sarif-results-summary: add codeFlow (path-problem) output, remove meta-data

The per-language result counts are removed; they belong in a separate sarif-info script.
2025-12-16 17:23:03 +01:00 · 2021-11-20 14:49:49 -08:00
parent 29b62b8b1a
commit 85ddaaafe1
2 changed files with 43 additions and 25 deletions
--- a/bin/sarif-results-summary
+++ b/bin/sarif-results-summary
@@ -19,33 +19,46 @@ with open(args.file, 'r') if args.file != '-' else sys.stdin as fp:
 for runi in S.indices(sarif_struct, 'runs'):
    num_results = len(S.get(sarif_struct, 'runs', runi, 'results'))
    language = S.get(sarif_struct, 'runs', runi, 'properties',
                     'semmle.sourceLanguage')
    S.msg("Found %d results for %s\n" %  (num_results, language))
    if num_results == 0: continue
    # 
    for resi in S.indices(sarif_struct, 'runs', runi, 'results'):
        result = S.get(sarif_struct, 'runs', runi, 'results', resi)
-        message, artifact, region = S.get_location_message_info(result)
+        if 'locations' in result:
-        l1, c1, l2, c2 = S.lineinfo(region)
+            # Non-path problems
-        filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
+            message, artifact, region = S.get_location_message_info(result)
-        S.msg("%s: %s\n\n" % (filepath, message))
+            l1, c1, l2, c2 = S.lineinfo(region)
-        if args.list_source:
+            filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
-            lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
+            S.msg("RESULT: %s: %s\n\n" % (filepath, message))
-            for line, line_num in zip(lines, range(l1, l2+1)):
+            if args.list_source:
-                S.display_underlined(l1, c1, l2, c2, line, line_num)
+                lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
-        if args.related_locations:
+                for line, line_num in zip(lines, range(l1, l2+1)):
-            # Full path: S.get(sarif_struct, 'runs', runi, 'results', resi, 'relatedLocations')
+                    S.display_underlined(l1, c1, l2, c2, line, line_num)
-            relatedLocations = result.get('relatedLocations', None)
+            if args.related_locations:
-            if type(relatedLocations) == list:
+                # Full path: S.get(sarif_struct, 'runs', runi, 'results', resi, 'relatedLocations')
-                # Linking is explicit in output, so no need to get id(s) from message string.
+                relatedLocations = result.get('relatedLocations', None)
-                for relo in relatedLocations:
+                if type(relatedLocations) == list:
-                    message, artifact, region = S.get_relatedlocation_message_info(relo)
+                    # Linking is explicit in output, so no need to get id(s) from message string.
-                    l1, c1, l2, c2 = S.lineinfo(region)
+                    for relo in relatedLocations:
-                    filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
+                        message, artifact, region = S.get_relatedlocation_message_info(relo)
-                    S.msg("info: %s: %s\n\n" % (filepath, message))
+                        l1, c1, l2, c2 = S.lineinfo(region)
-                    if args.list_source:
+                        filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
-                        lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
+                        S.msg("REFERENCE: %s: %s\n\n" % (filepath, message))
-                        for line, line_num in zip(lines, range(l1, l2+1)):
+                        if args.list_source:
-                            S.display_underlined(l1, c1, l2, c2, line, line_num)
+                            lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
                            for line, line_num in zip(lines, range(l1, l2+1)):
                                S.display_underlined(l1, c1, l2, c2, line, line_num)
        if 'codeFlows' in result:
            # Path problems
            for codeFlow in S.get(result, 'codeFlows'):
                for threadFlow in S.get(codeFlow, 'threadFlows'):
                    for loci in S.indices(threadFlow, 'locations'):
                        location = S.get(threadFlow, 'locations', loci, 'location')
                        message, artifact, region = S.get_relatedlocation_message_info(location)
                        l1, c1, l2, c2 = S.lineinfo(region)
                        filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
                        S.msg("FLOW STEP %d: %s: %s\n\n" % (loci, filepath, message))
                        if args.list_source:
                            lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
                            for line, line_num in zip(lines, range(l1, l2+1)):
                                S.display_underlined(l1, c1, l2, c2, line, line_num)
        S.msg("\n")
--- a/sarif_cli/init.py
+++ b/sarif_cli/init.py
@@ -11,6 +11,11 @@ def get_relatedlocation_message_info(related_location):
    The relatedLocation typically starts from 
    get(sarif_struct, 'runs', [int], 'results', [int], 'relatedLocations', [int])
    For a threadFlow, extract message information for a location contained in it.
    The location typically starts from 
    get(sarif_struct, 'runs', _i, 'results', _i, 'codeFlows', _i, 'threadFlows', _i, 'locations', _i) 
    """
    message = get(related_location, 'message', 'text')
    artifact = get(related_location, 'physicalLocation', 'artifactLocation')