PyPI - devsecops-radar - Versions diffs - 0.3.3__tar.gz → 0.3.5__tar.gz - Mend

devsecops-radar 0.3.3tar.gz → 0.3.5tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (60) hide show

{devsecops_radar-0.3.3/devsecops_radar.egg-info → devsecops_radar-0.3.5}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: devsecops-radar
-Version: 0.3.3
+Version: 0.3.5
 Summary: Unified CI/CD Security Dashboard — Pipeline Sentinel
 Author-email: Mehrdoost <70381337+Mehrdoost@users.noreply.github.com>
 License-Expression: MIT

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/cli/scanner.py RENAMED Viewed

@@ -123,17 +123,16 @@ def wizard():
     print("🛡️  Welcome to Pipeline Sentinel – Quick Setup Wizard")
     print("This will install necessary components.\n")
     import subprocess
-    # 1. Ollama check
     try:
         subprocess.run(['ollama', '--version'], capture_output=True, check=True)
         print("[✔] Ollama found.")
-    except:
+    except FileNotFoundError:
         print("[!] Ollama not found. Installing...")
         subprocess.run('curl -fsSL https://ollama.com/install.sh | sh', shell=True)
-    # 2. Pull AI model
+    except Exception:
+        print("[!] Could not verify Ollama. Please install manually.")
     print("📥 Pulling AI model (llama3.2)...")
     subprocess.run(['ollama', 'pull', 'llama3.2:latest'])
-    # 3. Suggestions for optional tools
     if subprocess.run(['which', 'semgrep'], capture_output=True).returncode == 0:
         print("[✔] Semgrep available.")
     else:
@@ -142,7 +141,6 @@ def wizard():
         print("[✔] Docker available.")
     else:
         print("[ ] Docker not found (optional).")
-    # 4. Final instructions
     print("\n✅ Setup complete! You can now run:")
     print("   devsecops-radar --trivy sample_trivy.json --semgrep sample_semgrep.json")
     print("   devsecops-radar-web")

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/core/analyzer.py RENAMED Viewed

@@ -4,9 +4,8 @@ import re
 import requests
 from requests.adapters import HTTPAdapter
 from urllib3.util.retry import Retry
-from typing import List, Dict, Any, Optional
+from typing import List, Dict, Any
-# --- Retry logic for LLM calls ---
 def _session_with_retries(total=3, backoff_factor=0.5, status_forcelist=[429, 500, 502, 503, 504]):
     session = requests.Session()
     retries = Retry(
@@ -20,7 +19,6 @@ def _session_with_retries(total=3, backoff_factor=0.5, status_forcelist=[429, 50
     session.mount('https://', adapter)
     return session
-# Default maximum findings sent to LLM (configurable via env)
 MAX_ANALYZER_FINDINGS = int(os.environ.get("ANALYZER_MAX_FINDINGS", "100"))
 FEW_SHOT_EXAMPLE = {
@@ -60,7 +58,7 @@ def extract_json(text: str) -> Dict[str, Any]:
         if match:
             try:
                 return json.loads(match.group(0))
-            except:
+            except json.JSONDecodeError:
                 pass
     return {"executive_summary": text, "attack_paths": [], "top_remediations": []}

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/core/models.py RENAMED Viewed

@@ -1,7 +1,7 @@
 from sqlalchemy import create_engine, Column, Integer, String, DateTime, JSON, ForeignKey
 from sqlalchemy.orm import declarative_base, sessionmaker, relationship
-from pydantic import BaseModel, Field, validator
-from typing import List, Optional
+from pydantic import BaseModel, validator
+from typing import Optional
 import datetime
 import os
@@ -20,11 +20,6 @@ class FindingSchema(BaseModel):
     def severity_upper(cls, v):
         return v.upper()
-class ScanMetadata(BaseModel):
-    findings: List[FindingSchema]
-    scan_id: Optional[int] = None
-    timestamp: Optional[str] = None
 class Scan(Base):
     __tablename__ = 'scans'
     id = Column(Integer, primary_key=True)
@@ -52,7 +47,6 @@ def init_db():
     Base.metadata.create_all(engine)
 def save_scan_to_db(findings: list):
-    # Validate with Pydantic before storing
     validated = [FindingSchema(**f) for f in findings]
     init_db()
     session = SessionLocal()

