-
Notifications
You must be signed in to change notification settings - Fork 449
Refactor SARIF-related types and functions into a separate module #3528
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 4 commits
Commits
Show all changes
11 commits
Select commit
Hold shift + click to select a range
d7cfd19
Move SARIF types out of `util.ts`
mbg 2fce45b
Add wrapper around `JSON.parse` to `sarif` module
mbg 40aec38
Move more SARIF helpers to `sarif` module
mbg 3b16d31
Delete unused `fixInvalidNotifications` function
mbg ae9cb02
Add dependency on `@types/sarif`
mbg 9a31859
Use `@types/sarif`
mbg b43d146
Do not alias types
mbg 1721ce7
Address minor review comments
mbg 28b449d
Improve version handling in `combineSarifFiles`
mbg 6d060bb
Return `Partial<Log>` from `readSarifFile`
mbg 2a2f4c3
Add docs for `automationId`
mbg File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| import * as fs from "fs"; | ||
|
|
||
| import test from "ava"; | ||
|
|
||
| import { setupTests } from "../testing-utils"; | ||
|
|
||
| import { getToolNames, type SarifFile } from "."; | ||
|
|
||
| setupTests(test); | ||
|
|
||
| test("getToolNames", (t) => { | ||
| const input = fs.readFileSync( | ||
| `${__dirname}/../../src/testdata/tool-names.sarif`, | ||
| "utf8", | ||
| ); | ||
| const toolNames = getToolNames(JSON.parse(input) as SarifFile); | ||
| t.deepEqual(toolNames, ["CodeQL command-line toolchain", "ESLint"]); | ||
| }); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,189 @@ | ||
| import * as fs from "fs"; | ||
|
|
||
| import { Logger } from "../logging"; | ||
|
|
||
| export interface SarifLocation { | ||
| physicalLocation?: { | ||
| artifactLocation?: { | ||
| uri?: string; | ||
| }; | ||
| }; | ||
| } | ||
|
|
||
| export interface SarifNotification { | ||
| locations?: SarifLocation[]; | ||
| } | ||
|
|
||
| export interface SarifInvocation { | ||
| toolExecutionNotifications?: SarifNotification[]; | ||
| } | ||
|
|
||
| export interface SarifResult { | ||
| ruleId?: string; | ||
| rule?: { | ||
| id?: string; | ||
| }; | ||
| message?: { | ||
| text?: string; | ||
| }; | ||
| locations: Array<{ | ||
| physicalLocation: { | ||
| artifactLocation: { | ||
| uri: string; | ||
| }; | ||
| region?: { | ||
| startLine?: number; | ||
| }; | ||
| }; | ||
| }>; | ||
| relatedLocations?: Array<{ | ||
| physicalLocation: { | ||
| artifactLocation: { | ||
| uri: string; | ||
| }; | ||
| region?: { | ||
| startLine?: number; | ||
| }; | ||
| }; | ||
| }>; | ||
| partialFingerprints: { | ||
| primaryLocationLineHash?: string; | ||
| }; | ||
| } | ||
|
|
||
| export interface SarifRun { | ||
| tool?: { | ||
| driver?: { | ||
| guid?: string; | ||
| name?: string; | ||
| fullName?: string; | ||
| semanticVersion?: string; | ||
| version?: string; | ||
| }; | ||
| }; | ||
| automationDetails?: { | ||
| id?: string; | ||
| }; | ||
| artifacts?: string[]; | ||
| invocations?: SarifInvocation[]; | ||
| results?: SarifResult[]; | ||
| } | ||
|
|
||
| export interface SarifFile { | ||
| version?: string | null; | ||
| runs: SarifRun[]; | ||
| } | ||
|
|
||
| export type SarifRunKey = { | ||
| name: string | undefined; | ||
| fullName: string | undefined; | ||
| version: string | undefined; | ||
| semanticVersion: string | undefined; | ||
| guid: string | undefined; | ||
| automationId: string | undefined; | ||
| }; | ||
|
|
||
| /** | ||
| * An error that occurred due to an invalid SARIF upload request. | ||
| */ | ||
