213 lines
8.9 KiB
Ruby
213 lines
8.9 KiB
Ruby
class Semgrep < Formula
|
|
include Language::Python::Virtualenv
|
|
|
|
desc "Easily detect and prevent bugs and anti-patterns in your codebase"
|
|
homepage "https://semgrep.dev"
|
|
url "https://github.com/returntocorp/semgrep.git",
|
|
tag: "v0.77.0",
|
|
revision: "936669b410744f706a216d80a697113f6685bf49"
|
|
license "LGPL-2.1-only"
|
|
head "https://github.com/returntocorp/semgrep.git", branch: "develop"
|
|
|
|
livecheck do
|
|
url :stable
|
|
regex(/^v?(\d+(?:\.\d+)+)$/i)
|
|
end
|
|
|
|
bottle do
|
|
sha256 cellar: :any, arm64_monterey: "418421dc623ead3e775ac040f9da41f462b7e612350c707f538e9745e5e2f719"
|
|
sha256 cellar: :any, arm64_big_sur: "2ba40d0244b507734703ee1c955be95c15ebc925173f0afc278c71fee4be534d"
|
|
sha256 cellar: :any, monterey: "550dbecc2cb157ae028bd425c1fa9bb53f203b167872626f3e128a9636a15a2a"
|
|
sha256 cellar: :any, big_sur: "8ade93669b62b26044a18f1c09c0613cf350b97ea0562dd28aea6f49ac4d224e"
|
|
sha256 cellar: :any, catalina: "e6a99954e22fbde97ce34bd2b5391750e791df7e0ca2621d6158fbaae9c227e6"
|
|
sha256 x86_64_linux: "402bf2b6e6c4beb496da671c932c994683dd6e2a5705230d30d5489e508ba7ab"
|
|
end
|
|
|
|
depends_on "cmake" => :build
|
|
depends_on "coreutils"=> :build
|
|
depends_on "dune" => :build
|
|
depends_on "ocaml" => :build
|
|
depends_on "opam" => :build
|
|
depends_on "pipenv" => :build
|
|
depends_on "pkg-config" => :build
|
|
depends_on "pcre"
|
|
depends_on "python@3.10"
|
|
depends_on "tree-sitter"
|
|
|
|
uses_from_macos "rsync" => :build
|
|
|
|
on_linux do
|
|
depends_on "gcc"
|
|
end
|
|
|
|
fails_with gcc: "5"
|
|
|
|
resource "attrs" do
|
|
url "https://files.pythonhosted.org/packages/ed/d6/3ebca4ca65157c12bd08a63e20ac0bdc21ac7f3694040711f9fd073c0ffb/attrs-21.2.0.tar.gz"
|
|
sha256 "ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb"
|
|
end
|
|
|
|
resource "bracex" do
|
|
url "https://files.pythonhosted.org/packages/bd/ef/6273bba9e5bc615aab4997159eeaddfe03c825eeabe2942c39e91be5afec/bracex-2.2.1.tar.gz"
|
|
sha256 "1c8d1296e00ad9a91030ccb4c291f9e4dc7c054f12c707ba3c5ff3e9a81bcd21"
|
|
end
|
|
|
|
resource "certifi" do
|
|
url "https://files.pythonhosted.org/packages/6c/ae/d26450834f0acc9e3d1f74508da6df1551ceab6c2ce0766a593362d6d57f/certifi-2021.10.8.tar.gz"
|
|
sha256 "78884e7c1d4b00ce3cea67b44566851c4343c120abd683433ce934a68ea58872"
|
|
end
|
|
|
|
resource "charset-normalizer" do
|
|
url "https://files.pythonhosted.org/packages/68/e4/e014e7360fc6d1ccc507fe0b563b4646d00e0d4f9beec4975026dd15850b/charset-normalizer-2.0.9.tar.gz"
|
|
sha256 "b0b883e8e874edfdece9c28f314e3dd5badf067342e42fb162203335ae61aa2c"
|
|
end
|
|
|
|
resource "click" do
|
|
url "https://files.pythonhosted.org/packages/f4/09/ad003f1e3428017d1c3da4ccc9547591703ffea548626f47ec74509c5824/click-8.0.3.tar.gz"
|
|
sha256 "410e932b050f5eed773c4cda94de75971c89cdb3155a72a0831139a79e5ecb5b"
|
|
end
|
|
|
|
resource "click-option-group" do
|
|
url "https://files.pythonhosted.org/packages/3c/86/5de6d909d9dcc85627a178788ec3e8c3ef81cda175badb48ad0bb582628d/click-option-group-0.5.3.tar.gz"
