cycode 3.10.3.dev1__py3-none-any.whl → 3.10.4.dev1__py3-none-any.whl

cycode/cli/files_collector/sca/npm/restore_npm_dependencies.py

@@ -1,21 +1,17 @@
-import os
-from typing import Optional
+from pathlib import Path
 
 import typer
 
-from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies, build_dep_tree_path
+from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies
 from cycode.cli.models import Document
-from cycode.cli.utils.path_utils import get_file_content
 from cycode.logger import get_logger
 
 logger = get_logger('NPM Restore Dependencies')
 
-NPM_PROJECT_FILE_EXTENSIONS = ['.json']
-NPM_LOCK_FILE_NAME = 'package-lock.json'
-# Alternative lockfiles that should prevent npm install from running
-ALTERNATIVE_LOCK_FILES = ['yarn.lock', 'pnpm-lock.yaml', 'deno.lock']
-NPM_LOCK_FILE_NAMES = [NPM_LOCK_FILE_NAME, *ALTERNATIVE_LOCK_FILES]
 NPM_MANIFEST_FILE_NAME = 'package.json'
+NPM_LOCK_FILE_NAME = 'package-lock.json'
+# These lockfiles indicate another package manager owns the project — NPM should not run
+_ALTERNATIVE_LOCK_FILES = ('yarn.lock', 'pnpm-lock.yaml', 'deno.lock')
 
 
 class RestoreNpmDependencies(BaseRestoreDependencies):
@@ -23,128 +19,25 @@ class RestoreNpmDependencies(BaseRestoreDependencies):
         super().__init__(ctx, is_git_diff, command_timeout)
 
     def is_project(self, document: Document) -> bool:
-        return any(document.path.endswith(ext) for ext in NPM_PROJECT_FILE_EXTENSIONS)
-
-    def _resolve_manifest_directory(self, document: Document) -> Optional[str]:
-        """Resolve the directory containing the manifest file.
-
-        Uses the same path resolution logic as get_manifest_file_path() to ensure consistency.
-        Falls back to absolute_path or document.path if needed.
-
-        Returns:
-            Directory path if resolved, None otherwise.
-        """
-        manifest_file_path = self.get_manifest_file_path(document)
-        manifest_dir = os.path.dirname(manifest_file_path) if manifest_file_path else None
-
-        # Fallback: if manifest_dir is empty or root, try using absolute_path or document.path
-        if not manifest_dir or manifest_dir == os.sep or manifest_dir == '.':
-            base_path = document.absolute_path if document.absolute_path else document.path
-            if base_path:
-                manifest_dir = os.path.dirname(base_path)
+        """Match only package.json files that are not managed by Yarn or pnpm.
 
-        return manifest_dir
-
-    def _find_existing_lockfile(self, manifest_dir: str) -> tuple[Optional[str], list[str]]:
-        """Find the first existing lockfile in the manifest directory.
-
-        Args:
-            manifest_dir: Directory to search for lockfiles.
-
-        Returns:
-            Tuple of (lockfile_path if found, list of checked lockfiles with status).
+        Yarn and pnpm projects are handled by their dedicated handlers, which run before
+        this one in the handler list. This handler is the npm fallback.
         """
-        lock_file_paths = [os.path.join(manifest_dir, lock_file_name) for lock_file_name in NPM_LOCK_FILE_NAMES]
-
-        existing_lock_file = None
-        checked_lockfiles = []
-        for lock_file_path in lock_file_paths:
-            lock_file_name = os.path.basename(lock_file_path)
-            exists = os.path.isfile(lock_file_path)
-            checked_lockfiles.append(f'{lock_file_name}: {"exists" if exists else "not found"}')
-            if exists:
-                existing_lock_file = lock_file_path
-                break
+        if Path(document.path).name != NPM_MANIFEST_FILE_NAME:
+            return False
 
