SAST
- class libpastis.sast.SASTAlert[source]
Class representing an alert in a somewhat abstract SAST tool. Its used to perform alert driven testing.
- static from_json(data: dict) SASTAlert[source]
Create a SASTAlert object from the JSON data provided.
- Parameters:
data – JSON data of the alert
- Returns:
SASTAlert instance, initialized with the JSON
- to_dict() dict[source]
Export the alert attribute to a valid JSON dictionnary that can be written to file.
- Returns:
JSON dict of the alert serialized
- uncoverable
Validation: True if the alert has been validated (as a true positive by a checker)
- validated
Coverage: True if the alert has been covered (path leading there)
- class libpastis.sast.SASTReport[source]
SAST report. Manages a list of SAST alerts taken from a report.
- add_alert(alert: SASTAlert) None[source]
Add an alert in the report. This function is solely meant to be used by the report parser
- Parameters:
alert – Alert object to add in the report
- all_alerts_validated() bool[source]
Checks if all alerts have been validated (and thus covered)
- Returns:
True if all alerts are covered and vulns validated
- static from_file(file: str | Path) SASTReport[source]
Parse the given file into a SAST report object.
- Parameters:
file – path to report
- Returns:
SASTReport object
- static from_json(data: str | bytes) SASTReport[source]
Parse the given string into a SAST report object.
- Parameters:
data – serialized report in JSON
- Returns:
SASTReport object
- get_stats() Tuple[int, int, int][source]
Get stats about the report. The results is a triple with the number of alerts covered, validated and total.
- Returns:
triple of covered, validated, totoal number of alerts
- iter_alerts() List[SASTAlert][source]
Iterate all the alerts of the report. :return: list of alerts
- to_json() str[source]
Export the current state of the alerts within a JSON dictionnary.
- Returns:
JSON serialized report