def scan(self) -> dict:
"""Start Scan."""
scanner = Scanner(self.options, self.paths)
result = scanner.scan()
if result:
self.format_output(result)
return self.result
def scan(rule, extensions, paths, ignore_paths=None):
"""The libsast scan."""
try:
options = {
'match_rules': rule,
'match_extensions': extensions,
'ignore_paths': ignore_paths,
'show_progress': False
}
scanner = Scanner(options, paths)
res = scanner.scan()
if res:
return format_findings(res['pattern_matcher'], paths[0])
except Exception:
logger.exception('libsast scan')
return {}
def niap_scan(rule, extensions, paths, apath, ignore_paths=None):
"""NIAP scan."""
try:
if not apath:
apath = ''
options = {
'choice_rules': rule,
'alternative_path': apath,
'choice_extensions': extensions,
'ignore_paths': ignore_paths,
'show_progress': False
}
scanner = Scanner(options, paths)
res = scanner.scan()
if res:
return res['choice_matcher']
except Exception:
logger.exception('NIAP scan')
return {}
def test_standards_mapping():
stds = standards.get_standards()
base_dir = Path(__file__).parents[1]
files_dir = base_dir / 'assets' / 'files'
rules_dir = base_dir / 'assets' / 'rules' / 'pattern_matcher'
options = {'match_rules': rules_dir.as_posix()}
paths = [files_dir.as_posix()]
res = Scanner(options, paths).scan()
match = res['pattern_matcher']['test_regex_multiline_and_metadata']
assert match
assert match['metadata']
assert match['metadata']['cwe'] == stds['cwe']['cwe-1051']
assert match['metadata']['owasp-mobile'] == stds['owasp-mobile']['m1']
assert match['metadata']['owasp-web'] == stds['owasp-web']['a10']
assert match['metadata']['masvs'] == stds['masvs']['storage-3']
assert match['metadata']['foo'] == 'bar'