guarddog 2.8.4__py3-none-any.whl → 2.9.0__py3-none-any.whl

guarddog/analyzer/metadata/rubygems/typosquatting.py

@@ -1,13 +1,7 @@
-import json
 import logging
-import os
-from datetime import datetime, timedelta
 from typing import Optional
 
-import requests
-
 from guarddog.analyzer.metadata.typosquatting import TyposquatDetector
-from guarddog.utils.config import TOP_PACKAGES_CACHE_LOCATION
 
 log = logging.getLogger("guarddog")
 
@@ -23,60 +17,17 @@ class RubyGemsTyposquatDetector(TyposquatDetector):
     """
 
     def _get_top_packages(self) -> set:
-        popular_packages_url = (
-            "https://packages.ecosyste.ms/api/v1/registries/rubygems.org/"
-            "package_names?critical=true&per_page=1000"
+        """
+        Gets the top 1000 critical RubyGems packages.
+        Uses the base class implementation with RubyGems-specific parameters.
+        """
+        url = "https://packages.ecosyste.ms/api/v1/registries/rubygems.org/package_names?critical=true&per_page=1000"
+        return self._get_top_packages_with_refresh(
+            packages_filename="top_rubygems_packages.json",
+            popular_packages_url=url,
+            refresh_days=30,
         )
 
-        top_packages_filename = "top_rubygems_packages.json"
-        resources_dir = TOP_PACKAGES_CACHE_LOCATION
-        if resources_dir is None:
-            resources_dir = os.path.abspath(
-                os.path.join(os.path.dirname(__file__), "..", "resources")
-            )
-
-        top_packages_path = os.path.join(resources_dir, top_packages_filename)
-        top_packages_information = self._get_top_packages_local(top_packages_path)
-
-        if self._file_is_expired(top_packages_path, days=30):
-            new_information = self._get_top_packages_network(popular_packages_url)
-            if new_information is not None:
-                top_packages_information = new_information
-
-                with open(top_packages_path, "w+") as f:
-                    json.dump(new_information, f, ensure_ascii=False, indent=4)
-
-        if top_packages_information is None:
-            return set()
-        return set(top_packages_information)
-
-    def _file_is_expired(self, path: str, days: int) -> bool:
-        try:
-            update_time = datetime.fromtimestamp(os.path.getmtime(path))
-            return datetime.now() - update_time > timedelta(days=days)
-        except FileNotFoundError:
-            return True
-
-    def _get_top_packages_local(self, path: str) -> list | None:
-        try:
-            with open(path, "r") as f:
-                return json.load(f)
-        except FileNotFoundError:
-            log.debug(f"File not found: {path}")
-            return None
-
-    def _get_top_packages_network(self, url: str) -> list | None:
-        try:
-            response = requests.get(url)
-            response.raise_for_status()
-            return response.json()
-        except json.JSONDecodeError:
-            log.error(f'Could not parse JSON from: "{response.text}"')
-            return None
-        except requests.exceptions.RequestException as e:
-            log.error(f"Network error: {e}")
-            return None
-
     def detect(
         self,
         package_info,

guarddog/analyzer/metadata/typosquatting.py

@@ -1,7 +1,18 @@
 import abc
+import json
+import logging
+import os
+import time
+from datetime import datetime, timedelta
 from itertools import permutations
+from typing import Optional
+
+import requests
 
 from guarddog.analyzer.metadata.detector import Detector
+from guarddog.utils.config import TOP_PACKAGES_CACHE_LOCATION
+
+log = logging.getLogger("guarddog")
 
 
 class TyposquatDetector(Detector):
@@ -19,8 +30,215 @@ class TyposquatDetector(Detector):
 
     @abc.abstractmethod
     def _get_top_packages(self) -> set:
+        """
+        Subclasses should implement this to return a set of top package names.
+
+        For simple implementations without network refresh, override this directly.
+        For implementations with network refresh, use _get_top_packages_with_refresh().
+        """
         pass
 
