Added support for exlcuded ecosystems

README.md

@@ -23,13 +23,14 @@ If you don't want to provide the Socket API Token every time then you can use th
 | --api-token | False    |         | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) |
 
 #### Repository
-| Parameter     | Required | Default | Description                                                             |
-|:--------------|:---------|:--------|:------------------------------------------------------------------------|
-| --repo        | False    |         | Repository name in owner/repo format                                    |
-| --integration | False    | api     | Integration type (api, github, gitlab)                                  |
-| --owner       | False    |         | Name of the integration owner, defaults to the socket organization slug |
-| --branch      | False    | ""      | Branch name                                                             |
-| --committers  | False    |         | Committer(s) to filter by                                               |
+| Parameter        | Required | Default | Description                                                             |
+|:-----------------|:---------|:--------|:------------------------------------------------------------------------|
+| --repo           | False    |         | Repository name in owner/repo format                                    |
+| --integration    | False    | api     | Integration type (api, github, gitlab)                                  |
+| --owner          | False    |         | Name of the integration owner, defaults to the socket organization slug |
+| --branch         | False    | ""      | Branch name                                                             |
+| --committers     | False    |         | Committer(s) to filter by                                               |
+| --repo-is-public | False    | False   | If set, flags a new repository creation as public. Defaults to false.   |
 
 #### Pull Request and Commit
 | Parameter        | Required | Default | Description         |
@@ -39,11 +40,12 @@ If you don't want to provide the Socket API Token every time then you can use th
 | --commit-sha     | False    | ""      | Commit SHA          |
 
 #### Path and File
-| Parameter     | Required | Default | Description                          |
-|:--------------|:---------|:--------|:-------------------------------------|
-| --target-path | False    | ./      | Target path for analysis             |
-| --sbom-file   | False    |         | SBOM file path                       |
-| --files       | False    | []      | Files to analyze (JSON array string) |
+| Parameter          | Required | Default | Description                                                                                                                                                                    |
+|:-------------------|:---------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| --target-path      | False    | ./      | Target path for analysis                                                                                                                                                       |
+| --sbom-file        | False    |         | SBOM file path                                                                                                                                                                 |
+| --files            | False    | []      | Files to analyze (JSON array string)                                                                                                                                           |
+| --exclude-patterns | False    | []      | List of patterns to exclude from analysis (JSON array string). You can get supported files form the [Supported Files API](https://docs.socket.dev/reference/getsupportedfiles) |
 
 #### Branch and Scan Configuration
 | Parameter        | Required | Default | Description                                                 |

pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.0.55"
+version = "2.0.56"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [

socketsecurity/__init__.py

@@ -1,2 +1,2 @@
 __author__ = 'socket.dev'
-__version__ = '2.0.55'
+__version__ = '2.0.56'

socketsecurity/config.py

@@ -1,4 +1,5 @@
 import argparse
+import logging
 import os
 from dataclasses import asdict, dataclass, field
 from typing import List, Optional
@@ -51,6 +52,7 @@ class CliConfig:
     exclude_license_details: bool = False
     include_module_folders: bool = False
     repo_is_public: bool = False
+    excluded_ecosystems: list[str] = field(default_factory=lambda: [])
     version: str = __version__
     jira_plugin: PluginConfig = field(default_factory=PluginConfig)
     slack_plugin: PluginConfig = field(default_factory=PluginConfig)
@@ -96,8 +98,14 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig':
             'exclude_license_details': args.exclude_license_details,
             'include_module_folders': args.include_module_folders,
             'repo_is_public': args.repo_is_public,
+            "excluded_ecosystems": args.excluded_ecosystems,
             'version': __version__
         }
+        try:
+            config_args["excluded_ecosystems"] = json.loads(config_args["excluded_ecosystems"].replace("'", '"'))
+        except json.JSONDecodeError:
+            logging.error(f"Unable to parse excluded_ecosystems: {config_args['excluded_ecosystems']}")
+            exit(1)
         config_args.update({
             "jira_plugin": PluginConfig(
                 enabled=os.getenv("SOCKET_JIRA_ENABLED", "false").lower() == "true",
@@ -252,6 +260,13 @@ def create_argument_parser() -> argparse.ArgumentParser:
         help="Files to analyze (JSON array string)"
     )
 
+    path_group.add_argument(
+        "--excluded-ecosystems",
+        default="[]",
+        dest="excluded_ecosystems",
+        help="List of ecosystems to exclude from analysis (JSON array string)"
+    )
+
     # Branch and Scan Configuration
     config_group = parser.add_argument_group('Branch and Scan Configuration')
     config_group.add_argument(

socketsecurity/core/__init__.py

@@ -184,6 +184,8 @@ def find_files(self, path: str) -> List[str]:
             patterns = fallback_patterns
 
         for ecosystem in patterns:
+            if ecosystem in self.config.excluded_ecosystems:
+                continue
             ecosystem_patterns = patterns[ecosystem]
             for file_name in ecosystem_patterns:
                 original_pattern = ecosystem_patterns[file_name]["pattern"]

socketsecurity/core/socket_config.py

@@ -1,7 +1,7 @@
 from dataclasses import dataclass, field
 from typing import Dict, Optional
 from urllib.parse import urlparse
-from typing import Set
+from typing import Set, List
 import os
 
 from socketsecurity.core.issues import AllIssues
@@ -29,6 +29,7 @@ class SocketConfig:
     repo_visibility: Optional[str] = 'private'
     all_issues: Optional['AllIssues'] = None
     excluded_dirs: Set[str] = field(default_factory=lambda: default_exclude_dirs)
+    excluded_ecosystems: List[str] = field(default_factory=lambda: [])
     version: str = __version__
 
     def __post_init__(self):

socketsecurity/socketcli.py

@@ -150,6 +150,8 @@ def main_code():
     org_slug = core.config.org_slug
     if config.repo_is_public:
         core.config.repo_visibility = "public"
+    if config.excluded_ecosystems and len(config.excluded_ecosystems) > 0:
+        core.config.excluded_ecosystems = config.excluded_ecosystems
     integration_type = config.integration_type
     integration_org_slug = config.integration_org_slug or org_slug
     try: