hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 17:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
192 Commits 3 Branches 1 Tag
57710bdd1408a0177ba2b4b4784501eb29c7e4c5
Commit Graph

192 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kristen Newbury
009cf12d2c Fix load error csv output error 2022-12-12 17:15:49 -05:00
Kristen Newbury
02d8f4cfa2 Doc sarif-pad-aggregate in README 2022-12-05 11:27:59 -05:00
Kristen Newbury
1d1734eabe Add query_tags column to the results table 2022-12-05 11:27:27 -05:00
Kristen Newbury
ff17cbad2c Add missing sig fix for populating problem.severity 2022-12-05 10:14:26 -05:00
Kristen Newbury
fb0e1b9c1c Change sarif sig severity to problem.severity 
and rm redundant table col for kind
 2022-12-02 16:00:40 -05:00
Kristen Newbury
2bda917a4e Improve error handling on signature mismatch cases 
and cleanup old todos that have been addressed
 2022-11-23 14:06:23 -05:00
Kristen Newbury
01b248a2a9 Update readme 2022-11-16 20:58:27 -05:00
Kristen Newbury
15aa9573e2 Adjust extra properties status from error to warning 2022-11-15 13:35:52 -05:00
Kristen Newbury
e3f2323396 Minimize requirements file 2022-11-15 11:46:56 -05:00
Kristen Newbury
678219beb7 Add csv status aggregate tool 2022-11-15 10:18:12 -05:00
Kristen Newbury
d9bdcc8724 Fix runner defaults and setup more options 
sarif-extract-scans-runner now takes specific outer
output dir
bin/sarif-aggregate-scans now takes specific directory
to summarize from
 2022-11-14 14:30:55 -05:00
Kristen Newbury
066fcb8248 Add error handling csv writer 
writer generates status csv per sarif
 2022-11-14 13:02:36 -05:00
Kristen Newbury
ae4f71e804 Fix regex for repo url parsing 2022-11-10 15:56:49 -05:00
Kristen Newbury
a9d84ce26c Make sarif-aggregate-scans executable 2022-11-10 10:51:30 -05:00
Kristen Newbury
1caf03f5f0 Rework project name format and project id format 2022-11-07 13:56:50 -05:00
Kristen Newbury
4121072088 Rework project and scan id generation 
goal:
deterministic across multiple instances of scan on same sarif file
no collisions between sarif files from different scan instances (regardless of for same project or not)

assumption sarif file naming will follow: <project>/<unique_filename_per_analysis> format
 2022-10-26 12:00:38 -04:00
Kristen Newbury
c51dbba577 Add fake date ranges to scan default values 2022-10-26 11:28:06 -04:00
Kristen Newbury
d9116eba6a Move flakegen scan id to outermost bin tool runner 2022-10-25 10:40:25 -04:00
Kristen Newbury
4285b7a834 Add unique flakegen scan id 2022-10-21 12:16:44 -04:00
Kristen Newbury
3b3999cfd7 Add kind, precision, severity to scan table for path-problem 2022-10-13 16:44:20 -04:00
Kristen Newbury
3385d9a10a Add kind, precision, severity to scan table 2022-10-13 13:54:32 -04:00
Michael Hohn
203343df07 Add sarif-pad-aggregate to fill scan values 
Fills the scans table's db_create_start/stop and scan_start/stop_date
columns with realistic random values.
 2022-08-31 21:19:02 -07:00
Michael Hohn
2b42a7d306 scan table change: the results.query_id is the @id from the CodeQL query 
Before, the query_id was
	==> results.csv <==
	query_id STRING,         -- git commit id of the ql query set