+    def _get_top_packages_with_refresh(
+        self,
+        packages_filename: str,
+        popular_packages_url: Optional[str] = None,
+        refresh_days: int = 30,
+    ) -> set:
+        """
+        Common implementation for getting top packages with optional network refresh.
+
+        Args:
+            packages_filename: Name of the JSON file (e.g., "top_pypi_packages.json")
+            popular_packages_url: URL to fetch fresh package data. If None, refresh is disabled.
+            refresh_days: Number of days before file is considered expired
+
+        Returns:
+            set: Set of package names
+        """
+        resources_dir = TOP_PACKAGES_CACHE_LOCATION
+        if resources_dir is None:
+            resources_dir = os.path.abspath(
+                os.path.join(os.path.dirname(__file__), "resources")
+            )
+
+        top_packages_path = os.path.join(resources_dir, packages_filename)
+        log.debug(f"Loading cache from: {top_packages_path}")
+
+        cache_data = self._load_cache_file(top_packages_path)
+
+        if cache_data:
+            log.debug(f"Cache loaded successfully with keys: {list(cache_data.keys())}")
+        else:
+            log.debug("Cache is empty or invalid")
+
+        top_packages_information = cache_data.get("packages") if cache_data else None
+
+        # Enable refresh if URL is provided
+        enable_refresh = popular_packages_url is not None
+        is_expired = self._cache_is_expired(cache_data, days=refresh_days)
+        log.debug(
+            f"Cache expired check: {is_expired} (refresh enabled: {enable_refresh})"
+        )
+
+        if enable_refresh and is_expired and popular_packages_url is not None:
+            log.info(
+                f"Cache is expired, attempting to refresh from: {popular_packages_url}"
+            )
+            new_response_data = self._get_top_packages_network_raw(popular_packages_url)
+            if new_response_data is not None:
+                log.debug("Downloaded new data, extracting package names")
+                top_packages_information = self._extract_package_names(
+                    new_response_data
+                )
+
+                # Save with new standardized format
+                cache_data = {
+                    "downloaded_timestamp": int(time.time()),
+                    "packages": top_packages_information,
+                }
+
+                if top_packages_information is not None:
+                    log.info(
+                        f"Saving refreshed cache with {len(top_packages_information)} packages to {top_packages_path}"
+                    )
+                with open(top_packages_path, "w+") as f:
+                    json.dump(cache_data, f, ensure_ascii=False, indent=4)
+            else:
+                log.warning(
+                    f"Failed to download new cache data from {popular_packages_url}"
+                )
+
+        if top_packages_information is None:
+            return set()
+
+        return set(top_packages_information)
+
+    def _cache_is_expired(self, cache_data: dict | None, days: int) -> bool:
+        """
+        Check if cache data is expired based on downloaded_timestamp.
+
+        Args:
+            cache_data: Cache dictionary with 'downloaded_timestamp' key
+            days: Number of days before cache is considered expired
+
+        Returns:
+            bool: True if expired or timestamp missing, False otherwise
+        """
+        if cache_data is None:
+            log.debug("Cache is expired: cache_data is None")
+            return True
+
+        timestamp = cache_data.get("downloaded_timestamp")
+        if timestamp is None:
+            # Missing timestamp, consider expired
+            log.debug("Cache is expired: missing 'downloaded_timestamp' field")
+            return True
+
+        try:
+            download_time = datetime.fromtimestamp(timestamp)
+            age = datetime.now() - download_time
+            is_expired = age > timedelta(days=days)
+            log.debug(
+                f"Cache age: {age.days} days, threshold: {days} days, expired: {is_expired}"
+            )
+            return is_expired
+        except (ValueError, OSError) as e:
+            # Invalid timestamp
+            log.debug(f"Cache is expired: invalid timestamp {timestamp} - {e}")
+            return True
+
+    def _load_cache_file(self, path: str) -> dict | None:
+        """
+        Load cache data from local JSON file.
+
+        Expected format: {"downloaded_timestamp": epoch, "packages": [...]}
+
+        If the file doesn't match this format, it will be considered invalid
+        and trigger a refresh to download data in the correct format.
+
+        Args:
+            path: Path to the JSON file
+
+        Returns:
+            dict: Cache data with 'packages' and 'downloaded_timestamp', or None if invalid
+        """
+        try:
+            with open(path, "r") as f:
+                result = json.load(f)
+
+                # Validate new format structure
+                if (
+                    isinstance(result, dict)
+                    and "packages" in result
+                    and "downloaded_timestamp" in result
+                ):
+                    # Validate that packages is a list
+                    if isinstance(result["packages"], list):
+                        return result
+                    else:
+                        log.warning(
+                            f"Invalid cache format in {path}: 'packages' must be a list. Will trigger refresh."
+                        )
+                        return None
+
+                # File doesn't have the correct format - invalidate it
+                log.info(
+                    f"Cache file {path} has old or invalid format. Will trigger refresh to new format."
+                )
+                return None
+
+        except FileNotFoundError:
+            log.debug(f"Cache file not found: {path}")
+            return None
+        except json.JSONDecodeError:
+            log.error(f"Invalid JSON in file: {path}")
+            return None
+
+    def _get_top_packages_network_raw(self, url: str) -> dict | list | None:
+        """
+        Fetch the complete response data from the network.
+        Returns the full JSON structure to preserve format when saving.
+
+        Args:
+            url: URL to fetch package data from
+
+        Returns:
+            dict | list: Full response data or None on error
+        """
+        try:
+            response = requests.get(url)
+            response.raise_for_status()
+            return response.json()
+        except json.JSONDecodeError:
+            log.error(f'Couldn\'t convert to json: "{response.text}"')
+            return None
+        except requests.exceptions.RequestException as e:
+            log.error(f"Network error: {e}")
+            return None
+
+    def _extract_package_names(self, data: dict | list | None) -> list | None:
+        """
+        Extract package names from the raw data structure.
+
+        Override this method in subclasses if the data format is specific to the ecosystem.
+        Default implementation assumes data is already a list of package names.
+
+        Args:
+            data: Raw data from JSON file or network response
+
+        Returns:
+            list: List of package names or None
+        """
+        if data is None:
+            return None
+
+        # Default: assume data is already a list
+        if isinstance(data, list):
+            return data
+
+        # If it's a dict, subclasses should override this method
+        return None
+
     def _is_distance_one_Levenshtein(self, name1, name2) -> bool:
         """
         Returns True if two names have a Levenshtein distance of one

