Skip to content

Commit

Permalink
Merge pull request #345 from codacy/fix/severity-sarif
Browse files Browse the repository at this point in the history 
fix: Fix severity level in Sarif CY-3724
  • Loading branch information
Francisco Duarte committed Feb 22, 2021
2 parents 72ef833 + 4efc2da commit af1514d
Show file tree
Hide file tree
Showing 8 changed files with 29 additions and 7 deletions.
13 changes: 10 additions & 3 deletions cli/src/main/scala/com/codacy/analysis/cli/analysis/AnalyseExecutor.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@ class AnalyseExecutor(formatter: Formatter,
tool.name,
fullToolSpec.map(_.toolApiSpec),
fullToolSpec.map(_.patternDescriptions).getOrElse(Set.empty[PatternDescription]),
fullToolSpec.map(_.tool.prefix),
filteredFiles.readableFiles,
analysisResults)
case metricsTool: MetricsTool =>
Expand Down Expand Up @@ -112,10 +113,15 @@ class AnalyseExecutor(formatter: Formatter,
formatter.begin()
executorResults.foreach {
case toolResults: IssuesToolExecutorResult =>
toolResults.analysisResults.foreach(results =>
formatter.addAll(toolResults.toolSpecification, toolResults.patternDescriptions, results.to[List]))
toolResults.analysisResults.foreach(
results =>
formatter.addAll(
toolResults.toolSpecification,
toolResults.patternDescriptions,
toolResults.prefix,
results.to[List]))
case toolResults =>
toolResults.analysisResults.foreach(results => formatter.addAll(None, Set.empty, results.to[List]))
toolResults.analysisResults.foreach(results => formatter.addAll(None, Set.empty, None, results.to[List]))
}
formatter.end()

Expand Down Expand Up @@ -211,6 +217,7 @@ object AnalyseExecutor {
toolName: String,
toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
patternDescriptions: Set[PatternDescription],
prefix: Option[String],
files: Set[Path],
analysisResults: Try[Set[ToolResult]])
extends ExecutorResult[ToolResult]
Expand Down
4 changes: 2 additions & 2 deletions cli/src/main/scala/com/codacy/analysis/cli/command/AnalyseCommand.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,9 +216,9 @@ class AnalyseCommand(analyze: Analyze,

private def issuesToUpload(toolAndIssuesResults: Seq[IssuesToolExecutorResult]): Seq[ResultsUploader.ToolResults] = {
toolAndIssuesResults.map {
case IssuesToolExecutorResult(toolName, _, _, files, Success(issues)) =>
case IssuesToolExecutorResult(toolName, _, _, _, files, Success(issues)) =>
ResultsUploader.ToolResults(toolName, files, Right(issues))
case IssuesToolExecutorResult(toolName, _, _, files, Failure(error)) =>
case IssuesToolExecutorResult(toolName, _, _, _, files, Failure(error)) =>
ResultsUploader.ToolResults(toolName, files, Left(error.getMessage))
}(collection.breakOut)
}
Expand Down
1 change: 1 addition & 0 deletions cli/src/main/scala/com/codacy/analysis/cli/formatter/Formatter.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ trait Formatter {

def addAll(toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
patternDescriptions: Set[PatternDescription],
toolPrefix: Option[String],
elements: Seq[Result]): Unit

def end(): Unit
Expand Down
1 change: 1 addition & 0 deletions cli/src/main/scala/com/codacy/analysis/cli/formatter/Json.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ private[formatter] class Json(val stream: PrintStream) extends Formatter {

override def addAll(toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
patternDescriptions: Set[PatternDescription],
toolPrefix: Option[String],
elements: Seq[Result]): Unit = elements.foreach(add)

private def add(element: Result): Unit = {
Expand Down
8 changes: 6 additions & 2 deletions cli/src/main/scala/com/codacy/analysis/cli/formatter/Sarif.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,9 +52,10 @@ private[formatter] class Sarif(val stream: PrintStream, val executionDirectory:

override def addAll(toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
patternDescriptions: Set[PatternDescription],
toolPrefix: Option[String],
analysisResults: Seq[Result]): Unit = {
toolSpecification.foreach { toolSpec =>
val categorizedIssues = categorizeIssues(toolSpec, analysisResults)
val categorizedIssues = categorizeIssues(toolSpec, toolPrefix, analysisResults)

