From 3958c1a036fa288588f1c60846c16469e9d61475 Mon Sep 17 00:00:00 2001 From: Sharang Parnerkar Date: Mon, 9 Mar 2026 12:08:55 +0100 Subject: [PATCH] style: fix cargo fmt formatting Co-Authored-By: Claude Opus 4.6 --- compliance-agent/src/api/handlers/chat.rs | 3 +- compliance-agent/src/api/handlers/graph.rs | 3 +- compliance-agent/src/api/handlers/mod.rs | 7 +++- compliance-agent/src/api/routes.rs | 5 ++- compliance-agent/src/llm/triage.rs | 15 ++++++-- compliance-agent/src/pipeline/cve.rs | 29 +++++++-------- compliance-agent/src/pipeline/git.rs | 4 +- compliance-agent/src/pipeline/gitleaks.rs | 21 +++++++++-- compliance-agent/src/pipeline/lint.rs | 37 ++++++++++--------- compliance-agent/src/ssh.rs | 14 +++---- compliance-core/src/models/mod.rs | 2 +- compliance-core/src/models/repository.rs | 10 ++++- compliance-core/src/models/serde_helpers.rs | 4 +- .../src/infrastructure/config.rs | 4 +- .../src/infrastructure/findings.rs | 5 +-- .../src/infrastructure/repositories.rs | 5 +-- .../src/infrastructure/server.rs | 16 ++------ 17 files changed, 99 insertions(+), 85 deletions(-) diff --git a/compliance-agent/src/api/handlers/chat.rs b/compliance-agent/src/api/handlers/chat.rs index 9413f99..0fafe85 100644 --- a/compliance-agent/src/api/handlers/chat.rs +++ b/compliance-agent/src/api/handlers/chat.rs @@ -192,7 +192,8 @@ pub async fn build_embeddings( auth_token: repo.auth_token.clone(), auth_username: repo.auth_username.clone(), }; - let git_ops = crate::pipeline::git::GitOps::new(&agent_clone.config.git_clone_base_path, creds); + let git_ops = + crate::pipeline::git::GitOps::new(&agent_clone.config.git_clone_base_path, creds); let repo_path = match git_ops.clone_or_fetch(&repo.git_url, &repo.name) { Ok(p) => p, Err(e) => { diff --git a/compliance-agent/src/api/handlers/graph.rs b/compliance-agent/src/api/handlers/graph.rs index bfbafec..a797ee7 100644 --- a/compliance-agent/src/api/handlers/graph.rs +++ b/compliance-agent/src/api/handlers/graph.rs @@ -296,7 +296,8 @@ pub async fn trigger_build( auth_token: repo.auth_token.clone(), auth_username: repo.auth_username.clone(), }; - let git_ops = crate::pipeline::git::GitOps::new(&agent_clone.config.git_clone_base_path, creds); + let git_ops = + crate::pipeline::git::GitOps::new(&agent_clone.config.git_clone_base_path, creds); let repo_path = match git_ops.clone_or_fetch(&repo.git_url, &repo.name) { Ok(p) => p, Err(e) => { diff --git a/compliance-agent/src/api/handlers/mod.rs b/compliance-agent/src/api/handlers/mod.rs index d3bb3f1..a9a8801 100644 --- a/compliance-agent/src/api/handlers/mod.rs +++ b/compliance-agent/src/api/handlers/mod.rs @@ -315,7 +315,12 @@ pub async fn add_repository( .repositories() .insert_one(&repo) .await - .map_err(|_| (StatusCode::CONFLICT, "Repository already exists".to_string()))?; + .map_err(|_| { + ( + StatusCode::CONFLICT, + "Repository already exists".to_string(), + ) + })?; Ok(Json(ApiResponse { data: repo, diff --git a/compliance-agent/src/api/routes.rs b/compliance-agent/src/api/routes.rs index 8d42d9c..f355040 100644 --- a/compliance-agent/src/api/routes.rs +++ b/compliance-agent/src/api/routes.rs @@ -7,7 +7,10 @@ pub fn build_router() -> Router { Router::new() .route("/api/v1/health", get(handlers::health)) .route("/api/v1/stats/overview", get(handlers::stats_overview)) - .route("/api/v1/settings/ssh-public-key", get(handlers::get_ssh_public_key)) + .route( + "/api/v1/settings/ssh-public-key", + get(handlers::get_ssh_public_key), + ) .route("/api/v1/repositories", get(handlers::list_repositories)) .route("/api/v1/repositories", post(handlers::add_repository)) .route( diff --git a/compliance-agent/src/llm/triage.rs b/compliance-agent/src/llm/triage.rs index e641bcb..62d056d 100644 --- a/compliance-agent/src/llm/triage.rs +++ b/compliance-agent/src/llm/triage.rs @@ -47,7 +47,9 @@ pub async fn triage_findings( // Enrich with surrounding code context if possible if let Some(context) = read_surrounding_context(finding) { - user_prompt.push_str(&format!