This script extracts changed code or in-scope files from codebase and then run cloc utility to get Lines of Code (LOC). Then scan in-scope files with Checkmarx CxSAST and generate report.
- Selenium WebDriver & Python Client (https://www.seleniumhq.org/download/)
- cloc (http://cloc.sourceforge.net/)
D:\Code\Python_programs>codeXaminer.py -h
usage: codeXaminer.py [-h]
sourcePath
destinationPath
changedFileList
clocPath
projectName
positional arguments:
sourcePath -> Enter local path where codebase is located
destinationPath -> Enter local path where changed code or in-scope files will be saved
changedFileList -> Enter local path of the file containing list of changed code or in-scope files
clocPath -> Enter local path of the cloc utility
projectName -> Enter a unique project code or name
optional arguments:
-h, --help show this help message and exit
I developed it to help my colleagues who do code review. This helped us to channel our saved time and effort at code analysis on tight time constraint projects with huge codebase.
If you understand DOM, then you can easily tweak the code to work with any Enterprise scanner of your choice. Also, I've added comments wherever possible for better understanding.
I'd love to hear if this helped you in anyway.