now, it's
	query_id STRING,         -- @id from the CodeQL query
 2022-08-11 16:56:20 -07:00
Michael Hohn
8ad69a503b Reduce zero results from error to warning 2022-08-11 16:26:07 -07:00
Michael Hohn
235acf6b93 Quote all non-numeric CSV output 2022-08-10 17:44:29 -07:00
Michael Hohn
03a9ef0477 Rewrite sarif-combine-tables.py as full tool, bin/sarif-aggregate-scans 2022-08-10 17:34:35 -07:00
Michael Hohn
38af30ead9 Switch numpy.datetime64() to numpy.dtype('M') to get working equality comparison 2022-08-10 17:33:44 -07:00
Michael Hohn
1754c6c9ca Export codeflows column types for scan-related pandas tables 2022-08-08 16:49:13 -07:00
Michael Hohn
505ee8ea66 Export column types for scan-related pandas tables 2022-08-08 16:48:17 -07:00
Michael Hohn
7e996e746c Rewrite sarif-runner as full tool, sarif-extract-scans-runner 2022-08-08 14:47:25 -07:00
Michael Hohn
560b9ecf35 Enforce types when forming the scan tables (internal and output formatting) 
Force all column types to ensure appropriate formatting for writing.  In
particular, no character data in place of integers, no floats, no
objects in place of strings.

Table formation for the functions
- st.joins_for_results
- st.joins_for_scans
- st.joins_for_projects
enforces types.
 2022-08-07 19:04:13 -07:00
Michael Hohn
581419afde Add .ignore for ag/ack 2022-08-02 17:12:21 -07:00
Michael Hohn
ef00559408 Bring sarif-extract-tables up to date with sarif-extract-scans 2022-07-19 15:42:26 -07:00
Michael Hohn
da7d669eb9 Resize logo font 2022-07-15 09:33:16 -07:00
Michael Hohn
c9f14a538b Add logo 2022-07-15 09:30:20 -07:00
Michael Hohn
0e7a941be3 Include all typegraph samples, from raw to refined 2022-07-14 18:29:21 -07:00
Michael Hohn
ef51c3d84f remove git-lfs 2022-07-12 19:46:33 -07:00
Michael Hohn
5cce2ed4d1 Better status updates for sarif-combine-tables 2022-06-03 00:08:23 -07:00
Michael Hohn
69f02cf99a Add sarif-combine-tables to combine output from sarif-runner 2022-06-02 18:55:22 -07:00
Michael Hohn
741be0cfe1 Include project table in output of sarif-extract-scans; add commit_id to scans table 2022-06-02 16:45:04 -07:00
Michael Hohn
fd55969b76 fix: special concatenation case for empty tables 2022-06-01 17:44:50 -07:00
Michael Hohn
32413984e2 fix: only concatenate non-empty tables to suppress float conversion 2022-06-01 17:34:56 -07:00
Michael Hohn
82a8e7a6dc fix: set id and scan_id type to uint64 to suppress float conversion 2022-06-01 13:00:37 -07:00
Michael Hohn
0fc6eb3cce Improve error reporting in sarif destructuring routines 2022-05-30 00:09:13 -07:00
Michael Hohn
f5e258de52 Enhance the fillsig() routines to supplement lgtm.com/lgtm enterprise signature differences 2022-05-30 00:08:09 -07:00
Michael Hohn
b7cd96ea72 Add sarif-runner.py to drive sarif-extract-scans for sarif file collections 
The input file format is just a list of  organization/project entries
 2022-05-30 00:04:40 -07:00
Michael Hohn
eb8e2f18e9 Initial version of sarif-extract-scans, to be tested 
Running

    cd ~/local/sarif-cli/data/treeio
    sarif-extract-scans scan-spec-0.json test-scan

produces the 2 derived and one sarif-based table (codeflows.csv):

    ls test-scan/
    codeflows.csv  results.csv  scans.csv

Adding -r via

    sarif-extract-scans -r scan-spec-0.json test-scan

writes all tables:

    ls test-scan/
    artifacts.csv  kind_pathproblem.csv  project.csv           results.csv  scans.csv
    codeflows.csv  kind_problem.csv      relatedLocations.csv  rules.csv
 2022-05-16 18:58:53 -07:00
Michael Hohn
3dd8522b7f Add simple timing run information 2022-05-16 11:43:05 -07:00
Michael Hohn
154b0bdc56 WIP: assemble derived 'results' table 2022-05-13 17:01:18 -07:00
Michael Hohn
b212423907 WIP: sarif-extract-scans: back to single sarif file handling, incorporate multi-file libraries 2022-05-10 19:01:38 -07:00