src package

Subpackages

• src.checks package
  • Submodules
  • src.checks.checked_in_binaries module
    • FactHelperFileFileType
      • FactHelperFileFileType.__init__()
      • FactHelperFileFileType._key()
      • FactHelperFileFileType.__module__
    • FactHelperFile
      • FactHelperFile.file_type_of()
      • FactHelperFile.__annotations__
      • FactHelperFile.__module__
    • CheckedInBinaries
      • CheckedInBinaries.blacklist_dir
      • CheckedInBinaries.exclude
      • CheckedInBinaries.__init__()
      • CheckedInBinaries.__update_blacklist()
      • CheckedInBinaries.__init_blacklist()
      • CheckedInBinaries.__is_too_generic()
      • CheckedInBinaries._run_all_tools()
      • CheckedInBinaries._format_findings()
      • CheckedInBinaries.__format_findings()
      • CheckedInBinaries._is_ok()
      • CheckedInBinaries._calc_score()
      • CheckedInBinaries._determine_violations()
      • CheckedInBinaries.run()
      • CheckedInBinaries.__annotations__
      • CheckedInBinaries.__module__
  • src.checks.comments_in_code module
    • CommentsInCode
      • CommentsInCode.__init__()
      • CommentsInCode.__load_tokei_to_linguist()
      • CommentsInCode.__compute_l_check()
      • CommentsInCode.__have_tokei()
      • CommentsInCode.__fetch_linguist()
      • CommentsInCode.__compute_l_repo()
      • CommentsInCode.__run_tokei()
      • CommentsInCode._tokei()
      • CommentsInCode._sigma()
      • CommentsInCode._compute_tokei()
      • CommentsInCode._compute_score()
      • CommentsInCode.run()
      • CommentsInCode.__annotations__
      • CommentsInCode.__module__
  • src.checks.existence_of_documentation_infrastructure module
    • logger
    • PlainInTreeFile
      • PlainInTreeFile.DOC_FILE_NAME_WHITELIST
      • PlainInTreeFile._url_to_file()
      • PlainInTreeFile._find_doc_files_from_links()
      • PlainInTreeFile._doc_file_filter()
      • PlainInTreeFile.delta()
      • PlainInTreeFile.__annotations__
      • PlainInTreeFile.__module__
    • PlainInTreeFolder
      • PlainInTreeFolder.DOC_FOLDER_RE
      • PlainInTreeFolder._doc_dir_predicate()
      • PlainInTreeFolder._find_doc_dirs()
      • PlainInTreeFolder._count_docs()
      • PlainInTreeFolder.delta()
      • PlainInTreeFolder.__annotations__
      • PlainInTreeFolder.__module__
    • OutOfTreeExternal
      • OutOfTreeExternal.HARD_CODED_SCORE
      • OutOfTreeExternal._get_amount()
      • OutOfTreeExternal.delta()
      • OutOfTreeExternal.__annotations__
      • OutOfTreeExternal.__module__
    • OutOfTreeWiki
      • OutOfTreeWiki._fetch_wiki_pages()
      • OutOfTreeWiki.delta()
      • OutOfTreeWiki.__annotations__
      • OutOfTreeWiki.__module__
    • ExistenceOfDocumentationInfrastructure
      • ExistenceOfDocumentationInfrastructure.DEFAULT_RISE
      • ExistenceOfDocumentationInfrastructure.__init__()
      • ExistenceOfDocumentationInfrastructure.DOC_TYPES
      • ExistenceOfDocumentationInfrastructure._sigma()
      • ExistenceOfDocumentationInfrastructure.sigma_inv()
      • ExistenceOfDocumentationInfrastructure._sigma_inv_2()
      • ExistenceOfDocumentationInfrastructure._compute_delta()
      • ExistenceOfDocumentationInfrastructure._score()
      • ExistenceOfDocumentationInfrastructure._detailed_results()
      • ExistenceOfDocumentationInfrastructure.__annotations__
      • ExistenceOfDocumentationInfrastructure.__module__
      • ExistenceOfDocumentationInfrastructure.run()
  • src.checks.interfaces_checked_in_binaries module
    • FileTypeInterface
      • FileTypeInterface.__init__()
      • FileTypeInterface._key()
      • FileTypeInterface.__repr__()
      • FileTypeInterface.__str__()
      • FileTypeInterface.__hash__()
      • FileTypeInterface.__eq__()
      • FileTypeInterface.__annotations__
      • FileTypeInterface.__dict__
      • FileTypeInterface.__module__
      • FileTypeInterface.__weakref__
    • FileTypeToolInterface
      • FileTypeToolInterface.__init__()
      • FileTypeToolInterface.__repr__()
