Skip to content

Commit

Permalink
Property bags (#14)
Browse files Browse the repository at this point in the history 
* propertyBag is an object, do not derive ord

The propertyBag is an object with a further constraint that, if present,
the `tags` property is a list of strings. This extra constraint is not
enforced.

"ord", a compare function, is not derived because Yojson.Safe.compare
does not exist. The value of an order is also not clear to me.

A test is added that does a roundtrip of a sarif output taken from a
Semgrep test case.

* Add remaining Semgrep tests
  • Loading branch information
@reynir
reynir authored Jan 28, 2024
1 parent d56f4c1 commit b250fcf
Show file tree
Hide file tree
Showing 17 changed files with 1,857 additions and 658 deletions.
186 changes: 93 additions & 93 deletions lib/sarif_v_2_1_0.atd
View file

Large diffs are not rendered by default.

208 changes: 114 additions & 94 deletions lib/sarif_v_2_1_0_j.ml
View file

Large diffs are not rendered by default.

184 changes: 92 additions & 92 deletions lib/sarif_v_2_1_0_j.mli
View file

Large diffs are not rendered by default.

187 changes: 93 additions & 94 deletions lib/sarif_v_2_1_0_t.ml
View file

Large diffs are not rendered by default.

187 changes: 93 additions & 94 deletions lib/sarif_v_2_1_0_t.mli
View file

Large diffs are not rendered by default.

213 changes: 115 additions & 98 deletions lib/sarif_v_2_1_0_v.ml
View file

Large diffs are not rendered by default.

184 changes: 92 additions & 92 deletions lib/sarif_v_2_1_0_v.mli
View file

Large diffs are not rendered by default.

