No project description provided
Project description
Sifts
Code analysis tool with YAML configuration support.
Configuration
You can now run Sifts using a YAML configuration file:
python -m src.cli run-with-config config_example.yaml
Configuration Format
The configuration file follows this structure:
analysis:
working_dir: "." # Working directory (must exist)
include_files:
- "src/**/*.py" # Glob patterns for files to include
exclude_files:
- "tests/**" # Glob patterns for files to exclude
lines_to_check: # Specific lines to check in specific files (must exist)
- file: "src/cli.py"
lines: [12, 45, 78]
- file: "src/config.py" # You can specify multiple files
lines: [10, 20]
- file: "src/cli.py" # Entries with the same file path will be merged
lines: [100, 200] # Will be combined with the previous entry for src/cli.py
include_vulnerabilities: # Types of vulnerabilities to check for
- insecure_auth
- sql_injection
- xss
exclude_vulnerabilities: [] # Types of vulnerabilities to exclude
use_default_exclude_files: true # Use default exclude files list
split_subdirectories: true # Split subdirectories for analysis
output:
format: "json" # Output format
path: "reports/report.json" # Output file path (directory will be created if needed)
runtime:
parallel: true # Whether to run in parallel
threads: 4 # Number of threads to use
Line Merging
When multiple entries in lines_to_check reference the same file path, they will be automatically merged into a single entry with the combined list of line numbers. Duplicate line numbers are automatically removed, and the final list is sorted in ascending order.
For example, the above configuration will result in the following after processing:
lines_to_check:
- file: "src/cli.py"
lines: [12, 45, 78, 100, 200] # Combined from both entries
- file: "src/config.py"
lines: [10, 20]
Path Validation
The configuration includes strict path validation:
Paths that must exist (for analysis)
- Working directory (
working_dir) - Files specified in
lines_to_check - Exact file paths in
include_files(non-glob patterns)
Paths that will be created (for output)
- Output directory (parent directory of
output.path)
The validation ensures that all files to be analyzed actually exist, while automatically creating any necessary output directories.
Requirements
Install the required dependencies using Poetry:
poetry install
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fluidattacks_sifts-0.20.0.tar.gz.
File metadata
- Download URL: fluidattacks_sifts-0.20.0.tar.gz
- Upload date:
- Size: 4.4 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.6.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5fef569ce4eabe9cad78c8eafadba9de3e0d0b83f9d424b50d731aeb979a6394
|
|
| MD5 |
6cef0d61f14e29fc39e6a197ecd4263a
|
|
| BLAKE2b-256 |
f88435f442953ef8d4896581f45e93118e26a50f373cc0f24d5815167874373b
|
File details
Details for the file fluidattacks_sifts-0.20.0-py3-none-any.whl.
File metadata
- Download URL: fluidattacks_sifts-0.20.0-py3-none-any.whl
- Upload date:
- Size: 4.5 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.6.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
45378c3c4b6288c3621d3bf9a139f021d238d890b54dddd82b4a03c7f99d0c73
|
|
| MD5 |
988ee8540689b3b5e96023b08346e813
|
|
| BLAKE2b-256 |
7b1920cd149470a4dc9a075440e593848fd7a0c00b7873f01e14fdff132d8b1f
|
