cycode 3.15.3.dev6__py3-none-any.whl → 3.15.3.dev8__py3-none-any.whl

cycode/__init__.py

@@ -1 +1 @@
-__version__ = '3.15.3.dev6'  # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
+__version__ = '3.15.3.dev8'  # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag

cycode/cli/files_collector/sca/maven/restore_maven_dependencies.py

@@ -1,3 +1,4 @@
+import json
 from os import path
 from pathlib import Path
 from typing import Optional
@@ -20,6 +21,16 @@ MAVEN_CYCLONE_DEP_TREE_FILE_NAME = 'bom.json'
 MAVEN_DEP_TREE_FILE_NAME = 'bcde.mvndeps'
 
 
+def _has_dependency_graph(bom_content: Optional[str]) -> bool:
+    try:
+        if not bom_content:
+            return False
+        bom = json.loads(bom_content)
+        return any(dep.get('dependsOn') for dep in bom.get('dependencies', []))
+    except Exception:
+        return False
+
+
 class RestoreMavenDependencies(BaseRestoreDependencies):
     def __init__(self, ctx: typer.Context, is_git_diff: bool, command_timeout: int) -> None:
         super().__init__(ctx, is_git_diff, command_timeout)
@@ -46,8 +57,16 @@ class RestoreMavenDependencies(BaseRestoreDependencies):
         if document.content is None:
             return self.restore_from_secondary_command(document, manifest_file_path)
 
-        # super() reads the content and cleans up any generated file; no re-read needed
-        return super().try_restore_dependencies(document)
+        restore_dependencies_document = super().try_restore_dependencies(document)
+        if restore_dependencies_document is None:
+            return None
+
+        if not _has_dependency_graph(restore_dependencies_document.content):
+            fallback = self.restore_from_secondary_command(document, manifest_file_path)
+            if fallback is not None and fallback.content is not None:
+                return fallback
+
+        return restore_dependencies_document
 
     def restore_from_secondary_command(self, document: Document, manifest_file_path: str) -> Optional[Document]:
         restore_content = execute_commands(

