From 31d75ef0e8999aba4599e6894517831d3e5b746d Mon Sep 17 00:00:00 2001 From: Ajin Abraham Date: Sat, 3 Apr 2021 13:16:26 -0700 Subject: [PATCH 1/2] semgrep 0.45.0 update --- libsast/__init__.py | 2 +- libsast/core_matcher/choice_matcher.py | 4 ++-- libsast/core_matcher/pattern_matcher.py | 4 ++-- libsast/core_sgrep/helpers.py | 1 + setup.py | 2 +- 5 files changed, 7 insertions(+), 6 deletions(-) diff --git a/libsast/__init__.py b/libsast/__init__.py index 6cb0e7c..80d2de3 100644 --- a/libsast/__init__.py +++ b/libsast/__init__.py @@ -8,7 +8,7 @@ __title__ = 'libsast' __authors__ = 'Ajin Abraham' __copyright__ = 'Copyright 2020 Ajin Abraham, OpenSecurity' -__version__ = '1.3.9' +__version__ = '1.4.0' __version_info__ = tuple(int(i) for i in __version__.split('.')) __all__ = [ 'Scanner', diff --git a/libsast/core_matcher/choice_matcher.py b/libsast/core_matcher/choice_matcher.py index 4244e85..41e1250 100644 --- a/libsast/core_matcher/choice_matcher.py +++ b/libsast/core_matcher/choice_matcher.py @@ -73,8 +73,8 @@ def choice_matcher(self, scan_paths, rule): ext = sfile.suffix.lower() if self.exts and ext not in self.exts: continue - if sfile.stat().st_size / 1000 / 1000 > 25: - # Skip scanning files greater than 25 MB + if sfile.stat().st_size / 1000 / 1000 > 5: + # Skip scanning files greater than 5 MB print(f'Skipping large file {sfile.as_posix()}') continue data = sfile.read_text('utf-8', 'ignore') diff --git a/libsast/core_matcher/pattern_matcher.py b/libsast/core_matcher/pattern_matcher.py index 08a3062..3a24ac5 100644 --- a/libsast/core_matcher/pattern_matcher.py +++ b/libsast/core_matcher/pattern_matcher.py @@ -38,8 +38,8 @@ def scan(self, paths: list) -> dict: ext = sfile.suffix.lower() if self.exts and ext not in self.exts: continue - if sfile.stat().st_size / 1000 / 1000 > 25: - # Skip scanning files greater than 25 MB + if sfile.stat().st_size / 1000 / 1000 > 5: + # Skip scanning files greater than 5 MB print(f'Skipping large file {sfile.as_posix()}') continue data = sfile.read_text('utf-8', 'ignore') diff --git a/libsast/core_sgrep/helpers.py b/libsast/core_sgrep/helpers.py index 248703e..c2c93a0 100644 --- a/libsast/core_sgrep/helpers.py +++ b/libsast/core_sgrep/helpers.py @@ -28,6 +28,7 @@ def invoke_semgrep(paths, scan_rules, **kwargs): strict=False, timeout_threshold=3, json_stats=False, + json_time=False, output_per_finding_max_lines_limit=None, ), stdout=io_capture, diff --git a/setup.py b/setup.py index b2e3c50..912763e 100644 --- a/setup.py +++ b/setup.py @@ -8,7 +8,7 @@ def get_requires(): requires = [ 'requests>=2.22.0', 'pyyaml>=5.3', - 'semgrep==0.38.0;platform_system!="Windows"', + 'semgrep==0.45.0;platform_system!="Windows"', ] return requires From 4d7c023114b45d6ee4c50539aff27162a07fbc46 Mon Sep 17 00:00:00 2001 From: Ajin Abraham Date: Sat, 3 Apr 2021 13:23:14 -0700 Subject: [PATCH 2/2] remove print() for choice matcher only --- libsast/core_matcher/choice_matcher.py | 1 - 1 file changed, 1 deletion(-) diff --git a/libsast/core_matcher/choice_matcher.py b/libsast/core_matcher/choice_matcher.py index 41e1250..ffe929a 100644 --- a/libsast/core_matcher/choice_matcher.py +++ b/libsast/core_matcher/choice_matcher.py @@ -75,7 +75,6 @@ def choice_matcher(self, scan_paths, rule): continue if sfile.stat().st_size / 1000 / 1000 > 5: # Skip scanning files greater than 5 MB - print(f'Skipping large file {sfile.as_posix()}') continue data = sfile.read_text('utf-8', 'ignore') if ext in ('.html', '.xml'):