From f8728f43ec81a48e691f58dd6be8248da853167a Mon Sep 17 00:00:00 2001 From: Eddy Nakamura Date: Tue, 30 Jun 2020 18:53:09 -0300 Subject: [PATCH 1/2] Adding rule SARIF2013 --- .../Rules/RuleResources.Designer.cs | 9 ++ src/Sarif.Multitool/Rules/RuleResources.resx | 3 + .../SARIF2013.ProvideEmbeddedFileContent.cs | 38 ++++++++ .../Multitool/ValidateCommandTests.cs | 14 ++- ...3.ProvideEmbeddedFileContent_Invalid.sarif | 89 +++++++++++++++++++ ...013.ProvideEmbeddedFileContent_Valid.sarif | 46 ++++++++++ ...3.ProvideEmbeddedFileContent_Invalid.sarif | 27 ++++++ ...013.ProvideEmbeddedFileContent_Valid.sarif | 27 ++++++ 8 files changed, 252 insertions(+), 1 deletion(-) create mode 100644 src/Sarif.Multitool/Rules/SARIF2013.ProvideEmbeddedFileContent.cs create mode 100644 src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif create mode 100644 src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2013.ProvideEmbeddedFileContent_Valid.sarif create mode 100644 src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif create mode 100644 src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2013.ProvideEmbeddedFileContent_Valid.sarif diff --git a/src/Sarif.Multitool/Rules/RuleResources.Designer.cs b/src/Sarif.Multitool/Rules/RuleResources.Designer.cs index 91aa001ca..7e233f6e3 100644 --- a/src/Sarif.Multitool/Rules/RuleResources.Designer.cs +++ b/src/Sarif.Multitool/Rules/RuleResources.Designer.cs @@ -640,6 +640,15 @@ internal static string SARIF2012_ProvideHelpUris_Note_Default_Text { } } + /// + /// Looks up a localized string similar to Placeholder. + /// + internal static string SARIF2013_ProvideEmbeddedFileContent_FullDescription_Text { + get { + return ResourceManager.GetString("SARIF2013_ProvideEmbeddedFileContent_FullDescription_Text", resourceCulture); + } + } + /// /// Looks up a localized string similar to Placeholder_SARIF2013_ProvideEmbeddedFileContent_Note_Default_Text. /// diff --git a/src/Sarif.Multitool/Rules/RuleResources.resx b/src/Sarif.Multitool/Rules/RuleResources.resx index 7c9098727..c07616e70 100644 --- a/src/Sarif.Multitool/Rules/RuleResources.resx +++ b/src/Sarif.Multitool/Rules/RuleResources.resx @@ -340,4 +340,7 @@ Many tool use similar names for 'uriBaseId' symbols. We suggest 'REPOROOT' for t {0}: Placeholder '{1}' + + Placeholder + \ No newline at end of file diff --git a/src/Sarif.Multitool/Rules/SARIF2013.ProvideEmbeddedFileContent.cs b/src/Sarif.Multitool/Rules/SARIF2013.ProvideEmbeddedFileContent.cs new file mode 100644 index 000000000..ca7225071 --- /dev/null +++ b/src/Sarif.Multitool/Rules/SARIF2013.ProvideEmbeddedFileContent.cs @@ -0,0 +1,38 @@ +// Copyright (c) Microsoft. All rights reserved. +// Licensed under the MIT license. See LICENSE file in the project root for full license information. + +using System.Collections.Generic; +using System.Linq; + +namespace Microsoft.CodeAnalysis.Sarif.Multitool.Rules +{ + public class ProvideEmbeddedFileContent : SarifValidationSkimmerBase + { + /// + /// SARIF2013 + /// + public override string Id => RuleId.ProvideEmbeddedFileContent; + + /// + /// Placeholder + /// + public override MultiformatMessageString FullDescription => new MultiformatMessageString { Text = RuleResources.SARIF2013_ProvideEmbeddedFileContent_FullDescription_Text }; + + protected override IEnumerable MessageResourceNames => new string[] { + nameof(RuleResources.SARIF2013_ProvideEmbeddedFileContent_Note_Default_Text) + }; + + public override FailureLevel DefaultLevel => FailureLevel.Note; + + protected