fix alerts

lib/fingerprints.js

@@ -10,7 +10,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const core = __importStar(require("@actions/core"));
 const fs = __importStar(require("fs"));
 const long_1 = __importDefault(require("long"));
 const tab = '\t'.charCodeAt(0);
@@ -122,7 +121,7 @@ function hash(callback, input) {
 exports.hash = hash;
 // Generate a hash callback function that updates the given result in-place
 // when it recieves a hash for the correct line number. Ignores hashes for other lines.
-function locationUpdateCallback(result, location) {
+function locationUpdateCallback(result, location, logger) {
     var _a, _b;
     let locationStartLine = (_b = (_a = location.physicalLocation) === null || _a === void 0 ? void 0 : _a.region) === null || _b === void 0 ? void 0 : _b.startLine;
     if (locationStartLine === undefined) {
@@ -146,7 +145,7 @@ function locationUpdateCallback(result, location) {
             result.partialFingerprints.primaryLocationLineHash = hash;
         }
         else if (existingFingerprint !== hash) {
-            core.warning('Calculated fingerprint of ' + hash +
+            logger.warning('Calculated fingerprint of ' + hash +
                 ' for file ' + location.physicalLocation.artifactLocation.uri +
                 ' line ' + lineNumber +
                 ', but found existing inconsistent fingerprint value ' + existingFingerprint);
@@ -157,21 +156,21 @@ function locationUpdateCallback(result, location) {
 // the source file so we can hash it.
 // If possible returns a absolute file path for the source file,
 // or if not possible then returns undefined.
-function resolveUriToFile(location, artifacts) {
+function resolveUriToFile(location, artifacts, logger) {
     // This may be referencing an artifact
     if (!location.uri && location.index !== undefined) {
         if (typeof location.index !== 'number' ||
             location.index < 0 ||
             location.index >= artifacts.length ||
             typeof artifacts[location.index].location !== 'object') {
-            core.debug(`Ignoring location as URI "${location.index}" is invalid`);
+            logger.debug(`Ignoring location as URI "${location.index}" is invalid`);
             return undefined;
         }
         location = artifacts[location.index].location;
     }
     // Get the URI and decode
     if (typeof location.uri !== 'string') {
-        core.debug(`Ignoring location as index "${location.uri}" is invalid`);
+        logger.debug(`Ignoring location as index "${location.uri}" is invalid`);
         return undefined;
     }
     let uri = decodeURIComponent(location.uri);
@@ -181,13 +180,13 @@ function resolveUriToFile(location, artifacts) {
         uri = uri.substring(fileUriPrefix.length);
     }
     if (uri.indexOf('://') !== -1) {
-        core.debug(`Ignoring location URI "${uri}" as the scheme is not recognised`);
+        logger.debug(`Ignoring location URI "${uri}" as the scheme is not recognised`);
         return undefined;
     }
     // Discard any absolute paths that aren't in the src root
     const srcRootPrefix = process.env['GITHUB_WORKSPACE'] + '/';
     if (uri.startsWith('/') && !uri.startsWith(srcRootPrefix)) {
-        core.debug(`Ignoring location URI "${uri}" as it is outside of the src root`);
+        logger.debug(`Ignoring location URI "${uri}" as it is outside of the src root`);
         return undefined;
     }
     // Just assume a relative path is relative to the src root.
@@ -198,7 +197,7 @@ function resolveUriToFile(location, artifacts) {
     }
     // Check the file exists
     if (!fs.existsSync(uri)) {
-        core.debug(`Unable to compute fingerprint for non-existent file: ${uri}`);
+        logger.debug(`Unable to compute fingerprint for non-existent file: ${uri}`);
         return undefined;
     }
     return uri;
@@ -206,7 +205,7 @@ function resolveUriToFile(location, artifacts) {
 exports.resolveUriToFile = resolveUriToFile;
 // Compute fingerprints for results in the given sarif file
 // and return an updated sarif file contents.
-function addFingerprints(sarifContents) {
+function addFingerprints(sarifContents, logger) {
     var _a, _b;
     let sarif = JSON.parse(sarifContents);
     // Gather together results for the same file and construct
@@ -219,17 +218,17 @@ function addFingerprints(sarifContents) {
             // Check the primary location is defined correctly and is in the src root
             const primaryLocation = (result.locations || [])[0];
             if (!((_b = (_a = primaryLocation) === null || _a === void 0 ? void 0 : _a.physicalLocation) === null || _b === void 0 ? void 0 : _b.artifactLocation)) {
-                core.debug(`Unable to compute fingerprint for invalid location: ${JSON.stringify(primaryLocation)}`);
+                logger.debug(`Unable to compute fingerprint for invalid location: ${JSON.stringify(primaryLocation)}`);
                 continue;
             }
-            const filepath = resolveUriToFile(primaryLocation.physicalLocation.artifactLocation, artifacts);
+            const filepath = resolveUriToFile(primaryLocation.physicalLocation.artifactLocation, artifacts, logger);
             if (!filepath) {
                 continue;
             }
             if (!callbacksByFile[filepath]) {
                 callbacksByFile[filepath] = [];
             }
-            callbacksByFile[filepath].push(locationUpdateCallback(result, primaryLocation));
+            callbacksByFile[filepath].push(locationUpdateCallback(result, primaryLocation, logger));
         }
     }
     // Now hash each file that was found

