hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 09:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
195 Commits 3 Branches 1 Tag
95a6aaed6a837ca155fe27330fbc5ba7fcf11883
Commit Graph

195 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Hohn
95a6aaed6a Add 'SARIF and Signatures' section 2023-12-06 14:09:51 -08:00
Michael Hohn
68ce4ab5aa Update README with timestamp description 2023-08-21 12:58:35 -07:00
Michael Hohn
ee11214aee Add support for external timestamps 
This allows external files containing

    timestamps = {
        "db_create_start"      : pd.Timestamp(0.0, unit='s'),
        "db_create_stop"       : pd.Timestamp(0.0, unit='s'),
        "scan_start_date"      : pd.Timestamp(0.0, unit='s'),
        "scan_stop_date"       : pd.Timestamp(0.0, unit='s'),
    }

to be used to provide those values, instead of the above defaults.

This patch changes the top-level scripts
        bin/sarif-extract-scans
        bin/sarif-extract-scans-runner
and provides
        scripts/test-timestamps.sh
for verification.

The following keys are also accepted:
    {
      "db_create_start": ...,
      "db_create_stop": ...,
      "scan_start": ...
      "scan_stop": ...
    }
 2023-08-18 17:06:58 -07:00
Michael Hohn
57710bdd14 Merge remote-tracking branch 'kristen/main' 2023-08-03 17:09:35 -07:00
Michael Hohn
3854036fa7 Don't trail the project name with a dash if the subset name is blank 2023-08-03 17:06:54 -07:00
Michael Hohn
37eb55abef Exclude CSV files generated by test 2023-08-03 17:06:13 -07:00
Kristen Newbury
b4f16d3ad9 Merge pull request #3 from hohn/master 
update 17.7.23
 2023-07-27 13:11:45 -04:00
Michael Hohn
bd9460dd61 Remove old comment 2023-07-27 09:34:17 -07:00
Michael Hohn
07ed4bf11e Add 'usage' to build-multiple-codeql-versions.sh 2023-07-27 09:18:46 -07:00
Michael Hohn
a900848268 Remove ipython debug call 2023-07-27 09:05:27 -07:00
Michael Hohn
f5a850ea7b readme/amend the list of tested CLI versions 2023-07-27 08:59:46 -07:00
Michael Hohn
d386e5da45 Add tests for 2.14.0; include versioned SARIF and CSV files in the repository 2023-07-26 13:47:58 -07:00
Michael Hohn
c746161d35 Refine build-multiple-codeql-versions.sh; add v2.13.5 test 2023-07-26 13:31:40 -07:00
Michael Hohn
5a8b4a33a3 Add script to test all steps using different codeql cli versions 
The script
    build-multiple-codeql-versions.sh
is for manual testing and updating.

