-
Notifications
You must be signed in to change notification settings - Fork 93
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding Rule SARIF2012 #1949
Adding Rule SARIF2012 #1949
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
// Copyright (c) Microsoft. All rights reserved. | ||
// Licensed under the MIT license. See LICENSE file in the project root for full license information. | ||
|
||
using System.Collections.Generic; | ||
|
||
using Microsoft.Json.Pointer; | ||
|
||
namespace Microsoft.CodeAnalysis.Sarif.Multitool.Rules | ||
{ | ||
public class ProvideHelpUris : SarifValidationSkimmerBase | ||
{ | ||
/// <summary> | ||
/// SARIF2012 | ||
/// </summary> | ||
public override string Id => RuleId.ProvideHelpUris; | ||
|
||
/// <summary> | ||
/// Placeholder | ||
/// </summary> | ||
public override MultiformatMessageString FullDescription => new MultiformatMessageString { Text = RuleResources.SARIF2012_ProvideHelpUris_FullDescription_Text }; | ||
|
||
protected override IEnumerable<string> MessageResourceNames => new string[] { | ||
nameof(RuleResources.SARIF2012_ProvideHelpUris_Note_Default_Text) | ||
}; | ||
|
||
public override FailureLevel DefaultLevel => FailureLevel.Note; | ||
|
||
protected override void Analyze(Run run, string runPointer) | ||
{ | ||
AnalyzeTool(run.Tool, runPointer.AtProperty(SarifPropertyName.Tool)); | ||
} | ||
|
||
private void AnalyzeTool(Tool tool, string toolPointer) | ||
{ | ||
if (tool.Driver != null) | ||
{ | ||
AnalyzeToolDriver(tool.Driver, toolPointer.AtProperty(SarifPropertyName.Driver)); | ||
} | ||
} | ||
|
||
private void AnalyzeToolDriver(ToolComponent toolComponent, string toolDriverPointer) | ||
{ | ||
if (toolComponent.Rules != null) | ||
{ | ||
string rulesPointer = toolDriverPointer.AtProperty(SarifPropertyName.Rules); | ||
for (int i = 0; i < toolComponent.Rules.Count; i++) | ||
{ | ||
AnalyzeReportingDescriptor(toolComponent.Rules[i], rulesPointer.AtIndex(i)); | ||
} | ||
} | ||
} | ||
|
||
private void AnalyzeReportingDescriptor(ReportingDescriptor reportingDescriptor, string reportingDescriptorPointer) | ||
{ | ||
if (reportingDescriptor.HelpUri == null) | ||
{ | ||
string ruleMoniker = reportingDescriptor.Id; | ||
if (!string.IsNullOrWhiteSpace(reportingDescriptor.Name)) | ||
{ | ||
ruleMoniker += $".{reportingDescriptor.Name}"; | ||
} | ||
|
||
// {0}: Placeholder '{1}' | ||
LogResult( | ||
reportingDescriptorPointer, | ||
nameof(RuleResources.SARIF2012_ProvideHelpUris_Note_Default_Text), | ||
ruleMoniker); | ||
} | ||
} | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -27,9 +27,6 @@ public ValidateCommandTests(ITestOutputHelper outputHelper, bool testProducesSar | |
base(outputHelper, testProducesSarifCurrentVersion) | ||
{ } | ||
|
||
// Pass this parameter to RunTest for those rules that can produce "pass"-level results. | ||
private const bool Verbose = true; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Thanks. #ByDesign |
||
|
||
protected override string IntermediateTestFolder => @"Multitool"; | ||
|
||
private class TestParameters | ||
|
@@ -236,6 +233,18 @@ public void SARIF2011_ProvideContextRegion_Invalid() | |
MakeInvalidTestFileName(RuleId.ProvideContextRegion, nameof(RuleId.ProvideContextRegion)), | ||
parameter: new TestParameters(verbose: true)); | ||
|
||
[Fact] | ||
public void SARIF2012_ProvideHelpUris_Valid() | ||
=> RunTest( | ||
MakeValidTestFileName(RuleId.ProvideHelpUris, nameof(RuleId.ProvideHelpUris)), | ||
parameter: new TestParameters(verbose: true)); | ||
|
||
[Fact] | ||
public void SARIF2012_ProvideHelpUris_Invalid() | ||
=> RunTest( | ||
MakeInvalidTestFileName(RuleId.ProvideHelpUris, nameof(RuleId.ProvideHelpUris)), | ||
parameter: new TestParameters(verbose: true)); | ||
|
||
[Fact] | ||
public void SARIF2014_ProvideDynamicMessageContent_Valid() | ||
=> RunTest(MakeValidTestFileName(RuleId.ProvideDynamicMessageContent, nameof(RuleId.ProvideDynamicMessageContent)), | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
{ | ||
"$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", | ||
"version": "2.1.0", | ||
"runs": [ | ||
{ | ||
"tool": { | ||
"driver": { | ||
"name": "SARIF Functional Testing", | ||
"rules": [ | ||
{ | ||
"id": "SARIF2012", | ||
"name": "ProvideHelpUris", | ||
"shortDescription": { | ||
"text": "Placeholder." | ||
}, | ||
"fullDescription": { | ||
"text": "Placeholder" | ||
}, | ||
"messageStrings": { | ||
"Note_Default": { | ||
"text": "{0}: Placeholder '{1}'" | ||
} | ||
}, | ||
"helpUri": "http://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html" | ||
} | ||
] | ||
} | ||
}, | ||
"invocations": [ | ||
{ | ||
"toolConfigurationNotifications": [ | ||
