socketsecurity 0.0.48__tar.gz → 0.0.56__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. socketsecurity-0.0.56/PKG-INFO +22 -0
  2. socketsecurity-0.0.56/README.md +1 -0
  3. socketsecurity-0.0.56/pyproject.toml +43 -0
  4. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/__init__.py +1 -1
  5. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/core/__init__.py +11 -11
  6. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/core/classes.py +32 -0
  7. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/core/github.py +6 -4
  8. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/core/glitlab.py +81 -92
  9. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/core/messages.py +1 -1
  10. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/socketcli.py +17 -7
  11. socketsecurity-0.0.56/socketsecurity.egg-info/PKG-INFO +22 -0
  12. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity.egg-info/SOURCES.txt +2 -1
  13. socketsecurity-0.0.48/PKG-INFO +0 -8
  14. socketsecurity-0.0.48/setup.py +0 -18
  15. socketsecurity-0.0.48/socketsecurity.egg-info/PKG-INFO +0 -8
  16. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/setup.cfg +0 -0
  17. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/core/exceptions.py +0 -0
  18. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/core/issues.py +0 -0
  19. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity/core/licenses.py +0 -0
  20. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity.egg-info/dependency_links.txt +0 -0
  21. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity.egg-info/entry_points.txt +0 -0
  22. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity.egg-info/requires.txt +0 -0
  23. {socketsecurity-0.0.48 → socketsecurity-0.0.56}/socketsecurity.egg-info/top_level.txt +0 -0
@@ -0,0 +1,22 @@
1
+ Metadata-Version: 2.1
2
+ Name: socketsecurity
3
+ Version: 0.0.56
4
+ Summary: Socket Security CLI for CI/CD
5
+ Author-email: Douglas Coburn <douglas@socket.dev>
6
+ Maintainer-email: Douglas Coburn <douglas@socket.dev>
7
+ Project-URL: Homepage, https://socket.dev
8
+ Keywords: socketsecurity,socket.dev,sca,oss,security
9
+ Classifier: Development Status :: 4 - Beta
10
+ Classifier: Intended Audience :: Developers
11
+ Classifier: Programming Language :: Python :: 3.9
12
+ Classifier: Programming Language :: Python :: 3.10
13
+ Classifier: Programming Language :: Python :: 3.11
14
+ Classifier: Programming Language :: Python :: 3.12
15
+ Requires-Python: >=3.9
16
+ Description-Content-Type: text/markdown
17
+ Requires-Dist: requests
18
+ Requires-Dist: mdutils
19
+ Requires-Dist: prettytable
20
+ Requires-Dist: argparse
21
+
22
+ # Socket Security CLI
@@ -0,0 +1 @@
1
+ # Socket Security CLI
@@ -0,0 +1,43 @@
1
+ [build-system]
2
+ requires = ["setuptools >= 61.0"]
3
+ build-backend = "setuptools.build_meta"
4
+
5
+ [project]
6
+ name = "socketsecurity"
7
+ version = "0.0.56"
8
+ requires-python = ">= 3.9"
9
+ dependencies = [
10
+ 'requests',
11
+ 'mdutils',
12
+ 'prettytable',
13
+ 'argparse'
14
+ ]
15
+ readme = "README.md"
16
+ description = "Socket Security CLI for CI/CD"
17
+ keywords = ["socketsecurity", "socket.dev", "sca", "oss", "security"]
18
+ authors = [
19
+ {name = "Douglas Coburn", email = "douglas@socket.dev"}
20
+ ]
21
+ maintainers = [
22
+ {name = "Douglas Coburn", email = "douglas@socket.dev"}
23
+ ]
24
+ classifiers = [
25
+ "Development Status :: 4 - Beta",
26
+ "Intended Audience :: Developers",
27
+ "Programming Language :: Python :: 3.9",
28
+ "Programming Language :: Python :: 3.10",
29
+ "Programming Language :: Python :: 3.11",
30
+ "Programming Language :: Python :: 3.12",
31
+ ]
32
+
33
+ [project.scripts]
34
+ socketcli = "socketsecurity.socketcli:cli"
35
+
36
+ [project.urls]
37
+ Homepage = "https://socket.dev"
38
+
39
+ [tool.setuptools.packages.find]
40
+ include = [
41
+ "socketsecurity",
42
+ "socketsecurity.core"
43
+ ]
@@ -1,2 +1,2 @@
1
1
  __author__ = 'socket.dev'
2
- __version__ = '0.0.48'
2
+ __version__ = '0.0.56'
@@ -3,10 +3,10 @@ import requests
3
3
  from urllib.parse import urlencode
4
4
  import base64
5
5
  import json
6
- from core.exceptions import APIFailure, APIKeyMissing, APIAccessDenied, APIInsufficientQuota, APIResourceNotFound
7
- from core.licenses import Licenses
8
- from core.issues import AllIssues
9
- from core.classes import (
6
+ from socketsecurity.core.exceptions import APIFailure, APIKeyMissing, APIAccessDenied, APIInsufficientQuota, APIResourceNotFound
7
+ from socketsecurity.core.licenses import Licenses
8
+ from socketsecurity.core.issues import AllIssues
9
+ from socketsecurity.core.classes import (
10
10
  Report,
11
11
  Issue,
12
12
  Package,
@@ -23,10 +23,11 @@ import time
23
23
 
