guarddog 2.4.0__py3-none-any.whl → 2.6.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (27) hide show
  1. guarddog/analyzer/analyzer.py +12 -2
  2. guarddog/analyzer/metadata/pypi/typosquatting.py +1 -1
  3. guarddog/analyzer/metadata/resources/top_pypi_packages.json +43984 -15984
  4. guarddog/analyzer/sourcecode/go-exec-base64.yml +40 -0
  5. guarddog/analyzer/sourcecode/go-exec-download.yml +85 -0
  6. guarddog/analyzer/sourcecode/go-exfiltrate-sensitive-data.yml +85 -0
  7. guarddog/analyzer/sourcecode/npm-obfuscation.yml +2 -1
  8. guarddog/analyzer/sourcecode/shady-links.yml +3 -1
  9. guarddog/cli.py +33 -107
  10. guarddog/reporters/__init__.py +28 -0
  11. guarddog/reporters/human_readable.py +138 -0
  12. guarddog/reporters/json.py +28 -0
  13. guarddog/reporters/reporter_factory.py +50 -0
  14. guarddog/reporters/sarif.py +179 -173
  15. guarddog/scanners/__init__.py +3 -0
  16. guarddog/scanners/github_action_project_scanner.py +140 -0
  17. guarddog/scanners/go_project_scanner.py +42 -5
  18. guarddog/scanners/npm_project_scanner.py +54 -10
  19. guarddog/scanners/pypi_project_scanner.py +60 -19
  20. guarddog/scanners/scanner.py +247 -165
  21. {guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/METADATA +3 -3
  22. {guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/RECORD +27 -20
  23. {guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/WHEEL +1 -1
  24. {guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/LICENSE +0 -0
  25. {guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/LICENSE-3rdparty.csv +0 -0
  26. {guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/NOTICE +0 -0
  27. {guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/entry_points.txt +0 -0
{guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.3
2
2
  Name: guarddog
3
- Version: 2.4.0
3
+ Version: 2.6.0
4
4
  Summary: GuardDog is a CLI tool to Identify malicious PyPI packages
5
5
  License: Apache-2.0
6
6
  Author: Ellen Wang
@@ -15,7 +15,7 @@ Requires-Dist: click (>=8.1.3,<9.0.0)
15
15
  Requires-Dist: click-option-group (>=0.5.5,<0.6.0)
16
16
  Requires-Dist: colorama (>=0.4.6,<0.5.0)
17
17
  Requires-Dist: configparser (>=5.3,<8.0)
18
- Requires-Dist: disposable-email-domains (>=0.0.103,<0.0.118)
18
+ Requires-Dist: disposable-email-domains (>=0.0.103,<0.0.121)
19
19
  Requires-Dist: prettytable (>=3.6.0,<4.0.0)
20
20
  Requires-Dist: pygit2 (>=1.11,<1.18)
21
21
  Requires-Dist: python-dateutil (>=2.8.2,<3.0.0)
