hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 17:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
173 Commits 3 Branches 1 Tag
742392338e8bfe71f9af45d95233e6e1081af2b4
Commit Graph

173 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Hohn
742392338e wip: finally get CSV; use script to insert versionControlProvenance 2023-07-11 20:27:59 -07:00
Michael Hohn
dc8a4929fa wip: notes cleanup 2023-07-11 20:26:40 -07:00
Michael Hohn
9b733e6326 Script to add versionControlProvenance 2023-07-11 20:25:16 -07:00
Michael Hohn
62ec56948e WIP: debug missing field propagation for automationDetails.id 
Create SARIF files with and without automationDetails.id for examination.
 2023-07-11 10:45:15 -07:00
Michael Hohn
606912c8c3 Merge remote-tracking branch 'refs/remotes/origin/master' 2023-07-10 09:03:45 -07:00
Kristen Newbury
6b248d2474 Add missing columns to column order list 
prev missing cols: source_location and sink_location
missing from prev patch
but were missing in problem only results case anyways
 2023-06-02 16:22:18 -04:00
Kristen Newbury
a3aed444c1 Add explicit column ordering to to_csv writes 
in interfaces:
sarif-pad-aggregates
sarif-extract-scans
 2023-05-29 08:58:29 -04:00
Kristen Newbury
9407e5b00f Add ability to read automationDetails.id if present 2023-05-17 15:23:19 -04:00
Kristen Newbury
e2501b94a9 Fix fulldescription missing patch 
previous patch added nonunique placeholder
but must be unique
 2023-05-15 13:10:07 -04:00
Kristen Newbury
eb50bdf834 Merge branch 'main' 2023-05-15 13:09:21 -04:00
Kristen Newbury
1e1305bb25 Fix CLI sarif consumption for properties: 
fullDescription
primaryLocationStartColumnFingerprint
 2023-03-02 12:43:42 -05:00
Kristen Newbury
953d47edd3 Fix extract scans interface CLI default 2023-03-02 11:43:25 -05:00
Kristen Newbury
1be65372e8 Fix CLI sarif consumption for property - description 2023-03-02 11:16:27 -05:00
Michael Hohn
e62c351029 Merge remote-tracking branch 'kristen/main' 2023-01-23 13:14:14 -08:00
Peter Martin
6be328f785 Merge pull request #5 from bgroh2/fix-dir-names 
Use repositoryUri instead of org/repo
 2023-01-20 09:19:01 -05:00
Benjamin Groh
e8123903f6 Use repositoryUri instead of org/repo 2023-01-18 16:40:39 -05:00
Kristen Newbury
04e3dedb77 Merge pull request #2 from dbeer/exceptions 
Fix exception reraising
 2023-01-12 12:23:00 -05:00
Kristen Newbury
7dad175d4d Fix tool to default CLI not LGTM sarif input 
update readme minor improvement
 2023-01-12 12:03:51 -05:00
Kristen Newbury
1a915e4de8 Update how project_id is generated 
previously relied on assumption:
naming like: <org>/<project> in
repositoryUri
now just uses full repositoryUri
 2023-01-05 16:37:55 -05:00
Kristen Newbury
fc2c6bac99 Add capability to read sourceLanguage if exists in CLI sarif 
otherwise dummy val
previously assumed never present in CLI sarif
 2023-01-05 12:50:54 -05:00
Daniel Beer
6b475becd9 Fix exception reraising 2022-12-30 12:40:07 -05:00
Kristen Newbury
d602efd3f0 Bugfix signature subset superset mismatch 
when the template signature portion contains
codeflows it was previously possible that a valid sarif
problem portion that contains extra fields
would be misdiagnosed as not parsable
 2022-12-15 19:13:15 -05:00
Kristen Newbury
dae6c50d5b Bugfix CLI signature merge mistake 2022-12-15 19:13:12 -05:00
