Merge pull request #20 from ajinabraham/1.5.1

v1.5.1 changes

.github/workflows/python_test.yml

@@ -16,7 +16,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest]
-        python-version: [3.6, 3.7, 3.8, 3.9]
+        python-version: [3.7, 3.8, 3.9, '3.10']
 
     steps:
     - uses: actions/checkout@v2

README.md

@@ -7,7 +7,7 @@ Made with ![Love](https://cloud.githubusercontent.com/assets/4301109/16754758/82
 [![PyPI version](https://badge.fury.io/py/libsast.svg)](https://badge.fury.io/py/libsast)
 [![platform](https://img.shields.io/badge/platform-windows%2Fosx%2Flinux-green.svg)](https://github.com/ajinabraham/libsast)
 [![License](https://img.shields.io/:license-lgpl3+-blue.svg)](https://www.gnu.org/licenses/lgpl-3.0.en.html)
-[![python](https://img.shields.io/badge/python-3.6-blue.svg)](https://www.python.org/downloads/)
+[![python](https://img.shields.io/badge/python-3.7-blue.svg)](https://www.python.org/downloads/)
 
 [![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/ajinabraham/libsast.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/ajinabraham/libsast/context:python)
 [![Requirements Status](https://requires.io/github/ajinabraham/libsast/requirements.svg?branch=master)](https://requires.io/github/ajinabraham/libsast/requirements/?branch=master)

libsast/__init__.py

@@ -8,7 +8,7 @@
 __title__ = 'libsast'
 __authors__ = 'Ajin Abraham'
 __copyright__ = 'Copyright 2020 Ajin Abraham, OpenSecurity'
-__version__ = '1.5.0'
+__version__ = '1.5.1'
 __version_info__ = tuple(int(i) for i in __version__.split('.'))
 __all__ = [
     'Scanner',

libsast/core_sgrep/helpers.py

@@ -1,6 +1,7 @@
 # -*- coding: utf_8 -*-
 """Semantic Grep Helpers."""
 import json
+import logging
 import platform
 import multiprocessing
 
@@ -9,37 +10,43 @@ def invoke_semgrep(paths, scan_rules, **kwargs):
     """Call Semgrep."""
     if platform.system() == 'Windows':
         return None
-    from semgrep import semgrep_main, util
+    from semgrep import semgrep_main
+    from semgrep.state import get_state
     from semgrep.constants import OutputFormat
     from semgrep.output import OutputHandler, OutputSettings
     try:
         cpu_count = multiprocessing.cpu_count()
     except NotImplementedError:
         cpu_count = 1  # CPU count is not implemented on Windows
     # Semgrep output formatting
-    util.set_flags(
+    state = get_state()
+    state.terminal.configure(
         verbose=False,
         debug=False,
         quiet=True,
-        force_color=False)
+        force_color=False,
+    )
+    logging.getLogger('semgrep').propagate = False
     output_settings = OutputSettings(
         output_format=OutputFormat.JSON,
         output_destination=None,
+        output_per_finding_max_lines_limit=None,
+        output_per_line_max_chars_limit=None,
         error_on_findings=False,
         verbose_errors=False,
         strict=False,
         timeout_threshold=3,
-        json_stats=False,
-        output_per_finding_max_lines_limit=None,
     )
     output_handler = OutputHandler(output_settings)
     (
         filtered_matches_by_rule,
-        _all_targets,
-        _filtered_rules,
-        _profiler,
-        _profiling_data,
-        _shown_severities,
+        _,
+        _,
+        _,
+        _,
+        _,
+        _,
+        _,
     ) = semgrep_main.main(
         output_handler=output_handler,
         target=[pt.as_posix() for pt in paths],

libsast/scanner.py

@@ -83,7 +83,8 @@ def get_scan_files(self, paths):
 
     def validate_file(self, path):
         """Check if we should scan the file."""
-        ignore_paths = any(pp in path.as_posix() for pp in self.ignore_paths)
+        ignore_paths = any(
+            Path(pp).as_posix() in path.as_posix() for pp in self.ignore_paths)
         ignore_files = path.name in self.ignore_filenames
         ignore_exts = path.suffix.lower() in self.ignore_extensions
         if (ignore_paths or ignore_files or ignore_exts):

setup.py

@@ -6,9 +6,9 @@
 
 def get_requires():
     requires = [
-        'requests>=2.22.0',
-        'pyyaml>=5.3',
-        'semgrep==0.80.0;platform_system!="Windows"',
+        'requests>=2.27.1',
+        'pyyaml>=6.0',
+        'semgrep==0.104.0;platform_system!="Windows"',
     ]
     return requires
 
@@ -38,7 +38,7 @@ def get_version(rel_path):
         'Intended Audience :: Developers',
         ('License :: OSI Approved :: '
          'GNU Lesser General Public License v3 or later (LGPLv3+)'),
-        'Programming Language :: Python :: 3.6',
+        'Programming Language :: Python :: 3.7',
     ],
     packages=find_packages(include=[
         'libsast', 'libsast.*',