Skip to content

Commit

Permalink
Fix incorrect ecosystem being used for elixir (#10037)
Browse files Browse the repository at this point in the history 
In #10022, Elixir incorrectly
used `Mix` as the ecosystem instead of `Hex`. Mix is an Elixir build
tool, where Hex is the ecosystem.
  • Loading branch information
@jarrydlee
jarrydlee committed Apr 2, 2024
1 parent 2b20c3f commit 8bbbdfe
Show file tree
Hide file tree
Showing 5 changed files with 39 additions and 38 deletions.
1 change: 1 addition & 0 deletions changelog.d/sc-elixir.fixed
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fixed incorrect ecosystem being used for Elixir. Hex should be used instead of Mix.
4 changes: 2 additions & 2 deletions cli/src/semdep/parsers/mix.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
from semgrep.semgrep_interfaces.semgrep_output_v1 import DependencyParserError
from semgrep.semgrep_interfaces.semgrep_output_v1 import Ecosystem
from semgrep.semgrep_interfaces.semgrep_output_v1 import FoundDependency
from semgrep.semgrep_interfaces.semgrep_output_v1 import Mix
from semgrep.semgrep_interfaces.semgrep_output_v1 import Hex
from semgrep.semgrep_interfaces.semgrep_output_v1 import MixLock
from semgrep.semgrep_interfaces.semgrep_output_v1 import ScaParserName

Expand Down Expand Up @@ -194,7 +194,7 @@ def _build_found_dependencies(
FoundDependency(
package=package,
version=version,
ecosystem=Ecosystem(Mix()),
ecosystem=Ecosystem(Hex()),
allowed_hashes={},
transitivity=transitivity(direct_deps, [package]),
line_number=line_number,
Expand Down
2 changes: 1 addition & 1 deletion cli/src/semgrep/semgrep_interfaces
Submodule semgrep_interfaces updated from 4255cb to 0eff68
6 changes: 3 additions & 3 deletions cli/src/semgrep/target_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,8 @@
from semgrep.semgrep_interfaces.semgrep_output_v1 import Ecosystem
from semgrep.semgrep_interfaces.semgrep_output_v1 import Gem
from semgrep.semgrep_interfaces.semgrep_output_v1 import Gomod
from semgrep.semgrep_interfaces.semgrep_output_v1 import Hex
from semgrep.semgrep_interfaces.semgrep_output_v1 import Maven
from semgrep.semgrep_interfaces.semgrep_output_v1 import Mix
from semgrep.semgrep_interfaces.semgrep_output_v1 import Npm
from semgrep.semgrep_interfaces.semgrep_output_v1 import Pypi
from semgrep.semgrep_interfaces.semgrep_output_v1 import Composer
Expand Down Expand Up @@ -98,7 +98,7 @@
Ecosystem(Nuget()): ["packages.lock.json"],
Ecosystem(Pub()): ["pubspec.lock"],
Ecosystem(SwiftPM()): ["Package.resolved"],
Ecosystem(Mix()): ["mix.lock"],
Ecosystem(Hex()): ["mix.lock"],
}


Expand Down Expand Up @@ -837,7 +837,7 @@ def get_all_lockfiles(self) -> Dict[Ecosystem, FrozenSet[Path]]:
Ecosystem(Nuget()),
Ecosystem(Pub()),
Ecosystem(SwiftPM()),
Ecosystem(Mix()),
Ecosystem(Hex()),
}

return {
Expand Down
64 changes: 32 additions & 32 deletions cli/tests/default/e2e-pro/parsers/test_mix.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
from semgrep.semgrep_interfaces.semgrep_output_v1 import Direct
from semgrep.semgrep_interfaces.semgrep_output_v1 import Ecosystem
from semgrep.semgrep_interfaces.semgrep_output_v1 import FoundDependency
from semgrep.semgrep_interfaces.semgrep_output_v1 import Mix
from semgrep.semgrep_interfaces.semgrep_output_v1 import Hex
from semgrep.semgrep_interfaces.semgrep_output_v1 import Transitive
from semgrep.semgrep_interfaces.semgrep_output_v1 import Transitivity

Expand Down Expand Up @@ -318,7 +318,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="certifi",
version="2.12.0",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -329,7 +329,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="cowboy",
version="2.9.0",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -340,7 +340,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="cowlib",
version="2.8.0",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -351,7 +351,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="ecpool",
version="0.5.7",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -362,7 +362,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="ehttpc",
version="0.4.13",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -373,7 +373,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="ex_aws",
version="2.5.3",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -384,7 +384,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="ex_aws_lambda",
version="2.1.0",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Direct()),
resolved_url=None,
Expand All @@ -395,7 +395,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="ex_aws_s3",
version="2.5.3",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Direct()),
resolved_url=None,
Expand All @@ -406,7 +406,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="ex_aws_ses",
version="2.4.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Direct()),
resolved_url=None,
Expand All @@ -417,7 +417,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="gproc",
version="0.9.0.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -428,7 +428,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="grpc",
version="0.6.12",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -439,7 +439,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="gun",
version="1.3.7",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -450,7 +450,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="hackney",
version="1.20.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Direct()),
resolved_url=None,
Expand All @@ -461,7 +461,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="idna",
version="6.1.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -472,7 +472,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="jason",
version="1.4.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Direct()),
resolved_url=None,
Expand All @@ -483,7 +483,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="joken",
version="2.6.0",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Direct()),
resolved_url=None,
Expand All @@ -494,7 +494,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="jose",
version="1.11.6",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -505,7 +505,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="metrics",
version="1.0.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -516,7 +516,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="mime",
version="2.0.5",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -527,7 +527,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="mimerl",
version="1.2.0",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -538,7 +538,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="parse_trans",
version="3.4.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -549,7 +549,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="pbkdf2",
version="2.0.4",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -560,7 +560,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="ranch",
version="1.8.0",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -571,7 +571,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="rocksdb",
version="1.8.0-emqx-2",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -582,7 +582,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="snabbkaffe",
version="1.0.7",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -593,7 +593,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="ssl_verify_fun",
version="1.1.7",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -604,7 +604,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="sweet_xml",
version="0.7.4",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Direct()),
resolved_url=None,
Expand All @@ -615,7 +615,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="telemetry",
version="1.2.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -626,7 +626,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="typerefl",
version="0.9.1",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -637,7 +637,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="unicode_util_compat",
version="0.7.0",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Transitive()),
resolved_url=None,
Expand All @@ -648,7 +648,7 @@ def test_full_mix_parsing(run_semgrep_on_copied_files: RunSemgrep):
FoundDependency(
package="uuid",
version="1.1.8",
ecosystem=Ecosystem(value=Mix()),
ecosystem=Ecosystem(value=Hex()),
allowed_hashes={},
transitivity=Transitivity(value=Direct()),
resolved_url=None,
Expand Down

0 comments on commit 8bbbdfe

Please sign in to comment.