24
24
 
25
25
  __author__ = 'socket.dev'
26
- __version__ = '0.0.48'
26
+ __version__ = '0.0.56'
27
27
  __all__ = [
28
28
  "Core",
29
- "log"
29
+ "log",
30
+ "__version__"
30
31
  ]
31
32
 
32
33
 
@@ -40,7 +41,6 @@ all_issues = AllIssues()
40
41
  org_id = None
41
42
  org_slug = None
42
43
  all_new_alerts = False
43
- issue_file = "core/issues.json"
44
44
  security_policy = {}
45
45
  log = logging.getLogger("socketdev")
46
46
  log.addHandler(logging.NullHandler())
@@ -309,8 +309,8 @@ class Core:
309
309
  "requirements.frozen": {
310
310
  "pattern": "requirements.frozen"
311
311
  },
312
- "setup.py": {
313
- "pattern": "setup.py"
312
+ "setup.py.old": {
313
+ "pattern": "setup.py.old"
314
314
  }
315
315
  },
316
316
  "golang": {
@@ -430,7 +430,7 @@ class Core:
430
430
  head_full_scan = Core.get_sbom_data(head_full_scan_id)
431
431
  head_end = time.time()
432
432
  total_head_time = head_end - head_start
433
- print(f"Total time to get head sbom {total_head_time: .2f}")
433
+ print(f"Total time to get head full-scan {total_head_time: .2f}")
434
434
  except APIResourceNotFound:
435
435
  head_full_scan = []
436
436
  if files is not None and len(files) > 0:
@@ -439,7 +439,7 @@ class Core:
439
439
  new_full_scan.packages = Core.create_sbom_dict(new_full_scan.sbom_artifacts)
440
440
  new_scan_end = time.time()
441
441
  total_new_time = new_scan_end - new_scan_start
442
- print(f"Total time to get new sbom {total_new_time: .2f}")
442
+ print(f"Total time to get new full-scan {total_new_time: .2f}")
443
443
  diff_report = Core.compare_sboms(new_full_scan.sbom_artifacts, head_full_scan)
444
444
  diff_report.packages = new_full_scan.packages
445
445
  else:
@@ -367,3 +367,35 @@ class GithubComment:
367
367
  def __str__(self):
368
368
  return json.dumps(self.__dict__)
369
369
 
