Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def _template(_issue, _indent_val, _code, _color):
return_val = ["{}{}>> Issue: [{}:{}] {}".
format(_indent_val, _color, _issue.test_id,
_issue.test, _issue.text),
"{} Severity: {} Confidence: {}".
format(_indent_val, _issue.severity.capitalize(),
_issue.confidence.capitalize()),
"{} Location: {}:{}".
format(_indent_val, _issue.fname, _issue.lineno),
"{} More Info: {}{}".format(
_indent_val, docs_utils.get_url(_issue.test_id),
screen.COLOR['DEFAULT'])]
if _code:
return_val.append("{}{}".format(_indent_val, _code))
return '\n'.join(return_val)
def _template(_issue, _indent_val, _code):
return_val = ["{}>> Issue: [{}:{}] {}".
format(_indent_val, _issue.test_id, _issue.test,
_issue.text),
"{} Severity: {} Confidence: {}".
format(_indent_val, _issue.severity.capitalize(),
_issue.confidence.capitalize()),
"{} Location: {}:{}".
format(_indent_val, _issue.fname, _issue.lineno),
"{} More Info: {}".format(
_indent_val, docs_utils.get_url(_issue.test_id))]
if _code:
return_val.append("{}{}".format(_indent_val, _code))
return '\n'.join(return_val)
def _output_issue_str(issue, indent, show_lineno=True, show_code=True,
lines=-1):
# returns a list of lines that should be added to the existing lines list
bits = []
bits.append("%s%s>> Issue: [%s:%s] %s" % (
indent, COLOR[issue.severity], issue.test_id, issue.test, issue.text))
bits.append("%s Severity: %s Confidence: %s" % (
indent, issue.severity.capitalize(), issue.confidence.capitalize()))
bits.append("%s Location: %s:%s" % (
indent, issue.fname,
issue.lineno if show_lineno else ""))
bits.append("%s More Info: %s%s" % (
indent, docs_utils.get_url(issue.test_id), COLOR['DEFAULT']))
if show_code:
bits.extend([indent + l for l in
issue.get_code(lines, True).split('\n')])
return '\n'.join([bit for bit in bits])
:param fileobj: The output file object, which may be sys.stdout
:param sev_level: Filtering severity level
:param conf_level: Filtering confidence level
:param lines: Number of lines to report, -1 for all
'''
machine_output = {'results': [], 'errors': []}
for (fname, reason) in manager.get_skipped():
machine_output['errors'].append({'filename': fname, 'reason': reason})
results = manager.get_issue_list(sev_level=sev_level,
conf_level=conf_level)
collector = [r.as_dict() for r in results]
for elem in collector:
elem['more_info'] = docs_utils.get_url(elem['test_id'])
itemgetter = operator.itemgetter
if manager.agg_type == 'vuln':
machine_output['results'] = sorted(collector,
key=itemgetter('test_name'))
else:
machine_output['results'] = sorted(collector,
key=itemgetter('filename'))
machine_output['metrics'] = manager.metrics.data
for result in machine_output['results']:
if 'code' in result:
code = result['code'].replace('\n', '\\n')
result['code'] = code
if not baseline or len(issues[issue]) == 1:
candidates = ''
safe_code = html_escape(issue.get_code(lines, True).
strip('\n').lstrip(' '))
code = code_block.format(code=safe_code)
else:
candidates_str = ''
code = ''
for candidate in issues[issue]:
candidate_code = html_escape(candidate.get_code(lines, True).
strip('\n').lstrip(' '))
candidates_str += candidate_issue.format(code=candidate_code)
candidates = candidate_block.format(candidate_list=candidates_str)
url = docs_utils.get_url(issue.test_id)
results_str += issue_block.format(issue_no=index,
issue_class='issue-sev-{}'.
format(issue.severity.lower()),
test_name=issue.test,
test_id=issue.test_id,
test_text=issue.text,
severity=issue.severity,
confidence=issue.confidence,
path=issue.fname, code=code,
candidates=candidates,
url=url)
# build the metrics string to insert in the report
metrics_summary = metrics_block.format(
loc=manager.metrics.data['_totals']['loc'],
nosec=manager.metrics.data['_totals']['nosec'])
baseline = not isinstance(results, list)
if baseline:
collector = []
for r in results:
d = r.as_dict()
d['more_info'] = docs_utils.get_url(d['test_id'])
if len(results[r]) > 1:
d['candidates'] = [c.as_dict() for c in results[r]]
collector.append(d)
else:
collector = [r.as_dict() for r in results]
for elem in collector:
elem['more_info'] = docs_utils.get_url(elem['test_id'])
itemgetter = operator.itemgetter
if manager.agg_type == 'vuln':
machine_output['results'] = sorted(collector,
key=itemgetter('test_name'))
else:
machine_output['results'] = sorted(collector,
key=itemgetter('filename'))
machine_output['metrics'] = manager.metrics.data
# timezone agnostic format
TS_FORMAT = "%Y-%m-%dT%H:%M:%SZ"
time_string = datetime.datetime.utcnow().strftime(TS_FORMAT)
machine_output['generated_at'] = time_string