From 9a20432127bb831293e00ae2a57c3a9c280a4766 Mon Sep 17 00:00:00 2001 From: Jan Macku Date: Thu, 9 Jan 2025 09:50:17 +0100 Subject: [PATCH] feat: Make SARIF file more compact to allow for more findings to be uploaded to GitHub Make the SARIF report compact to allow for more efficient uploading to GitHub It also allows to upload more defects in a single request (GitHub limit is 10MB) --- src/functions.sh | 6 +- test/fixtures/generate_SARIF/test.sarif | 232 +----------------------- test/generate_SARIF.bats | 2 +- test/index.bats | 10 +- test/print_result.bats | 2 +- 5 files changed, 17 insertions(+), 235 deletions(-) diff --git a/src/functions.sh b/src/functions.sh index 8a99a82d..fa2b3959 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -341,7 +341,11 @@ generate_SARIF () { --set-scan-prop='tool:ShellCheck' \ --set-scan-prop="tool-version:${shellcheck_version}" \ --set-scan-prop='tool-url:https://www.shellcheck.net/wiki/' \ - "${defects}" > "${output}" + "${defects}" > full.sarif + + # Make the SARIF report compact to allow for more efficient uploading to GitHub + # It also allows to upload more defects in a single request (GitHub limit is 10MB) + jq --compact-output < full.sarif > "${output}" } # Function to upload the SARIF report to GitHub diff --git a/test/fixtures/generate_SARIF/test.sarif b/test/fixtures/generate_SARIF/test.sarif index 6897b65b..ae550897 100644 --- a/test/fixtures/generate_SARIF/test.sarif +++ b/test/fixtures/generate_SARIF/test.sarif @@ -1,231 +1 @@ -{ - "$schema": "https://json.schemastore.org/sarif-2.1.0.json", - "version": "2.1.0", - "inlineExternalProperties": [ - { - "externalizedProperties": { - "tool": "ShellCheck", - "tool-url": "https://www.shellcheck.net/wiki/", - "tool-version": "0.10.0" - } - } - ], - "runs": [ - { - "tool": { - "driver": { - "name": "ShellCheck", - "version": "0.10.0", - "informationUri": "https://www.shellcheck.net/wiki/", - "rules": [ - { - "id": "SHELLCHECK_WARNING: warning[SC2034]", - "properties": { - "tags": [ - "ShellCheck" - ] - }, - "name": "SC2034", - "shortDescription": { - "text": "SC2034" - }, - "help": { - "text": "Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2034", - "markdown": "Defect reference: [SC2034](https://github.com/koalaman/shellcheck/wiki/SC2034)" - }, - "fullDescription": { - "text": "Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2034" - } - }, - { - "id": "SHELLCHECK_WARNING: warning[SC2115]", - "properties": { - "tags": [ - "ShellCheck" - ] - }, - "name": "SC2115", - "shortDescription": { - "text": "SC2115" - }, - "help": { - "text": "Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2115", - "markdown": "Defect reference: [SC2115](https://github.com/koalaman/shellcheck/wiki/SC2115)" - }, - "fullDescription": { - "text": "Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2115" - } - } - ] - } - }, - "results": [ - { - "ruleId": "SHELLCHECK_WARNING: warning[SC2034]", - "level": "warning", - "locations": [ - { - "id": 0, - "physicalLocation": { - "artifactLocation": { - "uri": "innocent-script.sh" - }, - "region": { - "startLine": 7, - "endLine": 7 - } - } - } - ], - "message": { - "text": "UNUSED_VAR2 appears unused. Verify use (or export if used externally)." - }, - "codeFlows": [ - { - "threadFlows": [ - { - "locations": [ - { - "location": { - "id": 0, - "physicalLocation": { - "artifactLocation": { - "uri": "innocent-script.sh" - }, - "region": { - "startLine": 7, - "endLine": 7 - } - }, - "message": { - "text": "UNUSED_VAR2 appears unused. Verify use (or export if used externally)." - } - }, - "nestingLevel": 0, - "kinds": [ - "warning[SC2034]" - ] - } - ] - } - ] - } - ], - "fingerprints": { - "csdiff/v0": "64c37c2cd555f4d61c6e05ebd224beb8147d77bf" - } - }, - { - "ruleId": "SHELLCHECK_WARNING: warning[SC2115]", - "level": "warning", - "locations": [ - { - "id": 0, - "physicalLocation": { - "artifactLocation": { - "uri": "innocent-script.sh" - }, - "region": { - "startLine": 11, - "endLine": 11 - } - } - } - ], - "message": { - "text": "Use \"${var:?}\" to ensure this never expands to / ." - }, - "codeFlows": [ - { - "threadFlows": [ - { - "locations": [ - { - "location": { - "id": 0, - "physicalLocation": { - "artifactLocation": { - "uri": "innocent-script.sh" - }, - "region": { - "startLine": 11, - "endLine": 11 - } - }, - "message": { - "text": "Use \"${var:?}\" to ensure this never expands to / ." - } - }, - "nestingLevel": 0, - "kinds": [ - "warning[SC2115]" - ] - } - ] - } - ] - } - ], - "fingerprints": { - "csdiff/v0": "d9a3f3f1027ba2a0ca5dc7eb24d7d8b09dbe2b1d" - } - }, - { - "ruleId": "SHELLCHECK_WARNING: warning[SC2115]", - "level": "warning", - "locations": [ - { - "id": 0, - "physicalLocation": { - "artifactLocation": { - "uri": "innocent-script.sh" - }, - "region": { - "startLine": 11, - "endLine": 11 - } - } - } - ], - "message": { - "text": "Use \"${var:?}\" to ensure this never expands to / ." - }, - "codeFlows": [ - { - "threadFlows": [ - { - "locations": [ - { - "location": { - "id": 0, - "physicalLocation": { - "artifactLocation": { - "uri": "innocent-script.sh" - }, - "region": { - "startLine": 11, - "endLine": 11 - } - }, - "message": { - "text": "Use \"${var:?}\" to ensure this never expands to / ." - } - }, - "nestingLevel": 0, - "kinds": [ - "warning[SC2115]" - ] - } - ] - } - ] - } - ], - "fingerprints": { - "csdiff/v0": "d9a3f3f1027ba2a0ca5dc7eb24d7d8b09dbe2b1d" - } - } - ] - } - ] -} +{"$schema":"https://json.schemastore.org/sarif-2.1.0.json","version":"2.1.0","inlineExternalProperties":[{"externalizedProperties":{"tool":"ShellCheck","tool-url":"https://www.shellcheck.net/wiki/","tool-version":"0.10.0"}}],"runs":[{"tool":{"driver":{"name":"ShellCheck","version":"0.10.0","informationUri":"https://www.shellcheck.net/wiki/","rules":[{"id":"SHELLCHECK_WARNING: warning[SC2034]","properties":{"tags":["ShellCheck"]},"name":"SC2034","shortDescription":{"text":"SC2034"},"help":{"text":"Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2034","markdown":"Defect reference: [SC2034](https://github.com/koalaman/shellcheck/wiki/SC2034)"},"fullDescription":{"text":"Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2034"}},{"id":"SHELLCHECK_WARNING: warning[SC2115]","properties":{"tags":["ShellCheck"]},"name":"SC2115","shortDescription":{"text":"SC2115"},"help":{"text":"Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2115","markdown":"Defect reference: [SC2115](https://github.com/koalaman/shellcheck/wiki/SC2115)"},"fullDescription":{"text":"Defect reference: https://github.com/koalaman/shellcheck/wiki/SC2115"}}]}},"results":[{"ruleId":"SHELLCHECK_WARNING: warning[SC2034]","level":"warning","locations":[{"id":0,"physicalLocation":{"artifactLocation":{"uri":"innocent-script.sh"},"region":{"startLine":7,"endLine":7}}}],"message":{"text":"UNUSED_VAR2 appears unused. Verify use (or export if used externally)."