devsecops-engine-tools 1.106.1__py3-none-any.whl → 1.108.0__py3-none-any.whl

devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py

@@ -27,7 +27,8 @@ class CdxGen(SbomManagerGateway):
         try:
             cdxgen_version = config["CDXGEN"]["CDXGEN_VERSION"]
             slim = "-slim" if config["CDXGEN"]["SLIM_BINARY"] else ""
-            exclude_types = config["CDXGEN"].get("EXCLUDE_TYPES", "")
+            exclude_types = config["CDXGEN"].get("EXCLUDE_TYPES", [])
+            exclude_paths = config["CDXGEN"].get("EXCLUDE_PATHS", [])
             recurse = config["CDXGEN"].get("RECURSE", True)
             debug_pipelines = config["CDXGEN"].get("DEBUG_PIPELINES", [])
             
@@ -61,13 +62,13 @@ class CdxGen(SbomManagerGateway):
                 logger.warning(f"{os_platform} is not supported.")
                 return None
 
-            result_sbom = self._run_cdxgen(command_prefix, artifact, service_name, exclude_types, recurse, enable_debug)
+            result_sbom = self._run_cdxgen(command_prefix, artifact, service_name, exclude_types, exclude_paths, recurse, enable_debug)
             return get_list_component(result_sbom, config["CDXGEN"]["OUTPUT_FORMAT"])
         except Exception as e:
             logger.error(f"Error generating SBOM: {e}")
             return None
 
-    def _run_cdxgen(self, command_prefix, artifact, service_name, exclude_types, recurse, enable_debug=False):
+    def _run_cdxgen(self, command_prefix, artifact, service_name, exclude_types, exclude_paths, recurse, enable_debug=False):
         result_file = f"{service_name}_SBOM.json"
         command = [
             command_prefix,
@@ -77,9 +78,16 @@ class CdxGen(SbomManagerGateway):
         ]
 
         if exclude_types:
-            command.extend(
-                ["--exclude-type", exclude_types]
-            )
+            for ex in exclude_types:
+                command.extend(
+                    ["--exclude-type", ex]
+                )
+
+        if exclude_paths:
+            for ex in exclude_paths:
+                command.extend(
+                    ["--exclude", ex]
+                )
         
         if not recurse:
             command.append(

devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py

@@ -79,6 +79,8 @@ class TrufflehogRun(ToolGateway):
         exclude_detectors = config_tool[tool]["EXCLUDE_DETECTORS"]
         if exclude_detectors:
             exclude_detectors = ",".join(exclude_detectors)
+        filter_entropy = config_tool[tool].get("FILTER_ENTROPY")
+
 
         with concurrent.futures.ThreadPoolExecutor(max_workers=config_tool[tool]["NUMBER_THREADS"]) as executor:
             results = executor.map(
@@ -91,7 +93,8 @@ class TrufflehogRun(ToolGateway):
                 [enable_custom_rules] * len(include_paths),
                 [agent_os] * len(include_paths),
                 [folder_path] * len(include_paths),
-                [exclude_detectors] * len(include_paths)
+                [exclude_detectors] * len(include_paths),
+                [filter_entropy] * len(include_paths)
             )
         findings, file_findings = self.create_file(self.decode_output(results), path, config_tool, tool)
         return  findings, file_findings
@@ -129,18 +132,23 @@ class TrufflehogRun(ToolGateway):
         enable_custom_rules,
         agent_os,
         folder_path,
-        exclude_detectors
+        exclude_detectors,
+        filter_entropy
     ):
         path_folder = folder_path if folder_path is not None else f"{path}/{repository_name}"
         command = f"{trufflehog_command} filesystem {path_folder} --include-paths {include_path} --exclude-paths {exclude_path} --no-verification --no-update --json"
+        
         if enable_custom_rules:
             command = command.replace("--no-verification --no-update --json", f"--config {path}//rules//trufflehog//custom-rules.yaml --no-verification --no-update --json" if "Windows" in agent_os else
                                       f"--config {path}/rules/trufflehog/custom-rules.yaml --no-verification --no-update --json" if "Linux" or "Darwin" in agent_os else
-                                      "--no-verification --no-update --json")
+                                      "--no-verification --no-update --json")  
             
         if exclude_detectors:
             command = f"{command} --exclude-detectors {exclude_detectors}"
             