guarddog/analyzer/sourcecode/screenshot.yml

@@ -0,0 +1,38 @@
+rules:
+  - id: screenshot
+    languages:
+      - python
+    message: This package is taking screenshots, which can be used to steal sensitive information displayed on screen
+    metadata:
+      description: Identify when a package captures screenshots of the user's display
+    patterns:
+      - pattern-either:
+          # PIL ImageGrab
+          - pattern: ImageGrab.grab(...)
+          - pattern: PIL.ImageGrab.grab(...)
+
+          # pyscreenshot library
+          - pattern: pyscreenshot.grab(...)
+
+          # pyautogui library
+          - pattern: pyautogui.screenshot(...)
+
+          # mss library - various patterns
+          - pattern: mss.mss().grab(...)
+          - pattern: |
+              with mss.mss() as $SCT:
+                  ...
+                  $SCT.grab(...)
+          - pattern: |
+              $SCT = mss.mss()
+              ...
+              $SCT.grab(...)
+          - pattern: $MSS.grab(...)
+
+          # D3DShot (Windows DirectX screenshots)
+          - pattern: d3dshot.create(...).screenshot(...)
+          - pattern: |
+              $D3D = d3dshot.create(...)
+              ...
+              $D3D.screenshot(...)
+    severity: WARNING

