diff --git a/.github/workflows/__analysis-kinds.yml b/.github/workflows/__analysis-kinds.yml index 41561fc43..1f270b278 100644 --- a/.github/workflows/__analysis-kinds.yml +++ b/.github/workflows/__analysis-kinds.yml @@ -122,7 +122,7 @@ jobs: with: script: ${{ env.CHECK_SCRIPT }} env: - CODEQL_ACTION_CSRA_ASSESSMENT_ID: 1 + CODEQL_ACTION_RISK_ASSESSMENT_ID: 1 CHECK_SCRIPT: | const fs = require('fs'); diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 6318ba432..5d14c5b26 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -161224,7 +161224,7 @@ var path3 = __toESM(require("path")); var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 199af452c..c88fc9099 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -106485,7 +106485,7 @@ function fixCodeQualityCategory(logger, category) { var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); @@ -106495,7 +106495,7 @@ var CodeScanning = { name: "code scanning", target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */, sarifExtension: ".sarif", - sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !CSRA.sarifPredicate(name), + sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !RiskAssessment.sarifPredicate(name), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_SARIF_", transformPayload: (payload) => payload @@ -106511,26 +106511,26 @@ var CodeQuality = { transformPayload: (payload) => payload }; function addAssessmentId(payload) { - const rawAssessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */); + const rawAssessmentId = getRequiredEnvParam("CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */); const assessmentId = parseInt(rawAssessmentId, 10); if (Number.isNaN(assessmentId)) { throw new Error( - `${"CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */} must not be NaN: ${rawAssessmentId}` + `${"CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */} must not be NaN: ${rawAssessmentId}` ); } if (assessmentId < 0) { throw new Error( - `${"CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */} must not be negative: ${rawAssessmentId}` + `${"CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */} must not be negative: ${rawAssessmentId}` ); } return { sarif: payload.sarif, assessment_id: assessmentId }; } -var CSRA = { - kind: "risk-assessment" /* CSRA */, +var RiskAssessment = { + kind: "risk-assessment" /* RiskAssessment */, name: "code scanning risk assessment", - target: "PUT /repos/:owner/:repo/code-scanning/risk-assessment" /* CSRA */, + target: "PUT /repos/:owner/:repo/code-scanning/risk-assessment" /* RISK_ASSESSMENT */, sarifExtension: ".csra.sarif", - sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), + sarifPredicate: (name) => name.endsWith(RiskAssessment.sarifExtension), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", transformPayload: addAssessmentId @@ -106541,12 +106541,12 @@ function getAnalysisConfig(kind) { return CodeScanning; case "code-quality" /* CodeQuality */: return CodeQuality; - case "risk-assessment" /* CSRA */: - return CSRA; + case "risk-assessment" /* RiskAssessment */: + return RiskAssessment; } } var SarifScanOrder = [ - CSRA, + RiskAssessment, CodeQuality, CodeScanning ]; diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 943a2db3a..334d28165 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -103629,7 +103629,7 @@ var path4 = __toESM(require("path")); var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); diff --git a/lib/init-action-post.js b/lib/init-action-post.js index a85e859a9..097699639 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -164545,7 +164545,7 @@ var path6 = __toESM(require("path")); var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); @@ -164554,7 +164554,7 @@ var CodeScanning = { name: "code scanning", target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */, sarifExtension: ".sarif", - sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !CSRA.sarifPredicate(name), + sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !RiskAssessment.sarifPredicate(name), fixCategory: (_2, category) => category, sentinelPrefix: "CODEQL_UPLOAD_SARIF_", transformPayload: (payload) => payload @@ -164570,26 +164570,26 @@ var CodeQuality = { transformPayload: (payload) => payload }; function addAssessmentId(payload) { - const rawAssessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */); + const rawAssessmentId = getRequiredEnvParam("CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */); const assessmentId = parseInt(rawAssessmentId, 10); if (Number.isNaN(assessmentId)) { throw new Error( - `${"CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */} must not be NaN: ${rawAssessmentId}` + `${"CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */} must not be NaN: ${rawAssessmentId}` ); } if (assessmentId < 0) { throw new Error( - `${"CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */} must not be negative: ${rawAssessmentId}` + `${"CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */} must not be negative: ${rawAssessmentId}` ); } return { sarif: payload.sarif, assessment_id: assessmentId }; } -var CSRA = { - kind: "risk-assessment" /* CSRA */, +var RiskAssessment = { + kind: "risk-assessment" /* RiskAssessment */, name: "code scanning risk assessment", - target: "PUT /repos/:owner/:repo/code-scanning/risk-assessment" /* CSRA */, + target: "PUT /repos/:owner/:repo/code-scanning/risk-assessment" /* RISK_ASSESSMENT */, sarifExtension: ".csra.sarif", - sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), + sarifPredicate: (name) => name.endsWith(RiskAssessment.sarifExtension), fixCategory: (_2, category) => category, sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", transformPayload: addAssessmentId diff --git a/lib/init-action.js b/lib/init-action.js index df1156f9f..4cf875a84 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -103833,13 +103833,13 @@ function isAnalyzingPullRequest() { var AnalysisKind = /* @__PURE__ */ ((AnalysisKind3) => { AnalysisKind3["CodeScanning"] = "code-scanning"; AnalysisKind3["CodeQuality"] = "code-quality"; - AnalysisKind3["CSRA"] = "risk-assessment"; + AnalysisKind3["RiskAssessment"] = "risk-assessment"; return AnalysisKind3; })(AnalysisKind || {}); var compatibilityMatrix = { ["code-scanning" /* CodeScanning */]: /* @__PURE__ */ new Set(["code-quality" /* CodeQuality */]), ["code-quality" /* CodeQuality */]: /* @__PURE__ */ new Set(["code-scanning" /* CodeScanning */]), - ["risk-assessment" /* CSRA */]: /* @__PURE__ */ new Set() + ["risk-assessment" /* RiskAssessment */]: /* @__PURE__ */ new Set() }; var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); async function parseAnalysisKinds(input) { @@ -103880,7 +103880,7 @@ async function getAnalysisKinds(logger, skipCache = false) { if (analysisKind === otherAnalysisKind) continue; if (!compatibilityMatrix[analysisKind].has(otherAnalysisKind)) { throw new ConfigurationError( - `${otherAnalysisKind} cannot be enabled at the same time as ${analysisKind}` + `${analysisKind} and ${otherAnalysisKind} cannot be enabled at the same time` ); } } diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 87e4e233d..75ff227cb 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -103628,7 +103628,7 @@ var path3 = __toESM(require("path")); var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 06205efa2..e57d78b90 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -104553,7 +104553,7 @@ function wrapCliConfigurationError(cliError) { var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 9c2125fc9..76631dc5c 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -160859,7 +160859,7 @@ var path = __toESM(require("path")); var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 4830048d7..cd6f73522 