From ef7d3b2ad6f05847ecb02984fbedbc8745c9ef67 Mon Sep 17 00:00:00 2001 From: arielk Date: Wed, 25 Oct 2023 16:50:37 +0300 Subject: [PATCH] fixes --- checkov/sast/checks_infra/base_registry.py | 4 ++-- checkov/sast/engines/prisma_engine.py | 6 +----- checkov/sast/prisma_models/report.py | 14 +++----------- checkov/sast/runner.py | 4 +--- 4 files changed, 7 insertions(+), 21 deletions(-) diff --git a/checkov/sast/checks_infra/base_registry.py b/checkov/sast/checks_infra/base_registry.py index f801e636f53..4319947505d 100644 --- a/checkov/sast/checks_infra/base_registry.py +++ b/checkov/sast/checks_infra/base_registry.py @@ -13,13 +13,13 @@ class Registry(BaseCheckRegistry): - def __init__(self, checks_dir: str) -> None: + def __init__(self, checks_dir: str | None = None) -> None: super().__init__(report_type=CheckType.SAST) self.rules: List[Dict[str, Any]] = [] self.checks_dir = checks_dir self.logger = logging.getLogger(__name__) self.runner_filter: Optional[RunnerFilter] = None - self.checks_dirs_path: List[str] = [checks_dir] + self.checks_dirs_path: List[str] = [] def extract_entity_details(self, entity: dict[str, Any]) -> tuple[str, str, dict[str, Any]]: # TODO diff --git a/checkov/sast/engines/prisma_engine.py b/checkov/sast/engines/prisma_engine.py index 7c6713bee7b..6bf42c0a732 100644 --- a/checkov/sast/engines/prisma_engine.py +++ b/checkov/sast/engines/prisma_engine.py @@ -169,7 +169,7 @@ def run_go_library(self, languages: Set[SastLanguages], report_reachability: bool = False, remove_default_policies: bool = False) -> Union[List[Report], SastPolicies]: - validate_params(languages, source_codes, policies, list_policies) + validate_params(languages, source_codes, list_policies) if bc_integration.bc_source: name = bc_integration.bc_source.name @@ -348,7 +348,6 @@ def get_policies(self, languages: Set[SastLanguages]) -> SastPolicies: def validate_params(languages: Set[SastLanguages], source_codes: List[str], - policies: List[str], list_policies: bool) -> None: if list_policies: return @@ -356,9 +355,6 @@ def validate_params(languages: Set[SastLanguages], if len(source_codes) == 0: raise Exception('must provide source code file or dir for sast runner') - if len(policies) == 0: - raise Exception('must provide policy file or dir for sast runner') - if len(languages) == 0: raise Exception('must provide a language for sast runner') diff --git a/checkov/sast/prisma_models/report.py b/checkov/sast/prisma_models/report.py index 0eb5b64e0de..64a53fd5fa1 100644 --- a/checkov/sast/prisma_models/report.py +++ b/checkov/sast/prisma_models/report.py @@ -4,7 +4,7 @@ class Profiler(BaseModel): - duration: str # noqa: CCE003 + duration: int # noqa: CCE003 memory: int # noqa: CCE003 @@ -27,22 +27,14 @@ class MatchLocation(BaseModel): code_block: str # noqa: CCE003 -class MatchMetavariable(BaseModel): - path: Optional[str] # noqa: CCE003 - start: Optional[Point] # noqa: CCE003 - end: Optional[Point] # noqa: CCE003 - data_flow: Optional[List[Flow]] # noqa: CCE003 - code_block: Optional[str] # noqa: CCE003 - - class DataFlow(BaseModel): data_flow: List[Flow] # noqa: CCE003 class MatchMetadata(BaseModel): - metavariables: Dict[str, MatchMetavariable] # noqa: CCE003 + metavariables: Dict[str, DataFlow] # noqa: CCE003 variables: Dict[str, Any] # noqa: CCE003 - taint_mode: Optional[DataFlow] # noqa: CCE003 + taint_mode: Optional[DataFlow] = None # noqa: CCE003 class Match(BaseModel): diff --git a/checkov/sast/runner.py b/checkov/sast/runner.py index 442aa6af122..ce9e5309e22 100644 --- a/checkov/sast/runner.py +++ b/checkov/sast/runner.py @@ -17,15 +17,13 @@ logger = logging.getLogger(__name__) -CHECKS_DIR = (os.path.join(pathlib.Path(__file__).parent.resolve(), 'checks')) - class Runner(BaseRunner[None, None, None]): check_type = CheckType.SAST # noqa: CCE003 # a static attribute def __init__(self) -> None: super().__init__(file_extensions=["." + a for a in FILE_EXT_TO_SAST_LANG.keys()]) - self.registry = Registry(checks_dir=CHECKS_DIR) + self.registry = Registry() self.engine = PrismaEngine() # noqa: disallow-untyped-calls def should_scan_file(self, file: str) -> bool: