MCPcopy Create free account
hub / github.com/SourceCode-AI/aura / Detection

Class Detection

aura/analyzers/detections.py:15–148  ·  view source on GitHub ↗

Base for analyzers to produce detections from audit scans that are reported back to the Aura framework Subclass this to have different hits on semantic level :param message: Detection message, intended to be displayed to a user :type message: str :param signature: Used by defau

Source from the content-addressed store, hash-verified

13@dataclass
14@total_ordering
15class Detection:
16 """
17 Base for analyzers to produce detections from audit scans that are reported back to the Aura framework
18 Subclass this to have different hits on semantic level
19
20 :param message: Detection message, intended to be displayed to a user
21 :type message: str
22 :param signature: Used by default for hashing/deduplication of various detections. At minimum, it is highly recommended to include at least a detection name and a normalized path to the scanned file. In case of AST based detections, line number is also recommended as it is possible that the source code can contain multiple detections of the same anomaly that are on different lines and should be reported separately.
23 :type signature: str
24
25 :param score: A score associated with this detection that is then used to compute the overall score of the input scanned by Aura.
26 :type score: int, optional
27 :param node: A reference to the AST node object. It is recommended to set this attribute for AST based detections as the framework will automatically fill some of the emtadata for the output such as line number or the actual content of the line.
28 :type node: ASTNode, optional
29 :param extra: A schema less dictionary. Use this to report back any data fields when exporting the scan data into various formats such as JSON
30 :type extra: dict, optional
31 :param tags: A set of strings that acts as tags for this detection. Used for filtering the outputs and tagging whole files via detections.
32 :type tags: Set[str], optional
33 :param detection_type: An identifier of the detection type. Used for filtering out the different detections. If not provided, class name is used.
34 :type detection_type: str, optional
35 """
36
37 signature: str
38 message: str
39 score: int = 0 # Score that affects security audit
40 line_no: Optional[int] = None # Set to None to hide it from output
41 line: Union[
42 str, None
43 ] = None # Set to None or empty string to hide it from output
44 # If the rule is tied to the AST tree detections, then set the node pointer appropriately
45 # Set to None to hide or for rules that are not tied to the AST tree
46 detection_type: Optional[str] = None
47 node: Optional[NodeType] = None
48 tags: Set[str] = field(default_factory=set)
49 extra: dict = field(default_factory=dict)
50 informational: bool = False
51 location: Optional[Path, str] = None
52 scan_location = None
53 _metadata: Optional[dict] = None
54
55 def __post_init__(self):
56 self._hash = None
57 self._diff_hash = None
58 self._severity = None
59
60 if isinstance(self.node, ASTNode) and self.line_no is None:
61 self.line_no = self.node.line_no
62
63 def _asdict(self) -> Dict:
64 """
65 Exporting mechanism for JSON output/machine processing
66 Define fields to be exported here, subclass need to fetch the fields from their parent in this method
67 Output dict must contain only elements that are JSON serializable
68
69 :return: Serialized data for the detection
70 :rtype: dict
71 """
72 data = {

Callers 15

node_StringMethod · 0.90
__call__Method · 0.90
path_analyzerFunction · 0.90
file_permission_analyzerFunction · 0.90
node_FunctionDefMethod · 0.90
applyMethod · 0.85
_run_analyzersFunction · 0.85
analyzeFunction · 0.85
check_unpinnedFunction · 0.85
check_outdatedFunction · 0.85
scanFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected