From 7030fa72d97901cceb2bc410a4431675d70b97c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Tue, 22 Apr 2025 16:15:46 +0100 Subject: [PATCH 01/10] changed git report message --- lib/reporting/sarif.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go index 27cc7146..a5b10841 100644 --- a/lib/reporting/sarif.go +++ b/lib/reporting/sarif.go @@ -69,6 +69,17 @@ func hasNoResults(report Report) bool { } func messageText(ruleName string, filePath string) string { + finalPath := filePath + + // maintain only the filename if the scan target is git + if strings.HasPrefix(finalPath, "git show ") { + trimmed := strings.TrimPrefix(finalPath, "git show ") + parts := strings.Split(trimmed, ":") + if len(parts) == 2 { + return parts[1] + } + } + return fmt.Sprintf("%s has detected secret for file %s.", ruleName, filePath) } From 4e6a16ed3686e05c13cfb308fb18f0eb629525c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Tue, 22 Apr 2025 16:19:40 +0100 Subject: [PATCH 02/10] replaced incorrect variable --- lib/reporting/sarif.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go index a5b10841..44b3ba59 100644 --- a/lib/reporting/sarif.go +++ b/lib/reporting/sarif.go @@ -76,11 +76,11 @@ func messageText(ruleName string, filePath string) string { trimmed := strings.TrimPrefix(finalPath, "git show ") parts := strings.Split(trimmed, ":") if len(parts) == 2 { - return parts[1] + finalPath = strings.ReplaceAll(parts[1], "/", "\\") } } - return fmt.Sprintf("%s has detected secret for file %s.", ruleName, filePath) + return fmt.Sprintf("%s has detected secret for file %s.", ruleName, finalPath) } func getResults(report Report) []Results { From cc4c6602439176e7479b4e009153dabc80d5fa05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Tue, 22 Apr 2025 16:54:07 +0100 Subject: [PATCH 03/10] removed unnecessary variable --- lib/reporting/sarif.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go index 44b3ba59..3fc20fc6 100644 --- a/lib/reporting/sarif.go +++ b/lib/reporting/sarif.go @@ -69,18 +69,16 @@ func hasNoResults(report Report) bool { } func messageText(ruleName string, filePath string) string { - finalPath := filePath - // maintain only the filename if the scan target is git - if strings.HasPrefix(finalPath, "git show ") { - trimmed := strings.TrimPrefix(finalPath, "git show ") + if strings.HasPrefix(filePath, "git show ") { + trimmed := strings.TrimPrefix(filePath, "git show ") parts := strings.Split(trimmed, ":") if len(parts) == 2 { - finalPath = strings.ReplaceAll(parts[1], "/", "\\") + filePath = strings.ReplaceAll(parts[1], "/", "\\") } } - return fmt.Sprintf("%s has detected secret for file %s.", ruleName, finalPath) + return fmt.Sprintf("%s has detected secret for file %s.", ruleName, filePath) } func getResults(report Report) []Results { From 85f635f45a51edc5341591b1e316a87794538a5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Tue, 22 Apr 2025 16:59:38 +0100 Subject: [PATCH 04/10] removed unnecessary trim --- lib/reporting/sarif.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go index 3fc20fc6..440dec99 100644 --- a/lib/reporting/sarif.go +++ b/lib/reporting/sarif.go @@ -71,8 +71,7 @@ func hasNoResults(report Report) bool { func messageText(ruleName string, filePath string) string { // maintain only the filename if the scan target is git if strings.HasPrefix(filePath, "git show ") { - trimmed := strings.TrimPrefix(filePath, "git show ") - parts := strings.Split(trimmed, ":") + parts := strings.Split(filePath, ":") if len(parts) == 2 { filePath = strings.ReplaceAll(parts[1], "/", "\\") } From 26cd62d6803e44564ebc65d4632cc76e2be8456c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Wed, 23 Apr 2025 17:00:07 +0100 Subject: [PATCH 05/10] reverted part of the changes --- lib/reporting/sarif.