github-guardian 1.0.3__tar.gz → 1.0.4__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {github_guardian-1.0.3 → github_guardian-1.0.4}/PKG-INFO +1 -1
- {github_guardian-1.0.3 → github_guardian-1.0.4}/core/scanner.py +11 -3
- {github_guardian-1.0.3 → github_guardian-1.0.4}/github_guardian.egg-info/PKG-INFO +1 -1
- {github_guardian-1.0.3 → github_guardian-1.0.4}/setup.py +1 -1
- {github_guardian-1.0.3 → github_guardian-1.0.4}/core/__init__.py +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/core/hook.py +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/core/remote.py +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/github_guardian.egg-info/SOURCES.txt +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/github_guardian.egg-info/dependency_links.txt +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/github_guardian.egg-info/entry_points.txt +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/github_guardian.egg-info/requires.txt +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/github_guardian.egg-info/top_level.txt +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/guardian.py +0 -0
- {github_guardian-1.0.3 → github_guardian-1.0.4}/setup.cfg +0 -0
|
@@ -43,7 +43,7 @@ def calculate_entropy(s: str) -> float:
|
|
|
43
43
|
return entropy
|
|
44
44
|
|
|
45
45
|
SAST_PATTERNS = {
|
|
46
|
-
"SQL Injection (Raw Query)": r"\.execute\(\"
|
|
46
|
+
"SQL Injection (Raw Query)": r"\.execute\(\s*['\"].*['\"]\s*%\s*",
|
|
47
47
|
"Insecure Rendering (XSS)": r"dangerouslySetInnerHTML",
|
|
48
48
|
"Hardcoded Auth/Secret": r"password\s*=\s*['\"][^'\"]+['\"]"
|
|
49
49
|
}
|
|
@@ -70,8 +70,16 @@ def run_local_scan(path: str, console, hook_mode: bool = False) -> bool:
|
|
|
70
70
|
if any(x in split_dirs for x in [".git", "node_modules", "venv", ".venv", "build_env", "dist", "build", "__pycache__"]):
|
|
71
71
|
continue
|
|
72
72
|
for file in files:
|
|
73
|
-
ext = os.path.splitext(file)[1]
|
|
74
|
-
if ext in [
|
|
73
|
+
ext = os.path.splitext(file)[1].lower()
|
|
74
|
+
if ext in [
|
|
75
|
+
".png", ".jpg", ".jpeg", ".gif", ".svg", ".ico",
|
|
76
|
+
".pdf", ".zip", ".gz", ".tar", ".pyc", ".exe",
|
|
77
|
+
".dll", ".so", ".dylib", ".woff", ".woff2", ".ttf", ".eot",
|
|
78
|
+
".tldr", ".drawio", ".map", ".mp3", ".mp4", ".mov", ".wav"
|
|
79
|
+
]:
|
|
80
|
+
continue
|
|
81
|
+
|
|
82
|
+
if file.lower() in ["package-lock.json", "yarn.lock", "pnpm-lock.yaml", "poetry.lock", "cargo.lock", "composer.lock"]:
|
|
75
83
|
continue
|
|
76
84
|
|
|
77
85
|
# Skip the scanner scripts themselves to prevent false positives!
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{github_guardian-1.0.3 → github_guardian-1.0.4}/github_guardian.egg-info/dependency_links.txt
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|