PyPI - devsecops-radar - Versions diffs - 0.3.2__tar.gz → 0.3.3__tar.gz - Mend

devsecops-radar 0.3.2tar.gz → 0.3.3tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (63) hide show

{devsecops_radar-0.3.2/devsecops_radar.egg-info → devsecops_radar-0.3.3}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: devsecops-radar
-Version: 0.3.2
+Version: 0.3.3
 Summary: Unified CI/CD Security Dashboard — Pipeline Sentinel
 Author-email: Mehrdoost <70381337+Mehrdoost@users.noreply.github.com>
 License-Expression: MIT

{devsecops_radar-0.3.2 → devsecops_radar-0.3.3}/devsecops_radar/web/dashboard/routes.py RENAMED Viewed

@@ -39,7 +39,7 @@ DASHBOARD_HTML = r"""
     <nav class="navbar navbar-dark border-bottom border-secondary mb-4" style="background:#1e293b;">
         <div class="container-fluid">
             <span class="navbar-brand mb-0 h1">🛡️ Pipeline Sentinel</span>
-            <span class="text-muted">v0.3.2</span>
+            <span class="text-muted">v0.3.3</span>
         </div>
     </nav>

{devsecops_radar-0.3.2 → devsecops_radar-0.3.3/devsecops_radar.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: devsecops-radar
-Version: 0.3.2
+Version: 0.3.3
 Summary: Unified CI/CD Security Dashboard — Pipeline Sentinel
 Author-email: Mehrdoost <70381337+Mehrdoost@users.noreply.github.com>
 License-Expression: MIT

{devsecops_radar-0.3.2 → devsecops_radar-0.3.3}/devsecops_radar.egg-info/SOURCES.txt RENAMED Viewed

@@ -50,6 +50,9 @@ devsecops_radar/web/summary/routes.py
 devsecops_radar/web/templates/index.html
 devsecops_radar/web/topology/__init__.py
 devsecops_radar/web/topology/routes.py
+tests/test_analyzer.py
 tests/test_api.py
 tests/test_cli.py
+tests/test_database.py
+tests/test_rule_fusion.py
 tests/test_scanners.py

{devsecops_radar-0.3.2 → devsecops_radar-0.3.3}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "devsecops-radar"
-version = "0.3.2"
+version = "0.3.3"
 description = "Unified CI/CD Security Dashboard — Pipeline Sentinel"
 readme = "README.md"
 license = "MIT"

devsecops_radar-0.3.3/tests/test_analyzer.py ADDED Viewed

@@ -0,0 +1,39 @@
+import pytest
+from unittest.mock import patch, MagicMock
+from devsecops_radar.core.analyzer import OllamaAnalyzer, extract_json, select_findings_for_llm
+def test_extract_json_plain():
+    text = '{"executive_summary": "test", "attack_paths": [], "top_remediations": []}'
+    result = extract_json(text)
+    assert result["executive_summary"] == "test"
+def test_extract_json_malformed():
+    result = extract_json("some text {invalid")
+    assert "executive_summary" in result  # falls back to wrapping the text
+def test_select_findings_for_llm():
+    findings = [{"severity": "CRITICAL"}] * 120 + [{"severity": "LOW"}] * 50
+    selected = select_findings_for_llm(findings, max_items=100)
+    assert len(selected) == 100
+    # All criticals should be included
+    criticals = [f for f in selected if f["severity"] == "CRITICAL"]
+    assert len(criticals) == 100
+@patch('requests.Session.post')
+def test_ollama_analyzer_success(mock_post):
+    mock_response = MagicMock()
+    mock_response.json.return_value = {"response": '{"executive_summary": "ok", "attack_paths": [], "top_remediations": []}'}
+    mock_response.raise_for_status.return_value = None
+    mock_post.return_value = mock_response
+    analyzer = OllamaAnalyzer()
+    findings = [{"severity": "CRITICAL", "id": "1", "tool": "test"}]
+    analysis = analyzer.analyze(findings)
+    assert analysis["executive_summary"] == "ok"
+@patch('requests.Session.post')
+def test_ollama_analyzer_network_error(mock_post):
+    mock_post.side_effect = Exception("Network down")
+    analyzer = OllamaAnalyzer()
+    findings = [{"severity": "CRITICAL", "id": "1", "tool": "test"}]
+    analysis = analyzer.analyze(findings)
+    assert "AI failed" in analysis["executive_summary"]

