diff --git a/integration_tests/test_program.py b/integration_tests/test_program.py index af6383c2..865c3695 100644 --- a/integration_tests/test_program.py +++ b/integration_tests/test_program.py @@ -1,4 +1,8 @@ import subprocess +from pathlib import Path + +import pytest +from sarif_pydantic.sarif import Run, Sarif, Tool, ToolDriver from core_codemods.remove_assertion_in_pytest_raises import ( RemoveAssertionInPytestRaises, @@ -26,14 +30,50 @@ def test_codemods_include_exclude_conflict(self): ) assert completed_process.returncode == 3 - def test_load_sast_only_by_flag(self, tmp_path): + @pytest.mark.parametrize( + "cli_args", + [ + "--sonar-issues-json", + "--sonar-hotspots-json", + "--sonar-json", + ], + ) + def test_load_sast_only_by_sonar_flag(self, tmp_path, cli_args): tmp_file_path = tmp_path / "sonar.json" tmp_file_path.touch() completed_process = subprocess.run( [ "codemodder", "tests/samples/", - "--sonar-issues-json", + cli_args, + f"{tmp_file_path}", + "--dry-run", + ], + check=False, + capture_output=True, + text=True, + ) + print(completed_process.stdout) + print(completed_process.stderr) + assert completed_process.returncode == 0 + assert RemoveAssertionInPytestRaises.id not in completed_process.stdout + + def test_load_sast_only_by_sarif_flag(self, tmp_path: Path): + tmp_file_path = tmp_path / "sarif.json" + sarif_run = Run( + tool=Tool(driver=ToolDriver(name="test")), + results=[], + ) + sarif = Sarif(runs=[sarif_run], **{"$schema": ""}) + tmp_file_path.write_text( + sarif.model_dump_json(indent=2, exclude_none=True, by_alias=True) + ) + + completed_process = subprocess.run( + [ + "codemodder", + "tests/samples/", + "--sarif", f"{tmp_file_path}", "--dry-run", ], diff --git a/pyproject.toml b/pyproject.toml index 356cb79b..598b466c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -52,7 +52,7 @@ get-hashes = 'codemodder.scripts.get_hashes:main' [project.optional-dependencies] semgrep = [ - "semgrep>=1.125,<1.126", + "semgrep>=1.127,<1.128", ] test = [ "azure-ai-inference>=1.0.0b1,<2.0", @@ -66,8 +66,8 @@ test = [ "httpx~=0.27", "Jinja2~=3.1.2", "jsonschema~=4.24.0", - "lxml>=5.3.0,<6.0.0", - "openai>=1.86,<1.87", + "lxml>=6.0.0,<6.1.0", + "openai>=1.93,<1.94", "mock==5.2.*", "pre-commit<5", "Pyjwt~=2.10.0", @@ -81,20 +81,20 @@ test = [ "security==1.3.1", "types-mock==5.2.*", "django>=4,<6", - "numpy ~= 2.2.1; python_version == '3.10'", + "numpy ==2.2.6; python_version == '3.10'", "numpy ~= 2.3.0; python_version > '3.10'", "flask_wtf~=1.2.0", "fickling~=0.1.0,>=0.1.3", "graphql-server~=3.0.0b7", "unidiff>=0.7.5", - "semgrep>=1.125,<1.126", + "semgrep>=1.127,<1.128", ] complexity = [ "radon==6.0.*", "xenon==0.9.*", ] openai = [ - "openai>=1.86,<1.87", + "openai>=1.93,<1.94", ] azure = [ "azure-ai-inference>=1.0.0b1,<2.0", diff --git a/renovate.json b/renovate.json index 4bf472b4..016f456f 100644 --- a/renovate.json +++ b/renovate.json @@ -8,6 +8,11 @@ { "matchPackageNames": ["pydantic"], "enabled": false + }, + { + "matchPackageNames": ["numpy"], + "matchCurrentValue": "==2.2.6", + "enabled": false } ] } diff --git a/src/codemodder/codemodder.py b/src/codemodder/codemodder.py index 54ae063b..9ae4d37e 100644 --- a/src/codemodder/codemodder.py +++ b/src/codemodder/codemodder.py @@ -285,7 +285,10 @@ def _run_cli(original_args, remediation=False) -> int: max_workers=argv.max_workers, original_cli_args=original_args, codemod_registry=codemod_registry, - sast_only=argv.sonar_issues_json or argv.sarif, + sast_only=argv.sonar_issues_json + or argv.sarif + or argv.sonar_hotspots_json + or argv.sonar_json, log_matched_files=True, remediation=remediation, )