-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix MultithreadedAnalyzeCommandBase
artifacts generation and enforcing JSON properties ordering
#555
Fix MultithreadedAnalyzeCommandBase
artifacts generation and enforcing JSON properties ordering
#555
Conversation
@@ -38,18 +38,6 @@ | |||
"executionSuccessful": false | |||
} | |||
], | |||
"artifacts": [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we will only emit an artifact if we have a result. This was part of the sarif-sdk change to improve the file size generated when utilizing the MultithreadedAnalyzeCommandBase class:
microsoft/sarif-sdk#2433
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There should be an artifact entry for every artifact that is explicitly referenced. There's not a good reason to arbitrarily restrict this to results. We've lost important information here.
we will only emit an artifact if we have a result. This was part of the sarif-sdk change to improve the file size generated when utilizing the MultithreadedAnalyzeCommandBase class: Refers to: src/Test.FunctionalTests.BinSkim.Driver/BaselineTestsData/Expected/gcc.stack_protector.a.sarif:52 in 64f53be. [](commit_id = 64f53be, deletion_comment = True) |
MultithreadedAnalyzeCommandBase
artifacts generation and enforcing JSON properties ordering
@@ -772,10 +772,10 @@ | |||
"rules": [ | |||
{ | |||
"id": "BA2001", | |||
"name": "LoadImageAboveFourGigabyteAddress", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -1,5 +1,9 @@ | |||
# BinSkim Release History | |||
|
|||
## Unreleased | |||
|
|||
* BUGFIX: Fix `MultithreadedAnalyzeCommandBase` artifacts generation and enforcing JSON properties ordering. [#555](https://github.com/microsoft/binskim/pull/555) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is a bug, it shouldn't have gone away. Instead, the change should be that we see the addition of the artifact index. Refers to: src/Test.FunctionalTests.BinSkim.Driver/BaselineTestsData/Expected/clang.stack_protector.a.sarif:41 in 3fa6d69. [](commit_id = 3fa6d69, deletion_comment = True) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Description
The previous version of the sarif-sdk had a bug that was generating an artifact for each file that was analyzed. This update will guarantee that we will only generate an artifact if we have a result.
The sarif-sdk submodule change is also enforcing a specific ordering of the
name
/helpuri
in thereportingDescriptor
. This is expected since we want thename
to be near theid
.Test
Checked all rebaselined files and only found two
unexpected
changes related to the artifacts. The reason we have those is that we are not producing any results, so the artifacts are getting dropped from the SARIF log.