|
|
sha256 "a6e924f3c46b657feb5b72679f7e930f8e5b224b766ab35c91ae4019b4e0615e"
|
|
end
|
|
|
|
resource "colorama" do
|
|
url "https://files.pythonhosted.org/packages/1f/bb/5d3246097ab77fa083a61bd8d3d527b7ae063c7d8e8671b1cf8c4ec10cbe/colorama-0.4.4.tar.gz"
|
|
sha256 "5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b"
|
|
end
|
|
|
|
resource "idna" do
|
|
url "https://files.pythonhosted.org/packages/62/08/e3fc7c8161090f742f504f40b1bccbfc544d4a4e09eb774bf40aafce5436/idna-3.3.tar.gz"
|
|
sha256 "9d643ff0a55b762d5cdb124b8eaa99c66322e2157b69160bc32796e824360e6d"
|
|
end
|
|
|
|
resource "jsonschema" do
|
|
url "https://files.pythonhosted.org/packages/69/11/a69e2a3c01b324a77d3a7c0570faa372e8448b666300c4117a516f8b1212/jsonschema-3.2.0.tar.gz"
|
|
sha256 "c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"
|
|
end
|
|
|
|
resource "packaging" do
|
|
url "https://files.pythonhosted.org/packages/df/9e/d1a7217f69310c1db8fdf8ab396229f55a699ce34a203691794c5d1cad0c/packaging-21.3.tar.gz"
|
|
sha256 "dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb"
|
|
end
|
|
|
|
resource "peewee" do
|
|
url "https://files.pythonhosted.org/packages/bc/02/7ad123e327bf339274f3ba407e747f23337c270bb25b94d7cc07fb0f52fc/peewee-3.14.8.tar.gz"
|
|
sha256 "01bd7f734defb08d7a3346a0c0ca7011bc8d0d685934ec0e001b3371d522ec53"
|
|
end
|
|
|
|
resource "pyparsing" do
|
|
url "https://files.pythonhosted.org/packages/ab/61/1a1613e3dcca483a7aa9d446cb4614e6425eb853b90db131c305bd9674cb/pyparsing-3.0.6.tar.gz"
|
|
sha256 "d9bdec0013ef1eb5a84ab39a3b3868911598afa494f5faa038647101504e2b81"
|
|
end
|
|
|
|
resource "pyrsistent" do
|
|
url "https://files.pythonhosted.org/packages/f4/d7/0fa558c4fb00f15aabc6d42d365fcca7a15fcc1091cd0f5784a14f390b7f/pyrsistent-0.18.0.tar.gz"
|
|
sha256 "773c781216f8c2900b42a7b638d5b517bb134ae1acbebe4d1e8f1f41ea60eb4b"
|
|
end
|
|
|
|
resource "requests" do
|
|
url "https://files.pythonhosted.org/packages/e7/01/3569e0b535fb2e4a6c384bdbed00c55b9d78b5084e0fb7f4d0bf523d7670/requests-2.26.0.tar.gz"
|
|
sha256 "b8aa58f8cf793ffd8782d3d8cb19e66ef36f7aba4353eec859e74678b01b07a7"
|
|
end
|
|
|
|
resource "ruamel.yaml" do
|
|
url "https://files.pythonhosted.org/packages/4d/15/7fc04de02ca774342800c9adf1a8239703977c49c5deaadec1689ec85506/ruamel.yaml-0.17.17.tar.gz"
|
|
sha256 "9751de4cbb57d4bfbf8fc394e125ed4a2f170fbff3dc3d78abf50be85924f8be"
|
|
end
|
|
|
|
resource "ruamel.yaml.clib" do
|
|
url "https://files.pythonhosted.org/packages/8b/25/08e5ad2431a028d0723ca5540b3af6a32f58f25e83c6dda4d0fcef7288a3/ruamel.yaml.clib-0.2.6.tar.gz"
|
|
sha256 "4ff604ce439abb20794f05613c374759ce10e3595d1867764dd1ae675b85acbd"
|
|
end
|
|
|
|
resource "six" do
|
|
url "https://files.pythonhosted.org/packages/71/39/171f1c67cd00715f190ba0b100d606d440a28c93c7714febeca8b79af85e/six-1.16.0.tar.gz"
|
|
sha256 "1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926"
|
|
end
|
|
|
|
resource "tqdm" do
|
|
url "https://files.pythonhosted.org/packages/e3/c1/b3e42d5b659ca598508e2a9ef315d5eef0a970f874ef9d3b38d4578765bd/tqdm-4.62.3.tar.gz"