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/core/parser.py RENAMED Viewed

@@ -1,4 +1,6 @@
+import json
 import warnings
+from typing import List, Dict, Any
 warnings.warn(
     "devsecops_radar.core.parser is deprecated and will be removed in v0.3.0. "
@@ -7,10 +9,6 @@ warnings.warn(
     stacklevel=2,
 )
-import json
-from typing import List, Dict, Any
 def parse_trivy_json(file_path: str) -> List[Dict[str, Any]]:
     with open(file_path) as f:
         data = json.load(f)

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/core/reporting.py RENAMED Viewed

@@ -18,12 +18,6 @@ def redact_sensitive(text: str, patterns: List[str] = None) -> str:
     return text
 def generate_pdf_report(findings: List[Dict[str, Any]], ai_summary: Dict[str, Any], output_file: str = "report.pdf", redact: bool = True):
-    try:
-        from reportlab.platypus import SimpleDocTemplate, Table, TableStyle, Paragraph
-    except ImportError:
-        print("[ERROR] reportlab not installed.")
-        return
     doc = SimpleDocTemplate(output_file, pagesize=A4)
     elements = []
     styles = getSampleStyleSheet()

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/core/rule_fusion.py RENAMED Viewed

@@ -2,7 +2,7 @@ import json
 import os
 import subprocess
 from pathlib import Path
-from typing import List, Dict, Any, Optional, Tuple
+from typing import List, Dict, Any, Tuple
 class RuleFusion:
@@ -26,10 +26,7 @@ class RuleFusion:
         )
         self.findings: List[Dict[str, Any]] = []
-    # ── public API ──────────────────────────────────────────────
     def load_all_rules(self) -> List[Dict[str, Any]]:
-        """Load rules from both local and community sources."""
         if self.local_rules_path and self.local_rules_path.exists():
             self._load_from_directory(self.local_rules_path)
@@ -40,7 +37,6 @@ class RuleFusion:
         return self.findings
     def update_community_rules(self) -> None:
-        """Clone or pull the latest community rules repository."""
         target_dir = Path.home() / ".devsecops-radar" / "community-rules"
         target_dir.parent.mkdir(parents=True, exist_ok=True)
@@ -63,7 +59,6 @@ class RuleFusion:
         )
     def generate_template(self, scanner_name: str) -> str:
-        """Generate a sample rule file for the user to start with."""
         template = {
             "findings": [
                 {
@@ -82,18 +77,10 @@ class RuleFusion:
         }
         return json.dumps(template, indent=2)
-    # ── policy engine ─────────────────────────────────────────
     @staticmethod
     def evaluate_policy(
         findings: List[Dict[str, Any]], policy_file: str
     ) -> Tuple[bool, str]:
-        """
-        Evaluate a policy file against the findings.
-        Returns (pass, message).
-        The policy file is a JSON object with conditions.
-        Example: {"max_critical": 5, "on_violation": "fail"}
-        """
         if not os.path.exists(policy_file):
             return True, (
                 f"Policy file '{policy_file}' not found. "
@@ -120,10 +107,7 @@ class RuleFusion:
         return True, "Policy checks passed."
-    # ── internal helpers ────────────────────────────────────────
     def _load_from_directory(self, directory: Path) -> None:
-        """Recursively load all JSON files from a directory."""
         for json_file in sorted(directory.rglob("*.json")):
             try:
                 with open(json_file, "r", encoding="utf-8") as f:
@@ -143,7 +127,6 @@ class RuleFusion:
             print(f"📄 Loaded {len(parsed)} findings from {json_file.name}")
     def _validate_json(self, data: Any, filename: str) -> bool:
-        """Structural validation with better list handling."""
         if isinstance(data, list):
             if len(data) == 0:
                 print(f"[WARNING] {filename}: empty list, skipping")
@@ -171,10 +154,8 @@ class RuleFusion:
     def _parse_scanner_output(
         self, data: Any, filename: str
     ) -> List[Dict[str, Any]]:
-        """Parse any known scanner format."""
         findings: List[Dict[str, Any]] = []
-        # Already a plain list of findings
         if isinstance(data, list):
             for item in data:
                 if isinstance(item, dict) and self._is_finding(item):
@@ -184,7 +165,6 @@ class RuleFusion:
         if not isinstance(data, dict):
             return findings
-        # Trivy format
         for result in data.get("Results", []):
             for vuln in result.get("Vulnerabilities", []):
                 findings.append(
@@ -203,7 +183,6 @@ class RuleFusion:
                     }
                 )
-        # Semgrep format
         for result in data.get("results", []):
             findings.append(
                 {
@@ -222,7 +201,6 @@ class RuleFusion:
                 }
             )
-        # Poutine / Zizmor / Generic format
         for item in data.get("findings", []):
             if isinstance(item, dict):
                 findings.append(self._normalize(item, filename))

