## Navigate and produce .csv tables

In [1]:
cd ~/local/sarif-cli/data/treeio

/Users/hohn/local/sarif-cli/data/treeio


In [2]:
%ls

[34m2021-12-09[m[m/          multi-sarif-01.json  test_set_1.sarif
[34m2022-02-25[m[m/          multi-sarif-01.yaml  test_set_1.yaml
[34mbase-tables[m[m/         [34mtest-01[m[m/             [34mtreeio[m[m/


In [3]:
!sarif-extract-multi multi-sarif-01.json base-tables

In [4]:
cd base-tables

/Users/hohn/local/sarif-cli/data/treeio/base-tables


In [5]:
%ls

artifacts.csv         kind_problem.csv      rules.csv
codeflows.csv         project.csv
kind_pathproblem.csv  relatedLocations.csv


## Display adjustments

In [6]:
from IPython.display import display, HTML

# use full display width
display(HTML("<style>.container { width:95% !important; }</style>"))

# enlarge table font size
display(HTML("<style> .rendered_html table  { font-size: 12pt !important; }</style>"))

display(HTML("<style> .rendered_html th, .rendered_html td { text-align: left !important; }</style>"))



## Load tables

In [7]:
import pandas as pd
from collections import UserDict
d1 = UserDict()

In [8]:
def windowed_view(df):
    return df.style.set_sticky(axis=0).set_sticky(axis=1)

In [9]:
from pathlib import Path
for p in Path(".").glob("*.csv"):
    d1[p.name] = pd.read_csv(p)

## display all column names

In [10]:
d1.colnames = pd.DataFrame([_df.columns for _df in d1.values()], index=d1.keys()).sort_index().T
windowed_view(d1.colnames.fillna(""))


Unnamed: 0,artifacts.csv,codeflows.csv,kind_pathproblem.csv,kind_problem.csv,project.csv,relatedLocations.csv,rules.csv
0,artifacts_id,codeflow_id,results_array_id,results_array_id,creation_date,struct_id,rules_array_id
1,index,codeflow_index,results_array_index,results_array_index,primary_language,uri,rules_array_index
2,uri,threadflow_index,codeFlows_id,ruleId,project_name,startLine,id
3,uriBaseId,location_index,ruleId,ruleIndex,query_commit_id,startColumn,name
4,,endColumn,ruleIndex,location_array_index,sarif_file_name,endLine,enabled
5,,endLine,location_array_index,location_id,scan_id,endColumn,level
6,,startColumn,location_id,location_endColumn,scan_start_date,message,fullDescription
7,,startLine,location_endColumn,location_endLine,scan_stop_date,,shortDescription
8,,artifact_index,location_endLine,location_startColumn,tool_name,,kind
9,,uri,location_startColumn,location_startLine,tool_version,,precision


## ... and get details of some tables

In [11]:
d1['project.csv'].T

Unnamed: 0,0,1,2,3
creation_date,2021-12-09,2021-12-09,2022-02-25,2022-02-25
primary_language,javascript,javascript,javascript,javascript
project_name,treeio/treeio,treeio/treeio,treeio/treeio,treeio/treeio
query_commit_id,fa9571646c,fa9571646c,fa9571646c,fa9571646c
sarif_file_name,2021-12-09/results.sarif,2021-12-09/results.sarif,2022-02-25/results.sarif,2022-02-25/results.sarif
scan_id,123456,123456,123457,123457
scan_start_date,2021-12-09,2021-12-09,2022-02-25,2022-02-25
scan_stop_date,2021-12-10,2021-12-10,2022-02-26,2022-02-26
tool_name,codeql,codeql,codeql,codeql
tool_version,v1.27,v1.27,v1.29,v1.29


