about to start big Core class refactor

Author: flowstate

pyproject.toml

@@ -32,6 +32,18 @@ classifiers = [
     "Programming Language :: Python :: 3.12",
 ]
 
+[project.optional-dependencies]
+test = [
+    "pytest>=7.4.0",
+    "pytest-cov>=4.1.0",
+    "pytest-mock>=3.12.0",
+    "pytest-asyncio>=0.23.0",
+    "pytest-watch >=4.2.0"
+]
+dev = [
+    "ruff>=0.3.0",
+]
+
 [project.scripts]
 socketcli = "socketsecurity.socketcli:cli"
 
@@ -45,4 +57,97 @@ include = [
 ]
 
 [tool.setuptools.dynamic]
-version = {attr = "socketsecurity.__version__"}
+version = {attr = "socketsecurity.__version__"}
+
+[tool.pytest.ini_options]
+minversion = "7.0"
+addopts = "-ra -q --cov=socketsecurity --cov-report=term-missing"
+testpaths = [
+    "tests",
+]
+pythonpath = "."
+
+[tool.coverage.run]
+source = ["socketsecurity"]
+omit = ["tests/*", "**/__init__.py"]
+
+[tool.coverage.report]
+exclude_lines = [
+    "pragma: no cover",
+    "def __repr__",
+    "if __name__ == .__main__.:",
+    "raise NotImplementedError",
+    "if TYPE_CHECKING:",
+]
+
+[tool.ruff]
+# Exclude a variety of commonly ignored directories.
+exclude = [
+    ".bzr",
+    ".direnv",
+    ".eggs",
+    ".git",
+    ".git-rewrite",
+    ".hg",
+    ".ipynb_checkpoints",
+    ".mypy_cache",
+    ".nox",
+    ".pants.d",
+    ".pyenv",
+    ".pytest_cache",
+    ".pytype",
+    ".ruff_cache",
+    ".svn",
+    ".tox",
+    ".venv",
+    ".vscode",
+    "__pypackages__",
+    "_build",
+    "buck-out",
+    "build",
+    "dist",
+    "node_modules",
+    "site-packages",
+    "venv",
+]
+
+[tool.ruff.lint]
+# Enable Pyflakes (`F`) and a subset of the pycodestyle (`E`)  codes by default.
+# Unlike Flake8, Ruff doesn't enable pycodestyle warnings (`W`) or
+# McCabe complexity (`C901`) by default.
+select = ["E4", "E7", "E9", "F"]
+ignore = []
+
+# Allow fix for all enabled rules (when `--fix`) is provided.
+fixable = ["ALL"]
+unfixable = []
+
+# Allow unused variables when underscore-prefixed.
+dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$"
+
+[tool.ruff.format]
+# Like Black, use double quotes for strings.
+quote-style = "double"
+
+# Like Black, indent with spaces, rather than tabs.
+indent-style = "space"
+
+# Like Black, respect magic trailing commas.
+skip-magic-trailing-comma = false
+
+# Like Black, automatically detect the appropriate line ending.
+line-ending = "auto"
+
+# Enable auto-formatting of code examples in docstrings. Markdown,
+# reStructuredText code/literal blocks and doctests are all supported.
+#
+# This is currently disabled by default, but it is planned for this
+# to be opt-out in the future.
+docstring-code-format = false
+
+# Set the line length limit used when formatting code snippets in
+# docstrings.
+#
+# This only has an effect when the `docstring-code-format` setting is
+# enabled.
+docstring-code-line-length = "dynamic"

pytest.ini

@@ -0,0 +1,3 @@
+[pytest]
+; addopts = -v --no-cov --capture=no
+addopts = -v --no-cov --tb=short -ra

socketsecurity/core/__init__.py

@@ -1,6 +1,8 @@
 import logging
 from pathlib import PurePath
-
+from typing import Optional
+from .config import CoreConfig
+from .utils import encode_key, do_request, socket_globs
 import requests
 from urllib.parse import urlencode
 import base64
@@ -25,6 +27,7 @@
 import platform
 from glob import glob
 import time
+import sys
 
 __all__ = [
     "Core",
@@ -49,182 +52,6 @@
 log = logging.getLogger("socketdev")
 log.addHandler(logging.NullHandler())
 
