CodeSecTools/codesectools/sasts/all/sast.py at 9007c2b75c4e570f98c1645d53fbd484a9fa18ab · OPPIDA/CodeSecTools · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
"""Defines the logic for orchestrating multiple SAST tools together."""

from typing import TYPE_CHECKING

from codesectools.sasts import SASTS_ALL
from codesectools.sasts.all.parser import AllSASTAnalysisResult
from codesectools.utils import USER_OUTPUT_DIR

if TYPE_CHECKING:
    from codesectools.sasts.core.sast import SAST


class AllSAST:
    """Orchestrate running multiple SAST tools and managing their combined results."""

    name = "AllSAST"
    parser = AllSASTAnalysisResult

    def __init__(self) -> None:
        """Initialize the AllSAST instance."""
        self.output_dir = USER_OUTPUT_DIR / self.name
        self.full_sasts: list[SAST] = []
        self.partial_sasts: list[SAST] = []
        self.any_sasts: list[SAST] = []
        for _, sast_data in SASTS_ALL.items():
            if sast_data["status"] == "full":
                self.full_sasts.append(sast_data["sast"]())
                self.partial_sasts.append(sast_data["sast"]())
                self.any_sasts.append(sast_data["sast"]())
            elif sast_data["status"] == "partial":
                self.partial_sasts.append(sast_data["sast"]())
                self.any_sasts.append(sast_data["sast"]())
            else:
                self.any_sasts.append(sast_data["sast"]())

        self.sasts_by_lang = {}
        self.sasts_by_dataset = {}

        for sast in self.full_sasts:
            for lang in sast.supported_languages + sast.extra_languages:
                if self.sasts_by_lang.get(lang):
                    self.sasts_by_lang[lang].append(sast)
                else:
                    self.sasts_by_lang[lang] = [sast]

            for dataset in sast.supported_datasets:
                if self.sasts_by_dataset.get(dataset):
                    self.sasts_by_dataset[dataset].append(sast)
                else:
                    self.sasts_by_dataset[dataset] = [sast]

    def list_results(
        self, project: bool = False, dataset: bool = False, limit: int | None = None
    ) -> set[str]:
        """List the names of analysis results common to all enabled SAST tools."""
        output_dirs = set()
        for sast in self.partial_sasts:
            if not output_dirs:
                output_dirs = set(
                    sast.list_results(project=project, dataset=dataset, limit=limit)
                )
            else:
                output_dirs |= set(
                    sast.list_results(project=project, dataset=dataset, limit=limit)
                )
        return output_dirs