hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 01:13:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

try a reduced signature for better compatibility with sarif variations

Browse Source 
This doesn't help; sarif is just too dynamic.  Try a pull parser instead.
This commit is contained in:
michael hohn
2025-10-19 23:36:38 -07:00
committed by =michael hohn
parent 8977273e94
commit 335017ba68
2 changed files with 129 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
bin/sarif-extract-scans
View File

@@ -2,7 +2,8 @@
""" Extract scan data from multiple sarif files in table form. """ Extract scan data from multiple sarif files in table form.
""" """
from dataclasses import dataclass from dataclasses import dataclass
from sarif_cli import signature, signature_single, signature_single_CLI from sarif_cli import signature, signature_single, signature_single_CLI, \
signature_table_joins_CLI
from sarif_cli import typegraph from sarif_cli import typegraph
from sarif_cli import snowflake_id from sarif_cli import snowflake_id
from sarif_cli import status_writer from sarif_cli import status_writer
@@ -128,9 +129,12 @@ if args.input_signature == "LGTM":
signature_to_use = signature_single.struct_graph_LGTM signature_to_use = signature_single.struct_graph_LGTM
start_node = signature_single.start_node_LGTM start_node = signature_single.start_node_LGTM
else: else:
#signature_to_use = signature_single.struct_graph_CLI # #signature_to_use = signature_single.struct_graph_CLI
signature_to_use = signature_single_CLI.struct_graph_CLI # signature_to_use = signature_single_CLI.struct_graph_CLI
# start_node = signature_single_CLI.start_node_CLI
signature_to_use = signature_table_joins_CLI.struct_graph_CLI
start_node = signature_single_CLI.start_node_CLI start_node = signature_single_CLI.start_node_CLI
# #
# Use reference type graph (signature) to traverse sarif and attach values to tables # Use reference type graph (signature) to traverse sarif and attach values to tables
try: try:

122
sarif_cli/signature_table_joins_CLI.py Normal file
View File

@@ -0,0 +1,122 @@
"""Reduced signature graph limited to the types used by table_joins_CLI.
This is derived from signature_single_CLI.struct_graph_CLI by keeping only the
fields that are reachable from the joins implemented in table_joins_CLI.
"""
start_node_CLI = 'Struct5521'
struct_graph_CLI = (
[ ('String', 'string'),
('Int', 'int'),
('Bool', 'bool'),
('Array7069', ('array', (0, 'String'))),
( 'Struct2685',
( 'struct',
('index', 'Int'),
('uri', 'String'),
('uriBaseId', 'String'))),
('Struct5277', ('struct', ('location', 'Struct2685'))),
( 'Struct3497',
('struct', ('index', 'Int'), ('uri', 'String'))),
('Struct9567', ('struct', ('location', 'Struct3497'))),
('Array6920', ('array', (0, 'Struct5277'), (1, 'Struct9567'))),
( 'Struct6299',
( 'struct',
('endColumn', 'Int'),
('endLine', 'Int'),
('startColumn', 'Int'),
('startLine', 'Int'))),
( 'Struct4963',
( 'struct',
('artifactLocation', 'Struct2685'),
('region', 'Struct6299'))),
('Struct2774', ('struct', ('text', 'String'))),
( 'Struct2683',
( 'struct',
('id', 'Int'),
('message', 'Struct2774'),
('physicalLocation', 'Struct4963'))),
('Array0350', ('array', (0, 'Struct2683'))),
( 'Struct4199',
( 'struct',
('primaryLocationLineHash', 'String'),
('primaryLocationStartColumnFingerprint', 'String'))),
('Struct3942', ('struct', ('id', 'String'), ('index', 'Int'))),
( 'Struct4055',
( 'struct',
('locations', 'Array0350'),
('message', 'Struct2774'),
('partialFingerprints', 'Struct4199'),
('relatedLocations', 'Array0350'),
('rule', 'Struct3942'),
('ruleId', 'String'),
('ruleIndex', 'Int'))),
('Struct0987', ('struct', ('location', 'Struct2683'))),
('Array1075', ('array', (0, 'Struct0987'))),
('Struct4194', ('struct', ('locations', 'Array1075'))),
('Array1597', ('array', (0, 'Struct4194'))),
('Struct7122', ('struct', ('threadFlows', 'Array1597'))),
('Array9799', ('array', (0, 'Struct7122'))),
( 'Struct9699',
( 'struct',
('codeFlows', 'Array9799'),
('locations', 'Array0350'),
('message', 'Struct2774'),
('partialFingerprints', 'Struct4199'),
('relatedLocations', 'Array0350'),
('rule', 'Struct3942'),
('ruleId', 'String'),
('ruleIndex', 'Int'))),
('Array1768', ('array', (2, 'Struct9699'), (1, 'Struct4055'))),
('Struct1111', ('struct', ('id', 'String'))),
( 'Struct1509',
( 'struct',
('semmle.formatSpecifier', 'String'),
('semmle.sourceLanguage', 'String'))),
('Struct8581', ('struct', ('enabled', 'Bool'), ('level', 'String'))),
( 'Struct6853',
( 'struct',
('description', 'String'),
('id', 'String'),
('kind', 'String'),
('name', 'String'),
('precision', 'String'),
('problem.severity', 'String'),
('security-severity', 'String'),
('sub-severity', 'String'),
('tags', 'Array7069'))),
( 'Struct7100',
( 'struct',
('defaultConfiguration', 'Struct8581'),
('fullDescription', 'Struct2774'),
('id', 'String'),
('name', 'String'),
('properties', 'Struct6853'),
('shortDescription', 'Struct2774'))),
('Array0147', ('array', (0, 'Struct7100'))),
( 'Struct7828',
( 'struct',
('name', 'String'),
('organization', 'String'),
('rules', 'Array0147'),
('semanticVersion', 'String'))),
('Struct0032', ('struct', ('driver', 'Struct7828'))),
('Struct3081', ('struct', ('repositoryUri', 'String'), ('revisionId', 'String'))),
('Array5511', ('array', (0, 'Struct3081'))),
( 'Struct9786',
( 'struct',
('artifacts', 'Array6920'),
('automationDetails', 'Struct1111'),
('columnKind', 'String'),
('newlineSequences', 'Array7069'),
('properties', 'Struct1509'),
('results', 'Array1768'),
('tool', 'Struct0032'),
('versionControlProvenance', 'Array5511'))),
('Array1273', ('array', (0, 'Struct9786'))),
( 'Struct5521',
( 'struct',
('$schema', 'String'),
('runs', 'Array1273'),
('version', 'String')))] )