-        return existing_lock_file, checked_lockfiles
+        manifest_dir = self.get_manifest_dir(document)
+        if manifest_dir:
+            for lock_file in _ALTERNATIVE_LOCK_FILES:
+                if (Path(manifest_dir) / lock_file).is_file():
+                    logger.debug(
+                        'Skipping npm restore: alternative lockfile detected, %s',
+                        {'path': document.path, 'lockfile': lock_file},
+                    )
+                    return False
 
-    def _create_document_from_lockfile(self, document: Document, lockfile_path: str) -> Optional[Document]:
-        """Create a Document from an existing lockfile.
-
-        Args:
-            document: Original document (package.json).
-            lockfile_path: Path to the existing lockfile.
-
-        Returns:
-            Document with lockfile content if successful, None otherwise.
-        """
-        lock_file_name = os.path.basename(lockfile_path)
-        logger.info(
-            'Skipping npm install: using existing lockfile, %s',
-            {'path': document.path, 'lockfile': lock_file_name, 'lockfile_path': lockfile_path},
-        )
-
-        relative_restore_file_path = build_dep_tree_path(document.path, lock_file_name)
-        restore_file_content = get_file_content(lockfile_path)
-
-        if restore_file_content is not None:
-            logger.debug(
-                'Successfully loaded lockfile content, %s',
-                {'path': document.path, 'lockfile': lock_file_name, 'content_size': len(restore_file_content)},
-            )
-            return Document(relative_restore_file_path, restore_file_content, self.is_git_diff)
-
-        logger.warning(
-            'Lockfile exists but could not read content, %s',
-            {'path': document.path, 'lockfile': lock_file_name, 'lockfile_path': lockfile_path},
-        )
-        return None
-
-    def try_restore_dependencies(self, document: Document) -> Optional[Document]:
-        """Override to prevent npm install when any lockfile exists.
-
-        The base class uses document.absolute_path which might be None or incorrect.
-        We need to use the same path resolution logic as get_manifest_file_path()
-        to ensure we check for lockfiles in the correct location.
-
-        If any lockfile exists (package-lock.json, pnpm-lock.yaml, yarn.lock, deno.lock),
-        we use it directly without running npm install to avoid generating invalid lockfiles.
-        """
-        # Check if this is a project file first (same as base class caller does)
-        if not self.is_project(document):
-            logger.debug('Skipping restore: document is not recognized as npm project, %s', {'path': document.path})
-            return None
-
-        # Resolve the manifest directory
-        manifest_dir = self._resolve_manifest_directory(document)
-        if not manifest_dir:
-            logger.debug(
-                'Cannot determine manifest directory, proceeding with base class restore flow, %s',
-                {'path': document.path},
-            )
-            return super().try_restore_dependencies(document)
-
-        # Check for existing lockfiles
-        logger.debug(
-            'Checking for existing lockfiles in directory, %s', {'directory': manifest_dir, 'path': document.path}
-        )
-        existing_lock_file, checked_lockfiles = self._find_existing_lockfile(manifest_dir)
-
-        logger.debug(
-            'Lockfile check results, %s',
-            {'path': document.path, 'checked_lockfiles': ', '.join(checked_lockfiles)},
-        )
-
-        # If any lockfile exists, use it directly without running npm install
-        if existing_lock_file:
-            return self._create_document_from_lockfile(document, existing_lock_file)
-
-        # No lockfile exists, proceed with the normal restore flow which will run npm install
-        logger.info(
-            'No existing lockfile found, proceeding with npm install to generate package-lock.json, %s',
-            {'path': document.path, 'directory': manifest_dir, 'checked_lockfiles': ', '.join(checked_lockfiles)},
-        )
-        return super().try_restore_dependencies(document)
+        return True
 
     def get_commands(self, manifest_file_path: str) -> list[list[str]]:
         return [
@@ -159,22 +52,16 @@ class RestoreNpmDependencies(BaseRestoreDependencies):
             ]
         ]
 
