From 059b288f88e98a7c32fb3c37b430f9532f2a1d61 Mon Sep 17 00:00:00 2001
From: Nicolas Vuillamy <nicolas.vuillamy@gmail.com>
Date: Sun, 18 Jun 2023 23:18:30 +0200
Subject: [PATCH] Undowngrade devskim (#2748)

* Undowngrade devskim

Fixes https://github.com/oxsecurity/megalinter/issues/2745

* Change devskim parameters

* arg names

* Add new type sarif for counting lines and use it on Devskim

* fix

* fix

* [MegaLinter] Apply linters fixes

* Fix sarif extract

---------

Co-authored-by: nvuillam <nvuillam@users.noreply.github.com>
---
 Dockerfile                                           |  2 +-
 flavors/security/Dockerfile                          |  2 +-
 linters/repository_devskim/Dockerfile                |  2 +-
 megalinter/Linter.py                                 | 12 ++++++++++++
 .../descriptors/repository.megalinter-descriptor.yml | 10 ++++++----
 .../schemas/megalinter-descriptor.jsonschema.json    |  3 ++-
 6 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 898986cdfa7..6c41c4b25d2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -674,7 +674,7 @@ ENV PATH="~/.raku/bin:/opt/rakudo-pkg/bin:/opt/rakudo-pkg/share/perl6/site/bin:$
 #     && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest
 # Next line commented because already managed by another linter
 # ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet"
-RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI --version 0.7.104 \
+RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI \
 
 # dustilock installation
 # Managed with COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock
diff --git a/flavors/security/Dockerfile b/flavors/security/Dockerfile
index 08a44b5d417..b7ec2cdf99d 100644
--- a/flavors/security/Dockerfile
+++ b/flavors/security/Dockerfile
@@ -211,7 +211,7 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil
     && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest
 
 ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet"
-RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI --version 0.7.104 \
+RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI \
 
 # dustilock installation
 # Managed with COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock
diff --git a/linters/repository_devskim/Dockerfile b/linters/repository_devskim/Dockerfile
index 329e6748dfe..5978a060a66 100644
--- a/linters/repository_devskim/Dockerfile
+++ b/linters/repository_devskim/Dockerfile
@@ -136,7 +136,7 @@ RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh
     && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest
 
 ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet"
-RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI --version 0.7.104
+RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI
 
 #OTHER__END
 
diff --git a/megalinter/Linter.py b/megalinter/Linter.py
index 2419919f974..26cc9f03ec8 100644
--- a/megalinter/Linter.py
+++ b/megalinter/Linter.py
@@ -1330,6 +1330,18 @@ def get_total_number_errors(self, stdout: str):
             total_errors = sum(
                 not line.isspace() and line != "" for line in stdout.splitlines()
             )
+        # Count number of results in sarif format
+        elif self.cli_lint_errors_count == "sarif":
+            sarif = None
+            sarif_stdout = utils.find_json_in_stdout(stdout)
+            try:
+                sarif = json.loads(sarif_stdout)
+            except ValueError as e:
+                logging.warning(f"Unable to parse sarif ({str(e)}):" + stdout)
+            if sarif and sarif["runs"] and sarif["runs"][0]["results"]:
+                total_errors = len(sarif["runs"][0]["results"])
+            else:
+                logging.warning("Unable to find results in :" + stdout)
         # Return result if found, else default value according to status
         if total_errors > 0:
             return total_errors
diff --git a/megalinter/descriptors/repository.megalinter-descriptor.yml b/megalinter/descriptors/repository.megalinter-descriptor.yml
index dd6f9f526bc..962da9d060b 100644
--- a/megalinter/descriptors/repository.megalinter-descriptor.yml
+++ b/megalinter/descriptors/repository.megalinter-descriptor.yml
@@ -67,17 +67,19 @@ linters:
       - --file-format
       - sarif
     cli_lint_extra_args_after:
+      - --source-code
       - "."
       - -E
+      - --skip-git-ignored-files
       - --ignore-globs
       - "**/megalinter-reports/**"
-    cli_lint_errors_count: regex_count
-    cli_lint_errors_regex: "(\\[.*\\])"
+    cli_help_arg_name: --help
+    cli_version_arg_name: --version
+    cli_lint_errors_count: sarif
     test_folder: devskim
     examples:
       - "devskim analyze ."
       - "devskim analyze --file-format sarif ."
-    downgraded_version: true
     install:
       apk:
         - icu-libs
@@ -94,7 +96,7 @@ linters:
               && chmod +x dotnet-install.sh \
               && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest
         - ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet"
-        - RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI --version 0.7.104
+        - RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI
     ide:
       vscode:
         - name: VSCode DevSkim
diff --git a/megalinter/descriptors/schemas/megalinter-descriptor.jsonschema.json b/megalinter/descriptors/schemas/megalinter-descriptor.jsonschema.json
index f4c8e473637..26d4a09f5ab 100644
--- a/megalinter/descriptors/schemas/megalinter-descriptor.jsonschema.json
+++ b/megalinter/descriptors/schemas/megalinter-descriptor.jsonschema.json
@@ -603,7 +603,8 @@
               "regex_number",
               "regex_count",
               "regex_sum",
-              "total_lines"
+              "total_lines",
+              "sarif"
             ],
             "examples": [
               "regex_number",