| export class InvalidSarifUploadError extends Error {} | ||
|
|
||
| /** | ||
| * Get the array of all the tool names contained in the given sarif contents. | ||
| * | ||
| * Returns an array of unique string tool names. | ||
| */ | ||
| export function getToolNames(sarif: SarifFile): string[] { | ||
| const toolNames = {}; | ||
|
|
||
| for (const run of sarif.runs || []) { | ||
| const tool = run.tool || {}; | ||
| const driver = tool.driver || {}; | ||
| if (typeof driver.name === "string" && driver.name.length > 0) { | ||
| toolNames[driver.name] = true; | ||
| } | ||
| } | ||
|
|
||
| return Object.keys(toolNames); | ||
| } | ||
|
|
||
| export function readSarifFile(sarifFilePath: string): SarifFile { | ||
| return JSON.parse(fs.readFileSync(sarifFilePath, "utf8")) as SarifFile; | ||
| } | ||
|
|
||
| // Takes a list of paths to sarif files and combines them together, | ||
| // returning the contents of the combined sarif file. | ||
| export function combineSarifFiles( | ||
| sarifFiles: string[], | ||
| logger: Logger, | ||
| ): SarifFile { | ||
| logger.info(`Loading SARIF file(s)`); | ||
| const combinedSarif: SarifFile = { | ||
| version: null, | ||
| runs: [], | ||
| }; | ||
|
|
||
| for (const sarifFile of sarifFiles) { | ||
| logger.debug(`Loading SARIF file: ${sarifFile}`); | ||
| const sarifObject = readSarifFile(sarifFile); | ||
| // Check SARIF version | ||
| if (combinedSarif.version === null) { | ||
mbg marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
| combinedSarif.version = sarifObject.version; | ||
| } else if (combinedSarif.version !== sarifObject.version) { | ||
| throw new InvalidSarifUploadError( | ||
| `Different SARIF versions encountered: ${combinedSarif.version} and ${sarifObject.version}`, | ||
| ); | ||
| } | ||
|
|
||
| combinedSarif.runs.push(...sarifObject.runs); | ||
| } | ||
|
|
||
| return combinedSarif; | ||
| } | ||
|
|
||
| /** | ||
| * Checks whether all the runs in the given SARIF files were produced by CodeQL. | ||
| * @param sarifObjects The list of SARIF objects to check. | ||
| */ | ||
| export function areAllRunsProducedByCodeQL(sarifObjects: SarifFile[]): boolean { | ||
| return sarifObjects.every((sarifObject) => { | ||
| return sarifObject.runs?.every( | ||
| (run) => run.tool?.driver?.name === "CodeQL", | ||
| ); | ||
| }); | ||
| } | ||
|
|
||
| function createRunKey(run: SarifRun): SarifRunKey { | ||
| return { | ||
| name: run.tool?.driver?.name, | ||
| fullName: run.tool?.driver?.fullName, | ||
| version: run.tool?.driver?.version, | ||
| semanticVersion: run.tool?.driver?.semanticVersion, | ||
| guid: run.tool?.driver?.guid, | ||
| automationId: run.automationDetails?.id, | ||
| }; | ||
| } | ||
|
|
||
| /** | ||
| * Checks whether all runs in the given SARIF files are unique (based on the | ||
| * criteria used by Code Scanning to determine analysis categories). | ||
| * @param sarifObjects The list of SARIF objects to check. | ||
| */ | ||
| export function areAllRunsUnique(sarifObjects: SarifFile[]): boolean { | ||
| const keys = new Set<string>(); | ||
|
|
||
| for (const sarifObject of sarifObjects) { | ||
| for (const run of sarifObject.runs) { | ||
| const key = JSON.stringify(createRunKey(run)); | ||
|
|
||
| // If the key already exists, the runs are not unique. | ||
| if (keys.has(key)) { | ||
| return false; | ||
| } | ||
|
|
||
| keys.add(key); | ||
| } | ||
| } | ||
|
|
||
| return true; | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.