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -121161,7 +121161,7 @@ var core9 = __toESM(require_core()); var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); diff --git a/lib/upload-lib.js b/lib/upload-lib.js index cd8fbb880..4267f2604 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -106141,7 +106141,7 @@ function fixCodeQualityCategory(logger, category) { var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); @@ -106150,7 +106150,7 @@ var CodeScanning = { name: "code scanning", target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */, sarifExtension: ".sarif", - sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !CSRA.sarifPredicate(name), + sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !RiskAssessment.sarifPredicate(name), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_SARIF_", transformPayload: (payload) => payload @@ -106166,32 +106166,32 @@ var CodeQuality = { transformPayload: (payload) => payload }; function addAssessmentId(payload) { - const rawAssessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */); + const rawAssessmentId = getRequiredEnvParam("CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */); const assessmentId = parseInt(rawAssessmentId, 10); if (Number.isNaN(assessmentId)) { throw new Error( - `${"CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */} must not be NaN: ${rawAssessmentId}` + `${"CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */} must not be NaN: ${rawAssessmentId}` ); } if (assessmentId < 0) { throw new Error( - `${"CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */} must not be negative: ${rawAssessmentId}` + `${"CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */} must not be negative: ${rawAssessmentId}` ); } return { sarif: payload.sarif, assessment_id: assessmentId }; } -var CSRA = { - kind: "risk-assessment" /* CSRA */, +var RiskAssessment = { + kind: "risk-assessment" /* RiskAssessment */, name: "code scanning risk assessment", - target: "PUT /repos/:owner/:repo/code-scanning/risk-assessment" /* CSRA */, + target: "PUT /repos/:owner/:repo/code-scanning/risk-assessment" /* RISK_ASSESSMENT */, sarifExtension: ".csra.sarif", - sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), + sarifPredicate: (name) => name.endsWith(RiskAssessment.sarifExtension), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", transformPayload: addAssessmentId }; var SarifScanOrder = [ - CSRA, + RiskAssessment, CodeQuality, CodeScanning ]; diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 056df3a12..caba09e53 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -160866,7 +160866,7 @@ var io5 = __toESM(require_io()); var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index a7af66d24..d8f6208ac 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -106179,7 +106179,7 @@ function fixCodeQualityCategory(logger, category) { var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { AnalysisKind2["CodeScanning"] = "code-scanning"; AnalysisKind2["CodeQuality"] = "code-quality"; - AnalysisKind2["CSRA"] = "risk-assessment"; + AnalysisKind2["RiskAssessment"] = "risk-assessment"; return AnalysisKind2; })(AnalysisKind || {}); var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); @@ -106188,7 +106188,7 @@ var CodeScanning = { name: "code scanning", target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */, sarifExtension: ".sarif", - sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !CSRA.sarifPredicate(name), + sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && !RiskAssessment.sarifPredicate(name), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_SARIF_", transformPayload: (payload) => payload @@ -106204,26 +106204,26 @@ var CodeQuality = { transformPayload: (payload) => payload }; function addAssessmentId(payload) { - const rawAssessmentId = getRequiredEnvParam("CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */); + const