370
+
371
+ class GitlabComment:
372
+ id: int
373
+ type: str
374
+ body: str
375
+ attachment: str
376
+ author: dict
377
+ created_at: str
378
+ updated_at: str
379
+ system: bool
380
+ notable_id: int
381
+ noteable_type: str
382
+ project_id: int
383
+ resolvable: bool
384
+ confidential: bool
385
+ internal: bool
386
+ imported: bool
387
+ imported_from: str
388
+ noteable_iid: int
389
+ commands_changes: dict
390
+ body_list: list
391
+
392
+ def __init__(self, **kwargs):
393
+ if kwargs:
394
+ for key, value in kwargs.items():
395
+ setattr(self, key, value)
396
+ if not hasattr(self, "body_list"):
397
+ self.body_list = []
398
+
399
+ def __str__(self):
400
+ return json.dumps(self.__dict__)
401
+
@@ -1,9 +1,9 @@
1
1
  import json
2
2
  import os
3
- from core import log
3
+ from socketsecurity.core import log
4
4
  import requests
5
- from core.exceptions import *
6
- from core.classes import GithubComment, Diff, Issue
5
+ from socketsecurity.core.exceptions import *
6
+ from socketsecurity.core.classes import GithubComment, Diff, Issue
7
7
  import sys
8
8
 
9
9
 
@@ -122,6 +122,7 @@ class Github:
122
122
  committer: str
123
123
  github_env: str
124
124
  api_token: str
125
+ project_id: int
125
126
 
126
127
  def __init__(self):
127
128
  self.commit_sha = github_sha
@@ -132,7 +133,7 @@ class Github:
132
133
  self.repository = github_repository
133
134
  if "/" in self.repository:
134
135
  self.repository = self.repository.rsplit("/")[1]
135
- self.ref_name = github_ref_name
136
+ self.branch = github_ref_name
136
137
  self.default_branch = default_branch
137
138
  self.is_default_branch = is_default_branch
138
139
  self.pr_number = pr_number
@@ -141,6 +142,7 @@ class Github:
141
142
  self.committer = github_actor
142
143
  self.github_env = github_env
143
144
  self.api_token = gh_api_token
145
+ self.project_id = 0
144
146
  if self.api_token is None:
145
147
  print("Unable to get Github API Token from GH_API_TOKEN")
146
148
  sys.exit(2)
@@ -1,58 +1,53 @@
1
1
  import json
2
2
  import os
3
- from core import log
3
+ from socketsecurity.core import log
4
4
  import requests
5
- from core.exceptions import *
6
- from core.classes import GithubComment, Diff, Issue
5
+ from socketsecurity.core.exceptions import *
6
+ from socketsecurity.core.classes import GitlabComment, Diff, Issue
7
+ import sys
7
8
 
8
9
 
9
- global github_sha
10
- global github_api_url
11
- global github_ref_type
12
- global github_event_name
13
- global github_workspace
14
- global github_repository
15
- global github_ref_name
16
- global github_actor
17
- global default_branch
18
- global github_env
19
- global pr_number
10
+ global ci_commit_sha
11
+ global ci_api_v4_url
12
+ global ci_project_dir
13
+ global ci_commit_branch
14
+ global ci_merge_request_iid
15
+ global ci_merge_request_project_id
16
+ global ci_commit_message
17
+ global ci_default_branch
18
+ global ci_project_name
19
+ global ci_pipeline_source
20
+ global ci_commit_author
21
+ global project_dir
20
22
  global pr_name
21
23
  global is_default_branch
22
- global commit_message
23
24
  global committer
24
- global gh_api_token
25
- global github_repository_owner
25
+ global gitlab_token
26
26
 
27
27
 
28
- github_variables = [
28
+
29
+ gitlab_variables = [
29
30
  "CI_COMMIT_SHA",
30
- "GITHUB_API_URL",
31
- "GITHUB_REF_TYPE",
32
- "GITHUB_EVENT_NAME",
33
- "GITHUB_WORKSPACE",
34
- "GITHUB_REPOSITORY",
31
+ "CI_API_V4_URL",
32
+ "CI_PROJECT_DIR",
35
33
  "CI_COMMIT_BRANCH",
34
+ "CI_MERGE_REQUEST_IID",
35
+ "CI_MERGE_REQUEST_PROJECT_ID",
36
+ "CI_COMMIT_MESSAGE",
37
+ "CI_DEFAULT_BRANCH",
38
+ "CI_PROJECT_NAME",
39
+ "CI_PIPELINE_SOURCE",
40
+ "CI_COMMIT_AUTHOR",
41
+ "PROJECT_DIR",
36
42
  "DEFAULT_BRANCH",
37
- "PR_NUMBER",
38
43
  "PR_NAME",
39
- "COMMIT_MESSAGE",
40
- "GITHUB_ACTOR",
41
- "GITHUB_ENV",
42
- "GH_API_TOKEN",
43
- "GITHUB_REPOSITORY_OWNER"
44
+ "GITLAB_TOKEN",
44
45
  ]
45
46
 
