-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpyproject.toml
More file actions
130 lines (118 loc) · 3.18 KB
/
pyproject.toml
File metadata and controls
130 lines (118 loc) · 3.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
[build-system]
requires = ["setuptools>=61.0", "wheel"]
build-backend = "setuptools.build_meta"
[project]
name = "securefix"
version = "0.1.0"
description = "Static Application Security Testing with Smart Remediation"
readme = "README.md"
requires-python = ">=3.8"
authors = [
{name = "HakAl" }
]
keywords = ["security", "sast", "vulnerability", "remediation", "llm"]
classifiers = [
"Development Status :: 3 - Alpha",
"Intended Audience :: Developers",
"Topic :: Security",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
"Programming Language :: Python :: 3.12",
]
dependencies = [
"requests>=2.32.0,<3.0.0",
"click>=8.3.0,<9.0.0",
"langchain>=0.1.0",
"langchain-community>=0.3.0,<0.4.0",
"langchain-chroma>=0.1.0",
"langchain-core>=0.3.0,<0.4.0",
"langchain-huggingface>=0.1.0",
"langchain-ollama>=0.1.0",
"langchain-google-genai>=2.0.0,<3.0.0",
"sentence-transformers>=2.2.0",
"rank-bm25>=0.2.1",
"chromadb>=0.4.0",
"tqdm>=4.65.0",
"numpy>=1.21.0",
"nltk>=3.8.0",
"google-generativeai",
"pyyaml>=6.0",
"markdown>=3.4.0",
"pydantic>=2.0,<3.0",
"python-dotenv>=1.0.0",
"bandit>=1.8.0,<2.0.0",
"json-repair>=0.52.0,<1.0.0",
"tomli>=2.0.0; python_version < '3.11'",
"packaging>=21.0",
]
[project.optional-dependencies]
# Development dependencies
dev = [
"pytest>=7.0.0",
"pytest-cov>=4.0.0",
"pytest-asyncio>=0.21.0",
]
# LlamaCPP support for local model inference
llamacpp = [
"llama-cpp-python>=0.2.0",
]
# MCP (Model Context Protocol) integration for GitHub PR automation
mcp = [
"fastmcp>=0.2.0",
"libcst>=1.0.0",
]
# All optional dependencies
all = [
"securefix[dev,llamacpp,mcp]",
]
[project.scripts]
securefix = "securefix.cli:cli"
[project.urls]
Homepage = "https://github.com/HakAl/securefix"
Repository = "https://github.com/HakAl/securefix"
Issues = "https://github.com/HakAl/securefix/issues"
[tool.setuptools.packages.find]
where = ["."]
include = ["securefix*"]
exclude = ["tests*", "docs*"]
[tool.pytest.ini_options]
testpaths = ["tests"]
python_files = ["test_*.py"]
python_classes = ["Test*"]
python_functions = ["test_*"]
addopts = [
"-v",
"--strict-markers",
"--cov=securefix",
"--cov-report=term-missing",
"--cov-report=html",
]
markers = [
"slow: marks tests as slow (deselect with '-m \"not slow\"')",
"integration: marks tests as integration tests",
"unit: marks tests as unit tests",
"requires_nltk: marks tests that require NLTK data",
"requires_api: marks tests that require API keys",
"requires_mcp: marks tests that require MCP server (github-mcp-server)",
"asyncio: marks tests as async (pytest-asyncio)",
]
[tool.coverage.run]
source = ["securefix"]
omit = [
"*/tests/*",
"*/test_*.py",
"*/__pycache__/*",
"*/venv/*",
]
[tool.coverage.report]
exclude_lines = [
"pragma: no cover",
"def __repr__",
"raise AssertionError",
"raise NotImplementedError",
"if __name__ == .__main__.:",
"if TYPE_CHECKING:",
]