cycode 3.14.1.dev3__py3-none-any.whl → 3.15.1.dev1__py3-none-any.whl

cycode/__init__.py

@@ -1 +1 @@
-__version__ = '3.14.1.dev3'  # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
+__version__ = '3.15.1.dev1'  # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag

cycode/cli/consts.py

@@ -91,6 +91,7 @@ SCA_CONFIGURATION_SCAN_SUPPORTED_FILES = (  # keep in lowercase
     'build.scala',
     'build.sbt.lock',
     'pyproject.toml',
+    'uv.lock',
     'poetry.lock',
     'pipfile',
     'pipfile.lock',
@@ -124,6 +125,7 @@ SCA_EXCLUDED_FOLDER_IN_PATH = (
     '.build',
     '.dart_tool',
     '.pub',
+    '.uv',
 )
 
 PROJECT_FILES_BY_ECOSYSTEM_MAP = {
@@ -145,6 +147,7 @@ PROJECT_FILES_BY_ECOSYSTEM_MAP = {
     'nuget': ['packages.config', 'project.assets.json', 'packages.lock.json', 'nuget.config'],
     'ruby_gems': ['Gemfile', 'Gemfile.lock'],
     'sbt': ['build.sbt', 'build.scala', 'build.sbt.lock'],
+    'pypi_uv': ['pyproject.toml', 'uv.lock'],
     'pypi_poetry': ['pyproject.toml', 'poetry.lock'],
     'pypi_pipenv': ['Pipfile', 'Pipfile.lock'],
     'pypi_requirements': ['requirements.txt'],

cycode/cli/files_collector/sca/python/restore_uv_dependencies.py

@@ -0,0 +1,59 @@
+from pathlib import Path
+from typing import Optional
+
+import typer
+
+from cycode.cli.files_collector.sca.base_restore_dependencies import BaseRestoreDependencies, build_dep_tree_path
+from cycode.cli.models import Document
+from cycode.cli.utils.path_utils import get_file_content
+from cycode.logger import get_logger
+
+logger = get_logger('UV Restore Dependencies')
+
+UV_MANIFEST_FILE_NAME = 'pyproject.toml'
+UV_LOCK_FILE_NAME = 'uv.lock'
+
+_UV_TOOL_SECTION = '[tool.uv]'
+
+
+def _indicates_uv(pyproject_content: Optional[str]) -> bool:
+    """Return True if pyproject.toml content signals that this project uses UV."""
+    if not pyproject_content:
+        return False
+    return _UV_TOOL_SECTION in pyproject_content
+
+
+class RestoreUvDependencies(BaseRestoreDependencies):
+    def __init__(self, ctx: typer.Context, is_git_diff: bool, command_timeout: int) -> None:
+        super().__init__(ctx, is_git_diff, command_timeout)
+
+    def is_project(self, document: Document) -> bool:
+        if Path(document.path).name != UV_MANIFEST_FILE_NAME:
+            return False
+
+        manifest_dir = self.get_manifest_dir(document)
+        if manifest_dir and (Path(manifest_dir) / UV_LOCK_FILE_NAME).is_file():
+            return True
+
+        return _indicates_uv(document.content)
+
+    def try_restore_dependencies(self, document: Document) -> Optional[Document]:
+        manifest_dir = self.get_manifest_dir(document)
+        lockfile_path = Path(manifest_dir) / UV_LOCK_FILE_NAME if manifest_dir else None
+
+        if lockfile_path and lockfile_path.is_file():
+            content = get_file_content(str(lockfile_path))
+            relative_path = build_dep_tree_path(document.path, UV_LOCK_FILE_NAME)
+            logger.debug('Using existing uv.lock, %s', {'path': str(lockfile_path)})
+            return Document(relative_path, content, self.is_git_diff)
+
+        return super().try_restore_dependencies(document)
+
+    def get_commands(self, manifest_file_path: str) -> list[list[str]]:
+        return [['uv', 'lock']]
+
+    def get_lock_file_name(self) -> str:
+        return UV_LOCK_FILE_NAME
+
+    def get_lock_file_names(self) -> list[str]:
+        return [UV_LOCK_FILE_NAME]