-    def get_restored_lock_file_name(self, restore_file_path: str) -> str:
-        return os.path.basename(restore_file_path)
-
     def get_lock_file_name(self) -> str:
         return NPM_LOCK_FILE_NAME
 
     def get_lock_file_names(self) -> list[str]:
-        return NPM_LOCK_FILE_NAMES
+        return [NPM_LOCK_FILE_NAME]
 
     @staticmethod
     def prepare_manifest_file_path_for_command(manifest_file_path: str) -> str:
-        # Remove package.json from the path
         if manifest_file_path.endswith(NPM_MANIFEST_FILE_NAME):
-            # Use os.path.dirname to handle both Unix (/) and Windows (\) separators
-            # This is cross-platform and handles edge cases correctly
-            dir_path = os.path.dirname(manifest_file_path)
-            # If dir_path is empty or just '.', return an empty string (package.json in current dir)
+            parent = Path(manifest_file_path).parent
+            dir_path = str(parent)
             return dir_path if dir_path and dir_path != '.' else ''
         return manifest_file_path

cycode/cli/files_collector/sca/npm/restore_pnpm_dependencies.py

@@ -0,0 +1,70 @@
+import json
+from pathlib import Path
+from typing import Optional
+
+import typer
+
+from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies, build_dep_tree_path
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_file_content
+from cycode.logger import get_logger
+
+logger = get_logger('Pnpm Restore Dependencies')
+
+PNPM_MANIFEST_FILE_NAME = 'package.json'
+PNPM_LOCK_FILE_NAME = 'pnpm-lock.yaml'
+
+
+def _indicates_pnpm(package_json_content: Optional[str]) -> bool:
+    """Return True if package.json content signals that this project uses pnpm."""
+    if not package_json_content:
+        return False
+    try:
+        data = json.loads(package_json_content)
+    except (json.JSONDecodeError, ValueError):
+        return False
+
+    package_manager = data.get('packageManager', '')
+    if isinstance(package_manager, str) and package_manager.startswith('pnpm'):
+        return True
+
+    engines = data.get('engines', {})
+    return isinstance(engines, dict) and 'pnpm' in engines
+
+
+class RestorePnpmDependencies(BaseRestoreDependencies):
+    def __init__(self, ctx: typer.Context, is_git_diff: bool, command_timeout: int) -> None:
+        super().__init__(ctx, is_git_diff, command_timeout)
+
+    def is_project(self, document: Document) -> bool:
+        if Path(document.path).name != PNPM_MANIFEST_FILE_NAME:
+            return False
+
+        manifest_dir = self.get_manifest_dir(document)
+        if manifest_dir and (Path(manifest_dir) / PNPM_LOCK_FILE_NAME).is_file():
+            return True
+
+        return _indicates_pnpm(document.content)
+
+    def try_restore_dependencies(self, document: Document) -> Optional[Document]:
+        manifest_dir = self.get_manifest_dir(document)
+        lockfile_path = Path(manifest_dir) / PNPM_LOCK_FILE_NAME if manifest_dir else None
+
+        if lockfile_path and lockfile_path.is_file():
+            # Lockfile already exists — read it directly without running pnpm
+            content = get_file_content(str(lockfile_path))
+            relative_path = build_dep_tree_path(document.path, PNPM_LOCK_FILE_NAME)
+            logger.debug('Using existing pnpm-lock.yaml, %s', {'path': str(lockfile_path)})
+            return Document(relative_path, content, self.is_git_diff)
+
+        # Lockfile absent but pnpm is indicated in package.json — generate it
+        return super().try_restore_dependencies(document)
+
+    def get_commands(self, manifest_file_path: str) -> list[list[str]]:
+        return [['pnpm', 'install', '--ignore-scripts']]
+
+    def get_lock_file_name(self) -> str:
+        return PNPM_LOCK_FILE_NAME
+
+    def get_lock_file_names(self) -> list[str]:
+        return [PNPM_LOCK_FILE_NAME]

