From a892b1bdf5f48436dd8a98a2a025721ab995e6b1 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 12:32:57 +0300 Subject: [PATCH 01/14] added disable restore flag to cli --- cycode/cli/code_scanner.py | 2 ++ cycode/cli/consts.py | 2 ++ cycode/cli/helpers/sca_code_scanner.py | 4 ++++ cycode/cli/main.py | 18 +++++++++++++++++- 4 files changed, 25 insertions(+), 1 deletion(-) diff --git a/cycode/cli/code_scanner.py b/cycode/cli/code_scanner.py index 978b4240..7337cb45 100644 --- a/cycode/cli/code_scanner.py +++ b/cycode/cli/code_scanner.py @@ -15,6 +15,7 @@ from cycode.cli import consts from cycode.cli.ci_integrations import get_commit_range from cycode.cli.config import configuration_manager +from cycode.cli.consts import SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG from cycode.cli.exceptions import custom_exceptions from cycode.cli.helpers import sca_code_scanner, tf_content_generator from cycode.cli.models import CliError, CliErrors, Document, DocumentDetections, LocalScanResult, Severity @@ -810,6 +811,7 @@ def get_git_repository_tree_file_entries( def get_default_scan_parameters(context: click.Context) -> dict: return { + SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG: context.obj.get(SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG), 'monitor': context.obj.get('monitor'), 'report': context.obj.get('report'), 'package_vulnerabilities': context.obj.get('package-vulnerabilities'), diff --git a/cycode/cli/consts.py b/cycode/cli/consts.py index 76570fde..633a6658 100644 --- a/cycode/cli/consts.py +++ b/cycode/cli/consts.py @@ -189,3 +189,5 @@ # Example: A -> B -> C # Result: A -> ... -> C SCA_SHORTCUT_DEPENDENCY_PATHS = 2 + +SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG = 'disable-restore-dependencies' diff --git a/cycode/cli/helpers/sca_code_scanner.py b/cycode/cli/helpers/sca_code_scanner.py index 227b553e..232e8d86 100644 --- a/cycode/cli/helpers/sca_code_scanner.py +++ b/cycode/cli/helpers/sca_code_scanner.py @@ -5,6 +5,7 @@ from git import GitCommandError, Repo from cycode.cli import consts +from cycode.cli.consts import SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG from cycode.cli.helpers.maven.restore_gradle_dependencies import RestoreGradleDependencies from cycode.cli.helpers.maven.restore_maven_dependencies import RestoreMavenDependencies from cycode.cli.models import Document @@ -118,6 +119,9 @@ def add_dependencies_tree_document( documents_to_add: Dict[str, Document] = {} restore_dependencies_list = restore_handlers(context, is_git_diff) + if context.obj.get(SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG): + return + for restore_dependencies in restore_dependencies_list: for document in documents_to_scan: try_restore_dependencies(context, documents_to_add, restore_dependencies, document) diff --git a/cycode/cli/main.py b/cycode/cli/main.py index 821251ad..358f9c62 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -9,7 +9,13 @@ from cycode.cli import code_scanner from cycode.cli.auth.auth_command import authenticate from cycode.cli.config import config -from cycode.cli.consts import CLI_CONTEXT_SETTINGS, ISSUE_DETECTED_STATUS_CODE, NO_ISSUES_STATUS_CODE, PROGRAM_NAME +from cycode.cli.consts import ( + CLI_CONTEXT_SETTINGS, + ISSUE_DETECTED_STATUS_CODE, + NO_ISSUES_STATUS_CODE, + PROGRAM_NAME, + SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG, +) from cycode.cli.models import Severity from cycode.cli.user_settings.configuration_manager import ConfigurationManager from cycode.cli.user_settings.credentials_manager import CredentialsManager @@ -99,6 +105,14 @@ type=bool, required=False, ) +@click.option( + '--' + SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG, + is_flag=True, + default=False, + help='When declared, cycode will not run restore command. Will scan direct dependencies ONLY!', + type=bool, + required=False, +) @click.pass_context def code_scan( context: click.Context, @@ -111,6 +125,7 @@ def code_scan( sca_scan: List[str], monitor: bool, report: bool, + disable_restore_dependencies: bool, ) -> int: """Scans for Secrets, IaC, SCA or SAST violations.""" if show_secret: @@ -128,6 +143,7 @@ def code_scan( context.obj['severity_threshold'] = severity_threshold context.obj['monitor'] = monitor context.obj['report'] = report + context.obj[SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG] = disable_restore_dependencies _sca_scan_to_context(context, sca_scan) From 09aa3458c49df797d5062223fd63d88913efbd22 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 13:22:41 +0300 Subject: [PATCH 02/14] added shortcut for flag --- cycode/cli/main.