Coverage for src/qdrant_loader/core/chunking/strategy/code/metadata/security.py: 91%

23 statements  

« prev     ^ index     » next       coverage.py v7.10.6, created at 2025-09-08 06:05 +0000

1from __future__ import annotations 

2 

3 

4def analyze_security_patterns(content: str) -> dict[str, list[str]]: 

5 security_indicators = { 

6 "potential_vulnerabilities": [], 

7 "security_practices": [], 

8 "sensitive_data_handling": [], 

9 } 

10 

11 content_lower = content.lower() 

12 

13 if "eval(" in content_lower: 

14 security_indicators["potential_vulnerabilities"].append("eval_usage") 

15 if "exec(" in content_lower: 

16 security_indicators["potential_vulnerabilities"].append("exec_usage") 

17 if "sql" in content_lower and any( 

18 k in content_lower for k in ["select", "insert", "update"] 

19 ): 

20 security_indicators["potential_vulnerabilities"].append("sql_queries") 

21 if "password" in content_lower and "plain" in content_lower: 

22 security_indicators["potential_vulnerabilities"].append("plaintext_password") 

23 

24 if any(k in content_lower for k in ["hash", "encrypt", "bcrypt", "pbkdf2"]): 

25 security_indicators["security_practices"].append("password_hashing") 

26 if any(k in content_lower for k in ["csrf", "xss", "sanitize"]): 

27 security_indicators["security_practices"].append("web_security") 

28 if "https" in content_lower: 

29 security_indicators["security_practices"].append("secure_transport") 

30 

31 if any(k in content_lower for k in ["api_key", "secret", "token", "credential"]): 

32 security_indicators["sensitive_data_handling"].append("credentials") 

33 if any(k in content_lower for k in ["email", "phone", "ssn", "credit_card"]): 

34 security_indicators["sensitive_data_handling"].append("pii_data") 

35 

36 return security_indicators