From 4ef027cc40554bd36a12e8e31a090e6754d8b978 Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Mon, 25 Oct 2021 16:37:12 +0530 Subject: [PATCH 01/10] Update Makefile --- .deepsource/analyzer/Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.deepsource/analyzer/Makefile b/.deepsource/analyzer/Makefile index 2f837ab..4f37425 100644 --- a/.deepsource/analyzer/Makefile +++ b/.deepsource/analyzer/Makefile @@ -4,3 +4,6 @@ build: # install semgrep mkdir /toolbox/venv pip install --target=/toolbox/venv semgrep + ls /toolbox/venv + ls /toolbox/venv/bin + ls /toolbox From dd6e19cb73d02090292695bb00b86b527f233f42 Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Mon, 25 Oct 2021 16:52:05 +0530 Subject: [PATCH 02/10] Update Makefile --- .deepsource/analyzer/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.deepsource/analyzer/Makefile b/.deepsource/analyzer/Makefile index 4f37425..f3b1818 100644 --- a/.deepsource/analyzer/Makefile +++ b/.deepsource/analyzer/Makefile @@ -1,6 +1,6 @@ build: cp -r ../../. /app - apk add py-pip + apk add py-pip build-base # install semgrep mkdir /toolbox/venv pip install --target=/toolbox/venv semgrep From 4667f008685ebc478619a8308320a3aed8d6319d Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Mon, 25 Oct 2021 16:53:02 +0530 Subject: [PATCH 03/10] Update Makefile --- .deepsource/analyzer/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/.deepsource/analyzer/Makefile b/.deepsource/analyzer/Makefile index f3b1818..d58aef4 100644 --- a/.deepsource/analyzer/Makefile +++ b/.deepsource/analyzer/Makefile @@ -7,3 +7,4 @@ build: ls /toolbox/venv ls /toolbox/venv/bin ls /toolbox + ls /macrocode From c4089612f5e28392fdd342bd701fe67c41948fac Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Mon, 25 Oct 2021 17:02:55 +0530 Subject: [PATCH 04/10] Update Makefile --- .deepsource/analyzer/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.deepsource/analyzer/Makefile b/.deepsource/analyzer/Makefile index d58aef4..b8b32e7 100644 --- a/.deepsource/analyzer/Makefile +++ b/.deepsource/analyzer/Makefile @@ -1,6 +1,6 @@ build: cp -r ../../. /app - apk add py-pip build-base + apk add python3-dev py-pip build-base # install semgrep mkdir /toolbox/venv pip install --target=/toolbox/venv semgrep From af7743beada14679bc4275f5e073f00a5ba44500 Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Mon, 25 Oct 2021 23:14:38 +0530 Subject: [PATCH 05/10] Update analyzer.toml --- .deepsource/analyzer/analyzer.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.deepsource/analyzer/analyzer.toml b/.deepsource/analyzer/analyzer.toml index 9595aea..fbe885f 100644 --- a/.deepsource/analyzer/analyzer.toml +++ b/.deepsource/analyzer/analyzer.toml @@ -1,5 +1,5 @@ name = "Django smells" description = "My custom Django rules, written in semgrep" -analysis_command = "PYTHONPATH=/toolbox/venv:$PYTHONPATH python3 /app/analyze.py" +analysis_command = "PATH=/toolbox/venv/bin:$PATH PYTHONPATH=/toolbox/venv:$PYTHONPATH python3 /app/analyze.py" visibility = "public" category = "language" From dbe2c6f687ed087dfc0aed9704fa9be786d42049 Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Tue, 26 Oct 2021 00:07:28 +0530 Subject: [PATCH 06/10] Update analyze.py --- analyze.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/analyze.py b/analyze.py index 6d344e6..640f1b3 100644 --- a/analyze.py +++ b/analyze.py @@ -16,7 +16,7 @@ files_to_analyze = [filename for filename in get_files(codepath) if filename.endswith(".py")] analysis_command = [ - "semgrep", + "/toolbox/venv/bin/semgrep", "--json", "-o", resultpath, From 324f4634e9cd01a1c2d1adb863d6bcbabb66aa71 Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Tue, 26 Oct 2021 00:14:33 +0530 Subject: [PATCH 07/10] Update analyze.py --- analyze.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/analyze.py b/analyze.py index 640f1b3..6d344e6 100644 --- a/analyze.py +++ b/analyze.py @@ -16,7 +16,7 @@ files_to_analyze = [filename for filename in get_files(codepath) if filename.endswith(".py")] analysis_command = [ - "/toolbox/venv/bin/semgrep", + "semgrep", "--json", "-o", resultpath, From f7c7adba2c02b15ca984fe2f68d08f0d0d46c6d8 Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Tue, 26 Oct 2021 18:10:38 +0530 Subject: [PATCH 08/10] Update analyze.py --- analyze.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/analyze.py b/analyze.py index 6d344e6..640f1b3 100644 --- a/analyze.py +++ b/analyze.py @@ -16,7 +16,7 @@ files_to_analyze = [filename for filename in get_files(codepath) if filename.endswith(".py")] analysis_command = [ - "semgrep", + "/toolbox/venv/bin/semgrep", "--json", "-o", resultpath, From 0fa77438afbe4b30afd3a3b6fad4ca2a77c18328 Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Tue, 26 Oct 2021 23:18:32 +0530 Subject: [PATCH 09/10] Update DJ-001.toml --- .deepsource/analyzer/issues/DJ-001.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/.deepsource/analyzer/issues/DJ-001.toml b/.deepsource/analyzer/issues/DJ-001.toml index 5033c95..f3327a4 100644 --- a/.deepsource/analyzer/issues/DJ-001.toml +++ b/.deepsource/analyzer/issues/DJ-001.toml @@ -7,3 +7,4 @@ A `count()` call performs a `SELECT COUNT(*)` behind the scenes, so you should a Check the doc for more reference – https://docs.djangoproject.com/en/3.2/ref/models/querysets/#count """ recommended = true +weight = 90 From ea8f8f7667ec3a752f58485c50a474062fede2e9 Mon Sep 17 00:00:00 2001 From: Sourya Vatsyayan Date: Tue, 26 Oct 2021 23:18:45 +0530 Subject: [PATCH 10/10] Update DJ-002.toml --- .deepsource/analyzer/issues/DJ-002.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/.deepsource/analyzer/issues/DJ-002.toml b/.deepsource/analyzer/issues/DJ-002.toml index 97c4f1c..f02e53c 100644 --- a/.deepsource/analyzer/issues/DJ-002.toml +++ b/.deepsource/analyzer/issues/DJ-002.toml @@ -17,3 +17,4 @@ Entry.objects.latest('pub_date') Read more about `latest` here – https://docs.djangoproject.com/en/3.2/ref/models/querysets/#latest """ recommended = true +weight = 90