@@ -24,7 +24,7 @@ Requires-Dist: pyyaml (>=6.0,<7.0)
24
24
  Requires-Dist: requests (>=2.29.0,<3.0.0)
25
25
  Requires-Dist: semantic-version (>=2.10.0,<3.0.0)
26
26
  Requires-Dist: semgrep (>=1.102.0,<2.0.0)
27
- Requires-Dist: setuptools (>=70.3,<76.0)
27
+ Requires-Dist: setuptools (>=70.3,<77.0)
28
28
  Requires-Dist: tarsafe (>=0.0.5,<0.0.6)
29
29
  Requires-Dist: termcolor (>=2.1.0,<3.0.0)
30
30
  Requires-Dist: urllib3 (==2.3.0)
{guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/RECORD RENAMED
@@ -1,7 +1,7 @@
1
1
  guarddog/__init__.py,sha256=reb53KZG9b1nFmsDxj2fropaOceOCyM9bVMUdmZ2wS8,227
2
2
  guarddog/__main__.py,sha256=GEdfW6I6g2c3H7bS0G43E4C-g7kXGUswzDCPFSwPgHY,246
3
3
  guarddog/analyzer/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
- guarddog/analyzer/analyzer.py,sha256=GADeg_zWJYGXYtCv8NJYxIl3QhP204CYFTeJX4QZK2U,14575
4
+ guarddog/analyzer/analyzer.py,sha256=9R6AlRulH87YuF-4Ed2Z6GZUYqxgb8QivXJy7hewM7E,15009
5
5
  guarddog/analyzer/metadata/__init__.py,sha256=xaN-DlSHgudKDjKkfpNFue8ANmq1QUmEoAvU_Bc2OUo,749
6
6
  guarddog/analyzer/metadata/bundled_binary.py,sha256=8i5ZPnyPyaLv6MG3KNMDVAElv5bDCOlnlsDt9SGUFsg,2596
7
7
  guarddog/analyzer/metadata/deceptive_author.py,sha256=nuFyQqKpOuBKAJxpgbcjwXt3FVLzdmOg2mioUZ1D2TI,2789
@@ -30,7 +30,7 @@ guarddog/analyzer/metadata/pypi/potentially_compromised_email_domain.py,sha256=3
30
30
  guarddog/analyzer/metadata/pypi/release_zero.py,sha256=GSHap4VSVF9_s3gD95kUD_5eZDHxrqQQoV5aFTgzrCw,716
31
31
  guarddog/analyzer/metadata/pypi/repository_integrity_mismatch.py,sha256=HNVEOj3cz43qHD47Chul05vpX_9uhfaPgjo6Q-fuCfA,11635
32
32
  guarddog/analyzer/metadata/pypi/single_python_file.py,sha256=CLAWaOJ_JNofGmtuCOT-37saryHeZzZAjfJQp31H6jU,1369
33
- guarddog/analyzer/metadata/pypi/typosquatting.py,sha256=Cn3r_2apz2rP2UGMggYNmtQlrDCq3ZDS_ix5TVj9FIk,4726
33
+ guarddog/analyzer/metadata/pypi/typosquatting.py,sha256=Lk0MoIfsMw557PrpUxLAynqNhWSjZDSVI7GJPdyvoG8,4718
34
34
  guarddog/analyzer/metadata/pypi/unclaimed_maintainer_email_domain.py,sha256=4u3s4Jq51arMznv-_0NwZst40x7jGtLJQIEd3Pp2U30,406
35
35
  guarddog/analyzer/metadata/pypi/utils.py,sha256=7ipsnFN1KHcFwU9u1GK8wqINKDCXJ1vQEpTwwZfJFp4,199
36
36
  guarddog/analyzer/metadata/release_zero.py,sha256=7cIdReF3TU3XJq6ALemK81tqaG3Cz1HNwwtH65Y9uPU,438
@@ -38,7 +38,7 @@ guarddog/analyzer/metadata/repository_integrity_mismatch.py,sha256=riAvZYSV64sYN
38
38
  guarddog/analyzer/metadata/resources/placeholder_email_domains.txt,sha256=o3mm9u6vuaVeN4wRgDTidR5oL6ufLTCrE9ISVYbOGUc,11
