PyPI - devsecops-engine-tools - Versions diffs - 1.9.0__tar.gz → 1.11.0__tar.gz - Mend

devsecops-engine-tools 1.9.0tar.gz → 1.11.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devsecops-engine-tools might be problematic. Click here for more details.

Files changed (294) hide show

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.9.0
+Version: 1.11.0
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team
@@ -67,7 +67,7 @@ pip3 install devsecops-engine-tools
 ### Scan running - flags (CLI)
 ```bash
-devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container", "engine_risk"] --folder_path ["Folder path scan engine_iac"] --platform ["k8s","cloudformation","docker", "openapi"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --token_external_checks ["token_external_checks"] --xray_mode ["scan", "audit"] --image_to_scan ["image_to_scan"]
+devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container", "engine_risk", "engine_code"] --folder_path ["Folder path scan engine_iac, engine_code and engine_dependencies"] --platform ["k8s","cloudformation","docker", "openapi"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --token_external_checks ["token_external_checks"] --xray_mode ["scan", "audit"] --image_to_scan ["image_to_scan"]
 ```
 ### Structure Remote Config
@@ -85,6 +85,9 @@ devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_con
    ┃   ┗ 📜Exclusions.json
    ┃ ┗ 📂engine_secret
    ┃   ┗ 📜ConfigTool.json
+   ┃ ┗ 📂engine_code
+   ┃   ┗ 📜ConfigTool.json
+   ┃   ┗ 📜Exclusions.json
    ┣ 📂engine_sca
    ┃ ┗ 📂engine_container
    ┃   ┗ 📜ConfigTool.json
@@ -145,6 +148,11 @@ devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_con
     <td><a href="https://jfrog.com/help/r/get-started-with-the-jfrog-platform/jfrog-xray">XRAY</a></td>
     <td>Paid</td>
   </tr>
+  <tr>
+    <td>ENGINE_CODE</td>
+    <td><a href="https://docs.bearer.com/quickstart/">BEARER</a></td>
+    <td>Free</td>
+  </tr>
 </table>
 ### Scan running sample (CLI) - Local

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/README.md RENAMED Viewed

@@ -68,6 +68,17 @@ devsecops_engine_tools
 |                   driven_adapters
 |                   entry_points
 |                   utils.
+|           engine_code -> Static Code Scanning
+|              src
+|               applications
+|               deployment
+|               domain
+|                   model
+|                   usecases
+|               infraestructure
+|                   driven_adapters
+|                   entry_points
+|                   utils.
 |
 ├───engine_sca -> SCA Practices
 |            engine_container -> Container Scanning

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/devsecops_engine_tools/engine_core/src/applications/runner_engine_core.py RENAMED Viewed

@@ -77,6 +77,7 @@ def get_inputs_from_cli(args):
         choices=[
             "engine_iac",
             "engine_dast",
+            "engine_code",
             "engine_secret",
             "engine_dependencies",
             "engine_container",
@@ -91,7 +92,7 @@ def get_inputs_from_cli(args):
         "--folder_path",
         type=str,
         required=False,
-        help="Folder Path to scan, only apply engine_iac and engine_dependencies tools",
+        help="Folder Path to scan, only apply engine_iac, engine_code and engine_dependencies tools",
     )
     parser.add_argument(
         "-p",

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/devsecops_engine_tools/engine_core/src/domain/usecases/handle_scan.py RENAMED Viewed

@@ -4,6 +4,9 @@ from devsecops_engine_tools.engine_sast.engine_iac.src.applications.runner_iac_s
 from devsecops_engine_tools.engine_sast.engine_secret.src.applications.runner_secret_scan import (
     runner_secret_scan,
 )
+from devsecops_engine_tools.engine_sast.engine_code.src.applications.runner_engine_code import (
+    runner_engine_code,
+)
 from devsecops_engine_tools.engine_core.src.domain.model.gateway.vulnerability_management_gateway import (
     VulnerabilityManagementGateway,
 )
@@ -117,6 +120,18 @@ class HandleScan:
             return findings_list, input_core
         elif "engine_dast" in dict_args["tool"]:
             print(MESSAGE_ENABLED)
+        elif "engine_code" in dict_args["tool"]:
+            findings_list, input_core = runner_engine_code(
+                dict_args, config_tool["ENGINE_CODE"]["TOOL"], self.devops_platform_gateway
+            )
+            if (
+                dict_args["use_vulnerability_management"] == "true"
+                and input_core.path_file_results
+            ):
+                self._use_vulnerability_management(
+                    config_tool, input_core, dict_args, secret_tool, env
+                )
+            return findings_list, input_core
         elif "engine_secret" in dict_args["tool"]:
             findings_list, input_core = runner_secret_scan(
                 dict_args,