-socket_globs = {
-    "spdx": {
-        "spdx.json": {
-            "pattern": "*[-.]spdx.json"
-        }
-    },
-    "cdx": {
-        "cyclonedx.json": {
-            "pattern": "{bom,*[-.]c{yclone,}dx}.json"
-        },
-        "xml": {
-            "pattern": "{bom,*[-.]c{yclone,}dx}.xml"
-        }
-    },
-    "npm": {
-        "package.json": {
-            "pattern": "package.json"
-        },
-        "package-lock.json": {
-            "pattern": "package-lock.json"
-        },
-        "npm-shrinkwrap.json": {
-            "pattern": "npm-shrinkwrap.json"
-        },
-        "yarn.lock": {
-            "pattern": "yarn.lock"
-        },
-        "pnpm-lock.yaml": {
-            "pattern": "pnpm-lock.yaml"
-        },
-        "pnpm-lock.yml": {
-            "pattern": "pnpm-lock.yml"
-        },
-        "pnpm-workspace.yaml": {
-            "pattern": "pnpm-workspace.yaml"
-        },
-        "pnpm-workspace.yml": {
-            "pattern": "pnpm-workspace.yml"
-        }
-    },
-    "pypi": {
-        "pipfile": {
-            "pattern": "pipfile"
-        },
-        "pyproject.toml": {
-            "pattern": "pyproject.toml"
-        },
-        "poetry.lock": {
-            "pattern": "poetry.lock"
-        },
-        "requirements.txt": {
-            "pattern": "*requirements.txt"
-        },
-        "requirements": {
-            "pattern": "requirements/*.txt"
-        },
-        "requirements-*.txt": {
-            "pattern": "requirements-*.txt"
-        },
-        "requirements_*.txt": {
-            "pattern": "requirements_*.txt"
-        },
-        "requirements.frozen": {
-            "pattern": "requirements.frozen"
-        },
-        "setup.py": {
-            "pattern": "setup.py"
-        }
-    },
-    "golang": {
-        "go.mod": {
-            "pattern": "go.mod"
-        },
-        "go.sum": {
-            "pattern": "go.sum"
-        }
-    },
-    "java": {
-        "pom.xml": {
-            "pattern": "pom.xml"
-        }
-    }
-}
-
-
-def encode_key(token: str) -> None:
-    """
-    encode_key takes passed token string and does a base64 encoding. It sets this as a global variable
-    :param token: str of the Socket API Security Token
-    :return:
-    """
-    global encoded_key
-    encoded_key = base64.b64encode(token.encode()).decode('ascii')
-
-
-def do_request(
-        path: str,
-        headers: dict = None,
-        payload: [dict, str] = None,
-        files: list = None,
-        method: str = "GET",
-        base_url: str = None,
-) -> requests.request:
-    """
-    do_requests is the shared function for making HTTP calls
-    :param base_url:
-    :param path: Required path for the request
-    :param headers: Optional dictionary of headers. If not set will use a default set
-    :param payload: Optional dictionary or string of the payload to pass
-    :param files: Optional list of files to upload
-    :param method: Optional method to use, defaults to GET
-    :return:
-    """
-
-    if base_url is not None:
-        url = f"{base_url}/{path}"
-    else:
-        if encoded_key is None or encoded_key == "":
-            raise APIKeyMissing
-        url = f"{api_url}/{path}"
-
-    if headers is None:
-        headers = {
-            'Authorization': f"Basic {encoded_key}",
-            'User-Agent': f'SocketPythonCLI/{__version__}',
-            "accept": "application/json"
-        }
-    verify = True
-    if allow_unverified_ssl:
-        verify = False
-    response = requests.request(
-        method.upper(),
-        url,
-        headers=headers,
-        data=payload,
-        files=files,
-        timeout=timeout,
-        verify=verify
-    )
-    output_headers = headers.copy()
-    output_headers['Authorization'] = "API_KEY_REDACTED"
-    output = {
-        "url": url,
-        "headers": output_headers,
-        "status_code": response.status_code,
-        "body": response.text,
-        "payload": payload,
-        "files": files,
-        "timeout": timeout
-    }
-    log.debug(output)
-    if response.status_code <= 399:
-        return response
-    elif response.status_code == 400:
-        raise APIFailure(output)
-    elif response.status_code == 401:
-        raise APIAccessDenied("Unauthorized")
-    elif response.status_code == 403:
-        raise APIInsufficientQuota("Insufficient max_quota for API method")
-    elif response.status_code == 404:
-        raise APIResourceNotFound(f"Path not found {path}")
-    elif response.status_code == 429:
-        raise APIInsufficientQuota("Insufficient quota for API route")
-    elif response.status_code == 524:
-        raise APICloudflareError(response.text)
-    else:
-        msg = {
-            "status_code": response.status_code,
-            "UnexpectedError": "There was an unexpected error using the API",
-            "error": response.text,
-            "payload": payload,
-            "url": url
-        }
-        raise APIFailure(msg)
-
-
 class Core:
     token: str
     base_api_url: str
@@ -291,7 +118,11 @@ def set_timeout(request_timeout: int):
         :return:
         """
         global timeout
+        print(f"Setting timeout in module {__name__} at {id(sys.modules[__name__])}")
+        print(f"Current timeout value: {timeout}")
+        print(f"Setting to: {request_timeout}")
         timeout = request_timeout
+        print(f"New timeout value: {timeout}")
 
     @staticmethod
     def get_org_id_slug() -> (str, str):

socketsecurity/core/config.py

@@ -0,0 +1,32 @@
+from dataclasses import dataclass
+from typing import ClassVar
+
+@dataclass
+class CoreConfig:
+    """Configuration for the Socket Security Core class"""
+
+    # Required
+    token: str
+
+    # Optional with defaults
+    api_url: str = "https://api.socket.dev/v0"
+    timeout: int = 30
+    enable_all_alerts: bool = False
+    allow_unverified_ssl: bool = False
+
+    # Constants
+    SOCKET_DATE_FORMAT: ClassVar[str] = "%Y-%m-%dT%H:%M:%S.%fZ"
+    DEFAULT_API_URL: ClassVar[str] = "https://api.socket.dev/v0"
+    DEFAULT_TIMEOUT: ClassVar[int] = 30
+
+    def __post_init__(self) -> None:
+        """Validate and process config after initialization"""
+        # Business rule validations
+        if not self.token:
+            raise ValueError("Token is required")
+        if self.timeout <= 0:
+            raise ValueError("Timeout must be positive")
+
+        # Business logic
+        if not self.token.endswith(':'):
+            self.token = f"{self.token}:"