Kristen Newbury
dc4fd09e63 Update README missing minor syntax 2022-12-15 19:13:10 -05:00
Kristen Newbury
202f7f53a5 Update README for CLI usage instructions 2022-12-15 19:13:07 -05:00
Kristen Newbury
04a5aae14d Add CLI support 
enabled by -f flag with CLI value
tested on sarif from CodeQL CLIs:
2.6.3, 2.9.4, 2.11.4
MUST contain versionControlProvenance property however
 2022-12-15 19:12:58 -05:00
Kristen Newbury
bbeba14dec Bugfix CLI signature merge mistake 2022-12-13 20:13:13 -05:00
Kristen Newbury
efc87d4f08 Update README missing minor syntax 2022-12-13 18:42:45 -05:00
Kristen Newbury
b45d868f89 Update README for CLI usage instructions 2022-12-13 18:32:34 -05:00
Kristen Newbury
69f5ef09a4 Merge branch 'addCLISignature' 2022-12-13 12:22:43 -05:00
Kristen Newbury
2ba9593d70 Add CLI support 
enabled by -f flag with CLI value
tested on sarif from CodeQL CLIs:
2.6.3, 2.9.4, 2.11.4
MUST contain versionControlProvenance property however
 2022-12-13 12:14:32 -05:00
Kristen Newbury
009cf12d2c Fix load error csv output error 2022-12-12 17:15:49 -05:00
Kristen Newbury
02d8f4cfa2 Doc sarif-pad-aggregate in README 2022-12-05 11:27:59 -05:00
Kristen Newbury
1d1734eabe Add query_tags column to the results table 2022-12-05 11:27:27 -05:00
Kristen Newbury
ff17cbad2c Add missing sig fix for populating problem.severity 2022-12-05 10:14:26 -05:00
Kristen Newbury
fb0e1b9c1c Change sarif sig severity to problem.severity 
and rm redundant table col for kind
 2022-12-02 16:00:40 -05:00
Kristen Newbury
2bda917a4e Improve error handling on signature mismatch cases 
and cleanup old todos that have been addressed
 2022-11-23 14:06:23 -05:00
Kristen Newbury
01b248a2a9 Update readme 2022-11-16 20:58:27 -05:00
Kristen Newbury
15aa9573e2 Adjust extra properties status from error to warning 2022-11-15 13:35:52 -05:00
Kristen Newbury
e3f2323396 Minimize requirements file 2022-11-15 11:46:56 -05:00
Kristen Newbury
678219beb7 Add csv status aggregate tool 2022-11-15 10:18:12 -05:00
Kristen Newbury
d9bdcc8724 Fix runner defaults and setup more options 
sarif-extract-scans-runner now takes specific outer
output dir
bin/sarif-aggregate-scans now takes specific directory
to summarize from
 2022-11-14 14:30:55 -05:00
Kristen Newbury
066fcb8248 Add error handling csv writer 
writer generates status csv per sarif
 2022-11-14 13:02:36 -05:00
Kristen Newbury
ae4f71e804 Fix regex for repo url parsing 2022-11-10 15:56:49 -05:00
Kristen Newbury
a9d84ce26c Make sarif-aggregate-scans executable 2022-11-10 10:51:30 -05:00
Kristen Newbury
1caf03f5f0 Rework project name format and project id format 2022-11-07 13:56:50 -05:00
Kristen Newbury
4121072088 Rework project and scan id generation 
goal:
deterministic across multiple instances of scan on same sarif file
no collisions between sarif files from different scan instances (regardless of for same project or not)

assumption sarif file naming will follow: <project>/<unique_filename_per_analysis> format
 2022-10-26 12:00:38 -04:00
Kristen Newbury
c51dbba577 Add fake date ranges to scan default values 2022-10-26 11:28:06 -04:00
Kristen Newbury
d9116eba6a Move flakegen scan id to outermost bin tool runner 2022-10-25 10:40:25 -04:00
Kristen Newbury
4285b7a834 Add unique flakegen scan id 2022-10-21 12:16:44 -04:00