feat: Added tool install verifier with cli calls#14
Merged
Conversation
Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications.
There was a problem hiding this comment.
Pull Request Overview
This pull request adds a new Tools command to the Syncable CLI for managing vulnerability scanning tools. It refines language detection by centralizing string-to-enum conversion, and it substantially improves the installation script with enhanced feedback and platform-specific instructions.
- Adds a new Tools branch in both the main application logic and CLI argument parsing.
- Makes the tool availability testing function public for reuse.
- Updates the installation script with colored output and detailed installation procedures for vulnerability scanning tools.
Reviewed Changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| src/main.rs | Added branch for Tools command handling in main application logic. |
| src/cli.rs | Introduced Tools subcommands for status, install, verify, and guide. |
| src/analyzer/tool_installer.rs | Made test_tool_availability public to support broader usage. |
| src/analyzer/security_analyzer.rs | Updated language conversion calls in security analysis loops. |
| src/analyzer/dependency_parser.rs | Added a public from_string method for language detection. |
| install.sh | Enhanced installation script with colorized output and detailed instructions. |
Alex793x
added a commit
that referenced
this pull request
Jun 6, 2025
* Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Alex793x
added a commit
that referenced
this pull request
Jun 6, 2025
Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications.
Merged
Alex793x
added a commit
that referenced
this pull request
Jun 6, 2025
* Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: release v0.1.5 * Develop (#15) * Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Develop (#15)" This reverts commit 8ac0cfe. * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. * chore: release v0.2.0 * feat: Implemented automatic update information --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Alex793x
added a commit
that referenced
this pull request
Jun 6, 2025
* Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: release v0.1.5 * Develop (#15) * Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Develop (#15)" This reverts commit 8ac0cfe. * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. * chore: release v0.2.0 * feat: Implemented automatic update information --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Merged
Alex793x
added a commit
that referenced
this pull request
Mar 28, 2026
Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications.
Alex793x
added a commit
that referenced
this pull request
Mar 28, 2026
* Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: release v0.1.5 * Develop (#15) * Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Develop (#15)" This reverts commit 8ac0cfe. * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. * chore: release v0.2.0 * feat: Implemented automatic update information --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Alex793x
added a commit
that referenced
this pull request
Mar 28, 2026
* Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Alex793x
added a commit
that referenced
this pull request
Mar 28, 2026
Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications.
Alex793x
added a commit
that referenced
this pull request
Mar 28, 2026
* Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: release v0.1.5 * Develop (#15) * Feature/update dependabot (#11) * chore: release v0.1.4 * Feature/dependabot (#3) * chore: release v0.1.4 * Create dependabot.yml * feat: depndabot branch strategy * chore(deps): bump dirs from 5.0.1 to 6.0.0 Bumps [dirs](https://github.com/soc/dirs-rs) from 5.0.1 to 6.0.0. - [Commits](https://github.com/soc/dirs-rs/commits) --- updated-dependencies: - dependency-name: dirs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump reqwest from 0.11.27 to 0.12.19 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.27 to 0.12.19. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19) --- updated-dependencies: - dependency-name: reqwest dependency-version: 0.12.19 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update README.md * Update README.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update dependabot.yml * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Develop (#15)" This reverts commit 8ac0cfe. * feat: Added tool install verifier with cli calls (#14) Before we didn't check if users where missing tools with a expressive incormation enought, this update will highlight the missing tools users needs to security validate for instance python, go and java applications. * chore: release v0.2.0 * feat: Implemented automatic update information --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces significant enhancements to the Syncable CLI, focusing on improving installation scripts, adding support for vulnerability scanning tools, refining language detection logic, and extending CLI commands for tool management. The changes improve usability, expand functionality, and streamline the codebase.
Installation Script Enhancements:
print_success,print_warning,print_error,print_info,print_step) to improve user experience during installation.cargo-audit,pip-audit,govulncheck,grype) with platform-specific handling and manual installation guides.Language Detection Improvements:
Language::from_stringmethod to map language strings toLanguageenum values, improving code clarity and reusability.SecurityAnalyzerto use the newLanguage::from_stringmethod for consistent language detection logic. [1] [2] [3] [4] [5]CLI Extensions:
Toolscommand in the CLI to manage vulnerability scanning tools, including subcommands for status, installation, verification, and manual setup guides.Toolscommand.Codebase Simplifications:
Language::from_stringimplementation fromSecurityAnalyzerand centralized it within theLanguageenum.ToolInstaller::test_tool_availabilitymethod public for broader usage across modules.