Adding support to ignore what files have changed in the commit (#11)

dacoburn · web-flow · commit b5a643c78d8f · 2024-07-19T20:30:16.000-07:00
diff --git a/README.md b/README.md
@@ -8,7 +8,7 @@ The Socket Security CLI was created to enable integrations with other tools like
 socketcli [-h] [--api_token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr_number PR_NUMBER]
                  [--commit_message COMMIT_MESSAGE] [--default_branch] [--target_path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE]
                  [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--disable-overview]
-                 [--disable-security-issue] [--files FILES]
+                 [--disable-security-issue] [--files FILES] [--ignore-commit-files]
 ````
 
 If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
@@ -36,3 +36,4 @@ If you don't want to provide the Socket API Token every time then you can use th
 | --disable-overview       |                | False    | False   | If enabled will disable Dependency Overview comments                                                                                                       |
 | --disable-security-issue |                | False    | False   | If enabled will disable Security Issue Comments                                                                                                            |
 | --files                  |                | False    |         | If provided in the format of `["file1", "file2"]` it will only look for those files and not glob the path                                                  |
+| --ignore-commit-files    |                | False    | False   | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files                                                   |
diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py
@@ -1,2 +1,2 @@
 __author__ = 'socket.dev'
-__version__ = '0.0.95'
+__version__ = '0.0.98'
diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py
@@ -135,6 +135,13 @@
     default="[]"
 )
 
+parser.add_argument(
+    '--ignore-commit-files',
+    help='Ignores only looking for changed files form the commit. Will find any supported manifest file type',
+    action='store_true',
+    default=False
+)
+
 
 def output_console_comments(diff_report) -> None:
     console_security_comment = Messages.create_console_security_alert_table(diff_report)
@@ -187,6 +194,7 @@ def main_code():
     enable_json = arguments.enable_json
     disable_overview = arguments.disable_overview
     disable_security_issue = arguments.disable_security_issue
+    ignore_commit_files = arguments.ignore_commit_files
     files = arguments.files
     log.info(f"Starting Socket Security Scan version {__version__}")
     api_token = os.getenv("SOCKET_SECURITY_API_KEY") or arguments.api_token
@@ -211,7 +219,7 @@ def main_code():
             committer = git_repo.committer
         if commit_message is None or commit_message == '':
             commit_message = git_repo.commit_message
-        if len(files) == 0:
+        if len(files) == 0 and not ignore_commit_files:
             files = git_repo.changed_files
     except InvalidGitRepositoryError:
         pass

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`	`1`	`__author__ = 'socket.dev'`
`2`		`-__version__ = '0.0.95'`
	`2`	`+__version__ = '0.0.98'`