Remove result pruning for CodeQL 2.11.2

2023-11-27 12:54:14 +00:00 · 2023-11-27 12:54:14 +00:00 · fdea2a523d
commit fdea2a523d
parent a36fc67ec3
6 changed files with 5 additions and 292 deletions
--- a/lib/upload-lib.js
+++ b/lib/upload-lib.js
@ -26,10 +26,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.pruneInvalidResults = exports.validateUniqueCategory = exports.waitForProcessing = exports.buildPayload = exports.validateSarifFileSchema = exports.uploadFromActions = exports.findSarifFilesInDir = exports.populateRunAutomationDetails = void 0;
+exports.validateUniqueCategory = exports.waitForProcessing = exports.buildPayload = exports.validateSarifFileSchema = exports.uploadFromActions = exports.findSarifFilesInDir = exports.populateRunAutomationDetails = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
-const process_1 = require("process");
 const zlib_1 = __importDefault(require("zlib"));
 const core = __importStar(require("@actions/core"));
 const file_url_1 = __importDefault(require("file-url"));
@ -264,8 +263,6 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
    let sarif = combineSarifFiles(sarifFiles);
    sarif = await fingerprints.addFingerprints(sarif, sourceRoot, logger);
    sarif = populateRunAutomationDetails(sarif, category, analysisKey, environment);
-    if (process_1.env["CODEQL_DISABLE_SARIF_PRUNING"] !== "true")
-        sarif = pruneInvalidResults(sarif, logger);
    const toolNames = util.getToolNames(sarif);
    validateUniqueCategory(sarif);
    const sarifPayload = JSON.stringify(sarif);
@ -432,37 +429,6 @@ exports.validateUniqueCategory = validateUniqueCategory;
 function sanitize(str) {
    return (str ?? "_").replace(/[^a-zA-Z0-9_]/g, "_").toLocaleUpperCase();
 }
-function pruneInvalidResults(sarif, logger) {
-    let pruned = 0;
-    const newRuns = [];
-    for (const run of sarif.runs || []) {
-        if (run.tool?.driver?.name === "CodeQL" &&
-            run.tool?.driver?.semanticVersion === "2.11.2") {
-            // Version 2.11.2 of the CodeQL CLI had many false positives in the
-            // rb/weak-cryptographic-algorithm query which we prune here. The
-            // issue is tracked in https://github.com/github/codeql/issues/11107.
-            const newResults = [];
-            for (const result of run.results || []) {
-                if (result.ruleId === "rb/weak-cryptographic-algorithm" &&
-                    (result.message?.text?.includes(" MD5 ") ||
-                        result.message?.text?.includes(" SHA1 "))) {
-                    pruned += 1;
-                    continue;
-                }
-                newResults.push(result);
-            }
-            newRuns.push({ ...run, results: newResults });
-        }
-        else {
-            newRuns.push(run);
-        }
-    }
-    if (pruned > 0) {
-        logger.info(`Pruned ${pruned} results believed to be invalid from SARIF file.`);
-    }
-    return { ...sarif, runs: newRuns };
-}
-exports.pruneInvalidResults = pruneInvalidResults;
 /**
 * An error that occurred due to an invalid SARIF upload request.
 */