mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Fix sarif formatting issues (#565)
* include tool version * change declared safix shema version * dedup rules, fix result locations * refactor rules collection creation
This commit is contained in:
parent
b6524ce487
commit
6c57ae1628
2 changed files with 25 additions and 10 deletions
|
@ -180,27 +180,39 @@ func convertToSonarIssues(rootPaths []string, data *reportInfo) (*sonarIssues, e
|
||||||
func convertToSarifReport(rootPaths []string, data *reportInfo) (*sarifReport, error) {
|
func convertToSarifReport(rootPaths []string, data *reportInfo) (*sarifReport, error) {
|
||||||
sr := buildSarifReport()
|
sr := buildSarifReport()
|
||||||
|
|
||||||
var rules []*sarifRule
|
type rule struct {
|
||||||
var locations []*sarifLocation
|
index int
|
||||||
|
rule *sarifRule
|
||||||
|
}
|
||||||
|
|
||||||
|
rules := make([]*sarifRule, 0)
|
||||||
|
rulesIndices := make(map[string]rule)
|
||||||
|
lastRuleIndex := -1
|
||||||
|
|
||||||
results := []*sarifResult{}
|
results := []*sarifResult{}
|
||||||
|
|
||||||
for index, issue := range data.Issues {
|
for _, issue := range data.Issues {
|
||||||
rules = append(rules, buildSarifRule(issue))
|
r, ok := rulesIndices[issue.RuleID]
|
||||||
|
if !ok {
|
||||||
|
lastRuleIndex++
|
||||||
|
r = rule{index: lastRuleIndex, rule: buildSarifRule(issue)}
|
||||||
|
rulesIndices[issue.RuleID] = r
|
||||||
|
rules = append(rules, r.rule)
|
||||||
|
}
|
||||||
|
|
||||||
location, err := buildSarifLocation(issue, rootPaths)
|
location, err := buildSarifLocation(issue, rootPaths)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
locations = append(locations, location)
|
|
||||||
|
|
||||||
result := &sarifResult{
|
result := &sarifResult{
|
||||||
RuleID: fmt.Sprintf("%s (CWE-%s)", issue.RuleID, issue.Cwe.ID),
|
RuleID: r.rule.ID,
|
||||||
RuleIndex: index,
|
RuleIndex: r.index,
|
||||||
Level: getSarifLevel(issue.Severity.String()),
|
Level: getSarifLevel(issue.Severity.String()),
|
||||||
Message: &sarifMessage{
|
Message: &sarifMessage{
|
||||||
Text: issue.What,
|
Text: issue.What,
|
||||||
},
|
},
|
||||||
Locations: locations,
|
Locations: []*sarifLocation{location},
|
||||||
}
|
}
|
||||||
|
|
||||||
results = append(results, result)
|
results = append(results, result)
|
||||||
|
@ -209,6 +221,7 @@ func convertToSarifReport(rootPaths []string, data *reportInfo) (*sarifReport, e
|
||||||
tool := &sarifTool{
|
tool := &sarifTool{
|
||||||
Driver: &sarifDriver{
|
Driver: &sarifDriver{
|
||||||
Name: "gosec",
|
Name: "gosec",
|
||||||
|
Version: "2.1.0",
|
||||||
InformationURI: "https://github.com/securego/gosec/",
|
InformationURI: "https://github.com/securego/gosec/",
|
||||||
Rules: rules,
|
Rules: rules,
|
||||||
},
|
},
|
||||||
|
|
|
@ -2,9 +2,10 @@ package output
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"github.com/securego/gosec/v2"
|
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"github.com/securego/gosec/v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
type sarifLevel string
|
type sarifLevel string
|
||||||
|
@ -68,6 +69,7 @@ type sarifResult struct {
|
||||||
|
|
||||||
type sarifDriver struct {
|
type sarifDriver struct {
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
|
Version string `json:"version"`
|
||||||
InformationURI string `json:"informationUri"`
|
InformationURI string `json:"informationUri"`
|
||||||
Rules []*sarifRule `json:"rules,omitempty"`
|
Rules []*sarifRule `json:"rules,omitempty"`
|
||||||
}
|
}
|
||||||
|
@ -91,7 +93,7 @@ type sarifReport struct {
|
||||||
func buildSarifReport() *sarifReport {
|
func buildSarifReport() *sarifReport {
|
||||||
return &sarifReport{
|
return &sarifReport{
|
||||||
Version: "2.1.0",
|
Version: "2.1.0",
|
||||||
Schema: "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.4.json",
|
Schema: "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
|
||||||
Runs: []*sarifRun{},
|
Runs: []*sarifRun{},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue