Releases: slalombuild/secureli
v0.19.0
v0.19.0 (2024-01-05)
Chore
- chore: Improve terminal output (#335)
Implementing the following changes:
- Add debug log level (colored cyan)
- Make error messages print to stderr instead of stdout
- include "[seCureLI] [<log level>] " prefix to messages
- Update default log level from ERROR to WARN
- Move log level enum to separate class and use more consistently (
a986da5
)
- chore: Issue 320 - remove six from exclude list (#323)
closes #320
Co-authored-by: Caleb Tonn <[email protected]> (57aea2d
)
Feature
- feat: Periodically check for hook updates on scan (#336)
Description
This PR adds the feature to check for updates to hooks when running a
scan. Since the update check doesn't need to be done on every scan, we
only check at most once per week. This will prevent the added latency of
calling out to GitHub (or wherever hooks are hosted) on every scan.
pre-commit does not expose the functionality
of checking for hook updates without actually performing the update, so
for now this PR imports functions directly from the pre-commit tool
(since it is also written in python).
This is not a best practice, but is probably the cleanest option we have
for now. We can look into implementing this functionality in
pre-commit
itself in the future.
Note that there is currently no way to specify whether to include the
--bleeding-edge
flag (implemented internally with a tags_only
boolean). The implication is that if someone updates their version of a
hook repository beyond the latest release, we will detect it as being
out-of-date, instead of ahead. In practice, this feels like a day-2 kind
of feature that won't be important to many users.
This PR closes #176 .
Feature Work
- Updates internal
.pre-commit-config.yaml
file to add hooks. Not sure
why this repo did not have defined hooks previously? - Updates internal secureli config file to set the log level to DEBUG
(we should see all output while developing secureli) - Instead of deserializing the
.pre-commit-config.yaml
file to a
dictionary, this adds a proper pydantic model
Cleanup work
Unrelated to the ticket, I also performed some fixes/cleanup:
- Fixed bug in existing unit test causing
.pre-commit-config.yaml
to
get overwritten - Cleaned up errors in type hints across numerous files
- Cleaned up some comments & output for clarity/correctness
- Minor cleanup refactoring
- Fixed an error from
pytest
warning of use of the deprecated package
pkg_resources
(by using the recommended alternative) - Rename test function with duplicate name
- Remove duplicate test fixture (
9839881
)
v0.18.0
v0.18.0 (2023-11-14)
Feature
- feat: 154 Prompt User to Install Code Linters for each Detected Language (#332)
closes #154
Overview
Adds functionality to prompt the user to determine if linter based
pre-commit hooks should be added to the code repository. The user will
be prompted for each detected language during init
.
An example messages will be Add lint pre-commit(s) for JavaScript? [Y/n]
adding the --yes
option will bypass the prompting to install linter
pre-commit hooks and will automatically add them.
Technical Approach
This pr includes reorganizing the pre-commit templates into a new
folder/file structure. Templates will be located under
resources/pre-commit
and will be split into separate folders and files
based on if they are linter hooks or not. The user responses and code
will determine whether or not the hooks should be combined and saved to
the user's repository. Splitting these files out ensures a simple way of
knowing which hooks are linters.
Testing
- run
secureli init
- follow flow to add/ignore linters for each detected language
- Verify pre-commit linters are added or not added to pre-commit.yaml
depending on prompt response
Regression testing:
Testing scan
and update
to ensure both are working as normal. (c63860f
)
v0.17.1
v0.17.1 (2023-11-10)
Fix
- fix: Correctly parsing %-encoded URLs from .git/config file (#331)
Resolves #261
The configparser
module by default assumes that '%' characters
indicate the presence of a variable and will try to parse a config value
accordingly. Switching to "raw" mode prevents this behavior.
Testing
Manually tested by changing my .git/config
file to set the origin URL
to include %20
, and was able to replicate the failure detailed in the
ticket. (af842fb
)
v0.17.0
v0.17.0 (2023-11-02)
Chore
- chore: Issue 159 - Using latest git hooks (#322)
Pre-commit does not support using a latest
tag,
the only way to use latest is to update after install.
I tested these changes by updating the version I installed with brew
re-initializing a test repo with javascript and python code. It looks
like the fix I made to the update command could use a regression test,
that line of code cannot run without a folder path argument.