It may be automated for testing.
 2023-07-26 12:13:37 -07:00
Michael Hohn
3dfb297612 Make project_name unique by adding automationDetails to it 2023-07-20 22:39:10 -07:00
Michael Hohn
ebeaced0f4 Remove automationDetails from CSV output 
This reverses commit 68b43e05 to keep the CSV compatible with prior output
 2023-07-17 10:30:35 -07:00
Michael Hohn
8820186152 Add sample output for test-vcp 2023-07-13 16:46:24 -07:00
Michael Hohn
1d85d13efb Execute test-vcp with tracing 2023-07-13 16:35:33 -07:00
Michael Hohn
c299321ab8 Remove repls; add scripts/test-vcp.sh 2023-07-13 16:03:01 -07:00
Michael Hohn
f1a70dd023 wip: remove extraneous slash 2023-07-13 15:55:28 -07:00
Michael Hohn
7d4e5026a9 Add note about bin/sarif-insert-vcp 2023-07-13 12:52:59 -07:00
Michael Hohn
68b43e0514 wip: debug and get automationDetails into CSV output 2023-07-12 17:04:23 -07:00
Michael Hohn
742392338e wip: finally get CSV; use script to insert versionControlProvenance 2023-07-11 20:27:59 -07:00
Michael Hohn
dc8a4929fa wip: notes cleanup 2023-07-11 20:26:40 -07:00
Michael Hohn
9b733e6326 Script to add versionControlProvenance 2023-07-11 20:25:16 -07:00
Michael Hohn
62ec56948e WIP: debug missing field propagation for automationDetails.id 
Create SARIF files with and without automationDetails.id for examination.
 2023-07-11 10:45:15 -07:00
Michael Hohn
606912c8c3 Merge remote-tracking branch 'refs/remotes/origin/master' 2023-07-10 09:03:45 -07:00
Kristen Newbury
6b248d2474 Add missing columns to column order list 
prev missing cols: source_location and sink_location
missing from prev patch
but were missing in problem only results case anyways
 2023-06-02 16:22:18 -04:00
Kristen Newbury
a3aed444c1 Add explicit column ordering to to_csv writes 
in interfaces:
sarif-pad-aggregates
sarif-extract-scans
 2023-05-29 08:58:29 -04:00
Kristen Newbury
9407e5b00f Add ability to read automationDetails.id if present 2023-05-17 15:23:19 -04:00
Kristen Newbury
e2501b94a9 Fix fulldescription missing patch 
previous patch added nonunique placeholder
but must be unique
 2023-05-15 13:10:07 -04:00
Kristen Newbury
eb50bdf834 Merge branch 'main' 2023-05-15 13:09:21 -04:00
Kristen Newbury
1e1305bb25 Fix CLI sarif consumption for properties: 
fullDescription
primaryLocationStartColumnFingerprint
 2023-03-02 12:43:42 -05:00
Kristen Newbury
953d47edd3 Fix extract scans interface CLI default 2023-03-02 11:43:25 -05:00
Kristen Newbury
1be65372e8 Fix CLI sarif consumption for property - description 2023-03-02 11:16:27 -05:00
Michael Hohn
e62c351029 Merge remote-tracking branch 'kristen/main' 2023-01-23 13:14:14 -08:00
Peter Martin
6be328f785 Merge pull request #5 from bgroh2/fix-dir-names 
Use repositoryUri instead of org/repo
 2023-01-20 09:19:01 -05:00
Benjamin Groh
e8123903f6 Use repositoryUri instead of org/repo 2023-01-18 16:40:39 -05:00
Kristen Newbury
04e3dedb77 Merge pull request #2 from dbeer/exceptions 
Fix exception reraising
 2023-01-12 12:23:00 -05:00
Kristen Newbury
7dad175d4d Fix tool to default CLI not LGTM sarif input 
update readme minor improvement
 2023-01-12 12:03:51 -05:00
Kristen Newbury
1a915e4de8 Update how project_id is generated 
previously relied on assumption:
naming like: <org>/<project> in
repositoryUri
now just uses full repositoryUri
 2023-01-05 16:37:55 -05:00
Kristen Newbury
fc2c6bac99 Add capability to read sourceLanguage if exists in CLI sarif 
otherwise dummy val
previously assumed never present in CLI sarif
 2023-01-05 12:50:54 -05:00
Daniel Beer
6b475becd9 Fix exception reraising 2022-12-30 12:40:07 -05:00
Kristen Newbury
d602efd3f0 Bugfix signature subset superset mismatch 
when the template signature portion contains
codeflows it was previously possible that a valid sarif
problem portion that contains extra fields
would be misdiagnosed as not parsable
 2022-12-15 19:13:15 -05:00
Kristen Newbury
dae6c50d5b Bugfix CLI signature merge mistake 2022-12-15 19:13:12 -05:00
Kristen Newbury
dc4fd09e63 Update README missing minor syntax 2022-12-15 19:13:10 -05:00
Kristen Newbury
202f7f53a5 Update README for CLI usage instructions 2022-12-15 19:13:07 -05:00
Kristen Newbury
04a5aae14d Add CLI support 
enabled by -f flag with CLI value
tested on sarif from CodeQL CLIs:
2.6.3, 2.9.4, 2.11.4
MUST contain versionControlProvenance property however
 2022-12-15 19:12:58 -05:00
Kristen Newbury
bbeba14dec Bugfix CLI signature merge mistake 2022-12-13 20:13:13 -05:00
Kristen Newbury
efc87d4f08 Update README missing minor syntax 2022-12-13 18:42:45 -05:00