      • FileTypeToolInterface.__str__()
      • FileTypeToolInterface.file_type_of()
      • FileTypeToolInterface.__annotations__
      • FileTypeToolInterface.__module__
  • src.checks.interfaces_existence_of_documentation_infrastructure module
    • DocumentationTypeInterface
      • DocumentationTypeInterface.TEXT_FILE_REGEX
      • DocumentationTypeInterface.LINK_PATTERN
      • DocumentationTypeInterface.PubbliccodeymlDocLink
      • DocumentationTypeInterface.ScrapedDocLink
      • DocumentationTypeInterface.__init__()
      • DocumentationTypeInterface._is_external_url()
      • DocumentationTypeInterface._docs_in_publiccodeyml()
      • DocumentationTypeInterface._collect_doc_links()
      • DocumentationTypeInterface._amount()
      • DocumentationTypeInterface._text_file_filter()
      • DocumentationTypeInterface._get_publiccodeyml()
      • DocumentationTypeInterface._remove_whitespace()
      • DocumentationTypeInterface.delta()
      • DocumentationTypeInterface.__annotations__
      • DocumentationTypeInterface.__module__
  • src.checks.interfaces_sast_usage_basic module
  • src.checks.interfaces_secrets module
    • SecretInterface
      • SecretInterface.__init__()
      • SecretInterface.summarize()
      • SecretInterface.__dict__
      • SecretInterface.__module__
      • SecretInterface.__weakref__
    • SecretsToolInterface
      • SecretsToolInterface.__init__()
      • SecretsToolInterface.check_file()
      • SecretsToolInterface.check_files()
      • SecretsToolInterface.create_or_overwrite_baseline()
      • SecretsToolInterface.update_baseline()
      • SecretsToolInterface.diff_vs_baseline()
      • SecretsToolInterface.delete_baseline()
      • SecretsToolInterface.detected_secrets
      • SecretsToolInterface.__annotations__
      • SecretsToolInterface.__module__
  • src.checks.sast_usage_basic module
    • SastToolKind
      • SastToolKind.LINTER
      • SastToolKind.SECURITY
      • SastToolKind.SECRET
      • SastToolKind.SCA
      • SastToolKind.weight()
      • SastToolKind.__module__
    • SastTool
      • SastTool.__init__()
      • SastTool.__add_source_file_regex()
      • SastTool.__compile_regex()
      • SastTool.__getitem__()
      • SastTool.from_file_validate()
      • SastTool.check_file()
      • SastTool._check_file()
      • SastTool.weight
      • SastTool.__dict__
      • SastTool.__module__
      • SastTool.__weakref__
    • SastUsageBasic
      • SastUsageBasic.exclude
      • SastUsageBasic.__init__()
      • SastUsageBasic.__load_tool_schema()
      • SastUsageBasic.__generate_tools()
      • SastUsageBasic.__load_tools()
      • SastUsageBasic.__build_lang_tools()
      • SastUsageBasic._detect_sast_tools()
      • SastUsageBasic._calc_score()
      • SastUsageBasic.run()
      • SastUsageBasic.__annotations__
      • SastUsageBasic.__module__
  • src.checks.secrets module
    • DetectSecretsSecret
      • DetectSecretsSecret.__init__()
      • DetectSecretsSecret.summarize()
      • DetectSecretsSecret.__annotations__
      • DetectSecretsSecret.__module__
    • DetectSecrets
      • DetectSecrets.__init__()
      • DetectSecrets.check_file()
      • DetectSecrets._get_baseline_dir()
      • DetectSecrets._get_baseline_file()
      • DetectSecrets.maybe_load_baseline()
      • DetectSecrets.create_or_overwrite_baseline()
      • DetectSecrets.update_baseline()
      • DetectSecrets.diff_vs_baseline()
      • DetectSecrets.delete_baseline()
      • DetectSecrets.check_files()
      • DetectSecrets.detected_secrets
      • DetectSecrets.__annotations__
      • DetectSecrets.__module__
    • Secrets
      • Secrets.exclude
      • Secrets.__init__()
      • Secrets._detect_secrets()
      • Secrets._calc_score()
      • Secrets._process_args()
      • Secrets.run()
      • Secrets.__annotations__
      • Secrets.__module__
    • _custom_settings()
  • Module contents
    • results_valid()
    • validate_args()
    • transform_args()
    • iter_checks()