Co-authored-by: Rob Rodriguez <[email protected]> (4b77d27
)
Feature
- feat: add version option functionality (#330)
closes #170
Adds option to display the current seCureLI version in the terminal
using either -v
or --version
(285864d
)
v0.16.0
v0.16.0 (2023-10-11)
Chore
- chore: Reverting python from 3.11 to 3.9 (#319)
Co-authored-by: Rob Rodriguez <[email protected]> (b8ce59c
)
- chore: Secureli 265 python311 support (#317)
This is to resolve issues with publishing after changing secureli to
support python3.11
Co-authored-by: Rob Rodriguez <[email protected]>
Co-authored-by: Rob Rodriguez <[email protected]> (c9808a2
)
- chore: pip: Bump poethepoet from 0.23.0 to 0.24.1 (#310)
Bumps poethepoet from 0.23.0 to
0.24.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nat-n/poethepoet/releases">poethepoet's
releases</a>.</em></p>
<blockquote>
<h2>0.24.1</h2>
<h1>Enhancements</h1>
<ul>
<li>Show helpful error message when task executable is not on the path
(<a
href="https://github.com/nat-n/poethepoet/commit/dfb8cabe3019bfa4a22398996975bf14f22b0bf5">#dfb8cabe</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="nat-n/poethepoet@v0.24.0...v0.24.1">https://github.com/nat-n/poethepoet/compare/v0.24.0...v0.24.1</a></p>
<h2>0.24.0</h2>
<h2>Enhancements</h2>
<ul>
<li>Use quotes to improve accuracy of logged commands <a
href="https://redirect.github.com/nat-n/poethepoet/issues/169">#169</a>
(<a
href="https://github.com/nat-n/poethepoet/commit/21c523ebc6168d4fa00fcc98fd5b04646f56bd6c">#21c523eb</a>)</li>
</ul>
<h2>Fixes</h2>
<ul>
<li>Make task dependencies work as expected for referenced tasks <a
href="https://redirect.github.com/nat-n/poethepoet/issues/168">#168</a>
(<a
href="https://github.com/nat-n/poethepoet/commit/8f73c7784ab3b47ef6f0c30d3f1177a6a1d35559">#8f73c778</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="nat-n/poethepoet@v0.23.0...v0.24.0">https://github.com/nat-n/poethepoet/compare/v0.23.0...v0.24.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="nat-n/poethepoet@903ed9af0dd313a6da32f24ec4357101435976d8"><code>903ed9a</code></a>
Bump version to 0.24.1</li>
<li><a
href="nat-n/poethepoet@dfb8cabe3019bfa4a22398996975bf14f22b0bf5"><code>dfb8cab</code></a>
Show helpful error message when task executable is not on the path</li>
<li><a
href="nat-n/poethepoet@f500668f82439b472051d4971421681645f0ff04"><code>f500668</code></a>
Add installation instructions for homebrew formula</li>
<li><a
href="nat-n/poethepoet@0c757678326f5ca34024dff2f6b01d8e51d6468b"><code>0c75767</code></a>
Add workflow step to trigger homebrew update</li>
<li><a
href="nat-n/poethepoet@caf7ba819a52c952225d8addb1eaea923ec30294"><code>caf7ba8</code></a>
Bump version to 0.24.0</li>
<li><a
href="nat-n/poethepoet@21c523ebc6168d4fa00fcc98fd5b04646f56bd6c"><code>21c523e</code></a>
Use quotes to improve accuracy of logged commands <a
href="https://redirect.github.com/nat-n/poethepoet/issues/169">#169</a></li>
<li><a
href="nat-n/poethepoet@ad9242496ccb2848dea29dc27ba65a00666b9b19"><code>ad92424</code></a>
Improve ruff configuration and remove isort</li>
<li><a
href="nat-n/poethepoet@8f73c7784ab3b47ef6f0c30d3f1177a6a1d35559"><code>8f73c77</code></a>
Make task dependecies work as expected for referenced tasks <a
href="https://redirect.github.com/nat-n/poethepoet/issues/168">#168</a></li>
<li><a
href="nat-n/poethepoet@2c6e6bd75e5cea8c3c0315032c4b1920c3bf486a"><code>2c6e6bd</code></a>
Configure ruff and apply prescribed fixes</li>
<li><a
href="nat-n/poethepoet@29f4a5419ff96776ac7d38820c811e4c18e8507f"><code>29f4a54</code></a>
Create CODE_OF_CONDUCT.md</li>
<li>See full diff in <a
href="nat-n/poethepoet@v0.23.0...v0.24.1">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits
that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after
your CI passes on it@dependabot cancel merge
will cancel a previously requested merge
and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all
of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (ecfac07
)
Feature
- feat: Added Python 3.11 support (#316)
