From a6fa4c30cc57fca43d48c7dc0cdb72de81f4e477 Mon Sep 17 00:00:00 2001
From: Ajin Abraham <ajin25@gmail.com>
Date: Mon, 4 Nov 2024 15:36:10 -0800
Subject: [PATCH] Bump semgrep to 1.86.0 (#121)

* Bump semgrep to 1.86.0

* fix test

* update readme

* codeql version
---
 Dockerfile                |  2 +-
 README.md                 | 12 +++++++++---
 njsscan/__init__.py       |  2 +-
 setup.py                  |  2 +-
 tests/unit/test_nodejs.py |  2 +-
 tox.ini                   |  2 +-
 6 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 53aa40c..a538bdb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.11.0-slim
+FROM python:3.12-slim
 
 RUN apt-get update \
 && apt-get install gcc -y \
diff --git a/README.md b/README.md
index d3e6390..7f27631 100644
--- a/README.md
+++ b/README.md
@@ -185,7 +185,10 @@ jobs:
     name: njsscan check
     steps:
     - name: Checkout the code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4.2.2
+    - uses: actions/setup-python@v5.3.0
+      with:
+        python-version: '3.12'
     - name: nodejsscan scan
       id: njsscan
       uses: ajinabraham/njsscan-action@master
@@ -211,14 +214,17 @@ jobs:
     name: njsscan code scanning
     steps:
     - name: Checkout the code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4.2.2
+    - uses: actions/setup-python@v5.3.0
+      with:
+        python-version: '3.12'
     - name: nodejsscan scan
       id: njsscan
       uses: ajinabraham/njsscan-action@master
       with:
         args: '. --sarif --output results.sarif || true'
     - name: Upload njsscan report
-      uses: github/codeql-action/upload-sarif@v1
+      uses: github/codeql-action/upload-sarif@v2
       with:
         sarif_file: results.sarif
 ```
diff --git a/njsscan/__init__.py b/njsscan/__init__.py
index 54058fc..1716c21 100644
--- a/njsscan/__init__.py
+++ b/njsscan/__init__.py
@@ -6,7 +6,7 @@
 __title__ = 'njsscan'
 __authors__ = 'Ajin Abraham'
 __copyright__ = f'Copyright {datetime.now().year} Ajin Abraham, OpenSecurity'
-__version__ = '0.3.7'
+__version__ = '0.4.0'
 __version_info__ = tuple(int(i) for i in __version__.split('.'))
 __all__ = [
     '__title__',
diff --git a/setup.py b/setup.py
index a52fb48..27c8e0b 100644
--- a/setup.py
+++ b/setup.py
@@ -49,7 +49,7 @@ def get_version(rel_path):
     long_description_content_type='text/markdown',
     install_requires=[
         'colorama>=0.4.5',
-        'libsast>=2.0.0',
+        'libsast>=3.1.0',
         'sarif-om>=1.0.4',
         'jschema-to-python>=1.2.3',
         'tabulate>=0.8.10',
diff --git a/tests/unit/test_nodejs.py b/tests/unit/test_nodejs.py
index 1482874..9df54cd 100644
--- a/tests/unit/test_nodejs.py
+++ b/tests/unit/test_nodejs.py
@@ -47,7 +47,7 @@
     'node_deserialize': 1,
     'serializetojs_deserialize': 2,
     'yaml_deserialize': 3,
-    'hardcoded_jwt_secret': 8,
+    'hardcoded_jwt_secret': 19,
     'node_secret': 11,
     'node_password': 9,
     'node_username': 1,
diff --git a/tox.ini b/tox.ini
index d66b174..95b5e88 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
 [tox]
-envlist = py37, py38
+envlist = py37, py38, py39
 skipsdist = True
 toxworkdir=.tox-semgrep