In [12]:
d1["artifacts.csv"].T

Unnamed: 0,0,1,2,3,4,5,6,7,8,9,...,353,354,355,356,357,358,359,360,361,362
artifacts_id,4793680000,4793680000,4793680000,4793680000,4793680000,4793680000,4793680000,4793680000,4793680000,4793680000,...,4799031488,4799031488,4799031488,4799031488,4799031488,4799031488,4799031488,4799031488,4799031488,4799031488
index,0,1,2,3,4,5,6,7,8,9,...,66,67,68,69,70,71,72,73,74,75
uri,static/js/fileuploader.js,static/js/hardtree.js,static/js/jquery-ui-1.10.3/demos/accordion/hov...,static/js/jquery.ganttView.js,static/js/tinymce/jscripts/tiny_mce/plugins/ad...,static/js/tinymce/jscripts/tiny_mce/plugins/ad...,static/js/tinymce/jscripts/tiny_mce/plugins/co...,static/js/tinymce/jscripts/tiny_mce/plugins/em...,static/js/tinymce/jscripts/tiny_mce/plugins/fu...,static/js/tinymce/jscripts/tiny_mce/plugins/fu...,...,static/js/jquery.ba-serializeobject.js,static/js/jquery-ui-1.10.3/ui/jquery.ui.button.js,static/js/jquery-ui-1.10.3/ui/jquery.ui.tabs.js,static/js/jquery-ui-1.10.3/ui/jquery.ui.sortab...,static/js/jquery-ui-1.10.3/ui/jquery.ui.droppa...,static/js/jquery-ui-1.10.3/ui/jquery-ui.js,static/js/jquery-ui-custom.js,static/js/jquery-ui-1.10.3/ui/jquery.ui.positi...,static/js/jquery-ui-1.10.3/demos/droppable/pho...,static/js/jquery-ui-1.10.3/demos/tabs/manipula...
uriBaseId,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,...,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%,%SRCROOT%


In [13]:
(d1["codeflows.csv"]).T

Unnamed: 0,0,1,2,3,4,5,6,7,8,9,...,336,337,338,339,340,341,342,343,344,345
codeflow_id,4795838400,4795838400,4795838400,4795838400,4795838400,4795838400,4795838400,4795838400,4795838400,4795838400,...,4800898624,4800898624,4800898624,4800898624,4800898624,4800898624,4800898624,4800898624,4800898624,4800898624
codeflow_index,0,0,0,0,0,0,0,0,0,1,...,5,5,5,5,5,5,5,5,5,5
threadflow_index,0,0,0,0,0,0,0,0,0,0,...,0,0,0,0,0,0,0,0,0,0
location_index,0,1,2,3,4,5,6,7,8,0,...,0,1,2,3,4,5,6,7,8,9
endColumn,35,48,46,40,46,47,42,42,14,35,...,11,155,46,40,46,30,47,46,46,75
endLine,9598,9629,139,148,148,148,1021,1021,1027,9598,...,541,542,139,148,148,148,148,189,189,196
startColumn,28,41,38,32,32,19,15,4,6,28,...,10,154,38,32,32,28,19,17,4,65
startLine,9598,9629,139,148,148,148,1021,1021,1027,9598,...,541,542,139,148,148,148,148,189,189,196
artifact_index,72,72,61,61,61,61,61,61,61,72,...,72,72,60,60,60,60,60,60,60,60
uri,static/js/jquery-ui-1.10.3/ui/jquery-ui.js,static/js/jquery-ui-1.10.3/ui/jquery-ui.js,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery-ui.js,...,static/js/jquery-ui-custom.js,static/js/jquery-ui-custom.js,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...


In [14]:
windowed_view(d1["kind_pathproblem.csv"].T)

Unnamed: 0,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43
results_array_id,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4796141696,4796141696,4796141696,4797623616,4797623616,4797623616,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384
results_array_index,564,564,564,565,566,567,568,569,570,570,570,571,572,573,576,576,576,576,576,347,348,349,347,348,349,428,428,428,429,430,431,432,433,434,434,434,435,436,437,439,439,439,439,439
codeFlows_id,4795838400,4795838400,4795838400,4795905216,4795935040,4795950272,4795952384,4795962752,4795964864,4795964864,4795964864,4795976640,4795988288,4796007616,4796039680,4796039680,4796039680,4796039680,4796039680,4797533888,4797543872,4797561344,4798972864,4798974592,4798992064,4800717504,4800717504,4800717504,4800776064,4800805888,4800821120,4800823232,4800837696,4800852160,4800852160,4800852160,4800855680,4800867328,4800878464,4800898624,4800898624,4800898624,4800898624,4800898624
ruleId,com.lgtm/javascript-queries:js/unsafe-jquery-plugin,com.lgtm/javascript-queries:js/unsafe-jquery-plugin,com.lgtm/javascript-queries:js/unsafe-jquery-plugin,com.lgtm/javascript-queries:js/unsafe-jquery-plugin,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/python-queries:py/stack-trace-exposure,com.lgtm/python-queries:py/stack-trace-exposure,com.lgtm/python-queries:py/stack-trace-exposure,com.lgtm/python-queries:py/stack-trace-exposure,com.lgtm/python-queries:py/stack-trace-exposure,com.lgtm/python-queries:py/stack-trace-exposure,com.lgtm/javascript-queries:js/unsafe-jquery-plugin,com.lgtm/javascript-queries:js/unsafe-jquery-plugin,com.lgtm/javascript-queries:js/unsafe-jquery-plugin,com.lgtm/javascript-queries:js/unsafe-jquery-plugin,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/javascript-queries:js/html-constructed-from-input,com.lgtm/javascript-queries:js/html-constructed-from-input
ruleIndex,31,31,31,31,32,32,32,32,32,32,32,32,32,32,34,34,34,34,34,11,11,11,11,11,11,28,28,28,28,29,29,29,29,29,29,29,29,29,29,31,31,31,31,31
location_array_index,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
location_id,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
location_endColumn,14,14,14,25,118,50,47,125,14,14,14,109,90,75,75,75,75,75,75,33,33,33,33,33,33,14,14,14,25,118,50,47,125,14,14,14,109,90,75,75,75,75,75,75
location_endLine,1027,1027,1027,126,4666,6128,547,494,93,93,93,109,61,65,196,196,196,196,196,395,429,466,395,429,466,1027,1027,1027,126,4666,6128,547,494,93,93,93,109,61,65,196,196,196,196,196
location_startColumn,6,6,6,15,24,36,33,31,35,35,35,18,13,17,65,65,65,65,65,29,29,29,29,29,29,6,6,6,15,24,36,33,31,35,35,35,18,13,17,65,65,65,65,65