108 changes: 108 additions & 0 deletions test/data/semgrep/test_sarif_output_include_nosemgrep/results.sarif
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
{
"$schema": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/schemas/sarif-schema-2.1.0.json",
"runs": [
{
"invocations": [
{
"executionSuccessful": true,
"toolExecutionNotifications": []
}
],
"results": [
{
"fingerprints": {
"matchBasedId/v1": "1ccfdeae9247f2f32c35443f3bf87d4fd67e4d58b25adfcdb7dd5fc74079c09713a2e45e39f1f46e12361f98aa492bfba2a4983d4e9f409c02dfcff1ba254f20_0"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "targets/basic/regex-nosemgrep.txt",
"uriBaseId": "%SRCROOT%"
},
"region": {
"endColumn": 30,
"endLine": 1,
"snippet": {
"text": "aws_account_id = 123456789012 # nosemgrep"
},
"startColumn": 1,
"startLine": 1
}
}
}
],
"message": {
"text": "AWS Account ID detected"
},
"properties": {},
"ruleId": "rules.detected-aws-account-id",
"suppressions": [
{
"kind": "inSource"
}
]
},
{
"fingerprints": {
"matchBasedId/v1": "1ccfdeae9247f2f32c35443f3bf87d4fd67e4d58b25adfcdb7dd5fc74079c09713a2e45e39f1f46e12361f98aa492bfba2a4983d4e9f409c02dfcff1ba254f20_1"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "targets/basic/regex-nosemgrep.txt",
"uriBaseId": "%SRCROOT%"
},
"region": {
"endColumn": 28,
"endLine": 3,
"snippet": {
"text": "aws_account_id:123456789012"
},
"startColumn": 1,
"startLine": 3
}
}
}
],
"message": {
"text": "AWS Account ID detected"
},
"properties": {},
"ruleId": "rules.detected-aws-account-id"
}
],
"tool": {
"driver": {
"name": "Semgrep OSS",
"rules": [
{
"defaultConfiguration": {
"level": "error"
},
"fullDescription": {
"text": "AWS Account ID detected"
},
"help": {
"markdown": "AWS Account ID detected",
"text": "AWS Account ID detected"
},
"id": "rules.detected-aws-account-id",
"name": "rules.detected-aws-account-id",
"properties": {
"precision": "very-high",
"tags": []
},
"shortDescription": {
"text": "Semgrep Finding: rules.detected-aws-account-id"
}
}
],
"semanticVersion": "placeholder"
}
}
}
],
"version": "2.1.0"
}
134 changes: 134 additions & 0 deletions test/data/semgrep/test_sarif_output_rule_board/results.sarif
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
{
"$schema": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/schemas/sarif-schema-2.1.0.json",
"runs": [
{
"invocations": [
{
"executionSuccessful": true,
"toolExecutionNotifications": []
}
],
"results": [
{
"fingerprints": {
"matchBasedId/v1": "1fa894f43c4fd60b1b0c5e2e9a50311b67b77a7b09f7c45001277b41e41accd87cd8e2931d57e0bf41a0e5086501be1fea611473dd02e1625c49204145464dba_0"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "targets/basic/stupid.py",
"uriBaseId": "%SRCROOT%"
},
"region": {
"endColumn": 26,
"endLine": 3,
"snippet": {
"text": " return a + b == a + b"
},
"startColumn": 12,
"startLine": 3
}
}
}
],
"message": {
"text": "this rule comes from the rule board!"
},
"properties": {},
"ruleId": "rules.rule-board-eqeq-five"
},
{
"fingerprints": {
"matchBasedId/v1": "79990521677dc96cec634491f9134e8528b49257440a27b8df47582e37668aaf5cb3343fe53b19476b12071b84f58db799c9f7f3d75b09dd3547f283b7036d38_0"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "targets/basic/stupid.py",
"uriBaseId": "%SRCROOT%"
},
"region": {
"endColumn": 11,
"endLine": 8,
"snippet": {
"text": " x == x"
},
"startColumn": 5,
"startLine": 8
}
}
}
],
"message": {
"text": "this rule comes from the rule board!"
},
"properties": {},
"ruleId": "rules.rule-board-eqeq-five"
},
{
"fingerprints": {
"matchBasedId/v1": "79990521677dc96cec634491f9134e8528b49257440a27b8df47582e37668aaf5cb3343fe53b19476b12071b84f58db799c9f7f3d75b09dd3547f283b7036d38_1"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "targets/basic/stupid.py",
"uriBaseId": "%SRCROOT%"
},
"region": {
"endColumn": 18,
"endLine": 12,
"snippet": {
"text": "assertTrue(x == x)"
},
"startColumn": 12,
"startLine": 12
}
}
}
],
"message": {
"text": "this rule comes from the rule board!"
},
"properties": {},
"ruleId": "rules.rule-board-eqeq-five"
}
],
"tool": {
"driver": {
"name": "Semgrep OSS",
"rules": [
{
"defaultConfiguration": {
"level": "error"
},
"fullDescription": {
"text": "this rule comes from the rule board!"
},
"help": {
"markdown": "this rule comes from the rule board!",
"text": "this rule comes from the rule board!"
},
"id": "rules.rule-board-eqeq-five",
"name": "rules.rule-board-eqeq-five",
"properties": {
"precision": "very-high",
"tags": [
"rule-board-block"
]
},
"shortDescription": {
"text": "Semgrep Finding: rules.rule-board-eqeq-five"
}
}
],
"semanticVersion": "placeholder"
}
}
}
],
"version": "2.1.0"
}
32 changes: 32 additions & 0 deletions test/data/semgrep/test_sarif_output_when_errors/results.sarif
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"$schema": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/schemas/sarif-schema-2.1.0.json",
"runs": [
{
"invocations": [
{
"executionSuccessful": true,
"toolExecutionNotifications": [
{
"descriptor": {
"id": "SemgrepError"
},
"level": "error",
"message": {
"text": "File not found: targets/basic/inexistent.py"
}
}
]
}
],
"results": [],
"tool": {
"driver": {
"name": "Semgrep OSS",
"rules": [],
"semanticVersion": "placeholder"
}
}
}
],
"version": "2.1.0"
}
Loading

0 comments on commit b250fcf

Please sign in to comment.