cycode/cli/files_collector/sca/sca_file_collector.py

@@ -18,6 +18,7 @@ from cycode.cli.files_collector.sca.nuget.restore_nuget_dependencies import Rest
 from cycode.cli.files_collector.sca.php.restore_composer_dependencies import RestoreComposerDependencies
 from cycode.cli.files_collector.sca.python.restore_pipenv_dependencies import RestorePipenvDependencies
 from cycode.cli.files_collector.sca.python.restore_poetry_dependencies import RestorePoetryDependencies
+from cycode.cli.files_collector.sca.python.restore_uv_dependencies import RestoreUvDependencies
 from cycode.cli.files_collector.sca.ruby.restore_ruby_dependencies import RestoreRubyDependencies
 from cycode.cli.files_collector.sca.sbt.restore_sbt_dependencies import RestoreSbtDependencies
 from cycode.cli.models import Document
@@ -159,6 +160,7 @@ def _get_restore_handlers(ctx: typer.Context, is_git_diff: bool) -> list[BaseRes
         RestoreDenoDependencies(ctx, is_git_diff, build_dep_tree_timeout),
         RestoreNpmDependencies(ctx, is_git_diff, build_dep_tree_timeout),  # Must be after Yarn & Pnpm for fallback
         RestoreRubyDependencies(ctx, is_git_diff, build_dep_tree_timeout),
+        RestoreUvDependencies(ctx, is_git_diff, build_dep_tree_timeout),  # Must be before Poetry for pyproject.toml
         RestorePoetryDependencies(ctx, is_git_diff, build_dep_tree_timeout),
         RestorePipenvDependencies(ctx, is_git_diff, build_dep_tree_timeout),
         RestoreComposerDependencies(ctx, is_git_diff, build_dep_tree_timeout),

{cycode-3.14.1.dev3.dist-info → cycode-3.15.1.dev1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cycode
-Version: 3.14.1.dev3
+Version: 3.15.1.dev1
 Summary: Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning.
 License-Expression: MIT
 License-File: LICENCE

