Fix usage of rule identifiers

mongodb-labs · May 24, 2024 · 203fdaf · 203fdaf
1 parent d3ddbd1
commit 203fdaf
Show file tree

Hide file tree

Showing 3 changed files with 54 additions and 10 deletions.
diff --git a/code-scanning-export/__tests__/sarif.test.ts b/code-scanning-export/__tests__/sarif.test.ts
@@ -185,6 +185,50 @@ describe('createSarifReport', () => {
     })
     expect(report.runs[0].results).toHaveLength(2)
   })
+
+  it('generate a valid report for PHPStan', () => {
+    const report = createSarifReport([phpstanAlert])
+
+    expect(report).toMatchSchema(sarifSchema)
+
+    expect(report).toMatchObject({
+      version: '2.1.0',
+      $schema: 'https://json.schemastore.org/sarif-2.1.0.json',
+      runs: [
+        {
+          tool: {
+            driver: {
+              name: 'PHPStan',
+              version: '1.11.x-dev@0055aac',
+              rules: [
+                {
+                  id: 'new.static',
+                  shortDescription: { text: '' },
+                  properties: { tags: [] }
+                }
+              ]
+            }
+          },
+          results: [
+            {
+              ruleId: 'new.static',
+              message: { text: 'Unsafe usage of new static().' },
+              level: 'error',
+              locations: [
+                {
+                  physicalLocation: {
+                    artifactLocation: { uri: 'src/Query/Builder.php' },
+                    region: { startLine: 954, endLine: 954, startColumn: 1 }
+                  }
+                }
+              ],
+              suppressions: []
+            }
+          ]
+        }
+      ]
+    })
+  })
 })
 
 describe('createSarifResult', () => {

diff --git a/code-scanning-export/dist/index.js b/code-scanning-export/dist/index.js
@@ -29344,7 +29344,7 @@ function createSarifReport(alerts) {
             };
         }
         results[alert.tool.name].results.push(createSarifResult(alert));
-        const ruleName = getRuleIdentifier(alert);
+        const ruleName = getRuleIdentifier(alert.rule);
         if (ruleName && !results[alert.tool.name].tool.driver.rules[ruleName]) {
             results[alert.tool.name].tool.driver.rules[ruleName] = createSarifRule(alert.rule);
         }
@@ -29369,14 +29369,14 @@ function createSarifReport(alerts) {
 exports.createSarifReport = createSarifReport;
 function createSarifRule(rule) {
     return {
-        id: rule.name,
+        id: getRuleIdentifier(rule),
         shortDescription: { text: rule.description },
         properties: { tags: rule.tags }
     };
 }
 function createSarifResult(alert) {
     return {
-        ruleId: getRuleIdentifier(alert),
+        ruleId: getRuleIdentifier(alert.rule),
         message: alert.most_recent_instance.message,
         level: alert.rule.severity,
         locations: createResultLocation(alert),
@@ -29429,8 +29429,8 @@ function createRegion(location) {
     }
     return region;
 }
-function getRuleIdentifier(alert) {
-    return alert.rule.name ? alert.rule.name : alert.rule.id ? alert.rule.id : '';
+function getRuleIdentifier(rule) {
+    return rule.name ? rule.name : rule.id ? rule.id : '';
 }
 
 

diff --git a/code-scanning-export/src/sarif.ts b/code-scanning-export/src/sarif.ts
@@ -61,7 +61,7 @@ export function createSarifReport(alerts: AlertType[]): SarifReport {
 
     results[alert.tool.name].results.push(createSarifResult(alert))
 
-    const ruleName = getRuleIdentifier(alert)
+    const ruleName = getRuleIdentifier(alert.rule)
 
     if (ruleName && !results[alert.tool.name].tool.driver.rules[ruleName]) {
       results[alert.tool.name].tool.driver.rules[ruleName] = createSarifRule(
@@ -93,15 +93,15 @@ export function createSarifReport(alerts: AlertType[]): SarifReport {
 
 function createSarifRule(rule: RuleType): object {
   return {
-    id: rule.name,
+    id: getRuleIdentifier(rule),
     shortDescription: { text: rule.description },
     properties: { tags: rule.tags }
   }
 }
 
 export function createSarifResult(alert: AlertType): object {
   return {
-    ruleId: getRuleIdentifier(alert),
+    ruleId: getRuleIdentifier(alert.rule),
     message: alert.most_recent_instance.message,
     level: alert.rule.severity,
     locations: createResultLocation(alert),
@@ -163,6 +163,6 @@ function createRegion(location: AlertLocationType): Region {
   return region
 }
 
-function getRuleIdentifier(alert: AlertType): string {
-  return alert.rule.name ? alert.rule.name : alert.rule.id ? alert.rule.id : ''
+function getRuleIdentifier(rule: RuleType): string {
+  return rule.name ? rule.name : rule.id ? rule.id : ''
 }