cycode 3.16.2.dev1__py3-none-any.whl → 3.16.2.dev2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. cycode/__init__.py +1 -1
  2. cycode/cli/consts.py +24 -0
  3. cycode/cli/files_collector/file_excluder.py +8 -0
  4. {cycode-3.16.2.dev1.dist-info → cycode-3.16.2.dev2.dist-info}/METADATA +1 -1
  5. {cycode-3.16.2.dev1.dist-info → cycode-3.16.2.dev2.dist-info}/RECORD +8 -8
  6. {cycode-3.16.2.dev1.dist-info → cycode-3.16.2.dev2.dist-info}/WHEEL +0 -0
  7. {cycode-3.16.2.dev1.dist-info → cycode-3.16.2.dev2.dist-info}/entry_points.txt +0 -0
  8. {cycode-3.16.2.dev1.dist-info → cycode-3.16.2.dev2.dist-info}/licenses/LICENCE +0 -0
cycode/__init__.py CHANGED
@@ -5,4 +5,4 @@ import time as _time
5
5
  # end-to-end scan duration from the moment the user actually triggered it.
6
6
  _BOOT_WALL: float = _time.time()
7
7
 
8
- __version__ = '3.16.2.dev1' # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
8
+ __version__ = '3.16.2.dev2' # DON'T TOUCH. Placeholder. Will be filled automatically on poetry build from Git Tag
cycode/cli/consts.py CHANGED
@@ -53,6 +53,30 @@ SECRET_SCAN_FILE_EXTENSIONS_TO_IGNORE = (
53
53
  '.iso',
54
54
  )
55
55
 
56
+ # Fallback block-list used for SAST only when the server does not return scannable extensions
57
+ # (e.g. when the customer has custom rules, any text file is scannable). These are non-source
58
+ # data formats that can slip past binary detection (the EICAR test file and ClamAV signature
59
+ # databases are plain ASCII) and may be quarantined by object-storage antivirus after upload.
60
+ SAST_SCAN_FILE_EXTENSIONS_TO_IGNORE = (
61
+ '.bin',
62
+ '.cvd',
63
+ '.cld',
64
+ '.cud',
65
+ '.hdb',
66
+ '.hsb',
67
+ '.mdb',
68
+ '.msb',
69
+ '.ndb',
70
+ '.ndu',
71
+ '.ldb',
72
+ '.ldu',
73
+ '.idb',
74
+ '.fp',
75
+ '.sfp',
76
+ '.ign',
77
+ '.ign2',
78
+ )
79
+
56
80
  SCA_CONFIGURATION_SCAN_SUPPORTED_FILES = ( # keep in lowercase
57
81
  'cargo.lock',
58
82
  'cargo.toml',
cycode/cli/files_collector/file_excluder.py CHANGED
@@ -63,7 +63,10 @@ class Excluder:
63
63
  }
64
64
  self._non_scannable_extensions: dict[str, tuple[str, ...]] = {
65
65
  consts.SECRET_SCAN_TYPE: consts.SECRET_SCAN_FILE_EXTENSIONS_TO_IGNORE,
66
+ consts.SAST_SCAN_TYPE: consts.SAST_SCAN_FILE_EXTENSIONS_TO_IGNORE,
66
67
  }
68
+ # Tracks scan types for which the SAST fallback log has already been emitted (log once, not per file)
69
+ self._logged_sast_fallback = False
67
70
 
68
71
  def apply_scan_config(self, scan_type: str, scan_config: 'models.ScanConfiguration') -> None:
69
72
  if scan_config.scannable_extensions:
@@ -86,6 +89,11 @@ class Excluder:
86
89
 
87
90
  non_scannable_extensions = self._non_scannable_extensions.get(scan_type)
88
91
  if non_scannable_extensions:
92
+ # For SAST, reaching the block-list means the server returned no scannable extensions
93
+ # (e.g. custom rules, or no remote config). Log once so this is diagnosable.
94
+ if scan_type == consts.SAST_SCAN_TYPE and not self._logged_sast_fallback:
95
+ self._logged_sast_fallback = True
96
+ logger.debug('No scannable extensions provided for SAST; falling back to the built-in ignore list')
89
97
  return not filename.endswith(non_scannable_extensions)
90
98
 