lib/fingerprints.test.js

@@ -14,6 +14,7 @@ const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const fingerprints = __importStar(require("./fingerprints"));
+const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
 testing_utils_1.setupTests(ava_1.default);
 function testHash(t, input, expectedHashes) {
@@ -98,7 +99,7 @@ ava_1.default('hash', (t) => {
 function testResolveUriToFile(uri, index, artifactsURIs) {
     const location = { "uri": uri, "index": index };
     const artifacts = artifactsURIs.map(uri => ({ "location": { "uri": uri } }));
-    return fingerprints.resolveUriToFile(location, artifacts);
+    return fingerprints.resolveUriToFile(location, artifacts, logging_1.getCLILogger());
 }
 ava_1.default('resolveUriToFile', t => {
     // The resolveUriToFile method checks that the file exists and is in the right directory
@@ -143,7 +144,7 @@ ava_1.default('addFingerprints', t => {
     expected = JSON.stringify(JSON.parse(expected));
     // The URIs in the SARIF files resolve to files in the testdata directory
     process.env['GITHUB_WORKSPACE'] = path.normalize(__dirname + '/../src/testdata');
-    t.deepEqual(fingerprints.addFingerprints(input), expected);
+    t.deepEqual(fingerprints.addFingerprints(input, logging_1.getCLILogger()), expected);
 });
 ava_1.default('missingRegions', t => {
     // Run an end-to-end test on a test file
@@ -154,6 +155,6 @@ ava_1.default('missingRegions', t => {
     expected = JSON.stringify(JSON.parse(expected));
     // The URIs in the SARIF files resolve to files in the testdata directory
     process.env['GITHUB_WORKSPACE'] = path.normalize(__dirname + '/../src/testdata');
-    t.deepEqual(fingerprints.addFingerprints(input), expected);
+    t.deepEqual(fingerprints.addFingerprints(input, logging_1.getCLILogger()), expected);
 });
 //# sourceMappingURL=fingerprints.test.js.map

lib/upload-lib.js

@@ -166,7 +166,7 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
         validateSarifFileSchema(file, logger);
     }
     let sarifPayload = combineSarifFiles(sarifFiles);
-    sarifPayload = fingerprints.addFingerprints(sarifPayload);
+    sarifPayload = fingerprints.addFingerprints(sarifPayload, logger);
     const zipped_sarif = zlib_1.default.gzipSync(sarifPayload).toString('base64');
     let checkoutURI = file_url_1.default(checkoutPath);
     const toolNames = util.getToolNames(sarifPayload);