39
39
  guarddog/analyzer/metadata/resources/top_go_packages.json,sha256=HHOTcuWTGqlpXDOUgF7ejgmr8sGF_T5l7NQYdXmHcKQ,104044
40
40
  guarddog/analyzer/metadata/resources/top_npm_packages.json,sha256=eeqVkFNW8ltYcGbjAJBzZrdxBEKezxa6AVVYoEpFazs,192960
41
- guarddog/analyzer/metadata/resources/top_pypi_packages.json,sha256=DWSWEOEsZs6RivYE2crI8F3l0bXtVWiHkgZHp1YXBNI,786975
41
+ guarddog/analyzer/metadata/resources/top_pypi_packages.json,sha256=7tN8yUTqbpq3HvNePK9IKrTIEeYblTMHXhUzyOdVN-w,1479906
42
42
  guarddog/analyzer/metadata/typosquatting.py,sha256=EMtHwKWWEYUs7ikyaPNtXH0FGPNDPDc2IFMZSDiv3Mg,4560
43
43
  guarddog/analyzer/metadata/unclaimed_maintainer_email_domain.py,sha256=qy8AZqbVxD1U3Q--h0FYV7lKPFNlhSzfZK0GwjvQxdQ,2343
44
44
  guarddog/analyzer/metadata/utils.py,sha256=bOrkELPza4ScUx1DfQxlqU-9DQeA5weISF42c0QCtls,1768
@@ -50,40 +50,47 @@ guarddog/analyzer/sourcecode/dll-hijacking.yml,sha256=SH1lJ_-EoPfZKrsut9smnEmKPO
50
50
  guarddog/analyzer/sourcecode/download-executable.yml,sha256=VuSNkpVh3DxHG7wfep3eAErGsOY9EL_268sNULYbfW4,3361
51
51
  guarddog/analyzer/sourcecode/exec-base64.yml,sha256=Wg1jI_ff9I58Xq8gt8wXOQMrwHcPnzkAPyAURxnKHgw,2371
52
52
  guarddog/analyzer/sourcecode/exfiltrate-sensitive-data.yml,sha256=hUxQEsJ4qF_25oMF8pdzAFOzq59m6k28WKz280uyaMg,2264
53
+ guarddog/analyzer/sourcecode/go-exec-base64.yml,sha256=Y5TUfLrmU1e5FTYW2zRKwn8yluBARHSXPr6Mr5vMVOY,1554
54
+ guarddog/analyzer/sourcecode/go-exec-download.yml,sha256=ZaZOvn3Xojsd2m8MQGLW1H7p28bPdpEbmDd37q2ZiX4,2931
55
+ guarddog/analyzer/sourcecode/go-exfiltrate-sensitive-data.yml,sha256=sb5GI-523zgE1nxNCrnRVjBSeOp7IfPy7qTQPBJMkco,3697
53
56
  guarddog/analyzer/sourcecode/npm-dll-hijacking.yml,sha256=1TvI6UtCGCOMy4Ii-kM_oICYbMRGeOYdgXrG7-zmJ_Y,3460
54
57
  guarddog/analyzer/sourcecode/npm-exec-base64.yml,sha256=zc5w2FTlHoZ7ot1flzlmYBkQu1I8eG1E63S5Aki7Goc,814
55
58
  guarddog/analyzer/sourcecode/npm-exfiltrate-sensitive-data.yml,sha256=UYWXdkAab-dg_6UwVjiauHmy-9nlKiF86qcyxAwUoXg,3488
56
59
  guarddog/analyzer/sourcecode/npm-install-script.yml,sha256=6BLe_V0SGEi1C79Y-FEIcMYHl4vLOOz8bLPrCU5jre8,1329
57
- guarddog/analyzer/sourcecode/npm-obfuscation.yml,sha256=27lTt_Dy0G_ogD6woktg1t__R77vpOa-_8LJPQ1XU1k,2151
60
+ guarddog/analyzer/sourcecode/npm-obfuscation.yml,sha256=UxR5ezKr9sFcXEh2JKa20IYqq25J0JDfje82O3jUYMg,2174
58
61
  guarddog/analyzer/sourcecode/npm-serialize-environment.yml,sha256=gFpr58INp44ZwxYZlIHyzpOgbVMDLv1ZRPTGAczX5dw,835
59
62
