From 046a152ae2dd3cdad767b103c5d81963129864b3 Mon Sep 17 00:00:00 2001 From: Michael Hohn Date: Tue, 19 Apr 2022 12:00:54 -0700 Subject: [PATCH] Expand current and planned table description --- notes/l3style.css | 170 ++++++++++++++++++++++++++++ notes/tables.org | 279 ++++++++++++++++++++++++++++++++++++++++++++++ notes/tables.txt | 187 ------------------------------- 3 files changed, 449 insertions(+), 187 deletions(-) create mode 100644 notes/l3style.css create mode 100644 notes/tables.org delete mode 100644 notes/tables.txt diff --git a/notes/l3style.css b/notes/l3style.css new file mode 100644 index 0000000..9b71bbd --- /dev/null +++ b/notes/l3style.css @@ -0,0 +1,170 @@ + +/* The sum of width and margin percentages must not exceed 100.*/ +div#toc { + /* Use a moving table of contents (scrolled away for long contents) */ + /* + * float: left; + */ + /* OR */ + /* use a fixed-position toc */ + position: fixed; + top: 80px; + left: 0px; + + /* match toc, org-content, postamble */ + width: 26%; + margin-right: 1%; + margin-left: 1%; +} + +div#org-content { + float: right; + width: 70%; + /* match toc, org-content, postamble */ + margin-left: 28%; +} + +div#postamble { + float: right; + width: 70%; + /* match toc, org-content, postamble */ + margin-left: 28%; +} + + +p.author { + clear: both; + font-size: 1em; + margin-left: 25%; +} + +p.date { + clear: both; + font-size: 1em; + margin-left: 25%; +} + +#toc * { + font-size:1em; +} + +#toc h3 { + font-weight:normal; + margin:1em 0 0 0; + padding: 4px 0; + border-bottom:1px solid #666; + text-transform:uppercase; +} + +#toc ul, #toc li { + margin:0; + padding:0; + list-style:none; +} + +#toc li { + display:inline; +} + +#toc ul li a { + text-decoration:none; + display:block; + margin:0; + padding:4px 6px; + color:#990000; + border-bottom:1px solid #aaa; +} + +#toc ul ul li a { + padding-left:18px; + color:#666; +} + +#toc ul li a:hover { + background-color:#F6F6F6; +} + + +/* Description lists. */ +dt { + font-style: bold; + background-color:#F6F6F6; +} + + +/* From org-mode page. */ +body { + font-family: avenir, Lao Sangam MN, Myanmar Sangam MN, Songti SC, Kohinoor Devanagari, Menlo, avenir, helvetica, verdana, sans-serif; + font-size: 100%; + margin-top: 5%; + margin-bottom: 8%; + background: white; color: black; + margin-left: 3% !important; margin-right: 3% !important; +} + +h1 { + font-size: 2em; + color: #cc8c00; +/* padding-top: 5px; */ + border-bottom: 2px solid #aaa; + width: 70%; + /* match toc, org-content, postamble */ + margin-left: 28%; /* Align with div#content */ +} + +h2 { + font-size: 1.5em; + padding-top: 1em; + border-bottom: 1px solid #ccc; +} + +h3 { + font-size: 1.2em; + padding-top: 0.5em; + border-bottom: 1px solid #eee; +} + +.todo, .deadline { color: red; font-style: italic } +.done { color: green; font-style: italic } +.timestamp { color: grey } +.timestamp-kwd { color: CadetBlue; } +.tag { background-color:lightblue; font-weight:normal; } + +.target { background-color: lavender; } + +.menu { + color: #666; +} + +.menu a:link { + color: #888; +} +.menu a:active { + color: #888; +} +.menu a:visited { + color: #888; +} + +img { align: center; } + +pre { + padding: 5pt; + font-family: andale mono, vera sans mono, monospace, courier ; + font-size: 0.8em; + background-color: #f0f0f0; +} + +code { + font-family: andale mono, vera sans mono, monospace, courier ; + font-size: 0.8em; + background-color: #f0f0f0; +} + +table { border-collapse: collapse; } + +td, th { + vertical-align: top; + border: 1pt solid #ADB9CC; +} + diff --git a/notes/tables.org b/notes/tables.org new file mode 100644 index 0000000..da0bedd --- /dev/null +++ b/notes/tables.org @@ -0,0 +1,279 @@ +# -*- coding: utf-8 -*- +# Created [Apr-19-2022] +#+TITLE: +#+AUTHOR: Michael Hohn +#+LANGUAGE: en +#+TEXT: +#+OPTIONS: ^:{} H:2 num:t \n:nil @:t ::t |:t ^:nil f:t *:t TeX:t LaTeX:t skip:nil p:nil +#+OPTIONS: toc:nil +#+HTML_HEAD: +#+HTML:
+#+TOC: headlines 2 insert TOC here, with two headline levels +#+HTML:
+# +#+HTML:
