feat: recursively look for lock files (elementsinteractive#332)

Author: sdn4z

src/twyn/cli.py

@@ -47,6 +47,7 @@ def entry_point() -> None:
 @click.option(
     "--dependency-file",
     type=str,
+    multiple=True,
     help=(
         "Dependency file to analyze. By default, twyn will search in the current directory "
         "for supported files, but this option will override that behavior."
@@ -112,7 +113,7 @@ def entry_point() -> None:
 )
 def run(  # noqa: C901
     config: str,
-    dependency_file: Optional[str],
+    dependency_file: tuple[str],
     dependency: tuple[str],
     selector_method: str,
     v: bool,
@@ -133,15 +134,16 @@ def run(  # noqa: C901
             "Only one of --dependency or --dependency-file can be set at a time.", ctx=click.get_current_context()
         )
 
-    if dependency_file and not any(dependency_file.endswith(key) for key in DEPENDENCY_FILE_MAPPING):
-        raise click.UsageError("Dependency file name not supported.", ctx=click.get_current_context())
+    for dep_file in dependency_file:
+        if dep_file and not any(dep_file.endswith(key) for key in DEPENDENCY_FILE_MAPPING):
+            raise click.UsageError(f"Dependency file name {dep_file} not supported.", ctx=click.get_current_context())
 
     try:
         possible_typos = check_dependencies(
             selector_method=selector_method,
             dependencies=set(dependency) or None,
             config_file=config,
-            dependency_file=dependency_file,
+            dependency_file=set(dependency_file) or None,
             use_cache=not no_cache if no_cache is not None else no_cache,
             show_progress_bar=False if json else not no_track,
             load_config_from_file=True,

src/twyn/config/config_handler.py

@@ -32,7 +32,7 @@
 class TwynConfiguration:
     """Fully resolved configuration for Twyn."""
 
-    dependency_file: Optional[str]
+    dependency_file: Optional[list[str]]
     selector_method: str
     allowlist: set[str]
     source: Optional[str]
@@ -45,7 +45,7 @@ class TwynConfiguration:
 class ReadTwynConfiguration:
     """Configuration for twyn as set by the user. It may have None values."""
 
-    dependency_file: Optional[str] = None
+    dependency_file: Optional[list[str]] = None
     selector_method: Optional[str] = None
     allowlist: set[str] = field(default_factory=set)
     source: Optional[str] = None
@@ -63,7 +63,7 @@ def __init__(self, file_handler: Optional[FileHandler] = None) -> None:
     def resolve_config(
         self,
         selector_method: Optional[str] = None,
-        dependency_file: Optional[str] = None,
+        dependency_files: Optional[list[str]] = None,
         use_cache: Optional[bool] = None,
         package_ecosystem: Optional[PackageEcosystems] = None,
         recursive: Optional[bool] = None,
@@ -107,7 +107,7 @@ def resolve_config(
             final_recursive = DEFAULT_RECURSIVE
 
         return TwynConfiguration(
-            dependency_file=dependency_file or read_config.dependency_file,
+            dependency_file=dependency_files or read_config.dependency_file,
             selector_method=final_selector_method,
             allowlist=read_config.allowlist,
             source=read_config.source,
@@ -147,6 +147,8 @@ def _get_read_config(self, toml: TOMLDocument) -> ReadTwynConfiguration:
             allowlist=set(twyn_config_data.get("allowlist", set())),
             source=twyn_config_data.get("source"),
             use_cache=twyn_config_data.get("use_cache"),
+            package_ecosystem=twyn_config_data.get("package_ecosystem"),
+            recursive=twyn_config_data.get("recursive"),
         )
 
     def _write_config(self, toml: TOMLDocument, config: ReadTwynConfiguration) -> None:

src/twyn/main.py

@@ -37,7 +37,7 @@
 def check_dependencies(
     selector_method: Union[SelectorMethod, None] = None,
     config_file: Optional[str] = None,
-    dependency_file: Optional[str] = None,
+    dependency_file: Optional[list[str]] = None,
     dependencies: Optional[set[str]] = None,
     use_cache: Optional[bool] = True,
     show_progress_bar: bool = False,
@@ -68,7 +68,7 @@ def check_dependencies(
         load_config_from_file=load_config_from_file,
         config_file=config_file,
         selector_method=selector_method,
-        dependency_file=dependency_file,
+        dependency_files=dependency_file,
         use_cache=use_cache,
         package_ecosystem=package_ecosystem,
         recursive=recursive,
@@ -104,7 +104,7 @@ def check_dependencies(
         maybe_cache_handler=maybe_cache_handler,
         allowlist=config.allowlist,
         show_progress_bar=show_progress_bar,
-        dependency_file=config.dependency_file,
+        dependency_files=config.dependency_file,
     )
 
 
@@ -153,7 +153,7 @@ def _analyze_packages_from_source(
     allowlist: set[str],
     selector_method: SelectorMethod,
     show_progress_bar: bool,
-    dependency_file: Optional[str],
+    dependency_files: Optional[list[str]],
     source: Optional[str],
     maybe_cache_handler: Optional[CacheHandler],
 ) -> TyposquatCheckResults:
@@ -180,11 +180,24 @@ def _analyze_packages_from_source(
                 top_package_reference, trusted_packages, parser.parse(), allowlist, show_progress_bar, parser.file_path
             )
 
-            if analyzed_dependencies:
-                results.append(
-                    TyposquatCheckResultFromSource(source=str(parser.file_path), errors=analyzed_dependencies)
+            packages_from_source = top_package_reference.get_packages()
+            trusted_packages = TrustedPackages(
+                names=packages_from_source,
+                algorithm=EditDistance(),
+                selector=selector_method,
+                threshold_class=SimilarityThreshold,
+            )
+            results: list[TyposquatCheckResultFromSource] = []
+            for parser in parsers:
+                analyzed_dependencies = _analyze_dependencies(
+                    top_package_reference, trusted_packages, parser.parse(), allowlist, show_progress_bar
                 )
-        typos_by_file.results += results
+
+                if analyzed_dependencies:
+                    results.append(
+                        TyposquatCheckResultFromSource(source=str(parser.file_path), errors=analyzed_dependencies)
+                    )
+            typos_by_file.results += results
 
     return typos_by_file
 
@@ -274,7 +287,7 @@ def _get_config(
     load_config_from_file: bool,
     config_file: Optional[str],
     selector_method: Union[SelectorMethod, None],
-    dependency_file: Optional[str],
+    dependency_files: Optional[list[str]],
     use_cache: Optional[bool],
     package_ecosystem: Optional[PackageEcosystems],
     recursive: Optional[bool],
@@ -286,7 +299,7 @@ def _get_config(
         config_file_handler = None
     return ConfigHandler(config_file_handler).resolve_config(
         selector_method=selector_method,
-        dependency_file=dependency_file,
+        dependency_files=dependency_files,
         use_cache=use_cache,
         package_ecosystem=package_ecosystem,
         recursive=recursive,

tests/main/test_main.py

@@ -114,7 +114,7 @@ def test_options_priorities_assignation(
         with patch.object(handler, "_read_toml", return_value=parse(dumps({"tool": {"twyn": file_config}}))):
             resolved = handler.resolve_config(
                 selector_method=cli_config.get("selector_method"),
-                dependency_file=cli_config.get("dependency_file"),
+                dependency_files=cli_config.get("dependency_file"),
                 use_cache=cli_config.get("use_cache"),
             )