override void Analyze(Run run, string runPointer) + { + if (run.Artifacts != null && run.Artifacts.All(artifact => artifact.Contents == null)) + { + // {0}: Placeholder '{1}' + LogResult( + runPointer, + nameof(RuleResources.SARIF2013_ProvideEmbeddedFileContent_Note_Default_Text)); + } + } + } +} diff --git a/src/Test.FunctionalTests.Sarif/Multitool/ValidateCommandTests.cs b/src/Test.FunctionalTests.Sarif/Multitool/ValidateCommandTests.cs index c79d39619..38d41a8dc 100644 --- a/src/Test.FunctionalTests.Sarif/Multitool/ValidateCommandTests.cs +++ b/src/Test.FunctionalTests.Sarif/Multitool/ValidateCommandTests.cs @@ -244,7 +244,19 @@ public void SARIF2012_ProvideHelpUris_Invalid() => RunTest( MakeInvalidTestFileName(RuleId.ProvideHelpUris, nameof(RuleId.ProvideHelpUris)), parameter: new TestParameters(verbose: true)); - + + [Fact] + public void SARIF2013_ProvideEmbeddedFileContent_Valid() + => RunTest( + MakeValidTestFileName(RuleId.ProvideEmbeddedFileContent, nameof(RuleId.ProvideEmbeddedFileContent)), + parameter: new TestParameters(verbose: true)); + + [Fact] + public void SARIF2013_ProvideEmbeddedFileContent_Invalid() + => RunTest( + MakeInvalidTestFileName(RuleId.ProvideEmbeddedFileContent, nameof(RuleId.ProvideEmbeddedFileContent)), + parameter: new TestParameters(verbose: true)); + [Fact] public void SARIF2014_ProvideDynamicMessageContent_Valid() => RunTest(MakeValidTestFileName(RuleId.ProvideDynamicMessageContent, nameof(RuleId.ProvideDynamicMessageContent)), diff --git a/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif new file mode 100644 index 000000000..ace250af6 --- /dev/null +++ b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif @@ -0,0 +1,89 @@ +{ + "$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", + "version": "2.1.0", + "runs": [ + { + "tool": { + "driver": { + "name": "SARIF Functional Testing", + "rules": [ + { + "id": "SARIF2013", + "name": "ProvideEmbeddedFileContent", + "shortDescription": { + "text": "Placeholder." + }, + "fullDescription": { + "text": "Placeholder" + }, + "messageStrings": { + "Note_Default": { + "text": "Placeholder_SARIF2013_ProvideEmbeddedFileContent_Note_Default_Text" + } + }, + "helpUri": "http://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html" + } + ] + } + }, + "invocations": [ + { + "toolConfigurationNotifications": [ + { + "message": { + "text": "Rule 'SARIF2002' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis." + }, + "descriptor": { + "id": "WRN999.RuleExplicitlyDisabled" + } + }, + { + "message": { + "text": "Rule 'SARIF2006' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis." + }, + "descriptor": { + "id": "WRN999.RuleExplicitlyDisabled" + } + } + ], + "executionSuccessful": true + } + ], + "artifacts": [ + { + "location": { + "uri": "FunctionalTestOutput.ValidateCommand/Inputs.SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif", + "uriBaseId": "TEST_DIR" + } + } + ], + "results": [ + { + "ruleId": "SARIF2013", + "ruleIndex": 0, + "level": "note", + "message": { + "id": "Note_Default", + "arguments": [ + "runs[0]" + ] + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "index": 0 + }, + "region": { + "startLine": 5, + "startColumn": 5 + } + } + } + ] + } + ], + "columnKind": "utf16CodeUnits" + } + ] +} \ No newline at end of file diff --git a/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2013.ProvideEmbeddedFileContent_Valid.sarif b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2013.ProvideEmbeddedFileContent_Valid.sarif new file mode 