Skip to content

Commit

Permalink
Merge pull request #53 from ajinabraham/3.1.4
Browse files Browse the repository at this point in the history
Make semgrep optional, also update actions.
  • Loading branch information
ajinabraham authored Nov 14, 2024
2 parents 21f98eb + ed4476c commit 3171b66
Show file tree
Hide file tree
Showing 7 changed files with 19 additions and 11 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4.2.2

- name: Initialize CodeQL
uses: github/codeql-action/init@v2
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,9 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4.2.2
- name: Set up Python
uses: actions/setup-python@v3
uses: actions/setup-python@v5.3.0
with:
python-version: '3.x'
- name: Install dependencies
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/python_test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@ jobs:
python-version: ['3.10', '3.11', '3.12']

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4.2.2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v3
uses: actions/setup-python@v5.3.0
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
Expand All @@ -33,7 +33,7 @@ jobs:
tox -e lint
- name: Install libsast
run: |
poetry install --no-interaction --no-ansi
poetry install --no-interaction --no-ansi --with semgrep
- name: Bandit Scan
run: |
poetry run bandit -ll libsast -r
Expand Down
5 changes: 4 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,10 @@ Made with ![Love](https://cloud.githubusercontent.com/assets/4301109/16754758/82

## Install

`pip install libsast`
```bash
pip install semgrep==1.86.0 #For semgrep support
pip install libsast
```

Pattern Matcher is cross-platform, but Semgrep supports only Mac and Linux.

Expand Down
2 changes: 1 addition & 1 deletion libsast/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
__title__ = 'libsast'
__authors__ = 'Ajin Abraham'
__copyright__ = f'Copyright {year} Ajin Abraham, opensecurity.in'
__version__ = '3.1.3'
__version__ = '3.1.4'
__version_info__ = tuple(int(i) for i in __version__.split('.'))
__all__ = [
'Scanner',
Expand Down
2 changes: 1 addition & 1 deletion poetry.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 7 additions & 2 deletions pyproject.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[tool.poetry]
name = "libsast"
version = "3.1.3"
version = "3.1.4"
description = "A generic SAST library built on top of semgrep and regex"
keywords = ["libsast", "SAST", "Python SAST", "SAST API", "Regex SAST", "Pattern Matcher"]
authors = ["Ajin Abraham <ajin@opensecurity.in>"]
Expand All @@ -26,9 +26,14 @@ libsast = "libsast.__main__:main"
python = "^3.8"
requests = "*"
pyyaml = ">=6.0"
semgrep = {version = "1.86.0", markers = "sys_platform != 'win32'"}
billiard = "^4.2.1"

[tool.poetry.group.semgrep]
optional = true

[tool.poetry.group.semgrep.dependencies]
semgrep = {version = "1.86.0", markers = "sys_platform != 'win32'"}

[tool.poetry.group.dev.dependencies]
bandit = "*"
pytest = "*"
Expand Down

0 comments on commit 3171b66

Please sign in to comment.