("\n\n--- Surrounding Code (50 lines) ---\n{context}")); + user_prompt.push_str(&format!( + "\n\n--- Surrounding Code (50 lines) ---\n{context}" + )); } // Enrich with graph context if available @@ -98,7 +100,8 @@ pub async fn triage_findings( }; if let Ok(result) = serde_json::from_str::(cleaned) { // Apply file-path confidence adjustment - let adjusted_confidence = adjust_confidence(result.confidence, &file_classification); + let adjusted_confidence = + adjust_confidence(result.confidence, &file_classification); finding.confidence = Some(adjusted_confidence); finding.triage_action = Some(result.action.clone()); finding.triage_rationale = Some(result.rationale); @@ -235,7 +238,9 @@ fn adjust_confidence(raw_confidence: f64, classification: &str) -> f64 { raw_confidence * multiplier } -fn downgrade_severity(severity: &compliance_core::models::Severity) -> compliance_core::models::Severity { +fn downgrade_severity( + severity: &compliance_core::models::Severity, +) -> compliance_core::models::Severity { use compliance_core::models::Severity; match severity { Severity::Critical => Severity::High, @@ -246,7 +251,9 @@ fn downgrade_severity(severity: &compliance_core::models::Severity) -> complianc } } -fn upgrade_severity(severity: &compliance_core::models::Severity) -> compliance_core::models::Severity { +fn upgrade_severity( + severity: &compliance_core::models::Severity, +) -> compliance_core::models::Severity { use compliance_core::models::Severity; match severity { Severity::Info => Severity::Low, diff --git a/compliance-agent/src/pipeline/cve.rs b/compliance-agent/src/pipeline/cve.rs index 63649cb..0a8e8b1 100644 --- a/compliance-agent/src/pipeline/cve.rs +++ b/compliance-agent/src/pipeline/cve.rs @@ -108,22 +108,19 @@ impl CveScanner { .await .map_err(|e| CoreError::Http(format!("Failed to parse OSV.dev response: {e}")))?; - let chunk_vulns = result - .results - .into_iter() - .map(|r| { - r.vulns - .unwrap_or_default() - .into_iter() - .map(|v| OsvVuln { - id: v.id, - summary: v.summary, - severity: v.database_specific.and_then(|d| { - d.get("severity").and_then(|s| s.as_str()).map(String::from) - }), - }) - .collect() - }); + let chunk_vulns = result.results.into_iter().map(|r| { + r.vulns + .unwrap_or_default() + .into_iter() + .map(|v| OsvVuln { + id: v.id, + summary: v.summary, + severity: v.database_specific.and_then(|d| { + d.get("severity").and_then(|s| s.as_str()).map(String::from) + }), + }) + .collect() + }); all_vulns.extend(chunk_vulns); } diff --git a/compliance-agent/src/pipeline/git.rs b/compliance-agent/src/pipeline/git.rs index 2585040..3647047 100644 --- a/compliance-agent/src/pipeline/git.rs +++ b/compliance-agent/src/pipeline/git.rs @@ -37,9 +37,7 @@ impl RepoCredentials { // HTTPS userpass authentication if allowed_types.contains(git2::CredentialType::USER_PASS_PLAINTEXT) { if let Some(ref tok) = token { - let user = username - .as_deref() - .unwrap_or("x-access-token"); + let user = username.as_deref().unwrap_or("x-access-token"); return Cred::userpass_plaintext(user, tok); } } diff --git a/compliance-agent/src/pipeline/gitleaks.rs