PyPI - devsecops-engine-tools - Versions diffs - 1.60.1__py3-none-any.whl → 1.61.0__py3-none-any.whl - Mend

devsecops-engine-tools 1.60.1py3-none-any.whl → 1.61.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (7) hide show

devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py CHANGED Viewed

@@ -134,15 +134,15 @@ class KicsTool(ToolGateway):
                 if f"RULES_{platform}" not in config_tool[self.TOOL_KICS]["RULES"]:
                     logger.error(f"Platform {platform} not found in RULES")
                 queries = [
-                    {key: value["checkID"]}
-                    for key, value in config_tool[self.TOOL_KICS]["RULES"][
-                        f"RULES_{platform}"
-                    ].items()
-                ]
+                    {key: [value["checkID"], value["overrideID"]],
+                            "severity": value["severity"]}
+                           for key, value in config_tool[self.TOOL_KICS]["RULES"][f"RULES_{platform}"].items()
+                           ]
             return queries
         except Exception as e:
             logger.error(f"Error writing queries file: {e}")
     def _execute_kics(
         self,
         folders_to_scan,
@@ -152,13 +152,14 @@ class KicsTool(ToolGateway):
         os_platform,
         queries,
     ):
-        folders = ",".join(folders_to_scan)
-        queries = ",".join([list(query.values())[0] for query in queries])
-        mapped_platforms = [
-            self.scan_type_platform_mapping.get(platform.lower(), platform)
-            for platform in platform_to_scan
-        ]
-        platforms = ",".join(mapped_platforms)
+        folders = ','.join(folders_to_scan)
+        queries = ','.join(
+            uuid for query in queries for uuid in list(query.values())[0]
+            ) if queries else ""
+        mapped_platforms = [
+                            self.scan_type_platform_mapping.get(platform.lower(), platform)
+                            for platform in platform_to_scan ] if platform_to_scan != ["all"] else list(self.scan_type_platform_mapping.values())
+        platforms = ','.join(mapped_platforms)
         command = [
             prefix,
@@ -184,22 +185,33 @@ class KicsTool(ToolGateway):
             subprocess.run(command, capture_output=True)
         except subprocess.CalledProcessError as e:
             logger.error(f"Error during KICS execution: {e}")
+            return []
     def _load_results(self, work_folder, queries):
         try:
             results_path = os.path.join(work_folder, "results.json")
             with open(results_path, "r") as f:
                 data = json.load(f)
+            query_id_to_info = {}
+            for query in queries:
+                severity = query.get("severity")
+                for custom_id, ids in query.items():
+                    if custom_id == "severity":
+                        continue
+                    for query_id in ids:
+                        if query_id != "":
+                            query_id_to_info[query_id] = {
+                                "severity": severity,
+                                "custom_id": custom_id
+                            }
             for finding in data.get("queries", []):
-                query_ids = {list(query.values())[0] for query in queries}
-                if finding.get("query_id") in query_ids:
-                    finding["custom_vuln_id"] = next(
-                        key
-                        for query in queries
-                        for key, value in query.items()
-                        if value == finding.get("query_id")
-                    )
+                query_id = finding.get("query_id")
+                if query_id in query_id_to_info:
+                    info = query_id_to_info[query_id]
+                    finding["severity"] = info["severity"].upper()
+                    finding["custom_id"] = info["custom_id"]
             with open(results_path, "w") as f:
                 json.dump(data, f, indent=4)
@@ -207,4 +219,4 @@ class KicsTool(ToolGateway):
             return data
         except Exception as ex:
             logger.error(f"An error occurred loading or modifying KICS results {ex}")
-            return None
+            return None

devsecops_engine_tools/version.py CHANGED Viewed

	@@ -1 +1 @@
1	- version = '1.60.1'
1	+ version = '1.61.0'

{devsecops_engine_tools-1.60.1.dist-info → devsecops_engine_tools-1.61.0.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.60.1
+Version: 1.61.0
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team

{devsecops_engine_tools-1.60.1.dist-info → devsecops_engine_tools-1.61.0.dist-info}/RECORD RENAMED Viewed

