Skip to content

Commit a5c9a72

Browse files
david-waltermiredavid-waltermire
committed
Added a GUID to SARIF output for each rule.
1 parent cf9ddfe commit a5c9a72

File tree

1 file changed

+50
-32
lines changed

1 file changed

+50
-32
lines changed

databind-metaschema/src/main/java/gov/nist/secauto/metaschema/modules/sarif/SarifValidationHandler.java

Lines changed: 50 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,7 @@ public String getLabel() {
119119
@Nullable
120120
private final IVersionInfo toolVersion;
121121
private final AtomicInteger artifactIndex = new AtomicInteger(-1);
122+
private final AtomicInteger ruleIndex = new AtomicInteger(-1);
122123
@NonNull
123124
private final Map<URI, ArtifactRecord> artifacts = new LinkedHashMap<>();
124125
@NonNull
@@ -234,7 +235,7 @@ public void write(@NonNull Path outputFile) throws IOException {
234235
}
235236

236237
for (RuleRecord rule : rules.values()) {
237-
driver.addRule(rule(rule));
238+
driver.addRule(rule.generate());
238239
}
239240

240241
tool.setDriver(driver);
@@ -251,30 +252,6 @@ public void write(@NonNull Path outputFile) throws IOException {
251252
StandardOpenOption.TRUNCATE_EXISTING);
252253
}
253254

254-
private ReportingDescriptor rule(RuleRecord rule) {
255-
ReportingDescriptor retval = new ReportingDescriptor();
256-
retval.setId(rule.getId());
257-
IConstraint constraint = rule.getConstraint();
258-
String name = constraint.getId();
259-
if (name != null) {
260-
retval.setName(name);
261-
}
262-
263-
String formalName = constraint.getFormalName();
264-
if (formalName != null) {
265-
MultiformatMessageString text = new MultiformatMessageString();
266-
text.setText(formalName);
267-
retval.setShortDescription(text);
268-
}
269-
MarkupLine description = constraint.getDescription();
270-
if (description != null) {
271-
MultiformatMessageString text = new MultiformatMessageString();
272-
text.setMarkdown(description.toMarkdown());
273-
retval.setFullDescription(text);
274-
}
275-
return retval;
276-
}
277-
278255
private interface IResult {
279256
@NonNull
280257
IValidationFinding getFinding();
@@ -444,7 +421,12 @@ public List<Result> generateResults(@NonNull URI output) throws IOException {
444421

445422
Result result = new Result();
446423

447-
result.setRuleId(rule.getId());
424+
String id = constraint.getId();
425+
if (id != null) {
426+
result.setRuleId(id);
427+
}
428+
result.setRuleIndex(BigInteger.valueOf(rule.getIndex()));
429+
result.setGuid(rule.getGuid());
448430
result.setKind(kind.getLabel());
449431
result.setLevel(level.getLabel());
450432
message(finding, result);
@@ -456,25 +438,61 @@ public List<Result> generateResults(@NonNull URI output) throws IOException {
456438
}
457439
}
458440

459-
private static class RuleRecord {
441+
private class RuleRecord {
442+
private final int index;
460443
@NonNull
461-
private final String id;
444+
private final UUID guid;
462445
@NonNull
463446
private final IConstraint constraint;
464447

465448
public RuleRecord(@NonNull IConstraint constraint) {
466-
this.id = ObjectUtils.notNull(UUID.randomUUID().toString());
449+
this.guid = ObjectUtils.notNull(UUID.randomUUID());
467450
this.constraint = constraint;
451+
this.index = ruleIndex.addAndGet(1);
452+
}
453+
454+
public int getIndex() {
455+
return index;
468456
}
469457

470458
@NonNull
471-
public String getId() {
472-
return id;
459+
public UUID getGuid() {
460+
return guid;
473461
}
474462

475463
public IConstraint getConstraint() {
476464
return constraint;
477465
}
466+
467+
@NonNull
468+
private ReportingDescriptor generate() {
469+
ReportingDescriptor retval = new ReportingDescriptor();
470+
IConstraint constraint = getConstraint();
471+
// String name = constraint.getId();
472+
// if (name != null) {
473+
// retval.setName(name);
474+
// }
475+
476+
String id = constraint.getId();
477+
if (id != null) {
478+
retval.setId(id);
479+
}
480+
retval.setGuid(getGuid());
481+
String formalName = constraint.getFormalName();
482+
if (formalName != null) {
483+
MultiformatMessageString text = new MultiformatMessageString();
484+
text.setText(formalName);
485+
retval.setShortDescription(text);
486+
}
487+
MarkupLine description = constraint.getDescription();
488+
if (description != null) {
489+
MultiformatMessageString text = new MultiformatMessageString();
490+
text.setMarkdown(description.toMarkdown());
491+
retval.setFullDescription(text);
492+
}
493+
return retval;
494+
}
495+
478496
}
479497

480498
private class ArtifactRecord {
@@ -497,7 +515,7 @@ public int getIndex() {
497515

498516
public ArtifactLocation generateArtifactLocation(@NonNull URI baseUri) throws IOException {
499517
ArtifactLocation location = new ArtifactLocation();
500-
location.setUri(relativize(baseUri, source));
518+
location.setUri(relativize(baseUri, getUri()));
501519
location.setIndex(BigInteger.valueOf(getIndex()));
502520
return location;
503521
}

0 commit comments

Comments
 (0)