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cycode/cli/main.py b/cycode/cli/main.py index 358f9c62..14f7c008 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -107,6 +107,7 @@ ) @click.option( '--' + SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG, + '-r', is_flag=True, default=False, help='When declared, cycode will not run restore command. Will scan direct dependencies ONLY!', From e0a70212e8cdb96c459bad0eae63236ea62d0c63 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 15:33:11 +0300 Subject: [PATCH 03/14] changed flag name --- cycode/cli/consts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cycode/cli/consts.py b/cycode/cli/consts.py index 633a6658..211c2419 100644 --- a/cycode/cli/consts.py +++ b/cycode/cli/consts.py @@ -190,4 +190,4 @@ # Result: A -> ... -> C SCA_SHORTCUT_DEPENDENCY_PATHS = 2 -SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG = 'disable-restore-dependencies' +SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG = 'disable-restore' From e79641eb65c4fd86ff882601bc17344021409913 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 15:34:08 +0300 Subject: [PATCH 04/14] removed cli flag shortcut --- cycode/cli/main.py | 1 - 1 file changed, 1 deletion(-) diff --git a/cycode/cli/main.py b/cycode/cli/main.py index 14f7c008..358f9c62 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -107,7 +107,6 @@ ) @click.option( '--' + SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG, - '-r', is_flag=True, default=False, help='When declared, cycode will not run restore command. Will scan direct dependencies ONLY!', From 1755f25c7a6602d4e874755c4d2b1c9107e681ef Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 15:35:13 +0300 Subject: [PATCH 05/14] minor fix --- cycode/cli/main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cycode/cli/main.py b/cycode/cli/main.py index 358f9c62..ef49eec5 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -125,7 +125,7 @@ def code_scan( sca_scan: List[str], monitor: bool, report: bool, - disable_restore_dependencies: bool, + disable_restore: bool, ) -> int: """Scans for Secrets, IaC, SCA or SAST violations.""" if show_secret: @@ -143,7 +143,7 @@ def code_scan( context.obj['severity_threshold'] = severity_threshold context.obj['monitor'] = monitor context.obj['report'] = report - context.obj[SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG] = disable_restore_dependencies + context.obj[SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG] = disable_restore _sca_scan_to_context(context, sca_scan) From 32c739284c9526f84650275b6ae9ea202aae2e30 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 15:38:34 +0300 Subject: [PATCH 06/14] change flag to no-restore --- cycode/cli/consts.py | 2 +- cycode/cli/main.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cycode/cli/consts.py b/cycode/cli/consts.py index 211c2419..6734f949 100644 --- a/cycode/cli/consts.py +++ b/cycode/cli/consts.py @@ -190,4 +190,4 @@ # Result: A -> ... -> C SCA_SHORTCUT_DEPENDENCY_PATHS = 2 -SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG = 'disable-restore' +SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG = 'no-restore' diff --git a/cycode/cli/main.py b/cycode/cli/main.py index ef49eec5..3529628b 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -125,7 +125,7 @@ def code_scan( sca_scan: List[str], monitor: bool, report: bool, - disable_restore: bool, + no_restore: bool, ) -> int: """Scans