hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 09:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
0f070a6ae4957f2c559c3b37bd92bc3e89210b1e
sarif-cli/data/treeio/multi-sarif-01.json
Michael Hohn 0f070a6ae4 sarif-extract-multi: extract combined tables from multiple sarif files 
This command introduces a new tree structure that pulls in a collection
of sarif files.  In yaml format, an example is

    - creation_date: '2021-12-09'   # Repository creation date
      primary_language: javascript  # By lines of code
      project_name: treeio/treeio   # Repo name-short name
      query_commit_id: fa9571646c   # Commit id for custom (non-library) queries
      sarif_content: {}             # The sarif content will be attached here
      sarif_file_name: 2021-12-09/results.sarif # Path to sarif file
      scan_start_date: '2021-12-09'             # Beginning date/time of scan
      scan_stop_date:  '2021-12-10'             # End date/time of scan
      tool_name: codeql
      tool_version: v1.27

    - creation_date: '2022-02-25'
      primary_language: javascript
      ...

At run time,

    cd ~/local/sarif-cli/data/treeio
    sarif-extract-multi multi-sarif-01.json test-multi-table

will load the specified sarif files and put them in place of
`sarif_content`, then build tables against the new signature found in
sarif_cli/signature_multi.py, and merge those into 6 larger tables.  The
exported tables are

    artifacts.csv  path-problem.csv  project.csv
    codeflows.csv  problem.csv       related-locations.csv

and they have join keys for further operations.

The new typegraph is rendered in

    notes/typegraph-multi.pdf

using the instructions in

    sarif_cli/signature_multi.py
2022-03-11 23:00:53 -08:00

27 lines
723 B
JSON
Raw Blame History

[
{
"creation_date": "2021-12-09",
"primary_language": "javascript",
"project_name": "treeio/treeio",
"query_commit_id": "fa9571646c",
"sarif_content": {},
"sarif_file_name": "2021-12-09/results.sarif",
"scan_start_date": "2021-12-09",
"scan_stop_date": "2021-12-10",
"tool_name": "codeql",
"tool_version": "v1.27"
},
{
"creation_date": "2022-02-25",
"primary_language": "javascript",
"project_name": "treeio/treeio",
"query_commit_id": "fa9571646c",
"sarif_content": {},
"sarif_file_name": "2022-02-25/results.sarif",
"scan_start_date": "2022-02-25",
"scan_stop_date": "2022-02-26",
"tool_name": "codeql",
"tool_version": "v1.29"
}
]
Reference in New Issue View Git Blame Copy Permalink