hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-15 17:03:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
210 Commits 3 Branches 1 Tag
mh-experimental-1
Commit Graph

210 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Hohn
93e7c79752 relax pip requirements 2025-10-24 11:07:21 -07:00
Michael Hohn
9d20cd6304 whole-file sarif-size 2025-10-24 10:57:54 -07:00
michael hohn
edce50fb79 Add missing result[] handling 
fixes missing result errors
       #+BEGIN_SRC text
         Traceback (most recent call last):
           File "/mnt/common/home/hohn/work-gh/sarif-cli/.venv-ubuserv/bin/sarif-to-table", line 125, in <module>
             num_results = len(S.get(sarif_struct, 'runs', runi, 'results'))
           File "/mnt/common/home/hohn/work-gh/sarif-cli/sarif_cli/traverse.py", line 169, in get
             res = res[p]
         KeyError: 'results'
         76% 3204:1006=7s ./repos/RasaHQ/rasa/code-scanning/analyses/132221999.sarif                                Traceback (most recent call last):
           File "/mnt/common/home/hohn/work-gh/sarif-cli/.venv-ubuserv/bin/sarif-to-table", line 125, in <module>
             num_results = len(S.get(sarif_struct, 'runs', runi, 'results'))
           File "/mnt/common/home/hohn/work-gh/sarif-cli/sarif_cli/traverse.py", line 169, in get
             res = res[p]
         KeyError: 'results'
       #+END_SRC
v0.1 		2025-10-20 21:33:02 -07:00
michael hohn
1909517804 added rule_id to sarif-to-table 2025-10-20 21:20:02 -07:00
michael hohn
8741e12860 wip: sarif-to-table: full table output in parallel to text 2025-10-20 18:57:34 -07:00
michael hohn
8b3181fbf7 wip: sarif-to-table: no csv option 2025-10-20 18:20:17 -07:00
michael hohn
f98af0295e tested simple pull extractor. fail. 2025-10-20 13:30:34 -07:00
Michael Hohn
6c9e992b0e Track SARIF files via Git LFS 2025-10-20 09:45:54 -07:00
Michael Hohn
1af12df985 update .gitignore 2025-10-20 09:10:20 -07:00
michael hohn
25a6538946 wip: add simple pull parser 
Works, but is incomplete:
qlite> SELECT COUNT(*) FROM results;
SELECT COUNT(*) FROM runs;
SELECT COUNT(*) FROM alerts;
SELECT COUNT(*) FROM referenced_source_regions;
3139
1
0
0
 2025-10-20 00:16:21 -07:00
michael hohn
335017ba68 try a reduced signature for better compatibility with sarif variations 
This doesn't help; sarif is just too dynamic.  Try a pull parser instead.
 2025-10-19 23:36:38 -07:00
michael hohn
8977273e94 remove stale log notes/update.org 2025-10-19 13:37:40 -07:00
michael hohn
c15dc6d4bc Fix subtle type problem: M8 is required for early steps, datetime64[ns] later 2025-10-19 13:35:02 -07:00
michael hohn
bed9d3e659 Fix new float content handling: 
raise Exception("Unknown element type", t, elem)
Exception: ('Unknown element type', <class 'float'>, 99.96780515670306)

from

{
  "rule": {
    "id": "cpp/telemetry/database-quality",
    "index": 53
  },
  "ruleId": "cpp/telemetry/database-quality",
  "ruleIndex": 53,
  "value": 99.96780515670306,
  "message": {
    "text": "Percentage of functions without errors"
  }
}
 2025-08-23 20:31:54 -07:00
Michael Hohn
1ee2dae8d7 Simplify org headline 2023-12-06 14:12:43 -08:00
Michael Hohn
95a6aaed6a Add 'SARIF and Signatures' section 2023-12-06 14:09:51 -08:00
Michael Hohn
68ce4ab5aa Update README with timestamp description 2023-08-21 12:58:35 -07:00
Michael Hohn
ee11214aee Add support for external timestamps 
This allows external files containing

    timestamps = {
        "db_create_start"      : pd.Timestamp(0.0, unit='s'),
        "db_create_stop"       : pd.Timestamp(0.0, unit='s'),
        "scan_start_date"      : pd.Timestamp(0.0, unit='s'),
        "scan_stop_date"       : pd.Timestamp(0.0, unit='s'),
    }

to be used to provide those values, instead of the above defaults.

This patch changes the top-level scripts
        bin/sarif-extract-scans
        bin/sarif-extract-scans-runner
and provides
        scripts/test-timestamps.sh
for verification.

