Merge pull request #15 from ajinabraham/1.4.0

Semgrep 0.45.0 update change max scan file size from 25 to 5 MB
ajinabraham · Apr 3, 2021 · c5f74c8 · c5f74c8
2 parents 6b091f6 + 4d7c023
commit c5f74c8
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 6 deletions.
diff --git a/libsast/__init__.py b/libsast/__init__.py
@@ -8,7 +8,7 @@
 __title__ = 'libsast'
 __authors__ = 'Ajin Abraham'
 __copyright__ = 'Copyright 2020 Ajin Abraham, OpenSecurity'
-__version__ = '1.3.9'
+__version__ = '1.4.0'
 __version_info__ = tuple(int(i) for i in __version__.split('.'))
 __all__ = [
     'Scanner',

diff --git a/libsast/core_matcher/choice_matcher.py b/libsast/core_matcher/choice_matcher.py
@@ -73,8 +73,8 @@ def choice_matcher(self, scan_paths, rule):
                 ext = sfile.suffix.lower()
                 if self.exts and ext not in self.exts:
                     continue
-                if sfile.stat().st_size / 1000 / 1000 > 25:
-                    # Skip scanning files greater than 25 MB
+                if sfile.stat().st_size / 1000 / 1000 > 5:
+                    # Skip scanning files greater than 5 MB
                     continue
                 data = sfile.read_text('utf-8', 'ignore')
                 if ext in ('.html', '.xml'):

diff --git a/libsast/core_matcher/pattern_matcher.py b/libsast/core_matcher/pattern_matcher.py
@@ -38,8 +38,8 @@ def scan(self, paths: list) -> dict:
             ext = sfile.suffix.lower()
             if self.exts and ext not in self.exts:
                 continue
-            if sfile.stat().st_size / 1000 / 1000 > 25:
-                # Skip scanning files greater than 25 MB
+            if sfile.stat().st_size / 1000 / 1000 > 5:
+                # Skip scanning files greater than 5 MB
                 print(f'Skipping large file {sfile.as_posix()}')
                 continue
             data = sfile.read_text('utf-8', 'ignore')

diff --git a/libsast/core_sgrep/helpers.py b/libsast/core_sgrep/helpers.py
@@ -28,6 +28,7 @@ def invoke_semgrep(paths, scan_rules, **kwargs):
             strict=False,
             timeout_threshold=3,
             json_stats=False,
+            json_time=False,
             output_per_finding_max_lines_limit=None,
         ),
         stdout=io_capture,

diff --git a/setup.py b/setup.py
@@ -8,7 +8,7 @@ def get_requires():
     requires = [
         'requests>=2.22.0',
         'pyyaml>=5.3',
-        'semgrep==0.38.0;platform_system!="Windows"',
+        'semgrep==0.45.0;platform_system!="Windows"',
     ]
     return requires