socketsecurity 2.1.0__tar.gz → 2.1.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (78) hide show
  1. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/PKG-INFO +7 -7
  2. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/README.md +6 -6
  3. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/pyproject.toml +1 -1
  4. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/__init__.py +1 -1
  5. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/__init__.py +11 -5
  6. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/CODEOWNERS +0 -0
  7. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/PULL_REQUEST_TEMPLATE/bug-fix.md +0 -0
  8. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/PULL_REQUEST_TEMPLATE/feature.md +0 -0
  9. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/PULL_REQUEST_TEMPLATE/improvement.md +0 -0
  10. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/PULL_REQUEST_TEMPLATE.md +0 -0
  11. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/workflows/docker-stable.yml +0 -0
  12. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/workflows/pr-preview.yml +0 -0
  13. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/workflows/release.yml +0 -0
  14. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.github/workflows/version-check.yml +0 -0
  15. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.gitignore +0 -0
  16. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.hooks/sync_version.py +0 -0
  17. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.pre-commit-config.yaml +0 -0
  18. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/.python-version +0 -0
  19. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/Dockerfile +0 -0
  20. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/LICENSE +0 -0
  21. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/Makefile +0 -0
  22. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/Pipfile.lock +0 -0
  23. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/docs/README.md +0 -0
  24. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/pytest.ini +0 -0
  25. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/requirements-dev.lock +0 -0
  26. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/requirements.lock +0 -0
  27. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/scripts/build_container.sh +0 -0
  28. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/scripts/deploy-test-docker.sh +0 -0
  29. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/scripts/deploy-test-pypi.sh +0 -0
  30. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/scripts/run.sh +0 -0
  31. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/config.py +0 -0
  32. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/classes.py +0 -0
  33. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/cli_client.py +0 -0
  34. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/exceptions.py +0 -0
  35. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/git_interface.py +0 -0
  36. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/logging.py +0 -0
  37. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/messages.py +0 -0
  38. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/scm/__init__.py +0 -0
  39. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/scm/base.py +0 -0
  40. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/scm/client.py +0 -0
  41. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/scm/github.py +0 -0
  42. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/scm/gitlab.py +0 -0
  43. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/scm_comments.py +0 -0
  44. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/socket_config.py +0 -0
  45. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/utils.py +0 -0
  46. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/output.py +0 -0
  47. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/plugins/__init__.py +0 -0
  48. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/plugins/base.py +0 -0
  49. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/plugins/jira.py +0 -0
  50. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/plugins/manager.py +0 -0
  51. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/plugins/slack.py +0 -0
  52. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/plugins/teams.py +0 -0
  53. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/plugins/webhook.py +0 -0
  54. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/socketcli.py +0 -0
  55. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/__init__.py +0 -0
  56. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/core/conftest.py +0 -0
  57. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/core/create_diff_input.json +0 -0
  58. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/core/test_diff_generation.py +0 -0
  59. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/core/test_package_and_alerts.py +0 -0
  60. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/core/test_sdk_methods.py +0 -0
  61. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/core/test_supporting_methods.py +0 -0
  62. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/fullscans/create_response.json +0 -0
  63. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/fullscans/diff/stream_diff.json +0 -0
  64. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/fullscans/diff/stream_diff_full.json +0 -0
  65. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/fullscans/head_scan/metadata.json +0 -0
  66. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/fullscans/head_scan/stream_scan.json +0 -0
  67. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/fullscans/head_scan/stream_scan_full.json +0 -0
  68. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/fullscans/new_scan/metadata.json +0 -0
  69. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/fullscans/new_scan/stream_scan.json +0 -0
  70. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/repos/repo_info_error.json +0 -0
  71. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/repos/repo_info_no_head.json +0 -0
  72. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/repos/repo_info_success.json +0 -0
  73. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/data/settings/security-policy.json +0 -0
  74. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/unit/__init__.py +0 -0
  75. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/unit/test_cli_config.py +0 -0
  76. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/unit/test_client.py +0 -0
  77. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/unit/test_config.py +0 -0
  78. {socketsecurity-2.1.0 → socketsecurity-2.1.2}/tests/unit/test_output.py +0 -0
{socketsecurity-2.1.0 → socketsecurity-2.1.2}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: socketsecurity
3
- Version: 2.1.0
3
+ Version: 2.1.2
4
4
  Summary: Socket Security CLI for CI/CD
5
5
  Project-URL: Homepage, https://socket.dev
6
6
  Author-email: Douglas Coburn <douglas@socket.dev>
@@ -96,12 +96,12 @@ If you don't want to provide the Socket API Token every time then you can use th
96
96
  | --commit-sha | False | "" | Commit SHA |
97
97
 
98
98
  #### Path and File
99
- | Parameter | Required | Default | Description |
100
- |:-------------------|:---------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
101
- | --target-path | False | ./ | Target path for analysis |
102
- | --sbom-file | False | | SBOM file path |
103
- | --files | False | [] | Files to analyze (JSON array string) |
104
- | --exclude-patterns | False | [] | List of patterns to exclude from analysis (JSON array string). You can get supported files form the [Supported Files API](https://docs.socket.dev/reference/getsupportedfiles) |
99
+ | Parameter | Required | Default | Description |
100
+ |:----------------------|:---------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
101
+ | --target-path | False | ./ | Target path for analysis |
102
+ | --sbom-file | False | | SBOM file path |
103
+ | --files | False | [] | Files to analyze (JSON array string) |
104
+ | --excluded-ecosystems | False | [] | List of ecosystems to exclude from analysis (JSON array string). You can get supported files from the [Supported Files API](https://docs.socket.dev/reference/getsupportedfiles) |
105
105
 
