From 6e03e7c032396b28aff953350de9b41b41146a83 Mon Sep 17 00:00:00 2001 From: blshkv Date: Thu, 12 Nov 2020 11:28:11 +0800 Subject: [PATCH] semgrep: new tool for mobsf --- dev-python/libsast/Manifest | 1 + dev-python/libsast/libsast-1.3.1.ebuild | 22 ++++++++++ dev-python/ruamel-yaml/Manifest | 1 + .../ruamel-yaml/ruamel-yaml-0.16.10.ebuild | 28 +++++++++++++ dev-python/semgrep/Manifest | 1 + dev-python/semgrep/semgrep-0.28.0.ebuild | 41 +++++++++++++++++++ dev-util/mobsf/mobsf-3.1.1.ebuild | 9 ++++ dev-util/semgrep-core-bin/Manifest | 1 + .../semgrep-core-bin-0.28.0.ebuild | 20 +++++++++ dev-util/semgrep-core/Manifest | 1 + .../semgrep-core/semgrep-core-0.28.0.ebuild | 23 +++++++++++ 11 files changed, 148 insertions(+) create mode 100644 dev-python/libsast/Manifest create mode 100644 dev-python/libsast/libsast-1.3.1.ebuild create mode 100644 dev-python/ruamel-yaml/Manifest create mode 100644 dev-python/ruamel-yaml/ruamel-yaml-0.16.10.ebuild create mode 100644 dev-python/semgrep/Manifest create mode 100644 dev-python/semgrep/semgrep-0.28.0.ebuild create mode 100644 dev-util/semgrep-core-bin/Manifest create mode 100644 dev-util/semgrep-core-bin/semgrep-core-bin-0.28.0.ebuild create mode 100644 dev-util/semgrep-core/Manifest create mode 100644 dev-util/semgrep-core/semgrep-core-0.28.0.ebuild diff --git a/dev-python/libsast/Manifest b/dev-python/libsast/Manifest new file mode 100644 index 000000000..e8681ebef --- /dev/null +++ b/dev-python/libsast/Manifest @@ -0,0 +1 @@ +DIST libsast-1.3.1.tar.gz 35053 BLAKE2B db862bc4536ca4cb84ab80859ed19dfbe0e666d17c5d477ba3d9bb18005fb3b717a33295131fde69de8388cc305765e4accd9a5d4160050bd820c6f669a53802 SHA512 3cf70b4314c2ddd093848eb5d9ab3d570d47ae39f3806906ed17119ba5a30c9e4b329e1744aabe5f94a94e86e168b06b79933ae6282e72d2f61b23faeaac5980 diff --git a/dev-python/libsast/libsast-1.3.1.ebuild b/dev-python/libsast/libsast-1.3.1.ebuild new file mode 100644 index 000000000..2a4a004cb --- /dev/null +++ b/dev-python/libsast/libsast-1.3.1.ebuild @@ -0,0 +1,22 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{6,7,8} ) + +inherit distutils-r1 + +DESCRIPTION="A generic SAST core built on top of semgrep and regex" +HOMEPAGE="https://github.com/ajinabraham/libsast/" +SRC_URI="mirror://pypi/${P:0:1}/${PN}/${P}.tar.gz" + +LICENSE="" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="test" + +RDEPEND=">=dev-python/requests-2.22.0[${PYTHON_USEDEP}] + >=dev-python/pyyaml-5.3[${PYTHON_USEDEP}] + ~dev-python/semgrep-0.28.0[${PYTHON_USEDEP}]" +DEPEND="${RDEPEND}" diff --git a/dev-python/ruamel-yaml/Manifest b/dev-python/ruamel-yaml/Manifest new file mode 100644 index 000000000..a155b46f6 --- /dev/null +++ b/dev-python/ruamel-yaml/Manifest @@ -0,0 +1 @@ +DIST ruamel.yaml-0.16.10.tar.gz 147033 BLAKE2B 35e5b0a1bd5a42ee539e66309dbca64bccd9570da427631d230c77d9cc09dc28637abb787c441b4fe8f8f17d9b6b313607887ce79eb631ce8b265cc18570e8fd SHA512 f124575a5054f993d5826d03aa7a9500a1084c5201be1517be36e587bfc60ea4d13b29dbdb3e62bfbd309fe9992590fd0a5028a43f0fd26a5a5cbc9f3dcf423b diff --git a/dev-python/ruamel-yaml/ruamel-yaml-0.16.10.ebuild b/dev-python/ruamel-yaml/ruamel-yaml-0.16.10.ebuild new file mode 100644 index 000000000..0be5c87c2 --- /dev/null +++ b/dev-python/ruamel-yaml/ruamel-yaml-0.16.10.