guarddog/scanners/npm_project_scanner.py

@@ -5,7 +5,7 @@ import re
 from typing import List
 
 import requests
-from semantic_version import NpmSpec, Version  # type:ignore
+from semantic_version import NpmSpec, Version  # type: ignore
 
 from guarddog.scanners.npm_package_scanner import NPMPackageScanner
 from guarddog.scanners.scanner import Dependency, DependencyVersion, ProjectScanner

guarddog/scanners/scanner.py

@@ -252,11 +252,9 @@ class ProjectScanner:
         user = os.getenv("GIT_USERNAME")
         personal_access_token = os.getenv("GH_TOKEN")
         if not user or not personal_access_token:
-            log.error(
-                """WARNING: Please set GIT_USERNAME (Github handle) and GH_TOKEN
+            log.error("""WARNING: Please set GIT_USERNAME (Github handle) and GH_TOKEN
                 (generate a personal access token in Github settings > developer)
-                as environment variables before proceeding."""
-            )
+                as environment variables before proceeding.""")
             exit(1)
         return (user, personal_access_token)
 

guarddog/utils/archives.py

@@ -4,7 +4,7 @@ import pathlib
 import stat
 import zipfile
 
-import tarsafe  # type:ignore
+import tarsafe  # type: ignore
 
 from guarddog.utils.config import (
     MAX_UNCOMPRESSED_SIZE,

{guarddog-2.8.4.dist-info → guarddog-2.9.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: guarddog
-Version: 2.8.4
+Version: 2.9.0
 Summary: GuardDog is a CLI tool for identifying malicious open source packages
 License: Apache-2.0
 License-File: LICENSE
@@ -17,7 +17,7 @@ Classifier: Programming Language :: Python :: 3.13
 Classifier: Programming Language :: Python :: 3.14
 Requires-Dist: click (>=8.1.3,<9.0.0)
 Requires-Dist: configparser (>=5.3,<8.0)
-Requires-Dist: disposable-email-domains (>=0.0.103,<0.0.121)
+Requires-Dist: disposable-email-domains (>=0.0.103,<0.0.160)
 Requires-Dist: prettytable (>=3.6.0,<4.0.0)
 Requires-Dist: pygit2 (>=1.11,<1.19)
 Requires-Dist: python-dateutil (>=2.8.2,<3.0.0)
@@ -27,7 +27,7 @@ Requires-Dist: requests (>=2.29.0,<3.0.0)
 Requires-Dist: semantic-version (>=2.10.0,<3.0.0)
 Requires-Dist: semgrep (>=1.147.0,<2.0.0)
 Requires-Dist: tarsafe (>=0.0.5,<0.0.6)
-Requires-Dist: termcolor (>=2.1.0,<3.0.0)
+Requires-Dist: termcolor (>=3.3.0,<4.0.0)
 Requires-Dist: urllib3 (>=2.5.0,<3.0.0)
 Requires-Dist: yara-python (>=4.5.1,<5.0.0)
 Project-URL: Repository, https://github.com/DataDog/guarddog

{guarddog-2.8.4.dist-info → guarddog-2.9.0.dist-info}/RECORD

@@ -9,16 +9,16 @@ guarddog/analyzer/metadata/detector.py,sha256=dFhmoPVtxoed-Lz3Bd8GXZhorOVajvo5sI
 guarddog/analyzer/metadata/empty_information.py,sha256=qswYDOrL3MxJ4VYq893Eiev5y56fgXrk5-CTKVXbkeA,1199
 guarddog/analyzer/metadata/github_action/__init__.py,sha256=hOtiXKW-v5slzYW2M3k35M_YFfuLm8CNv5MwNSdFYMM,311
 guarddog/analyzer/metadata/go/__init__.py,sha256=apwPnP9D4WEqgtR4RY0YIuFN7oNJXxJE_vYlp0ffRvQ,391
-guarddog/analyzer/metadata/go/typosquatting.py,sha256=ZouptuX7a015XGjvYP6TFYgsOfYOxEm9jxYHKoCqwA4,4208
+guarddog/analyzer/metadata/go/typosquatting.py,sha256=PP_xsgJOnZMfbA7DhCDh5jX0VQxoI-cJmkLn_dAsB_M,3623
 guarddog/analyzer/metadata/npm/__init__.py,sha256=j1Ng74bb1yD9XHFoYmJPzWL7vYMmLt6c2Lbc8lCqnUI,1326
 guarddog/analyzer/metadata/npm/bundled_binary.py,sha256=vxJLhaTS7wymbktvmfJsF3whz3DWisjdD4wqHlNXvhg,392
 guarddog/analyzer/metadata/npm/deceptive_author.py,sha256=RIBCWK3NjZiTf7tiz2V0ECy2Zr6Uwb69RQwIcWku380,366
-guarddog/analyzer/metadata/npm/direct_url_dependency.py,sha256=hjjTLIT0UVudSf9A9Hory2OAqUkdxoXfKGXDgMtnNso,2449
+guarddog/analyzer/metadata/npm/direct_url_dependency.py,sha256=XdUhrrWiuunybagRVBSlkgCpi5ey2jAmAZAYTjfY_HM,2448
 guarddog/analyzer/metadata/npm/empty_information.py,sha256=Vpjr5Xe8JB4RIPzM0-BNmiqYiuY42LUbml7Yjig7Rcs,791
 guarddog/analyzer/metadata/npm/npm_metadata_mismatch.py,sha256=Fj9MT7XlO2iXis4Da-_0CmM0weQiv8bVzKUoSm8ntYU,4428
 guarddog/analyzer/metadata/npm/potentially_compromised_email_domain.py,sha256=Sm7fBfzayrbYXOpU5XzeCGKNfcX40hMOCSjKjhKwz-g,1719
 guarddog/analyzer/metadata/npm/release_zero.py,sha256=FNHYfxl52i0V3HydccspcfF82T5L9d3ZyE-_J-UVoS0,633
-guarddog/analyzer/metadata/npm/typosquatting.py,sha256=0vazzHPJOhjoxlv1O3-qVH-yQKLKefkXlK90D4JoPCQ,4143
+guarddog/analyzer/metadata/npm/typosquatting.py,sha256=lR5Ym4XWGgnr1wOj7bxrawSVSN7-tnO8luz_oPo-kjU,2959
 guarddog/analyzer/metadata/npm/unclaimed_maintainer_email_domain.py,sha256=B8olfxXiaSM8c47dyftIgxmMVuwg4s7dMuVxrMS0GNE,953
 guarddog/analyzer/metadata/npm/utils.py,sha256=QirjkoXhDcrGfoteh-V717TGq1xpXmvuC9dEp_5bt2s,454
 guarddog/analyzer/metadata/potentially_compromised_email_domain.py,sha256=p2KCIByv4dBNM8h_1xPJgAOL197LLDvSLalZQpsvadg,2960
@@ -30,23 +30,23 @@ guarddog/analyzer/metadata/pypi/potentially_compromised_email_domain.py,sha256=8
 guarddog/analyzer/metadata/pypi/release_zero.py,sha256=UNUAFeB34B88N0LRe-tnmoZ3Y4x4AVZbe7m0i9Q3W7U,789