rawAssessmentId = getRequiredEnvParam("CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */); const assessmentId = parseInt(rawAssessmentId, 10); if (Number.isNaN(assessmentId)) { throw new Error( - `${"CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */} must not be NaN: ${rawAssessmentId}` + `${"CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */} must not be NaN: ${rawAssessmentId}` ); } if (assessmentId < 0) { throw new Error( - `${"CODEQL_ACTION_CSRA_ASSESSMENT_ID" /* CSRA_ASSESSMENT_ID */} must not be negative: ${rawAssessmentId}` + `${"CODEQL_ACTION_RISK_ASSESSMENT_ID" /* RISK_ASSESSMENT_ID */} must not be negative: ${rawAssessmentId}` ); } return { sarif: payload.sarif, assessment_id: assessmentId }; } -var CSRA = { - kind: "risk-assessment" /* CSRA */, +var RiskAssessment = { + kind: "risk-assessment" /* RiskAssessment */, name: "code scanning risk assessment", - target: "PUT /repos/:owner/:repo/code-scanning/risk-assessment" /* CSRA */, + target: "PUT /repos/:owner/:repo/code-scanning/risk-assessment" /* RISK_ASSESSMENT */, sarifExtension: ".csra.sarif", - sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), + sarifPredicate: (name) => name.endsWith(RiskAssessment.sarifExtension), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", transformPayload: addAssessmentId @@ -106234,12 +106234,12 @@ function getAnalysisConfig(kind) { return CodeScanning; case "code-quality" /* CodeQuality */: return CodeQuality; - case "risk-assessment" /* CSRA */: - return CSRA; + case "risk-assessment" /* RiskAssessment */: + return RiskAssessment; } } var SarifScanOrder = [ - CSRA, + RiskAssessment, CodeQuality, CodeScanning ]; diff --git a/pr-checks/checks/analysis-kinds.yml b/pr-checks/checks/analysis-kinds.yml index bbf202b64..6eedaec02 100644 --- a/pr-checks/checks/analysis-kinds.yml +++ b/pr-checks/checks/analysis-kinds.yml @@ -3,7 +3,7 @@ description: "Tests basic functionality for different `analysis-kinds` inputs." versions: ["linked", "nightly-latest"] analysisKinds: ["code-scanning", "code-quality", "code-scanning,code-quality", "risk-assessment"] env: - CODEQL_ACTION_CSRA_ASSESSMENT_ID: 1 + CODEQL_ACTION_RISK_ASSESSMENT_ID: 1 CHECK_SCRIPT: | const fs = require('fs'); diff --git a/src/analyses.test.ts b/src/analyses.test.ts index 33a0f7a6c..36d3d316f 100644 --- a/src/analyses.test.ts +++ b/src/analyses.test.ts @@ -8,7 +8,7 @@ import { AnalysisKind, CodeScanning, compatibilityMatrix, - CSRA, + RiskAssessment, getAnalysisConfig, getAnalysisKinds, parseAnalysisKinds, @@ -122,9 +122,9 @@ test("Code Scanning configuration does not accept other SARIF extensions", (t) = } }); -test("CSRA configuration transforms SARIF upload payload", (t) => { - process.env[EnvVar.CSRA_ASSESSMENT_ID] = "1"; - const payload = CSRA.transformPayload({ +test("Risk Assessment configuration transforms SARIF upload payload", (t) => { + process.env[EnvVar.RISK_ASSESSMENT_ID] = "1"; + const payload = RiskAssessment.transformPayload({ commit_oid: "abc", sarif: "sarif", ref: "ref", @@ -138,11 +138,11 @@ test("CSRA configuration transforms SARIF upload payload", (t) => { t.deepEqual(expected, payload); }); -test("CSRA configuration throws for negative assessment IDs", (t) => { - process.env[EnvVar.CSRA_ASSESSMENT_ID] = "-1"; +test("Risk Assessment configuration throws for negative assessment IDs", (t) => { + process.env[EnvVar.RISK_ASSESSMENT_ID] = "-1"; t.throws( () => - CSRA.transformPayload({ + RiskAssessment.transformPayload({ commit_oid: "abc", sarif: "sarif", ref: "ref", @@ -154,16 +154,16 @@ test("CSRA configuration throws for negative assessment IDs", (t) => { { instanceOf: Error, message: (msg) => - msg.startsWith(`${EnvVar.CSRA_ASSESSMENT_ID} must not be negative: `), + msg.startsWith(`${EnvVar.RISK_ASSESSMENT_ID} must not be negative: `), }, ); }); -test("CSRA configuration