{cycode-3.14.1.dev3.dist-info → cycode-3.15.1.dev1.dist-info}/RECORD

@@ -1,4 +1,4 @@
-cycode/__init__.py,sha256=BhPbI_uKPewKObHFToO2SKHeeEKp3MxpYkLPEG9btR4,115
+cycode/__init__.py,sha256=nXbLpLkPIVyMbOnNnc_S4y-kfUY5TeaETaj3V2QXWc8,115
 cycode/__main__.py,sha256=Z3bD5yrA7yPvAChcADQrqCaZd0ChGI1gdiwALwbWJ6U,104
 cycode/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/app.py,sha256=7ReEcVkRX9IaQ2I7jAj7Sl9smbtvxiuK8-9bitMEQik,7491
@@ -91,7 +91,7 @@ cycode/cli/apps/status/version_command.py,sha256=c6Iko_rmZo9T_kQSd3HUloBi40Qv7cj
 cycode/cli/cli_types.py,sha256=QbFWJLtlsEnHGdqdHbLolJqT57RfhocvsPAhlcNcCRE,3354
 cycode/cli/config.py,sha256=Op-lX_neanJtvPvoOEx4ByBdveh5ygElIga1FdSHhOI,299
 cycode/cli/console.py,sha256=vp-DHwlkwpwdsPyfwGdjsPF-6-Bi3f8W7G-W_YXCMH8,1914
-cycode/cli/consts.py,sha256=Se63JlWLCdDgntNYiPMIi2qbiqt9HUYYwHGXgTrrcfc,8957
+cycode/cli/consts.py,sha256=YjP_aIOayJkGEc87hTCMZBmRAFtXgM-dspVF51nVSCs,9029
 cycode/cli/exceptions/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/exceptions/custom_exceptions.py,sha256=mTPLPI6V5JrEM6IQ8f7An9P207oYWEgJr-l9UpieSWk,4232
 cycode/cli/exceptions/handle_ai_remediation_errors.py,sha256=mA70upSYXK3rL_fmanzKYeUzLENhpXdkW8k3aIHrKzU,785
@@ -128,11 +128,12 @@ cycode/cli/files_collector/sca/php/restore_composer_dependencies.py,sha256=RgDL6
 cycode/cli/files_collector/sca/python/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/files_collector/sca/python/restore_pipenv_dependencies.py,sha256=1APGwJWInAITKKXw2wJDxTxpHZBOjX0wGOcBHPsyTes,1832
 cycode/cli/files_collector/sca/python/restore_poetry_dependencies.py,sha256=VYw_2qbsLtzkBuMGxRXTaOwDt2hPcG3f094mPLmiVLM,2486
+cycode/cli/files_collector/sca/python/restore_uv_dependencies.py,sha256=VhlJ3K5yL8WH-HSD5GkdJ7_NupqMk1_hrL5HVs3F1cQ,2173
 cycode/cli/files_collector/sca/ruby/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/files_collector/sca/ruby/restore_ruby_dependencies.py,sha256=Vqswcxte9YjGnvIm9oZ8r91jNyhuiYDf1mouaTaLg3U,694
 cycode/cli/files_collector/sca/sbt/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/files_collector/sca/sbt/restore_sbt_dependencies.py,sha256=cfBUR4iQcfplX_O2QPjYh2wSyBteze8wZcT_dG9d1d4,709
-cycode/cli/files_collector/sca/sca_file_collector.py,sha256=bl4tWP6osApci8nQ2Fd8iCLyn84O67II3CvvU8OCwC8,9712
+cycode/cli/files_collector/sca/sca_file_collector.py,sha256=YnO1SYvzDM-9YjKLjfPJJ-El7MrvqCdV8PyjOeY3THk,9925
 cycode/cli/files_collector/walk_ignore.py,sha256=nvOM6oDmT2SxSI4pU-bLlc9LwTgkfTd2egse69ixf3g,2464
 cycode/cli/files_collector/zip_documents.py,sha256=FMzbA2Vog7Zl_ntizNQJK8AFqoGu0QlPIMIBpgmBiVI,1852
 cycode/cli/logger.py,sha256=mlaYEQGYd582fTCc3SC3cFMj0PKTB6EsaI12Q4VL1z8,65
@@ -203,8 +204,8 @@ cycode/cyclient/report_client.py,sha256=Scq30NeJPzgXv0hPLO1U05AdE9i_2iu6cIrSKpEJ
 cycode/cyclient/scan_client.py,sha256=6TK5FQkfrvV7PHqRnUzEn1PBNd2oPYVamvIixcUfe3c,16755
 cycode/cyclient/scan_config_base.py,sha256=mXsPZGYCtp85rv5GIige40yQZXuRcEKUW-VQJ0vgFzk,1201
 cycode/logger.py,sha256=EfZGRK6VC5rE_LAjIcRrHFiQCueylCDXoG6bvGkrIME,2111
-cycode-3.14.1.dev3.dist-info/METADATA,sha256=Uzs9kSOHgPF1YN6jimeDoG40x_HAe0Ngfb788e_JMsc,87415
-cycode-3.14.1.dev3.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
-cycode-3.14.1.dev3.dist-info/entry_points.txt,sha256=iDcVJM8ByLElVgvBgtYxDjw1kT7O8Mo0LcWZIT5L3Ig,45
-cycode-3.14.1.dev3.dist-info/licenses/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
-cycode-3.14.1.dev3.dist-info/RECORD,,
+cycode-3.15.1.dev1.dist-info/METADATA,sha256=X_8NG0KTTWBdWFAF-jxWhUcexkFYzOKyEWce_Fs9I1Q,87415
+cycode-3.15.1.dev1.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
+cycode-3.15.1.dev1.dist-info/entry_points.txt,sha256=iDcVJM8ByLElVgvBgtYxDjw1kT7O8Mo0LcWZIT5L3Ig,45
+cycode-3.15.1.dev1.dist-info/licenses/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
+cycode-3.15.1.dev1.dist-info/RECORD,,