hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 09:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
0f070a6ae4957f2c559c3b37bd92bc3e89210b1e
sarif-cli/sarif_cli/signature_multi.py
Michael Hohn 0f070a6ae4 sarif-extract-multi: extract combined tables from multiple sarif files 
This command introduces a new tree structure that pulls in a collection
of sarif files.  In yaml format, an example is

    - creation_date: '2021-12-09'   # Repository creation date
      primary_language: javascript  # By lines of code
      project_name: treeio/treeio   # Repo name-short name
      query_commit_id: fa9571646c   # Commit id for custom (non-library) queries
      sarif_content: {}             # The sarif content will be attached here
      sarif_file_name: 2021-12-09/results.sarif # Path to sarif file
      scan_start_date: '2021-12-09'             # Beginning date/time of scan
      scan_stop_date:  '2021-12-10'             # End date/time of scan
      tool_name: codeql
      tool_version: v1.27

    - creation_date: '2022-02-25'
      primary_language: javascript
      ...

At run time,

    cd ~/local/sarif-cli/data/treeio
    sarif-extract-multi multi-sarif-01.json test-multi-table

will load the specified sarif files and put them in place of
`sarif_content`, then build tables against the new signature found in
sarif_cli/signature_multi.py, and merge those into 6 larger tables.  The
exported tables are

    artifacts.csv  path-problem.csv  project.csv
    codeflows.csv  problem.csv       related-locations.csv

and they have join keys for further operations.

The new typegraph is rendered in

    notes/typegraph-multi.pdf

using the instructions in

    sarif_cli/signature_multi.py
2022-03-11 23:00:53 -08:00

149 lines
5.3 KiB
Python
Raw Blame History

""" The signature for a multi-sarif result file
Produced by
cd sarif-cli/data/treeio
sarif-extract-multi -c multi-sarif-01.json none | sarif-to-dot -utf -
with some arrays manually sorted so the the signature with more fields comes first. The case
('Array6343', ('array', (1, 'Struct9699'), (0, 'Struct4055'))), # MANUALLY SORTED
is marked below.
Also, this struct should be (and is) identical to struct_graph_2022_02_01 in the
leading entries, but there are two extras.
To get a map of this type graph, use
cd sarif-cli/data/treeio
sarif-extract-multi -c multi-sarif-01.json none | \
sarif-to-dot -u -t -f -n -d - | dot -Tpdf > typegraph-multi.pdf
"""
#
# The starting node is the leftmost node in ../notes/typegraph-multi.pdf
#
start_node_2022_03_08 = 'Array6785'
struct_graph_2022_03_08 = (
[ ('String', 'string'),
('Int', 'int'),
('Bool', 'bool'),
( 'Struct2685',
( 'struct',
('index', 'Int'),
('uri', 'String'),
('uriBaseId', 'String'))),
('Struct5277', ('struct', ('location', 'Struct2685'))),
('Array4640', ('array', (0, 'Struct5277'))),
('Array7069', ('array', (0, 'String'))),
( 'Struct9543',
( 'struct',
('semmle.formatSpecifier', 'String'),
('semmle.sourceLanguage', 'String'))),
('Struct2774', ('struct', ('text', 'String'))),
( 'Struct6299',
( 'struct',
('endColumn', 'Int'),
('endLine', 'Int'),
('startColumn', 'Int'),
('startLine', 'Int'))),
( 'Struct4963',
( 'struct',
('artifactLocation', 'Struct2685'),
('region', 'Struct6299'))),
( 'Struct2683',
( 'struct',
('id', 'Int'),
('message', 'Struct2774'),
('physicalLocation', 'Struct4963'))),
('Array0350', ('array', (0, 'Struct2683'))),
( 'Struct4199',
( 'struct',
('primaryLocationLineHash', 'String'),
('primaryLocationStartColumnFingerprint', 'String'))),
('Struct3942', ('struct', ('id', 'String'), ('index', 'Int'))),
( 'Struct4055',
( 'struct',
('locations', 'Array0350'),
('message', 'Struct2774'),
('partialFingerprints', 'Struct4199'),
('relatedLocations', 'Array0350'),
('rule', 'Struct3942'),
('ruleId', 'String'),
('ruleIndex', 'Int'))),
('Struct0987', ('struct', ('location', 'Struct2683'))),
('Array1075', ('array', (0, 'Struct0987'))),
('Struct4194', ('struct', ('locations', 'Array1075'))),
('Array1597', ('array', (0, 'Struct4194'))),
('Struct7122', ('struct', ('threadFlows', 'Array1597'))),
('Array9799', ('array', (0, 'Struct7122'))),
( 'Struct9699',
( 'struct',
('codeFlows', 'Array9799'),
('locations', 'Array0350'),
('message', 'Struct2774'),
('partialFingerprints', 'Struct4199'),
('relatedLocations', 'Array0350'),
('rule', 'Struct3942'),
('ruleId', 'String'),
('ruleIndex', 'Int'))),
('Array6343', ('array', (1, 'Struct9699'), (0, 'Struct4055'))), # MANUALLY SORTED
('Struct8581', ('struct', ('enabled', 'Bool'), ('level', 'String'))),
( 'Struct7849',
( 'struct',
('kind', 'String'),
('precision', 'String'),
('security-severity', 'String'),
('severity', 'String'),
('sub-severity', 'String'),
('tags', 'Array7069'))),
( 'Struct6818',
( 'struct',
('defaultConfiguration', 'Struct8581'),
('fullDescription', 'Struct2774'),
('id', 'String'),
('name', 'String'),
('properties', 'Struct7849'),
('shortDescription', 'Struct2774'))),
('Array8754', ('array', (0, 'Struct6818'))),
( 'Struct7820',
( 'struct',
('name', 'String'),
('organization', 'String'),
('rules', 'Array8754'),
('version', 'String'))),
('Struct8972', ('struct', ('driver', 'Struct7820'))),
( 'Struct3081',
('struct', ('repositoryUri', 'String'), ('revisionId', 'String'))),
('Array5511', ('array', (0, 'Struct3081'))),
( 'Struct3388',
( 'struct',
('artifacts', 'Array4640'),
('columnKind', 'String'),
('newlineSequences', 'Array7069'),
('properties', 'Struct9543'),
('results', 'Array6343'),
('tool', 'Struct8972'),
('versionControlProvenance', 'Array5511'))),
('Array0177', ('array', (0, 'Struct3388'))),
( 'Struct6787',
( 'struct',
('$schema', 'String'),
('runs', 'Array0177'),
('version', 'String'))), # Up to here identical to struct_graph_2022_02_01
( 'Struct3739',
( 'struct',
('creation_date', 'String'),
('primary_language', 'String'),
('project_name', 'String'),
('query_commit_id', 'String'),
('sarif_content', 'Struct6787'),
('sarif_file_name', 'String'),
('scan_start_date', 'String'),
('scan_stop_date', 'String'),
('tool_name', 'String'),
('tool_version', 'String'))),
('Array6785', ('array', (0, 'Struct3739')))]
)
Reference in New Issue View Git Blame Copy Permalink