100644 index 000000000..4813f0ed9 --- /dev/null +++ b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2013.ProvideEmbeddedFileContent_Valid.sarif @@ -0,0 +1,46 @@ +{ + "$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", + "version": "2.1.0", + "runs": [ + { + "tool": { + "driver": { + "name": "SARIF Functional Testing" + } + }, + "invocations": [ + { + "toolConfigurationNotifications": [ + { + "message": { + "text": "Rule 'SARIF2002' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis." + }, + "descriptor": { + "id": "WRN999.RuleExplicitlyDisabled" + } + }, + { + "message": { + "text": "Rule 'SARIF2006' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis." + }, + "descriptor": { + "id": "WRN999.RuleExplicitlyDisabled" + } + } + ], + "executionSuccessful": true + } + ], + "artifacts": [ + { + "location": { + "uri": "FunctionalTestOutput.ValidateCommand/Inputs.SARIF2013.ProvideEmbeddedFileContent_Valid.sarif", + "uriBaseId": "TEST_DIR" + } + } + ], + "results": [], + "columnKind": "utf16CodeUnits" + } + ] +} \ No newline at end of file diff --git a/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif new file mode 100644 index 000000000..d4c9b65e9 --- /dev/null +++ b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2013.ProvideEmbeddedFileContent_Invalid.sarif @@ -0,0 +1,27 @@ +{ + "$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", + "version": "2.1.0", + "runs": [ + { + "tool": { + "driver": { + "name": "SARIF Functional Testing", + "version": "1.2" + } + }, + "artifacts": [ + { + "description": { + "text": "no content" + } + } + ], + "versionControlProvenance": [ + { + "repositoryUri": "https://github.com/microsoft/sarif-sdk" + } + ], + "columnKind": "utf16CodeUnits" + } + ] +} \ No newline at end of file diff --git a/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2013.ProvideEmbeddedFileContent_Valid.sarif b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2013.ProvideEmbeddedFileContent_Valid.sarif new file mode 100644 index 000000000..3838e2a34 --- /dev/null +++ b/src/Test.FunctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2013.ProvideEmbeddedFileContent_Valid.sarif @@ -0,0 +1,27 @@ +{ + "$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", + "version": "2.1.0", + "runs": [ + { + "tool": { + "driver": { + "name": "SARIF Functional Testing", + "version": "1.2" + } + }, + "artifacts": [ + { + "contents": { + "text": "sample content" + } + } + ], + "versionControlProvenance": [ + { + "repositoryUri": "https://github.com/microsoft/sarif-sdk" + } + ], + "columnKind": "utf16CodeUnits" + } + ] +} \ No newline at end of file From f424a92865fb953071e7e3e332bad55668bb2769 Mon Sep 17 00:00:00 2001 From: Eddy Nakamura Date: Tue, 30 Jun 2020 19:07:24 -0300 Subject: [PATCH 2/2] code review - 1 --- .../Rules/SARIF2013.ProvideEmbeddedFileContent.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Sarif.Multitool/Rules/SARIF2013.ProvideEmbeddedFileContent.cs b/src/Sarif.Multitool/Rules/SARIF2013.ProvideEmbeddedFileContent.cs index ca7225071..44701d999 100644 --- a/src/Sarif.Multitool/Rules/SARIF2013.ProvideEmbeddedFileContent.cs +++ b/src/Sarif.Multitool/Rules/SARIF2013.ProvideEmbeddedFileContent.cs @@ -28,7 +28,7 @@ protected override void Analyze(Run run, string runPointer) { if (run.Artifacts != null && run.Artifacts.All(artifact => artifact.Contents == null)) { - // {0}: Placeholder '{1}' + // {0}: Placeholder LogResult( runPointer, nameof(RuleResources.SARIF2013_ProvideEmbeddedFileContent_Note_Default_Text));