devsecops_radar-0.3.3/tests/test_api.py ADDED Viewed

@@ -0,0 +1,29 @@
+import pytest
+from devsecops_radar.web.app import create_app
+import os
+@pytest.fixture
+def app():
+    app = create_app()
+    app.config['TESTING'] = True
+    return app
+@pytest.fixture
+def client(app):
+    return app.test_client()
+def test_dashboard_page(client):
+    resp = client.get('/')
+    assert resp.status_code == 200
+def test_findings_api_requires_key_when_set(monkeypatch, client):
+    monkeypatch.setenv("PIPELINE_API_KEY", "secret")
+    resp = client.get('/api/findings')
+    assert resp.status_code == 401
+    resp = client.get('/api/findings', headers={"X-API-Key": "secret"})
+    assert resp.status_code == 200
+def test_findings_api_open_when_disabled(monkeypatch, client):
+    monkeypatch.setenv("PIPELINE_API_KEY", "disabled")
+    resp = client.get('/api/findings')
+    assert resp.status_code == 200

devsecops_radar-0.3.3/tests/test_cli.py ADDED Viewed

@@ -0,0 +1,30 @@
+import subprocess
+import os
+import tempfile
+import pytest
+def test_cli_help():
+    result = subprocess.run(['devsecops-radar', '--help'], capture_output=True, text=True)
+    assert result.returncode == 0
+    assert '--trivy' in result.stdout
+def test_cli_wizard_flag():
+    result = subprocess.run(['devsecops-radar', '--wizard'], capture_output=True, text=True)
+    assert result.returncode == 0
+    assert 'Quick Setup Wizard' in result.stdout or 'Welcome' in result.stdout
+def test_cli_merge_sample_files():
+    sample_dir = os.path.join(os.path.dirname(__file__), '..')
+    trivy_sample = os.path.join(sample_dir, 'sample_trivy.json')
+    semgrep_sample = os.path.join(sample_dir, 'sample_semgrep.json')
+    if not os.path.exists(trivy_sample) or not os.path.exists(semgrep_sample):
+        pytest.skip("Sample files not found")
+    with tempfile.NamedTemporaryFile(suffix='.json', delete=False) as outfile:
+        outpath = outfile.name
+    result = subprocess.run(
+        ['devsecops-radar', '--trivy', trivy_sample, '--semgrep', semgrep_sample, '--output', outpath],
+        capture_output=True, text=True
+    )
+    assert result.returncode == 0
+    assert 'Merged' in result.stdout
+    os.unlink(outpath)

devsecops_radar-0.3.3/tests/test_database.py ADDED Viewed

@@ -0,0 +1,43 @@
+import os
+import tempfile
+import pytest
+# Set a temporary database BEFORE importing any devsecops_radar modules
+@pytest.fixture(scope="module")
+def temp_db():
+    # Create a unique temp file path for the database
+    fd, tmpfile = tempfile.mkstemp(suffix='.db')
+    os.close(fd)
+    old_val = os.environ.get("DATABASE_URL")
+    os.environ["DATABASE_URL"] = f"sqlite:///{tmpfile}"
+    # Now import the database functions — they will use the temp DB
+    from devsecops_radar.core.database import save_scan, get_all_scans, get_findings_paginated
+    yield tmpfile, save_scan, get_all_scans, get_findings_paginated
+    # Cleanup
+    os.unlink(tmpfile)
+    if old_val is None:
+        del os.environ["DATABASE_URL"]
+    else:
+        os.environ["DATABASE_URL"] = old_val
+def test_save_and_retrieve(temp_db):
+    tmpfile, save_scan, get_all_scans, get_findings_paginated = temp_db
+    findings = [
+        {
+            "tool": "test",
+            "severity": "HIGH",
+            "id": "1",
+            "target": "t",
+            "title": "t",
+            "description": "d"
+        }
+    ]
+    save_scan(findings)
+    scans = get_all_scans()
+    assert len(scans) > 0
+    paginated = get_findings_paginated(1, 10)
+    assert paginated["total"] >= 1

devsecops_radar-0.3.3/tests/test_rule_fusion.py ADDED Viewed

@@ -0,0 +1,30 @@
+import json
+import tempfile
+import os
+from devsecops_radar.core.rule_fusion import RuleFusion
+class TestPolicyEvaluation:
+    def test_policy_pass(self):
+        findings = [{"severity": "CRITICAL"}] * 3
+        policy = {"max_critical": 5, "on_violation": "fail"}
+        with tempfile.NamedTemporaryFile(mode='w', suffix='.json', delete=False) as f:
+            json.dump(policy, f)
+            f.flush()
+            passed, msg = RuleFusion.evaluate_policy(findings, f.name)
+        os.unlink(f.name)
+        assert passed
+        assert "passed" in msg
+    def test_policy_fail(self):
+        findings = [{"severity": "CRITICAL"}] * 6
+        policy = {"max_critical": 5, "on_violation": "fail"}
+        with tempfile.NamedTemporaryFile(mode='w', suffix='.json', delete=False) as f:
+            json.dump(policy, f)
+            f.flush()
+            passed, msg = RuleFusion.evaluate_policy(findings, f.name)
+        os.unlink(f.name)
+        assert not passed
+    def test_policy_file_not_found(self):
+        passed, msg = RuleFusion.evaluate_policy([], "/nonexistent/policy.json")
+        assert passed

