hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 17:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
189 Commits 3 Branches 1 Tag
b4f16d3ad987151553016c821fcb1409a58b14f2
Commit Graph

33 Commits

Author SHA1 Message Date
Michael Hohn
3dfb297612 Make project_name unique by adding automationDetails to it 2023-07-20 22:39:10 -07:00
Michael Hohn
ebeaced0f4 Remove automationDetails from CSV output 
This reverses commit 68b43e05 to keep the CSV compatible with prior output
 2023-07-17 10:30:35 -07:00
Michael Hohn
c299321ab8 Remove repls; add scripts/test-vcp.sh 2023-07-13 16:03:01 -07:00
Michael Hohn
68b43e0514 wip: debug and get automationDetails into CSV output 2023-07-12 17:04:23 -07:00
Michael Hohn
606912c8c3 Merge remote-tracking branch 'refs/remotes/origin/master' 2023-07-10 09:03:45 -07:00
Kristen Newbury
6b248d2474 Add missing columns to column order list 
prev missing cols: source_location and sink_location
missing from prev patch
but were missing in problem only results case anyways
 2023-06-02 16:22:18 -04:00
Kristen Newbury
9407e5b00f Add ability to read automationDetails.id if present 2023-05-17 15:23:19 -04:00
Michael Hohn
e62c351029 Merge remote-tracking branch 'kristen/main' 2023-01-23 13:14:14 -08:00
Kristen Newbury
1a915e4de8 Update how project_id is generated 
previously relied on assumption:
naming like: <org>/<project> in
repositoryUri
now just uses full repositoryUri
 2023-01-05 16:37:55 -05:00
Kristen Newbury
fc2c6bac99 Add capability to read sourceLanguage if exists in CLI sarif 
otherwise dummy val
previously assumed never present in CLI sarif
 2023-01-05 12:50:54 -05:00
Kristen Newbury
04a5aae14d Add CLI support 
enabled by -f flag with CLI value
tested on sarif from CodeQL CLIs:
2.6.3, 2.9.4, 2.11.4
MUST contain versionControlProvenance property however
 2022-12-15 19:12:58 -05:00
Kristen Newbury
69f5ef09a4 Merge branch 'addCLISignature' 2022-12-13 12:22:43 -05:00
Kristen Newbury
2ba9593d70 Add CLI support 
enabled by -f flag with CLI value
tested on sarif from CodeQL CLIs:
2.6.3, 2.9.4, 2.11.4
MUST contain versionControlProvenance property however
 2022-12-13 12:14:32 -05:00
Kristen Newbury
1d1734eabe Add query_tags column to the results table 2022-12-05 11:27:27 -05:00
Kristen Newbury
fb0e1b9c1c Change sarif sig severity to problem.severity 
and rm redundant table col for kind
 2022-12-02 16:00:40 -05:00
Kristen Newbury
2bda917a4e Improve error handling on signature mismatch cases 
and cleanup old todos that have been addressed
 2022-11-23 14:06:23 -05:00
Kristen Newbury
066fcb8248 Add error handling csv writer 
writer generates status csv per sarif
 2022-11-14 13:02:36 -05:00
Kristen Newbury
ae4f71e804 Fix regex for repo url parsing 2022-11-10 15:56:49 -05:00
Kristen Newbury
1caf03f5f0 Rework project name format and project id format 2022-11-07 13:56:50 -05:00
Kristen Newbury
c51dbba577 Add fake date ranges to scan default values 2022-10-26 11:28:06 -04:00
Kristen Newbury
3b3999cfd7 Add kind, precision, severity to scan table for path-problem 2022-10-13 16:44:20 -04:00
Kristen Newbury
3385d9a10a Add kind, precision, severity to scan table 2022-10-13 13:54:32 -04:00
Michael Hohn
2b42a7d306 scan table change: the results.query_id is the @id from the CodeQL query 
Before, the query_id was
	==> results.csv <==
	query_id STRING,         -- git commit id of the ql query set

now, it's
	query_id STRING,         -- @id from the CodeQL query
 2022-08-11 16:56:20 -07:00
Michael Hohn
8ad69a503b Reduce zero results from error to warning 2022-08-11 16:26:07 -07:00
Michael Hohn
38af30ead9 Switch numpy.datetime64() to numpy.dtype('M') to get working equality comparison 2022-08-10 17:33:44 -07:00
Michael Hohn
505ee8ea66 Export column types for scan-related pandas tables 2022-08-08 16:48:17 -07:00
Michael Hohn
560b9ecf35 Enforce types when forming the scan tables (internal and output formatting) 
Force all column types to ensure appropriate formatting for writing.  In
particular, no character data in place of integers, no floats, no
objects in place of strings.

Table formation for the functions
- st.joins_for_results
- st.joins_for_scans
- st.joins_for_projects
enforces types.
 2022-08-07 19:04:13 -07:00
Michael Hohn
741be0cfe1 Include project table in output of sarif-extract-scans; add commit_id to scans table 2022-06-02 16:45:04 -07:00
Michael Hohn
fd55969b76 fix: special concatenation case for empty tables 2022-06-01 17:44:50 -07:00
Michael Hohn
32413984e2 fix: only concatenate non-empty tables to suppress float conversion 2022-06-01 17:34:56 -07:00
Michael Hohn
82a8e7a6dc fix: set id and scan_id type to uint64 to suppress float conversion 2022-06-01 13:00:37 -07:00
Michael Hohn
eb8e2f18e9 Initial version of sarif-extract-scans, to be tested 
Running

    cd ~/local/sarif-cli/data/treeio
    sarif-extract-scans scan-spec-0.json test-scan

produces the 2 derived and one sarif-based table (codeflows.csv):

    ls test-scan/
    codeflows.csv  results.csv  scans.csv

Adding -r via

    sarif-extract-scans -r scan-spec-0.json test-scan

writes all tables:

    ls test-scan/
    artifacts.csv  kind_pathproblem.csv  project.csv           results.csv  scans.csv
    codeflows.csv  kind_problem.csv      relatedLocations.csv  rules.csv
 2022-05-16 18:58:53 -07:00
Michael Hohn
154b0bdc56 WIP: assemble derived 'results' table 2022-05-13 17:01:18 -07:00