TypeError: 'NoneType' object is not subscriptable

[emersonramos]

Hi everyone.

I'm testing mobsfscan in a azure devops pipelines and I'm getting error. I'm using mobsfscan 0.3.9 version and I get follow error:

• Pattern Match ████████████████████████████████████████████████████████████ 58 Exception in thread Thread-1: Traceback (most recent call last): File "/usr/lib/python3.8/threading.py", line 932, in _bootstrap_inner self.run() File "/usr/lib/python3.8/threading.py", line 870, in run self._target(*self._args, *self._kwargs) File "/usr/local/lib/python3.8/dist-packages/libsast/common.py", line 46, in myrunner ret[0] = function(args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/libsast/core_sgrep/helpers.py", line 13, in invoke_semgrep from semgrep import semgrep_main File "/usr/local/lib/python3.8/dist-packages/semgrep/semgrep_main.py", line 20, in from semgrep.autofix import apply_fixes File "/usr/local/lib/python3.8/dist-packages/semgrep/autofix.py", line 8, in from semgrep.error import SemgrepError File "/usr/local/lib/python3.8/dist-packages/semgrep/error.py", line 20, in from semgrep.rule_lang import Position File "/usr/local/lib/python3.8/dist-packages/semgrep/rule_lang.py", line 20, in import jsonschema.exceptions File "/usr/local/lib/python3.8/dist-packages/jsonschema/init.py", line 13, in from jsonschema._format import FormatChecker File "/usr/local/lib/python3.8/dist-packages/jsonschema/_format.py", line 11, in from jsonschema.exceptions import FormatError File "/usr/local/lib/python3.8/dist-packages/jsonschema/exceptions.py", line 15, in from referencing.exceptions import Unresolvable as _Unresolvable File "/usr/local/lib/python3.8/dist-packages/referencing/init.py", line 5, in from referencing._core import Anchor, Registry, Resource, Specification File "/usr/local/lib/python3.8/dist-packages/referencing/_core.py", line 86, in class Specification(Generic[D]): File "/usr/local/lib/python3.8/dist-packages/referencing/_core.py", line 112, in Specification ] = field(alias="anchors_in") TypeError: field() got an unexpected keyword argument 'alias'
• Semantic Grep 1 Traceback (most recent call last): File "/usr/local/bin/mobsfscan", line 8, in sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/mobsfscan/main.py", line 78, in main scan_results = MobSFScan( File "/usr/local/lib/python3.8/dist-packages/mobsfscan/mobsfscan.py", line 104, in scan result = scanner.scan() File "/usr/local/lib/python3.8/dist-packages/libsast/scanner.py", line 64, in scan results['semantic_grep'] = SemanticGrep( File "/usr/local/lib/python3.8/dist-packages/libsast/core_sgrep/semantic_sgrep.py", line 41, in scan self.format_output(sgrep_out) File "/usr/local/lib/python3.8/dist-packages/libsast/core_sgrep/semantic_sgrep.py", line 50, in format_output for find in results['results']: TypeError: 'NoneType' object is not subscriptable

More info about my environment:

I'm running in a container:

NAME="Ubuntu" VERSION="20.04.6 LTS (Focal Fossa)" Python 3.8.10 pip 20.0.2 from /usr/lib/python3/dist-packages/pip (python 3.8) mobsfscan: v0.3.9 | Ajin Abraham | opensecurity.in

pip3 list Package Version

---

attrs 21.4.0 boltons 21.0.0 bracex 2.4 certifi 2019.11.28 chardet 3.0.4 charset-normalizer 3.3.2 click 8.1.7 click-option-group 0.5.6 colorama 0.4.6 dbus-python 1.2.16 defusedxml 0.7.1 exceptiongroup 1.2.1 face 22.0.0 glom 22.1.0 idna 2.8 importlib-resources 6.4.0 jschema-to-python 1.2.3 jsonpickle 3.2.1 jsonschema 4.22.0 jsonschema-specifications 2023.12.1 libsast 2.0.3 markdown-it-py 3.0.0 mdurl 0.1.2 mobsfscan 0.3.9 packaging 21.3 pbr 6.0.0 peewee 3.17.5 pip 20.0.2 pkgutil-resolve-name 1.3.10 pygments 2.18.0 PyGObject 3.36.0 pyparsing 3.1.2 python-apt 2.0.1+ubuntu0.20.4.1 python-lsp-jsonrpc 1.0.0 PyYAML 6.0.1 referencing 0.35.1 requests 2.32.3 requests-unixsocket 0.2.0 rich 13.7.1 rpds-py 0.18.1 ruamel.yaml 0.17.40 ruamel.yaml.clib 0.2.8 sarif-om 1.0.4 semgrep 0.117.0 setuptools 45.2.0 six 1.14.0 tabulate 0.9.0 tomli 2.0.1 tqdm 4.66.4 typing-extensions 4.12.2 ujson 5.10.0 urllib3 1.26.18 wcmatch 8.5.2 wheel 0.34.2 xmltodict 0.13.0 zipp 3.19.2

[ajinabraham]

This seems to be a semgrep error. Can you isolate it to the file that is causing this error or share sample code that replicates this behaviour?

[ajinabraham]

This should be addressed with latest semgrep bump.