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go index 440dec99..9f7c25f5 100644 --- a/lib/reporting/sarif.go +++ b/lib/reporting/sarif.go @@ -71,10 +71,7 @@ func hasNoResults(report Report) bool { func messageText(ruleName string, filePath string) string { // maintain only the filename if the scan target is git if strings.HasPrefix(filePath, "git show ") { - parts := strings.Split(filePath, ":") - if len(parts) == 2 { - filePath = strings.ReplaceAll(parts[1], "/", "\\") - } + filePath = strings.Split(filePath, ":")[1] } return fmt.Sprintf("%s has detected secret for file %s.", ruleName, filePath) From a811058a204ec462975296b1c48c205111e1e63a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Thu, 8 May 2025 12:32:46 +0100 Subject: [PATCH 06/10] replaced split with splitn in new messageText function to account for more cases --- lib/reporting/sarif.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go index 9f7c25f5..36eb730a 100644 --- a/lib/reporting/sarif.go +++ b/lib/reporting/sarif.go @@ -71,7 +71,7 @@ func hasNoResults(report Report) bool { func messageText(ruleName string, filePath string) string { // maintain only the filename if the scan target is git if strings.HasPrefix(filePath, "git show ") { - filePath = strings.Split(filePath, ":")[1] + filePath = strings.SplitN(filePath, ":", 2)[1] } return fmt.Sprintf("%s has detected secret for file %s.", ruleName, filePath) From 21713bb92673bf63dd873a9bb1fb4117586127ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Thu, 8 May 2025 15:37:59 +0100 Subject: [PATCH 07/10] improved message text function and added tests --- lib/reporting/report_test.go | 6 ++-- lib/reporting/sarif.go | 9 ++++-- lib/reporting/sarif_test.go | 56 ++++++++++++++++++++++++++++++++++++ 3 files changed, 65 insertions(+), 6 deletions(-) create mode 100644 lib/reporting/sarif_test.go diff --git a/lib/reporting/report_test.go b/lib/reporting/report_test.go index 84d79047..d17f67da 100644 --- a/lib/reporting/report_test.go +++ b/lib/reporting/report_test.go @@ -82,7 +82,7 @@ var ( // sarif results result1Sarif = Results{ Message: Message{ - Text: messageText(result1.RuleID, result1.Source), + Text: createMessageText(result1.RuleID, result1.Source), }, RuleId: ruleID1, Locations: []Locations{ @@ -113,7 +113,7 @@ var ( } result2Sarif = Results{ Message: Message{ - Text: messageText(result2.RuleID, result2.Source), + Text: createMessageText(result2.RuleID, result2.Source), }, RuleId: ruleID2, Locations: []Locations{ @@ -144,7 +144,7 @@ var ( } result3Sarif = Results{ Message: Message{ - Text: messageText(result3.RuleID, result3.Source), + Text: createMessageText(result3.RuleID, result3.Source), }, RuleId: ruleID1, Locations: []Locations{ diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go index 36eb730a..9531beab 100644 --- a/lib/reporting/sarif.go +++ b/lib/reporting/sarif.go @@ -68,10 +68,13 @@ func hasNoResults(report Report) bool { return len(report.Results) == 0 } -func messageText(ruleName string, filePath string) string { +func createMessageText(ruleName string, filePath string) string { // maintain only the filename if the scan target is git if strings.HasPrefix(filePath, "git show ") { - filePath = strings.SplitN(filePath, ":", 2)[1] + filePathParts := strings.SplitN(filePath, ":", 2) + if len(filePathParts) == 2 { + filePath = filePathParts[1] + } } return fmt.Sprintf("%s has detected secret for file %s.", ruleName, filePath) @@ -90,7 +93,7 @@ func getResults(report Report) []Results { for _, secret := range secrets { r := Results{ Message: Message{ - Text: messageText(secret.RuleID, secret.Source), + Text: createMessageText(secret.RuleID, secret.Source), }, RuleId: secret.RuleID, Locations: getLocation(secret), diff --git a/lib/reporting/sarif_test.go b/lib/reporting/sarif_test.go new file mode 100644 index 00000000..30124191 --- /dev/null +++ b/lib/reporting/sarif_test.go @@ -0,0 +1,56 @@ +package reporting + +import ( + "fmt" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestCreateMessageText(t *testing.T) { + tests := []struct { + Name string + RuleName string + FilePath string + ExpectedMessage string + }{ + { + Name: "Filesystem file name", + RuleName: "Test Rule", + FilePath: "folder/filename.txt", + ExpectedMessage: "Test Rule has detected secret for file folder/filename.txt.", + }, + { + Name: "Simple git filename", + RuleName: "Test Rule 2", + FilePath: "git show 1a9f3c87b4d029f54e8c72d8b11a78f6a3c29d2e:folder/filename.txt", + ExpectedMessage: "Test Rule 2 has detected secret for file folder/filename.txt.", + }, + { + Name: "Broken git file name with no commit hash", + RuleName: "Test Rule 3", + FilePath: "git show folder/filename.txt", + ExpectedMessage: "Test Rule 3 has detected secret for file git show folder/filename.txt.", + }, + { + Name: "Git file name with one colon character", + RuleName: "Test Rule 4", + FilePath: "git show d8e914f06d8d4494bd4f9ab2a2c9c88f78ef25ad:folder/filename:secondpart.txt", + ExpectedMessage: "Test Rule 4 has detected secret for file folder/filename:secondpart.txt.", + }, + { + Name: "Git file name with multiple colon character", + RuleName: "Test Rule 5", + FilePath: "git show a73b5cf94f0b29e1cc6e71a092f6b8ebc1d0e002:folder:secondfolderpart/filename:secondpart.txt", + ExpectedMessage: "Test Rule 5 has detected secret for file folder:secondfolderpart/filename:secondpart.txt.", + }, + } + + for _, tt := range tests { + t.Run(tt.Name, func(t *testing.T) { + message := createMessageText(tt.RuleName, tt.FilePath) + fmt.Printf("%v", message) + assert.Equal(t, tt.ExpectedMessage, message) + }) + } +} From 30ef187166b85e74c6994f6985ed3f4beef74e52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Fri, 9 May 2025 16:04:38 +0100 Subject: [PATCH 08/10] Improved test structure --- lib/reporting/sarif_test.go | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/lib/reporting/sarif_test.go b/lib/reporting/sarif_test.go index 30124191..aff013eb 100644 --- a/lib/reporting/sarif_test.go +++ b/lib/reporting/sarif_test.go @@ -8,6 +8,8 @@ import ( ) func TestCreateMessageText(t *testing.T) { + messagePrefix := "Test Rule has detected secret for file %s." + tests := []struct { Name string RuleName string @@ -16,33 +18,33 @@ func TestCreateMessageText(t *testing.T) { }{ { Name: "Filesystem file name", - RuleName: "Test Rule", + RuleName: ruleName, FilePath: "folder/filename.txt", - ExpectedMessage: "Test Rule has detected secret for file folder/filename.txt.", + ExpectedMessage: sprintf(messagePrefix, "folder/filename.txt"), }, { Name: "Simple git filename", - RuleName: "Test Rule 2", + RuleName: ruleName, FilePath: "git show 1a9f3c87b4d029f54e8c72d8b11a78f6a3c29d2e:folder/filename.txt", - ExpectedMessage: "Test Rule 2 has detected secret for file folder/filename.txt.", + ExpectedMessage: sprintf(messagePrefix, "folder/filename.txt"), }, { Name: "Broken git file name with no commit hash", - RuleName: "Test Rule 3", + RuleName: ruleName, FilePath: "git show folder/filename.txt", - ExpectedMessage: "Test Rule 3 has detected secret for file git show folder/filename.txt.", + ExpectedMessage: sprintf(messagePrefix, "folder/filename.txt"), }, { Name: "Git file name with one colon character", - RuleName: "Test Rule 4", + RuleName: ruleName, FilePath: "git show d8e914f06d8d4494bd4f9ab2a2c9c88f78ef25ad:folder/filename:secondpart.txt", - ExpectedMessage: "Test Rule 4 has detected secret for file folder/filename:secondpart.txt.", + ExpectedMessage: sprintf(messagePrefix, "folder/filename:secondpart.txt"), }, { Name: "Git file name with multiple colon character", - RuleName: "Test Rule 5", + RuleName: ruleName, FilePath: "git show a73b5cf94f0b29e1cc6e71a092f6b8ebc1d0e002:folder:secondfolderpart/filename:secondpart.txt", - ExpectedMessage: "Test Rule 5 has detected secret for file folder:secondfolderpart/filename:secondpart.txt.", + ExpectedMessage: sprintf(messagePrefix, "folder:secondfolderpart/filename:secondpart.txt"), }, } From b21ebf372e3c64703ec665411795e52528dba943 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Fri, 9 May 2025 16:11:26 +0100 Subject: [PATCH 09/10] fixed test --- lib/reporting/sarif_test.go | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/lib/reporting/sarif_test.go