Metadata-Version: 2.4
Name: fluidattacks-sifts
Version: 0.2.14
Requires-Python: <3.13,>=3.12
Description-Content-Type: text/markdown
Requires-Dist: aioboto3==14.3.0
Requires-Dist: aiofiles==24.1.0
Requires-Dist: aiosqlite==0.21.0
Requires-Dist: asyncache==0.3.1
Requires-Dist: click==8.1.8
Requires-Dist: diskcache==5.6.3
Requires-Dist: fluidattacks-core==2.7.4
Requires-Dist: langsmith[openai-agents]>=0.4.1
Requires-Dist: litellm==1.71.2
Requires-Dist: more-itertools==10.7.0
Requires-Dist: openai==1.82.1
Requires-Dist: openai-agents==0.0.16
Requires-Dist: opensearch-py==2.8.0
Requires-Dist: orjson==3.10.18
Requires-Dist: platformdirs==4.3.8
Requires-Dist: pydantic==2.11.5
Requires-Dist: pyyaml==6.0.2
Requires-Dist: reactivex==4.0.4
Requires-Dist: redis==6.2.0
Requires-Dist: sarif-om==1.0.4
Requires-Dist: thefuzz==0.22.1
Requires-Dist: tinydb==4.8.2
Requires-Dist: types-aioboto3[dynamodb,s3,sqs]==14.3.0
Requires-Dist: voyageai==0.3.2

# Sifts

Code analysis tool with YAML configuration support.

## Configuration

You can now run Sifts using a YAML configuration file:

```bash
python -m src.cli run-with-config config_example.yaml
````

### Configuration Format

The configuration file follows this structure:

```yaml
analysis:
  working_dir: "."              # Working directory (must exist)
  include_files:
    - "src/**/*.py"             # Glob patterns for files to include
  exclude_files:
    - "tests/**"                # Glob patterns for files to exclude
  lines_to_check:               # Specific lines to check in specific files (must exist)
    - file: "src/cli.py"
      lines: [12, 45, 78]
    - file: "src/config.py"     # You can specify multiple files
      lines: [10, 20]
    - file: "src/cli.py"        # Entries with the same file path will be merged
      lines: [100, 200]         # Will be combined with the previous entry for src/cli.py
  include_vulnerabilities:      # Types of vulnerabilities to check for
    - insecure_auth
    - sql_injection
    - xss
  exclude_vulnerabilities: []   # Types of vulnerabilities to exclude
  use_default_exclude_files: true  # Use default exclude files list
  split_subdirectories: true    # Split subdirectories for analysis

output:
  format: "json"                # Output format
  path: "reports/report.json"   # Output file path (directory will be created if needed)

runtime:
  parallel: true                # Whether to run in parallel
  threads: 4                    # Number of threads to use
```

## Line Merging

When multiple entries in `lines_to_check` reference the same file path, they will be automatically merged into a single entry with the combined list of line numbers. Duplicate line numbers are automatically removed, and the final list is sorted in ascending order.

For example, the above configuration will result in the following after processing:

```yaml
lines_to_check:
  - file: "src/cli.py"
    lines: [12, 45, 78, 100, 200]  # Combined from both entries
  - file: "src/config.py"
    lines: [10, 20]
```

## Path Validation

The configuration includes strict path validation:

### Paths that must exist (for analysis)

* Working directory (`working_dir`)
* Files specified in `lines_to_check`
* Exact file paths in `include_files` (non-glob patterns)

### Paths that will be created (for output)

* Output directory (parent directory of `output.path`)

The validation ensures that all files to be analyzed actually exist, while automatically creating any necessary output directories.

## Requirements

Install the required dependencies using Poetry:

```bash
poetry install
```
