=== command
SEMGREP_USER_AGENT_APPEND="pytest" SEMGREP_SETTINGS_FILE="<MASKED>" SEMGREP_VERSION_CACHE_PATH="<MASKED>" SEMGREP_ENABLE_VERSION_CHECK="0" SEMGREP_SEND_METRICS="off" semgrep --strict --config rules/dependency_aware/python-requirements-sca.yaml --json targets/dependency_aware/requirements_pip
=== end of command

=== exit code
0
=== end of exit code

=== stdout - plain
{
  "errors": [],
  "interfile_languages_used": [],
  "paths": {
    "scanned": [
      "targets/dependency_aware/requirements_pip/foo.py",
      "targets/dependency_aware/requirements_pip/requirements.pip"
    ]
  },
  "results": [
    {
      "check_id": "rules.dependency_aware.python-requirements-sca",
      "end": {
        "col": 6,
        "line": 1,
        "offset": 5
      },
      "extra": {
        "engine_kind": "OSS",
        "fingerprint": "0x42",
        "is_ignored": false,
        "lines": "bad()",
        "message": "oh no",
        "metadata": {},
        "metavars": {},
        "sca_info": {
          "dependency_match": {
            "dependency_pattern": {
              "ecosystem": "pypi",
              "package": "pandas",
              "semver_range": "<= 1.4.2"
            },
            "found_dependency": {
              "allowed_hashes": {},
              "ecosystem": "pypi",
              "line_number": 37,
              "lockfile_path": "targets/dependency_aware/requirements_pip/requirements.pip",
              "package": "pandas",
              "transitivity": "direct",
              "version": "1.4.2"
            },
            "lockfile": "targets/dependency_aware/requirements_pip/requirements.pip"
          },
          "reachability_rule": true,
          "reachable": true,
          "sca_finding_schema": 20220913
        },
        "severity": "WARNING",
        "validation_state": "NO_VALIDATOR"
      },
      "path": "targets/dependency_aware/requirements_pip/foo.py",
      "start": {
        "col": 1,
        "line": 1,
        "offset": 0
      }
    }
  ],
  "skipped_rules": [],
  "version": "0.42"
}
=== end of stdout - plain

=== stderr - plain


┌─────────────┐
│ Scan Status │
└─────────────┘
  Scanning 3 files tracked by git with 0 Code rules, 1 Supply Chain rule:


  CODE RULES
  Nothing to scan.

  SUPPLY CHAIN RULES
  Scanning 1 file.


┌──────────────┐
│ Scan Summary │
└──────────────┘

Ran 1 rule on 2 files: 1 finding.

=== end of stderr - plain

=== stdout - color
<same as above: stdout - plain>
=== end of stdout - color

=== stderr - color
<same as above: stderr - plain>
=== end of stderr - color