for Secrets, IaC, SCA or SAST violations.""" if show_secret: @@ -143,7 +143,7 @@ def code_scan( context.obj['severity_threshold'] = severity_threshold context.obj['monitor'] = monitor context.obj['report'] = report - context.obj[SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG] = disable_restore + context.obj[SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG] = no_restore _sca_scan_to_context(context, sca_scan) From fd91712f8fc4e511e076c7f30f5e5ab8fa0fc8c5 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 15:54:33 +0300 Subject: [PATCH 07/14] moved flag reading place --- cycode/cli/code_scanner.py | 2 +- cycode/cli/helpers/sca_code_scanner.py | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/cycode/cli/code_scanner.py b/cycode/cli/code_scanner.py index 7337cb45..7df8d075 100644 --- a/cycode/cli/code_scanner.py +++ b/cycode/cli/code_scanner.py @@ -580,7 +580,7 @@ def create_local_scan_result( def perform_pre_scan_documents_actions( context: click.Context, scan_type: str, documents_to_scan: List[Document], is_git_diff: bool = False ) -> None: - if scan_type == consts.SCA_SCAN_TYPE: + if scan_type == consts.SCA_SCAN_TYPE and not context.obj.get(SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG): logger.debug('Perform pre scan document add_dependencies_tree_document action') sca_code_scanner.add_dependencies_tree_document(context, documents_to_scan, is_git_diff) diff --git a/cycode/cli/helpers/sca_code_scanner.py b/cycode/cli/helpers/sca_code_scanner.py index 232e8d86..2faa1e84 100644 --- a/cycode/cli/helpers/sca_code_scanner.py +++ b/cycode/cli/helpers/sca_code_scanner.py @@ -119,9 +119,6 @@ def add_dependencies_tree_document( documents_to_add: Dict[str, Document] = {} restore_dependencies_list = restore_handlers(context, is_git_diff) - if context.obj.get(SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG): - return - for restore_dependencies in restore_dependencies_list: for document in documents_to_scan: try_restore_dependencies(context, documents_to_add, restore_dependencies, document) From be095cf3fd2c5205c6c33180fc876b258391e177 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 15:55:45 +0300 Subject: [PATCH 08/14] fixed help description --- cycode/cli/main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cycode/cli/main.py b/cycode/cli/main.py index 3529628b..c5c59031 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -109,7 +109,7 @@ '--' + SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG, is_flag=True, default=False, - help='When declared, cycode will not run restore command. Will scan direct dependencies ONLY!', + help='When declared, Cycode will not run restore command. Will scan direct dependencies ONLY!', type=bool, required=False, ) From 097a1e0732c4b2936baac3d5f397def27c527712 Mon Sep 17 00:00:00 2001 From: Peleg Admi <129038284+PelegCycode@users.noreply.github.com> Date: Wed, 9 Aug 2023 15:56:20 +0300 Subject: [PATCH 09/14] Update cycode/cli/main.py Co-authored-by: Ilya Siamionau --- cycode/cli/main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cycode/cli/main.py b/cycode/cli/main.py index c5c59031..82dc18cd 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -106,7 +106,7 @@ required=False, ) @click.option( - '--' + SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG, + f'--{SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG}', is_flag=True, default=False, help='When declared, Cycode will not run restore command. Will scan direct dependencies ONLY!', From b01f6f6d1f44053adda6ab70f354b6a747c238f9 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 15:58:22 +0300 Subject: [PATCH 10/14] removed unused import --- cycode/cli/helpers/sca_code_scanner.py | 1 - 1 file changed, 1 deletion(-) diff --git a/cycode/cli/helpers/sca_code_scanner.py b/cycode/cli/helpers/sca_code_scanner.py index 2faa1e84..227b553e 100644 --- a/cycode/cli/helpers/sca_code_scanner.py +++ b/cycode/cli/helpers/sca_code_scanner.py @@ -5,7 +5,6 @@ from git import GitCommandError, Repo from cycode.cli import