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/devsecops_engine_tools/engine_core/src/infrastructure/driven_adapters/defect_dojo/defect_dojo.py RENAMED Viewed

@@ -65,6 +65,7 @@ class DefectDojoPlatform(VulnerabilityManagementGateway):
                 "TRIVY": "Trivy Scan",
                 "KUBESCAPE": "Kubescape Scanner",
                 "KICS": "KICS Scanner",
+                "BEARER": "Bearer CLI"
             }
             if any(

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_sast/engine_code/src/applications/runner_engine_code.py ADDED Viewed

@@ -0,0 +1,31 @@
+from devsecops_engine_tools.engine_sast.engine_code.src.infrastructure.entry_points.entry_point_tool import (
+    init_engine_sast_code,
+)
+from devsecops_engine_tools.engine_sast.engine_code.src.infrastructure.driven_adapters.bearer.bearer_tool import (
+    BearerTool
+)
+from devsecops_engine_tools.engine_utilities.git_cli.infrastructure.git_run import (
+    GitRun
+)
+def runner_engine_code(dict_args, tool, devops_platform_gateway):
+    try:
+        tool_gateway = None
+        git_gateway = GitRun()
+        if (tool == "BEARER"):
+            tool_gateway = BearerTool()
+        return init_engine_sast_code(
+            devops_platform_gateway=devops_platform_gateway,
+            tool_gateway=tool_gateway,
+            dict_args=dict_args,
+            git_gateway=git_gateway,
+            tool=tool,
+        )
+    except Exception as e:
+        raise Exception(f"Error engine_code : {str(e)}")
+if __name__ == "__main__":
+    runner_engine_code()

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_sast/engine_code/src/domain/model/config_tool.py ADDED Viewed

@@ -0,0 +1,11 @@
+from devsecops_engine_tools.engine_core.src.domain.model.threshold import Threshold
+class ConfigTool:
+    def __init__(self, json_data, scope):
+        self.data = json_data
+        self.exclude_folder = self.data["EXCLUDE_FOLDER"]
+        self.ignore_search_pattern = self.data["IGNORE_SEARCH_PATTERN"]
+        self.target_branches = self.data["TARGET_BRANCHES"]
+        self.message_info_engine_code = self.data["MESSAGE_INFO_ENGINE_CODE"]
+        self.threshold = Threshold(self.data["THRESHOLD"])
+        self.scope_pipeline = scope

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_sast/engine_code/src/domain/model/gateways/tool_gateway.py ADDED Viewed

@@ -0,0 +1,15 @@
+from abc import ABCMeta, abstractmethod
+from devsecops_engine_tools.engine_sast.engine_code.src.domain.model.config_tool import (
+    ConfigTool,
+)
+class ToolGateway(metaclass=ABCMeta):
+    @abstractmethod
+    def run_tool(self,
+                 folder_to_scan: str,
+                 pull_request_files: list,
+                 agent_work_folder: str,
+                 repository: str,
+                 config_tool: ConfigTool):
+        "run code scan tool"

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_sast/engine_code/src/domain/usecases/code_scan.py ADDED Viewed

