diff --git a/README.md b/README.md index 148c6a5..66fd945 100644 --- a/README.md +++ b/README.md @@ -23,13 +23,14 @@ If you don't want to provide the Socket API Token every time then you can use th | --api-token | False | | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) | #### Repository -| Parameter | Required | Default | Description | -|:--------------|:---------|:--------|:------------------------------------------------------------------------| -| --repo | False | | Repository name in owner/repo format | -| --integration | False | api | Integration type (api, github, gitlab) | -| --owner | False | | Name of the integration owner, defaults to the socket organization slug | -| --branch | False | "" | Branch name | -| --committers | False | | Committer(s) to filter by | +| Parameter | Required | Default | Description | +|:-----------------|:---------|:--------|:------------------------------------------------------------------------| +| --repo | False | | Repository name in owner/repo format | +| --integration | False | api | Integration type (api, github, gitlab) | +| --owner | False | | Name of the integration owner, defaults to the socket organization slug | +| --branch | False | "" | Branch name | +| --committers | False | | Committer(s) to filter by | +| --repo-is-public | False | False | If set, flags a new repository creation as public. Defaults to false. | #### Pull Request and Commit | Parameter | Required | Default | Description | @@ -39,11 +40,12 @@ If you don't want to provide the Socket API Token every time then you can use th | --commit-sha | False | "" | Commit SHA | #### Path and File -| Parameter | Required | Default | Description | -|:--------------|:---------|:--------|:-------------------------------------| -| --target-path | False | ./ | Target path for analysis | -| --sbom-file | False | | SBOM file path | -| --files | False | [] | Files to analyze (JSON array string) | +| Parameter | Required | Default | Description | +|:-------------------|:---------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| --target-path | False | ./ | Target path for analysis | +| --sbom-file | False | | SBOM file path | +| --files | False | [] | Files to analyze (JSON array string) | +| --exclude-patterns | False | [] | List of patterns to exclude from analysis (JSON array string). You can get supported files form the [Supported Files API](https://docs.socket.dev/reference/getsupportedfiles) | #### Branch and Scan Configuration | Parameter | Required | Default | Description | diff --git a/pyproject.toml b/pyproject.toml index 1808d35..6e5a25d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.55" +version = "2.0.56" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 3791e05..0dadd91 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.55' +__version__ = '2.0.56' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index 5542402..19223d7 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -1,4 +1,5 @@ import argparse +import logging import os from dataclasses import asdict, dataclass, field from typing import List, Optional @@ -51,6 +52,7 @@ class CliConfig: exclude_license_details: bool = False include_module_folders: bool = False repo_is_public: bool = False + excluded_ecosystems: list[str] = field(default_factory=lambda: []) version: str = __version__ jira_plugin: PluginConfig = field(default_factory=PluginConfig) slack_plugin: PluginConfig = field(default_factory=PluginConfig) @@ -96,8 +98,14 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'exclude_license_details': args.exclude_license_details, 'include_module_folders': args.include_module_folders, 'repo_is_public': args.repo_is_public, + "excluded_ecosystems": args.excluded_ecosystems, 'version': __version__ } + try: + config_args["excluded_ecosystems"] = json.loads(config_args["excluded_ecosystems"].replace("'", '"')) + except json.JSONDecodeError: + logging.error(f"Unable to parse excluded_ecosystems: {config_args['excluded_ecosystems']}") + exit(1) config_args.update({ "jira_plugin": PluginConfig( enabled=os.getenv("SOCKET_JIRA_ENABLED", "false").lower() == "true", @@ -252,6 +260,13 @@ def create_argument_parser() -> argparse.ArgumentParser: help="Files to analyze (JSON array string)" ) + path_group.add_argument( + "--excluded-ecosystems", + default="[]", + dest="excluded_ecosystems", + help="List of ecosystems to exclude from analysis (JSON array string)" + ) + # Branch and Scan Configuration config_group = parser.add_argument_group('Branch and Scan Configuration') config_group.add_argument( diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 7329ea7..178650e 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -184,6 +184,8 @@ def find_files(self, path: str) -> List[str]: patterns = fallback_patterns for ecosystem in patterns: + if ecosystem in self.config.excluded_ecosystems: + continue ecosystem_patterns = patterns[ecosystem] for file_name in ecosystem_patterns: original_pattern = ecosystem_patterns[file_name]["pattern"] diff --git a/socketsecurity/core/socket_config.py b/socketsecurity/core/socket_config.py index 1b5676c..b343848 100644 --- a/socketsecurity/core/socket_config.py +++ b/socketsecurity/core/socket_config.py @@ -1,7 +1,7 @@ from dataclasses import dataclass, field from typing import Dict, Optional from urllib.parse import urlparse -from typing import Set +from typing import Set, List import os from socketsecurity.core.issues import AllIssues @@ -29,6 +29,7 @@ class SocketConfig: repo_visibility: Optional[str] = 'private' all_issues: Optional['AllIssues'] = None excluded_dirs: Set[str] = field(default_factory=lambda: default_exclude_dirs) + excluded_ecosystems: List[str] = field(default_factory=lambda: []) version: str = __version__ def __post_init__(self): diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index fdb038e..e6594ad 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -150,6 +150,8 @@ def main_code(): org_slug = core.config.org_slug if config.repo_is_public: core.config.repo_visibility = "public" + if config.excluded_ecosystems and len(config.excluded_ecosystems) > 0: + core.config.excluded_ecosystems = config.excluded_ecosystems integration_type = config.integration_type integration_org_slug = config.integration_org_slug or org_slug try: