robojerk/codeql-action

Apply suggestions from code review

Browse source 
Co-authored-by: Henry Mercer <henrymercer@github.com>
This commit is contained in:
Nick Fyson 2024-04-03 17:07:14 +01:00 committed by nickfyson
parent 6514cbb626
commit 2cc8bbd0e0
6 changed files with 14 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/fingerprints.js generated
View file

@ -238,7 +238,7 @@ exports.resolveUriToFile = resolveUriToFile;
// Compute fingerprints for results in the given sarif file // Compute fingerprints for results in the given sarif file
// and return an updated sarif file contents. // and return an updated sarif file contents.
async function addFingerprints(sarif, sourceRoot, logger) { async function addFingerprints(sarif, sourceRoot, logger) {
logger.info(`Adding fingerprints to SARIF file`); logger.info("Adding fingerprints to SARIF file. For more information, see https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs");
// Gather together results for the same file and construct // Gather together results for the same file and construct
// callbacks to accept hashes for that file and update the location // callbacks to accept hashes for that file and update the location
const callbacksByFile = {}; const callbacksByFile = {};

2
lib/fingerprints.js.map
View file

File diff suppressed because one or more lines are too long

10
lib/upload-lib.js generated
View file

@ -85,7 +85,7 @@ function areAllRunsProducedByCodeQL(sarifFiles) {
// CodeQL. Otherwise, it will fall back to combining the files in the action. // CodeQL. Otherwise, it will fall back to combining the files in the action.
// Returns the contents of the combined sarif file. // Returns the contents of the combined sarif file.
async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) { async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) {
logger.info(`Combining sarif files using CLI`); logger.info("Combining SARIF files using the CodeQL CLI");
if (sarifFiles.length === 1) { if (sarifFiles.length === 1) {
return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8")); return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8"));
} }
@ -291,7 +291,7 @@ exports.validateSarifFileSchema = validateSarifFileSchema;
// buildPayload constructs a map ready to be uploaded to the API from the given // buildPayload constructs a map ready to be uploaded to the API from the given
// parameters, respecting the current mode and target GitHub instance version. // parameters, respecting the current mode and target GitHub instance version.
function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, mergeBaseCommitOid, logger) { function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, mergeBaseCommitOid, logger) {
logger.info(`Combining sarif files using CLI`); logger.info(`Combining SARIF files using CLI`);
const payloadObj = { const payloadObj = {
commit_oid: commitOid, commit_oid: commitOid,
ref, ref,
@ -345,11 +345,11 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
sarif = await fingerprints.addFingerprints(sarif, sourceRoot, logger); sarif = await fingerprints.addFingerprints(sarif, sourceRoot, logger);
sarif = populateRunAutomationDetails(sarif, category, analysisKey, environment); sarif = populateRunAutomationDetails(sarif, category, analysisKey, environment);
const toolNames = util.getToolNames(sarif); const toolNames = util.getToolNames(sarif);
logger.debug(`Validating unique category in sarif`); logger.debug(`Validating that each SARIF run has a unique category`);
validateUniqueCategory(sarif); validateUniqueCategory(sarif);
logger.debug(`Stringifying sarif for upload`); logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif); const sarifPayload = JSON.stringify(sarif);
logger.debug(`Compressing sarif payload`); logger.debug(`Compressing serialized SARIF`);
const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64"); const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64");
const checkoutURI = (0, file_url_1.default)(sourceRoot); const checkoutURI = (0, file_url_1.default)(sourceRoot);
const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, await actionsUtil.determineMergeBaseCommitOid(), logger); const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, await actionsUtil.determineMergeBaseCommitOid(), logger);

2
lib/upload-lib.js.map
View file

File diff suppressed because one or more lines are too long

2
src/fingerprints.ts
View file

@ -259,7 +259,7 @@ export async function addFingerprints(
sourceRoot: string, sourceRoot: string,
logger: Logger, logger: Logger,
): Promise<SarifFile> { ): Promise<SarifFile> {
logger.info(`Adding fingerprints to SARIF file`); logger.info("Adding fingerprints to SARIF file. For more information, see https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs");
// Gather together results for the same file and construct // Gather together results for the same file and construct
// callbacks to accept hashes for that file and update the location // callbacks to accept hashes for that file and update the location
const callbacksByFile: { [filename: string]: hashCallback[] } = {}; const callbacksByFile: { [filename: string]: hashCallback[] } = {};

10
src/upload-lib.ts
View file

@ -88,7 +88,7 @@ async function combineSarifFilesUsingCLI(
features: Features, features: Features,
logger: Logger, logger: Logger,
): Promise<SarifFile> { ): Promise<SarifFile> {
logger.info(`Combining sarif files using CLI`); logger.info("Combining SARIF files using the CodeQL CLI");
if (sarifFiles.length === 1) { if (sarifFiles.length === 1) {
return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8")) as SarifFile; return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8")) as SarifFile;
} }
@ -420,7 +420,7 @@ export function buildPayload(
mergeBaseCommitOid: string | undefined, mergeBaseCommitOid: string | undefined,
logger: Logger, logger: Logger,
) { ) {
logger.info(`Combining sarif files using CLI`); logger.info(`Combining SARIF files using CLI`);
const payloadObj = { const payloadObj = {
commit_oid: commitOid, commit_oid: commitOid,
ref, ref,
@ -514,11 +514,11 @@ async function uploadFiles(
const toolNames = util.getToolNames(sarif); const toolNames = util.getToolNames(sarif);
logger.debug(`Validating unique category in sarif`); logger.debug(`Validating that each SARIF run has a unique category`);
validateUniqueCategory(sarif); validateUniqueCategory(sarif);
logger.debug(`Stringifying sarif for upload`); logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif); const sarifPayload = JSON.stringify(sarif);
logger.debug(`Compressing sarif payload`); logger.debug(`Compressing serialized SARIF`);
const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64"); const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64");
const checkoutURI = fileUrl(sourceRoot); const checkoutURI = fileUrl(sourceRoot);