Resolving string representation of enum for EchoLevel
Edited TOML file
Co-authored-by: Rob Rodriguez <[email protected]>
Co-authored-by: Rob Rodriguez <[email protected]> (f31d19f
)
v0.15.0
v0.14.0
v0.13.0
v0.13.0 (2023-08-21)
Chore
- chore: secure tokens (#276)
- chore: replaces all PAT uses with GH App token (#273)
Feature
- feat: (144) Add Directory Support -d --directory (#279)
Example commands using the new directory option:
secureli scan --directory /absolute/path/to/a/git/directory
secureli scan -d ./relative/path/to/a/git/directory
secureli init -d ./relative/path/to/a/git/directory
secureli update --directory /absolute/path/to/a/git/directory
Co-authored-by: Adina <[email protected]> (d23f94b
)
v0.12.0
v0.11.0
v0.11.0 (2023-08-09)
Chore
- chore: pip: bump pygments from 2.15.1 to 2.16.1 (#263)
Bumps pygments from 2.15.1 to
2.16.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pygments/pygments/releases">pygments's
releases</a>.</em></p>
<blockquote>
<h2>2.16.1</h2>
<ul>
<li>Fix <code>native</code> style missing from style list (<a
href="https://redirect.github.com/pygments/pygments/issues/2484">#2484</a>)</li>
</ul>
<h2>2.16.0</h2>
<ul>
<li>
<p>New lexers:</p>
<ul>
<li>ASN.1 (<a
href="https://redirect.github.com/pygments/pygments/issues/2462">#2462</a>)</li>
<li>Blueprint (<a
href="https://redirect.github.com/pygments/pygments/issues/2434">#2434</a>)</li>
<li>BQN (<a
href="https://redirect.github.com/pygments/pygments/issues/2472">#2472</a>)</li>
<li>DNS zone files (<a
href="https://redirect.github.com/pygments/pygments/issues/2464">#2464</a>)</li>
<li>GraphQL (<a
href="https://redirect.github.com/pygments/pygments/issues/2428">#2428</a>)</li>
<li>Linux desktop files (following the specification of the Freedesktop
group, formerly known as XDG) (<a
href="https://redirect.github.com/pygments/pygments/issues/2470">#2470</a>)</li>
<li>NVIDIA PTX (<a
href="https://redirect.github.com/pygments/pygments/issues/2432">#2432</a>)</li>
<li>OpenSCAD (<a
href="https://redirect.github.com/pygments/pygments/issues/2449">#2449</a>)</li>
<li>systemd (<a
href="https://redirect.github.com/pygments/pygments/issues/2470">#2470</a>)</li>
<li>TLS presentation language (<a
href="https://redirect.github.com/pygments/pygments/issues/2455">#2455</a>)</li>
<li>Verifpal (<a
href="https://redirect.github.com/pygments/pygments/issues/2430">#2430</a>)</li>
<li>YARA (<a
href="https://redirect.github.com/pygments/pygments/issues/2453">#2453</a>)</li>
</ul>
</li>
<li>
<p>Updated lexers:</p>
<ul>
<li>ASC: Add <code>application/pem-certificate-chain</code> mimetype (<a
href="https://redirect.github.com/pygments/pygments/issues/2471">#2471</a>)</li>
<li>C/C++: Refine keyword lists (<a
href="https://redirect.github.com/pygments/pygments/issues/2421">#2421</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2422">#2422</a>)</li>
<li>Carbon: Fix long processing times on invalid input, fix number
lexing (<a
href="https://redirect.github.com/pygments/pygments/issues/2454">#2454</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2456">#2456</a>)</li>
<li>Elpi: Handle quotations (<a
href="https://redirect.github.com/pygments/pygments/issues/2419">#2419</a>)</li>
<li>Go: Support additional built-ins (<a
href="https://redirect.github.com/pygments/pygments/issues/2481">#2481</a>)</li>
<li>HTTP: Support empty headers (<a
href="https://redirect.github.com/pygments/pygments/issues/2461">#2461</a>),
support more general methods (<a
href="https://redirect.github.com/pygments/pygments/issues/2460">#2460</a>),
also recognize responses in <code>analyse_text</code> implementation (<a
href="https://redirect.github.com/pygments/pygments/issues/2460">#2460</a>),
and highlight URL encoded data (<a
href="https://redirect.github.com/pygments/pygments/issues/2465">#2465</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/1620">#1620</a>)</li>
<li>Igor Pro: Update to Igor Pro 9 (<a
href="https://redirect.github.com/pygments/pygments/issues/2482">#2482</a>)</li>
<li>lean: Recognize expressions nested within attributes (<a