The following keys are also accepted:
    {
      "db_create_start": ...,
      "db_create_stop": ...,
      "scan_start": ...
      "scan_stop": ...
    }
 2023-08-18 17:06:58 -07:00
Michael Hohn
57710bdd14 Merge remote-tracking branch 'kristen/main' 2023-08-03 17:09:35 -07:00
Michael Hohn
3854036fa7 Don't trail the project name with a dash if the subset name is blank 2023-08-03 17:06:54 -07:00
Michael Hohn
37eb55abef Exclude CSV files generated by test 2023-08-03 17:06:13 -07:00
Kristen Newbury
b4f16d3ad9 Merge pull request #3 from hohn/master 
update 17.7.23
 2023-07-27 13:11:45 -04:00
Michael Hohn
bd9460dd61 Remove old comment 2023-07-27 09:34:17 -07:00
Michael Hohn
07ed4bf11e Add 'usage' to build-multiple-codeql-versions.sh 2023-07-27 09:18:46 -07:00
Michael Hohn
a900848268 Remove ipython debug call 2023-07-27 09:05:27 -07:00
Michael Hohn
f5a850ea7b readme/amend the list of tested CLI versions 2023-07-27 08:59:46 -07:00
Michael Hohn
d386e5da45 Add tests for 2.14.0; include versioned SARIF and CSV files in the repository 2023-07-26 13:47:58 -07:00
Michael Hohn
c746161d35 Refine build-multiple-codeql-versions.sh; add v2.13.5 test 2023-07-26 13:31:40 -07:00
Michael Hohn
5a8b4a33a3 Add script to test all steps using different codeql cli versions 
The script
    build-multiple-codeql-versions.sh
is for manual testing and updating.

It may be automated for testing.
 2023-07-26 12:13:37 -07:00
Michael Hohn
3dfb297612 Make project_name unique by adding automationDetails to it 2023-07-20 22:39:10 -07:00
Michael Hohn
ebeaced0f4 Remove automationDetails from CSV output 
This reverses commit 68b43e05 to keep the CSV compatible with prior output
 2023-07-17 10:30:35 -07:00
Michael Hohn
8820186152 Add sample output for test-vcp 2023-07-13 16:46:24 -07:00
Michael Hohn
1d85d13efb Execute test-vcp with tracing 2023-07-13 16:35:33 -07:00
Michael Hohn
c299321ab8 Remove repls; add scripts/test-vcp.sh 2023-07-13 16:03:01 -07:00
Michael Hohn
f1a70dd023 wip: remove extraneous slash 2023-07-13 15:55:28 -07:00
Michael Hohn
7d4e5026a9 Add note about bin/sarif-insert-vcp 2023-07-13 12:52:59 -07:00
Michael Hohn
68b43e0514 wip: debug and get automationDetails into CSV output 2023-07-12 17:04:23 -07:00
Michael Hohn
742392338e wip: finally get CSV; use script to insert versionControlProvenance 2023-07-11 20:27:59 -07:00
Michael Hohn
dc8a4929fa wip: notes cleanup 2023-07-11 20:26:40 -07:00
Michael Hohn
9b733e6326 Script to add versionControlProvenance 2023-07-11 20:25:16 -07:00
Michael Hohn
62ec56948e WIP: debug missing field propagation for automationDetails.id 
Create SARIF files with and without automationDetails.id for examination.
 2023-07-11 10:45:15 -07:00
Michael Hohn
606912c8c3 Merge remote-tracking branch 'refs/remotes/origin/master' 2023-07-10 09:03:45 -07:00
Kristen Newbury
6b248d2474 Add missing columns to column order list 
prev missing cols: source_location and sink_location
missing from prev patch
but were missing in problem only results case anyways
 2023-06-02 16:22:18 -04:00
Kristen Newbury
a3aed444c1 Add explicit column ordering to to_csv writes 
in interfaces:
sarif-pad-aggregates
sarif-extract-scans
 2023-05-29 08:58:29 -04:00
Kristen Newbury
9407e5b00f Add ability to read automationDetails.id if present 2023-05-17 15:23:19 -04:00
Kristen Newbury
e2501b94a9 Fix fulldescription missing patch 
previous patch added nonunique placeholder
but must be unique
 2023-05-15 13:10:07 -04:00
Kristen Newbury
eb50bdf834 Merge branch 'main' 2023-05-15 13:09:21 -04:00
Kristen Newbury
1e1305bb25 Fix CLI sarif consumption for properties: 
fullDescription
primaryLocationStartColumnFingerprint
 2023-03-02 12:43:42 -05:00
Kristen Newbury
953d47edd3 Fix extract scans interface CLI default 2023-03-02 11:43:25 -05:00
Kristen Newbury
1be65372e8 Fix CLI sarif consumption for property - description 2023-03-02 11:16:27 -05:00