repopilot 0.10.0

Local-first CLI for repository audit, architecture risk detection, baseline tracking, and CI-friendly code review.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

use super::registration::{
    CODE_MARKER_RULES, FileAuditRegistration, LANGUAGE_RISK_RULES, file_metadata,
};
use crate::audits::architecture::large_file::LargeFileAudit;
use crate::audits::code_quality::code_markers::CodeMarkerAudit;
use crate::audits::code_quality::complexity::ComplexityAudit;
use crate::audits::code_quality::language_risk::LanguageRiskAudit;
use crate::audits::code_quality::long_function::LongFunctionAudit;
use crate::audits::code_quality::rust_panic_risk::RustPanicRiskAudit;
use crate::audits::security::private_key_candidate::PrivateKeyCandidateAudit;
use crate::audits::security::secret_candidate::SecretCandidateAudit;
use crate::audits::traits::FileAudit;
use crate::findings::types::FindingCategory;
use crate::scan::config::ScanConfig;

pub fn registered_file_audits(config: &ScanConfig) -> Vec<FileAuditRegistration> {
    let mut audits = vec![
        FileAuditRegistration::new(
            file_metadata(
                "audit.file.architecture.large-file",
                FindingCategory::Architecture,
                &["architecture.large-file"],
            ),
            Box::new(LargeFileAudit),
        ),
        FileAuditRegistration::new(
            file_metadata(
                "audit.file.code-quality.code-markers",
                FindingCategory::CodeQuality,
                CODE_MARKER_RULES,
            ),
            Box::new(CodeMarkerAudit),
        ),
        FileAuditRegistration::new(
            file_metadata(
                "audit.file.security.private-key-candidate",
                FindingCategory::Security,
                &["security.private-key-candidate"],
            ),
            Box::new(PrivateKeyCandidateAudit),
        ),
        FileAuditRegistration::new(
            file_metadata(
                "audit.file.code-quality.complexity",
                FindingCategory::CodeQuality,
                &["code-quality.complex-file"],
            ),
            Box::new(ComplexityAudit),
        ),
        FileAuditRegistration::new(
            file_metadata(
                "audit.file.code-quality.long-function",
                FindingCategory::CodeQuality,
                &["code-quality.long-function"],
            ),
            Box::new(LongFunctionAudit),
        ),
        FileAuditRegistration::new(
            file_metadata(
                "audit.file.language.rust-panic-risk",
                FindingCategory::CodeQuality,
                &["language.rust.panic-risk"],
            ),
            Box::new(RustPanicRiskAudit),
        ),
        FileAuditRegistration::new(
            file_metadata(
                "audit.file.language.runtime-risk",
                FindingCategory::CodeQuality,
                LANGUAGE_RISK_RULES,
            ),
            Box::new(LanguageRiskAudit),
        ),
    ];

    if config.detect_secret_like_names {
        audits.insert(
            2,
            FileAuditRegistration::new(
                file_metadata(
                    "audit.file.security.secret-candidate",
                    FindingCategory::Security,
                    &["security.secret-candidate"],
                ),
                Box::new(SecretCandidateAudit),
            ),
        );
    }

    audits
}

pub fn build_file_audits(config: &ScanConfig) -> Vec<Box<dyn FileAudit>> {
    registered_file_audits(config)
        .into_iter()
        .map(FileAuditRegistration::into_audit)
        .collect()
}