1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
//! Input bundles for security detector file-scanning methods.
//!
//! Most security detectors expose a private `scan_file_line` (regex/text)
//! and `scan_file_ast` (tree-sitter) entry point. These two structs
//! group the inputs that every such method takes, eliminating the
//! `(path, content, ext, lang, cached_tree)` data clumps that
//! DataClumpsDetector flagged.
use std::path::Path;
use crate::parsers::lightweight::Language;
/// Inputs common to every security per-file scan, regardless of mode.
///
/// Constructed once by the caller per file and passed by reference to
/// the detector's `scan_file_line` / regex helpers.
pub(super) struct ScanInputs<'a> {
pub path: &'a Path,
pub content: &'a str,
pub ext: &'a str,
}
impl<'a> ScanInputs<'a> {
pub fn new(path: &'a Path, content: &'a str, ext: &'a str) -> Self {
Self { path, content, ext }
}
}
/// Inputs for AST-based security scans. Extends [`ScanInputs`] with the
/// detected language and an optional pre-parsed tree (the engine caches
/// trees and reuses them across detectors).
pub(super) struct ScanAstInputs<'a> {
pub scan: ScanInputs<'a>,
pub lang: Language,
pub cached_tree: Option<&'a tree_sitter::Tree>,
}
impl<'a> ScanAstInputs<'a> {
pub fn new(
scan: ScanInputs<'a>,
lang: Language,
cached_tree: Option<&'a tree_sitter::Tree>,
) -> Self {
Self {
scan,
lang,
cached_tree,
}
}
/// Convenience accessor for the path (most callers want this).
pub fn path(&self) -> &Path {
self.scan.path
}
/// Convenience accessor for the content.
pub fn content(&self) -> &str {
self.scan.content
}
/// Convenience accessor for the extension.
pub fn ext(&self) -> &str {
self.scan.ext
}
}