github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-02 03:40:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move more SARIF helpers to sarif module

Browse Source
This commit is contained in:
Michael B. Gale
2026-03-01 14:22:49 +00:00
parent 2fce45b8e6
commit 40aec383a1
7 changed files with 328 additions and 320 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/upload-lib.js
Generated
+56 -58
View File
@@ -103229,7 +103229,6 @@ var require_sarif_schema_2_1_0 = __commonJS({
// src/upload-lib.ts
var upload_lib_exports = {};
__export(upload_lib_exports, {
InvalidSarifUploadError: () => InvalidSarifUploadError,
buildPayload: () => buildPayload,
findSarifFilesInDir: () => findSarifFilesInDir,
getGroupedSarifFilePaths: () => getGroupedSarifFilePaths,
@@ -105916,6 +105915,8 @@ var semver = __toESM(require_semver2());
// src/sarif/index.ts
var fs = __toESM(require("fs"));
var InvalidSarifUploadError = class extends Error {
};
function getToolNames(sarif) {
const toolNames = {};
for (const run of sarif.runs || []) {
@@ -105930,6 +105931,56 @@ function getToolNames(sarif) {
function readSarifFile(sarifFilePath) {
return JSON.parse(fs.readFileSync(sarifFilePath, "utf8"));
}
function combineSarifFiles(sarifFiles, logger) {
logger.info(`Loading SARIF file(s)`);
const combinedSarif = {
version: null,
runs: []
};
for (const sarifFile of sarifFiles) {
logger.debug(`Loading SARIF file: ${sarifFile}`);
const sarifObject = readSarifFile(sarifFile);
if (combinedSarif.version === null) {
combinedSarif.version = sarifObject.version;
} else if (combinedSarif.version !== sarifObject.version) {
throw new InvalidSarifUploadError(
`Different SARIF versions encountered: ${combinedSarif.version} and ${sarifObject.version}`
);
}
combinedSarif.runs.push(...sarifObject.runs);
}
return combinedSarif;
}
function areAllRunsProducedByCodeQL(sarifObjects) {
return sarifObjects.every((sarifObject) => {
return sarifObject.runs?.every(
(run) => run.tool?.driver?.name === "CodeQL"
);
});
}
function createRunKey(run) {
return {
name: run.tool?.driver?.name,
fullName: run.tool?.driver?.fullName,
version: run.tool?.driver?.version,
semanticVersion: run.tool?.driver?.semanticVersion,
guid: run.tool?.driver?.guid,
automationId: run.automationDetails?.id
};
}
function areAllRunsUnique(sarifObjects) {
const keys = /* @__PURE__ */ new Set();
for (const sarifObject of sarifObjects) {
for (const run of sarifObject.runs) {
const key = JSON.stringify(createRunKey(run));
if (keys.has(key)) {
return false;
}
keys.add(key);
}
}
return true;
}
// src/util.ts
var BASE_DATABASE_OIDS_FILE_NAME = "base-database-oids.json";
@@ -110295,56 +110346,6 @@ async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVe
// src/upload-lib.ts
var GENERIC_403_MSG = "The repo on which this action is running has not opted-in to CodeQL code scanning.";
var GENERIC_404_MSG = "The CodeQL code scanning feature is forbidden on this repository.";
function combineSarifFiles(sarifFiles, logger) {
logger.info(`Loading SARIF file(s)`);
const combinedSarif = {
version: null,
runs: []
};
for (const sarifFile of sarifFiles) {
logger.debug(`Loading SARIF file: ${sarifFile}`);
const sarifObject = readSarifFile(sarifFile);
if (combinedSarif.version === null) {
combinedSarif.version = sarifObject.version;
} else if (combinedSarif.version !== sarifObject.version) {
throw new InvalidSarifUploadError(
`Different SARIF versions encountered: ${combinedSarif.version} and ${sarifObject.version}`
);
}
combinedSarif.runs.push(...sarifObject.runs);
}
return combinedSarif;
}
function areAllRunsProducedByCodeQL(sarifObjects) {
return sarifObjects.every((sarifObject) => {
return sarifObject.runs?.every(
(run) => run.tool?.driver?.name === "CodeQL"
);
});
}
function createRunKey(run) {
return {
name: run.tool?.driver?.name,
fullName: run.tool?.driver?.fullName,
version: run.tool?.driver?.version,
semanticVersion: run.tool?.driver?.semanticVersion,
guid: run.tool?.driver?.guid,
automationId: run.automationDetails?.id
};
}
function areAllRunsUnique(sarifObjects) {
const keys = /* @__PURE__ */ new Set();
for (const sarifObject of sarifObjects) {
for (const run of sarifObject.runs) {
const key = JSON.stringify(createRunKey(run));
if (keys.has(key)) {
return false;
}
keys.add(key);
}
}
return true;
}
async function shouldShowCombineSarifFilesDeprecationWarning(sarifObjects, githubVersion) {
if (githubVersion.type === "GitHub Enterprise Server" /* GHES */ && satisfiesGHESVersion(githubVersion.version, "<3.14", true)) {
return false;
@@ -110434,19 +110435,19 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo
});
return readSarifFile(outputFile);
}
function populateRunAutomationDetails(sarif, category, analysis_key, environment) {
function populateRunAutomationDetails(sarifFile, category, analysis_key, environment) {
const automationID = getAutomationID2(category, analysis_key, environment);
if (automationID !== void 0) {
for (const run of sarif.runs || []) {
for (const run of sarifFile.runs || []) {
if (run.automationDetails === void 0) {
run.automationDetails = {
id: automationID
};
}
}
return sarif;
return sarifFile;
}
return sarif;
return sarifFile;
}
function getAutomationID2(category, analysis_key, environment) {
if (category !== void 0) {
@@ -110932,8 +110933,6 @@ function validateUniqueCategory(sarif, sentinelPrefix) {
function sanitize(str2) {
return (str2 ?? "_").replace(/[^a-zA-Z0-9_]/g, "_").toLocaleUpperCase();
}
var InvalidSarifUploadError = class extends Error {
};
function filterAlertsByDiffRange(logger, sarif) {
const diffRanges = readDiffRangesJsonFile(logger);
if (!diffRanges?.length) {
@@ -110965,7 +110964,6 @@ function filterAlertsByDiffRange(logger, sarif) {
}
// Annotate the CommonJS export names for ESM import in node:
0 && (module.exports = {
InvalidSarifUploadError,
buildPayload,
findSarifFilesInDir,
getGroupedSarifFilePaths,