b/lib/reporting/sarif_test.go index aff013eb..282d98ab 100644 --- a/lib/reporting/sarif_test.go +++ b/lib/reporting/sarif_test.go @@ -8,8 +8,9 @@ import ( ) func TestCreateMessageText(t *testing.T) { - messagePrefix := "Test Rule has detected secret for file %s." - + ruleName := "Test Rule" + messagePrefix := ruleName + " has detected secret for file %s." + tests := []struct { Name string RuleName string @@ -20,31 +21,31 @@ func TestCreateMessageText(t *testing.T) { Name: "Filesystem file name", RuleName: ruleName, FilePath: "folder/filename.txt", - ExpectedMessage: sprintf(messagePrefix, "folder/filename.txt"), + ExpectedMessage: fmt.Sprintf(messagePrefix, "folder/filename.txt"), }, { Name: "Simple git filename", RuleName: ruleName, FilePath: "git show 1a9f3c87b4d029f54e8c72d8b11a78f6a3c29d2e:folder/filename.txt", - ExpectedMessage: sprintf(messagePrefix, "folder/filename.txt"), + ExpectedMessage: fmt.Sprintf(messagePrefix, "folder/filename.txt"), }, { Name: "Broken git file name with no commit hash", RuleName: ruleName, FilePath: "git show folder/filename.txt", - ExpectedMessage: sprintf(messagePrefix, "folder/filename.txt"), + ExpectedMessage: fmt.Sprintf(messagePrefix, "git show folder/filename.txt"), }, { Name: "Git file name with one colon character", RuleName: ruleName, FilePath: "git show d8e914f06d8d4494bd4f9ab2a2c9c88f78ef25ad:folder/filename:secondpart.txt", - ExpectedMessage: sprintf(messagePrefix, "folder/filename:secondpart.txt"), + ExpectedMessage: fmt.Sprintf(messagePrefix, "folder/filename:secondpart.txt"), }, { Name: "Git file name with multiple colon character", RuleName: ruleName, FilePath: "git show a73b5cf94f0b29e1cc6e71a092f6b8ebc1d0e002:folder:secondfolderpart/filename:secondpart.txt", - ExpectedMessage: sprintf(messagePrefix, "folder:secondfolderpart/filename:secondpart.txt"), + ExpectedMessage: fmt.Sprintf(messagePrefix, "folder:secondfolderpart/filename:secondpart.txt"), }, } From a7ee11eec4b841b176879ad17a9c8fd7c82ff8fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlio=20Silva?= <158049359+cx-julio-silva@users.noreply.github.com> Date: Fri, 9 May 2025 16:14:36 +0100 Subject: [PATCH 10/10] removed unnecessary test field --- lib/reporting/sarif_test.go | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/lib/reporting/sarif_test.go b/lib/reporting/sarif_test.go index 282d98ab..3b903810 100644 --- a/lib/reporting/sarif_test.go +++ b/lib/reporting/sarif_test.go @@ -13,37 +13,31 @@ func TestCreateMessageText(t *testing.T) { tests := []struct { Name string - RuleName string FilePath string ExpectedMessage string }{ { Name: "Filesystem file name", - RuleName: ruleName, FilePath: "folder/filename.txt", ExpectedMessage: fmt.Sprintf(messagePrefix, "folder/filename.txt"), }, { Name: "Simple git filename", - RuleName: ruleName, FilePath: "git show 1a9f3c87b4d029f54e8c72d8b11a78f6a3c29d2e:folder/filename.txt", ExpectedMessage: fmt.Sprintf(messagePrefix, "folder/filename.txt"), }, { Name: "Broken git file name with no commit hash", - RuleName: ruleName, FilePath: "git show folder/filename.txt", ExpectedMessage: fmt.Sprintf(messagePrefix, "git show folder/filename.txt"), }, { Name: "Git file name with one colon character", - RuleName: ruleName, FilePath: "git show d8e914f06d8d4494bd4f9ab2a2c9c88f78ef25ad:folder/filename:secondpart.txt", ExpectedMessage: fmt.Sprintf(messagePrefix, "folder/filename:secondpart.txt"), }, { Name: "Git file name with multiple colon character", - RuleName: ruleName, FilePath: "git show a73b5cf94f0b29e1cc6e71a092f6b8ebc1d0e002:folder:secondfolderpart/filename:secondpart.txt", ExpectedMessage: fmt.Sprintf(messagePrefix, "folder:secondfolderpart/filename:secondpart.txt"), }, @@ -51,7 +45,7 @@ func TestCreateMessageText(t *testing.T) { for _, tt := range tests { t.Run(tt.Name, func(t *testing.T) { - message := createMessageText(tt.RuleName, tt.FilePath) + message := createMessageText(ruleName, tt.FilePath) fmt.Printf("%v", message) assert.Equal(t, tt.ExpectedMessage, message) })