Collection of Python utils for static code analysis on Perl, Python and R scripts.
Project description
jps-static-audit-utils
Collection of Python utilities for static code analysis on Perl, Python, and R scripts.
๐ Overview
jps-static-audit-utils provides tools for performing read-only static analysis on codebases, particularly focusing on detecting hardcoded file and directory paths in Perl scripts. This can help identify potential security issues, portability problems, and maintainability concerns in legacy code.
Features
- Hardcoded Path Detection: Scans Perl files (.pl, .pm) for absolute and relative file/directory paths
- Smart Filtering: Automatically excludes URLs, environment variables, and POD documentation
- Multiple Output Formats: Generate reports in text, JSON, or CSV format
- Recursive Scanning: Scan entire directory trees or individual files
- Detailed Reporting: Each finding includes file path, line number, path type, and context
- Comprehensive Testing: Full test suite with pytest ensuring reliability
Example Usage
Scan a Single Perl File
# Scan a single file and generate a text report
jps-bootstrap scan --infile /path/to/script.pl
# Specify output format (text, json, or csv)
jps-bootstrap scan --infile script.pl --format json
Scan a Directory Recursively
# Scan all Perl files in a directory
jps-bootstrap scan --indir /path/to/perl/project
# Specify custom output directory
jps-bootstrap scan --indir /path/to/project --outdir /path/to/output
Custom Report Location
# Specify exact report file location
jps-bootstrap scan --infile script.pl --report-file /custom/path/report.txt --logfile /custom/path/scan.log
What Gets Detected
The scanner identifies:
- Absolute paths:
/usr/local/bin,/tmp/data,/var/log/app.log - Relative paths:
./config/settings.txt,../lib/module.pm
The scanner intelligently ignores:
- URLs:
https://example.com/path,s3://bucket/key - Environment variables:
$ENV{HOME},$ENV{PATH} - POD documentation: Paths mentioned in Perl documentation blocks
Output Formats
Text Report
File: /path/to/script.pl
Line: 42
Type: absolute
Path: /usr/local/bin
Context: my $path = "/usr/local/bin";
JSON Report
{
"header": {
"program": "perl-hardcoded-path-report",
"version": "1.0.0",
"timestamp": "2025-12-17T10:00:00"
},
"findings": [
{
"file": "/path/to/script.pl",
"line": 42,
"path": "/usr/local/bin",
"path_type": "absolute",
"context": "my $path = \"/usr/local/bin\";"
}
]
}
CSV Report
file,line,path_type,path,context
/path/to/script.pl,42,absolute,/usr/local/bin,"my $path = ""/usr/local/bin"";"
๐ฆ Installation
From Source
# Clone the repository
git clone https://github.com/jai-python3/jps-static-audit-utils.git
cd jps-static-audit-utils
# Install the package
make install
For Development
# Install with development dependencies
pip install -e ".[dev]"
๐งช Development
Running Tests
# Run all tests with pytest
make test
# Run tests with coverage
pytest --cov=src/jps_static_audit_utils --cov-report=html tests/
# Run specific test file
pytest tests/test_hardcoded_path_reporter.py -v
Code Quality
# Format code
make format
# Run linters
make lint
# Fix auto-fixable issues
make fix
# Run all quality checks
make fix && make format && make lint
Project Structure
jps-static-audit-utils/
โโโ src/
โ โโโ jps_static_audit_utils/
โ โโโ __init__.py
โ โโโ constants.py # Regex patterns and constants
โ โโโ finding.py # Finding dataclass
โ โโโ hardcoded_path_reporter.py # Main scanning logic
โ โโโ logging_helper.py # Logging configuration
โ โโโ writer.py # Report writers (text/json/csv)
โโโ tests/
โ โโโ conftest.py # Pytest fixtures
โ โโโ test_constants.py # Tests for regex patterns
โ โโโ test_finding.py # Tests for Finding dataclass
โ โโโ test_hardcoded_path_reporter.py # Tests for scanner
โ โโโ test_logging_helper.py # Tests for logging setup
โ โโโ test_writer.py # Tests for report writers
โโโ pyproject.toml # Project configuration
โโโ Makefile # Build and development tasks
โโโ README.md # This file
๐ค Contributing
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Make your changes
- Run tests and linters (
make test && make lint) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
๐ Requirements
- Python 3.10 or higher
- Dependencies listed in pyproject.toml
๐ License
MIT License ยฉ Jaideep Sundaram
๐ Links
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file jps_static_audit_utils-0.2.0.tar.gz.
File metadata
- Download URL: jps_static_audit_utils-0.2.0.tar.gz
- Upload date:
- Size: 17.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
60d4a8d4864e732263db3554becb2f9ee2a04f15a21ade2cb5defcdd5e10fb7a
|
|
| MD5 |
10e1e51cc82dea0c52ad919164f2fd7d
|
|
| BLAKE2b-256 |
83d3538075ba1a35afa06973e8e15bf6f5c01f60cbc3ac41cb3b73e17d90b0eb
|
File details
Details for the file jps_static_audit_utils-0.2.0-py3-none-any.whl.
File metadata
- Download URL: jps_static_audit_utils-0.2.0-py3-none-any.whl
- Upload date:
- Size: 9.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a0c60105a4f9ac95c38e959e2d2d492d2264e69d6a747d131402e8f4e1df1fae
|
|
| MD5 |
97e23b8604f0f324a3f644e1d9b06062
|
|
| BLAKE2b-256 |
a5d490521f5f91ce378d830d4f74011d1b17a419124284e808bab6f14c4878d3
|