src/fingerprints.test.ts

@@ -4,6 +4,7 @@ import * as fs from 'fs';
 import * as path from 'path';
 
 import * as fingerprints from './fingerprints';
+import { getCLILogger } from './logging';
 import {setupTests} from './testing-utils';
 
 setupTests(test);
@@ -115,7 +116,7 @@ test('hash', (t: ava.Assertions) => {
 function testResolveUriToFile(uri: any, index: any, artifactsURIs: any[]) {
   const location = { "uri": uri, "index": index };
   const artifacts = artifactsURIs.map(uri => ({ "location": { "uri": uri } }));
-  return fingerprints.resolveUriToFile(location, artifacts);
+  return fingerprints.resolveUriToFile(location, artifacts, getCLILogger());
 }
 
 test('resolveUriToFile', t => {
@@ -174,7 +175,7 @@ test('addFingerprints', t => {
   // The URIs in the SARIF files resolve to files in the testdata directory
   process.env['GITHUB_WORKSPACE'] = path.normalize(__dirname + '/../src/testdata');
 
-  t.deepEqual(fingerprints.addFingerprints(input), expected);
+  t.deepEqual(fingerprints.addFingerprints(input, getCLILogger()), expected);
 });
 
 test('missingRegions', t => {
@@ -189,5 +190,5 @@ test('missingRegions', t => {
   // The URIs in the SARIF files resolve to files in the testdata directory
   process.env['GITHUB_WORKSPACE'] = path.normalize(__dirname + '/../src/testdata');
 
-  t.deepEqual(fingerprints.addFingerprints(input), expected);
+  t.deepEqual(fingerprints.addFingerprints(input, getCLILogger()), expected);
 });

src/fingerprints.ts

@@ -1,7 +1,8 @@
-import * as core from '@actions/core';
 import * as fs from 'fs';
 import Long from 'long';
 
+import { Logger } from './logging';
+
 const tab = '\t'.charCodeAt(0);
 const space = ' '.charCodeAt(0);
 const lf = '\n'.charCodeAt(0);
@@ -124,7 +125,7 @@ export function hash(callback: hashCallback, input: string) {
 
 // Generate a hash callback function that updates the given result in-place
 // when it recieves a hash for the correct line number. Ignores hashes for other lines.
-function locationUpdateCallback(result: any, location: any): hashCallback {
+function locationUpdateCallback(result: any, location: any, logger: Logger): hashCallback {
   let locationStartLine = location.physicalLocation?.region?.startLine;
   if (locationStartLine === undefined) {
     // We expect the region section to be present, but it can be absent if the
@@ -148,7 +149,7 @@ function locationUpdateCallback(result: any, location: any): hashCallback {
     if (!existingFingerprint) {
       result.partialFingerprints.primaryLocationLineHash = hash;
     } else if (existingFingerprint !== hash) {
-      core.warning('Calculated fingerprint of ' + hash +
+      logger.warning('Calculated fingerprint of ' + hash +
         ' for file ' + location.physicalLocation.artifactLocation.uri +
         ' line ' + lineNumber +
         ', but found existing inconsistent fingerprint value ' + existingFingerprint);
@@ -160,14 +161,14 @@ function locationUpdateCallback(result: any, location: any): hashCallback {
 // the source file so we can hash it.
 // If possible returns a absolute file path for the source file,
 // or if not possible then returns undefined.
-export function resolveUriToFile(location: any, artifacts: any[]): string | undefined {
+export function resolveUriToFile(location: any, artifacts: any[], logger: Logger): string | undefined {
   // This may be referencing an artifact
   if (!location.uri && location.index !== undefined) {
     if (typeof location.index !== 'number' ||
       location.index < 0 ||
       location.index >= artifacts.length ||
       typeof artifacts[location.index].location !== 'object') {
-      core.debug(`Ignoring location as URI "${location.index}" is invalid`);
+      logger.debug(`Ignoring location as URI "${location.index}" is invalid`);
       return undefined;
     }
     location = artifacts[location.index].location;
@@ -175,7 +176,7 @@ export function resolveUriToFile(location: any, artifacts: any[]): string | unde
 
