From 56ebeaf3416bfcb03a655354b1640dfed2953144 Mon Sep 17 00:00:00 2001 From: Ajin Abraham Date: Thu, 14 Nov 2024 00:30:52 -0800 Subject: [PATCH 1/2] make semgrep optional --- libsast/__init__.py | 2 +- poetry.lock | 2 +- pyproject.toml | 9 +++++++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/libsast/__init__.py b/libsast/__init__.py index bf32368..c828354 100644 --- a/libsast/__init__.py +++ b/libsast/__init__.py @@ -12,7 +12,7 @@ __title__ = 'libsast' __authors__ = 'Ajin Abraham' __copyright__ = f'Copyright {year} Ajin Abraham, opensecurity.in' -__version__ = '3.1.3' +__version__ = '3.1.4' __version_info__ = tuple(int(i) for i in __version__.split('.')) __all__ = [ 'Scanner', diff --git a/poetry.lock b/poetry.lock index 0587582..b255f96 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1400,4 +1400,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.0" python-versions = "^3.8" -content-hash = "59f70f1c11c572b38f02291696d8b61ecabb1c3dca9bfdc28184afee86732b3d" +content-hash = "c5a02cc55d469741ee575bf3f4a4b8d953035297f9b50ebca868655fa8219d76" diff --git a/pyproject.toml b/pyproject.toml index de50941..d08b5e0 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "libsast" -version = "3.1.3" +version = "3.1.4" description = "A generic SAST library built on top of semgrep and regex" keywords = ["libsast", "SAST", "Python SAST", "SAST API", "Regex SAST", "Pattern Matcher"] authors = ["Ajin Abraham "] @@ -26,9 +26,14 @@ libsast = "libsast.__main__:main" python = "^3.8" requests = "*" pyyaml = ">=6.0" -semgrep = {version = "1.86.0", markers = "sys_platform != 'win32'"} billiard = "^4.2.1" +[tool.poetry.group.semgrep] +optional = true + +[tool.poetry.group.semgrep.dependencies] +semgrep = {version = "1.86.0", markers = "sys_platform != 'win32'"} + [tool.poetry.group.dev.dependencies] bandit = "*" pytest = "*" From ed4476cc7483364abd0fd42c2c54396679eb427b Mon Sep 17 00:00:00 2001 From: Ajin Abraham Date: Thu, 14 Nov 2024 00:44:36 -0800 Subject: [PATCH 2/2] Semgrep is optional, action QA --- .github/workflows/codeql.yml | 2 +- .github/workflows/publish.yml | 4 ++-- .github/workflows/python_test.yml | 6 +++--- README.md | 5 ++++- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fa33578..1aa1e6a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4.2.2 - name: Initialize CodeQL uses: github/codeql-action/init@v2 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 655c281..9cafb44 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -10,9 +10,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.2.2 - name: Set up Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v5.3.0 with: python-version: '3.x' - name: Install dependencies diff --git a/.github/workflows/python_test.yml b/.github/workflows/python_test.yml index ff9e9d5..36f43b7 100644 --- a/.github/workflows/python_test.yml +++ b/.github/workflows/python_test.yml @@ -19,9 +19,9 @@ jobs: python-version: ['3.10', '3.11', '3.12'] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v3 + uses: actions/setup-python@v5.3.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies @@ -33,7 +33,7 @@ jobs: tox -e lint - name: Install libsast run: | - poetry install --no-interaction --no-ansi + poetry install --no-interaction --no-ansi --with semgrep - name: Bandit Scan run: | poetry run bandit -ll libsast -r diff --git a/README.md b/README.md index e2a42e4..4baff77 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,10 @@ Made with ![Love](https://cloud.githubusercontent.com/assets/4301109/16754758/82 ## Install -`pip install libsast` +```bash +pip install semgrep==1.86.0 #For semgrep support +pip install libsast +``` Pattern Matcher is cross-platform, but Semgrep supports only Mac and Linux.