chore: implement method to validate suspicious packages for malicious…

… behavior
oracle · Dec 19, 2024 · a494c61 · a494c61
1 parent 1ea1bd5
commit a494c61
Show file tree

Hide file tree

Showing 7 changed files with 730 additions and 0 deletions.
diff --git a/src/macaron/__main__.py b/src/macaron/__main__.py
@@ -179,6 +179,7 @@ def analyze_slsa_levels_single(analyzer_single_args: argparse.Namespace) -> None
         analyzer_single_args.sbom_path,
         deps_depth,
         provenance_payload=prov_payload,
+        validate_malware_switch=analyzer_single_args.validate_malware_switch,
     )
     sys.exit(status_code)
 
@@ -483,6 +484,13 @@ def main(argv: list[str] | None = None) -> None:
             "The path to the local .m2 directory. If this option is not used, Macaron will use the default location at $HOME/.m2"
         ),
     )
+
+    single_analyze_parser.add_argument(
+        "--validate-malware-switch",
+        required=False,
+        action="store_true",
+        help=("Enable malware validation."),
+    )
 
     # Dump the default values.
     sub_parser.add_parser(name="dump-defaults", description="Dumps the defaults.ini file to the output directory.")