parent 223ad60

author Dylan Pulver <dylanryanpulver@gmail.com> 1732560851 -0500 committer Dylan Pulver <dylanryanpulver@gmail.com> 1734466348 -0500 gpgsig -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQR8hu+aMQHwGtOiprRYOGlsgKaxswUCZ2HbLAAKCRBYOGlsgKax s+jrAP97O2+K0k+c7YMwn0JuN9CCAKXSuOo+6e58xt2aThUWoQEA0B00lQhBAZVh qcZOk9sMdVXMHl308FNXDEWbCdFT6Qk= =4jd3 -----END PGP SIGNATURE----- feature/post-prototype feature/add-branch-name (#641) chore:Use specific safety schema version feature/cve-data-filter-flag (#643) chore/release-3.2.12 (#644) feat(utils.py): remove email verification feat(changelog): update version Auth added fix urljoin issue chore:Use specific safety schema version feat(utils.py): remove email verification feat(changelog): update version review changes switch to target drop prefixes fix return code check extract runtime info fix
pyupio · Dec 17, 2024 · 9f51b87 · 9f51b87
1 parent 223ad60
commit 9f51b87
Show file tree

Hide file tree

Showing 12 changed files with 348 additions and 56 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-20.04
     strategy:
       matrix:
-        python-version: [ "3.7", "3.8", "3.9", "3.10", "3.11", "3.12" ]
+        python-version: [ "3.8", "3.9", "3.10", "3.11", "3.12" ]
     steps:
       - uses: actions/checkout@v3
       - name: Set up Python

diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -42,6 +42,16 @@
             ],
             "console": "integratedTerminal"
         },
+        {
+            "name": "Safety Scan 2",
+            "type": "debugpy",
+            "request": "launch",
+            "module": "safety",
+            "args": [
+                "scan", "--use-server-matching"
+            ],
+            "console": "integratedTerminal"
+        },
         {
             "name": "Safety Scan API Key",
             "type": "debugpy",

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,14 @@ All notable changes to this project will be documented in this file.
 The format is partly based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html) and [PEP 440](https://peps.python.org/pep-0440/)
 
+## [3.2.13] - 2024-12-10
+- Remove email verification for running scans (#645)
+
+## [3.2.12] - 2024-12-10
+- Add CVE Details and Single-Key Filtering for JSON Output in safety scan (#643)
+- feature/add-branch-name (#641)
+- feat/add --headless to --help (#636)
+
 ## [3.2.11] - 2024-11-12
 - chore/upgrade-dparse (#633)
 - Migrate to PyPI Trusted Publisher for Automated Package Deployment (#632)

diff --git a/safety/VERSION b/safety/VERSION
@@ -1 +1 @@
-3.2.11
+3.2.13
diff --git a/safety/auth/utils.py b/safety/auth/utils.py
@@ -3,6 +3,7 @@
 import logging
 import sys
 from typing import Any, Optional, Dict, Callable, Tuple
+from urllib.parse import urljoin
 from authlib.integrations.requests_client import OAuth2Session
 from authlib.integrations.base_client.errors import OAuthError
 import requests
@@ -11,7 +12,7 @@
 from safety.auth.constants import AUTH_SERVER_URL, CLAIM_EMAIL_VERIFIED_API, \
     CLAIM_EMAIL_VERIFIED_AUTH_SERVER
 from safety.auth.main import get_auth_info, get_token_data
-from safety.constants import PLATFORM_API_CHECK_UPDATES_ENDPOINT, PLATFORM_API_INITIALIZE_SCAN_ENDPOINT, PLATFORM_API_POLICY_ENDPOINT, \
+from safety.constants import PLATFORM_API_BASE_URL, PLATFORM_API_CHECK_UPDATES_ENDPOINT, PLATFORM_API_INITIALIZE_SCAN_ENDPOINT, PLATFORM_API_POLICY_ENDPOINT, \
     PLATFORM_API_PROJECT_CHECK_ENDPOINT, PLATFORM_API_PROJECT_ENDPOINT, PLATFORM_API_PROJECT_SCAN_REQUEST_ENDPOINT, \
         PLATFORM_API_PROJECT_UPLOAD_SCAN_ENDPOINT, REQUEST_TIMEOUT
 from safety.scan.util import AuthenticationType
@@ -48,9 +49,15 @@ def is_email_verified(info: Dict[str, Any]) -> Optional[bool]:
         info (Dict[str, Any]): The user information.
 
