writer-json: do not needlessly duplicate messages in SARIF #77
Conversation
| "nestingLevel": 0, | ||
| "kinds": [ | ||
| "warning" | ||
| ] |
There was a problem hiding this comment.
Note that we will lose also these nodes. However, they are not documented in GitHub's SARIF manual [1] so I guess it's harmless?
There was a problem hiding this comment.
This is fine as long as the output of csgrep --mode=sarif | csgrep --mode=json stays unchanged. For defects with more than one event, the kinds.warning field is important for csgrep to preserve data. But such defects should be unaffected by this change.
src/json-writer.cc
Outdated
| sarifEncodeComment(&relatedLocs, def, i); | ||
| else | ||
| sarifEncodeEvt(&flowLocs, def, i); | ||
| if (def.events.size() > 1) { |
There was a problem hiding this comment.
Please write this as 1U < def.events.size(). The source code of csdiff always puts lower operand to left for consistency.
There was a problem hiding this comment.
Hmm, it looks like GitHub doesn't care if "codeFlows" message is missing. It duplicates it anyway.
But SARIF generated by csdiff looks correctly
{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "ShellCheck",
"version": "2.6.0.20220823.123456.g064f632.pr_77",
"informationUri": "https://github.com/csutils/csdiff"
}
},
"results": [
{
"ruleId": "SHELLCHECK_WARNING: note[SC2086]",
"locations": [
{
"id": 0,
"physicalLocation": {
"artifactLocation": {
"uri": "src/index.sh"
},
"region": {
"startLine": 9,
"startColumn": 6
}
}
}
],
"message": {
"text": "Double quote to prevent globbing and word splitting."
}
},
{
"ruleId": "SHELLCHECK_WARNING: warning[SC1090]",
"locations": [
{
"id": 0,
"physicalLocation": {
"artifactLocation": {
"uri": "src/index.sh"
},
"region": {
"startLine": 11,
"startColumn": 3
}
}
}
],
"message": {
"text": "ShellCheck can't follow non-constant source. Use a directive to specify location."
}
},
{
"ruleId": "SHELLCHECK_WARNING: note[SC2086]",
"locations": [
{
"id": 0,
"physicalLocation": {
"artifactLocation": {
"uri": "src/index.sh"
},
"region": {
"startLine": 11,
"startColumn": 3
}
}
}
],
"message": {
"text": "Double quote to prevent globbing and word splitting."
}
},
{
"ruleId": "SHELLCHECK_WARNING: note[SC2250]",
"locations": [
{
"id": 0,
"physicalLocation": {
"artifactLocation": {
"uri": "src/index.sh"
},
"region": {
"startLine": 120,
"startColumn": 13
}
}
}
],
"message": {
"text": "Prefer putting braces around variable references even when not strictly required."
}
},
{
"ruleId": "SHELLCHECK_WARNING: note[SC2250]",
"locations": [
{
"id": 0,
"physicalLocation": {
"artifactLocation": {
"uri": "src/index.sh"
},
"region": {
"startLine": 122,
"startColumn": 6
}
}
}
],
"message": {
"text": "Prefer putting braces around variable references even when not strictly required."
}
}
]
}
]
}
|
I'll mark this as a WIP since the messages are still duplicated in the visualised output. |
|
That theory is debunked by redhat-plumbers-in-action/differential-shellcheck#117, so the search continues... |
... when we have only one. Reported-by: Jan Macku <[email protected]>
|
Hmm, this PR seems to be stuck since it is out of date with actual contents of https://github.com/lzaoral/csdiff/tree/dont-duplicate-messages and I've already tried pushing few times. |
lzaoral
changed the title
jamacku
force-pushed
the
dont-duplicate-messages
branch
from
e335308 to
74996c8
Compare
lzaoral
force-pushed
the
dont-duplicate-messages
branch
from
74996c8 to
e335308
Compare
|
@jamacku Could you please create a issue to track the problem depicted in #77 (review), if it is still present? Thank you! |
... when we have only one.