Submodules

src.config module

Module that loads the tool’s runtime configuration from a file and makes it accessible to other modules.

class src.config.Singleton(*args: Any, **kw: dict[str, Any])

Bases: object

Parameters:

• args (Any) –

• kw (dict[str, Any]) –

Return type:

Singleton

static __new__(cls, *args: Any, **kw: dict[str, Any]) → Singleton

Parameters:

• args (Any) –

• kw (dict[str, Any]) –

Return type:

Singleton

__dict__

__module__

__weakref__

list of weak references to the object

class src.config.Context(*args: Any, **kw: dict[str, Any])

Bases: Singleton

Attributes:

settings: mapping of detected runtime configuration options to their

values. key naming scheme is <section>_<name>

config_file_name: str

__init__()

_read_config_file() → ConfigParser

Return type:

ConfigParser

_set_config_attributes() → None

Return type:

None

_transform_settings() → None

Return type:

None

_transform_setting(setting_name: str, new_type: type[Any]) → None

Parameters:

• setting_name (str) –

• new_type (type[Any]) –

Return type:

None

__annotations__

__module__

_instance

src.dashboard module

class src.dashboard.DashboardColumns(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: Enum

ID

NAME

COMMITS

LAST_UPDATE

BRANCHES

ISSUES

CONTRIBUTORS

USERS

STARS

LANGUAGES

LOC

__module__

class src.dashboard.Dashboard(oc: OpenCode)

Bases: object

Parameters:

oc (OpenCode) –

dashboard_file_path: Path

pl_whitelist_path: Path

pl_whitelist_wiki_path: Path

pl_whitelist_manual: set[str]

pl_blacklist_manual: set[str]

repo_blacklist_manual: set[int]

dashboard_columns: list[tuple[str, type]]

class dashboardColumns(id, Name, Commits, LastUpdate, Branches, Issues, Contributors, Users, Stars, Languages, LOC)

Bases: tuple

Parameters:

• id (int) –

• Name (str) –

• Commits (int) –

• LastUpdate (str) –

• Branches (int) –

• Issues (int) –

• Contributors (int) –

• Users (int) –

• Stars (int) –

• Languages (str) –

• LOC (str) –

Branches: int

Alias for field number 4

Commits: int

Alias for field number 2

Contributors: int

Alias for field number 6

Issues: int

Alias for field number 5

LOC: str

Alias for field number 10

Languages: str

Alias for field number 9

LastUpdate: str

Alias for field number 3

Name: str

Alias for field number 1

Stars: int

Alias for field number 8

Users: int

Alias for field number 7

__annotations__

__getnewargs__()

Return self as a plain tuple. Used by copy and pickle.

__match_args__

__module__

static __new__(_cls, id: int, Name: str, Commits: int, LastUpdate: str, Branches: int, Issues: int, Contributors: int, Users: int, Stars: int, Languages: str, LOC: str)

Create new instance of dashboardColumns(id, Name, Commits, LastUpdate, Branches, Issues, Contributors, Users, Stars, Languages, LOC)

Parameters:

• id (int) –

• Name (str) –

• Commits (int) –

• LastUpdate (str) –

• Branches (int) –

• Issues (int) –

• Contributors (int) –

• Users (int) –

• Stars (int) –

• Languages (str) –

• LOC (str) –

__repr__()

Return a nicely formatted representation string

__slots__

_asdict()

Return a new dict which maps field names to their values.

