Apply suggestions from code review

Co-authored-by: Henry Mercer <henrymercer@github.com>

lib/fingerprints.js

@@ -238,7 +238,7 @@ exports.resolveUriToFile = resolveUriToFile;
 // Compute fingerprints for results in the given sarif file
 // and return an updated sarif file contents.
 async function addFingerprints(sarif, sourceRoot, logger) {
-    logger.info(`Adding fingerprints to SARIF file`);
+    logger.info("Adding fingerprints to SARIF file. For more information, see https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs");
     // Gather together results for the same file and construct
     // callbacks to accept hashes for that file and update the location
     const callbacksByFile = {};

lib/upload-lib.js

@@ -85,7 +85,7 @@ function areAllRunsProducedByCodeQL(sarifFiles) {
 // CodeQL. Otherwise, it will fall back to combining the files in the action.
 // Returns the contents of the combined sarif file.
 async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) {
-    logger.info(`Combining sarif files using CLI`);
+    logger.info("Combining SARIF files using the CodeQL CLI");
     if (sarifFiles.length === 1) {
         return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8"));
     }
@@ -291,7 +291,7 @@ exports.validateSarifFileSchema = validateSarifFileSchema;
 // buildPayload constructs a map ready to be uploaded to the API from the given
 // parameters, respecting the current mode and target GitHub instance version.
 function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, mergeBaseCommitOid, logger) {
-    logger.info(`Combining sarif files using CLI`);
+    logger.info(`Combining SARIF files using CLI`);
     const payloadObj = {
         commit_oid: commitOid,
         ref,
@@ -345,11 +345,11 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
     sarif = await fingerprints.addFingerprints(sarif, sourceRoot, logger);
     sarif = populateRunAutomationDetails(sarif, category, analysisKey, environment);
     const toolNames = util.getToolNames(sarif);
-    logger.debug(`Validating unique category in sarif`);
+    logger.debug(`Validating that each SARIF run has a unique category`);
     validateUniqueCategory(sarif);
-    logger.debug(`Stringifying sarif for upload`);
+    logger.debug(`Serializing SARIF for upload`);
     const sarifPayload = JSON.stringify(sarif);
-    logger.debug(`Compressing sarif payload`);
+    logger.debug(`Compressing serialized SARIF`);
     const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64");
     const checkoutURI = (0, file_url_1.default)(sourceRoot);
     const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, await actionsUtil.determineMergeBaseCommitOid(), logger);

src/fingerprints.ts

@@ -259,7 +259,7 @@ export async function addFingerprints(
   sourceRoot: string,
   logger: Logger,
 ): Promise<SarifFile> {
-  logger.info(`Adding fingerprints to SARIF file`);
+  logger.info("Adding fingerprints to SARIF file. For more information, see https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs");
   // Gather together results for the same file and construct
   // callbacks to accept hashes for that file and update the location
   const callbacksByFile: { [filename: string]: hashCallback[] } = {};

src/upload-lib.ts

@@ -88,7 +88,7 @@ async function combineSarifFilesUsingCLI(
   features: Features,
   logger: Logger,
 ): Promise<SarifFile> {
-  logger.info(`Combining sarif files using CLI`);
+  logger.info("Combining SARIF files using the CodeQL CLI");
   if (sarifFiles.length === 1) {
     return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8")) as SarifFile;
   }
@@ -420,7 +420,7 @@ export function buildPayload(
   mergeBaseCommitOid: string | undefined,
   logger: Logger,
 ) {
-  logger.info(`Combining sarif files using CLI`);
+  logger.info(`Combining SARIF files using CLI`);
   const payloadObj = {
     commit_oid: commitOid,
     ref,
@@ -514,11 +514,11 @@ async function uploadFiles(
 
   const toolNames = util.getToolNames(sarif);
 
-  logger.debug(`Validating unique category in sarif`);
+  logger.debug(`Validating that each SARIF run has a unique category`);
   validateUniqueCategory(sarif);
-  logger.debug(`Stringifying sarif for upload`);
+  logger.debug(`Serializing SARIF for upload`);
   const sarifPayload = JSON.stringify(sarif);
-  logger.debug(`Compressing sarif payload`);
+  logger.debug(`Compressing serialized SARIF`);
   const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64");
   const checkoutURI = fileUrl(sourceRoot);