     Returns:
-        bool: True if the email is verified, False otherwise.
+        bool: True
     """
-    return info.get(CLAIM_EMAIL_VERIFIED_API) or info.get(CLAIM_EMAIL_VERIFIED_AUTH_SERVER)
+    # return info.get(CLAIM_EMAIL_VERIFIED_API) or info.get(
+    #     CLAIM_EMAIL_VERIFIED_AUTH_SERVER
+    # )
+
+    # Always return True to avoid email verification
+    return True
+
 
 
 def parse_response(func: Callable) -> Callable:
@@ -366,6 +373,30 @@ def upload_report(self, json_report: str) -> Any:
             headers=headers
         )
 
+    def upload_requirments(self, json_payload: str) -> Any:
+        """
+        Upload a scan report.
+
+        Args:
+            json_report (str): The JSON report.
+
+        Returns:
+            Any: The upload result.
+        """
+
+        headers = {
+            "Content-Type": "application/json"
+        }
+        from safety.constants import PLATFORM_API_BASE_URL
+        if not PLATFORM_API_BASE_URL.endswith("/"):
+            PLATFORM_API_BASE_URL += "/"
+        SCAN_API_ENDPOINT = urljoin(PLATFORM_API_BASE_URL, "process_files/")
+
+        return self.post(
+            url=SCAN_API_ENDPOINT,
+            data=json.dumps(json_payload),
+            headers=headers
+        )
 
     @parse_response
     def check_updates(self, version: int, safety_version: Optional[str] = None, python_version: Optional[str] = None, os_type: Optional[str] = None, os_release: Optional[str] = None, os_description: Optional[str] = None) -> Any:
@@ -427,8 +458,8 @@ def send(self, request: requests.PreparedRequest, **kwargs: Any) -> requests.Res
         """
         request.headers.pop("Authorization", None)
         return super().send(request, **kwargs)
-    
-    
+
+
 from functools import lru_cache
 
 @lru_cache(maxsize=1)
@@ -438,7 +469,7 @@ def is_jupyter_notebook() -> bool:
     various cloud-hosted Jupyter notebooks.
 
     Returns:
-        bool: True if the environment is identified as a Jupyter notebook (or 
+        bool: True if the environment is identified as a Jupyter notebook (or
               equivalent cloud-based environment), False otherwise.
 
     Supported environments:

diff --git a/safety/cli_util.py b/safety/cli_util.py
@@ -1,5 +1,6 @@
 from collections import defaultdict
 import logging
+import subprocess
 import sys
 from typing import Any, DefaultDict, Dict, List, Optional, Tuple, Union
 import click
@@ -373,7 +374,7 @@ def format_main_help(obj: Union[click.Command, click.Group],
     from typer.rich_utils import highlighter, STYLE_USAGE_COMMAND, \
         ARGUMENTS_PANEL_TITLE, OPTIONS_PANEL_TITLE, \
             COMMANDS_PANEL_TITLE
-  
+
     from rich.align import Align
     from rich.padding import Padding
     from rich.console import Console
@@ -793,4 +794,21 @@ def inner(ctx, output: Optional[ScanOutput], *args, **kwargs):
             exception = e if isinstance(e, SafetyException) else SafetyException(info=e)
             output_exception(exception, exit_code_output=True)
 
-    return inner
+    return inner
+
+def get_git_branch_name() -> Optional[str]:
+    """
+    Retrieves the current Git branch name.
+
+    Returns:
+        str: The current Git branch name, or None if it cannot be determined.
+    """
+    try:
+        branch_name = subprocess.check_output(
+            ["git", "rev-parse", "--abbrev-ref", "HEAD"],
+            stderr=subprocess.DEVNULL,
+            text=True
+        ).strip()
+        return branch_name if branch_name else None
+    except Exception:
+        return None