91
99
  return True
{cycode-3.16.2.dev1.dist-info → cycode-3.16.2.dev2.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: cycode
3
- Version: 3.16.2.dev1
3
+ Version: 3.16.2.dev2
4
4
  Summary: Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning.
5
5
  License-Expression: MIT
6
6
  License-File: LICENCE
{cycode-3.16.2.dev1.dist-info → cycode-3.16.2.dev2.dist-info}/RECORD RENAMED
@@ -1,4 +1,4 @@
1
- cycode/__init__.py,sha256=k3dJy6_nUYXpe_7kSCympFwrnsnHUWBAriIagwJQppE,396
1
+ cycode/__init__.py,sha256=TPXx0wp6alM3cFNI8n6pfC8C_-Xb_SwK_vj3SNoR8jQ,396
2
2
  cycode/__main__.py,sha256=Z3bD5yrA7yPvAChcADQrqCaZd0ChGI1gdiwALwbWJ6U,104
3
3
  cycode/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
4
  cycode/cli/app.py,sha256=AlR2durAEbsa47PDfIj7JtMvJDWA_Dq6wPtVuMJYSCs,10250
@@ -94,7 +94,7 @@ cycode/cli/apps/status/version_command.py,sha256=c6Iko_rmZo9T_kQSd3HUloBi40Qv7cj
94
94
  cycode/cli/cli_types.py,sha256=QbFWJLtlsEnHGdqdHbLolJqT57RfhocvsPAhlcNcCRE,3354
95
95
  cycode/cli/config.py,sha256=Op-lX_neanJtvPvoOEx4ByBdveh5ygElIga1FdSHhOI,299
96
96
  cycode/cli/console.py,sha256=vp-DHwlkwpwdsPyfwGdjsPF-6-Bi3f8W7G-W_YXCMH8,1914
97
- cycode/cli/consts.py,sha256=YjP_aIOayJkGEc87hTCMZBmRAFtXgM-dspVF51nVSCs,9029
97
+ cycode/cli/consts.py,sha256=DA64POP-TWR4jTOkBzzN-paHX_S_9A_qPs6GCIW-U9s,9651
98
98
  cycode/cli/exceptions/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
99
99
  cycode/cli/exceptions/custom_exceptions.py,sha256=mTPLPI6V5JrEM6IQ8f7An9P207oYWEgJr-l9UpieSWk,4232
100
100
  cycode/cli/exceptions/handle_ai_remediation_errors.py,sha256=mA70upSYXK3rL_fmanzKYeUzLENhpXdkW8k3aIHrKzU,785
@@ -105,7 +105,7 @@ cycode/cli/exceptions/handle_scan_errors.py,sha256=1KkBFb7LniflYRr0vMl1FPIZDALPZ
105
105
  cycode/cli/files_collector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
106
106
  cycode/cli/files_collector/commit_range_documents.py,sha256=ZAU9er6m8_IF9y9KxZoiEaDOiZC35SEfv5VtqKp4AZc,20484
107
107
  cycode/cli/files_collector/documents_walk_ignore.py,sha256=G4e-3vfP4WZ7wa9-VbZ66xCKCioTXnPBfbrs4_hh8xY,4705
108
- cycode/cli/files_collector/file_excluder.py,sha256=5Y7MM6_4x4FRKCV47D_hOXIg9BzYLHqwoWkmtV7Lt4I,7562
108
+ cycode/cli/files_collector/file_excluder.py,sha256=YSMzmsv1qJFwOIWk6JzXLYPOd2YNHZGqf854n_DSnWI,8233
109
109
  cycode/cli/files_collector/iac/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
110
110
  cycode/cli/files_collector/iac/tf_content_generator.py,sha256=a65zA0Ejv_LSA5jac2omHck4IKoNS5MX6v6ltF2wo4E,2873
111
111
  cycode/cli/files_collector/models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -207,8 +207,8 @@ cycode/cyclient/report_client.py,sha256=Scq30NeJPzgXv0hPLO1U05AdE9i_2iu6cIrSKpEJ
207
207
  cycode/cyclient/scan_client.py,sha256=6TK5FQkfrvV7PHqRnUzEn1PBNd2oPYVamvIixcUfe3c,16755
208
208
  cycode/cyclient/scan_config_base.py,sha256=mXsPZGYCtp85rv5GIige40yQZXuRcEKUW-VQJ0vgFzk,1201
209
209
  cycode/logger.py,sha256=EfZGRK6VC5rE_LAjIcRrHFiQCueylCDXoG6bvGkrIME,2111
210
- cycode-3.16.2.dev1.dist-info/METADATA,sha256=oDlRz0-Fp8LwPQgfHSk-M0oISG7ywyV-zXW37RDoPSc,89245
211
- cycode-3.16.2.dev1.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
212
- cycode-3.16.2.dev1.dist-info/entry_points.txt,sha256=iDcVJM8ByLElVgvBgtYxDjw1kT7O8Mo0LcWZIT5L3Ig,45
213
- cycode-3.16.2.dev1.dist-info/licenses/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
214
- cycode-3.16.2.dev1.dist-info/RECORD,,
210
+ cycode-3.16.2.dev2.dist-info/METADATA,sha256=CC3YyBNUd9NwPhNpUcRppj6esmXMXe_WvYVu4i54C0g,89245
211
+ cycode-3.16.2.dev2.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
212
+ cycode-3.16.2.dev2.dist-info/entry_points.txt,sha256=iDcVJM8ByLElVgvBgtYxDjw1kT7O8Mo0LcWZIT5L3Ig,45
213
+ cycode-3.16.2.dev2.dist-info/licenses/LICENCE,sha256=2Wx4N6mD_4xB7-E3hPkZ3MPhpJy__k_I8MaCSO-PDRo,1068
214
+ cycode-3.16.2.dev2.dist-info/RECORD,,