cycode/cli/files_collector/sca/npm/restore_yarn_dependencies.py

@@ -0,0 +1,70 @@
+import json
+from pathlib import Path
+from typing import Optional
+
+import typer
+
+from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies, build_dep_tree_path
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_file_content
+from cycode.logger import get_logger
+
+logger = get_logger('Yarn Restore Dependencies')
+
+YARN_MANIFEST_FILE_NAME = 'package.json'
+YARN_LOCK_FILE_NAME = 'yarn.lock'
+
+
+def _indicates_yarn(package_json_content: Optional[str]) -> bool:
+    """Return True if package.json content signals that this project uses Yarn."""
+    if not package_json_content:
+        return False
+    try:
+        data = json.loads(package_json_content)
+    except (json.JSONDecodeError, ValueError):
+        return False
+
+    package_manager = data.get('packageManager', '')
+    if isinstance(package_manager, str) and package_manager.startswith('yarn'):
+        return True
+
+    engines = data.get('engines', {})
+    return isinstance(engines, dict) and 'yarn' in engines
+
+
+class RestoreYarnDependencies(BaseRestoreDependencies):
+    def __init__(self, ctx: typer.Context, is_git_diff: bool, command_timeout: int) -> None:
+        super().__init__(ctx, is_git_diff, command_timeout)
+
+    def is_project(self, document: Document) -> bool:
+        if Path(document.path).name != YARN_MANIFEST_FILE_NAME:
+            return False
+
+        manifest_dir = self.get_manifest_dir(document)
+        if manifest_dir and (Path(manifest_dir) / YARN_LOCK_FILE_NAME).is_file():
+            return True
+
+        return _indicates_yarn(document.content)
+
+    def try_restore_dependencies(self, document: Document) -> Optional[Document]:
+        manifest_dir = self.get_manifest_dir(document)
+        lockfile_path = Path(manifest_dir) / YARN_LOCK_FILE_NAME if manifest_dir else None
+
+        if lockfile_path and lockfile_path.is_file():
+            # Lockfile already exists — read it directly without running yarn
+            content = get_file_content(str(lockfile_path))
+            relative_path = build_dep_tree_path(document.path, YARN_LOCK_FILE_NAME)
+            logger.debug('Using existing yarn.lock, %s', {'path': str(lockfile_path)})
+            return Document(relative_path, content, self.is_git_diff)
+
+        # Lockfile absent but yarn is indicated in package.json — generate it
+        return super().try_restore_dependencies(document)
+
+    def get_commands(self, manifest_file_path: str) -> list[list[str]]:
+        return [['yarn', 'install', '--ignore-scripts']]
+
+    def get_lock_file_name(self) -> str:
+        return YARN_LOCK_FILE_NAME
+
+    def get_lock_file_names(self) -> list[str]:
+        return [YARN_LOCK_FILE_NAME]

cycode/cli/files_collector/sca/php/restore_composer_dependencies.py

@@ -0,0 +1,54 @@
+from pathlib import Path
+from typing import Optional
+
+import typer
+
+from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies, build_dep_tree_path
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_file_content
+from cycode.logger import get_logger
+
+logger = get_logger('Composer Restore Dependencies')
+
+COMPOSER_MANIFEST_FILE_NAME = 'composer.json'
+COMPOSER_LOCK_FILE_NAME = 'composer.lock'
+
+
+class RestoreComposerDependencies(BaseRestoreDependencies):
+    def __init__(self, ctx: typer.Context, is_git_diff: bool, command_timeout: int) -> None:
+        super().__init__(ctx, is_git_diff, command_timeout)
+
+    def is_project(self, document: Document) -> bool:
+        return Path(document.path).name == COMPOSER_MANIFEST_FILE_NAME
+
+    def try_restore_dependencies(self, document: Document) -> Optional[Document]:
+        manifest_dir = self.get_manifest_dir(document)
+        lockfile_path = Path(manifest_dir) / COMPOSER_LOCK_FILE_NAME if manifest_dir else None
+
+        if lockfile_path and lockfile_path.is_file():
+            # Lockfile already exists — read it directly without running composer
+            content = get_file_content(str(lockfile_path))
+            relative_path = build_dep_tree_path(document.path, COMPOSER_LOCK_FILE_NAME)
+            logger.debug('Using existing composer.lock, %s', {'path': str(lockfile_path)})
+            return Document(relative_path, content, self.is_git_diff)
+
+        # Lockfile absent — generate it
+        return super().try_restore_dependencies(document)
+
+    def get_commands(self, manifest_file_path: str) -> list[list[str]]:
+        return [
+            [
+                'composer',
+                'update',
+                '--no-cache',
+                '--no-install',
+                '--no-scripts',
+                '--ignore-platform-reqs',
+            ]
+        ]
+
+    def get_lock_file_name(self) -> str:
+        return COMPOSER_LOCK_FILE_NAME
+
+    def get_lock_file_names(self) -> list[str]:
+        return [COMPOSER_LOCK_FILE_NAME]