},"codeFlows":[{"threadFlows":[{"locations":[{"location":{"id":0,"physicalLocation":{"artifactLocation":{"uri":"innocent-script.sh"},"region":{"startLine":7,"endLine":7}},"message":{"text":"UNUSED_VAR2 appears unused. Verify use (or export if used externally)."}},"nestingLevel":0,"kinds":["warning[SC2034]"]}]}]}],"fingerprints":{"csdiff/v0":"64c37c2cd555f4d61c6e05ebd224beb8147d77bf"}},{"ruleId":"SHELLCHECK_WARNING: warning[SC2115]","level":"warning","locations":[{"id":0,"physicalLocation":{"artifactLocation":{"uri":"innocent-script.sh"},"region":{"startLine":11,"endLine":11}}}],"message":{"text":"Use \"${var:?}\" to ensure this never expands to / ."},"codeFlows":[{"threadFlows":[{"locations":[{"location":{"id":0,"physicalLocation":{"artifactLocation":{"uri":"innocent-script.sh"},"region":{"startLine":11,"endLine":11}},"message":{"text":"Use \"${var:?}\" to ensure this never expands to / ."}},"nestingLevel":0,"kinds":["warning[SC2115]"]}]}]}],"fingerprints":{"csdiff/v0":"d9a3f3f1027ba2a0ca5dc7eb24d7d8b09dbe2b1d"}},{"ruleId":"SHELLCHECK_WARNING: warning[SC2115]","level":"warning","locations":[{"id":0,"physicalLocation":{"artifactLocation":{"uri":"innocent-script.sh"},"region":{"startLine":11,"endLine":11}}}],"message":{"text":"Use \"${var:?}\" to ensure this never expands to / ."},"codeFlows":[{"threadFlows":[{"locations":[{"location":{"id":0,"physicalLocation":{"artifactLocation":{"uri":"innocent-script.sh"},"region":{"startLine":11,"endLine":11}},"message":{"text":"Use \"${var:?}\" to ensure this never expands to / ."}},"nestingLevel":0,"kinds":["warning[SC2115]"]}]}]}],"fingerprints":{"csdiff/v0":"d9a3f3f1027ba2a0ca5dc7eb24d7d8b09dbe2b1d"}}]}]} diff --git a/test/generate_SARIF.bats b/test/generate_SARIF.bats index a7b6ad01..0c7e4891 100644 --- a/test/generate_SARIF.bats +++ b/test/generate_SARIF.bats @@ -36,5 +36,5 @@ setup () { } teardown () { - rm -f test.sarif + rm -f test.sarif full.sarif } diff --git a/test/index.bats b/test/index.bats index d6eedc0b..74f8ae01 100644 --- a/test/index.bats +++ b/test/index.bats @@ -21,7 +21,15 @@ setup () { } teardown () { - rm -f ../base-shellcheck.err ../changed-files.txt ../defects.log ../fixes.log ../head-shellcheck.err ./output.sarif ./output.xhtml + rm -f \ + ../base-shellcheck.err \ + ../changed-files.txt \ + ../defects.log \ + ../fixes.log \ + ../head-shellcheck.err \ + ./full.sarif \ + ./output.sarif \ + ./output.xhtml export \ SCRIPT_DIR="" \ diff --git a/test/print_result.bats b/test/print_result.bats index 544d4582..3b593153 100644 --- a/test/print_result.bats +++ b/test/print_result.bats @@ -86,5 +86,5 @@ teardown () { export \ INPUT_DISPLAY_ENGINE="" \ UNIT_TESTS="" - rm -f tmp.sarif + rm -f tmp.sarif full.sarif }