Merge pull request #95 from MobSF/bump_libsast

Bump semgrep to 1.86.0
MobSF · Nov 4, 2024 · 0ef8c86 · 0ef8c86
2 parents f6322a0 + 2f3836e
commit 0ef8c86
Show file tree

Hide file tree

Showing 6 changed files with 806 additions and 421 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.11.0-slim
+FROM python:3.12-slim
 
 RUN apt-get update \
 && apt-get install gcc -y \

diff --git a/Pipfile b/Pipfile
@@ -7,7 +7,7 @@ verify_ssl = true
 
 [packages]
 colorama = ">=0.4.5"
-libsast = ">=1.5.3"
+libsast = ">=3.1.0"
 sarif-om = ">=1.0.4"
 jschema-to-python = ">=1.2.3"
 tabulate = ">=0.8.10"

diff --git a/Pipfile.lock b/Pipfile.lock
diff --git a/README.md b/README.md
@@ -242,7 +242,10 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/[email protected]
+    - uses: actions/[email protected]
+      with:
+        python-version: '3.12'
     - name: mobsfscan
       uses: MobSF/mobsfscan@main
       with:
@@ -267,7 +270,10 @@ jobs:
     name: mobsfscan code scanning
     steps:
     - name: Checkout the code
-      uses: actions/checkout@v2
+      uses: actions/[email protected]
+    - uses: actions/[email protected]
+      with:
+        python-version: '3.12'
     - name: mobsfscan
       uses: MobSF/mobsfscan@main
       with:

diff --git a/mobsfscan/__init__.py b/mobsfscan/__init__.py
@@ -6,7 +6,7 @@
 __title__ = 'mobsfscan'
 __authors__ = 'Ajin Abraham'
 __copyright__ = f'Copyright {datetime.now().year} Ajin Abraham, OpenSecurity'
-__version__ = '0.3.9'
+__version__ = '0.4.0'
 __version_info__ = tuple(int(i) for i in __version__.split('.'))
 __all__ = [
     '__title__',

diff --git a/requirements.txt b/requirements.txt
@@ -1,36 +1,57 @@
-attrs==21.4.0
+annotated-types==0.7.0
+attrs==24.2.0
 boltons==21.0.0
-bracex==2.4
-certifi==2024.2.2
-charset-normalizer==3.3.2
+bracex==2.5.post1
+certifi==2024.8.30
+charset-normalizer==3.4.0
 click==8.1.7
 click-option-group==0.5.6
 colorama==0.4.6
 defusedxml==0.7.1
-face==22.0.0
+Deprecated==1.2.14
+exceptiongroup==1.2.2
+face==24.0.0
 glom==22.1.0
-idna==3.6
+googleapis-common-protos==1.65.0
+idna==3.10
+importlib_metadata==7.1.0
 jschema-to-python==1.2.3
-jsonpickle==3.0.3
-jsonschema==4.17.3
-libsast==2.0.3
-packaging==21.3
-pbr==6.0.0
-peewee==3.17.1
-pyparsing==3.1.2
-pyrsistent==0.20.0
-python-lsp-jsonrpc==1.0.0
-PyYAML==6.0.1
-requests==2.31.0
+jsonpickle==3.3.0
+jsonschema==4.23.0
+jsonschema-specifications==2024.10.1
+libsast==3.1.0
+markdown-it-py==3.0.0
+mdurl==0.1.2
+opentelemetry-api==1.25.0
+opentelemetry-exporter-otlp-proto-common==1.25.0
+opentelemetry-exporter-otlp-proto-http==1.25.0
+opentelemetry-instrumentation==0.46b0
+opentelemetry-instrumentation-requests==0.46b0
+opentelemetry-proto==1.25.0
+opentelemetry-sdk==1.25.0
+opentelemetry-semantic-conventions==0.46b0
+opentelemetry-util-http==0.46b0
+packaging==24.1
+pbr==6.1.0
+peewee==3.17.7
+protobuf==4.25.5
+pydantic==2.8.2
+pydantic_core==2.20.1
+Pygments==2.18.0
+PyYAML==6.0.2
+referencing==0.35.1
+requests==2.32.3
+rich==13.9.4
+rpds-py==0.20.1
 ruamel.yaml==0.17.40
-ruamel.yaml.clib==0.2.8
+ruamel.yaml.clib==0.2.12
 sarif-om==1.0.4
-semgrep==0.117.0
+semgrep==1.86.0
 tabulate==0.9.0
-tomli==2.0.1
-tqdm==4.66.2
-typing_extensions==4.10.0
-ujson==5.9.0
-urllib3==1.26.18
-wcmatch==8.5.1
-xmltodict==0.13.0
+tomli==2.0.2
+typing_extensions==4.12.2
+urllib3==2.2.3
+wcmatch==8.5.2
+wrapt==1.16.0
+xmltodict==0.14.2
+zipp==3.20.2