  guarddog/analyzer/sourcecode/npm-silent-process-execution.yml,sha256=qnJHGesNPNpxGa8n2kQMpttLGck-6vZjI_SsweDyk7M,3513
60
63
  guarddog/analyzer/sourcecode/npm-steganography.yml,sha256=XH0udcriAQq_6WOHAG4TpIedw8GgKyWx9gsG_Q_Fki8,915
61
64
  guarddog/analyzer/sourcecode/obfuscation.yml,sha256=dp0BeCYShcTS8QiijSa9U53r6jkCjrFBW5jjNVoXdUU,1224
62
- guarddog/analyzer/sourcecode/shady-links.yml,sha256=nbq1WLZGVGpriHcPcpBOo39vfYtFU3fU6w3glG2NeQk,3083
65
+ guarddog/analyzer/sourcecode/shady-links.yml,sha256=uDYVWDh0u20oy2zbXTJns64lvrQzLi95CLWgnftvX6Y,3222
63
66
  guarddog/analyzer/sourcecode/silent-process-execution.yml,sha256=b6RjenMv7si7lXGak3uMmD7PMtQRuKPeJFggPW6UDNI,418
64
67
  guarddog/analyzer/sourcecode/steganography.yml,sha256=3ceO6SJhu4XpZEjfwelLdOxeZ4Ho1OgUjbcacwtOhR0,606
65
- guarddog/cli.py,sha256=TJT2yxoUokhoDm7P_FF-x0B9zbtxgDou5BFbu4vSWm4,13168
68
+ guarddog/cli.py,sha256=Pk4WUD5a_TlPRpq2G4v_6FDGWu8IriXQPQ_ft8RXm5o,10692
66
69
  guarddog/ecosystems.py,sha256=1-emct9cGLU3V0drEdNmGFEmxMEmJHEQOuyOiuuoCGA,489
67
- guarddog/reporters/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
68
- guarddog/reporters/sarif.py,sha256=92HjvASZFyv5otB1qbsUqj6423tNgZbmSQS4qApffAw,5820
69
- guarddog/scanners/__init__.py,sha256=rWKVvLADz9G0nraNwiJIiSuLFb9p8u_V4qAl7HVt3jw,1762
70
+ guarddog/reporters/__init__.py,sha256=lHNa5ZDsaIpjzS7SmheD5_GGAimGitXU-DNk-Wn97bI,749
71
+ guarddog/reporters/human_readable.py,sha256=WEyjOPdBE8adxC-tdFgwxcyDijsppLk4gIiZOUO69O0,4548
72
+ guarddog/reporters/json.py,sha256=gpbucxGoXBA6s7fNRzhQwZ4P6gWyz7BowsmQrnm4x6U,802
73
+ guarddog/reporters/reporter_factory.py,sha256=JUagC2UFkN2TZGpZIkI1MwMHEbwT9Ja1goQP95-k9SM,1465
74
+ guarddog/reporters/sarif.py,sha256=diOHJcN3CkSBxBDDg6l9DiZ3ebtUNCw0Rwd7QxCpM9k,7691
75
+ guarddog/scanners/__init__.py,sha256=KNZcGjKNPOs60qpOE8Hr_HsiaRIpJLNzA8qbyvebRIk,1924
76
+ guarddog/scanners/github_action_project_scanner.py,sha256=ISoBqUurwN0lMBtXwcNoalo3ghlbOJkZs9vSNZOT0kk,4216
70
77
  guarddog/scanners/github_action_scanner.py,sha256=GxhUSetLvT8YxKUIZue9MWOE_IVugM2MdiluOy4f068,1745
71
78
  guarddog/scanners/go_package_scanner.py,sha256=OdCbwtjJow9AxEv34z7WBfgTamqKj5DxJh7dly_1NuY,2926
72
- guarddog/scanners/go_project_scanner.py,sha256=3D5dYSA7FVqc7IIM7uAHlCJZalshP_WhagWmOcYirog,2123
79
+ guarddog/scanners/go_project_scanner.py,sha256=LqhoD1iShdlTO_hkmN2jckeTWARPOfCTkkizmRC6mbM,3348
73
80
  guarddog/scanners/npm_package_scanner.py,sha256=qBU0tCbW2pTL3cy5Y4JVAJyAGdvb-HY69qSQmjWbPxU,1968
74
- guarddog/scanners/npm_project_scanner.py,sha256=L_gqinZit6KHE0dJTRnuJ49U4E3izNf4UBVGkHkiPjw,3585
81
+ guarddog/scanners/npm_project_scanner.py,sha256=liz5Fyscab53IiSPg0T21Z0vT5eotcHPc_W5Xam4A88,4957
75
82
  guarddog/scanners/pypi_package_scanner.py,sha256=Tg7M837vhNZim3Jy9OMJSQY2C_m9C75UDy0S_5WKT6M,2375
76
- guarddog/scanners/pypi_project_scanner.py,sha256=Twbu__Xe1TAX19VQxOXyDGqCsrzVUyrg5bXtJGyOO3I,5031
77
- guarddog/scanners/scanner.py,sha256=9k5Z7enm0J80h_q5Zd5fLoB6le6QVJwBBEZ-wL1QRB0,10884
83
+ guarddog/scanners/pypi_project_scanner.py,sha256=hKA0LkokPQ9W-y96TS1rSdi5ergIMcuBuorRbCqEBQg,6522
84
+ guarddog/scanners/scanner.py,sha256=RQ00CUg7i5nM6t9LZSXeQrRA9cdWy1ou0QW-VuO55zk,13694
78
85
  guarddog/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
79
86
  guarddog/utils/archives.py,sha256=jOXAhxZx-mTtpDidGGKxQg052CvaQOAVklvOeUn9HTQ,2593
80
87
  guarddog/utils/config.py,sha256=Msz7altsmNKry0vBPtL2BJ_VdBXsBFZX5ksLvXc2ix4,1403
81
88
  guarddog/utils/exceptions.py,sha256=23Kzl3exqYK6X-bcGUeb8wPmSglWNX3GIDPkJ6lQzo4,54
82
89
  guarddog/utils/package_info.py,sha256=TFjE1xsGNf60SuHlIeDV2pzMUbogl5TKJdSzswat6jI,953
83
- guarddog-2.4.0.dist-info/LICENSE,sha256=w1aNZxHyoyOPJ4fSdiyrr06tCJZbTjCsH9K1uqeDVyU,11377
84
- guarddog-2.4.0.dist-info/LICENSE-3rdparty.csv,sha256=cS61ONZL_xlXaTMvQXyBEi3J3es-40Gg6G-6idoa5Qk,314
85
- guarddog-2.4.0.dist-info/METADATA,sha256=WsXluo_bRC7j4N5BJMceuhQkvhdURMZMz7T3xY9e8fY,1432
86
- guarddog-2.4.0.dist-info/NOTICE,sha256=nlyNt2IjG8IBoQkb7n6jszwAvmREpKAx0POzFO1s2JM,140
87
- guarddog-2.4.0.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
88
- guarddog-2.4.0.dist-info/entry_points.txt,sha256=vX2fvhnNdkbEL4pDzrH2NqjWVxeOaEYi0sJYmNgS2-s,45
89
- guarddog-2.4.0.dist-info/RECORD,,
90
+ guarddog-2.6.0.dist-info/LICENSE,sha256=w1aNZxHyoyOPJ4fSdiyrr06tCJZbTjCsH9K1uqeDVyU,11377
91
+ guarddog-2.6.0.dist-info/LICENSE-3rdparty.csv,sha256=cS61ONZL_xlXaTMvQXyBEi3J3es-40Gg6G-6idoa5Qk,314
92
+ guarddog-2.6.0.dist-info/METADATA,sha256=RkFhL1I97xJuzxpLsEMDwyHroPphmmG6AfSPRznXgiU,1432
93
+ guarddog-2.6.0.dist-info/NOTICE,sha256=nlyNt2IjG8IBoQkb7n6jszwAvmREpKAx0POzFO1s2JM,140
94
+ guarddog-2.6.0.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
95
+ guarddog-2.6.0.dist-info/entry_points.txt,sha256=vX2fvhnNdkbEL4pDzrH2NqjWVxeOaEYi0sJYmNgS2-s,45
96
+ guarddog-2.6.0.dist-info/RECORD,,
{guarddog-2.4.0.dist-info → guarddog-2.6.0.dist-info}/WHEEL RENAMED
@@ -1,4 +1,4 @@
1
1
  Wheel-Version: 1.0
2
- Generator: poetry-core 2.0.1
2
+ Generator: poetry-core 2.1.3
3
3
  Root-Is-Purelib: true
4
4
  Tag: py3-none-any