{cycode-3.15.3.dev6.dist-info → cycode-3.15.3.dev8.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cycode
-Version: 3.15.3.dev6
+Version: 3.15.3.dev8
 Summary: Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning.
 License-Expression: MIT
 License-File: LICENCE
@@ -62,6 +62,7 @@ This guide walks you through both installation and usage.
     2. [Available Options](#available-options)
     3. [MCP Tools](#mcp-tools)
     4. [Usage Examples](#usage-examples)
+    5. [Advanced Configuration](#advanced-configuration)
 5. [Platform Command](#platform-command-beta)
     1. [Discovering Commands](#discovering-commands)
     2. [Examples](#platform-examples)
@@ -600,6 +601,38 @@ cycode mcp -t streamable-http -H 127.0.0.2 -p 9000 &
 }
 ```
 
+### Advanced Configuration 
+##### Custom Certificates and Timeouts (Proxy Environments)
+
+If your organization uses a corporate proxy or a custom CA bundle for HTTPS inspection, you need to tell Cycode CLI (and the underlying Python TLS stack) where to find the trusted certificate bundle. You can also increase the MCP tool call timeout if scans are being cut short.
+
+| Environment Variable | Description |
+|----------------------|-------------|
+| `REQUESTS_CA_BUNDLE` | Path to a custom CA bundle file (`.pem` or `.crt`). Used by the `requests` library for all HTTPS calls made by Cycode CLI. |
+| `SSL_CERT_FILE`      | Path to a custom CA bundle file. Used by Python's low-level `ssl` module. Set this alongside `REQUESTS_CA_BUNDLE` for full coverage. |
+| `MCP_TOOL_TIMEOUT`   | Timeout (in seconds) that MCP clients such as Claude and GitHub Copilot wait for a tool call to complete. Increase this if long-running scans are being cut off before they finish. |
+
+> [!TIP]
+> Set both `REQUESTS_CA_BUNDLE` and `SSL_CERT_FILE` to the same CA bundle path. `REQUESTS_CA_BUNDLE` covers the HTTP layer; `SSL_CERT_FILE` covers the lower-level TLS layer. Using only one may still cause certificate errors in some environments.
+
+Example `mcp.json` configuration with custom certificates and a longer timeout:
+
+```json
+{
+  "mcpServers": {
+    "cycode": {
+      "command": "cycode",
+      "args": ["mcp"],
+      "env": {
+        "REQUESTS_CA_BUNDLE": "/path/to/your/corporate-ca-bundle.pem",
+        "SSL_CERT_FILE": "/path/to/your/corporate-ca-bundle.pem",
+        "MCP_TOOL_TIMEOUT": "1800"
+      }
+    }
+  }
+}
+```
+
 > [!NOTE]
 > The MCP server requires proper Cycode CLI authentication to function. Make sure you have authenticated using `cycode auth` or configured your credentials before starting the MCP server.
 
@@ -649,6 +682,8 @@ This information can be helpful when:
 - Identifying authentication problems
 - Debugging transport-specific issues
 
+### MCP Configuration
+
 
 # Platform Command \[BETA\]
 

{cycode-3.15.3.dev6.dist-info → cycode-3.15.3.dev8.dist-info}/RECORD

@@ -1,4 +1,4 @@
-cycode/__init__.py,sha256=lyWKTzLFkmm2U87BiE9HnQbyHQoh6OleEoXGMQwD9-A,115
+cycode/__init__.py,sha256=S0MXR32Gh81GzG2SydtJYW2spFlLLfAgOvuvHh2WXMA,115
 cycode/__main__.py,sha256=Z3bD5yrA7yPvAChcADQrqCaZd0ChGI1gdiwALwbWJ6U,104
 cycode/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/app.py,sha256=7ReEcVkRX9IaQ2I7jAj7Sl9smbtvxiuK8-9bitMEQik,7491
@@ -115,7 +115,7 @@ cycode/cli/files_collector/sca/go/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeR
 cycode/cli/files_collector/sca/go/restore_go_dependencies.py,sha256=LXUjslfdHO3umz36WtQyRpKa_fVaRgEjewVkZ0QvnYU,1899
 cycode/cli/files_collector/sca/maven/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/files_collector/sca/maven/restore_gradle_dependencies.py,sha256=hwsdJby0_7i3s6YmCU-tB6B3TfsfbyQyeTVwEy6c6SA,2699
-cycode/cli/files_collector/sca/maven/restore_maven_dependencies.py,sha256=n1DI0LLFWyC9YwqJXtQmoeanF8ULi-OAVBako1jd2TE,3377
+cycode/cli/files_collector/sca/maven/restore_maven_dependencies.py,sha256=zObNN8n6yUriNVB3ZdvAkoKXXrMvzU9Lpd5lNhVo_so,4003
 cycode/cli/files_collector/sca/npm/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cycode/cli/files_collector/sca/npm/restore_deno_dependencies.py,sha256=XL0VXEPL0jf6ruZZkCpv99lkU8-MNc09CU1fgGgTbHs,1768
 cycode/cli/files_collector/sca/npm/restore_npm_dependencies.py,sha256=oUPJa1qwzCg3h1eZeVrU95Fluubo7p5gNlGmjJQem-4,2477
@@ -204,8 +204,8 @@ cycode/cyclient/report_client.py,sha256=Scq30NeJPzgXv0hPLO1U05AdE9i_2iu6cIrSKpEJ
 cycode/cyclient/scan_client.py,sha256=6TK5FQkfrvV7PHqRnUzEn1PBNd2oPYVamvIixcUfe3c,16755
 cycode/cyclient/scan_config_base.py,sha256=mXsPZGYCtp85rv5GIige40yQZXuRcEKUW-VQJ0vgFzk,1201
 cycode/logger.py,sha256=EfZGRK6VC5rE_LAjIcRrHFiQCueylCDXoG6bvGkrIME,2111
-cycode-3.15.3.dev6.dist-info/METADATA,sha256=dYKh0aHA_fobhTLjEJ3dl1Cqm-BEVu6wVRcRmNVmPoU,87415
-cycode-3.15.3.dev6.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
-cycode-3.15.3.dev6.dist-info/entry_points.txt,sha256=iDcVJM8ByLElVgvBgtYxDjw1kT7O8Mo0LcWZIT5L3Ig,45
-cycode-3.15.3.dev6.dist-info/licenses/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
-cycode-3.15.3.dev6.dist-info/RECORD,,
+cycode-3.15.3.dev8.dist-info/METADATA,sha256=F223hOYh-Wc0xdC5zIczE-rsKzl3uYEBfQbYPJdHrzQ,89102
+cycode-3.15.3.dev8.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
+cycode-3.15.3.dev8.dist-info/entry_points.txt,sha256=iDcVJM8ByLElVgvBgtYxDjw1kT7O8Mo0LcWZIT5L3Ig,45
+cycode-3.15.3.dev8.dist-info/licenses/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
+cycode-3.15.3.dev8.dist-info/RECORD,,