hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-17 01:23:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

sarif-results-summary: add csv output option

Browse Source
This commit is contained in:
Michael Hohn
2021-12-02 11:41:11 -08:00
committed by =Michael Hohn
parent f9c3e18842
commit ffcacec630
2 changed files with 48 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
bin/sarif-results-summary
View File

@@ -12,11 +12,17 @@ parser.add_argument('-s', '--list-source', metavar='srcroot', type=str,
help='list source snippets using srcroot as sarif SRCROOT') help='list source snippets using srcroot as sarif SRCROOT')
parser.add_argument('-r', '--related-locations', action="store_true", parser.add_argument('-r', '--related-locations', action="store_true",
help='list related locations like "hides [parameter](1)"') help='list related locations like "hides [parameter](1)"')
# TODO mutually exclusive options
parser.add_argument('-c', '--csv', action="store_true",
help='output csv instead of human-readable summary')
args = parser.parse_args() args = parser.parse_args()
with open(args.file, 'r') if args.file != '-' else sys.stdin as fp: with open(args.file, 'r') if args.file != '-' else sys.stdin as fp:
sarif_struct = json.load(fp) sarif_struct = json.load(fp)
if args.csv:
cw = S.get_csv_writer()
for runi in S.indices(sarif_struct, 'runs'): for runi in S.indices(sarif_struct, 'runs'):
num_results = len(S.get(sarif_struct, 'runs', runi, 'results')) num_results = len(S.get(sarif_struct, 'runs', runi, 'results'))
if num_results == 0: continue if num_results == 0: continue
@@ -25,12 +31,19 @@ for runi in S.indices(sarif_struct, 'runs'):
result = S.get(sarif_struct, 'runs', runi, 'results', resi) result = S.get(sarif_struct, 'runs', runi, 'results', resi)
if 'locations' in result: if 'locations' in result:
# Non-path problems # Non-path problems
# TODO: just pull out the uri, not the artifact
message, artifact, region = S.get_location_message_info(result) message, artifact, region = S.get_location_message_info(result)
l1, c1, l2, c2 = S.lineinfo(region) l1, c1, l2, c2 = S.lineinfo(region)
filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2) filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
if args.csv:
S.write_csv(cw, "result", artifact['uri'], l1, c1, l2, c2, message)
else:
S.msg("RESULT: %s: %s\n\n" % (filepath, message)) S.msg("RESULT: %s: %s\n\n" % (filepath, message))
if args.list_source: if args.list_source:
lines = S.load_lines(args.list_source, artifact['uri'], l1, l2) lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
if args.csv:
pass
else:
for line, line_num in zip(lines, range(l1, l2+1)): for line, line_num in zip(lines, range(l1, l2+1)):
S.display_underlined(l1, c1, l2, c2, line, line_num) S.display_underlined(l1, c1, l2, c2, line, line_num)
if args.related_locations: if args.related_locations:
@@ -42,9 +55,15 @@ for runi in S.indices(sarif_struct, 'runs'):
message, artifact, region = S.get_relatedlocation_message_info(relo) message, artifact, region = S.get_relatedlocation_message_info(relo)
l1, c1, l2, c2 = S.lineinfo(region) l1, c1, l2, c2 = S.lineinfo(region)
filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2) filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
if args.csv:
S.write_csv(cw, "result", artifact['uri'], l1, c1, l2, c2, message)
else:
S.msg("REFERENCE: %s: %s\n\n" % (filepath, message)) S.msg("REFERENCE: %s: %s\n\n" % (filepath, message))
if args.list_source: if args.list_source:
lines = S.load_lines(args.list_source, artifact['uri'], l1, l2) lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
if args.csv:
pass
else:
for line, line_num in zip(lines, range(l1, l2+1)): for line, line_num in zip(lines, range(l1, l2+1)):
S.display_underlined(l1, c1, l2, c2, line, line_num) S.display_underlined(l1, c1, l2, c2, line, line_num)
if 'codeFlows' in result: if 'codeFlows' in result:
@@ -56,9 +75,18 @@ for runi in S.indices(sarif_struct, 'runs'):
message, artifact, region = S.get_relatedlocation_message_info(location) message, artifact, region = S.get_relatedlocation_message_info(location)
l1, c1, l2, c2 = S.lineinfo(region) l1, c1, l2, c2 = S.lineinfo(region)
filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2) filepath = "%s:%d:%d:%d:%d" % (artifact['uri'], l1, c1, l2, c2)
if args.csv:
S.write_csv(cw, "flow_step", loci, artifact['uri'], l1, c1, l2, c2, message)
else:
S.msg("FLOW STEP %d: %s: %s\n\n" % (loci, filepath, message)) S.msg("FLOW STEP %d: %s: %s\n\n" % (loci, filepath, message))
if args.list_source: if args.list_source:
lines = S.load_lines(args.list_source, artifact['uri'], l1, l2) lines = S.load_lines(args.list_source, artifact['uri'], l1, l2)
if args.csv:
pass
else:
for line, line_num in zip(lines, range(l1, l2+1)): for line, line_num in zip(lines, range(l1, l2+1)):
S.display_underlined(l1, c1, l2, c2, line, line_num) S.display_underlined(l1, c1, l2, c2, line, line_num)
if args.csv:
pass
else:
S.msg("\n") S.msg("\n")

10
sarif_cli/__init__.py
View File

@@ -2,11 +2,21 @@ import sys
import os import os
import re import re
import codecs import codecs
import csv
MIN_PYTHON = (3, 7) MIN_PYTHON = (3, 7)
if sys.version_info < MIN_PYTHON: if sys.version_info < MIN_PYTHON:
sys.exit("Python %s.%s or later is required.\n" % MIN_PYTHON) sys.exit("Python %s.%s or later is required.\n" % MIN_PYTHON)
def get_csv_writer():
""" Set up and return the default csv writer on stdout.
"""
return csv.writer(sys.stdout, delimiter=',', quotechar='"', quoting=csv.QUOTE_ALL)
def write_csv(writer, *columns):
""" Print via `writer`, with some additional processing """
writer.writerow(columns)
def get_relatedlocation_message_info(related_location): def get_relatedlocation_message_info(related_location):
""" Given a relatedLocation, extract message information. """ Given a relatedLocation, extract message information.