Coverage for src \ sec_report_kit \ parsers \ gitleaks.py: 100%
21 statements
« prev ^ index » next coverage.py v7.14.0, created at 2026-05-13 08:06 +0530
1from __future__ import annotations
3from sec_report_kit.models import Finding
4from sec_report_kit.services.normalize import normalize_severity
7def _extract_findings(data: dict | list) -> list[dict]:
8 if isinstance(data, list):
9 return [item for item in data if isinstance(item, dict)]
10 if isinstance(data, dict) and isinstance(data.get("findings"), list):
11 return [item for item in data["findings"] if isinstance(item, dict)]
12 return []
15def _build_title(entry: dict) -> str:
16 description = str(entry.get("Description") or "Potential secret detected")
17 file_path = str(entry.get("File") or "unknown-file")
18 start_line = entry.get("StartLine")
19 if start_line is not None:
20 return f"{description} ({file_path}:{start_line})"
21 return f"{description} ({file_path})"
24def parse_gitleaks_json(data: dict | list) -> list[Finding]:
25 findings: list[Finding] = []
27 for entry in _extract_findings(data):
28 findings.append(
29 Finding(
30 source_type="secret-scan",
31 target=str(entry.get("File") or "repository"),
32 severity=normalize_severity(entry.get("Severity")),
33 vulnerability_id=str(entry.get("RuleID") or entry.get("Fingerprint") or "-"),
34 package=str(entry.get("RuleID") or "gitleaks-rule"),
35 installed_version="-",
36 fixed_version="-",
37 title=_build_title(entry),
38 primary_url="",
39 )
40 )
42 return findings