106
106
  #### Branch and Scan Configuration
107
107
  | Parameter | Required | Default | Description |
{socketsecurity-2.1.0 → socketsecurity-2.1.2}/README.md RENAMED
@@ -40,12 +40,12 @@ If you don't want to provide the Socket API Token every time then you can use th
40
40
  | --commit-sha | False | "" | Commit SHA |
41
41
 
42
42
  #### Path and File
43
- | Parameter | Required | Default | Description |
44
- |:-------------------|:---------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
45
- | --target-path | False | ./ | Target path for analysis |
46
- | --sbom-file | False | | SBOM file path |
47
- | --files | False | [] | Files to analyze (JSON array string) |
48
- | --exclude-patterns | False | [] | List of patterns to exclude from analysis (JSON array string). You can get supported files form the [Supported Files API](https://docs.socket.dev/reference/getsupportedfiles) |
43
+ | Parameter | Required | Default | Description |
44
+ |:----------------------|:---------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
45
+ | --target-path | False | ./ | Target path for analysis |
46
+ | --sbom-file | False | | SBOM file path |
47
+ | --files | False | [] | Files to analyze (JSON array string) |
48
+ | --excluded-ecosystems | False | [] | List of ecosystems to exclude from analysis (JSON array string). You can get supported files from the [Supported Files API](https://docs.socket.dev/reference/getsupportedfiles) |
49
49
 
50
50
  #### Branch and Scan Configuration
51
51
  | Parameter | Required | Default | Description |
{socketsecurity-2.1.0 → socketsecurity-2.1.2}/pyproject.toml RENAMED
@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
6
6
 
7
7
  [project]
8
8
  name = "socketsecurity"
9
- version = "2.1.0"
9
+ version = "2.1.2"
10
10
  requires-python = ">= 3.10"
11
11
  license = {"file" = "LICENSE"}
12
12
  dependencies = [
{socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/__init__.py RENAMED
@@ -1,2 +1,2 @@
1
1
  __author__ = 'socket.dev'
2
- __version__ = '2.1.0'
2
+ __version__ = '2.1.2'
{socketsecurity-2.1.0 → socketsecurity-2.1.2}/socketsecurity/core/__init__.py RENAMED
@@ -15,7 +15,7 @@ from socketdev.fullscans import FullScanParams, SocketArtifact
15
15
  from socketdev.org import Organization
16
16
  from socketdev.repos import RepositoryInfo
17
17
  from socketdev.settings import SecurityPolicyRule
18
-
18
+ import copy
19
19
  from socketsecurity import __version__
20
20
  from socketsecurity.core.classes import (
21
21
  Alert,
@@ -187,6 +187,7 @@ class Core:
187
187
  for ecosystem in patterns:
188
188
  if ecosystem in self.config.excluded_ecosystems:
189
189
  continue
190
+ log.info(f'Scanning ecosystem: {ecosystem}')
190
191
  ecosystem_patterns = patterns[ecosystem]
191
192
  for file_name in ecosystem_patterns:
192
193
  original_pattern = ecosystem_patterns[file_name]["pattern"]
@@ -209,7 +210,7 @@ class Core:
209
210
  glob_end = time.time()
210
211
  log.debug(f"Globbing took {glob_end - glob_start:.4f} seconds")
211
212
 
212
- log.debug(f"Total files found: {len(files)}")
213
+ log.info(f"Total files found: {len(files)}")
213
214
  return sorted(files)
214
215
 
215
216
  def get_supported_patterns(self) -> Dict:
@@ -331,7 +332,7 @@ class Core:
331
332
  Returns:
332
333
  FullScan object with scan results
333
334
  """
334
- log.debug("Creating new full scan")
335
+ log.info("Creating new full scan")
335
336
  create_full_start = time.time()
336
337
 
337
338
  res = self.sdk.fullscans.post(files, params, use_types=True)
@@ -627,11 +628,14 @@ class Core:
627
628
  head_full_scan_id = None
628
629
 
629
630
  if head_full_scan_id is None:
630
- tmp_params = params
631
+ new_params = copy.deepcopy(params.__dict__)
632
+ new_params.pop('include_license_details')
633
+ tmp_params = FullScanParams(**new_params)
634
+ tmp_params.include_license_details = params.include_license_details
631
635
  tmp_params.tmp = True
632
636
  tmp_params.set_as_pending_head = False
633
637
  tmp_params.make_default_branch = False
634
- head_full_scan = self.create_full_scan(Core.empty_head_scan_file(), params)
638
+ head_full_scan = self.create_full_scan(Core.empty_head_scan_file(), tmp_params)
635
639
  head_full_scan_id = head_full_scan.id
636
640
 
637
641
  # Create new scan
@@ -795,6 +799,8 @@ class Core:
795
799
  introduced_by = []
796
800
  if package.direct:
797
801
  manifests = ""
802
+ if not hasattr(package, "manifestFiles"):
803
+ return introduced_by
798
804
  for manifest_data in package.manifestFiles:
799
805
  manifest_file = manifest_data.get("file")
800
806
  manifests += f"{manifest_file};"
{socketsecurity-2.1.0 → socketsecurity-2.1.2}/LICENSE RENAMED
File without changes
{socketsecurity-2.1.0 → socketsecurity-2.1.2}/Makefile RENAMED
File without changes