From 85ddaaafe147da5c6030f0bddccc009c33449dd9 Mon Sep 17 00:00:00 2001
From: Michael Hohn <hohn@github.com>
Date: Sat, 20 Nov 2021 14:49:49 -0800
Subject: [PATCH] sarif-results-summary: add codeFlow (path-problem) output,
 remove meta-data

The per-language result counts are removed; they belong in a separate sarif-info script.
---
 bin/sarif-results-summary | 63 +++++++++++++++++++++++----------------
 sarif_cli/__init__.py     |  5 ++++
 2 files changed, 43 insertions(+), 25 deletions(-)

diff --git a/bin/sarif-results-summary b/bin/sarif-results-summary
index bf3343c..3dad16c 100755
--- a/bin/sarif-results-summary
+++ b/bin/sarif-results-summary
@@ -19,33 +19,46 @@ with open(args.file, 'r') if args.file != '-' else sys.stdin as fp:
 
 for runi in S.indices(sarif_struct, 'runs'):
     num_results = len(S.get(sarif_struct, 'runs', runi, 'results'))
-    language = S.get(sarif_struct, 'runs', runi, 'properties',
-                     'semmle.sourceLanguage')
-    S.msg("Found %d results for %s\n" %  (num_results, language))
     if num_results == 0: continue
     # 
     for resi in S.indices(sarif_struct, 'runs', runi, 'results'):
         result = S.get(sarif_struct, 'runs', runi, 'results', resi)
-        message, artifact, region = S.get_location_message_info(result)
-        l1, c1, l2, c2 = S.lineinfo(region)
-        filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
-        S.msg("%s: %s\n\n" % (filepath, message))
-        if args.list_source:
-            lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
-            for line, line_num in zip(lines, range(l1, l2+1)):
-                S.display_underlined(l1, c1, l2, c2, line, line_num)
-        if args.related_locations:
-            # Full path: S.get(sarif_struct, 'runs', runi, 'results', resi, 'relatedLocations')
-            relatedLocations = result.get('relatedLocations', None)
-            if type(relatedLocations) == list:
-                # Linking is explicit in output, so no need to get id(s) from message string.
-                for relo in relatedLocations:
-                    message, artifact, region = S.get_relatedlocation_message_info(relo)
-                    l1, c1, l2, c2 = S.lineinfo(region)
-                    filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
-                    S.msg("info: %s: %s\n\n" % (filepath, message))
-                    if args.list_source:
-                        lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
-                        for line, line_num in zip(lines, range(l1, l2+1)):
-                            S.display_underlined(l1, c1, l2, c2, line, line_num)
+        if 'locations' in result:
+            # Non-path problems
+            message, artifact, region = S.get_location_message_info(result)
+            l1, c1, l2, c2 = S.lineinfo(region)
+            filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
+            S.msg("RESULT: %s: %s\n\n" % (filepath, message))
+            if args.list_source:
+                lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
+                for line, line_num in zip(lines, range(l1, l2+1)):
+                    S.display_underlined(l1, c1, l2, c2, line, line_num)
+            if args.related_locations:
+                # Full path: S.get(sarif_struct, 'runs', runi, 'results', resi, 'relatedLocations')
+                relatedLocations = result.get('relatedLocations', None)
+                if type(relatedLocations) == list:
+                    # Linking is explicit in output, so no need to get id(s) from message string.
+                    for relo in relatedLocations:
+                        message, artifact, region = S.get_relatedlocation_message_info(relo)
+                        l1, c1, l2, c2 = S.lineinfo(region)
+                        filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
+                        S.msg("REFERENCE: %s: %s\n\n" % (filepath, message))
+                        if args.list_source:
+                            lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
+                            for line, line_num in zip(lines, range(l1, l2+1)):
+                                S.display_underlined(l1, c1, l2, c2, line, line_num)
+        if 'codeFlows' in result:
+            # Path problems
+            for codeFlow in S.get(result, 'codeFlows'):
+                for threadFlow in S.get(codeFlow, 'threadFlows'):
+                    for loci in S.indices(threadFlow, 'locations'):
+                        location = S.get(threadFlow, 'locations', loci, 'location')
+                        message, artifact, region = S.get_relatedlocation_message_info(location)
+                        l1, c1, l2, c2 = S.lineinfo(region)
+                        filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
+                        S.msg("FLOW STEP %d: %s: %s\n\n" % (loci, filepath, message))
+                        if args.list_source:
+                            lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
+                            for line, line_num in zip(lines, range(l1, l2+1)):
+                                S.display_underlined(l1, c1, l2, c2, line, line_num)
         S.msg("\n")
diff --git a/sarif_cli/__init__.py b/sarif_cli/__init__.py
index 43a38dd..4ad726d 100644
--- a/sarif_cli/__init__.py
+++ b/sarif_cli/__init__.py
@@ -11,6 +11,11 @@ def get_relatedlocation_message_info(related_location):
 
     The relatedLocation typically starts from 
     get(sarif_struct, 'runs', [int], 'results', [int], 'relatedLocations', [int])
+
+    For a threadFlow, extract message information for a location contained in it.
+
+    The location typically starts from 
+    get(sarif_struct, 'runs', _i, 'results', _i, 'codeFlows', _i, 'threadFlows', _i, 'locations', _i) 
     """
     message = get(related_location, 'message', 'text')
     artifact = get(related_location, 'physicalLocation', 'artifactLocation')