+        if filter_entropy:
+            command = f"{command} --filter-entropy={filter_entropy}"
+
         result = subprocess.run(command, capture_output=True, shell=True, text=True, encoding='utf-8')
         return result.stdout.strip()
 

devsecops_engine_tools/version.py

@@ -1 +1 @@
-version = '1.106.1'
+version = '1.108.0'

{devsecops_engine_tools-1.106.1.dist-info → devsecops_engine_tools-1.108.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.106.1
+Version: 1.108.0
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.106.1.dist-info → devsecops_engine_tools-1.108.0.dist-info}/RECORD

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=Jctld65Ex65MjDF7O1lOFzEfkCaSrUw5zv8WSaRGAiI,20
+devsecops_engine_tools/version.py,sha256=2xLJEOyAFRaBObPOQ9ahgsePcZmOhV8PVIAkoya9oYA,20
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -38,7 +38,7 @@ devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/aws/secret
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/azure/azure_devops.py,sha256=-3KUPxlzBoxJarj8ZY8w84UffuedtBnj3z4r9UW7nFQ,6027
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py,sha256=aKPBEnhsCM_innNpZ2R5THgLaGctcVafNvXbFjq26tg,5560
+devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/cdxgen/cdxgen.py,sha256=e6LeBm1q5_Wq26-IZ9tG1eyoYOQ409BDr6XEsyKVL2E,5850
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py,sha256=GXz-xBxptaZsQU8sR9OTcDAvdIygXmiLfmMIWhlC-hs,33105
 devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/github/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -200,7 +200,7 @@ devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapt
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/gitleaks/gitleaks_tool.py,sha256=HTrbIronNbasyALapm0j3ZEaJCs7X7CRPS6uE_xPAMc,6049
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_deserealizator.py,sha256=mrSqPrkMiikxQ_uY-rF2I8QvicsOMdMBzTC8CTV3Wk8,2392
-devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=23nTGgwFn_-fNKXJEy2iTV1gIFPE_VdQWX_d8XVEeus,8544
+devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/trufflehog/trufflehog_run.py,sha256=mnQBDVbNghJgLIJDmvnn9PGZoOUVeXz7d9_gxm5-8Rg,8805
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/entry_points/entry_point_tool.py,sha256=61OnP4ehmzh-tRbACgZsB4IJi6J6HT9E6KCOcuhvnRw,1185
 devsecops_engine_tools/engine_sca/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -383,8 +383,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
 devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=HCjS900TBoNcHrC4LaiP-Kf9frVdtagF130qOUgnO2M,6757
-devsecops_engine_tools-1.106.1.dist-info/METADATA,sha256=LTcC_WlH3sZfEDN4ilinU659nrWMJuZzn8wvYVi5IAs,3233
-devsecops_engine_tools-1.106.1.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
-devsecops_engine_tools-1.106.1.dist-info/entry_points.txt,sha256=OWAww5aBsGeMv0kWhSgVNB0ySKKpYuJd4dly0ikFPkc,283
-devsecops_engine_tools-1.106.1.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.106.1.dist-info/RECORD,,
+devsecops_engine_tools-1.108.0.dist-info/METADATA,sha256=07uUw3S0icGRSL9W0WPfDvaEkIvPAQVMfCPS2mVripc,3233
+devsecops_engine_tools-1.108.0.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
+devsecops_engine_tools-1.108.0.dist-info/entry_points.txt,sha256=OWAww5aBsGeMv0kWhSgVNB0ySKKpYuJd4dly0ikFPkc,283
+devsecops_engine_tools-1.108.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.108.0.dist-info/RECORD,,