cycode/cli/files_collector/sca/python/restore_pipenv_dependencies.py

@@ -0,0 +1,45 @@
+from pathlib import Path
+from typing import Optional
+
+import typer
+
+from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies, build_dep_tree_path
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_file_content
+from cycode.logger import get_logger
+
+logger = get_logger('Pipenv Restore Dependencies')
+
+PIPENV_MANIFEST_FILE_NAME = 'Pipfile'
+PIPENV_LOCK_FILE_NAME = 'Pipfile.lock'
+
+
+class RestorePipenvDependencies(BaseRestoreDependencies):
+    def __init__(self, ctx: typer.Context, is_git_diff: bool, command_timeout: int) -> None:
+        super().__init__(ctx, is_git_diff, command_timeout)
+
+    def is_project(self, document: Document) -> bool:
+        return Path(document.path).name == PIPENV_MANIFEST_FILE_NAME
+
+    def try_restore_dependencies(self, document: Document) -> Optional[Document]:
+        manifest_dir = self.get_manifest_dir(document)
+        lockfile_path = Path(manifest_dir) / PIPENV_LOCK_FILE_NAME if manifest_dir else None
+
+        if lockfile_path and lockfile_path.is_file():
+            # Lockfile already exists — read it directly without running pipenv
+            content = get_file_content(str(lockfile_path))
+            relative_path = build_dep_tree_path(document.path, PIPENV_LOCK_FILE_NAME)
+            logger.debug('Using existing Pipfile.lock, %s', {'path': str(lockfile_path)})
+            return Document(relative_path, content, self.is_git_diff)
+
+        # Lockfile absent — generate it
+        return super().try_restore_dependencies(document)
+
+    def get_commands(self, manifest_file_path: str) -> list[list[str]]:
+        return [['pipenv', 'lock']]
+
+    def get_lock_file_name(self) -> str:
+        return PIPENV_LOCK_FILE_NAME
+
+    def get_lock_file_names(self) -> list[str]:
+        return [PIPENV_LOCK_FILE_NAME]