46
47
 
47
- for env in github_variables:
48
+ for env in gitlab_variables:
48
49
  var_name = env.lower()
49
50
  globals()[var_name] = os.getenv(env) or None
50
- if var_name == "default_branch":
51
- global is_default_branch
52
- if default_branch is None or default_branch.lower() == "false":
53
- is_default_branch = False
54
- else:
55
- is_default_branch = True
56
51
 
57
52
 
58
53
  def do_request(
@@ -72,16 +67,16 @@ def do_request(
72
67
  :param method: Optional method to use, defaults to GET
73
68
  :return:
74
69
  """
75
- if gh_api_token is None or gh_api_token == "":
70
+ if gitlab_token is None or gitlab_token == "":
76
71
  raise APIKeyMissing
77
72
 
78
73
  if headers is None:
79
74
  headers = {
80
- 'Authorization': f"Bearer {gh_api_token}",
75
+ 'Authorization': f"Bearer {gitlab_token}",
81
76
  'User-Agent': 'SocketPythonScript/0.0.1',
82
77
  "accept": "application/json"
83
78
  }
84
- url = f"{github_api_url}/{path}"
79
+ url = f"{ci_api_v4_url}/{path}"
85
80
  response = requests.request(
86
81
  method.upper(),
87
82
  url,
@@ -114,49 +109,52 @@ class Gitlab:
114
109
  event_name: str
115
110
  workspace: str
116
111
  repository: str
117
- ref_name: str
112
+ branch: str
118
113
  default_branch: str
119
114
  is_default_branch: bool
120
115
  pr_number: int
121
116
  pr_name: str
122
117
  commit_message: str
123
118
  committer: str
124
- github_env: str
125
119
  api_token: str
120
+ project_id: int
126
121
 
127
122
  def __init__(self):
128
- self.commit_sha = github_sha
129
- self.api_url = github_api_url
130
- self.ref_type = github_ref_type
131
- self.event_name = github_event_name
132
- self.workspace = github_workspace
133
- self.repository = github_repository
123
+ self.commit_sha = ci_commit_sha
124
+ self.api_url = ci_api_v4_url
125
+ self.ref_type = ""
126
+ self.event_name = ci_pipeline_source
127
+ self.workspace = project_dir
128
+ self.repository = ci_project_name
134
129
  if "/" in self.repository:
135
130
  self.repository = self.repository.rsplit("/")[1]
136
- self.ref_name = github_ref_name
137
- self.default_branch = default_branch
138
- self.is_default_branch = is_default_branch
139
- self.pr_number = pr_number
131
+ self.branch = ci_commit_branch
132
+ self.default_branch = ci_default_branch
133
+ if self.branch == self.default_branch:
134
+ self.is_default_branch = True
135
+ else:
136
+ self.is_default_branch = False
137
+ self.pr_number = ci_merge_request_iid
140
138
  self.pr_name = pr_name
141
- self.commit_message = commit_message
142
- self.committer = github_actor
143
- self.github_env = github_env
144
- self.api_token = gh_api_token
139
+ self.commit_message = ci_commit_message
140
+ self.committer = ci_commit_author
141
+ self.api_token = gitlab_token
142
+ self.project_id = ci_merge_request_project_id
145
143
  if self.api_token is None:
146
- print("Unable to get Github API Token from GH_API_TOKEN")
144
+ print("Unable to get gitlab API Token from GH_API_TOKEN")
147
145
  sys.exit(2)
148
146
 