devsecops_radar-0.3.3/tests/test_scanners.py ADDED Viewed

@@ -0,0 +1,81 @@
+import json
+import tempfile
+import os
+import pytest
+from devsecops_radar.scanners.trivy import TrivyScanner
+from devsecops_radar.scanners.semgrep import SemgrepScanner
+from devsecops_radar.scanners.poutine import PoutineScanner
+from devsecops_radar.scanners.zizmor import ZizmorScanner
+from devsecops_radar.scanners.gitleaks import GitleaksScanner
+def write_temp_json(data):
+    tmp = tempfile.NamedTemporaryFile(mode='w', suffix='.json', delete=False)
+    json.dump(data, tmp)
+    tmp.close()
+    return tmp.name
+class TestTrivyScanner:
+    def test_valid_json(self):
+        data = {"Results": [{"Target": "img", "Vulnerabilities": [{"VulnerabilityID": "CVE-1", "Severity": "HIGH"}]}]}
+        path = write_temp_json(data)
+        findings = TrivyScanner().parse(path)
+        os.unlink(path)
+        assert len(findings) == 1
+        assert findings[0]["severity"] == "HIGH"
+    def test_invalid_json(self):
+        with tempfile.NamedTemporaryFile(mode='w', suffix='.json', delete=False) as f:
+            f.write("not json")
+            path = f.name
+        findings = TrivyScanner().parse(path)
+        os.unlink(path)
+        assert findings == []
+    def test_missing_results(self):
+        data = {"not_results": []}
+        path = write_temp_json(data)
+        findings = TrivyScanner().parse(path)
+        os.unlink(path)
+        assert findings == []
+class TestSemgrepScanner:
+    def test_valid(self):
+        data = {"results": [{"path": "a.py", "check_id": "x", "extra": {"severity": "ERROR", "message": "bad"}}]}
+        path = write_temp_json(data)
+        findings = SemgrepScanner().parse(path)
+        os.unlink(path)
+        assert len(findings) == 1
+        assert findings[0]["severity"] == "ERROR"
+    def test_invalid(self):
+        with tempfile.NamedTemporaryFile(mode='w', suffix='.json', delete=False) as f:
+            f.write("{invalid")
+            path = f.name
+        findings = SemgrepScanner().parse(path)
+        os.unlink(path)
+        assert findings == []
+class TestPoutineScanner:
+    def test_valid(self):
+        data = {"findings": [{"rule_id": "x", "severity": "HIGH", "message": "bad", "location": {"file": "f", "line": 1}}]}
+        path = write_temp_json(data)
+        findings = PoutineScanner().parse(path)
+        os.unlink(path)
+        assert findings[0]["severity"] == "HIGH"
+class TestZizmorScanner:
+    def test_valid(self):
+        data = {"findings": [{"rule_id": "z1", "severity": "LOW", "message": "m", "path": "p", "location": {"line": 2}}]}
+        path = write_temp_json(data)
+        findings = ZizmorScanner().parse(path)
+        os.unlink(path)
+        assert findings[0]["severity"] == "LOW"
+class TestGitleaksScanner:
+    def test_valid_list(self):
+        data = [{"file": "f", "ruleID": "r", "description": "d", "line": 1}]
+        path = write_temp_json(data)
+        findings = GitleaksScanner().parse(path)
+        os.unlink(path)
+        assert len(findings) == 1
+        assert findings[0]["severity"] == "HIGH"

devsecops_radar-0.3.2/tests/test_api.py DELETED Viewed

@@ -1,16 +0,0 @@
-import pytest
-from devsecops_radar.web.app import create_app
-@pytest.fixture
-def app():
-    app = create_app()
-    app.config['TESTING'] = True
-    return app
-@pytest.fixture
-def client(app):
-    return app.test_client()
-def test_dashboard_route(client):
-    response = client.get('/')
-    assert response.status_code == 200

devsecops_radar-0.3.2/tests/test_cli.py DELETED Viewed

File without changes

devsecops_radar-0.3.2/tests/test_scanners.py DELETED Viewed

@@ -1,26 +0,0 @@
-import json
-import tempfile
-import os
-from devsecops_radar.scanners.trivy import TrivyScanner
-def test_trivy_parse():
-    scanner = TrivyScanner()
-    data = {
-        "Results": [{
-            "Target": "test-image",
-            "Vulnerabilities": [{
-                "VulnerabilityID": "CVE-2026-0001",
-                "Severity": "HIGH",
-                "Title": "Test vuln",
-                "Description": "Test"
-            }]
-        }]
-    }
-    with tempfile.NamedTemporaryFile(mode='w', suffix='.json', delete=False) as f:
-        json.dump(data, f)
-        f.flush()
-        findings = scanner.parse(f.name)
-    os.unlink(f.name)
-    assert len(findings) == 1
-    assert findings[0]["severity"] == "HIGH"
-    assert findings[0]["id"] == "CVE-2026-0001"