cycode/cli/files_collector/sca/python/restore_poetry_dependencies.py

@@ -0,0 +1,62 @@
+from pathlib import Path
+from typing import Optional
+
+import typer
+
+from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies, build_dep_tree_path
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_file_content
+from cycode.logger import get_logger
+
+logger = get_logger('Poetry Restore Dependencies')
+
+POETRY_MANIFEST_FILE_NAME = 'pyproject.toml'
+POETRY_LOCK_FILE_NAME = 'poetry.lock'
+
+# Section header that signals this pyproject.toml is managed by Poetry
+_POETRY_TOOL_SECTION = '[tool.poetry]'
+
+
+def _indicates_poetry(pyproject_content: Optional[str]) -> bool:
+    """Return True if pyproject.toml content signals that this project uses Poetry."""
+    if not pyproject_content:
+        return False
+    return _POETRY_TOOL_SECTION in pyproject_content
+
+
+class RestorePoetryDependencies(BaseRestoreDependencies):
+    def __init__(self, ctx: typer.Context, is_git_diff: bool, command_timeout: int) -> None:
+        super().__init__(ctx, is_git_diff, command_timeout)
+
+    def is_project(self, document: Document) -> bool:
+        if Path(document.path).name != POETRY_MANIFEST_FILE_NAME:
+            return False
+
+        manifest_dir = self.get_manifest_dir(document)
+        if manifest_dir and (Path(manifest_dir) / POETRY_LOCK_FILE_NAME).is_file():
+            return True
+
+        return _indicates_poetry(document.content)
+
+    def try_restore_dependencies(self, document: Document) -> Optional[Document]:
+        manifest_dir = self.get_manifest_dir(document)
+        lockfile_path = Path(manifest_dir) / POETRY_LOCK_FILE_NAME if manifest_dir else None
+
+        if lockfile_path and lockfile_path.is_file():
+            # Lockfile already exists — read it directly without running poetry
+            content = get_file_content(str(lockfile_path))
+            relative_path = build_dep_tree_path(document.path, POETRY_LOCK_FILE_NAME)
+            logger.debug('Using existing poetry.lock, %s', {'path': str(lockfile_path)})
+            return Document(relative_path, content, self.is_git_diff)
+
+        # Lockfile absent but Poetry is indicated in pyproject.toml — generate it
+        return super().try_restore_dependencies(document)
+
+    def get_commands(self, manifest_file_path: str) -> list[list[str]]:
+        return [['poetry', 'lock']]
+
+    def get_lock_file_name(self) -> str:
+        return POETRY_LOCK_FILE_NAME
+
+    def get_lock_file_names(self) -> list[str]:
+        return [POETRY_LOCK_FILE_NAME]

cycode/cli/files_collector/sca/sca_file_collector.py

@@ -9,8 +9,14 @@ from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestore
 from cycode.cli.files_collector.sca.go.restore_go_dependencies import RestoreGoDependencies
 from cycode.cli.files_collector.sca.maven.restore_gradle_dependencies import RestoreGradleDependencies
 from cycode.cli.files_collector.sca.maven.restore_maven_dependencies import RestoreMavenDependencies
+from cycode.cli.files_collector.sca.npm.restore_deno_dependencies import RestoreDenoDependencies
 from cycode.cli.files_collector.sca.npm.restore_npm_dependencies import RestoreNpmDependencies
+from cycode.cli.files_collector.sca.npm.restore_pnpm_dependencies import RestorePnpmDependencies
+from cycode.cli.files_collector.sca.npm.restore_yarn_dependencies import RestoreYarnDependencies
 from cycode.cli.files_collector.sca.nuget.restore_nuget_dependencies import RestoreNugetDependencies
+from cycode.cli.files_collector.sca.php.restore_composer_dependencies import RestoreComposerDependencies
+from cycode.cli.files_collector.sca.python.restore_pipenv_dependencies import RestorePipenvDependencies
+from cycode.cli.files_collector.sca.python.restore_poetry_dependencies import RestorePoetryDependencies
 from cycode.cli.files_collector.sca.ruby.restore_ruby_dependencies import RestoreRubyDependencies
 from cycode.cli.files_collector.sca.sbt.restore_sbt_dependencies import RestoreSbtDependencies
 from cycode.cli.models import Document
@@ -143,8 +149,14 @@ def _get_restore_handlers(ctx: typer.Context, is_git_diff: bool) -> list[BaseRes
         RestoreSbtDependencies(ctx, is_git_diff, build_dep_tree_timeout),
         RestoreGoDependencies(ctx, is_git_diff, build_dep_tree_timeout),
         RestoreNugetDependencies(ctx, is_git_diff, build_dep_tree_timeout),
-        RestoreNpmDependencies(ctx, is_git_diff, build_dep_tree_timeout),
+        RestoreYarnDependencies(ctx, is_git_diff, build_dep_tree_timeout),
+        RestorePnpmDependencies(ctx, is_git_diff, build_dep_tree_timeout),
+        RestoreDenoDependencies(ctx, is_git_diff, build_dep_tree_timeout),
+        RestoreNpmDependencies(ctx, is_git_diff, build_dep_tree_timeout),  # Must be after Yarn & Pnpm for fallback
         RestoreRubyDependencies(ctx, is_git_diff, build_dep_tree_timeout),
+        RestorePoetryDependencies(ctx, is_git_diff, build_dep_tree_timeout),
+        RestorePipenvDependencies(ctx, is_git_diff, build_dep_tree_timeout),
+        RestoreComposerDependencies(ctx, is_git_diff, build_dep_tree_timeout),
     ]
 