@@ -0,0 +1,123 @@
+import re
+from devsecops_engine_tools.engine_sast.engine_code.src.domain.model.gateways.tool_gateway import (
+    ToolGateway,
+)
+from devsecops_engine_tools.engine_core.src.domain.model.gateway.devops_platform_gateway import (
+    DevopsPlatformGateway,
+)
+from devsecops_engine_tools.engine_utilities.git_cli.model.gateway.git_gateway import (
+    GitGateway
+)
+from devsecops_engine_tools.engine_sast.engine_code.src.domain.model.config_tool import (
+    ConfigTool,
+)
+from devsecops_engine_tools.engine_core.src.domain.model.exclusions import Exclusions
+from devsecops_engine_tools.engine_core.src.domain.model.input_core import (
+    InputCore
+)
+from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
+from devsecops_engine_tools.engine_utilities import settings
+logger = MyLogger.__call__(**settings.SETTING_LOGGER).get_logger()
+class CodeScan:
+    def __init__(
+        self, tool_gateway: ToolGateway, devops_platform_gateway: DevopsPlatformGateway, git_gateway: GitGateway
+    ):
+        self.tool_gateway = tool_gateway
+        self.devops_platform_gateway = devops_platform_gateway
+        self.git_gateway = git_gateway
+    def set_config_tool(self, dict_args):
+        init_config_tool = self.devops_platform_gateway.get_remote_config(
+            dict_args["remote_config_repo"],
+            "engine_sast/engine_code/ConfigTool.json"
+        )
+        scope_pipeline = self.devops_platform_gateway.get_variable(
+            "pipeline_name"
+        )
+        return ConfigTool(json_data=init_config_tool, scope=scope_pipeline)
+    def get_pull_request_files(self, target_branches):
+        files_pullrequest = self.git_gateway.get_files_pull_request(
+            self.devops_platform_gateway.get_variable("path_directory"),
+            self.devops_platform_gateway.get_variable("target_branch"),
+            target_branches,
+            self.devops_platform_gateway.get_variable("source_branch"),
+            self.devops_platform_gateway.get_variable("access_token"),
+            self.devops_platform_gateway.get_variable("organization"),
+            self.devops_platform_gateway.get_variable("project_name"),
+            self.devops_platform_gateway.get_variable("repository"),
+            self.devops_platform_gateway.get_variable("repository_provider")
+            )
+        return files_pullrequest
+    def get_exclusions(self, dict_args, tool):
+        exclusions_data = self.devops_platform_gateway.get_remote_config(
+            dict_args["remote_config_repo"],
+            "engine_sast/engine_code/Exclusions.json"
+        )
+        list_exclusions = []
+        skip_tool = False
+        for pipeline, exclusions in exclusions_data.items():
+            if (pipeline == "All") or (pipeline == self.devops_platform_gateway.get_variable("pipeline_name")):
+                if exclusions.get("SKIP_TOOL", False):
+                    skip_tool = True
+                elif exclusions.get(tool, False):
+                    for exc in exclusions[tool]:
+                        exclusion = Exclusions(
+                            id=exc.get("id", ""),
+                            where=exc.get("where", ""),
+                            create_date=exc.get("create_date", ""),
+                            expired_date=exc.get("expired_date", ""),
+                            severity=exc.get("severity", ""),
+                            hu=exc.get("hu", ""),
+                            reason=exc.get("reason", "Risk acceptance"),
+                        )
+                        list_exclusions.append(exclusion)
+        return list_exclusions, skip_tool
+    def apply_exclude_path(self, exclude_folder, ignore_search_pattern, pull_request_file):
+        patterns = ignore_search_pattern
+        patterns.extend([rf"/{re.escape(folder)}//*" for folder in exclude_folder])
+        for pattern in patterns:
+            if re.search(pattern, pull_request_file):
+                return True
+        return False
+    def process(self, dict_args, tool):
+        config_tool = self.set_config_tool(dict_args)
+        list_exclusions, skip_tool = self.get_exclusions(dict_args, tool)
+        findings_list, path_file_results = [], ""
+        if not skip_tool:
+            pull_request_files = []
+            if not dict_args["folder_path"]:
+                pull_request_files = self.get_pull_request_files(config_tool.target_branches)
+                pull_request_files = [pf for pf in pull_request_files
+                                      if not self.apply_exclude_path(config_tool.exclude_folder, config_tool.ignore_search_pattern, pf)]
+            findings_list, path_file_results = self.tool_gateway.run_tool(
+                dict_args["folder_path"],
+                pull_request_files,
+                self.devops_platform_gateway.get_variable("path_directory"),
+                self.devops_platform_gateway.get_variable("repository"),
+                config_tool
+            )
+        else:
+            print(f"Tool skipped by DevSecOps policy")
+            logger.info(f"Tool skipped by DevSecOps policy")
+        input_core = InputCore(
+            totalized_exclusions=list_exclusions,
+            threshold_defined=config_tool.threshold,
+            path_file_results=path_file_results,
+            custom_message_break_build=config_tool.message_info_engine_code,
+            scope_pipeline=config_tool.scope_pipeline,
+            stage_pipeline=self.devops_platform_gateway.get_variable("stage").capitalize(),
+        )
+        return findings_list, input_core