{ | ||
"message": { | ||
"text": "Rule 'SARIF2002' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis." | ||
}, | ||
"descriptor": { | ||
"id": "WRN999.RuleExplicitlyDisabled" | ||
} | ||
}, | ||
{ | ||
"message": { | ||
"text": "Rule 'SARIF2006' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis." | ||
}, | ||
"descriptor": { | ||
"id": "WRN999.RuleExplicitlyDisabled" | ||
} | ||
} | ||
], | ||
"executionSuccessful": true | ||
} | ||
], | ||
"artifacts": [ | ||
{ | ||
"location": { | ||
"uri": "FunctionalTestOutput.ValidateCommand/Inputs.SARIF2012.ProvideHelpUris_Invalid.sarif", | ||
"uriBaseId": "TEST_DIR" | ||
} | ||
} | ||
], | ||
"results": [ | ||
{ | ||
"ruleId": "SARIF2012", | ||
"ruleIndex": 0, | ||
"level": "note", | ||
"message": { | ||
"id": "Note_Default", | ||
"arguments": [ | ||
"runs[0].tool.driver.rules[0]", | ||
"SARIF2009.ConsiderConventionalIdentifierValues" | ||
] | ||
}, | ||
"locations": [ | ||
{ | ||
"physicalLocation": { | ||
"artifactLocation": { | ||
"index": 0 | ||
}, | ||
"region": { | ||
"startLine": 11, | ||
"startColumn": 13 | ||
} | ||
} | ||
} | ||
] | ||
} | ||
], | ||
"columnKind": "utf16CodeUnits" | ||
} | ||
] | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{ | ||
"$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", | ||
"version": "2.1.0", | ||
"runs": [ | ||
{ | ||
"tool": { | ||
"driver": { | ||
"name": "SARIF Functional Testing" | ||
} | ||
}, | ||
"invocations": [ | ||
{ | ||
"toolConfigurationNotifications": [ | ||
{ | ||
"message": { | ||
"text": "Rule 'SARIF2002' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis." | ||
}, | ||
"descriptor": { | ||
"id": "WRN999.RuleExplicitlyDisabled" | ||
} | ||
}, | ||
{ | ||
"message": { | ||
"text": "Rule 'SARIF2006' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis." | ||
}, | ||
"descriptor": { | ||
"id": "WRN999.RuleExplicitlyDisabled" | ||
} | ||
} | ||
], | ||
"executionSuccessful": true | ||
} | ||
], | ||
"artifacts": [ | ||
{ | ||
"location": { | ||
"uri": "FunctionalTestOutput.ValidateCommand/Inputs.SARIF2012.ProvideHelpUris_Valid.sarif", | ||
"uriBaseId": "TEST_DIR" | ||
} | ||
} | ||
], | ||
"results": [], | ||
"columnKind": "utf16CodeUnits" | ||
} | ||
] | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
{ | ||
"$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", | ||
"version": "2.1.0", | ||
"runs": [ | ||
{ | ||
"tool": { | ||
"driver": { | ||
"name": "SARIF Functional Testing", | ||
"version": "1.0.0", | ||
"rules": [ | ||
{ | ||
"id": "SARIF2009", | ||
"name": "ConsiderConventionalIdentifierValues" | ||
} | ||
] | ||
} | ||
}, | ||
"versionControlProvenance": [ | ||
{ | ||
"repositoryUri": "https://github.com/microsoft/sarif-sdk" | ||
} | ||
], | ||
"columnKind": "utf16CodeUnits" | ||
} | ||
] | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
{ | ||
"$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", | ||
"version": "2.1.0", | ||
"runs": [ | ||
{ | ||
"tool": { | ||
"driver": { | ||
"name": "SARIF Functional Testing", | ||
"version": "1.0.0", | ||
"rules": [ | ||
{ | ||
"id": "SARIF2009", | ||
"name": "ConsiderConventionalIdentifierValues", | ||
"helpUri": "http://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html" | ||
} | ||
] | ||
} | ||
}, | ||
"versionControlProvenance": [ | ||
{ | ||
"repositoryUri": "https://github.com/microsoft/sarif-sdk" | ||
} | ||
], | ||
"columnKind": "utf16CodeUnits" | ||
} | ||
] | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,7 +17,8 @@ | |
"NoPlaceholders": { | ||
"text": "This message does not contain dynamic content." | ||
} | ||
} | ||
}, | ||
"helpUri": "http://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html" | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. we removed these to make the test cases smaller, maybe this got back due to merge. Please remove these (same for other 3 files- 2014, 2015) #ByDesign There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. oh haha! wait a second! now we have a rule which makes this field mandatory!!! lol, now i see why u put it back. In reply to: 447983343 [](ancestors = 447983343) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. the new rule developed (2012), will show that as an error, since we are using it as verbose. That's why i added again. #Resolved |
||
] | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Include the rule's
id
and, if present, the friendlyname
. Use one message argument that looks like<id>
if there is noname
, and<id>.<name>
if there is aname
. The message will end up being (for example): "The rule 'SARIF1012' does not have a 'helpUri' property. Help URIs help engineers to ... blah blah..." #Closed