href="https://redirect.github.com/pygments/pygments/issues/1817">#1817</a>)</li>
<li>Macaulay2: Update builtins (<a
href="https://redirect.github.com/pygments/pygments/issues/2457">#2457</a>)</li>
<li>Markdown: Allow extra characters after language name
in code blocks (<a
href="https://redirect.github.com/pygments/pygments/issues/2437">#2437</a>)</li>
<li>NestedText: Update to version 3 (<a
href="https://redirect.github.com/pygments/pygments/issues/2459">#2459</a>)</li>
<li>scdoc: Improve language guessing implementation (<a
href="https://redirect.github.com/pygments/pygments/issues/2402">#2402</a>)</li>
<li>Spice: Update to latest version (<a
href="https://redirect.github.com/pygments/pygments/issues/2476">#2476</a>)</li>
<li>Transact SQL: Add Pre-sorted Group keyword (<a
href="https://redirect.github.com/pygments/pygments/issues/2417">#2417</a>)</li>
<li>Uxntal: Update for current runes (<a
href="https://redirect.github.com/pygments/pygments/issues/2424">#2424</a>)</li>
<li>Wikitext: Fix templates in wiki links; fix a language converter
false positive; add bold italic markup (<a
href="https://redirect.github.com/pygments/pygments/issues/2447">#2447</a>)</li>
</ul>
</li>
<li>
<p>Add <code>Generic.EmphStrong</code> token for bold italic markup (<a
href="https://redirect.github.com/pygments/pygments/issues/2444">#2444</a>)</p>
</li>
<li>
<p>Add Lightbulb style (<a
href="https://redirect.github.com/pygments/pygments/issues/2474">#2474</a>)</p>
</li>
<li>
<p>Add Eclipse-Light style (<a
href="https://redirect.github.com/pygments/pygments/issues/2440">#2440</a>)</p>
</li>
<li>
<p>Improve contrast in Monokai style (<a
href="https://redirect.github.com/pygments/pygments/issues/2448">#2448</a>)</p>
</li>
<li>
<p>Add documentation how to create terminal code highlighting commands
(<a
href="https://redirect.github.com/pygments/pygments/issues/2131">#2131</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2425">#2425</a>)</p>
</li>
<li>
<p>Add support for loading TrueType fonts to the
<code>ImageFormatter</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/1960">#1960</a>)</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pygments/pygments/blob/master/CHANGES">pygments's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.16.1</h2>
<ul>
<li>Fix <code>native</code> style missing from style list (<a
href="https://redirect.github.com/pygments/pygments/issues/2484">#2484</a>)</li>
</ul>
<h2>Version 2.16.0</h2>
<p>(released August 6th, 2023)</p>
<ul>
<li>
<p>New lexers:</p>
<ul>
<li>ASN.1 (<a
href="https://redirect.github.com/pygments/pygments/issues/2462">#2462</a>)</li>
<li>Blueprint (<a
href="https://redirect.github.com/pygments/pygments/issues/2434">#2434</a>)</li>
<li>BQN (<a
href="https://redirect.github.com/pygments/pygments/issues/2472">#2472</a>)</li>
<li>DNS zone files (<a
href="https://redirect.github.com/pygments/pygments/issues/2464">#2464</a>)</li>
<li>GraphQL (<a
href="https://redirect.github.com/pygments/pygments/issues/2428">#2428</a>)</li>
<li>Linux desktop files (following the specification of the
Freedesktop group, formerly known as XDG) (<a
href="https://redirect.github.com/pygments/pygments/issues/2470">#2470</a>)</li>
<li>NVIDIA PTX (<a
href="https://redirect.github.com/pygments/pygments/issues/2432">#2432</a>)</li>
<li>OpenSCAD (<a
href="https://redirect.github.com/pygments/pygments/issues/2449">#2449</a>)</li>
<li>systemd (<a
href="https://redirect.github.com/pygments/pygments/issues/2470">#2470</a>)</li>
<li>TLS presentation language (<a
href="https://redirect.github.com/pygments/pygments/issues/2455">#2455</a>)</li>
<li>Verifpal (<a
href="https://redirect.github.com/pygments/pygments/issues/2430">#2430</a>)</li>
<li>YARA (<a
href="https://redirect.github.com/pygments/pygments/issues/2453">#2453</a>)</li>
</ul>
</li>
<li>
<p>Updated lexers:</p>
<ul>
<li>ASC: Add <code>application/pem-certificate-chain</code> mimetype (<a
href="https://redirect.github.com/pygments/pygments/issues/2471">#2471</a>)</li>
<li>C/C++: Refi...