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( pypy3 python3_{6..9} ) + +inherit distutils-r1 + +MY_PN="${PN//-/.}" +MY_P="${MY_PN}-${PV}" + +DESCRIPTION="YAML parser/emitter that supports roundtrip comment preservation" +HOMEPAGE="https://pypi.org/project/ruamel.yaml/ https://sourceforge.net/p/ruamel-yaml" +SRC_URI="mirror://pypi/${MY_PN:0:1}/${MY_PN}/${MY_P}.tar.gz" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="amd64 arm arm64 ~hppa ~ia64 ~ppc ~ppc64 sparc x86" + +RDEPEND="dev-python/ruamel-yaml-clib[${PYTHON_USEDEP}]" + +S="${WORKDIR}"/${MY_P} + +python_install() { + distutils-r1_python_install --single-version-externally-managed + find "${ED}" -name '*.pth' -delete || die +} diff --git a/dev-python/semgrep/Manifest b/dev-python/semgrep/Manifest new file mode 100644 index 000000000..8cd78c17d --- /dev/null +++ b/dev-python/semgrep/Manifest @@ -0,0 +1 @@ +DIST semgrep-0.28.0.tar.gz 70004 BLAKE2B 5676cea47f6c257e245771956629423355749e7619a5524d7c777698c9ed7a86e067607f80d5dcbf02eeadfbe04f132e7899bec337ed51995f204d369f3215e8 SHA512 2d03aa214b9f704ddf2a1141b490ca5eb1b0a5f712384e1075da3e667388d94808ed19fc91d3f10e174807455241ff58979ebca1f66e47bd373a9b1301188556 diff --git a/dev-python/semgrep/semgrep-0.28.0.ebuild b/dev-python/semgrep/semgrep-0.28.0.ebuild new file mode 100644 index 000000000..bce96590e --- /dev/null +++ b/dev-python/semgrep/semgrep-0.28.0.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DISTUTILS_USE_SETUPTOOLS=rdepend +PYTHON_COMPAT=( python3_{6,7,8} ) + +inherit distutils-r1 + +DESCRIPTION="Lightweight static analysis for many languages" +HOMEPAGE="https://github.com/returntocorp/semgrep" +SRC_URI="mirror://pypi/${P:0:1}/${PN}/${P}.tar.gz" +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="amd64" + +# exact version of ruamel.yaml because of unstable API +RDEPEND=">=dev-python/attrs-19.3.0[${PYTHON_USEDEP}] + >=dev-python/colorama-0.4.3[${PYTHON_USEDEP}] + ~dev-python/junit-xml-1.9[${PYTHON_USEDEP}] + >=dev-python/requests-2.22.0[${PYTHON_USEDEP}] + ~dev-python/ruamel-yaml-0.16.10[${PYTHON_USEDEP}] + >=dev-python/tqdm-4.46.1[${PYTHON_USEDEP}] + >=dev-python/packaging-20.4[${PYTHON_USEDEP}] + >=dev-python/jsonschema-3.2.0[${PYTHON_USEDEP}] + + dev-python/wheel[${PYTHON_USEDEP}] + dev-util/semgrep-core-bin" +#quick workaround: dev-util/semgrep-core-bin +DEPEND="${RDEPEND}" + +src_prepare(){ + rm -r tests + eapply_user +} + +python_install() { + export PRECOMPILED_LOCATION="/usr/bin/semgrep-core" + distutils-r1_python_install +} diff --git a/dev-util/mobsf/mobsf-3.1.1.ebuild b/dev-util/mobsf/mobsf-3.1.1.ebuild index 32ca57435..7da5ddc3b 100644 --- a/dev-util/mobsf/mobsf-3.1.1.ebuild +++ b/dev-util/mobsf/mobsf-3.1.1.ebuild @@ -50,6 +50,9 @@ RDEPEND="${PYTHON_DEPS} www-servers/gunicorn genymotion? ( app-emulation/genymotion-bin )" +#next version: +#dev-python/libsast + DEPEND="${RDEPEND}" S="${WORKDIR}/${MY_PN}-${PV}" @@ -59,6 +62,12 @@ pkg_setup() { } pkg_postinst() { + +#python manage.py makemigrations +#python manage.py makemigrations StaticAnalyzer +#python manage.py migrate +#run.sh` + einfo "https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation" einfo " gunicorn -b 0.0.0.0:8000 MobSF.wsgi:application --workers=1" } diff --git a/dev-util/semgrep-core-bin/Manifest b/dev-util/semgrep-core-bin/Manifest new file mode 100644 index 000000000..7368ec905 --- /dev/null +++ b/dev-util/semgrep-core-bin/Manifest @@ -0,0 +1 @@ +DIST semgrep-core-bin-0.28.0.tar.gz 45815787 BLAKE2B c7c3a978365b97862631badf31c5428e44306bdcbc6876802e3f86cd9c89deb0dc45289e6d5409df55c983ccf7a1fc8e2976f050deeb0be1134249166832606b SHA512 7911e1305f2425ee33c6f6a37ea85bfdcfbf28b8d98beefafb0b2ebc63bfe5d36240ef750653ab5376c769c009681f26084c5e0df972cfaf423b968446ce8403 diff --git a/dev-util/semgrep-core-bin/semgrep-core-bin-0.28.0.ebuild b/dev-util/semgrep-core-bin/semgrep-core-bin-0.28.0.ebuild new file mode 100644 index 000000000..beb6dbc9f --- /dev/null +++ b/dev-util/semgrep-core-bin/semgrep-core-bin-0.28.0.ebuild @@ -0,0 +1,20 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DESCRIPTION="Lightweight static analysis for many languages" +HOMEPAGE="https://github.com/returntocorp/semgrep" +SRC_URI="https://dev.pentoo.ch/~blshkv/distfiles/${P}.tar.gz" +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="amd64" + +RDEPEND="" +DEPEND="${RDEPEND}" + +S=${WORKDIR} + +src_install(){ + dobin semgrep-core +} diff --git a/dev-util/semgrep-core/Manifest b/dev-util/semgrep-core/Manifest new file mode 100644 index 000000000..312401c3c --- /dev/null +++ b/dev-util/semgrep-core/Manifest @@ -0,0 +1 @@ +DIST semgrep-core-0.28.0-core.tar.gz 1295215 BLAKE2B b69f22f684ab9ff12f61216f36c85c4bde3655d4a88f1a963b7fa740fb163cc4e9a61161a7cbc9fe278a26f7d13cf3bbd12a546543f99ff0a97cc5dea5cb8914 SHA512 44734dab6a5d02657917eb1724345dd27e7354d3eae3679dfb25a7fef24fdd9a1af2de2a6540add46123bde7ddf1d840d446b7f3eef0b2b68e0a2fdc0adeb267 diff --git a/dev-util/semgrep-core/semgrep-core-0.28.0.ebuild b/dev-util/semgrep-core/semgrep-core-0.28.0.ebuild new file mode 100644 index 000000000..571a6f58e --- /dev/null +++ b/dev-util/semgrep-core/semgrep-core-0.28.0.ebuild @@ -0,0 +1,23 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +#inherit distutils-r1 + +DESCRIPTION="Lightweight static analysis for many languages" +HOMEPAGE="https://github.com/returntocorp/semgrep" +SRC_URI="https://github.com/returntocorp/semgrep/archive/v${PV}.tar.gz -> ${P}-core.tar.gz" +LICENSE="LGPL-2" +SLOT="0" +#WIP +#KEYWORDS="~amd64 ~arm64 ~x86" + +RDEPEND="dev-lang/ocaml" +DEPEND="${RDEPEND}" + +S=${WORKDIR}/semgrep-${PV}/semgrep-core + +# opam install --deps-only -y . +# make all +# make install