b/compliance-agent/src/pipeline/gitleaks.rs index 032ef8f..5010e39 100644 --- a/compliance-agent/src/pipeline/gitleaks.rs +++ b/compliance-agent/src/pipeline/gitleaks.rs @@ -19,7 +19,18 @@ impl Scanner for GitleaksScanner { async fn scan(&self, repo_path: &Path, repo_id: &str) -> Result { let output = tokio::process::Command::new("gitleaks") - .args(["detect", "--source", ".", "--report-format", "json", "--report-path", "/dev/stdout", "--no-banner", "--exit-code", "0"]) + .args([ + "detect", + "--source", + ".", + "--report-format", + "json", + "--report-path", + "/dev/stdout", + "--no-banner", + "--exit-code", + "0", + ]) .current_dir(repo_path) .output() .await @@ -32,8 +43,8 @@ impl Scanner for GitleaksScanner { return Ok(ScanOutput::default()); } - let results: Vec = serde_json::from_slice(&output.stdout) - .unwrap_or_default(); + let results: Vec = + serde_json::from_slice(&output.stdout).unwrap_or_default(); let findings = results .into_iter() @@ -41,7 +52,9 @@ impl Scanner for GitleaksScanner { .map(|r| { let severity = match r.rule_id.as_str() { s if s.contains("private-key") => Severity::Critical, - s if s.contains("token") || s.contains("password") || s.contains("secret") => Severity::High, + s if s.contains("token") || s.contains("password") || s.contains("secret") => { + Severity::High + } s if s.contains("api-key") => Severity::High, _ => Severity::Medium, }; diff --git a/compliance-agent/src/pipeline/lint.rs b/compliance-agent/src/pipeline/lint.rs index 1cb767f..721357c 100644 --- a/compliance-agent/src/pipeline/lint.rs +++ b/compliance-agent/src/pipeline/lint.rs @@ -60,8 +60,7 @@ fn has_rust_project(repo_path: &Path) -> bool { fn has_js_project(repo_path: &Path) -> bool { // Only run if eslint is actually installed in the project - repo_path.join("package.json").exists() - && repo_path.join("node_modules/.bin/eslint").exists() + repo_path.join("package.json").exists() && repo_path.join("node_modules/.bin/eslint").exists() } fn has_python_project(repo_path: &Path) -> bool { @@ -99,7 +98,14 @@ async fn run_with_timeout( async fn run_clippy(repo_path: &Path, repo_id: &str) -> Result, CoreError> { let child = Command::new("cargo") - .args(["clippy", "--message-format=json", "--quiet", "--", "-W", "clippy::all"]) + .args([ + "clippy", + "--message-format=json", + "--quiet", + "--", + "-W", + "clippy::all", + ]) .current_dir(repo_path) .stdout(std::process::Stdio::piped()) .stderr(std::process::Stdio::piped()) @@ -128,10 +134,7 @@ async fn run_clippy(repo_path: &Path, repo_id: &str) -> Result, Cor None => continue, }; - let level = message - .get("level") - .and_then(|v| v.as_str()) - .unwrap_or(""); + let level = message.get("level").and_then(|v| v.as_str()).unwrap_or(""); if level != "warning" && level != "error" { continue; @@ -162,8 +165,13 @@ async fn run_clippy(repo_path: &Path, repo_id: &str) -> Result, Cor Severity::Low }; - let fingerprint = - dedup::compute_fingerprint(&[repo_id, "clippy", &code, &file_path, &line_number.to_string()]); + let fingerprint = dedup::compute_fingerprint(&[ + repo_id, + "clippy", + &code, + &file_path, + &line_number.to_string(), + ]); let mut finding = Finding::new( repo_id.to_string(), @@ -200,10 +208,7 @@ fn extract_primary_span(message: &serde_json::Value) -> (String, u32) { .and_then(|v| v.as_str()) .unwrap_or("") .to_string(); - let line = span - .get("line_start") - .and_then(|v| v.as_u64()) - .unwrap_or(0) as u32; + let line = span.get("line_start").and_then(|v| v.as_u64()).unwrap_or(0) as u32; return (file, line); } } @@ -233,8 +238,7 @@ async fn run_eslint(repo_path: &Path, repo_id: &str) -> Result, Cor return Ok(Vec::new()); } - let results: Vec = - serde_json::from_slice(&output.stdout).unwrap_or_default(); + let results: Vec = serde_json::from_slice(&output.stdout).unwrap_or_default(); let mut findings = Vec::new(); for file_result in results { @@ -308,8 +312,7 @@ async fn run_ruff(repo_path: &Path, repo_id: &str) -> Result, CoreE return Ok(Vec::new()); } - let results: Vec = - serde_json::from_slice(&output.stdout).unwrap_or_default(); + let results: Vec = serde_json::from_slice(&output.stdout).unwrap_or_default(); let findings = results .into_iter() diff --git a/compliance-agent/src/ssh.rs b/compliance-agent/src/ssh.rs index 470565d..772a0c0 100644 --- a/compliance-agent/src/ssh.rs +++ b/compliance-agent/src/ssh.rs @@ -9,9 +9,8 @@ pub fn ensure_ssh_key(key_path: &str) -> Result { let public_path = private_path.with_extension("pub"); if private_path.exists() && public_path.exists() { - return std::fs::read_to_string(&public_path).map_err(|e| { - AgentError::Config(format!("Failed to read SSH public key: {e}")) - }); + return std::fs::read_to_string(&public_path) + .map_err(|e| AgentError::Config(format!("Failed to read SSH public key: {e}"))); } // Create parent directory @@ -36,9 +35,7 @@ pub fn ensure_ssh_key(key_path: &str) -> Result { if !output.status.success() { let stderr = String::from_utf8_lossy(&output.stderr); - return Err(AgentError::Config(format!( - "ssh-keygen failed: {stderr}" - ))); + return Err(AgentError::Config(format!("ssh-keygen failed: {stderr}"))); } // Set correct permissions @@ -48,9 +45,8 @@ pub fn ensure_ssh_key(key_path: &str) -> Result { std::fs::set_permissions(private_path, std::fs::Permissions::from_mode(0o600))?; } - let public_key = std::fs::read_to_string(&public_path).map_err(|e| { - AgentError::Config(format!("Failed to read generated SSH public key: {e}")) - })?; + let public_key = std::fs::read_to_string(&public_path) + .map_err(|e| AgentError::Config(format!("Failed to read generated SSH public key: {e}")))?; tracing::info!("Generated new SSH key pair at {key_path}"); Ok(public_key) diff --git a/compliance-core/src/models/mod.rs b/compliance-core/src/models/mod.rs index a63ca9e..8d9f064 100644 --- a/compliance-core/src/models/mod.rs +++ b/compliance-core/src/models/mod.rs @@ -1,5 +1,4 @@ pub mod auth; -pub(crate) mod serde_helpers; pub mod chat; pub mod cve; pub mod dast; @@ -11,6 +10,7 @@ pub mod mcp; pub mod repository; pub mod sbom; pub mod scan; +pub(crate) mod serde_helpers; pub use auth::AuthInfo; pub use chat::{ChatMessage, ChatRequest, ChatResponse, SourceReference}; diff --git a/compliance-core/src/models/repository.rs b/compliance-core/src/models/repository.rs index 6842ba2..96fddf8 100644 --- a/compliance-core/src/models/repository.rs +++ b/compliance-core/src/models/repository.rs @@ -37,9 +37,15 @@ pub struct TrackedRepository { pub last_scanned_commit: Option, #[serde(default, deserialize_with = "deserialize_findings_count")] pub findings_count: u32, - #[serde(default = "chrono::Utc::now", with = "super::serde_helpers::bson_datetime")] + #[serde( + default = "chrono::Utc::now", + with = "super::serde_helpers::bson_datetime" + )] pub created_at: DateTime, - #[serde(default = "chrono::Utc::now", with = "super::serde_helpers::bson_datetime")] + #[serde( + default = "chrono::Utc::now", + with = "super::serde_helpers::bson_datetime" + )] pub updated_at: DateTime, } diff --git a/compliance-core/src/models/serde_helpers.rs b/compliance-core/src/models/serde_helpers.rs index b7f6dfd..2f7e347 100644 --- a/compliance-core/src/models/serde_helpers.rs +++ b/compliance-core/src/models/serde_helpers.rs @@ -22,9 +22,7 @@ pub mod bson_datetime { let bson_val = bson::Bson::deserialize(deserializer)?; match bson_val { bson::Bson::DateTime(dt) => Ok(dt.into()), - bson::Bson::String(s) => { - s.parse::>().map_err(serde::de::Error::custom) - } + bson::Bson::String(s) => s.parse::>().map_err(serde::de::Error::custom), other => Err(serde::de::Error::custom(format!