Skip to main content

SAST Code Scanner in Python

Project description

PySAST

python Status Platform PyPi Codestyle

Welcome to pysast - a powerful Python package designed for scanning one or multiple files using customizable rules written in JSON or YAML. This package allows you to automate the process of code analysis and identify potential issues or violations based on your specified criteria.

By utilizing the rule-based system, you can define a set of rules that reflect your desired coding standards, best practices, or specific requirements. The package then scans your files, identifies instances that violate the defined rules, and reports them to help you maintain a high code quality.

You can install pysast using pip, the Python package installer. Simply run the following command:

Installation

pip install pysast

Once installed, you're ready to start using pysast for your code analysis needs.

Documentation

For more detailed information on using pysast, please refer to the official documentation on Github.

Getting Started

Before you begin using pysast, it's recommended to familiarize yourself with the package's functionality and usage. The following steps will guide you through the essential setup and running your first code scan:

  1. Rule Definition: Learn how to define rules in JSON or YAML format to specify the analysis criteria for your codebase.
  2. Running Scans: Explore how to execute pysast to scan your files and generate detailed reports.
  3. Advanced Usage: Dive deeper into the advanced features and options offered by pysast to enhance your code analysis capabilities.

By following these steps, you'll be equipped with the knowledge and tools to effectively utilize pysast in your projects.

Optimization

Since version 1.1.0 this program introduces an optimization feature that significantly improves its performance by leveraging threading. By utilizing the --threading option on the command line, you can enable this optimization to take full advantage of your system's resources.

CLI Options

usage: pysast.py [-h] [-r] [-j] [-v] [-s SAST_RULES] [-S SAST_DIRS] [-rS RECURSIVE_SAST_DIRS] [--disable-prefilter] [--enable-postfilter] [-M MAX_BYTES] [-T] [-e EXCLUDE_FILES] [--threading] [PATHS ...]

Scan the given file with SAST scanner using all available rules.

positional arguments:
PATHS                 One or more files or directories to scan.

options:
-h, --help            show this help message and exit
-r, --recursive       Scan target directories recursively
-j, --json            Dump JSON output instead of pprint.
-v, --verbose         Specifies the verbosity for the next scan. Use -vvv for more verbose output.
-s SAST_RULES, --sast-rule SAST_RULES
                        File path(s) to SAST rules to import. (Use -S for directories)
-S SAST_DIRS, --sast-dir SAST_DIRS
                        One or more directories that store SAST rules. (Use -rS for recursive search) The current directory is used if no rules are specified.
-rS RECURSIVE_SAST_DIRS, --recursive-sast-dir RECURSIVE_SAST_DIRS
                        Load rules from target directories recursively
--disable-prefilter   Disable prefiltering rules.
--enable-postfilter   Enable postfiltering.
-M MAX_BYTES, --max-bytes MAX_BYTES
                        Skip files exteeding a the amount of maximum bytes.
-T, --disable-mime, -T, --disable-mime
                        Specifies whether the scanner should use the 'file' utility to retrieve the MIME-type of a file. (enabled as per default)
-e EXCLUDE_FILES, --exclude-file EXCLUDE_FILES
                        Specifies exclusion files (use re: for regular expressions)
--threading           Activates threading for file processing. (Can't be used on daemon processes)

Contributing

We welcome contributions from the community! If you'd like to contribute to pysast, please refer to the contribution guidelines.

Support

If you encounter any issues or have any questions or suggestions, please feel free to open an issue.

License

This project is licensed under the GNU GPLv3.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pysast-1.1.3a0.tar.gz (26.0 kB view details)

Uploaded Source

Built Distribution

pysast-1.1.3a0-py3-none-any.whl (26.9 kB view details)

Uploaded Python 3

File details

Details for the file pysast-1.1.3a0.tar.gz.

File metadata

  • Download URL: pysast-1.1.3a0.tar.gz
  • Upload date:
  • Size: 26.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.3

File hashes

Hashes for pysast-1.1.3a0.tar.gz
Algorithm Hash digest
SHA256 f162f6cdd2c846b7c1f82eb30960720b2175bb2139a09a2461620628f53c0e2c
MD5 2edb14114c0cb65c667eaa7eca7c995e
BLAKE2b-256 3b2291fe091ad812c7cc007841059d0f21cebd55e0310278b3a88bcb57afe20d

See more details on using hashes here.

File details

Details for the file pysast-1.1.3a0-py3-none-any.whl.

File metadata

  • Download URL: pysast-1.1.3a0-py3-none-any.whl
  • Upload date:
  • Size: 26.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.3

File hashes

Hashes for pysast-1.1.3a0-py3-none-any.whl
Algorithm Hash digest
SHA256 30271116f947d18beb2eb450ef0bf5ee90691f8b81d4877bac11e260685531a2
MD5 cb9c84207dd709c9e64d5c3fa09e19d1
BLAKE2b-256 d62fb63d04b681cfe96ff9aeb6a2f7e3e199308b67520741b5257bd00c90110e

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page