gosec/report/sarif/builder.go

package sarif

// NewReport instantiate a SARIF Report
func NewReport(version string, schema string) *Report {
	return &Report{
		Version: version,
		Schema:  schema,
	}
}

// WithRuns defines runs for the current report
func (r *Report) WithRuns(runs ...*Run) *Report {
	r.Runs = runs
	return r
}

// NewMultiformatMessageString instantiate a MultiformatMessageString
func NewMultiformatMessageString(text string) *MultiformatMessageString {
	return &MultiformatMessageString{
		Text: text,
	}
}

// NewRun instantiate a Run
func NewRun(tool *Tool) *Run {
	return &Run{
		Tool: tool,
	}
}

// WithTaxonomies set the taxonomies for the current run
func (r *Run) WithTaxonomies(taxonomies ...*ToolComponent) *Run {
	r.Taxonomies = taxonomies
	return r
}

// WithResults set the results for the current run
func (r *Run) WithResults(results ...*Result) *Run {
	r.Results = results
	return r
}

// NewArtifactLocation instantiate an ArtifactLocation
func NewArtifactLocation(uri string) *ArtifactLocation {
	return &ArtifactLocation{
		URI: uri,
	}
}

// NewRegion instantiate a Region
func NewRegion(startLine int, endLine int, startColumn int, endColumn int, sourceLanguage string) *Region {
	return &Region{
		StartLine:      startLine,
		EndLine:        endLine,
		StartColumn:    startColumn,
		EndColumn:      endColumn,
		SourceLanguage: sourceLanguage,
	}
}

// WithSnippet defines the Snippet for the current Region
func (r *Region) WithSnippet(snippet *ArtifactContent) *Region {
	r.Snippet = snippet
	return r
}

// NewArtifactContent instantiate an ArtifactContent
func NewArtifactContent(text string) *ArtifactContent {
	return &ArtifactContent{
		Text: text,
	}
}

// NewTool instantiate a Tool
func NewTool(driver *ToolComponent) *Tool {
	return &Tool{
		Driver: driver,
	}
}

// NewResult instantiate a Result
func NewResult(ruleID string, ruleIndex int, level Level, message string, suppressions []*Suppression, autofix string) *Result {
	result := &Result{
		RuleID:       ruleID,
		RuleIndex:    ruleIndex,
		Level:        level,
		Message:      NewMessage(message),
		Suppressions: suppressions,
	}
	if len(autofix) > 0 {
		result.Fixes = []*Fix{
			{
				Description: &Message{
					Markdown: autofix,
				},
			},
		}
	}
	return result
}

// NewMessage instantiate a Message
func NewMessage(text string) *Message {
	return &Message{
		Text: text,
	}
}

// WithLocations define the current result's locations
func (r *Result) WithLocations(locations ...*Location) *Result {
	r.Locations = locations
	return r
}

// NewLocation instantiate a Location
func NewLocation(physicalLocation *PhysicalLocation) *Location {
	return &Location{
		PhysicalLocation: physicalLocation,
	}
}

// NewPhysicalLocation instantiate a PhysicalLocation
func NewPhysicalLocation(artifactLocation *ArtifactLocation, region *Region) *PhysicalLocation {
	return &PhysicalLocation{
		ArtifactLocation: artifactLocation,
		Region:           region,
	}
}

// NewToolComponent instantiate a ToolComponent
func NewToolComponent(name string, version string, informationURI string) *ToolComponent {
	return &ToolComponent{
		Name:           name,
		Version:        version,
		InformationURI: informationURI,
		GUID:           uuid3(name),
	}
}

// WithLanguage set Language for the current ToolComponent
func (t *ToolComponent) WithLanguage(language string) *ToolComponent {
	t.Language = language
	return t
}

// WithSemanticVersion set SemanticVersion for the current ToolComponent
func (t *ToolComponent) WithSemanticVersion(semanticVersion string) *ToolComponent {
	t.SemanticVersion = semanticVersion
	return t
}