( "expected DateTime or string, got: {other:?}" ))), diff --git a/compliance-dashboard/src/infrastructure/config.rs b/compliance-dashboard/src/infrastructure/config.rs index 2781328..8848a5f 100644 --- a/compliance-dashboard/src/infrastructure/config.rs +++ b/compliance-dashboard/src/infrastructure/config.rs @@ -14,6 +14,8 @@ pub fn load_config() -> Result { .ok() .and_then(|p| p.parse().ok()) .unwrap_or(8080), - mcp_endpoint_url: std::env::var("MCP_ENDPOINT_URL").ok().filter(|v| !v.is_empty()), + mcp_endpoint_url: std::env::var("MCP_ENDPOINT_URL") + .ok() + .filter(|v| !v.is_empty()), }) } diff --git a/compliance-dashboard/src/infrastructure/findings.rs b/compliance-dashboard/src/infrastructure/findings.rs index 92ed396..eefe518 100644 --- a/compliance-dashboard/src/infrastructure/findings.rs +++ b/compliance-dashboard/src/infrastructure/findings.rs @@ -120,10 +120,7 @@ pub async fn bulk_update_finding_status( } #[server] -pub async fn update_finding_feedback( - id: String, - feedback: String, -) -> Result<(), ServerFnError> { +pub async fn update_finding_feedback(id: String, feedback: String) -> Result<(), ServerFnError> { let state: super::server_state::ServerState = dioxus_fullstack::FullstackContext::extract().await?; let url = format!("{}/api/v1/findings/{id}/feedback", state.agent_api_url); diff --git a/compliance-dashboard/src/infrastructure/repositories.rs b/compliance-dashboard/src/infrastructure/repositories.rs index bb2ce28..6f55ae6 100644 --- a/compliance-dashboard/src/infrastructure/repositories.rs +++ b/compliance-dashboard/src/infrastructure/repositories.rs @@ -141,10 +141,7 @@ pub async fn trigger_repo_scan(repo_id: String) -> Result<(), ServerFnError> { pub async fn check_repo_scanning(repo_id: String) -> Result { let state: super::server_state::ServerState = dioxus_fullstack::FullstackContext::extract().await?; - let url = format!( - "{}/api/v1/scan-runs?page=1&limit=1", - state.agent_api_url - ); + let url = format!("{}/api/v1/scan-runs?page=1&limit=1", state.agent_api_url); let resp = reqwest::get(&url) .await diff --git a/compliance-dashboard/src/infrastructure/server.rs b/compliance-dashboard/src/infrastructure/server.rs index e526596..364c396 100644 --- a/compliance-dashboard/src/infrastructure/server.rs +++ b/compliance-dashboard/src/infrastructure/server.rs @@ -85,27 +85,17 @@ async fn seed_default_mcp_servers(db: &Database, mcp_endpoint_url: Option<&str>) ( "Findings MCP", "Exposes security findings, triage data, and finding summaries to LLM agents", - vec![ - "list_findings", - "get_finding", - "findings_summary", - ], + vec!["list_findings", "get_finding", "findings_summary"], ), ( "SBOM MCP", "Exposes software bill of materials and vulnerability reports to LLM agents", - vec![ - "list_sbom_packages", - "sbom_vuln_report", - ], + vec!["list_sbom_packages", "sbom_vuln_report"], ), ( "DAST MCP", "Exposes DAST scan findings and scan summaries to LLM agents", - vec![ - "list_dast_findings", - "dast_scan_summary", - ], + vec!["list_dast_findings", "dast_scan_summary"], ), ];