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/core/sbom.py RENAMED Viewed

@@ -1,7 +1,6 @@
 import subprocess
 import json
-import os
-from typing import List, Dict, Any, Optional
+from typing import List, Dict, Optional
 def generate_sbom(target_dir: str, output_file: str = "sbom.json") -> Optional[Dict]:
     try:

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/web/app.py RENAMED Viewed

@@ -4,7 +4,7 @@ from devsecops_radar.web.attack_paths.routes import attack_paths_bp
 from devsecops_radar.web.topology.routes import topology_bp
 from devsecops_radar.web.summary.routes import summary_bp
 from devsecops_radar.web.sentry.routes import sentry_bp
-from devsecops_radar.core.auth import login_required, create_token
+from devsecops_radar.core.auth import create_token
 from devsecops_radar.core.settings import settings
 def create_app():

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/devsecops_radar/web/sentry/routes.py RENAMED Viewed

@@ -1,6 +1,4 @@
 from flask import Blueprint, request, jsonify
-import json
-import os
 sentry_bp = Blueprint('sentry', __name__)

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5/devsecops_radar.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: devsecops-radar
-Version: 0.3.3
+Version: 0.3.5
 Summary: Unified CI/CD Security Dashboard — Pipeline Sentinel
 Author-email: Mehrdoost <70381337+Mehrdoost@users.noreply.github.com>
 License-Expression: MIT

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "devsecops-radar"
-version = "0.3.3"
+version = "0.3.5"
 description = "Unified CI/CD Security Dashboard — Pipeline Sentinel"
 readme = "README.md"
 license = "MIT"

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/tests/test_analyzer.py RENAMED Viewed

@@ -1,4 +1,3 @@
-import pytest
 from unittest.mock import patch, MagicMock
 from devsecops_radar.core.analyzer import OllamaAnalyzer, extract_json, select_findings_for_llm
@@ -9,13 +8,12 @@ def test_extract_json_plain():
 def test_extract_json_malformed():
     result = extract_json("some text {invalid")
-    assert "executive_summary" in result  # falls back to wrapping the text
+    assert "executive_summary" in result
 def test_select_findings_for_llm():
     findings = [{"severity": "CRITICAL"}] * 120 + [{"severity": "LOW"}] * 50
     selected = select_findings_for_llm(findings, max_items=100)
     assert len(selected) == 100
-    # All criticals should be included
     criticals = [f for f in selected if f["severity"] == "CRITICAL"]
     assert len(criticals) == 100

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/tests/test_api.py RENAMED Viewed

@@ -1,6 +1,5 @@
 import pytest
 from devsecops_radar.web.app import create_app
-import os
 @pytest.fixture
 def app():

{devsecops_radar-0.3.3 → devsecops_radar-0.3.5}/tests/test_scanners.py RENAMED Viewed

@@ -1,7 +1,6 @@
 import json
 import tempfile
 import os
-import pytest
 from devsecops_radar.scanners.trivy import TrivyScanner
 from devsecops_radar.scanners.semgrep import SemgrepScanner
 from devsecops_radar.scanners.poutine import PoutineScanner