Fix some issues and add limits for scanning

Author: RedRaysTeam

generate_xlsx_report.py

@@ -1,13 +1,12 @@
-from dataclasses import dataclass
-from typing import List
+# generate_xlsx_report.py
 
-import openpyxl
-from openpyxl.styles import Font, PatternFill, Alignment
+from openpyxl import Workbook
+from openpyxl.styles import Font, PatternFill, Alignment, Border, Side
 from openpyxl.utils import get_column_letter
+from typing import List, NamedTuple
+import re
 
-
-@dataclass
-class ScanResult:
+class ScanResult(NamedTuple):
     file_path: str
     line_number: int
     title: str
@@ -27,12 +26,9 @@ def severity_key(result: ScanResult):
 
 
 def generate_xlsx_report(results: List[ScanResult], output_file: str):
-    # Sort results by severity
-    results.sort(key=severity_key)
-
-    wb = openpyxl.Workbook()
+    wb = Workbook()
     ws = wb.active
-    ws.title = "Scan Results"
+    ws.title = "Security Scan Results"
 
     # Define styles
     header_font = Font(bold=True, color="FFFFFF")
@@ -93,17 +89,12 @@ def generate_xlsx_report(results: List[ScanResult], output_file: str):
     # Save the workbook
     wb.save(output_file)
 
-
-# Example usage
 if __name__ == "__main__":
-    # Sample data
+    # Example usage
     sample_results = [
-        ScanResult("file1.abap", 10, "CheckCrossSiteScripting", "Potential XSS vulnerability", "High"),
-        ScanResult("file2.abap", 25, "CheckHardcodedCredentials", "Hardcoded password detected", "Critical"),
-        ScanResult("file1.abap", 50, "CheckOSCommandInjection", "Potential OS command injection", "High"),
-        ScanResult("file3.abap", 100, "CheckWeakCrypto", "Use of weak cryptographic algorithm", "Medium"),
-        ScanResult("file4.abap", 75, "CheckInfoDisclosure", "Potential information disclosure", "Low"),
+        ScanResult("file1.abap", 10, "Potential XSS", "Unsanitized input", "High"),
+        ScanResult("file2.abap", 25, "SQL Injection", "Dynamic SQL query", "Critical"),
+        # Add more sample results as needed
     ]
-
-    generate_xlsx_report(sample_results, "security_scan_report.xlsx")
-    print("XLSX report generated successfully.")
+    generate_xlsx_report(sample_results, "sample_security_scan_report.xlsx")
+    print("Sample report generated: sample_security_scan_report.xlsx")

scanner.py

@@ -27,7 +27,7 @@ def _load_checks(self):
             checks.append(check_class())
         return checks
 
-    def scan(self, path: str) -> List[ScanResult]:
+    def scan(self, path: str, limit: int = 40000) -> List[ScanResult]:
         results = []
         files_to_scan = []
 
@@ -39,6 +39,13 @@ def scan(self, path: str) -> List[ScanResult]:
                 for file in files:
                     if any(file.endswith(ext) for ext in self.config.get_file_extensions()):
                         files_to_scan.append(os.path.join(root, file))
+                        if len(files_to_scan) >= limit:
+                            break
+                if len(files_to_scan) >= limit:
+                    break
+
+        # Limit the number of files to scan
+        files_to_scan = files_to_scan[:limit]
 
         # Scan files with progress bar
         for file_path in tqdm(files_to_scan, desc="Scanning files", unit="file"):