Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/securesauce/precli

Precaution CLI
https://github.com/securesauce/precli

golang java python sast security security-tools static-code-analysis

Last synced: 3 months ago
JSON representation

Precaution CLI

Host: GitHub
URL: https://github.com/securesauce/precli
Owner: securesauce
License: other
Created: 2023-03-20T21:04:57.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-04-11T00:36:10.000Z (7 months ago)
Last Synced: 2024-04-11T08:40:38.277Z (7 months ago)
Topics: golang, java, python, sast, security, security-tools, static-code-analysis
Language: Python
Homepage: https://precli.readthedocs.io/
Size: 1.22 MB
Stars: 1
Watchers: 1
Forks: 2
Open Issues: 21
Metadata Files:
- Readme: README.rst
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md

Awesome Lists containing this project

README

        .. image:: https://raw.githubusercontent.com/securesauce/precli/main/images/logo.png

    :alt: Precaution CLI

.. image:: https://github.com/securesauce/precli/actions/workflows/unit-test.yml/badge.svg?branch=main

    :target: https://github.com/securesauce/precli/actions/workflows/unit-test.yml

    :alt: Build and Test

======

Precli is the core of the Precaution GitHub App and Action. It also serves as a command line interface to demonstate its functionality. It is designed to do static code analysis of source code with a number of rules covering the standard library for the corresponding programming language.

If your needs go beyond the analysis of just the standard library, consider upgrading to Precaution Professional to get access to finding and fixing security vulnerabilities in third-party libraries. See https://www.securesauce.dev/ for more details.

Quick Start

-----------

To install precli (requires Python 3.12):

.. code-block:: console

    pip install precli

Note: If using arm based macOS, you'll also need to install this package:

.. code-block:: console

    pip install git+https://github.com/tree-sitter/[email protected]

Run precli on a single test example:

.. code-block:: console

    precli tests/unit/rules/python/stdlib/hmac/examples/hmac_timing_attack.py

Example code:

.. code-block:: python

    # level: ERROR

    # start_line: 18

    # end_line: 18

    # start_column: 13

    # end_column: 15

    import hmac

    

    

    received_digest = (

        b"\xe2\x93\x08\x19T8\xdc\x80\xef\x87\x90m\x1f\x9d\xf7\xf2"

        b"\xf5\x10>\xdbf\xa2\xaf\xf7x\xcdX\xdf"

    )

    

    key = b"my-super-duper-secret-key-string"

    password = b"pass"

    digest = hmac.digest(key, password, digest="sha224")

    

    print(digest == received_digest)

    

Example result:

.. image:: https://raw.githubusercontent.com/securesauce/precli/main/images/example.gif

    :alt: Example output