   // Get the URI and decode
   if (typeof location.uri !== 'string') {
-    core.debug(`Ignoring location as index "${location.uri}" is invalid`);
+    logger.debug(`Ignoring location as index "${location.uri}" is invalid`);
     return undefined;
   }
   let uri = decodeURIComponent(location.uri);
@@ -186,14 +187,14 @@ export function resolveUriToFile(location: any, artifacts: any[]): string | unde
     uri = uri.substring(fileUriPrefix.length);
   }
   if (uri.indexOf('://') !== -1) {
-    core.debug(`Ignoring location URI "${uri}" as the scheme is not recognised`);
+    logger.debug(`Ignoring location URI "${uri}" as the scheme is not recognised`);
     return undefined;
   }
 
   // Discard any absolute paths that aren't in the src root
   const srcRootPrefix = process.env['GITHUB_WORKSPACE'] + '/';
   if (uri.startsWith('/') && !uri.startsWith(srcRootPrefix)) {
-    core.debug(`Ignoring location URI "${uri}" as it is outside of the src root`);
+    logger.debug(`Ignoring location URI "${uri}" as it is outside of the src root`);
     return undefined;
   }
 
@@ -206,7 +207,7 @@ export function resolveUriToFile(location: any, artifacts: any[]): string | unde
 
   // Check the file exists
   if (!fs.existsSync(uri)) {
-    core.debug(`Unable to compute fingerprint for non-existent file: ${uri}`);
+    logger.debug(`Unable to compute fingerprint for non-existent file: ${uri}`);
     return undefined;
   }
 
@@ -215,7 +216,7 @@ export function resolveUriToFile(location: any, artifacts: any[]): string | unde
 
 // Compute fingerprints for results in the given sarif file
 // and return an updated sarif file contents.
-export function addFingerprints(sarifContents: string): string {
+export function addFingerprints(sarifContents: string, logger: Logger): string {
   let sarif = JSON.parse(sarifContents);
 
   // Gather together results for the same file and construct
@@ -229,18 +230,18 @@ export function addFingerprints(sarifContents: string): string {
       // Check the primary location is defined correctly and is in the src root
       const primaryLocation = (result.locations || [])[0];
       if (!primaryLocation?.physicalLocation?.artifactLocation) {
-        core.debug(`Unable to compute fingerprint for invalid location: ${JSON.stringify(primaryLocation)}`);
+        logger.debug(`Unable to compute fingerprint for invalid location: ${JSON.stringify(primaryLocation)}`);
         continue;
       }
 
-      const filepath = resolveUriToFile(primaryLocation.physicalLocation.artifactLocation, artifacts);
+      const filepath = resolveUriToFile(primaryLocation.physicalLocation.artifactLocation, artifacts, logger);
       if (!filepath) {
         continue;
       }
       if (!callbacksByFile[filepath]) {
         callbacksByFile[filepath] = [];
       }
-      callbacksByFile[filepath].push(locationUpdateCallback(result, primaryLocation));
+      callbacksByFile[filepath].push(locationUpdateCallback(result, primaryLocation, logger));
     }
   }
 

src/upload-lib.ts

@@ -235,7 +235,7 @@ async function uploadFiles(
   }
 
   let sarifPayload = combineSarifFiles(sarifFiles);
-  sarifPayload = fingerprints.addFingerprints(sarifPayload);
+  sarifPayload = fingerprints.addFingerprints(sarifPayload, logger);
 
   const zipped_sarif = zlib.gzipSync(sarifPayload).toString('base64');
   let checkoutURI = fileUrl(checkoutPath);