hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 09:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

wip: notes cleanup

Browse Source
This commit is contained in:
Michael Hohn
2023-07-11 20:26:40 -07:00
committed by =Michael Hohn
parent 9b733e6326
commit dc8a4929fa
2 changed files with 47 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
notes/README.org
View File

@@ -1,3 +1,16 @@
# -*- mode: org; org-confirm-babel-evaluate: nil; coding: utf-8 -*-
#+OPTIONS: org-confirm-babel-evaluate:nil
#+LANGUAGE: en
#+TEXT:
#+OPTIONS: ^:{} H:2 num:t \n:nil @:t ::t |:t ^:nil f:t *:t TeX:t LaTeX:t skip:nil p:nil
#+OPTIONS: toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="./l3style.css"/>
#+HTML: <div id="toc">
#+TOC: headlines 2 insert TOC here, with two headline levels
#+HTML: </div>
#
#+HTML: <div id="org-content">
* The notes directory * The notes directory
This directory is for notes that may be useful, but aren't complete enough to This directory is for notes that may be useful, but aren't complete enough to
serve as documentation in their current state. serve as documentation in their current state.
@@ -35,59 +48,23 @@
The =automationDetails.id= entry is produced by CodeQL when using the The =automationDetails.id= entry is produced by CodeQL when using the
=--sarif-category= flag. =--sarif-category= flag.
Using The prerequisites for tracing its flow through the tools is started in
#+BEGIN_SRC text [[../data/build-multiple-sarifs.sh]]
0:$ codeql --version
CodeQL command-line toolchain release 2.12.6. #+BEGIN_SRC sh :session shared :results output
cd ~/local/sarif-cli/ && ag -l automationDetails |cat
#+END_SRC #+END_SRC
and running #+RESULTS:
#+BEGIN_SRC sh : notes/README.org
cd ../data/codeql-dataflow-sql-injection/ && : notes/README.html
sarif-extract-scans-runner - > /dev/null <<EOF : scripts/table-tests.sh
sqlidb-0.sarif : sarif_cli/signature_single_CLI.py
EOF : sarif_cli/table_joins_CLI.py
#+END_SRC : sarif_cli/scan_tables.py
: sarif_cli/signature.py
results in :
#+BEGIN_SRC text : hohn@gh-hohn ~/local/sarif-cli
hohn@gh-hohn ~/local/sarif-cli
0:$ cat data/codeql-dataflow-sql-injection/sqlidb-0.sarif.csv
sarif_file,level,levelcode,message,extra_info
sqlidb-0.sarif,WARNING,2,Input sarif is missing neccesary properties.,"Missing: {'versionControlProvenance', 'newlineSequences'}, "
#+END_SRC
An older version is needed.
#+BEGIN_SRC sh
export GITHUB_TOKEN=...
gh codeql list-versions
gh codeql download v2.12.7
gh codeql download v2.11.6
gh codeql download v2.10.5
gh codeql download v2.9.4
gh codeql install-stub
gh codeql set-version v2.11.6
#+END_SRC
Some hacking around qlpacks is required; see
[[../data/build-multiple-sarifs.sh]], Pack compatibility with CLI.
Using that, I get sarif files to examine:
#+BEGIN_SRC text
hohn@gh-hohn ~/local/sarif-cli/data/codeql-dataflow-sql-injection
0:$ ls -la sqlidb*.sarif
-rw-r--r-- 1 hohn staff 6.2K Jul 11 10:39 sqlidb-0.sarif
-rw-r--r-- 1 hohn staff 6.3K Jul 11 10:40 sqlidb-1.sarif
#+END_SRC
and only the second has the additional field:
#+BEGIN_SRC sh
0:$ grep -A2 automationDetails sqlidb*.sarif
sqlidb-1.sarif: "automationDetails" : {
sqlidb-1.sarif- "id" : "mast-issue/"
sqlidb-1.sarif- },
#+END_SRC
#+HTML: </div>

28
notes/l3style.css
View File

@@ -1,3 +1,7 @@
:root {
--margin-left: 40%;
--body-width: 60%;
}
/* The sum of width and margin percentages must not exceed 100.*/ /* The sum of width and margin percentages must not exceed 100.*/
div#toc { div#toc {
@@ -8,30 +12,33 @@ div#toc {
/* OR */ /* OR */
/* use a fixed-position toc */ /* use a fixed-position toc */
position: fixed; position: fixed;
top: 80px; top: 8px;
left: 0px; left: 0px;
/* match toc, org-content, postamble */ /* match toc, org-content, postamble */
width: 26%; width: var(--margin-left);
margin-right: 1%; margin-right: 1%;
margin-left: 1%; margin-left: 1%;
overflow-y: scroll;
height: calc(100% - 10px);
} }
div#org-content { div#org-content {
float: right; float: right;
width: 70%; width: var(--body-width);
/* match toc, org-content, postamble */ /* match toc, org-content, postamble */
margin-left: 28%; margin-left: var(--margin-left);
} }
div#postamble { div#postamble {
float: right; float: right;
width: 70%; width: var(--body-width);
/* match toc, org-content, postamble */ /* match toc, org-content, postamble */
margin-left: 28%; margin-left: var(--margin-left);
} }
p.author { p.author {
clear: both; clear: both;
font-size: 1em; font-size: 1em;
@@ -107,9 +114,9 @@ h1 {
color: #cc8c00; color: #cc8c00;
/* padding-top: 5px; */ /* padding-top: 5px; */
border-bottom: 2px solid #aaa; border-bottom: 2px solid #aaa;
width: 70%; width: var(--body-width);
/* match toc, org-content, postamble */ /* match toc, org-content, postamble */
margin-left: 28%; /* Align with div#content */ width: var(--margin-left); /* Align with div#content */
} }
h2 { h2 {
@@ -167,4 +174,3 @@ td, th {
vertical-align: top; vertical-align: top;
border: 1pt solid #ADB9CC; border: 1pt solid #ADB9CC;
} }