149
147
  @staticmethod
150
148
  def check_event_type() -> str:
151
- if github_event_name.lower() == "push":
152
- if pr_number is None or pr_number == "":
149
+ if ci_pipeline_source.lower() == "push":
150
+ if ci_merge_request_iid is None or ci_merge_request_iid == "":
153
151
  event_type = "main"
154
152
  else:
155
153
  event_type = "diff"
156
- elif github_event_name.lower() == "issue_comment":
154
+ elif ci_pipeline_source.lower() == "issue_comment":
157
155
  event_type = "comment"
158
156
  else:
159
- log.error(f"Unknown event type {github_event_name}")
157
+ log.error(f"Unknown event type {ci_pipeline_source}")
160
158
  sys.exit(1)
161
159
  return event_type
162
160
 
@@ -165,20 +163,19 @@ class Gitlab:
165
163
  existing_overview_comment = comments.get("overview")
166
164
  existing_security_comment = comments.get("security")
167
165
  if existing_overview_comment is not None:
168
- existing_overview_comment: GithubComment
169
- Github.update_comment(overview_comment, str(existing_overview_comment.id))
166
+ existing_overview_comment: GitlabComment
167
+ Gitlab.update_comment(overview_comment, str(existing_overview_comment.id))
170
168
  else:
171
- Github.post_comment(overview_comment)
169
+ Gitlab.post_comment(overview_comment)
172
170
  if existing_security_comment is not None:
173
- existing_security_comment: GithubComment
174
- Github.update_comment(security_comment, str(existing_security_comment.id))
171
+ existing_security_comment: GitlabComment
172
+ Gitlab.update_comment(security_comment, str(existing_security_comment.id))
175
173
  else:
176
- Github.post_comment(security_comment)
174
+ Gitlab.post_comment(security_comment)
177
175
 
178
176
  @staticmethod
179
177
  def post_comment(body: str) -> None:
180
- repo = github_repository.rsplit("/", 1)[1]
181
- path = f"repos/{github_repository_owner}/{repo}/issues/{pr_number}/comments"
178
+ path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes"
182
179
  payload = {
183
180
  "body": body
184
181
  }
@@ -187,8 +184,7 @@ class Gitlab:
187
184
 
188
185
  @staticmethod
189
186
  def update_comment(body: str, comment_id: str) -> None:
190
- repo = github_repository.rsplit("/", 1)[1]
191
- path = f"repos/{github_repository_owner}/{repo}/issues/comments/{comment_id}"
187
+ path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes/{comment_id}"
192
188
  payload = {
193
189
  "body": body
194
190
  }
@@ -196,26 +192,19 @@ class Gitlab:
196
192
  do_request(path, payload=payload, method="PATCH")
197
193
 
198
194
  @staticmethod
199
- def write_new_env(name: str, content: str) -> None:
200
- file = open(github_env, "a")
201
- new_content = content.replace("\n", "\\n")
202
- env_output = f"{name}={new_content}"
203
- file.write(env_output)
204
-
205
- @staticmethod
206
- def get_comments_for_pr(repo: str, pr: str) -> dict:
207
- path = f"repos/{github_repository_owner}/{repo}/issues/{pr}/comments"
195
+ def get_comments_for_pr() -> dict:
196
+ path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes"
208
197
  raw_comments = do_request(path)
209
198
  comments = {}
210
- if "error" not in raw_comments:
199
+ if "message" not in raw_comments:
211
200
  for item in raw_comments:
212
- comment = GithubComment(**item)
201
+ comment = GitlabComment(**item)
213
202
  comments[comment.id] = comment
214
203
  for line in comment.body.split("\n"):
215
204
  comment.body_list.append(line)
216
205
  else:
217
206
  log.error(raw_comments)
218
- socket_comments = Github.check_for_socket_comments(comments)
207
+ socket_comments = Gitlab.check_for_socket_comments(comments)
219
208
  return socket_comments
220
209
 