// WithReleaseDateUtc set releaseDateUtc for the current ToolComponent
func (t *ToolComponent) WithReleaseDateUtc(releaseDateUtc string) *ToolComponent {
	t.ReleaseDateUtc = releaseDateUtc
	return t
}

// WithDownloadURI set downloadURI for the current ToolComponent
func (t *ToolComponent) WithDownloadURI(downloadURI string) *ToolComponent {
	t.DownloadURI = downloadURI
	return t
}

// WithOrganization set organization for the current ToolComponent
func (t *ToolComponent) WithOrganization(organization string) *ToolComponent {
	t.Organization = organization
	return t
}

// WithShortDescription set shortDescription for the current ToolComponent
func (t *ToolComponent) WithShortDescription(shortDescription *MultiformatMessageString) *ToolComponent {
	t.ShortDescription = shortDescription
	return t
}

// WithIsComprehensive set isComprehensive for the current ToolComponent
func (t *ToolComponent) WithIsComprehensive(isComprehensive bool) *ToolComponent {
	t.IsComprehensive = isComprehensive
	return t
}

// WithMinimumRequiredLocalizedDataSemanticVersion set MinimumRequiredLocalizedDataSemanticVersion for the current ToolComponent
func (t *ToolComponent) WithMinimumRequiredLocalizedDataSemanticVersion(minimumRequiredLocalizedDataSemanticVersion string) *ToolComponent {
	t.MinimumRequiredLocalizedDataSemanticVersion = minimumRequiredLocalizedDataSemanticVersion
	return t
}

// WithTaxa set taxa for the current ToolComponent
func (t *ToolComponent) WithTaxa(taxa ...*ReportingDescriptor) *ToolComponent {
	t.Taxa = taxa
	return t
}

// WithSupportedTaxonomies set the supported taxonomies for the current ToolComponent
func (t *ToolComponent) WithSupportedTaxonomies(supportedTaxonomies ...*ToolComponentReference) *ToolComponent {
	t.SupportedTaxonomies = supportedTaxonomies
	return t
}

// WithRules set the rules for the current ToolComponent
func (t *ToolComponent) WithRules(rules ...*ReportingDescriptor) *ToolComponent {
	t.Rules = rules
	return t
}

// NewToolComponentReference instantiate a ToolComponentReference
func NewToolComponentReference(name string) *ToolComponentReference {
	return &ToolComponentReference{
		Name: name,
		GUID: uuid3(name),
	}
}

// NewSuppression instantiate a Suppression
func NewSuppression(kind string, justification string) *Suppression {
	return &Suppression{
		Kind:          kind,
		Justification: justification,
	}
}
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`package sarif`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewReport instantiate a SARIF Report`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewReport(version string, schema string) *Report {`
			`return &Report{`
			`Version: version,`
			`Schema: schema,`
			`}`
			`}`