consts -from cycode.cli.consts import SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG from cycode.cli.helpers.maven.restore_gradle_dependencies import RestoreGradleDependencies from cycode.cli.helpers.maven.restore_maven_dependencies import RestoreMavenDependencies from cycode.cli.models import Document From 3a83506b3b22908504edd4733d343fe4e092e36c Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 16:01:37 +0300 Subject: [PATCH 11/14] updated readme --- README.md | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 4e3da50a..edf23446 100644 --- a/README.md +++ b/README.md @@ -232,18 +232,19 @@ The following are the options and commands available with the Cycode CLI applica The Cycode CLI application offers several types of scans so that you can choose the option that best fits your case. The following are the current options and commands available: -| Option | Description | -|--------------------------------------|----------------------------------------------------------------------------| -| `-t, --scan-type [secret\|iac\|sca\|sast]` | Specify the scan you wish to execute (`secret`/`iac`/`sca`/`sast`), the default is `secret` | -| `--secret TEXT` | Specify a Cycode client secret for this specific scan execution | -| `--client-id TEXT` | Specify a Cycode client ID for this specific scan execution | -| `--show-secret BOOLEAN` | Show secrets in plain text. See [Show/Hide Secrets](#showhide-secrets) section for more details. | -| `--soft-fail BOOLEAN` | Run scan without failing, always return a non-error status code. See [Soft Fail](#soft-fail) section for more details. | -| `--severity-threshold [INFO\|LOW\|MEDIUM\|HIGH\|CRITICAL]` | Show only violations at the specified level or higher (supported for the SCA scan type only). | -| `--sca-scan` | Specify the SCA scan you wish to execute (`package-vulnerabilities`/`license-compliance`). The default is both | -| `--monitor` | When specified, the scan results will be recorded in the knowledge graph. Please note that when working in `monitor` mode, the knowledge graph will not be updated as a result of SCM events (Push, Repo creation). (Supported for SCA scan type only). | -| `--report` | When specified, a violations report will be generated. A URL link to the report will be printed as an output to the command execution | -| `--help` | Show options for given command. | +| Option | Description | +|------------------------------------------------------------|----------------------------------------------------------------------------| +| `-t, --scan-type [secret\|iac\|sca\|sast]` | Specify the scan you wish to execute (`secret`/`iac`/`sca`/`sast`), the default is `secret` | +| `--secret TEXT` | Specify a Cycode client secret for this specific scan execution | +| `--client-id TEXT` | Specify a Cycode client ID for this specific scan execution | +| `--show-secret BOOLEAN` | Show secrets in plain text. See [Show/Hide Secrets](#showhide-secrets) section for more details. | +| `--soft-fail BOOLEAN` | Run scan without failing, always return a non-error status code. See [Soft Fail](#soft-fail) section for more details. | +| `--severity-threshold [INFO\|LOW\|MEDIUM\|HIGH\|CRITICAL]` | Show only violations at the specified level or higher (supported for the SCA scan type only). | +| `--sca-scan` | Specify the SCA scan you wish to execute (`package-vulnerabilities`/`license-compliance`). The default is both | +| `--monitor` | When specified, the scan results will be recorded in the knowledge graph. Please note that when working in `monitor` mode, the knowledge graph will not be updated as a result of SCM events (Push, Repo creation). (Supported for SCA scan type only). | +| `--report` | When specified, a violations report will be generated. A URL link to the report will be printed as an output to the command execution | +| `--no-restore` | When declared, Cycode will not run restore command. Will scan direct dependencies ONLY! | +| `--help` | Show options for given command. | | Command | Description | |----------------------------------------|-----------------------------------------------------------------| From 48a435cea0ea12800c458a26da8651adbe3968ef Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 16:12:47 +0300 Subject: [PATCH 12/14] remove no restore from scan params --- cycode/cli/code_scanner.py | 1 - 1 file changed, 1 deletion(-) diff --git a/cycode/cli/code_scanner.py b/cycode/cli/code_scanner.py index 7df8d075..5ed606f0 100644 --- a/cycode/cli/code_scanner.py +++ b/cycode/cli/code_scanner.py @@ -811,7 +811,6 @@ def get_git_repository_tree_file_entries( def get_default_scan_parameters(context: click.Context) -> dict: return { - SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG: context.obj.get(SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG), 'monitor': context.obj.get('monitor'), 'report': context.obj.get('report'), 'package_vulnerabilities': context.obj.get('package-vulnerabilities'), From ee0eecf5aa1e4cddf46c950a72e02a8710d662d4 Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 16:48:29 +0300 Subject: [PATCH 13/14] changed declared to specified --- README.md | 24 ++++++++++++------------ cycode/cli/main.py | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index edf23446..7cdc5338 100644 --- a/README.md +++ b/README.md @@ -232,19 +232,19 @@ The following are the options and commands available with the Cycode CLI applica The Cycode CLI application offers several types of scans so that you can choose the option that best fits your case. The following are the current options and commands available: -| Option | Description | -|------------------------------------------------------------|----------------------------------------------------------------------------| -| `-t, --scan-type [secret\|iac\|sca\|sast]` | Specify the scan you wish to execute (`secret`/`iac`/`sca`/`sast`), the default is `secret` | -| `--secret TEXT` | Specify a Cycode client secret for this specific scan execution | -| `--client-id TEXT` | Specify a Cycode client ID for this specific scan execution | -| `--show-secret BOOLEAN` | Show secrets in plain text. See [Show/Hide Secrets](#showhide-secrets) section for more details. | -| `--soft-fail BOOLEAN` | Run scan without failing, always return a non-error status code. See [Soft Fail](#soft-fail) section for more details. | -| `--severity-threshold [INFO\|LOW\|MEDIUM\|HIGH\|CRITICAL]` | Show only violations at the specified level or higher (supported for the SCA scan type only). | -| `--sca-scan` | Specify the SCA scan you wish to execute (`package-vulnerabilities`/`license-compliance`). The default is both | +| Option | Description | +|------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `-t, --scan-type [secret\|iac\|sca\|sast]` | Specify the scan you wish to execute (`secret`/`iac`/`sca`/`sast`), the default is `secret` | +| `--secret TEXT` | Specify a Cycode client secret for this specific scan execution | +| `--client-id TEXT` | Specify a Cycode client ID for this specific scan execution | +| `--show-secret BOOLEAN` | Show secrets in plain text. See [Show/Hide Secrets](#showhide-secrets) section for more details. | +| `--soft-fail BOOLEAN` | Run scan without failing, always return a non-error status code. See [Soft Fail](#soft-fail) section for more details. | +| `--severity-threshold [INFO\|LOW\|MEDIUM\|HIGH\|CRITICAL]` | Show only violations at the specified level or higher (supported for the SCA scan type only). | +| `--sca-scan` | Specify the SCA scan you wish to execute (`package-vulnerabilities`/`license-compliance`). The default is both | | `--monitor` | When specified, the scan results will be recorded in the knowledge graph. Please note that when working in `monitor` mode, the knowledge graph will not be updated as a result of SCM events (Push, Repo creation). (Supported for SCA scan type only). | -| `--report` | When specified, a violations report will be generated. A URL link to the report will be printed as an output to the command execution | -| `--no-restore` | When declared, Cycode