_field_defaults

_fields

classmethod _make(iterable)

Make a new dashboardColumns object from a sequence or iterable

_replace(**kwds)

Return a new dashboardColumns object replacing specified fields with new values

id: int

Alias for field number 0

__init__(oc: OpenCode) → None

Parameters:

oc (OpenCode) –

Return type:

None

_load_pl_whitelist() → set[str]

Return type:

set[str]

_maybe_create_pl_whitelist() → bool

cloc also counts stuff that’s not a PL, use a whitelist to filter its output

Return type:

bool

create_dashboard() → None

Return type:

None

_iter_dashboard() → Iterable[dashboardColumns]

Return type:

Iterable[dashboardColumns]

pl_repo() → None

Return type:

None

pl_loc() → None

Return type:

None

_pl_print_cvs(result: list[tuple[str, float]]) → None

Parameters:

result (list[tuple[str, float]]) –

Return type:

None

run(args_dict: dict[str, Any]) → None

Parameters:

args_dict (dict[str, Any]) –

Return type:

None

__annotations__

__dict__

__module__

__weakref__

list of weak references to the object

src.exceptions module

Exceptions that might be raised by core or check code.

exception src.exceptions.CoreGoesBoomError

Bases: Exception

Raised if core code encounters an unrecoverable error (uncaught).

__module__

__weakref__

list of weak references to the object

exception src.exceptions.CheckGoesBoomError

Bases: Exception

Raise this exception if your check exploded. (at runtime)

__module__

__weakref__

list of weak references to the object

exception src.exceptions.CheckConstructionError

Bases: Exception

Raise this exception if your check’s constructor encountered some fatal error.

__module__

__weakref__

list of weak references to the object

exception src.exceptions.CheckNotApplicableError

Bases: Exception

Raise this exception if your check comes to the conclusion that it cannot produce a reasonable result for the griven project. (at runtime)

__module__

__weakref__

list of weak references to the object

src.interfaces module

Collection of all interfaces

class src.interfaces.Named

Bases: object

classmethod name() → str

Return type:

str

__dict__

__module__

__weakref__

list of weak references to the object

class src.interfaces.CheckInterface(proj: Project, repo: Repo, api: Gitlab)

Bases: Named

Represents a check that can be applied to a repository @schema: JSON schema that results of this check must adhere to

Parameters:

• proj (Project) –

• repo (Repo) –

• api (Gitlab) –

exclude: Pattern[str] | None

__init__(proj: Project, repo: Repo, api: Gitlab)

Parameters:

• proj (Project) –

• repo (Repo) –

• api (Gitlab) –

_get_resource_dir() → Path

Returns:

The root of this check’s personal resource directory.

Return type:

Path

_load_results_schema() → dict[str, Any]

Return type:

dict[str, Any]

_gen_file_list() → Generator[Path, None, None]

Helper to generate a list of all _relevant_ files in a project. Skips all files whose - name matches the self.exclude pattern - path relative to the project root matches self.exclude_path pattern

Returns:

Iterator over all files in the project

Return type:

Generator[Path, None, None]

run(args_dict: dict[str, Any] | None = None) → dict[str, Any]

Parameters:

args_dict (dict[str, Any] | None) –

Return type:

dict[str, Any]

property description: dict[str, Any]

results_valid(results: dict[str, Any]) → bool

Validates the tool-specific results of a run against the corresponding JSON schema returns: true iff the results match the schema

Parameters:

results (dict[str, Any]) –

Return type:

bool

__annotations__

__module__

src.opencode module

Module which provides the methods that correspond to the subcommands of occmd

class src.opencode.OpenCode

Bases: object

Class which provides the methods that correspond to the subcommands of occmd

url_opencode: str

apikey: str | None

p_db_raw: Path

__init__()

property users: list[RESTObject] | RESTObjectList

returns: All users registered on the OpenCoDE platform Note: might not work if they change the API config

property projects: list[Project]

returns: All projects listed on the OpenCoDE platform

get_project_by_id(_id: int) → Project

Get meta information about a project from its id

Parameters:

_id (int) –

Return type:

Project

get_repo_for_proj(proj: Project) → Repo

Get the local repository for a remote project from the local OpenCoDE dump.