Fix typos in struct fields, comments, and docs (#1023) 2023-10-05 11:59:17 +01:00			`// WithRuns defines runs for the current report`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (r Report) WithRuns(runs ...Run) *Report {`
			`r.Runs = runs`
			`return r`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewMultiformatMessageString instantiate a MultiformatMessageString`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewMultiformatMessageString(text string) *MultiformatMessageString {`
			`return &MultiformatMessageString{`
			`Text: text,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewRun instantiate a Run`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewRun(tool Tool) Run {`
			`return &Run{`
			`Tool: tool,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithTaxonomies set the taxonomies for the current run`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (r Run) WithTaxonomies(taxonomies ...ToolComponent) *Run {`
			`r.Taxonomies = taxonomies`
			`return r`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithResults set the results for the current run`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (r Run) WithResults(results ...Result) *Run {`
			`r.Results = results`
			`return r`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewArtifactLocation instantiate an ArtifactLocation`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewArtifactLocation(uri string) *ArtifactLocation {`
			`return &ArtifactLocation{`
			`URI: uri,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewRegion instantiate a Region`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewRegion(startLine int, endLine int, startColumn int, endColumn int, sourceLanguage string) *Region {`
			`return &Region{`
			`StartLine: startLine,`
			`EndLine: endLine,`
			`StartColumn: startColumn,`
			`EndColumn: endColumn,`
			`SourceLanguage: sourceLanguage,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithSnippet defines the Snippet for the current Region`
Sarif provide Snippet with Issue.Code * Provide Snippet with Issue.Code * Fix documentation 2021-05-13 15:02:28 +01:00			`func (r Region) WithSnippet(snippet ArtifactContent) *Region {`
			`r.Snippet = snippet`
			`return r`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewArtifactContent instantiate an ArtifactContent`
Sarif provide Snippet with Issue.Code * Provide Snippet with Issue.Code * Fix documentation 2021-05-13 15:02:28 +01:00			`func NewArtifactContent(text string) *ArtifactContent {`
			`return &ArtifactContent{`
			`Text: text,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewTool instantiate a Tool`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewTool(driver ToolComponent) Tool {`
			`return &Tool{`
			`Driver: driver,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewResult instantiate a Result`
Add support to generate auto fixes using LLM (AI) (#1177) This feature adds support to generate auto fixes for Go scanning findings using LLM (AI). In a first instance, it relies on Gemini API to get a suggestion for a solution. This can be later extended, to integrate also other AI providers. --------- Signed-off-by: Cosmin Cojocar <ccojocar@google.com> Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com> Co-authored-by: Cosmin Cojocar <ccojocar@google.com> 2024-08-12 11:52:41 +01:00			`func NewResult(ruleID string, ruleIndex int, level Level, message string, suppressions []Suppression, autofix string) Result {`
Populate the fixes only when autofix is not empty (#1226) Change-Id: If4de66d1ea0fd5a179808d023fdac677437c6d5a Signed-off-by: Cosmin Cojocar <ccojocar@google.com> 2024-09-18 12:43:01 +01:00			`result := &Result{`
Add support for suppressing the findings 2021-12-09 10:53:36 +00:00			`RuleID: ruleID,`
			`RuleIndex: ruleIndex,`
			`Level: level,`
			`Message: NewMessage(message),`
			`Suppressions: suppressions,`
Populate the fixes only when autofix is not empty (#1226) Change-Id: If4de66d1ea0fd5a179808d023fdac677437c6d5a Signed-off-by: Cosmin Cojocar <ccojocar@google.com> 2024-09-18 12:43:01 +01:00			`}`
			`if len(autofix) > 0 {`
			`result.Fixes = []*Fix{`
Add support to generate auto fixes using LLM (AI) (#1177) This feature adds support to generate auto fixes for Go scanning findings using LLM (AI). In a first instance, it relies on Gemini API to get a suggestion for a solution. This can be later extended, to integrate also other AI providers. --------- Signed-off-by: Cosmin Cojocar <ccojocar@google.com> Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com> Co-authored-by: Cosmin Cojocar <ccojocar@google.com> 2024-08-12 11:52:41 +01:00			`{`
			`Description: &Message{`
			`Markdown: autofix,`
			`},`
			`},`
Populate the fixes only when autofix is not empty (#1226) Change-Id: If4de66d1ea0fd5a179808d023fdac677437c6d5a Signed-off-by: Cosmin Cojocar <ccojocar@google.com> 2024-09-18 12:43:01 +01:00			`}`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`}`
