Skip to content

test: resolve bugs in sourcecode analyzer to allow unit tests to run offline #1136

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Aug 15, 2025
Merged

test: resolve bugs in sourcecode analyzer to allow unit tests to run offline #1136

merged 4 commits into from
Aug 15, 2025

Conversation

art1f1c3R
Copy link
Member

@art1f1c3R art1f1c3R commented Aug 1, 2025
edited
Loading

Summary

To address #1129, this PR modifies some configurations for Semgrep in pypi_sourcecode_analyzer to allow unit tests to run completely offline.

Description of changes

The following command line arguments are added to prevent operations in Semgrep that make network connections:

  • Semgrep metrics are disabled, as these make network connections to metrics.semgrep.dev:443.
  • The version check is disabled, as this makes a connection to Semgrep servers to see if the latest version is run.

After adding this, there are still network connections made by semgrep scan --validate to pull in linting rules. Currently, there is no way to run this without pulling in the rules using that remote connection (a feature request for this is here). To allow this functionality to still exist, instead of raising a ConfigurationError at initialisation, instead it logs a warning if the validation process failed, so if it failed due to being unable to make a network connection, it can still continue. The error is then cause in the analyze function when trying to run Semgrep. Changing this to a warning and not an error will not have an effect on any existing functionality.

Related issues

Closes #1129.

Checklist

  • I have reviewed the contribution guide.
  • My PR title and commits follow the Conventional Commits convention.
  • My commits include the "Signed-off-by" line.
  • I have signed my commits following the instructions provided by GitHub. Note that we run GitHub's commit verification tool to check the commit signatures. A green verified label should appear next to all of your commits on GitHub.
  • I have updated the relevant documentation, if applicable.
  • I have tested my changes and verified they work as expected.

@oracle-contributor-agreement oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Aug 1, 2025
@art1f1c3R art1f1c3R force-pushed the art1f1c3R/semgrep_offline_fix branch from 5b2b38b to 905ffb0 Compare August 7, 2025 05:55
@art1f1c3R art1f1c3R changed the title fix: resolve bugs in sourcecode analyzer to allow unit tests to run offline test: resolve bugs in sourcecode analyzer to allow unit tests to run offline Aug 7, 2025
@art1f1c3R art1f1c3R marked this pull request as ready for review August 7, 2025 06:20
@art1f1c3R art1f1c3R force-pushed the art1f1c3R/semgrep_offline_fix branch from aaee57a to ed3c030 Compare August 8, 2025 06:01
@art1f1c3R art1f1c3R force-pushed the art1f1c3R/semgrep_offline_fix branch from b787996 to c63e432 Compare August 15, 2025 01:38
@art1f1c3R art1f1c3R force-pushed the art1f1c3R/semgrep_offline_fix branch from 810779e to 328ad1e Compare August 15, 2025 03:53
@art1f1c3R art1f1c3R merged commit 2bc60e9 into main Aug 15, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@behnazh-w behnazh-w behnazh-w approved these changes

@tromai tromai Awaiting requested review from tromai

Assignees

No one assigned

Labels

OCA Verified All contributors have signed the Oracle Contributor Agreement.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug] - sourcecode analyzer unit tests do not run offline

2 participants

@art1f1c3R @behnazh-w