val securityRules = createRules(categorizedIssues.securityIssues, patternDescriptions)
val nonSecurityRules = createRules(categorizedIssues.nonSecurityIssues, patternDescriptions)
Expand Down Expand Up @@ -92,6 +93,7 @@ private[formatter] class Sarif(val stream: PrintStream, val executionDirectory:
}

private def categorizeIssues(toolSpec: com.codacy.plugins.api.results.Tool.Specification,
toolPrefix: Option[String],
analysisResults: Seq[Result]): CategorizedIssues = {
// HACK: Seems like the issues (`issue.category`) do not have the right category
// while in the specification (`toolSpec.patterns[].category`) the pattern has the right category
Expand All @@ -101,7 +103,9 @@ private[formatter] class Sarif(val stream: PrintStream, val executionDirectory:
analysisResults.foldLeft(CategorizedIssues(Seq.empty, Seq.empty)) {

case (categorizedIssues, issue: Issue)
if patternsCategoryMap.get(issue.patternId.value).contains(Pattern.Category.Security) =>
if patternsCategoryMap
.get(toolPrefix.fold(issue.patternId.value)(prefix => issue.patternId.value.stripPrefix(prefix)))
.contains(Pattern.Category.Security) =>
categorizedIssues.addSecurityIssue(issue)

case (categorizedIssues, issue: Issue) =>
Expand Down
1 change: 1 addition & 0 deletions cli/src/main/scala/com/codacy/analysis/cli/formatter/Text.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ private[formatter] class Text(val stream: PrintStream) extends Formatter {

override def addAll(toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
patternDescriptions: Set[PatternDescription],
toolPrefix: Option[String],
elements: Seq[Result]): Unit = elements.foreach(add)

private def add(element: Result): Unit = {
Expand Down
7 changes: 7 additions & 0 deletions cli/src/test/scala/com/codacy/analysis/cli/analysis/ExitStatusSpec.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
toolName = "MyTool",
toolSpecification = None,
patternDescriptions = Set.empty,
prefix = None,
files = Set(Paths.get("Test.scala")),
// scalafmt: { binPack.defnSite = true }
analysisResults = Success(Set(
Expand Down Expand Up @@ -58,6 +59,7 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
toolName = "MyTool",
toolSpecification = None,
patternDescriptions = Set.empty,
prefix = None,
files = Set(Paths.get("Test.scala")),
// scalafmt: { binPack.defnSite = true }
analysisResults = Success(Set(
Expand Down Expand Up @@ -92,6 +94,7 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
toolName = "MyTool",
toolSpecification = None,
patternDescriptions = Set.empty,
prefix = None,
files = Set(Paths.get("Test.scala")),
analysisResults = Success(Set()))))) should beEqualTo(ExitStatus.ExitCodes.success)
}
Expand All @@ -102,12 +105,14 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
toolName = "MyTool",
toolSpecification = None,
patternDescriptions = Set.empty,
prefix = None,
files = Set(),
analysisResults = Success(Set())),
IssuesToolExecutorResult(
toolName = "MyTool",
toolSpecification = None,
patternDescriptions = Set.empty,
prefix = None,
files = Set(Paths.get("Test.scala")),
analysisResults = Failure(new Exception("Failed")))))) should beEqualTo(
ExitStatus.ExitCodes.partiallyFailedAnalysis)
Expand All @@ -119,12 +124,14 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
toolName = "MyTool",
toolSpecification = None,
patternDescriptions = Set.empty,
prefix = None,
files = Set(),
analysisResults = Success(Set())),
IssuesToolExecutorResult(
toolName = "MyTool",
toolSpecification = None,
patternDescriptions = Set.empty,
prefix = None,
files = Set(Paths.get("Test.scala")),
analysisResults = Failure(new Exception("Failed")))))) should beEqualTo(ExitStatus.ExitCodes.success)
}
Expand Down
1 change: 1 addition & 0 deletions cli/src/test/scala/com/codacy/analysis/cli/formatter/SarifSpec.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ class SarifSpec extends Specification with NoLanguageFeatures {
formatter.addAll(
toolSpecification = Option(toolSpecification),
patternDescriptions = Set(securityPatternDescription, duplicationPatternDescription),
toolPrefix = None,
elements = List(securityIssue, duplicationIssue))
formatter.end()
val formatterOutput = bos.toString
Expand Down

0 comments on commit af1514d

Please sign in to comment.