updates to include cov, scripts for security scan

Author: Magic-Man-us

coverage.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" ?>
-<coverage version="7.11.0" timestamp="1762115605319" lines-valid="563" lines-covered="287" line-rate="0.5098" branches-valid="134" branches-covered="35" branch-rate="0.2612" complexity="0">
+<coverage version="7.11.0" timestamp="1762119452943" lines-valid="563" lines-covered="287" line-rate="0.5098" branches-valid="134" branches-covered="35" branch-rate="0.2612" complexity="0">
 	<!-- Generated by coverage.py: https://coverage.readthedocs.io/en/7.11.0 -->
 	<!-- Based on https://raw.githubusercontent.com/cobertura/web/master/htdocs/xml/coverage-04.dtd -->
 	<sources>

docs/_static/.gitkeep

@@ -0,0 +1 @@
+# Keep this directory for Sphinx static files

docs/conf.py

@@ -0,0 +1,22 @@
+# Configuration file for the Sphinx documentation builder.
+# https://www.sphinx-doc.org/en/master/usage/configuration.html
+
+# -- Project information -----------------------------------------------------
+project = "SiteScanner5000"
+copyright = "2025, SiteScanner Contributors"
+author = "SiteScanner Contributors"
+release = "0.1.0"
+
+# -- General configuration ---------------------------------------------------
+extensions = [
+    "sphinx.ext.autodoc",
+    "sphinx.ext.napoleon",
+    "sphinx.ext.viewcode",
+]
+
+templates_path = ["_templates"]
+exclude_patterns = ["_build", "Thumbs.db", ".DS_Store"]
+
+# -- Options for HTML output -------------------------------------------------
+html_theme = "sphinx_rtd_theme"
+html_static_path = ["_static"]

docs/index.rst

@@ -0,0 +1,47 @@
+SiteScanner5000 Documentation
+==============================
+
+.. toctree::
+   :maxdepth: 2
+   :caption: Contents:
+
+   installation
+   usage
+   api
+
+Welcome to SiteScanner5000
+--------------------------
+
+Automated security scanner for web applications that identifies common vulnerabilities including SQL injection, XSS, CSRF, and misconfigurations.
+
+Features
+--------
+
+* SQL Injection Detection
+* Cross-Site Scripting (XSS) Detection
+* CSRF Protection Validation
+* Security Headers Check
+* TLS Configuration Check
+* Async Scanning Support
+
+Quick Start
+-----------
+
+Install using uv:
+
+.. code-block:: bash
+
+   uv add sitescanner5000
+
+Basic usage:
+
+.. code-block:: bash
+
+   sitescanner scan https://example.com
+
+Indices and tables
+==================
+
+* :ref:`genindex`
+* :ref:`modindex`
+* :ref:`search`

pyproject.toml

@@ -167,6 +167,7 @@ line-length = 100
 target-version = "py311"
 src = ["src", "tests"]
 extend-include = ["*.ipynb"]
+extend-exclude = ["scripts", "docs"]
 
 [tool.ruff.lint]
 select = [

scripts/security_bandit_check.py

@@ -0,0 +1,45 @@
+#!/usr/bin/env python3
+"""Check Bandit security scan results against threshold."""
+
+import json
+import os
+from pathlib import Path
+import sys
+
+
+def main() -> None:
+    """Check bandit results against SECURITY_FAIL_LEVEL threshold."""
+    fail_level = os.getenv("SECURITY_FAIL_LEVEL", "MEDIUM").upper()
+    severity_order = ["LOW", "MEDIUM", "HIGH"]
+
+    if fail_level not in severity_order:
+        print(f"Invalid SECURITY_FAIL_LEVEL: {fail_level}")
+        sys.exit(1)
+
+    threshold_index = severity_order.index(fail_level)
+
+    report_path = Path("bandit-report.json")
+    if not report_path.exists():
+        print("No bandit-report.json found, skipping.")
+        return
+
+    with report_path.open() as f:
+        data = json.load(f)
+
+    results = data.get("results", [])
+    issues_above_threshold = [
+        r for r in results
+        if severity_order.index(r["issue_severity"]) >= threshold_index
+    ]
+
+    if issues_above_threshold:
+        print(f"❌ Found {len(issues_above_threshold)} Bandit issues at or above {fail_level} severity:")
+        for issue in issues_above_threshold:
+            print(f"  - {issue['issue_text']} ({issue['issue_severity']}) in {issue['filename']}:{issue['line_number']}")
+        sys.exit(1)
+    else:
+        print(f"✅ No Bandit issues at or above {fail_level} severity.")
+
+
+if __name__ == "__main__":
+    main()

scripts/security_safety_check.py

@@ -0,0 +1,31 @@
+#!/usr/bin/env python3
+"""Check Safety security scan results for vulnerabilities."""
+
+import json
+from pathlib import Path
+import sys
+
+
+def main() -> None:
+    """Check safety results for any vulnerabilities."""
+    report_path = Path("safety-report.json")
+    if not report_path.exists():
+        print("No safety-report.json found, skipping.")
+        return
+
+    with report_path.open() as f:
+        data = json.load(f)
+
+    vulnerabilities = data.get("vulnerabilities", [])
+
+    if vulnerabilities:
+        print(f"❌ Found {len(vulnerabilities)} Safety vulnerabilities:")
+        for vuln in vulnerabilities:
+            print(f"  - {vuln.get('package_name', 'Unknown')}: {vuln.get('vulnerability', 'Unknown issue')}")
+        sys.exit(1)
+    else:
+        print("✅ No Safety vulnerabilities found.")
+
+
+if __name__ == "__main__":
+    main()