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/bearer_deserealizator.py ADDED Viewed

@@ -0,0 +1,49 @@
+from devsecops_engine_tools.engine_core.src.domain.model.finding import (
+    Category,
+    Finding,
+)
+from datetime import datetime
+from dataclasses import dataclass
+import json
+import re
+@dataclass
+class BearerDeserealizator:
+    @classmethod
+    def get_list_finding(cls,
+                         scan_result_path,
+                         agent_work_folder) -> "list[Finding]":
+        findings = []
+        with open(scan_result_path, encoding='utf-8') as arc:
+            try:
+                data = json.load(arc)
+                severity = list(data.keys())
+            except:
+                return findings
+            description_pattern = r"(?<=## Description\n)(.*?)(?=##)"
+            for sev in severity:
+                vulnerabilities = data[sev]
+                for vul in vulnerabilities:
+                    description = re.search(description_pattern, vul["description"], flags=re.DOTALL).group(1).strip()
+                    chunks = [description[i : i + 70] for i in range(0, len(description), 70)]
+                    formatted_description = "\n".join(chunks) + "\n"
+                    finding = Finding(
+                        id=vul["id"],
+                        cvss="",
+                        where=vul["full_filename"].replace(agent_work_folder, "").replace("/copy_files_bearer", ""),
+                        description=formatted_description,
+                        severity=sev.lower(),
+                        identification_date=datetime.now().strftime("%d%m%Y"),
+                        published_date_cve=None,
+                        module="engine_code",
+                        category=Category.VULNERABILITY,
+                        requirements="",
+                        tool="Bearer"
+                    )
+                    findings.append(finding)
+        return findings

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/driven_adapters/bearer/bearer_tool.py ADDED Viewed

@@ -0,0 +1,126 @@
+import subprocess
+import yaml
+import shutil
+import os
+import json
+import concurrent.futures
+from devsecops_engine_tools.engine_sast.engine_code.src.domain.model.gateways.tool_gateway import (
+    ToolGateway,
+)
+from devsecops_engine_tools.engine_sast.engine_code.src.infrastructure.driven_adapters.bearer.bearer_deserealizator import (
+    BearerDeserealizator,
+)
+class BearerTool(ToolGateway):
+    BEARER_TOOL = "BEARER"
+    MAX_RETRY = 5
+    def install_tool(self):
+        command = f"bearer version"
+        result = subprocess.run(
+            command,
+            capture_output=True,
+            shell=True
+        )
+        if result.returncode != 0:
+            command = f"curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.sh | sh -s -- -b /usr/local/bin"
+            for num_try in range(self.MAX_RETRY):
+                result = subprocess.run(
+                    command,
+                    stdout=subprocess.PIPE,
+                    stderr=subprocess.PIPE,
+                    shell=True
+                )
+                if result.returncode == 0: break
+                if num_try == self.MAX_RETRY - 1:
+                    raise Exception(f"Error installing Bearer tool.")
+    def config_data(self, agent_work_folder):
+        data = {
+            "report": {
+                "output": f"{agent_work_folder}/bearer-scan.json",
+                "format": "json",
+                "report": "security",
+                "severity": "critical,high,medium,low"
+            },
+            "scan": {
+                "disable-domain-resolution": True,
+                "domain-resolution-timeout": "3s",
+                "exit-code": 0,
+                "scanner": ["sast"]
+            },
+        }
+        return data
+    def create_config_file(self, agent_work_folder):
+        with open(
+            f"{agent_work_folder}/bearer.yml",
+            "w",
+        ) as file:
+            yaml.dump(self.config_data(agent_work_folder), file, default_flow_style=False)
+            file.close()
+    def copy_file(self, pull_file, agent_work_folder, repository, path_to_scan):
+        path = f"{agent_work_folder}/{repository}/{pull_file}"
+        destination_path = os.path.join(path_to_scan, f"{repository}/{pull_file}")
+        os.makedirs(os.path.dirname(destination_path), exist_ok=True)
+        shutil.copy2(path, destination_path)
+    def scan_path(self, path, agent_work_folder):
+        command = f"bearer scan {path} --config-file {agent_work_folder}/bearer.yml"
+        subprocess.run(
+            command,
+            check=True,
+            stdout=subprocess.PIPE,
+            stderr=subprocess.PIPE,
+            shell=True
+        )
+        findings = BearerDeserealizator.get_list_finding(
+            f"{agent_work_folder}/bearer-scan.json", agent_work_folder
+        )
+        return findings
+    def format_scan_file(self, scan_result_path, agent_work_folder):
+        with open(scan_result_path, encoding='utf-8') as arc:
+            try:
+                data = json.load(arc)
+                severity = list(data.keys())
+                for sev in severity:
+                    for vul in data[sev]:
+                        if "snippet" not in vul.keys(): vul["snippet"] = ""
+            except:
+                data = {}
+        with open(f"{agent_work_folder}/bearer-scan-vul-man.json", "w") as file:
+            json.dump(data, file)
+            file.close()
+        return f"{agent_work_folder}/bearer-scan-vul-man.json"
+    def run_tool(self, folder_to_scan, pull_request_files, agent_work_folder, repository, config_tool):
+        self.install_tool()
+        number_threads = config_tool.data[self.BEARER_TOOL]["NUMBER_THREADS"]
+        scan_result_path = f"{agent_work_folder}/bearer-scan.json"
+        self.create_config_file(agent_work_folder)
+        if folder_to_scan:
+            path_to_scan = folder_to_scan
+        else:
+            path_to_scan = f"{agent_work_folder}/copy_files_bearer"
+            os.makedirs(path_to_scan, exist_ok=True)
+            with concurrent.futures.ThreadPoolExecutor(max_workers=number_threads) as executor:
+                futures = [
+                    executor.submit(self.copy_file, pull_file, agent_work_folder, repository, path_to_scan)
+                    for pull_file in pull_request_files
+                ]
+                for future in futures: future.result()
+        findings = self.scan_path(path_to_scan, agent_work_folder)
+        scan_result_path_formatted = self.format_scan_file(scan_result_path, agent_work_folder)
+        return findings, scan_result_path_formatted