221
210
  @staticmethod
@@ -223,7 +212,7 @@ class Gitlab:
223
212
  socket_comments = {}
224
213
  for comment_id in comments:
225
214
  comment = comments[comment_id]
226
- comment: GithubComment
215
+ comment: GitlabComment
227
216
  if "socket-security-comment-actions" in comment.body:
228
217
  socket_comments["security"] = comment
229
218
  elif "socket-overview-comment-actions" in comment.body:
@@ -239,7 +228,7 @@ class Gitlab:
239
228
  alerts = []
240
229
  if "ignore" not in comments:
241
230
  return new_alerts
242
- ignore_all, ignore_commands = Github.get_ignore_options(comments)
231
+ ignore_all, ignore_commands = Gitlab.get_ignore_options(comments)
243
232
  for alert in new_alerts:
244
233
  alert: Issue
245
234
  if ignore_all:
@@ -260,7 +249,7 @@ class Gitlab:
260
249
  ignore_all = False
261
250
 
262
251
  for comment in comments["ignore"]:
263
- comment: GithubComment
252
+ comment: GitlabComment
264
253
  first_line = comment.body_list[0]
265
254
  if not ignore_all and "SocketSecurity ignore" in first_line:
266
255
  first_line = first_line.lstrip("@")
@@ -286,9 +275,9 @@ class Gitlab:
286
275
  def remove_comment_alerts(comments: dict):
287
276
  security_alert = comments.get("security")
288
277
  if security_alert is not None:
289
- security_alert: GithubComment
290
- new_body = Github.process_security_comment(security_alert, comments)
291
- Github.update_comment(new_body, str(security_alert.id))
278
+ security_alert: GitlabComment
279
+ new_body = Gitlab.process_security_comment(security_alert, comments)
280
+ Gitlab.update_comment(new_body, str(security_alert.id))
292
281
 
293
282
  @staticmethod
294
283
  def is_heading_line(line) -> bool:
@@ -298,22 +287,22 @@ class Gitlab:
298
287
  return is_heading_line
299
288
 
300
289
  @staticmethod
301
- def process_security_comment(comment: GithubComment, comments) -> str:
290
+ def process_security_comment(comment: GitlabComment, comments) -> str:
302
291
  lines = []
303
292
  start = False
304
- ignore_all, ignore_commands = Github.get_ignore_options(comments)
293
+ ignore_all, ignore_commands = Gitlab.get_ignore_options(comments)
305
294
  for line in comment.body_list:
306
295
  line = line.strip()
307
296
  if "start-socket-alerts-table" in line:
308
297
  start = True
309
- elif start and "end-socket-alerts-table" not in line and not Github.is_heading_line(line) and line != '':
298
+ elif start and "end-socket-alerts-table" not in line and not Gitlab.is_heading_line(line) and line != '':
310
299
  title, package, introduced_by, manifest = line.lstrip("|").rstrip("|").split("|")
311
300
  details, _ = package.split("](")
312
301
  ecosystem, details = details.split("/", 1)
313
302
  pkg_name, pkg_version = details.split("@")
314
303
  ignore = False
315
304
  for name, version in ignore_commands:
316
- if ignore_all or Github.is_ignore(pkg_name, pkg_version, name, version):
305
+ if ignore_all or Gitlab.is_ignore(pkg_name, pkg_version, name, version):
317
306
  ignore = True
318
307
  if not ignore:
319
308
  lines.append(line)
@@ -1,5 +1,5 @@
1
1
  from mdutils import MdUtils
2
- from core.classes import Diff, Purl, Issue
2
+ from socketsecurity.core.classes import Diff, Purl, Issue
3
3
  from prettytable import PrettyTable
4
4
 
5
5
 
@@ -1,9 +1,8 @@
1
1
  import argparse
2
2
  import json
3
-
4
- from core import Core, version
5
- from core.classes import FullScanParams, Diff, Package
6
- from core.messages import Messages
3
+ from socketsecurity.core import Core, __version__
4
+ from socketsecurity.core.classes import FullScanParams, Diff, Package
5
+ from socketsecurity.core.messages import Messages
7
6
  import os
8
7
  import sys
9
8
 
@@ -68,7 +67,7 @@ parser.add_argument(
68
67
  '--scm',
69
68
  default='api',
70
69
  help='Integration mode choices are api, github, gitlab, and bitbucket',
71
- choices=["api", "github"],
70
+ choices=["api", "github", "gitlab"],
72
71
  required=False
73
72
  )
74
73
 