|
|
sha256 "d359de7217506c9851b7869f3708d8ee53ed70a1b8edbba4dbcb47442592920d"
|
|
end
|
|
|
|
resource "urllib3" do
|
|
url "https://files.pythonhosted.org/packages/80/be/3ee43b6c5757cabea19e75b8f46eaf05a2f5144107d7db48c7cf3a864f73/urllib3-1.26.7.tar.gz"
|
|
sha256 "4987c65554f7a2dbf30c18fd48778ef124af6fab771a377103da0585e2336ece"
|
|
end
|
|
|
|
resource "wcmatch" do
|
|
url "https://files.pythonhosted.org/packages/a7/73/7c739ae235b7e3ee36f2c0084a595b89c62aefeafa52df8d54d26846b32b/wcmatch-8.3.tar.gz"
|
|
sha256 "371072912398af61d1e4e78609e18801c6faecd3cb36c54c82556a60abc965db"
|
|
end
|
|
|
|
def install
|
|
ENV.deparallelize
|
|
Dir.mktmpdir("opamroot") do |opamroot|
|
|
ENV["OPAMROOT"] = opamroot
|
|
ENV["OPAMYES"] = "1"
|
|
|
|
# Officially suggested workaround for breaking change in setuptools v50.0.0
|
|
# See: https://sourceforge.net/p/ruamel-yaml/tickets/356/
|
|
# Relevant Issue: https://github.com/pypa/setuptools/issues/2355
|
|
ENV["SETUPTOOLS_USE_DISTUTILS"] = "stdlib"
|
|
|
|
system "opam", "init", "--no-setup", "--disable-sandboxing"
|
|
ENV.deparallelize { system "opam", "switch", "create", "ocaml-base-compiler.4.12.0" }
|
|
|
|
# Manually run steps from `opam exec -- make setup` to link Homebrew's tree-sitter
|
|
system "opam", "update", "-y"
|
|
|
|
# We pass --no-depexts so as to disable the check for pkg-config.
|
|
# It seems to not be found when building on ubuntu
|
|
# See discussion on https://github.com/Homebrew/homebrew-core/pull/82693
|
|
system "opam", "install", "-y", "--deps-only", "--no-depexts", "./semgrep-core/src/pfff"
|
|
system "opam", "install", "-y", "--deps-only", "--no-depexts", "./semgrep-core/src/ocaml-tree-sitter-core"
|
|
system "opam", "install", "-y", "--deps-only", "--no-depexts", "./semgrep-core"
|
|
|
|
# Install semgrep-core and spacegrep
|
|
cd "semgrep-core" do
|
|
system "opam", "install", "--deps-only", "-y", "."
|
|
system "opam", "exec", "--", "make", "all"
|
|
system "opam", "exec", "--", "make", "install"
|
|
bin.install "_build/install/default/bin/semgrep-core" => "semgrep-core"
|
|
bin.install "_build/install/default/bin/spacegrep" => "spacegrep"
|
|
end
|
|
end
|
|
|
|
ENV["SEMGREP_SKIP_BIN"] = "1"
|
|
python_path = "semgrep"
|
|
cd python_path do
|
|
venv = virtualenv_create(libexec, Formula["python@3.10"].bin/"python3.10")
|
|
venv.pip_install resources.reject { |r| r.name == "ocaml-tree-sitter" }
|
|
venv.pip_install_and_link buildpath/python_path
|
|
end
|
|
end
|
|
|
|
test do
|
|
system "#{bin}/semgrep", "--help"
|
|
(testpath/"script.py").write <<~EOS
|
|
def silly_eq(a, b):
|
|
return a + b == a + b
|
|
EOS
|
|
|
|
output = shell_output("#{bin}/semgrep script.py -l python -e '$X == $X'")
|
|
assert_match "a + b == a + b", output
|
|
|
|
(testpath/"script.ts").write <<~EOS
|
|
function test_equal() {
|
|
a = 1;
|
|
b = 2;
|
|
//ERROR: match
|
|
if (a + b == a + b)
|
|
return 1;
|
|
return 0;
|
|
}
|
|
EOS
|
|
|
|
output = shell_output("#{bin}/semgrep script.ts -l ts -e '$X == $X'")
|
|
assert_match "a + b == a + b", output
|
|
end
|
|
end
|