 guarddog/analyzer/metadata/pypi/repository_integrity_mismatch.py,sha256=yW7TPpA-g5XNAhiDtijYiBFhOo6ilBLseuJdwvIMRHI,7670
 guarddog/analyzer/metadata/pypi/single_python_file.py,sha256=L-YlmlP1TYA9XBeTHBPfECWgVIPTenUWRRnqwCMyh-o,1402
-guarddog/analyzer/metadata/pypi/typosquatting.py,sha256=Bzx_vjIiuugeRdyR-ABg7S-6J7Udm7stM8CUU8WUafg,6042
+guarddog/analyzer/metadata/pypi/typosquatting.py,sha256=6BBkyqoq8Li9qg5eqI2mkpX1Ie0G86KCRfs7O9W2j9c,4146
 guarddog/analyzer/metadata/pypi/unclaimed_maintainer_email_domain.py,sha256=zfT0qTyN83O-7Yevc6tYIjmCAgh8Y_dhE6oZlKdNmm0,421
 guarddog/analyzer/metadata/pypi/utils.py,sha256=UtG2JVep8bSOMz5LkrhXqS5Oy7Na19nHVct4IQMsQik,177
 guarddog/analyzer/metadata/release_zero.py,sha256=F0I8coYivya7zns0XI1xNY4LLtTDQXoBUmze1wjwW4g,439
 guarddog/analyzer/metadata/repository_integrity_mismatch.py,sha256=R77YB2ANTALGfS8jbe7KhLJ3a3U_uPQV6VqgzFELEwM,7586
 guarddog/analyzer/metadata/resources/placeholder_email_domains.txt,sha256=o3mm9u6vuaVeN4wRgDTidR5oL6ufLTCrE9ISVYbOGUc,11
-guarddog/analyzer/metadata/resources/top_go_packages.json,sha256=HHOTcuWTGqlpXDOUgF7ejgmr8sGF_T5l7NQYdXmHcKQ,104044
-guarddog/analyzer/metadata/resources/top_npm_packages.json,sha256=eeqVkFNW8ltYcGbjAJBzZrdxBEKezxa6AVVYoEpFazs,192960
-guarddog/analyzer/metadata/resources/top_pypi_packages.json,sha256=hDQZUuG6BS4h7yNTAQ191l8_N6jaqezO9n2vdsZPKhA,1474298
-guarddog/analyzer/metadata/resources/top_rubygems_packages.json,sha256=75GrX0mB_nnH-0reUQYdOvTsduELrb63yX6xvHwoSmM,20152
+guarddog/analyzer/metadata/resources/top_go_packages.json,sha256=rgdm_Pg6rC9JRBcK0ttoglJm7P1cm6BVnEAHP4dinnU,121633
+guarddog/analyzer/metadata/resources/top_npm_packages.json,sha256=zrr4f1Q8daIXYTHqBibDIsf-bW9qIC7zEeoHNxB8xaA,225024
+guarddog/analyzer/metadata/resources/top_pypi_packages.json,sha256=grxSRmS13DlOWGidgqvxx4jK0ryerxdWRLVfo-Jxrj4,385775
+guarddog/analyzer/metadata/resources/top_rubygems_packages.json,sha256=Xhm5gu6KnB0ebFS4s3EFf59F7N02TD9ftwZAHIon82c,24112
 guarddog/analyzer/metadata/rubygems/__init__.py,sha256=DHLvlpbRdynWCIHG2caDEa3f7q0I8WsfbmrlTe-fmwM,947
 guarddog/analyzer/metadata/rubygems/bundled_binary.py,sha256=eOeZXDAoDuwhUfB9W5CesnMWyVpR6BePPzNkGRKZqkc,397
 guarddog/analyzer/metadata/rubygems/empty_information.py,sha256=8Dxa0Y8tbcv7lV3d3LUj_QO97lpUq2kTTY2JhQE2kw8,700
 guarddog/analyzer/metadata/rubygems/release_zero.py,sha256=7rk1vxp6OxJkBTOD9kOYEEPLE7YgbApFbOVhjECnIgw,671
