Metadata-Version: 2.1
Name: precli
Version: 0.6.4
Summary: Precaution security static analysis command line
Home-page: https://github.com/securesauce/precli
Download-URL: https://pypi.org/project/precli/#files
Author: Secure Sauce
Author-email: info@securesauce.dev
License: Other/Proprietary License
Project-URL: Release notes, https://github.com/securesauce/precli/releases
Classifier: Development Status :: 5 - Production/Stable
Classifier: Environment :: Console
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
Classifier: Intended Audience :: Developers
Classifier: Operating System :: MacOS
Classifier: Operating System :: POSIX :: Linux
Classifier: Operating System :: Microsoft :: Windows
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Requires-Python: >=3.12
License-File: LICENSE
Requires-Dist: Pygments==2.18.0
Requires-Dist: rich==13.8.0
Requires-Dist: tree-sitter==0.22.3
Requires-Dist: ignorelib==0.3.0
Requires-Dist: requests==2.32.3
Requires-Dist: sarif-om==1.0.4
Requires-Dist: jschema-to-python==1.2.3
Requires-Dist: tree-sitter-go==0.21.2
Requires-Dist: tree-sitter-java==0.21.0
Requires-Dist: tree-sitter-python==0.21.0; sys_platform != "darwin" and platform_machine != "arm64"

.. image:: https://raw.githubusercontent.com/securesauce/precli/main/images/logo.png
    :alt: Precaution CLI

.. image:: https://github.com/securesauce/precli/actions/workflows/unit-test.yml/badge.svg?branch=main
    :target: https://github.com/securesauce/precli/actions/workflows/unit-test.yml
    :alt: Build and Test

======

Precli is the core of the `Precaution GitHub App <https://github.com/marketplace/precaution>`_ and `Action <https://github.com/marketplace/actions/precaution-action>`_. It also serves as a command line interface to demonstate its functionality. It is designed to do static code analysis of source code with a number of rules covering the standard library for the corresponding programming language.

If your needs go beyond the analysis of just the standard library, consider upgrading to Precaution Professional to get access to finding and fixing security vulnerabilities in third-party libraries. See https://www.securesauce.dev/ for more details.

Quick Start
-----------

To install precli (requires Python 3.12):

.. code-block:: console

    pip install precli

Note: If using arm based macOS, you'll also need to install this package:

.. code-block:: console

    pip install git+https://github.com/tree-sitter/tree-sitter-python@v0.21.0

Run precli on a single test example:

.. code-block:: console

    precli tests/unit/rules/python/stdlib/hmac/examples/hmac_timing_attack.py

Example code:

.. code-block:: python

    # level: ERROR
    # start_line: 18
    # end_line: 18
    # start_column: 13
    # end_column: 15
    import hmac


    received_digest = (
        b"\xe2\x93\x08\x19T8\xdc\x80\xef\x87\x90m\x1f\x9d\xf7\xf2"
        b"\xf5\x10>\xdbf\xa2\xaf\xf7x\xcdX\xdf"
    )

    key = b"my-super-duper-secret-key-string"
    password = b"pass"
    digest = hmac.digest(key, password, digest="sha224")

    print(digest == received_digest)

Example result:

.. image:: https://raw.githubusercontent.com/securesauce/precli/main/images/example.gif
    :alt: Example output