+ +* Overview + The current ==> project.csv <== table is broken. It's a combination of project + meta info (to be moved to a separate =project= table) and the entry point to a + single =project='s sarif results + +* Currently Exported Tables + Tables exported by sarif-extract-multi, commit d5390bb87, [Mar-23-2022] + + #+BEGIN_SRC text + ==> artifacts.csv <== + artifacts_id + index + uri + uriBaseId + #+END_SRC + + #+BEGIN_SRC text + ==> codeflows.csv <== + codeflow_id + codeflow_index + threadflow_index + location_index + endColumn + endLine + startColumn + startLine + artifact_index + uri + uriBaseId + message + #+END_SRC + + #+BEGIN_SRC text + ==> kind_pathproblem.csv <== + results_array_id + results_array_index + codeFlows_id + ruleId + ruleIndex + location_array_index + location_id + location_endColumn + location_endLine + location_startColumn + location_startLine + location_index + location_uri + location_uriBaseId + location_message + relatedLocation_array_index + relatedLocation_id + relatedLocation_endColumn + relatedLocation_endLine + relatedLocation_startColumn + relatedLocation_startLine + relatedLocation_index + relatedLocation_uri + relatedLocation_uriBaseId + relatedLocation_message + message_text + primaryLocationLineHash + primaryLocationStartColumnFingerprint + rule_id + rule_index + + #+END_SRC + + + #+BEGIN_SRC text + ==> kind_problem.csv <== + results_array_id + results_array_index + ruleId + ruleIndex + location_array_index + location_id + location_endColumn + location_endLine + location_startColumn + location_startLine + location_index + location_uri + location_uriBaseId + location_message + relatedLocation_array_index + relatedLocation_id + relatedLocation_endColumn + relatedLocation_endLine + relatedLocation_startColumn + relatedLocation_startLine + relatedLocation_index + relatedLocation_uri + relatedLocation_uriBaseId + relatedLocation_message + message_text + primaryLocationLineHash + primaryLocationStartColumnFingerprint + rule_id + rule_index + + #+END_SRC + + + #+BEGIN_SRC text + ==> project.csv <== + creation_date + primary_language + project_name + query_commit_id + sarif_file_name + scan_id + scan_start_date + scan_stop_date + tool_name + tool_version + $schema + sarif_version + run_index + artifacts + columnKind + results + semmle.formatSpecifier + semmle.sourceLanguage + driver_name + organization + rules + driver_version + repositoryUri + revisionId + + #+END_SRC + + + #+BEGIN_SRC text + ==> relatedLocations.csv <== + struct_id + uri + startLine + startColumn + endLine + endColumn + message + + #+END_SRC + + + #+BEGIN_SRC text + ==> rules.csv <== + rules_array_id + rules_array_index + id + name + enabled + level + fullDescription + shortDescription + kind + precision + security-severity + severity + sub-severity + tag_index + tag_text + #+END_SRC + +* New tables to be exported + Possible splits from =project.csv= + + The scan results are the root of the sarif tree, so this is a required base table. + #+BEGIN_SRC text + ==> project-scan-result.csv <== + $schema + sarif_version + run_index + artifacts + columnKind + results + semmle.formatSpecifier + semmle.sourceLanguage + driver_name + organization + rules + driver_version + repositoryUri + revisionId + #+END_SRC + + The rest of the [Mar-23-2022] =projects.csv= table is ad-hoc and included in the + other tables below; it can be discarded. + #+BEGIN_SRC text + ==> project-meta.csv <== + creation_date + primary_language + project_name + query_commit_id + sarif_file_name + scan_id + scan_start_date + scan_stop_date + tool_name + tool_version + + #+END_SRC + + New tables intended for reporting infrastructure: + #+BEGIN_SRC text + ==> project.csv <== + id + project_name + creation_date + repository_url -- new + primary_language -- from github api + languages_analyzed + #+END_SRC + + #+BEGIN_SRC text + ==> scans.csv <== + id + commit_id + project_id + db_create_start + db_create_stop + scan_start_date + scan_stop_date + tool_name + tool_version + tool_query_commit_id + sarif_content + sarif_file_name + + #+END_SRC + + #+BEGIN_SRC text + ==> results.csv <== + id INT, -- primary key + scan_id INT, -- scans.id + query_id STRING, -- git commit id of the ql query set + location STRING, + message STRING, + message_object OBJ, + -- for kind_path_problem, use distinct source / sink + -- for kind_problem, use the same location for both + result_type STRING, -- kind_problem | kind_path_problem + -- link to codeflows (kind_pathproblem.csv only, NULL otherwise) + codeFlow_id INT, + -- + source_startLine int, + source_startCol int, + source_endLine int, + source_endCol int, + -- + sink_startLine int, + sink_startCol int, + sink_endLine int, + sink_endCol int, + -- + source_object STRING, -- higher-level info: 'args', 'request', etc. + sink_object string, -- higher level: 'execute', 'sql statement', etc. + + #+END_SRC + + + +#+HTML:
diff --git a/notes/tables.txt b/notes/tables.txt deleted file mode 100644 index ea2af17..0000000 --- a/notes/tables.txt +++ /dev/null @@ -1,187 +0,0 @@ -The current ==> project.csv <== table is broken. It's a combination of project -meta info (to be moved to a separate =project= table) and the entry point to a -single =project='s sarif results - -==> project-meta.csv <== -creation_date -primary_language -project_name -query_commit_id -sarif_file_name -scan_id -scan_start_date -scan_stop_date -tool_name -tool_version - -==> project-scan-result.csv <== -$schema -sarif_version -run_index -artifacts -columnKind -results -semmle.formatSpecifier -semmle.sourceLanguage -driver_name -organization -rules -driver_version -repositoryUri -revisionId - - -==> artifacts.csv <== -artifacts_id -index -uri -uriBaseId - -==> codeflows.csv <== -codeflow_id -codeflow_index -threadflow_index -location_index -endColumn -endLine -startColumn -startLine -artifact_index -uri -uriBaseId -message - -==> kind_pathproblem.csv <== -results_array_id -results_array_index -codeFlows_id -ruleId -ruleIndex -location_array_index -location_id -location_endColumn -location_endLine -location_startColumn -location_startLine -location_index -location_uri -location_uriBaseId -location_message -relatedLocation_array_index -relatedLocation_id -relatedLocation_endColumn -relatedLocation_endLine -relatedLocation_startColumn -relatedLocation_startLine -relatedLocation_index -relatedLocation_uri -relatedLocation_uriBaseId -relatedLocation_message -message_text -primaryLocationLineHash -primaryLocationStartColumnFingerprint -rule_id -rule_index - -==> kind_problem.csv <== -results_array_id -results_array_index -ruleId -ruleIndex -location_array_index -location_id -location_endColumn -location_endLine -location_startColumn -location_startLine -location_index -location_uri -location_uriBaseId -location_message -relatedLocation_array_index -relatedLocation_id -relatedLocation_endColumn -relatedLocation_endLine -relatedLocation_startColumn -relatedLocation_startLine -relatedLocation_index -relatedLocation_uri -relatedLocation_uriBaseId -relatedLocation_message -message_text -primaryLocationLineHash -primaryLocationStartColumnFingerprint -rule_id -rule_index - -==> project.csv <== -creation_date -primary_language -project_name -query_commit_id -sarif_file_name -scan_id -scan_start_date -scan_stop_date -tool_name -tool_version -$schema -sarif_version -run_index -artifacts -columnKind -results -semmle.formatSpecifier -semmle.sourceLanguage -driver_name -organization -rules -driver_version -repositoryUri -revisionId - -==> relatedLocations.csv <== -struct_id -uri -startLine -startColumn -endLine -endColumn -message - -==> rules.csv <== -rules_array_id -rules_array_index -id -name -enabled -level -fullDescription -shortDescription -kind -precision -security-severity -severity -sub-severity -tag_index -tag_text - -==> scans.csv <== -commit_id -project_id -db_create_start -db_create_stop -scan_start_date -scan_stop_date -tool_name -tool_version -tool_query_commit_id -sarif_content -sarif_file_name - -==> projects.csv <== -project_name -creation_date -repository_url -primary_language -languages_analyzed