In [15]:
(d1["kind_problem.csv"].T)

Unnamed: 0,0,1,2,3,4,5,6,7,8,9,...,1717,1718,1719,1720,1721,1722,1723,1724,1725,1726
results_array_id,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,4793680256,...,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384,4799032384
results_array_index,0,1,2,3,4,5,6,7,8,9,...,419,420,421,422,423,424,425,426,427,438
ruleId,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/unused-local-va...,...,com.lgtm/javascript-queries:js/incomplete-host...,com.lgtm/javascript-queries:js/incomplete-host...,com.lgtm/javascript-queries:js/incomplete-host...,com.lgtm/javascript-queries:js/incomplete-host...,com.lgtm/javascript-queries:js/loop-iteration-...,com.lgtm/javascript-queries:js/useless-regexp-...,com.lgtm/javascript-queries:js/useless-regexp-...,com.lgtm/javascript-queries:js/useless-regexp-...,com.lgtm/javascript-queries:js/useless-regexp-...,com.lgtm/javascript-queries:js/incomplete-mult...
ruleIndex,0,0,0,0,0,0,0,0,0,0,...,25,25,25,25,26,27,27,27,27,30
location_array_index,0,0,0,0,0,0,0,0,0,0,...,0,0,0,0,0,0,0,0,0,0
location_id,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,...,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
location_endColumn,17,30,30,16,9,16,19,74,51,55,...,249,136,173,172,22,57,70,33,97,39
location_endLine,1214,847,869,932,33,94,394,119,292,292,...,20,21,22,23,71,220,226,227,27,2664
location_startColumn,13,17,17,10,5,8,9,73,50,53,...,161,77,89,82,5,55,68,31,95,11
location_startLine,1214,847,869,932,33,94,394,119,292,292,...,20,21,22,23,71,220,226,227,27,2664


In [16]:
d1["relatedLocations.csv"].T


Unnamed: 0,0,1,2,3,4,5,6,7,8,9,...,378,379,380,381,382,383,384,385,386,387
struct_id,4794388736,4794389760,4794389760,4794389760,4794391296,4794392448,4794405824,4794406848,4794946816,4794946816,...,4800853824,4800853824,4800866688,4800878016,4800897792,4800910272,4800910272,4800910272,4800910272,4800910272
uri,static/js/tinymce/jscripts/tiny_mce/plugins/pa...,static/js/tinymce/jscripts/tiny_mce/plugins/pa...,static/js/tinymce/jscripts/tiny_mce/plugins/pa...,static/js/tinymce/jscripts/tiny_mce/plugins/pa...,static/js/tinymce/jscripts/tiny_mce/plugins/wo...,static/js/tinymce/jscripts/tiny_mce/plugins/wo...,static/js/tinymce/jscripts/tiny_mce/plugins/wo...,static/js/tinymce/jscripts/tiny_mce/plugins/ta...,static/js/tinymce/jscripts/tiny_mce/tiny_mce_s...,static/js/tinymce/jscripts/tiny_mce/tiny_mce_s...,...,static/js/jquery-ui-1.10.3/demos/dialog/modal-...,static/js/jquery-ui-1.10.3/demos/dialog/modal-...,static/js/jquery-ui-1.10.3/demos/droppable/pho...,static/js/jquery-ui-1.10.3/demos/tabs/manipula...,static/js/jquery-ui-1.10.3/demos/tabs/manipula...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery-ui.js,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-1.10.3/ui/jquery.ui.datepi...,static/js/jquery-ui-custom.js
startLine,722,722,722,722,21,21,22,1027,6758,6741,...,91,92,103,59,62,196,9598,196,1998,541
startColumn,75,74,76,78,82,85,68,6,5,4,...,17,17,13,16,22,65,28,20,28,10
endLine,722,722,722,722,21,21,22,1027,6758,6741,...,91,92,103,59,62,196,9598,196,1998,541
endColumn,76,75,77,79,83,86,69,54,7,6,...,28,31,50,30,38,75,35,87,35,11
message,here,here,here,here,here,here,here,this statement,this if statement,this other if statement,...,DOM text,DOM text,DOM text,DOM text,DOM text,HTML construction,library input,cross-site scripting,library input,library input


