implemented timeout and better blob search changes

Author: flowstate

README.md

@@ -7,8 +7,8 @@ The Socket Security CLI was created to enable integrations with other tools like
 ## Usage
 
 ```` shell
-socketcli [-h] [--api_token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr_number PR_NUMBER]
-                 [--commit_message COMMIT_MESSAGE] [--default_branch] [--target_path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE]
+socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr-number PR_NUMBER]
+                 [--commit-message COMMIT_MESSAGE] [--default-branch] [--target-path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE]
                  [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview]
                  [--disable-security-issue] [--files FILES] [--ignore-commit-files] [--timeout]
 ````
@@ -19,14 +19,14 @@ If you don't want to provide the Socket API Token every time then you can use th
 | Parameter                | Alternate Name | Required | Default | Description                                                                                                                                                                                                                   |
 |:-------------------------|:---------------|:---------|:--------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | -h                       | --help         | False    |         | Show the CLI help message                                                                                                                                                                                                     |
-| --api_token              |                | False    |         | Provides the Socket API Token                                                                                                                                                                                                 |
+| --api-token              |                | False    |         | Provides the Socket API Token                                                                                                                                                                                                 |
 | --repo                   |                | True     |         | The string name in a git approved name for repositories.                                                                                                                                                                      |
 | --branch                 |                | False    |         | The string name in a git approved name for branches.                                                                                                                                                                          |
 | --committer              |                | False    |         | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer                                                                                            |
-| --pr_number              |                | False    | 0       | The integer for the PR or MR number                                                                                                                                                                                           |
-| --commit_message         |                | False    |         | The string for a commit message if there is one                                                                                                                                                                               |
-| --default_branch         |                | False    | False   | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies                                                                    |
-| --target_path            |                | False    | ./      | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files                                                                                                  |
+| --pr-number              |                | False    | 0       | The integer for the PR or MR number                                                                                                                                                                                           |
+| --commit-message         |                | False    |         | The string for a commit message if there is one                                                                                                                                                                               |
+| --default-branch         |                | False    | False   | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies                                                                    |
+| --target-path            |                | False    | ./      | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files                                                                                                  |
 | --scm                    |                | False    | api     | This is the mode that the tool is to run in. For local runs `api` would be the mode. Other options are `gitlab` and `github`                                                                                                  |
 | --generate-license       |                | False    | False   | If this flag is specified it will generate a json file with the license per package and license text in the current working directory                                                                                         |
 | --version                | -v             | False    |         | Prints the version and exits                                                                                                                                                                                                  |

socketsecurity/config.py

@@ -31,6 +31,7 @@ class CliConfig:
     integration_type: IntegrationType = "api"
     integration_org_slug: Optional[str] = None
     pending_head: bool = False
+    timeout: Optional[int] = None
     @classmethod
     def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig':
         parser = create_argument_parser()
@@ -62,6 +63,7 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig':
             'disable_blocking': args.disable_blocking,
             'integration_type': args.integration,
             'pending_head': args.pending_head,
+            'timeout': args.timeout,
         }
 
         if args.owner:
@@ -217,4 +219,11 @@ def create_argument_parser() -> argparse.ArgumentParser:
         help="Files to analyze (JSON array string)"
     )
 
+    parser.add_argument(
+        "--timeout",
+        type=int,
+        help="Timeout in seconds for API requests",
+        required=False
+    )
+
     return parser

socketsecurity/core/__init__.py

@@ -167,6 +167,16 @@ def find_files(path: str) -> List[str]:
         log.debug(f"Files found: {list(files)}")
         return list(files)
 
+    @staticmethod
+    def to_case_insensitive_regex(input_string: str) -> str:
+        """
+        Converts a string into a case-insensitive regex format.
+        Example: "pipfile" -> "[Pp][Ii][Pp][Ff][Ii][Ll][Ee]"
+        :param input_string: The input string to convert.
+        :return: A case-insensitive regex string.
+        """
+        return ''.join(f'[{char.lower()}{char.upper()}]' if char.isalpha() else char for char in input_string)
+
     @staticmethod
     def load_files_for_sending(files: List[str], workspace: str) -> List[Tuple[str, Tuple[str, BinaryIO]]]:
         """Prepares files for sending to the Socket API.

socketsecurity/socketcli.py

@@ -63,7 +63,8 @@ def main_code():
     # Initialize Socket core components
     socket_config = SocketConfig(
         api_key=config.api_token,
-        allow_unverified_ssl=config.allow_unverified
+        allow_unverified_ssl=config.allow_unverified,
+        timeout=config.timeout if config.timeout is not None else 30  # Use CLI timeout if provided
     )
     print("loaded socket_config")
     client = CliClient(socket_config)