Populate the fixes only when autofix is not empty (#1226) Change-Id: If4de66d1ea0fd5a179808d023fdac677437c6d5a Signed-off-by: Cosmin Cojocar <ccojocar@google.com> 2024-09-18 12:43:01 +01:00			`return result`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewMessage instantiate a Message`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewMessage(text string) *Message {`
			`return &Message{`
			`Text: text,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithLocations define the current result's locations`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (r Result) WithLocations(locations ...Location) *Result {`
			`r.Locations = locations`
			`return r`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewLocation instantiate a Location`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewLocation(physicalLocation PhysicalLocation) Location {`
			`return &Location{`
			`PhysicalLocation: physicalLocation,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewPhysicalLocation instantiate a PhysicalLocation`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewPhysicalLocation(artifactLocation ArtifactLocation, region Region) *PhysicalLocation {`
			`return &PhysicalLocation{`
			`ArtifactLocation: artifactLocation,`
			`Region: region,`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewToolComponent instantiate a ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewToolComponent(name string, version string, informationURI string) *ToolComponent {`
			`return &ToolComponent{`
			`Name: name,`
			`Version: version,`
			`InformationURI: informationURI,`
			`GUID: uuid3(name),`
			`}`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithLanguage set Language for the current ToolComponent`
Handle gosec version in SARIF report 2021-05-20 09:16:42 +01:00			`func (t ToolComponent) WithLanguage(language string) ToolComponent {`
			`t.Language = language`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithSemanticVersion set SemanticVersion for the current ToolComponent`
Handle gosec version in SARIF report 2021-05-20 09:16:42 +01:00			`func (t ToolComponent) WithSemanticVersion(semanticVersion string) ToolComponent {`
			`t.SemanticVersion = semanticVersion`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithReleaseDateUtc set releaseDateUtc for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithReleaseDateUtc(releaseDateUtc string) ToolComponent {`
			`t.ReleaseDateUtc = releaseDateUtc`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithDownloadURI set downloadURI for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithDownloadURI(downloadURI string) ToolComponent {`
			`t.DownloadURI = downloadURI`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithOrganization set organization for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithOrganization(organization string) ToolComponent {`
			`t.Organization = organization`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithShortDescription set shortDescription for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithShortDescription(shortDescription MultiformatMessageString) *ToolComponent {`
			`t.ShortDescription = shortDescription`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithIsComprehensive set isComprehensive for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithIsComprehensive(isComprehensive bool) ToolComponent {`
			`t.IsComprehensive = isComprehensive`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithMinimumRequiredLocalizedDataSemanticVersion set MinimumRequiredLocalizedDataSemanticVersion for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithMinimumRequiredLocalizedDataSemanticVersion(minimumRequiredLocalizedDataSemanticVersion string) ToolComponent {`
			`t.MinimumRequiredLocalizedDataSemanticVersion = minimumRequiredLocalizedDataSemanticVersion`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithTaxa set taxa for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithTaxa(taxa ...ReportingDescriptor) *ToolComponent {`
			`t.Taxa = taxa`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithSupportedTaxonomies set the supported taxonomies for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithSupportedTaxonomies(supportedTaxonomies ...ToolComponentReference) *ToolComponent {`
			`t.SupportedTaxonomies = supportedTaxonomies`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// WithRules set the rules for the current ToolComponent`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func (t ToolComponent) WithRules(rules ...ReportingDescriptor) *ToolComponent {`
			`t.Rules = rules`
			`return t`
			`}`

Fix lint and fail on error in the ci build 2021-05-31 09:44:12 +01:00			`// NewToolComponentReference instantiate a ToolComponentReference`
Enable golangcli and improve testing for formatters 2021-05-10 09:08:04 +01:00			`func NewToolComponentReference(name string) *ToolComponentReference {`
			`return &ToolComponentReference{`
			`Name: name,`
			`GUID: uuid3(name),`
			`}`
			`}`
Add support for suppressing the findings 2021-12-09 10:53:36 +00:00
			`// NewSuppression instantiate a Suppression`
			`func NewSuppression(kind string, justification string) *Suppression {`
			`return &Suppression{`
			`Kind: kind,`
			`Justification: justification,`
			`}`
			`}`