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_sast/engine_code/src/infrastructure/entry_points/entry_point_tool.py ADDED Viewed

@@ -0,0 +1,6 @@
+from devsecops_engine_tools.engine_sast.engine_code.src.domain.usecases.code_scan import (
+    CodeScan,
+)
+def init_engine_sast_code(devops_platform_gateway, tool_gateway, dict_args, git_gateway, tool):
+    return CodeScan(tool_gateway, devops_platform_gateway, git_gateway).process(dict_args, tool)

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/devsecops_engine_tools/engine_sast/engine_secret/src/applications/runner_secret_scan.py RENAMED Viewed

@@ -7,7 +7,7 @@ from devsecops_engine_tools.engine_sast.engine_secret.src.infrastructure.driven_
 from devsecops_engine_tools.engine_sast.engine_secret.src.infrastructure.driven_adapters.trufflehog.trufflehog_deserealizator import (
     SecretScanDeserealizator
     )
-from devsecops_engine_tools.engine_sast.engine_secret.src.infrastructure.driven_adapters.git_cli.git_run import (
+from devsecops_engine_tools.engine_utilities.git_cli.infrastructure.git_run import (
     GitRun
     )

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/devsecops_engine_tools/engine_sast/engine_secret/src/domain/usecases/secret_scan.py RENAMED Viewed

@@ -11,7 +11,7 @@ from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.gateway.g
 from devsecops_engine_tools.engine_core.src.domain.model.gateway.devops_platform_gateway import (
     DevopsPlatformGateway,
 )
-from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.gateway.git_gateway import (
+from devsecops_engine_tools.engine_utilities.git_cli.model.gateway.git_gateway import (
     GitGateway
 )

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/defect_dojo/domain/request_objects/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/__init__.py ADDED Viewed

File without changes

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/devsecops_engine_tools/engine_utilities/defect_dojo/domain/serializers/import_scan.py RENAMED Viewed

@@ -19,6 +19,7 @@ list_scan_type = [
     "AWS Security Hub Scan",
     "Azure Security Center Recommendations Scan",
     "Bandit Scan",
+    "Bearer CLI",
     "BlackDuck API",
     "Blackduck Component Risk",
     "Blackduck Hub Scan",