throws for invalid IDs", (t) => { - process.env[EnvVar.CSRA_ASSESSMENT_ID] = "foo"; +test("Risk Assessment configuration throws for invalid IDs", (t) => { + process.env[EnvVar.RISK_ASSESSMENT_ID] = "foo"; t.throws( () => - CSRA.transformPayload({ + RiskAssessment.transformPayload({ commit_oid: "abc", sarif: "sarif", ref: "ref", @@ -175,7 +175,7 @@ test("CSRA configuration throws for invalid IDs", (t) => { { instanceOf: Error, message: (msg) => - msg.startsWith(`${EnvVar.CSRA_ASSESSMENT_ID} must not be NaN: `), + msg.startsWith(`${EnvVar.RISK_ASSESSMENT_ID} must not be NaN: `), }, ); }); diff --git a/src/analyses.ts b/src/analyses.ts index 2a039b102..11063a372 100644 --- a/src/analyses.ts +++ b/src/analyses.ts @@ -15,7 +15,7 @@ import { ConfigurationError, getRequiredEnvParam } from "./util"; export enum AnalysisKind { CodeScanning = "code-scanning", CodeQuality = "code-quality", - CSRA = "risk-assessment", + RiskAssessment = "risk-assessment", } export type CompatibilityMatrix = Record>; @@ -24,7 +24,7 @@ export type CompatibilityMatrix = Record>; export const compatibilityMatrix: CompatibilityMatrix = { [AnalysisKind.CodeScanning]: new Set([AnalysisKind.CodeQuality]), [AnalysisKind.CodeQuality]: new Set([AnalysisKind.CodeScanning]), - [AnalysisKind.CSRA]: new Set(), + [AnalysisKind.RiskAssessment]: new Set(), }; // Exported for testing. A set of all known analysis kinds. @@ -132,7 +132,7 @@ export const codeQualityQueries: string[] = ["code-quality"]; enum SARIF_UPLOAD_ENDPOINT { CODE_SCANNING = "PUT /repos/:owner/:repo/code-scanning/analysis", CODE_QUALITY = "PUT /repos/:owner/:repo/code-quality/analysis", - CSRA = "PUT /repos/:owner/:repo/code-scanning/risk-assessment", + RISK_ASSESSMENT = "PUT /repos/:owner/:repo/code-scanning/risk-assessment", } // Represents configurations for different analysis kinds. @@ -165,7 +165,7 @@ export const CodeScanning: AnalysisConfig = { sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name) && - !CSRA.sarifPredicate(name), + !RiskAssessment.sarifPredicate(name), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_SARIF_", transformPayload: (payload) => payload, @@ -188,27 +188,27 @@ export const CodeQuality: AnalysisConfig = { * @param payload The base payload. */ function addAssessmentId(payload: UploadPayload): AssessmentPayload { - const rawAssessmentId = getRequiredEnvParam(EnvVar.CSRA_ASSESSMENT_ID); + const rawAssessmentId = getRequiredEnvParam(EnvVar.RISK_ASSESSMENT_ID); const assessmentId = parseInt(rawAssessmentId, 10); if (Number.isNaN(assessmentId)) { throw new Error( - `${EnvVar.CSRA_ASSESSMENT_ID} must not be NaN: ${rawAssessmentId}`, + `${EnvVar.RISK_ASSESSMENT_ID} must not be NaN: ${rawAssessmentId}`, ); } if (assessmentId < 0) { throw new Error( - `${EnvVar.CSRA_ASSESSMENT_ID} must not be negative: ${rawAssessmentId}`, + `${EnvVar.RISK_ASSESSMENT_ID} must not be negative: ${rawAssessmentId}`, ); } return { sarif: payload.sarif, assessment_id: assessmentId }; } -export const CSRA: AnalysisConfig = { - kind: AnalysisKind.CSRA, +export const RiskAssessment: AnalysisConfig = { + kind: AnalysisKind.RiskAssessment, name: "code scanning risk assessment", - target: SARIF_UPLOAD_ENDPOINT.CSRA, + target: SARIF_UPLOAD_ENDPOINT.RISK_ASSESSMENT, sarifExtension: ".csra.sarif", - sarifPredicate: (name) => name.endsWith(CSRA.sarifExtension), + sarifPredicate: (name) => name.endsWith(RiskAssessment.sarifExtension), fixCategory: (_, category) => category, sentinelPrefix: "CODEQL_UPLOAD_CSRA_SARIF_", transformPayload: addAssessmentId, @@ -228,8 +228,8 @@ export function getAnalysisConfig(kind: AnalysisKind): AnalysisConfig { return CodeScanning; case AnalysisKind.CodeQuality: return CodeQuality; - case AnalysisKind.CSRA: - return CSRA; + case AnalysisKind.RiskAssessment: + return RiskAssessment; } } @@ -238,7 +238,7 @@ export function getAnalysisConfig(kind: AnalysisKind): AnalysisConfig { // specific extensions first. This constant defines an array in the order of analyis // configurations with more specific extensions to less specific extensions. export const SarifScanOrder: AnalysisConfig[] = [ - CSRA, + RiskAssessment, CodeQuality, CodeScanning, ]; diff --git a/src/analyze.test.ts b/src/analyze.test.ts index c5aec6e4f..a5ab7a34d 100644 --- a/src/analyze.test.ts +++ b/src/analyze.test.ts @@ -4,7 +4,7 @@ import * as path from "path"; import test from "ava"; import * as sinon from "sinon"; -import { CodeQuality, CodeScanning, CSRA } from "./analyses"; +import { CodeQuality, CodeScanning, RiskAssessment } from "./analyses"; import { runQueries, defaultSuites, @@ -155,6 +155,6 @@ test("addSarifExtension", (t) => { addSarifExtension(CodeQuality, language), `${language}.quality.sarif`, ); - t.is(addSarifExtension(CSRA, language), `${language}.csra.sarif`); + t.is(addSarifExtension(RiskAssessment, language), `${language}.csra.sarif`); } }); diff --git a/src/environment.ts b/src/environment.ts index 3a71a8f2a..75fc3a7de 100644 --- a/src/environment.ts +++ b/src/environment.ts @@ -142,6 +142,6 @@ export enum EnvVar { */ ANALYSIS_KEY = "CODEQL_ACTION_ANALYSIS_KEY", - /** Used by CSRA to communicate the assessment ID to the CodeQL Action. */ - CSRA_ASSESSMENT_ID = "CODEQL_ACTION_CSRA_ASSESSMENT_ID", + /** Used by Code Scanning Risk Assessment to communicate the assessment ID to the CodeQL Action. */ + RISK_ASSESSMENT_ID = "CODEQL_ACTION_RISK_ASSESSMENT_ID", } diff --git a/src/upload-lib.test.ts b/src/upload-lib.test.ts index e9c6d0899..677d9f2aa 100644 --- a/src/upload-lib.test.ts +++ b/src/upload-lib.test.ts @@ -189,7 +189,7 @@ test("finding SARIF files", async (t) => { }); }); -test("getGroupedSarifFilePaths - CSRA", async (t) => { +test("getGroupedSarifFilePaths - Risk Assessment files", async (t) => { await withTmpDir(async (tmpDir) => { const sarifPath = path.join(tmpDir, "a.csra.sarif"); fs.writeFileSync(sarifPath, ""); @@ -202,8 +202,8 @@ test("getGroupedSarifFilePaths - CSRA", async (t) => { t.not(groupedSarifFiles, undefined); t.is(groupedSarifFiles[AnalysisKind.CodeScanning], undefined); t.is(groupedSarifFiles[AnalysisKind.CodeQuality], undefined); - t.not(groupedSarifFiles[AnalysisKind.CSRA], undefined); - t.deepEqual(groupedSarifFiles[AnalysisKind.CSRA], [sarifPath]); + t.not(groupedSarifFiles[AnalysisKind.RiskAssessment], undefined); + t.deepEqual(groupedSarifFiles[AnalysisKind.RiskAssessment], [sarifPath]); }); }); @@ -220,7 +220,7 @@ test("getGroupedSarifFilePaths - Code Quality file", async (t) => { t.not(groupedSarifFiles, undefined); t.is(groupedSarifFiles[AnalysisKind.CodeScanning], undefined); t.not(groupedSarifFiles[AnalysisKind.CodeQuality], undefined); - t.is(groupedSarifFiles[AnalysisKind.CSRA], undefined); + t.is(groupedSarifFiles[AnalysisKind.RiskAssessment], undefined); t.deepEqual(groupedSarifFiles[AnalysisKind.CodeQuality], [sarifPath]); }); }); @@ -238,7 +238,7 @@ test("getGroupedSarifFilePaths - Code Scanning file", async (t) => { t.not(groupedSarifFiles, undefined); t.not(groupedSarifFiles[AnalysisKind.CodeScanning], undefined); t.is(groupedSarifFiles[AnalysisKind.CodeQuality], undefined); - t.is(groupedSarifFiles[AnalysisKind.CSRA], undefined); + t.is(groupedSarifFiles[AnalysisKind.RiskAssessment], undefined); t.deepEqual(groupedSarifFiles[AnalysisKind.CodeScanning], [sarifPath]); }); }); @@ -256,7 +256,7 @@ test("getGroupedSarifFilePaths - Other file", async (t) => { t.not(groupedSarifFiles, undefined); t.not(groupedSarifFiles[AnalysisKind.CodeScanning], undefined); t.is(groupedSarifFiles[AnalysisKind.CodeQuality], undefined); - t.is(groupedSarifFiles[AnalysisKind.CSRA], undefined); + t.is(groupedSarifFiles[AnalysisKind.RiskAssessment], undefined); t.deepEqual(groupedSarifFiles[AnalysisKind.CodeScanning], [sarifPath]); }); });