Skip to content

Commit

Permalink
HdfConverter improvements (#2699)
Browse files Browse the repository at this point in the history 
* HdfConverter: Add location, address GitHub validation error (#2694)

Per https://sarifweb.azurewebsites.net/Validation
> Each result location must provide the property 'physicalLocation.artifactLocation.uri'.
> GitHub Advanced Security code scanning will not display a result whose location does not provide the URI of the artifact that contains the result.

Signed-off-by: Craig Andrews <[email protected]>

* HdfConvert: Use HDF "control.descriptions" for "help" (#2633)

Signed-off-by: Craig Andrews <[email protected]>

* HdfConverter: Use HDF title as SARIF shortDescription

* HdfConverter: make name a Pascal case identifier

See: https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317843
Signed-off-by: Craig Andrews <[email protected]>

* HdfConverter: Set Enabled to true if and only if all results have status skipped

See: https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317854
Signed-off-by: Craig Andrews <[email protected]>

---------

Signed-off-by: Craig Andrews <[email protected]>
  • Loading branch information
@candrews
candrews authored Jul 27, 2023
1 parent 5b72930 commit d9b7272
Show file tree
Hide file tree
Showing 3 changed files with 2,929 additions and 15 deletions.
39 changes: 38 additions & 1 deletion src/Sarif.Converters/HdfConverter.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,14 @@ public override void Convert(Stream input, IResultLogWriter output, OptionallyEm
SupportedTaxonomies = new List<ToolComponentReference>() { new ToolComponentReference() { Name = "NIST SP800-53 v5", Guid = Guid.Parse("AAFBAB93-5201-419E-8443-D4925C542398") } }
}
},
OriginalUriBaseIds = new Dictionary<string, ArtifactLocation>()
{
{
"ROOTPATH", new ArtifactLocation {
Uri = new Uri("file:///")
}
}
},
ExternalPropertyFileReferences = new ExternalPropertyFileReferences()
{
Taxonomies = new List<ExternalPropertyFileReference>()
Expand Down Expand Up @@ -90,15 +98,24 @@ private static (ReportingDescriptor, IList<Result>) SarifRuleAndResultFromHdfCon
var reportingDescriptor = new ReportingDescriptor
{
Id = execJsonControl.Id,
Name = execJsonControl.Title,
Name = string.Join("", execJsonControl.Title.Split(' ').Select(s => char.ToUpper(s[0]) + s.Substring(1))),
ShortDescription = new MultiformatMessageString
{
Text = AppendPeriod(execJsonControl.Title),
},
FullDescription = new MultiformatMessageString
{
Text = AppendPeriod(execJsonControl.Desc),
},
DefaultConfiguration = new ReportingConfiguration
{
Level = SarifLevelFromHdfImpact(execJsonControl.Impact),
Enabled = !execJsonControl.Results.All(r => r.Status == ControlResultStatus.Skipped),
},
Help = execJsonControl.Descriptions.Any() ? new MultiformatMessageString
{
Text = string.Join("\n", execJsonControl.Descriptions.Select(d => d.Label + ":\n" + d.Data))
} : null,
HelpUri = null,
Relationships = new List<ReportingDescriptorRelationship>(
((JArray)execJsonControl.Tags["nist"])
Expand Down Expand Up @@ -141,6 +158,26 @@ private static (ReportingDescriptor, IList<Result>) SarifRuleAndResultFromHdfCon
Kind = kind,
Level = level,
Rank = rank,
Locations = new List<Location>
{
new Location {
PhysicalLocation = new PhysicalLocation
{
ArtifactLocation = new ArtifactLocation
{
Uri = new Uri(".", UriKind.Relative),
UriBaseId = "ROOTPATH",
},
Region = new Region
{
StartLine = 1,
StartColumn = 1,
EndLine = 1,
EndColumn = 1,
}
}
}
}
};
results.Add(result);
}
Expand Down
5 changes: 5 additions & 0 deletions src/Test.UnitTests.Sarif.Converters/TestData/HdfConverter/ExpectedOutputs/NoResults.sarif
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@
]
}
},
"originalUriBaseIds": {
"ROOTPATH": {
"uri": "file:///"
}
},
"artifacts": [
{
"location": {
Expand Down
Loading

0 comments on commit d9b7272

Please sign in to comment.