Merge pull request #365 from DataDog/s.obregoso/fix_assigned_rules

fix rules assignment per ecosystem

guarddog/analyzer/analyzer.py

@@ -7,16 +7,10 @@
 from typing import Iterable, List, Optional
 
 from guarddog.analyzer.metadata import get_metadata_detectors
+from guarddog.analyzer.sourcecode import SOURCECODE_RULES
 from guarddog.ecosystems import ECOSYSTEM
 
-
-def get_rules(file_extension, path):
-    return set(rule.replace(file_extension, "") for rule in os.listdir(path) if rule.endswith(file_extension))
-
-
 SEMGREP_MAX_TARGET_BYTES = 10_000_000
-SEMGREP_RULES_PATH = os.path.join(os.path.dirname(__file__), "sourcecode")
-SEMGREP_RULE_NAMES = get_rules(".yml", SEMGREP_RULES_PATH)
 
 log = logging.getLogger("guarddog")
 
@@ -45,7 +39,7 @@ def __init__(self, ecosystem=ECOSYSTEM.PYPI) -> None:
         self.metadata_detectors = get_metadata_detectors(ecosystem)
 
         self.metadata_ruleset = self.metadata_detectors.keys()
-        self.sourcecode_ruleset = SEMGREP_RULE_NAMES
+        self.sourcecode_ruleset = [rule["id"] for rule in SOURCECODE_RULES[ecosystem]]
 
         # Define paths to exclude from sourcecode analysis
         self.exclude = [
@@ -128,14 +122,18 @@ def analyze_metadata(self, path: str, info, rules=None, name: Optional[str] = No
         """
 
         all_rules = rules if rules is not None else self.metadata_ruleset
-        results = {}
+
+        # for each metadata rule, is expected to have an nulleable string as result
+        # None value represents that the rule was not matched
+        results: dict[str, Optional[str]] = {}
         errors = {}
         issues = 0
 
         for rule in all_rules:
             try:
                 log.debug(f"Running rule {rule} against package '{name}'")
                 rule_matches, message = self.metadata_detectors[rule].detect(info, path, name, version)
+                results[rule] = None
                 if rule_matches:
                     issues += 1
                     results[rule] = message