 guarddog/analyzer/metadata/rubygems/repository_integrity_mismatch.py,sha256=pFNMdT0VpiHL6kEkj_2eOH0BwLCbQT2XLqyWJY67tr4,1582
-guarddog/analyzer/metadata/rubygems/typosquatting.py,sha256=k9xu8mdAiyNFEGmWFgSql-E-fjch6rS6CXSObQ3G4-c,4745
-guarddog/analyzer/metadata/typosquatting.py,sha256=6xmqsB0oKwrsXfTJ9DE1z8-nUW8ukgk1ZSS32iJmapk,4587
+guarddog/analyzer/metadata/rubygems/typosquatting.py,sha256=Y-jrIQEQYkvKMxsXeHJI6gNI5NQjU5DP_21NGPcqqME,2950
+guarddog/analyzer/metadata/typosquatting.py,sha256=_xtseQA8B_g5Et2FiPpM1t2BZ52fACnfNCiCSiGIuEU,12580
 guarddog/analyzer/metadata/unclaimed_maintainer_email_domain.py,sha256=e-K9mSdph3y33fP_W7LNOlC7AnUVk28a1VfQJtG9vxo,2375
 guarddog/analyzer/metadata/utils.py,sha256=lMzwC41_-XuUa4d6E5AMyX8XZgXqrQD_gmpQCHrIzXI,2458
 guarddog/analyzer/sourcecode/__init__.py,sha256=_xt-xn2lfpu-iQhe853eTbbTSN8ULxTutyYiBQ97NtM,4723
@@ -77,6 +77,7 @@ guarddog/analyzer/sourcecode/rubygems-exfiltrate-sensitive-data.yml,sha256=Tup4P
 guarddog/analyzer/sourcecode/rubygems-install-hook.yml,sha256=sjv3YXeERrZDaTu0pS28rl_B8z5BAMjohntzVLE6Fm8,1636
 guarddog/analyzer/sourcecode/rubygems-network-on-require.yml,sha256=kmuzYXcuPvarKSl5V5k5CBoPSeuvsLdFaf2_-GHYYmo,2095
 guarddog/analyzer/sourcecode/rubygems-serialize-environment.yml,sha256=qnZaV-aj9-eSZJeeF6XCi5JrnKkXNqj9xSqGjqP6AAY,1329
+guarddog/analyzer/sourcecode/screenshot.yml,sha256=KYpVuzHBqc8lKy7P2Q30NVFQ6u0LrnBMiMUhY5wo2j0,1165
 guarddog/analyzer/sourcecode/shady-links.yml,sha256=H-QdBfK30PK9JRWJXk2SlFFiSSkMkuKZF0mWoCjwQ5w,3222
 guarddog/analyzer/sourcecode/silent-process-execution.yml,sha256=b6RjenMv7si7lXGak3uMmD7PMtQRuKPeJFggPW6UDNI,418
 guarddog/analyzer/sourcecode/steganography.yml,sha256=3ceO6SJhu4XpZEjfwelLdOxeZ4Ho1OgUjbcacwtOhR0,606
@@ -96,21 +97,21 @@ guarddog/scanners/github_action_scanner.py,sha256=6lriTel3U7vNmCWBf0SWti9sLCv88R
 guarddog/scanners/go_package_scanner.py,sha256=OdCbwtjJow9AxEv34z7WBfgTamqKj5DxJh7dly_1NuY,2926
 guarddog/scanners/go_project_scanner.py,sha256=2suZJWvYBhiiBMIQXs38SR04E_Ast50jO44X27gEG10,3349
 guarddog/scanners/npm_package_scanner.py,sha256=ciOvpRViMIQvNFupe5-hdXv65QLU5ObmacRkR2pgp18,2056
-guarddog/scanners/npm_project_scanner.py,sha256=liz5Fyscab53IiSPg0T21Z0vT5eotcHPc_W5Xam4A88,4957
+guarddog/scanners/npm_project_scanner.py,sha256=DHPu_m_G4jkLoT61sNcYb6GdiRUqMwWZDRYf_TGSvb4,4958
 guarddog/scanners/pypi_package_scanner.py,sha256=ZkuRRbNejnpfFpIHJJ42GH34khiG8CUKWEPvVh_M_uk,2449