@@ -1,5 +1,5 @@
 devsecops_engine_tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-devsecops_engine_tools/version.py,sha256=2eJ-epiDFp3Ui5UGrGD6zOUsIepitJ-7wak1aWtkse0,19
+devsecops_engine_tools/version.py,sha256=l_Ox9QaH3OUGPJH8d9Y3cdBW0yBDcGz6D42nEyoFhcw,19
 devsecops_engine_tools/engine_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_core/src/applications/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -156,7 +156,7 @@ devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/checkov/checkov_tool.py,sha256=JP_NZfnddbGYRyiLGCpQ8kNI0t7v1TNxt7sp6jBG98w,15183
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_deserealizator.py,sha256=tZq3jutZL2M9XIxm5K_xd3mWwTCMVmHQPFNvrslCqCM,2092
-devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py,sha256=cXIvtRcsnjkrokZUQ9l9gLzj7dOKjHiQZuglh_JIiQ0,7281
+devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kics/kics_tool.py,sha256=XFixGb1AAvcBQIJkB5E5j59bMbevkNsv7oN9skETBss,7961
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/kubescape_deserealizator.py,sha256=bGOGmsIpJcQzTMxptJPwZCA9_2Woaua3pXmMs4kTnX8,2893
 devsecops_engine_tools/engine_sast/engine_iac/src/infrastructure/driven_adapters/kubescape/kubescape_tool.py,sha256=1CpaqzDaXinPxM1lSceoaBpccJ3feHwkIdYe3SQjero,4870
@@ -351,8 +351,8 @@ devsecops_engine_tools/engine_utilities/utils/name_conversion.py,sha256=ADJrRGax
 devsecops_engine_tools/engine_utilities/utils/printers.py,sha256=amYAr9YQfYgR6jK9a2l26z3oovFPQ3FAKmhq6BKhEBA,623
 devsecops_engine_tools/engine_utilities/utils/session_manager.py,sha256=Z0fdhB3r-dxU0nGSD9zW_B4r2Qol1rUnUCkhFR0U-HQ,487
 devsecops_engine_tools/engine_utilities/utils/utils.py,sha256=HCjS900TBoNcHrC4LaiP-Kf9frVdtagF130qOUgnO2M,6757
-devsecops_engine_tools-1.60.1.dist-info/METADATA,sha256=CLxgokT0rl18zN5xadJSPaxe-jKJAugb3Y7K4cLgQRg,12005
-devsecops_engine_tools-1.60.1.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
-devsecops_engine_tools-1.60.1.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
-devsecops_engine_tools-1.60.1.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
-devsecops_engine_tools-1.60.1.dist-info/RECORD,,
+devsecops_engine_tools-1.61.0.dist-info/METADATA,sha256=5QNhvIMRXCkM0c6FaQvjt7ffOeF4agcWQMZjfhQy__w,12005
+devsecops_engine_tools-1.61.0.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
+devsecops_engine_tools-1.61.0.dist-info/entry_points.txt,sha256=MHCTFFs9bdNKo6YcWCcBW2_8X6yTisgLOlmVx-V8Rxc,276
+devsecops_engine_tools-1.61.0.dist-info/top_level.txt,sha256=ge6y0X_xBAU1aG3EMWFtl9djbVyg5BxuSp2r2Lg6EQU,23
+devsecops_engine_tools-1.61.0.dist-info/RECORD,,

{devsecops_engine_tools-1.60.1.dist-info → devsecops_engine_tools-1.61.0.dist-info}/WHEEL RENAMED Viewed

File without changes

{devsecops_engine_tools-1.60.1.dist-info → devsecops_engine_tools-1.61.0.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{devsecops_engine_tools-1.60.1.dist-info → devsecops_engine_tools-1.61.0.dist-info}/top_level.txt RENAMED Viewed

File without changes

devsecops-engine-tools 1.60.1__py3-none-any.whl → 1.61.0__py3-none-any.whl

Potentially problematic release.

devsecops-engine-tools 1.60.1py3-none-any.whl → 1.61.0py3-none-any.whl