In [17]:
d1["rules.csv"].T

Unnamed: 0,0,1,2,3,4,5,6,7,8,9,...,259,260,261,262,263,264,265,266,267,268
rules_array_id,4796114688,4796114688,4796114688,4796114688,4796114688,4796114688,4796114688,4796114688,4796114688,4796114688,...,4800968384,4800968384,4800968384,4800968384,4800968384,4800968384,4800968384,4800968384,4800968384,4800968384
rules_array_index,0,1,1,2,2,2,3,3,3,3,...,29,29,30,30,30,30,30,31,31,31
id,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/property-access...,com.lgtm/javascript-queries:js/property-access...,com.lgtm/javascript-queries:js/regex/duplicate...,com.lgtm/javascript-queries:js/regex/duplicate...,com.lgtm/javascript-queries:js/regex/duplicate...,com.lgtm/javascript-queries:js/misleading-inde...,com.lgtm/javascript-queries:js/misleading-inde...,com.lgtm/javascript-queries:js/misleading-inde...,com.lgtm/javascript-queries:js/misleading-inde...,...,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/html-constructe...,com.lgtm/javascript-queries:js/html-constructe...,com.lgtm/javascript-queries:js/html-constructe...
name,com.lgtm/javascript-queries:js/unused-local-va...,com.lgtm/javascript-queries:js/property-access...,com.lgtm/javascript-queries:js/property-access...,com.lgtm/javascript-queries:js/regex/duplicate...,com.lgtm/javascript-queries:js/regex/duplicate...,com.lgtm/javascript-queries:js/regex/duplicate...,com.lgtm/javascript-queries:js/misleading-inde...,com.lgtm/javascript-queries:js/misleading-inde...,com.lgtm/javascript-queries:js/misleading-inde...,com.lgtm/javascript-queries:js/misleading-inde...,...,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/xss-through-dom,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/incomplete-mult...,com.lgtm/javascript-queries:js/html-constructe...,com.lgtm/javascript-queries:js/html-constructe...,com.lgtm/javascript-queries:js/html-constructe...
enabled,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
level,note,error,error,warning,warning,warning,warning,warning,warning,warning,...,warning,warning,warning,warning,warning,warning,warning,error,error,error
fullDescription,"Unused variables, imports, functions or classe...","Trying to access a property of ""null"" or ""unde...","Trying to access a property of ""null"" or ""unde...",If a character class in a regular expression c...,If a character class in a regular expression c...,If a character class in a regular expression c...,The body of a control statement should have ap...,The body of a control statement should have ap...,The body of a control statement should have ap...,The body of a control statement should have ap...,...,Reinterpreting text from the DOM as HTML can l...,Reinterpreting text from the DOM as HTML can l...,A sanitizer that removes a sequence of charact...,A sanitizer that removes a sequence of charact...,A sanitizer that removes a sequence of charact...,A sanitizer that removes a sequence of charact...,A sanitizer that removes a sequence of charact...,Using externally controlled strings to constru...,Using externally controlled strings to constru...,Using externally controlled strings to constru...
shortDescription,"Unused variable, import, function or class",Property access on null or undefined,Property access on null or undefined,Duplicate character in character class,Duplicate character in character class,Duplicate character in character class,Misleading indentation after control statement,Misleading indentation after control statement,Misleading indentation after control statement,Misleading indentation after control statement,...,DOM text reinterpreted as HTML,DOM text reinterpreted as HTML,Incomplete multi-character sanitization,Incomplete multi-character sanitization,Incomplete multi-character sanitization,Incomplete multi-character sanitization,Incomplete multi-character sanitization,Unsafe HTML constructed from library input,Unsafe HTML constructed from library input,Unsafe HTML constructed from library input
kind,problem,problem,problem,problem,problem,problem,problem,problem,problem,problem,...,path-problem,path-problem,problem,problem,problem,problem,problem,path-problem,path-problem,path-problem
precision,very-high,high,high,very-high,very-high,very-high,very-high,very-high,very-high,very-high,...,high,high,high,high,high,high,high,high,high,high