@@ -79,6 +78,14 @@ parser.add_argument(
79
78
  required=False
80
79
  )
81
80
 
81
+ parser.add_argument(
82
+ '-v',
83
+ '--version',
84
+ action="version",
85
+ version=f'%(prog)s 0.0.55',
86
+ help='Display the version',
87
+ )
88
+
82
89
 
83
90
  def output_console_comments(diff_report) -> None:
84
91
  console_security_comment = Messages.create_console_security_alert_table(diff_report)
@@ -116,11 +123,14 @@ def cli():
116
123
  if repo is None:
117
124
  print("Repo name needs to be set")
118
125
  sys.exit(2)
119
- print(f"Starting Socket Security Scan version {version}")
126
+ print(f"Starting Socket Security Scan version {__version__}")
120
127
  scm = None
121
128
  if scm_type == "github":
122
- from core.github import Github
129
+ from socketsecurity.core.github import Github
123
130
  scm = Github()
131
+ elif scm_type == 'gitlab':
132
+ from socketsecurity.core.glitlab import Gitlab
133
+ scm = Gitlab()
124
134
  base_api_url = os.getenv("BASE_API_URL") or None
125
135
  core = Core(token=api_token, request_timeout=6000, base_api_url=base_api_url)
126
136
  set_as_pending_head = False
@@ -0,0 +1,22 @@
1
+ Metadata-Version: 2.1
2
+ Name: socketsecurity
3
+ Version: 0.0.56
4
+ Summary: Socket Security CLI for CI/CD
5
+ Author-email: Douglas Coburn <douglas@socket.dev>
6
+ Maintainer-email: Douglas Coburn <douglas@socket.dev>
7
+ Project-URL: Homepage, https://socket.dev
8
+ Keywords: socketsecurity,socket.dev,sca,oss,security
9
+ Classifier: Development Status :: 4 - Beta
10
+ Classifier: Intended Audience :: Developers
11
+ Classifier: Programming Language :: Python :: 3.9
12
+ Classifier: Programming Language :: Python :: 3.10
13
+ Classifier: Programming Language :: Python :: 3.11
14
+ Classifier: Programming Language :: Python :: 3.12
15
+ Requires-Python: >=3.9
16
+ Description-Content-Type: text/markdown
17
+ Requires-Dist: requests
18
+ Requires-Dist: mdutils
19
+ Requires-Dist: prettytable
20
+ Requires-Dist: argparse
21
+
22
+ # Socket Security CLI
@@ -1,4 +1,5 @@
1
- setup.py
1
+ README.md
2
+ pyproject.toml
2
3
  socketsecurity/__init__.py
3
4
  socketsecurity/socketcli.py
4
5
  socketsecurity.egg-info/PKG-INFO
@@ -1,8 +0,0 @@
1
- Metadata-Version: 2.1
2
- Name: socketsecurity
3
- Version: 0.0.48
4
- Requires-Python: >3.10.1
5
- Requires-Dist: requests
6
- Requires-Dist: mdutils
7
- Requires-Dist: prettytable
8
- Requires-Dist: argparse
@@ -1,18 +0,0 @@
1
- from setuptools import setup, find_packages
2
-
3
- setup(
4
- name='socketsecurity',
5
- version='0.0.48',
6
- python_requires='>3.10.1',
7
- packages=find_packages(),
8
- install_requires=[
9
- 'requests',
10
- 'mdutils',
11
- 'prettytable',
12
- 'argparse'
13
- ],
14
- entry_points='''
15
- [console_scripts]
16
- socketcli=socketsecurity.socketcli:cli
17
- ''',
18
- )
@@ -1,8 +0,0 @@
1
- Metadata-Version: 2.1
2
- Name: socketsecurity
3
- Version: 0.0.48
4
- Requires-Python: >3.10.1
5
- Requires-Dist: requests
6
- Requires-Dist: mdutils
7
- Requires-Dist: prettytable
8
- Requires-Dist: argparse