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/defect_dojo/domain/user_case/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/driver_adapters/settings/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/defect_dojo/infraestructure/repository/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/git_cli/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/git_cli/infrastructure/__init__.py ADDED Viewed

File without changes

{devsecops_engine_tools-1.9.0/devsecops_engine_tools/engine_sast/engine_secret/src/infrastructure/driven_adapters/git_cli → devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/git_cli/infrastructure}/git_run.py RENAMED Viewed

@@ -2,7 +2,7 @@ from dataclasses import dataclass
 import os
 import subprocess
 from urllib.parse import quote
-from devsecops_engine_tools.engine_sast.engine_secret.src.domain.model.gateway.git_gateway import GitGateway
+from devsecops_engine_tools.engine_utilities.git_cli.model.gateway.git_gateway import GitGateway
 from devsecops_engine_tools.engine_utilities.utils.logger_info import MyLogger
 from devsecops_engine_tools.engine_utilities import settings

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/git_cli/model/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/git_cli/model/gateway/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/github/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/github/infrastructure/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/github/models/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/input_validations/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/ssh/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/engine_utilities/utils/__init__.py ADDED Viewed

File without changes

devsecops_engine_tools-1.11.0/devsecops_engine_tools/version.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ version = '1.11.0'

{devsecops_engine_tools-1.9.0 → devsecops_engine_tools-1.11.0}/devsecops_engine_tools.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: devsecops-engine-tools
-Version: 1.9.0
+Version: 1.11.0
 Summary: Tool for DevSecOps strategy
 Home-page: https://github.com/bancolombia/devsecops-engine-tools
 Author: Bancolombia DevSecOps Team
@@ -67,7 +67,7 @@ pip3 install devsecops-engine-tools
 ### Scan running - flags (CLI)
 ```bash
-devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container", "engine_risk"] --folder_path ["Folder path scan engine_iac"] --platform ["k8s","cloudformation","docker", "openapi"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --token_external_checks ["token_external_checks"] --xray_mode ["scan", "audit"] --image_to_scan ["image_to_scan"]
+devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_config_repo ["remote_config_repo"] --tool ["engine_iac", "engine_dast", "engine_secret", "engine_dependencies", "engine_container", "engine_risk", "engine_code"] --folder_path ["Folder path scan engine_iac, engine_code and engine_dependencies"] --platform ["k8s","cloudformation","docker", "openapi"] --use_secrets_manager ["false", "true"] --use_vulnerability_management ["false", "true"] --send_metrics ["false", "true"] --token_cmdb ["token_cmdb"] --token_vulnerability_management ["token_vulnerability_management"] --token_engine_container ["token_engine_container"] --token_engine_dependencies ["token_engine_dependencies"] --token_external_checks ["token_external_checks"] --xray_mode ["scan", "audit"] --image_to_scan ["image_to_scan"]
 ```
 ### Structure Remote Config
@@ -85,6 +85,9 @@ devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_con
    ┃   ┗ 📜Exclusions.json
    ┃ ┗ 📂engine_secret
    ┃   ┗ 📜ConfigTool.json
+   ┃ ┗ 📂engine_code
+   ┃   ┗ 📜ConfigTool.json
+   ┃   ┗ 📜Exclusions.json
    ┣ 📂engine_sca
    ┃ ┗ 📂engine_container
    ┃   ┗ 📜ConfigTool.json
@@ -145,6 +148,11 @@ devsecops-engine-tools --platform_devops ["local","azure","github"] --remote_con
     <td><a href="https://jfrog.com/help/r/get-started-with-the-jfrog-platform/jfrog-xray">XRAY</a></td>
     <td>Paid</td>
   </tr>
+  <tr>
+    <td>ENGINE_CODE</td>
+    <td><a href="https://docs.bearer.com/quickstart/">BEARER</a></td>
+    <td>Free</td>
+  </tr>
 </table>
 ### Scan running sample (CLI) - Local

devsecops-engine-tools 1.9.0__tar.gz → 1.11.0__tar.gz

Potentially problematic release.

devsecops-engine-tools 1.9.0tar.gz → 1.11.0tar.gz