 

cycode/cli/files_collector/zip_documents.py

@@ -17,7 +17,11 @@ def _validate_zip_file_size(scan_type: str, zip_file_size: int) -> None:
         raise custom_exceptions.ZipTooLargeError(max_size_limit)
 
 
-def zip_documents(scan_type: str, documents: list[Document], zip_file: Optional[InMemoryZip] = None) -> InMemoryZip:
+def zip_documents(
+    scan_type: str,
+    documents: list[Document],
+    zip_file: Optional[InMemoryZip] = None,
+) -> InMemoryZip:
     if zip_file is None:
         zip_file = InMemoryZip()
 

cycode/cli/utils/scan_batch.py

@@ -111,9 +111,13 @@ def run_parallel_batched_scan(
     scan_type: str,
     documents: list[Document],
     progress_bar: 'BaseProgressBar',
+    skip_batching: bool = False,
 ) -> tuple[dict[str, 'CliError'], list['LocalScanResult']]:
     # batching is disabled for SCA; requested by Mor
-    batches = [documents] if scan_type == consts.SCA_SCAN_TYPE else split_documents_into_batches(scan_type, documents)
+    if scan_type == consts.SCA_SCAN_TYPE or skip_batching:
+        batches = [documents]
+    else:
+        batches = split_documents_into_batches(scan_type, documents)
 
     progress_bar.set_section_length(ScanProgressBarSection.SCAN, len(batches))  # * 3
     # TODO(MarshalX): we should multiply the count of batches in SCAN section because each batch has 3 steps:

cycode/cli/utils/scan_utils.py

@@ -5,6 +5,7 @@ from uuid import UUID, uuid4
 
 import typer
 
+from cycode.cli import consts
 from cycode.cli.cli_types import SeverityOption
 
 if TYPE_CHECKING:
@@ -31,6 +32,10 @@ def is_cycodeignore_allowed_by_scan_config(ctx: typer.Context) -> bool:
     return scan_config.is_cycode_ignore_allowed if scan_config else True
 
 
+def should_use_presigned_upload(scan_type: str) -> bool:
+    return scan_type in consts.PRESIGNED_UPLOAD_SCAN_TYPES
+
+
 def generate_unique_scan_id() -> UUID:
     if 'PYTEST_TEST_UNIQUE_ID' in os.environ:
         return UUID(os.environ['PYTEST_TEST_UNIQUE_ID'])

cycode/cyclient/models.py

@@ -114,6 +114,26 @@ class ScanResultSchema(Schema):
         return ScanResult(**data)
 
 
+@dataclass
+class UploadLinkResponse:
+    upload_id: str
+    url: str
+    presigned_post_fields: dict[str, str]
+
+
+class UploadLinkResponseSchema(Schema):
+    class Meta:
+        unknown = EXCLUDE
+
+    upload_id = fields.String()
+    url = fields.String()
+    presigned_post_fields = fields.Dict(keys=fields.String(), values=fields.String())
+
+    @post_load
+    def build_dto(self, data: dict[str, Any], **_) -> 'UploadLinkResponse':
+        return UploadLinkResponse(**data)
+
+
 class ScanInitializationResponse(Schema):
     def __init__(self, scan_id: Optional[str] = None, err: Optional[str] = None) -> None:
         super().__init__()