Parameters:

proj (Project) –

Return type:

Repo

clone_repo_for_proj(proj: Project) → Repo

Get the local repository for a remote project via cloning to temporary directory

Parameters:

proj (Project) –

Return type:

Repo

iter_projects(filter_func: ~collections.abc.Callable[[~gitlab.v4.objects.projects.Project, ~git.repo.base.Repo], bool] = <function OpenCode.<lambda>>, _id: int | None = None, directory: ~pathlib.Path | None = None) → Generator[tuple[Project, Repo], None, None]

Parameters:

• filter_func (Callable[[Project, Repo], bool]) – skip project if this functions maps it to True

• _id (int | None) – optional, Gitlab id of the project specified via ‘directory’ parameter

• directory (Path | None) – optional, local file system location of git root of project specified via ‘id’ parameter

Returns:

Api objects and local repo objects for all projects on OpenCoDE. Optionally: Only generates a single tuple for the project specified by ‘id’ and ‘directory’ parameters.

Return type:

Generator[tuple[Project, Repo], None, None]

dashboard(cli_args: Namespace, /, *_: Any, **__: Any) → None

Visualize the state of the platform as a table.

Parameters:

• cli_args (Namespace) –

• _ (Any) –

• __ (Any) –

Return type:

None

graph() → None

Visualize the state of the platform as a graph.

Return type:

None

_construct_check_filter(check: str | None = None) → Callable[[type[CheckInterface]], bool]

returns:

Function on checks that returns True IFF the check should be skipped. Default: skip no checks

Parameters:

check (str | None) –

Return type:

Callable[[type[CheckInterface]], bool]

_construct_repo_filter(repo_id: int | None = None) → Callable[[RESTObject, Repo], bool]

returns:

Function on repository API instance and local instance that returns True IFF the repository should be skipped. Default: skip no repositories

Parameters:

repo_id (int | None) –

Return type:

Callable[[RESTObject, Repo], bool]

check(cli_args: Namespace, /, *_: Any, **__: Any) → None

Performs a set of checks on a set of repositories.

Parameters:

• cli_args (Namespace) –

• _ (Any) –

• __ (Any) –

Return type:

None

update(*_: Any, **__: Any) → None

Updates the local OpenCoDE mirror.

Parameters:

• _ (Any) –

• __ (Any) –

Return type:

None

__annotations__

__dict__

__module__

__weakref__

list of weak references to the object

src.opencode_git module

Module to interact with OpenCoDE platform via git command line tool

src.opencode_git.clone_project(http_url: str, local_path: Path) → None

Parameters:

• http_url (str) –

• local_path (Path) –

Return type:

None

src.utils module

src.utils.camel_to_snake(s: str) → str

Converts a string from CamelCase to snake_case. Does not handle many of the special cases.

Parameters:

s (str) –

Return type:

str

src.utils.dir_list(repo: Repo, dir_predicate: Callable[[str], bool]) → Iterable[Path]

Searches the project for directories that match the dir_predicate. If a directory matches its subtree is not explored for more matching directories.

Parameters:

• repo (Repo) – The local checkout of the project.

• dir_predicate (Callable[[str], bool]) – Function that receives the directory name and returns True iff the spanned subtree should be yielded.

Return type:

Iterable[Path]

src.utils.file_list(repo: ~git.repo.base.Repo, file_name_filter: ~collections.abc.Callable[[str], bool] = <function <lambda>>, path_component_filter: ~collections.abc.Callable[[str], bool] = <function <lambda>>, root: ~pathlib.Path | None = None, recursive: bool = True) → Iterable[Path]

Generates a list of all files in a project. Optionally, the yielded files can be filtered based on path components or file name. The function can also be restricted to a subtree.

Parameters:

• repo (Repo) – The local checkout of the project.

• file_name_filter (Callable[[str], bool]) – Function that receives a file name and returns True iff the file should be skipped.

• path_component_filter (Callable[[str], bool]) – Function that receives the name of a directory and returns True iff the whole directory should be skipped.

• root (Path | None) – Optionally, search only the subtree rooted at root

• recursive (bool) – Iterate through folders recursively

Returns:

Iterator over all files in the project

Return type:

Iterable[Path]

src.utils.get_publiccode_cfg(repo: Repo) → Path | None

Tries to find the OpenCoDE configuration file in the repository.

Parameters:

repo (Repo) – The local checkout of the project.

Returns:

path of the file or None if it does not exist.

Return type:

Path | None

Module contents