-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest_github_scan.py
More file actions
105 lines (84 loc) · 3.2 KB
/
test_github_scan.py
File metadata and controls
105 lines (84 loc) · 3.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
#!/usr/bin/env python
"""
Test script for GitHub repo scanning
"""
import os
import sys
import json
import argparse
import tempfile
import shutil
from backend.core.security_agent import SecurityAgent
def test_with_local_files():
"""Test with local Solidity files instead of GitHub"""
print("No valid GitHub token available. Testing with local files instead.")
# Create a temporary Solidity file
temp_dir = tempfile.mkdtemp()
try:
# Create a simple vulnerable Solidity contract
contract_content = """
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract VulnerableContract {
mapping(address => uint) public balances;
function deposit() public payable {
balances[msg.sender] += msg.value;
}
// Vulnerable to reentrancy
function withdraw(uint _amount) public {
require(balances[msg.sender] >= _amount, "Insufficient balance");
// Vulnerability: State change after external call
(bool success, ) = msg.sender.call{value: _amount}("");
require(success, "Transfer failed");
balances[msg.sender] -= _amount;
}
}
"""
sol_file = os.path.join(temp_dir, "vulnerable.sol")
with open(sol_file, "w") as f:
f.write(contract_content)
print(f"Created test file: {sol_file}")
# Test with the SecurityAgent
agent = SecurityAgent()
results = agent.run(sol_file)
# Print results
print(json.dumps(results, indent=2))
finally:
# Clean up
shutil.rmtree(temp_dir)
def main():
# Parse command-line arguments
parser = argparse.ArgumentParser(description='Test GitHub repository scanning')
parser.add_argument('--token', '-t', help='GitHub API token')
parser.add_argument('--repo', '-r', default="https://github.com/haruto0kitune/vulnerable-solidity-examples",
help='GitHub repository URL to scan')
parser.add_argument('--local', '-l', action='store_true', help='Use local testing mode instead of GitHub')
args = parser.parse_args()
# Set environment variables
os.environ["LOG_LEVEL"] = "DEBUG"
# If local testing is requested, skip GitHub and test with local files
if args.local:
test_with_local_files()
return
# Set GitHub token from args or environment
github_token = args.token or os.environ.get("GITHUB_TOKEN")
if github_token:
os.environ["GITHUB_TOKEN"] = github_token
print(f"Using GitHub token: {github_token[:4]}...{github_token[-4:] if len(github_token) > 8 else '****'}")
else:
print("WARNING: No GitHub token provided. API rate limits may apply.")
print("You may want to run with --local to test with local files instead.")
# Create security agent
agent = SecurityAgent()
repo_url = args.repo
print(f"Scanning GitHub repository: {repo_url}")
# Call scan_github_repo method
results = agent.scan_github_repo(
repo_url=repo_url,
output_format="json",
token=github_token
)
# Print results
print(json.dumps(results, indent=2))
if __name__ == "__main__":
main()