_CONFIGURATION_SCAN_SUPPORTED_FILES,
57
60
  }
58
61
  self._non_scannable_extensions: dict[str, tuple[str, ...]] = {
@@ -74,6 +77,10 @@ class Excluder:
74
77
  if non_scannable_extensions:
75
78
  return not filename.endswith(non_scannable_extensions)
76
79
 
80
+ scannable_prefixes = self._scannable_prefixes.get(scan_type)
81
+ if scannable_prefixes:
82
+ return filename.startswith(scannable_prefixes)
83
+
77
84
  return True
78
85
 
79
86
  def _is_relevant_file_to_scan_common(self, scan_type: str, filename: str) -> bool:
{cycode-3.0.2.dev2.dist-info → cycode-3.1.1.dev1.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: cycode
3
- Version: 3.0.2.dev2
3
+ Version: 3.1.1.dev1
4
4
  Summary: Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning.
5
5
  Home-page: https://github.com/cycodehq/cycode-cli
6
6
  License: MIT
{cycode-3.0.2.dev2.dist-info → cycode-3.1.1.dev1.dist-info}/RECORD RENAMED
@@ -1,4 +1,4 @@
1
- cycode/__init__.py,sha256=iv1LHbeyY-MRAGc2FKsW5_2Q8NiGPmDanIzbE89VDwE,114
1
+ cycode/__init__.py,sha256=z-rtO68_RbSrt8_29a6O9T4id1y27lU9YvgtFPxyPw8,114
2
2
  cycode/__main__.py,sha256=Z3bD5yrA7yPvAChcADQrqCaZd0ChGI1gdiwALwbWJ6U,104
3
3
  cycode/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
4
  cycode/cli/app.py,sha256=VOWHpvF7PxLnxesElorhddn7EUWxe1NuJkljlrA9DbM,5958
@@ -53,7 +53,7 @@ cycode/cli/apps/status/version_command.py,sha256=c6Iko_rmZo9T_kQSd3HUloBi40Qv7cj
53
53
  cycode/cli/cli_types.py,sha256=sRxDlpz3QiuHwYhzxtiHjwUaK7TtQYQcAkWsBZiuPt4,2677
54
54
  cycode/cli/config.py,sha256=EblYUlUA4lTp_lrL3gMG-cW7FUOTE1jtGIOljcLnEzk,250
55
55
  cycode/cli/console.py,sha256=vp-DHwlkwpwdsPyfwGdjsPF-6-Bi3f8W7G-W_YXCMH8,1914
56
- cycode/cli/consts.py,sha256=6GJY213XWBv_CWEb1MYb4ZoS_utyMsKSnIq3j86iYGk,7532
56
+ cycode/cli/consts.py,sha256=PHExBlgqVbsABVS-j70tTKNGDtCGZWDdox5lWcYEYYE,8251
57
57
  cycode/cli/exceptions/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
58
58
  cycode/cli/exceptions/custom_exceptions.py,sha256=Uh4Lqp4moTIFRTRtnT5b8dqb07L3wSAnAuFonS6-omQ,3610
59
59
  cycode/cli/exceptions/handle_ai_remediation_errors.py,sha256=mA70upSYXK3rL_fmanzKYeUzLENhpXdkW8k3aIHrKzU,785
@@ -62,7 +62,7 @@ cycode/cli/exceptions/handle_errors.py,sha256=9ZiDbHswXLe0TscUqZL9Or5Jq2AlYtzGb6
62
62
  cycode/cli/exceptions/handle_report_sbom_errors.py,sha256=bi0EizHtQLL-ovhHRH98CZ7qXdDPLTYnI59Jn1Y5c0E,926
63
63
  cycode/cli/exceptions/handle_scan_errors.py,sha256=-QIYvbBXmZVOvAdNwGYwAdmBma6Z_pPpS0a77aDICp8,1916
64
64
  cycode/cli/files_collector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
65
- cycode/cli/files_collector/excluder.py,sha256=Qf6N2Wrhu4jrUMFAN70nc8tvxPBEMAT33TeSi_wKzFY,6904
65
+ cycode/cli/files_collector/excluder.py,sha256=JN0KmK95WCk7p_QCcHClVnIpMHV_opM6I6FfiEderss,7224
66
66
  cycode/cli/files_collector/iac/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
67
67
  cycode/cli/files_collector/iac/tf_content_generator.py,sha256=a65zA0Ejv_LSA5jac2omHck4IKoNS5MX6v6ltF2wo4E,2873
68
68
  cycode/cli/files_collector/models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -148,8 +148,8 @@ cycode/cyclient/report_client.py,sha256=h12pz3vWCwDF73BhqFX7iDSxBgQDFwkiGh3hmul2
148
148
  cycode/cyclient/scan_client.py,sha256=cKXBqJcwf97yw9PkswN5fgGx4Brp2l6P6zb8SROVvcE,11806
149
149
  cycode/cyclient/scan_config_base.py,sha256=mXsPZGYCtp85rv5GIige40yQZXuRcEKUW-VQJ0vgFzk,1201
150
150
  cycode/logger.py,sha256=tKiTDKIVbE7pQiXxMBDsT1SP3PWaNZ-yzSMkbbkomxk,1972
151
- cycode-3.0.2.dev2.dist-info/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
152
- cycode-3.0.2.dev2.dist-info/METADATA,sha256=MAe_ABUxu7evMU6WVuJV1cvPiSPJnZ_BbLlBtPb3O7g,46217
153
- cycode-3.0.2.dev2.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
154
- cycode-3.0.2.dev2.dist-info/entry_points.txt,sha256=iDcVJM8ByLElVgvBgtYxDjw1kT7O8Mo0LcWZIT5L3Ig,45
155
- cycode-3.0.2.dev2.dist-info/RECORD,,
151
+ cycode-3.1.1.dev1.dist-info/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
152
+ cycode-3.1.1.dev1.dist-info/METADATA,sha256=zbXeRPMFL4Lw6eDEwBabYIQTsnl8PAXdbDy7bIRA3As,46217
153
+ cycode-3.1.1.dev1.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
154
+ cycode-3.1.1.dev1.dist-info/entry_points.txt,sha256=iDcVJM8ByLElVgvBgtYxDjw1kT7O8Mo0LcWZIT5L3Ig,45
155
+ cycode-3.1.1.dev1.dist-info/RECORD,,