 guarddog/scanners/pypi_project_scanner.py,sha256=O91c1UP2iZju84_N7cSE7pWGrY6rKapeUqXEVyKld3A,6435
 guarddog/scanners/rubygems_package_scanner.py,sha256=NqqkKj3aeVKj32a6dxz87ZjEu6lNDXR5BX_Zgoc3Ow4,4162
 guarddog/scanners/rubygems_project_scanner.py,sha256=v6cjkngdfChLDdW8XYqm9na48jSzeYQMsVKmo2UrniA,2277
-guarddog/scanners/scanner.py,sha256=a8Hgt5_xtQFrB2LokNOSvwqI_JzESsWQ_ZnLn3kJCAQ,14746
+guarddog/scanners/scanner.py,sha256=YuuLu1cPjeysc1YlRUpePI5e9TeNwIVRHUZXp-qxo7w,14716
 guarddog/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-guarddog/utils/archives.py,sha256=s1AXn6r8kD8hy5JxEOTzdHTgDpgSTImj_mFHfAI34IM,7417
+guarddog/utils/archives.py,sha256=tKSq4OtjzH_0GiucU-5gg83d191Oyk0xlTPjpdxVa-I,7418
 guarddog/utils/config.py,sha256=LfXghBsSeB_UH333C3zvh46UpG0doOW6MaZ7GG7_0Z8,2047
 guarddog/utils/exceptions.py,sha256=23Kzl3exqYK6X-bcGUeb8wPmSglWNX3GIDPkJ6lQzo4,54
 guarddog/utils/package_info.py,sha256=6fHJPeLn6-tHhKHw0Soedfv2ruPd8zhW2kbhlc3Aem0,975
-guarddog-2.8.4.dist-info/METADATA,sha256=SgaZvtbCAfOnr2PagJwdp4E-a4rXRKRG2aNO8mubQgM,22762
-guarddog-2.8.4.dist-info/WHEEL,sha256=3ny-bZhpXrU6vSQ1UPG34FoxZBp3lVcvK0LkgUz6VLk,88
-guarddog-2.8.4.dist-info/entry_points.txt,sha256=vX2fvhnNdkbEL4pDzrH2NqjWVxeOaEYi0sJYmNgS2-s,45
-guarddog-2.8.4.dist-info/licenses/LICENSE,sha256=w1aNZxHyoyOPJ4fSdiyrr06tCJZbTjCsH9K1uqeDVyU,11377
-guarddog-2.8.4.dist-info/licenses/LICENSE-3rdparty.csv,sha256=cS61ONZL_xlXaTMvQXyBEi3J3es-40Gg6G-6idoa5Qk,314
-guarddog-2.8.4.dist-info/licenses/NOTICE,sha256=nlyNt2IjG8IBoQkb7n6jszwAvmREpKAx0POzFO1s2JM,140
-guarddog-2.8.4.dist-info/RECORD,,
+guarddog-2.9.0.dist-info/METADATA,sha256=gogd3llQE03AT9lovoWH_k-cIqGSY0A9jisemAnCgTI,22762
+guarddog-2.9.0.dist-info/WHEEL,sha256=kJCRJT_g0adfAJzTx2GUMmS80rTJIVHRCfG0DQgLq3o,88
+guarddog-2.9.0.dist-info/entry_points.txt,sha256=vX2fvhnNdkbEL4pDzrH2NqjWVxeOaEYi0sJYmNgS2-s,45
+guarddog-2.9.0.dist-info/licenses/LICENSE,sha256=w1aNZxHyoyOPJ4fSdiyrr06tCJZbTjCsH9K1uqeDVyU,11377
+guarddog-2.9.0.dist-info/licenses/LICENSE-3rdparty.csv,sha256=cS61ONZL_xlXaTMvQXyBEi3J3es-40Gg6G-6idoa5Qk,314
+guarddog-2.9.0.dist-info/licenses/NOTICE,sha256=nlyNt2IjG8IBoQkb7n6jszwAvmREpKAx0POzFO1s2JM,140
+guarddog-2.9.0.dist-info/RECORD,,

{guarddog-2.8.4.dist-info → guarddog-2.9.0.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: poetry-core 2.3.0
+Generator: poetry-core 2.3.1
 Root-Is-Purelib: true
 Tag: py3-none-any