will not run restore command. Will scan direct dependencies ONLY! | -| `--help` | Show options for given command. | +| `--report` | When specified, a violations report will be generated. A URL link to the report will be printed as an output to the command execution | +| `--no-restore` | When specified, Cycode will not run restore command. Will scan direct dependencies ONLY! | +| `--help` | Show options for given command. | | Command | Description | |----------------------------------------|-----------------------------------------------------------------| diff --git a/cycode/cli/main.py b/cycode/cli/main.py index 82dc18cd..d4a03f2f 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -109,7 +109,7 @@ f'--{SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG}', is_flag=True, default=False, - help='When declared, Cycode will not run restore command. Will scan direct dependencies ONLY!', + help='When specified, Cycode will not run restore command. Will scan direct dependencies ONLY!', type=bool, required=False, ) From 663790cd95ccc0e1c3ebfed2b1fd69d57740b76b Mon Sep 17 00:00:00 2001 From: "peleg.admi" Date: Wed, 9 Aug 2023 16:49:11 +0300 Subject: [PATCH 14/14] renamed flag constant --- cycode/cli/code_scanner.py | 4 ++-- cycode/cli/consts.py | 2 +- cycode/cli/main.py | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cycode/cli/code_scanner.py b/cycode/cli/code_scanner.py index 5ed606f0..f63ebf08 100644 --- a/cycode/cli/code_scanner.py +++ b/cycode/cli/code_scanner.py @@ -15,7 +15,7 @@ from cycode.cli import consts from cycode.cli.ci_integrations import get_commit_range from cycode.cli.config import configuration_manager -from cycode.cli.consts import SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG +from cycode.cli.consts import SCA_SKIP_RESTORE_DEPENDENCIES_FLAG from cycode.cli.exceptions import custom_exceptions from cycode.cli.helpers import sca_code_scanner, tf_content_generator from cycode.cli.models import CliError, CliErrors, Document, DocumentDetections, LocalScanResult, Severity @@ -580,7 +580,7 @@ def create_local_scan_result( def perform_pre_scan_documents_actions( context: click.Context, scan_type: str, documents_to_scan: List[Document], is_git_diff: bool = False ) -> None: - if scan_type == consts.SCA_SCAN_TYPE and not context.obj.get(SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG): + if scan_type == consts.SCA_SCAN_TYPE and not context.obj.get(SCA_SKIP_RESTORE_DEPENDENCIES_FLAG): logger.debug('Perform pre scan document add_dependencies_tree_document action') sca_code_scanner.add_dependencies_tree_document(context, documents_to_scan, is_git_diff) diff --git a/cycode/cli/consts.py b/cycode/cli/consts.py index 6734f949..43046f7f 100644 --- a/cycode/cli/consts.py +++ b/cycode/cli/consts.py @@ -190,4 +190,4 @@ # Result: A -> ... -> C SCA_SHORTCUT_DEPENDENCY_PATHS = 2 -SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG = 'no-restore' +SCA_SKIP_RESTORE_DEPENDENCIES_FLAG = 'no-restore' diff --git a/cycode/cli/main.py b/cycode/cli/main.py index d4a03f2f..23c211c3 100644 --- a/cycode/cli/main.py +++ b/cycode/cli/main.py @@ -14,7 +14,7 @@ ISSUE_DETECTED_STATUS_CODE, NO_ISSUES_STATUS_CODE, PROGRAM_NAME, - SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG, + SCA_SKIP_RESTORE_DEPENDENCIES_FLAG, ) from cycode.cli.models import Severity from cycode.cli.user_settings.configuration_manager import ConfigurationManager @@ -106,7 +106,7 @@ required=False, ) @click.option( - f'--{SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG}', + f'--{SCA_SKIP_RESTORE_DEPENDENCIES_FLAG}', is_flag=True, default=False, help='When specified, Cycode will not run restore command. Will scan direct dependencies ONLY!', @@ -143,7 +143,7 @@ def code_scan( context.obj['severity_threshold'] = severity_threshold context.obj['monitor'] = monitor context.obj['report'] = report - context.obj[SCA_DISABLE_RESTORE_DEPENDENCIES_FLAG] = no_restore + context.obj[SCA_SKIP_RESTORE_DEPENDENCIES_FLAG] = no_restore _sca_scan_to_context(context, sca_scan)